pantry/.github/workflows/bottle.yml

173 lines
5.7 KiB
YAML
Raw Normal View History

name: bottle
on:
workflow_call:
inputs:
new-version:
type: boolean
required: false
default: false
platform:
required: true
type: string
2023-04-22 00:19:52 +03:00
projects:
required: false
type: string
outputs:
pr:
2023-05-25 18:34:41 +03:00
description: "The PR number"
value: ${{ jobs.bottle.outputs.pr }}
2023-06-04 10:08:05 +03:00
qa-required:
description: "Whether QA is required"
value: ${{ jobs.upload.outputs.qa-required }}
jobs:
get-platform:
runs-on: ubuntu-latest
outputs:
os: ${{ steps.platform.outputs.os }}
cache-set: ${{ steps.platform.outputs.cache-set }}
2023-04-22 00:19:52 +03:00
available: ${{ steps.platform.outputs.available }}
steps:
- uses: teaxyz/brewkit/actions/get-platform@v0
id: platform
2023-02-24 23:50:10 +03:00
with:
platform: ${{ inputs.platform }}
2023-04-22 00:19:52 +03:00
projects: ${{ inputs.projects }}
bottle:
needs: [get-platform]
2023-04-30 04:51:06 +03:00
if: ${{ !inputs.new-version || needs.get-platform.outputs.available != '' }}
runs-on: ${{ fromJson(needs.get-platform.outputs.os) }}
outputs:
srcs: ${{ env.srcs }}
built: ${{ env.built }}
2023-01-04 02:18:49 +03:00
pr: ${{ env.PR }}
steps:
- uses: teaxyz/brewkit/actions/setup-brewkit@v0
id: tea
- uses: actions/download-artifact@v3
if: ${{ inputs.new-version }}
with:
name: ${{ inputs.platform }}
- uses: teaxyz/brewkit/actions/fetch-pr-artifacts@v0
if: ${{ !inputs.new-version }}
2023-02-24 23:50:10 +03:00
with:
2023-02-25 11:54:32 +03:00
platform: ${{ inputs.platform }}
2023-02-24 23:50:10 +03:00
token: ${{ github.token }}
2023-02-25 11:54:32 +03:00
AWS_S3_BUCKET: ${{ secrets.AWS_S3_CACHE }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: clean destination
# Note: needed when changing a directory to a symlink, for example in
2023-03-15 15:14:20 +03:00
# https://github.com/teaxyz/pantry/pull/435
run: |
tar tzf $GITHUB_WORKSPACE/artifacts.tgz | \
awk '{ print length, $0 }' | \
sort -n -s -r | \
cut -d" " -f2- | \
xargs rm -rf
working-directory: ${{ steps.tea.outputs.prefix }}
- run: tar xzvf $GITHUB_WORKSPACE/artifacts.tgz
working-directory: ${{ steps.tea.outputs.prefix }}
- run: |
for file in built srcs; do
echo "$file=$(cat $file)" >>$GITHUB_ENV
done
working-directory: ${{ steps.tea.outputs.prefix }}
- run: |
tea +gnupg.org gpg-agent --daemon || true
echo $GPG_PRIVATE_KEY | \
base64 -d | \
tea +gnupg.org gpg --import --batch --yes
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
- uses: teaxyz/brewkit/actions/bottle@v0
id: bottle-xz
2023-02-24 23:50:10 +03:00
with:
built: ${{ env.built }}
compression: xz
2023-02-24 23:50:10 +03:00
gpg-key-id: ${{ secrets.GPG_KEY_ID }}
2023-03-05 05:11:59 +03:00
gpg-key-passphrase: ${{ secrets.GPG_PASSPHRASE }}
- uses: teaxyz/brewkit/actions/bottle@v0
id: bottle-gz
2023-02-24 23:50:10 +03:00
with:
built: ${{ env.built }}
compression: gz
2023-02-24 23:50:10 +03:00
gpg-key-id: ${{ secrets.GPG_KEY_ID }}
2023-03-05 05:11:59 +03:00
gpg-key-passphrase: ${{ secrets.GPG_PASSPHRASE }}
- run: |
echo ${{ steps.bottle-gz.outputs.bottles }} ${{ steps.bottle-xz.outputs.bottles }} >bottles
echo ${{ steps.bottle-gz.outputs.checksums }} ${{ steps.bottle-xz.outputs.checksums }} >checksums
echo ${{ steps.bottle-gz.outputs.signatures }} ${{ steps.bottle-xz.outputs.signatures }} >signatures
2023-01-05 04:44:23 +03:00
SRCS=$(echo $srcs | tr -d '~')
tar cf $GITHUB_WORKSPACE/artifacts.tar \
2023-01-05 04:44:23 +03:00
$SRCS \
${{ steps.bottle-gz.outputs.bottles }} \
${{ steps.bottle-xz.outputs.bottles }} \
bottles checksums signatures
working-directory: ${{ steps.tea.outputs.prefix }}
- name: upload artifacts
uses: actions/upload-artifact@v3
with:
name: ${{ inputs.platform }}-bottles
path: artifacts.tar
if-no-files-found: error
upload:
2023-04-22 00:19:52 +03:00
needs: [get-platform, bottle]
2023-04-30 04:51:06 +03:00
if: ${{ !inputs.new-version || needs.get-platform.outputs.available != '' }}
runs-on: ubuntu-latest
2023-06-04 10:08:05 +03:00
outputs:
qa-required: ${{ steps.upload.outputs.qa-required }}
steps:
- uses: teaxyz/brewkit/actions/setup-brewkit@v0
with:
prefix: ${{ github.workspace }}/.tea
- uses: actions/download-artifact@v3
with:
name: ${{ inputs.platform }}-bottles
- run: |
2023-02-11 17:59:00 +03:00
tar xvf artifacts.tar
for file in bottles checksums signatures; do
echo "$file=$(cat $file)" >>$GITHUB_ENV
done
- uses: teaxyz/brewkit/actions/upload@v0
id: upload
2023-02-24 23:50:10 +03:00
with:
2023-06-21 01:14:36 +03:00
qa: ${{ inputs.new-version }}
2023-02-24 23:50:10 +03:00
pkgs: ${{ needs.bottle.outputs.built }} ${{ needs.bottle.outputs.built }}
srcs: ${{ needs.bottle.outputs.srcs }} ${{ needs.bottle.outputs.srcs }}
bottles: ${{ env.bottles }}
checksums: ${{ env.checksums }}
signatures: ${{ env.signatures }}
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
2023-06-04 10:08:05 +03:00
AWS_S3_STAGING_BUCKET: ${{ secrets.AWS_S3_CACHE }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- uses: chetan/invalidate-cloudfront-action@v2
2023-06-04 10:08:05 +03:00
if: ${{ steps.upload.outputs.cf-invalidation-paths != '' }}
env:
PATHS: ${{ steps.upload.outputs.cf-invalidation-paths }}
DISTRIBUTION: ${{ secrets.AWS_CF_DISTRIBUTION_ID }}
AWS_REGION: us-east-1
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}