mirror of
https://github.com/ivabus/pantry
synced 2024-11-23 00:45:07 +03:00
175 lines
5.7 KiB
YAML
175 lines
5.7 KiB
YAML
name: bottle
|
|
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
new-version:
|
|
type: boolean
|
|
required: false
|
|
default: false
|
|
platform:
|
|
required: true
|
|
type: string
|
|
projects:
|
|
required: false
|
|
type: string
|
|
outputs:
|
|
pr:
|
|
description: "The PR number"
|
|
value: ${{ jobs.bottle.outputs.pr }}
|
|
qa-required:
|
|
description: "Whether QA is required"
|
|
value: ${{ jobs.upload.outputs.qa-required }}
|
|
|
|
jobs:
|
|
get-platform:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
os: ${{ steps.platform.outputs.os }}
|
|
cache-set: ${{ steps.platform.outputs.cache-set }}
|
|
available: ${{ steps.platform.outputs.available }}
|
|
steps:
|
|
- uses: pkgxdev/brewkit/actions/get-platform@v0
|
|
id: platform
|
|
with:
|
|
platform: ${{ inputs.platform }}
|
|
projects: ${{ inputs.projects }}
|
|
|
|
bottle:
|
|
needs: [get-platform]
|
|
if: ${{ !inputs.new-version || needs.get-platform.outputs.available != '' }}
|
|
runs-on: ${{ fromJson(needs.get-platform.outputs.os) }}
|
|
outputs:
|
|
srcs: ${{ env.srcs }}
|
|
built: ${{ env.built }}
|
|
pr: ${{ env.PR }}
|
|
steps:
|
|
- uses: pkgxdev/brewkit/actions/setup-brewkit@v0
|
|
id: pkgx
|
|
timeout-minutes: 10
|
|
with:
|
|
prefix: ${{ github.workspace }}/.pkgx
|
|
|
|
- uses: actions/download-artifact@v3
|
|
if: ${{ inputs.new-version }}
|
|
with:
|
|
name: ${{ inputs.platform }}
|
|
|
|
- uses: pkgxdev/brewkit/actions/fetch-pr-artifacts@v0
|
|
if: ${{ !inputs.new-version }}
|
|
with:
|
|
platform: ${{ inputs.platform }}
|
|
token: ${{ github.token }}
|
|
AWS_S3_BUCKET: ${{ secrets.AWS_S3_CACHE }}
|
|
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
|
|
- name: clean destination
|
|
# Note: needed when changing a directory to a symlink, for example in
|
|
# https://github.com/pkgxdev/pantry/pull/435
|
|
run: |
|
|
tar tzf $GITHUB_WORKSPACE/artifacts.tgz | \
|
|
awk '{ print length, $0 }' | \
|
|
sort -n -s -r | \
|
|
cut -d" " -f2- | \
|
|
xargs rm -rf
|
|
working-directory: ${{ github.workspace }}/.pkgx
|
|
|
|
- run: tar xzvf $GITHUB_WORKSPACE/artifacts.tgz
|
|
working-directory: ${{ github.workspace }}/.pkgx
|
|
|
|
- run: |
|
|
for file in built srcs; do
|
|
echo "$file=$(cat $file)" >> $GITHUB_ENV
|
|
done
|
|
working-directory: ${{ github.workspace }}/.pkgx
|
|
|
|
- run: |
|
|
pkgx +gnupg.org gpg-agent --daemon || true
|
|
echo $GPG_PRIVATE_KEY | \
|
|
base64 -d | \
|
|
pkgx +gnupg.org gpg --import --batch --yes
|
|
env:
|
|
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
|
|
|
|
- uses: pkgxdev/brewkit/actions/bottle@v0
|
|
id: bottle-xz
|
|
with:
|
|
built: ${{ env.built }}
|
|
compression: xz
|
|
gpg-key-id: ${{ secrets.GPG_KEY_ID }}
|
|
env:
|
|
XDG_CACHE_HOME: ${{ github.workspace }}/.pkgx
|
|
|
|
- uses: pkgxdev/brewkit/actions/bottle@v0
|
|
id: bottle-gz
|
|
with:
|
|
built: ${{ env.built }}
|
|
compression: gz
|
|
gpg-key-id: ${{ secrets.GPG_KEY_ID }}
|
|
env:
|
|
XDG_CACHE_HOME: ${{ github.workspace }}/.pkgx
|
|
|
|
- run: |
|
|
echo ${{ steps.bottle-gz.outputs.bottles }} ${{ steps.bottle-xz.outputs.bottles }} >bottles
|
|
echo ${{ steps.bottle-gz.outputs.checksums }} ${{ steps.bottle-xz.outputs.checksums }} >checksums
|
|
echo ${{ steps.bottle-gz.outputs.signatures }} ${{ steps.bottle-xz.outputs.signatures }} >signatures
|
|
|
|
tar cf $GITHUB_WORKSPACE/artifacts.tar \
|
|
${{ steps.bottle-gz.outputs.bottles }} \
|
|
${{ steps.bottle-xz.outputs.bottles }} \
|
|
bottles checksums signatures
|
|
working-directory: ${{ github.workspace }}/.pkgx
|
|
|
|
- name: upload artifacts
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: ${{ inputs.platform }}-bottles
|
|
path: artifacts.tar
|
|
if-no-files-found: error
|
|
|
|
upload:
|
|
needs: [get-platform, bottle]
|
|
if: ${{ !inputs.new-version || needs.get-platform.outputs.available != '' }}
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
qa-required: ${{ steps.upload.outputs.qa-required }}
|
|
steps:
|
|
- uses: pkgxdev/brewkit/actions/setup-brewkit@v0
|
|
with:
|
|
prefix: ${{ github.workspace }}/.pkgx
|
|
timeout-minutes: 10
|
|
|
|
- uses: actions/download-artifact@v3
|
|
with:
|
|
name: ${{ inputs.platform }}-bottles
|
|
|
|
- run: |
|
|
tar xvf artifacts.tar
|
|
|
|
for file in bottles checksums signatures; do
|
|
echo "$file=$(cat $file)" >>$GITHUB_ENV
|
|
done
|
|
|
|
- uses: pkgxdev/brewkit/actions/upload@v0
|
|
id: upload
|
|
with:
|
|
qa: ${{ inputs.new-version }}
|
|
pkgs: ${{ needs.bottle.outputs.built }} ${{ needs.bottle.outputs.built }}
|
|
srcs: '~'
|
|
bottles: ${{ env.bottles }}
|
|
checksums: ${{ env.checksums }}
|
|
signatures: ${{ env.signatures }}
|
|
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
|
|
AWS_S3_STAGING_BUCKET: ${{ secrets.AWS_S3_CACHE }}
|
|
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
|
|
- uses: chetan/invalidate-cloudfront-action@v2
|
|
if: ${{ steps.upload.outputs.cf-invalidation-paths != '' }}
|
|
env:
|
|
PATHS: ${{ steps.upload.outputs.cf-invalidation-paths }}
|
|
DISTRIBUTION: ${{ secrets.AWS_CF_DISTRIBUTION_ID }}
|
|
AWS_REGION: us-east-1
|
|
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|