Skip to content

publish-nym-vpn-core #106

publish-nym-vpn-core

publish-nym-vpn-core #106

name: publish-nym-vpn-core.yml
on:
schedule:
- cron: "4 3 * * *"
workflow_dispatch:
inputs:
tag_name:
description: "Tag name for release"
required: false
default: nightly
push:
tags:
- nym-vpn-core-v[0-9]+.[0-9]+.[0-9]+*
env:
CARGO_TERM_COLOR: always
UPLOAD_DIR_LINUX: linux_artifacts
UPLOAD_DIR_MAC: mac_artifacts
UPLOAD_DIR_DEB: deb_artifacts
UPLOAD_DIR_ANDROID: android_artifacts
UPLOAD_DIR_IOS: ios_artifacts
UPLOAD_DIR_WINDOWS: windows_artifacts
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
build-nym-vpn-core-linux:
uses: ./.github/workflows/build-nym-vpn-core-linux.yml
build-nym-vpn-core-deb:
uses: ./.github/workflows/build-nym-vpn-core-deb.yml
build-nym-vpn-core-mac:
uses: ./.github/workflows/build-nym-vpn-core-mac.yml
build-nym-vpn-core-android:
uses: ./.github/workflows/build-nym-vpn-core-android.yml
build-nym-vpn-core-ios:
uses: ./.github/workflows/build-nym-vpn-core-ios.yml
build-nym-vpn-core-windows:
uses: ./.github/workflows/build-nym-vpn-core-windows.yml
generate-build-info-core:
uses: ./.github/workflows/generate-build-info-core.yml
needs: build-nym-vpn-core-linux
with:
build-profile: release
rust-version: ${{ needs.build-nym-vpn-core-linux.outputs.RUST_VERSION }}
publish:
needs:
- build-nym-vpn-core-linux
- build-nym-vpn-core-mac
- build-nym-vpn-core-deb
- build-nym-vpn-core-android
- build-nym-vpn-core-ios
- build-nym-vpn-core-windows
- generate-build-info-core
runs-on: ubuntu-22.04-arc
permissions:
contents: write
outputs:
tag: ${{ steps.set_tag.outputs.tag }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
# Adding envsubst, gh cli
- name: Install system dependencies
run: |
sudo apt update && sudo apt install -y gettext-base gh zip
- name: Install rust toolchain
uses: brndnmtthws/rust-action-rustup@v1
with:
toolchain: stable
components: rustfmt, clippy
- name: Get package version cli
id: package-version-cli
uses: nicolaiunrein/cargo-get@master
with:
subcommand: package.version --entry nym-vpn-core/nym-vpn-cli
- name: Get package version vpnc
id: package-version-vpnc
uses: nicolaiunrein/cargo-get@master
with:
subcommand: package.version --entry nym-vpn-core/nym-vpnc
- name: Get package version vpnd
id: package-version-vpnd
uses: nicolaiunrein/cargo-get@master
with:
subcommand: package.version --entry nym-vpn-core/nym-vpnd
- name: Get package version lib
id: package-version-lib
uses: nicolaiunrein/cargo-get@master
with:
subcommand: package.version --entry nym-vpn-core/nym-vpn-lib
- name: Check tag name consistency
if: github.event_name == 'push'
shell: bash
run: |
if [[ "${{ steps.package-version-cli.outputs.metadata }}" == "${{ steps.package-version-vpnc.outputs.metadata }}" && "${{ steps.package-version-cli.outputs.metadata }}" == "${{ steps.package-version-vpnd.outputs.metadata }}" && "${{ steps.package-version-cli.outputs.metadata }}" == "${{ steps.package-version-lib.outputs.metadata }}" ]]; then
if [[ nym-vpn-core-v${{ steps.package-version-cli.outputs.metadata }} != ${{ github.ref_name }} ]]; then
exit 1
fi
else exit 1
fi
- name: Download artifacts
uses: actions/download-artifact@v4
# Setup TAG_NAME, which is used as a general "name"
- if: github.event_name == 'workflow_dispatch'
run: echo "TAG_NAME=${{ github.event.inputs.tag_name }}" >> $GITHUB_ENV
- if: github.event_name == 'schedule'
run: echo 'TAG_NAME=nightly' >> $GITHUB_ENV
- if: github.event_name == 'push'
run: echo "TAG_NAME=${{ github.ref_name }}" >> $GITHUB_ENV
- name: Generate checksums and create tar.gz archive per platform
run: |
ARCHIVE_LINUX=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }}_linux_x86_64
ARCHIVE_MAC=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }}_macos_universal
ARCHIVE_ANDROID=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }}_android_aarch64
ARCHIVE_IOS=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }}_ios_universal
ARCHIVE_WINDOWS=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }}_windows_x86_64
echo "ARCHIVE_LINUX=${ARCHIVE_LINUX}" >> $GITHUB_ENV
echo "ARCHIVE_MAC=${ARCHIVE_MAC}" >> $GITHUB_ENV
echo "ARCHIVE_ANDROID=${ARCHIVE_ANDROID}" >> $GITHUB_ENV
echo "ARCHIVE_IOS=${ARCHIVE_IOS}" >> $GITHUB_ENV
echo "ARCHIVE_WINDOWS=${ARCHIVE_WINDOWS}" >> $GITHUB_ENV
mv ${{ env.UPLOAD_DIR_LINUX }} ${ARCHIVE_LINUX}
mv ${{ env.UPLOAD_DIR_MAC }} ${ARCHIVE_MAC}
mv ${{ env.UPLOAD_DIR_ANDROID }} ${ARCHIVE_ANDROID}
mv ${{ env.UPLOAD_DIR_IOS }} ${ARCHIVE_IOS}
mv ${{ env.UPLOAD_DIR_WINDOWS }} ${ARCHIVE_WINDOWS}
tar cvzf ${ARCHIVE_LINUX}.tar.gz ${ARCHIVE_LINUX}
tar cvzf ${ARCHIVE_MAC}.tar.gz ${ARCHIVE_MAC}
tar cvzf ${ARCHIVE_ANDROID}.tar.gz ${ARCHIVE_ANDROID}
zip -r ${ARCHIVE_IOS}.zip ${ARCHIVE_IOS}
zip -r ${ARCHIVE_WINDOWS}.zip ${ARCHIVE_WINDOWS}
sha256sum ${ARCHIVE_LINUX}.tar.gz > "${ARCHIVE_LINUX}.tar.gz.sha256sum"
sha256sum ${ARCHIVE_MAC}.tar.gz > "${ARCHIVE_MAC}.tar.gz.sha256sum"
sha256sum ${ARCHIVE_ANDROID}.tar.gz > "${ARCHIVE_ANDROID}.tar.gz.sha256sum"
sha256sum ${ARCHIVE_IOS}.zip > "${ARCHIVE_IOS}.zip.sha256sum"
sha256sum ${ARCHIVE_WINDOWS}.zip > "${ARCHIVE_WINDOWS}.zip.sha256sum"
pushd ${{ env.UPLOAD_DIR_DEB }}
for deb in nym-vpn*_amd64.deb; do
sha256sum ${deb} > ${deb}.sha256sum
done
popd
echo 'SHA256_CHECKSUMS<<EOF' >> $GITHUB_ENV
cat ${ARCHIVE_LINUX}.tar.gz.sha256sum >> $GITHUB_ENV
cat ${ARCHIVE_MAC}.tar.gz.sha256sum >> $GITHUB_ENV
cat ${ARCHIVE_ANDROID}.tar.gz.sha256sum >> $GITHUB_ENV
cat ${ARCHIVE_IOS}.zip.sha256sum >> $GITHUB_ENV
cat ${ARCHIVE_WINDOWS}.zip.sha256sum >> $GITHUB_ENV
pushd ${{ env.UPLOAD_DIR_DEB }}
for deb_sha256 in nym-vpn*_amd64.deb.sha256sum; do
cat ${deb_sha256} >> $GITHUB_ENV
done
echo 'EOF' >> $GITHUB_ENV
- name: Setting subject, prerelease and notes files
if: ${{ contains(env.TAG_NAME, 'nightly') }}
run: |
(echo "SUBJECT=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }} nightly prerelease build";
echo 'PRERELEASE=--prerelease';
echo 'NOTES_FILE=release-notes/release-notes-core-nightly.md') >> $GITHUB_ENV
gh release delete nightly --yes || true
git push origin :nightly || true
- name: Removing --prerelease if needed
if: ${{ !contains(env.TAG_NAME, 'nightly') }}
run: |
(echo "SUBJECT=$TAG_NAME"
echo 'PRERELEASE='
echo 'NOTES_FILE=release-notes/release-notes-core.md') >> $GITHUB_ENV
- name: Build info
run: |
echo 'BUILD_INFO<<EOF' >> $GITHUB_ENV
cat build-info/build-info.txt >> $GITHUB_ENV
echo 'EOF' >> $GITHUB_ENV
- name: Publish release
run: |
envsubst < "$GITHUB_WORKSPACE/.github/workflows/$NOTES_FILE" > "$RUNNER_TEMP/release-notes.md"
gh release create $TAG_NAME ${{ env.PRERELEASE }} \
--notes-file "$RUNNER_TEMP/release-notes.md" \
--title "$SUBJECT" \
--target $GITHUB_SHA \
${{ env.ARCHIVE_LINUX }}.tar.gz ${{ env.ARCHIVE_LINUX }}.tar.gz.sha256sum \
${{ env.ARCHIVE_MAC }}.tar.gz ${{ env.ARCHIVE_MAC }}.tar.gz.sha256sum \
${{ env.ARCHIVE_ANDROID }}.tar.gz ${{ env.ARCHIVE_ANDROID }}.tar.gz.sha256sum \
${{ env.ARCHIVE_IOS }}.zip ${{ env.ARCHIVE_IOS }}.zip.sha256sum \
${{ env.ARCHIVE_WINDOWS }}.zip ${{ env.ARCHIVE_WINDOWS }}.zip.sha256sum \
${{ env.UPLOAD_DIR_DEB}}/nym-vpn*_amd64.deb ${{ env.UPLOAD_DIR_DEB }}/nym-vpn*_amd64.deb.sha256sum
gen-hashes:
uses: ./.github/workflows/gen-hashes-json.yml
needs: publish
with:
release_tag: ${{ needs.publish.outputs.tag }}
secrets: inherit