chore: nightly release (#1961) #799
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish packages | |
on: | |
push: | |
tags: | |
- 'v**' | |
- 'nightly' | |
permissions: | |
contents: read | |
jobs: | |
publish_binary_packages: | |
if: github.repository == 'GluuFederation/flex' | |
runs-on: ubuntu-20.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
name: [ubuntu22, ubuntu20, el8, suse15] | |
include: | |
- name: ubuntu22 | |
asset_suffix: ~ubuntu22.04_amd64.deb | |
build_files: deb/jammy | |
asset_prefix: '_' | |
asset_path: flex | |
sign_cmd: dpkg-sig -s builder -k DE92BEF14A1A4E542F678B64DC3C790386C73900 | |
python_version: "3.8" | |
- name: ubuntu20 | |
asset_suffix: ~ubuntu20.04_amd64.deb | |
build_files: deb/focal | |
asset_prefix: '_' | |
asset_path: flex | |
sign_cmd: dpkg-sig -s builder -k DE92BEF14A1A4E542F678B64DC3C790386C73900 | |
python_version: "3.8" | |
- name: el8 | |
asset_suffix: .el8.x86_64.rpm | |
build_files: rpm/el8 | |
asset_prefix: '-' | |
asset_path: flex/rpmbuild/RPMS/x86_64 | |
sign_cmd: rpm --addsign | |
python_version: "3.6" | |
- name: suse15 | |
asset_suffix: .suse15.x86_64.rpm | |
build_files: rpm/suse15 | |
asset_prefix: '-' | |
asset_path: flex/rpmbuild/RPMS/x86_64 | |
sign_cmd: rpm --addsign | |
python_version: "3.6" | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 | |
with: | |
egress-policy: audit | |
- name: Checkout | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
path: temp-flex | |
- name: Getting build dependencies | |
id: get_dependencies | |
run: | | |
mkdir -p flex/flex-src/opt/ | |
cp -rp temp-flex/automation/packaging/${{ matrix.build_files }}/* flex/ | |
cp temp-flex/flex-linux-setup/flex_linux_setup/flex_setup.py flex/flex_setup.py | |
sudo add-apt-repository ppa:deadsnakes/ppa | |
sudo apt-get update | |
sudo apt-get install -y python${{ matrix.python_version }} | |
sudo apt install -y build-essential devscripts debhelper rpm dpkg-sig python3-dev python3-requests python3-ruamel.yaml python3-pymysql python3-crypto python3-distutils python3-prompt-toolkit python${{ matrix.python_version }}-distutils libpq-dev python${{ matrix.python_version }}-dev apache2 rsyslog python3-urllib3 python3-certifi postgresql postgresql-contrib | |
sudo cp -r /usr/lib/python3/dist-packages /usr/lib/python${{ matrix.python_version }}/ | |
sudo python${{ matrix.python_version }} -m pip install psycopg2-binary psycopg2 | |
- name: Import GPG key | |
id: import_gpg | |
continue-on-error: true | |
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 | |
with: | |
gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }} | |
git_user_signingkey: true | |
git_commit_gpgsign: true | |
- name: List keys | |
id: list_keys | |
run: gpg -K | |
- name: Get latest tag | |
id: previoustag | |
run: | | |
echo "tag=$(echo ${{ github.event.ref }} | cut -d '/' -f 3)" >> $GITHUB_OUTPUT | |
if [[ ${{ github.event.ref }} == 'refs/tags/nightly' ]]; then | |
echo "version=0.0.0-nightly" >> $GITHUB_OUTPUT | |
else | |
echo "version=$(echo ${{ github.event.ref }} | cut -d 'v' -f 2)-stable" >> $GITHUB_OUTPUT | |
fi | |
echo "PACKAGE_PREFIX=flex" >> ${GITHUB_ENV} | |
- name: Print Version and tag | |
run: | | |
echo "Version: ${{ steps.previoustag.outputs.version }}" | |
echo "Tag: ${{ steps.previoustag.outputs.tag }}" | |
- name: Running install and build | |
id: run_build | |
run: | | |
cd flex/ | |
sudo python${{ matrix.python_version }} flex_setup.py --jans-branch="main" --jans-setup-branch="main" -download-exit -yes --keep-downloads --keep-setup -force-download | |
cp -r /opt/dist flex-src/opt/ | |
cp -r /opt/jans flex-src/opt/ | |
touch flex-src/opt/jans/jans-setup/package | |
rm -rf install.py install jans-cli | |
rm -rf flex-src/opt/jans/jans-setup/logs/setup.log | |
rm -rf flex-src/opt/jans/jans-setup/logs/setup_error.log | |
sed -i "s/%VERSION%/${{ steps.previoustag.outputs.version }}/g" run-build.sh | |
cat run-build.sh | |
sudo ./run-build.sh | |
- name: Sign package | |
id: sign_package | |
run : | | |
ls ${{github.workspace}}/${{ matrix.asset_path }} | |
sudo mv ${{github.workspace}}/${{ matrix.asset_path }}/flex* ${{github.workspace}}/${{ matrix.asset_path }}/flex${{ matrix.asset_prefix }}${{ steps.previoustag.outputs.version }}${{ matrix.asset_suffix }} || echo "no need to rename" | |
echo '%_gpg_name moauto (automation) <[email protected]>' >> ~/.rpmmacros | |
${{ matrix.sign_cmd }} ${{github.workspace}}/${{ matrix.asset_path }}/flex${{ matrix.asset_prefix }}${{ steps.previoustag.outputs.version }}${{ matrix.asset_suffix }} | |
gpg --armor --detach-sign ${{github.workspace}}/${{ matrix.asset_path }}/flex${{ matrix.asset_prefix }}${{ steps.previoustag.outputs.version }}${{ matrix.asset_suffix }} | |
ls ${{github.workspace}}/${{ matrix.asset_path }} | |
- name: Create checksum | |
id: create_checksum | |
run: | | |
cd flex/ | |
sed -i "s/%VERSION%/${{ steps.previoustag.outputs.version }}/g" checksum.sh | |
sudo ./checksum.sh | |
ls ${{github.workspace}}/${{ matrix.asset_path }} | |
- name: Upload binaries to release | |
id: upload_binaries | |
uses: svenstaro/upload-release-action@1beeb572c19a9242f4361f4cee78f8e0d9aec5df # v2 | |
with: | |
repo_token: ${{ secrets.MOWORKFLOWTOKEN }} | |
file: ${{github.workspace}}/${{ matrix.asset_path }}/flex${{ matrix.asset_prefix }}${{ steps.previoustag.outputs.version }}${{ matrix.asset_suffix }} | |
asset_name: ${{ env.PACKAGE_PREFIX }}${{ matrix.asset_prefix }}${{ steps.previoustag.outputs.version }}${{ matrix.asset_suffix }} | |
tag: ${{ steps.previoustag.outputs.tag }} | |
overwrite: true | |
- name: Upload checksum to release | |
id: upload_shas | |
uses: svenstaro/upload-release-action@1beeb572c19a9242f4361f4cee78f8e0d9aec5df # v2 | |
with: | |
repo_token: ${{ secrets.MOWORKFLOWTOKEN }} | |
file: ${{github.workspace}}/${{ matrix.asset_path }}/flex${{ matrix.asset_prefix }}${{ steps.previoustag.outputs.version }}${{ matrix.asset_suffix }}.sha256sum | |
asset_name: ${{ env.PACKAGE_PREFIX }}${{ matrix.asset_prefix }}${{ steps.previoustag.outputs.version }}${{ matrix.asset_suffix }}.sha256sum | |
tag: ${{ steps.previoustag.outputs.tag }} | |
overwrite: true | |
- name: Upload sig to release | |
id: upload_sigs | |
uses: svenstaro/upload-release-action@1beeb572c19a9242f4361f4cee78f8e0d9aec5df # v2 | |
with: | |
repo_token: ${{ secrets.MOWORKFLOWTOKEN }} | |
file: ${{github.workspace}}/${{ matrix.asset_path }}/flex${{ matrix.asset_prefix }}${{ steps.previoustag.outputs.version }}${{ matrix.asset_suffix }}.asc | |
asset_name: ${{ env.PACKAGE_PREFIX }}${{ matrix.asset_prefix }}${{ steps.previoustag.outputs.version }}${{ matrix.asset_suffix }}.asc | |
tag: ${{ steps.previoustag.outputs.tag }} | |
overwrite: true |