publish-nym-vpn-core #107
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: publish-nym-vpn-core.yml | |
on: | |
schedule: | |
- cron: "4 3 * * *" | |
workflow_dispatch: | |
inputs: | |
tag_name: | |
description: "Tag name for release" | |
required: false | |
default: nightly | |
push: | |
tags: | |
- nym-vpn-core-v[0-9]+.[0-9]+.[0-9]+* | |
env: | |
CARGO_TERM_COLOR: always | |
UPLOAD_DIR_LINUX: linux_artifacts | |
UPLOAD_DIR_MAC: mac_artifacts | |
UPLOAD_DIR_DEB: deb_artifacts | |
UPLOAD_DIR_ANDROID: android_artifacts | |
UPLOAD_DIR_IOS: ios_artifacts | |
UPLOAD_DIR_WINDOWS: windows_artifacts | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
jobs: | |
build-nym-vpn-core-linux: | |
uses: ./.github/workflows/build-nym-vpn-core-linux.yml | |
build-nym-vpn-core-deb: | |
uses: ./.github/workflows/build-nym-vpn-core-deb.yml | |
build-nym-vpn-core-mac: | |
uses: ./.github/workflows/build-nym-vpn-core-mac.yml | |
build-nym-vpn-core-android: | |
uses: ./.github/workflows/build-nym-vpn-core-android.yml | |
build-nym-vpn-core-ios: | |
uses: ./.github/workflows/build-nym-vpn-core-ios.yml | |
build-nym-vpn-core-windows: | |
uses: ./.github/workflows/build-nym-vpn-core-windows.yml | |
generate-build-info-core: | |
uses: ./.github/workflows/generate-build-info-core.yml | |
needs: build-nym-vpn-core-linux | |
with: | |
build-profile: release | |
rust-version: ${{ needs.build-nym-vpn-core-linux.outputs.RUST_VERSION }} | |
publish: | |
needs: | |
- build-nym-vpn-core-linux | |
- build-nym-vpn-core-mac | |
- build-nym-vpn-core-deb | |
- build-nym-vpn-core-android | |
- build-nym-vpn-core-ios | |
- build-nym-vpn-core-windows | |
- generate-build-info-core | |
runs-on: ubuntu-22.04-arc | |
permissions: | |
contents: write | |
outputs: | |
tag: ${{ steps.set_tag.outputs.tag }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
# Adding envsubst, gh cli | |
- name: Install system dependencies | |
run: | | |
sudo apt update && sudo apt install -y gettext-base gh zip | |
- name: Install rust toolchain | |
uses: brndnmtthws/rust-action-rustup@v1 | |
with: | |
toolchain: stable | |
components: rustfmt, clippy | |
- name: Get package version cli | |
id: package-version-cli | |
uses: nicolaiunrein/cargo-get@master | |
with: | |
subcommand: package.version --entry nym-vpn-core/nym-vpn-cli | |
- name: Get package version vpnc | |
id: package-version-vpnc | |
uses: nicolaiunrein/cargo-get@master | |
with: | |
subcommand: package.version --entry nym-vpn-core/nym-vpnc | |
- name: Get package version vpnd | |
id: package-version-vpnd | |
uses: nicolaiunrein/cargo-get@master | |
with: | |
subcommand: package.version --entry nym-vpn-core/nym-vpnd | |
- name: Get package version lib | |
id: package-version-lib | |
uses: nicolaiunrein/cargo-get@master | |
with: | |
subcommand: package.version --entry nym-vpn-core/nym-vpn-lib | |
- name: Check tag name consistency | |
if: github.event_name == 'push' | |
shell: bash | |
run: | | |
if [[ "${{ steps.package-version-cli.outputs.metadata }}" == "${{ steps.package-version-vpnc.outputs.metadata }}" && "${{ steps.package-version-cli.outputs.metadata }}" == "${{ steps.package-version-vpnd.outputs.metadata }}" && "${{ steps.package-version-cli.outputs.metadata }}" == "${{ steps.package-version-lib.outputs.metadata }}" ]]; then | |
if [[ nym-vpn-core-v${{ steps.package-version-cli.outputs.metadata }} != ${{ github.ref_name }} ]]; then | |
exit 1 | |
fi | |
else exit 1 | |
fi | |
- name: Download artifacts | |
uses: actions/download-artifact@v4 | |
# Setup TAG_NAME, which is used as a general "name" | |
- if: github.event_name == 'workflow_dispatch' | |
run: echo "TAG_NAME=${{ github.event.inputs.tag_name }}" >> $GITHUB_ENV | |
- if: github.event_name == 'schedule' | |
run: echo 'TAG_NAME=nightly' >> $GITHUB_ENV | |
- if: github.event_name == 'push' | |
run: echo "TAG_NAME=${{ github.ref_name }}" >> $GITHUB_ENV | |
- name: Generate checksums and create tar.gz archive per platform | |
run: | | |
ARCHIVE_LINUX=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }}_linux_x86_64 | |
ARCHIVE_MAC=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }}_macos_universal | |
ARCHIVE_ANDROID=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }}_android_aarch64 | |
ARCHIVE_IOS=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }}_ios_universal | |
ARCHIVE_WINDOWS=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }}_windows_x86_64 | |
echo "ARCHIVE_LINUX=${ARCHIVE_LINUX}" >> $GITHUB_ENV | |
echo "ARCHIVE_MAC=${ARCHIVE_MAC}" >> $GITHUB_ENV | |
echo "ARCHIVE_ANDROID=${ARCHIVE_ANDROID}" >> $GITHUB_ENV | |
echo "ARCHIVE_IOS=${ARCHIVE_IOS}" >> $GITHUB_ENV | |
echo "ARCHIVE_WINDOWS=${ARCHIVE_WINDOWS}" >> $GITHUB_ENV | |
mv ${{ env.UPLOAD_DIR_LINUX }} ${ARCHIVE_LINUX} | |
mv ${{ env.UPLOAD_DIR_MAC }} ${ARCHIVE_MAC} | |
mv ${{ env.UPLOAD_DIR_ANDROID }} ${ARCHIVE_ANDROID} | |
mv ${{ env.UPLOAD_DIR_IOS }} ${ARCHIVE_IOS} | |
mv ${{ env.UPLOAD_DIR_WINDOWS }} ${ARCHIVE_WINDOWS} | |
tar cvzf ${ARCHIVE_LINUX}.tar.gz ${ARCHIVE_LINUX} | |
tar cvzf ${ARCHIVE_MAC}.tar.gz ${ARCHIVE_MAC} | |
tar cvzf ${ARCHIVE_ANDROID}.tar.gz ${ARCHIVE_ANDROID} | |
zip -r ${ARCHIVE_IOS}.zip ${ARCHIVE_IOS} | |
zip -r ${ARCHIVE_WINDOWS}.zip ${ARCHIVE_WINDOWS} | |
sha256sum ${ARCHIVE_LINUX}.tar.gz > "${ARCHIVE_LINUX}.tar.gz.sha256sum" | |
sha256sum ${ARCHIVE_MAC}.tar.gz > "${ARCHIVE_MAC}.tar.gz.sha256sum" | |
sha256sum ${ARCHIVE_ANDROID}.tar.gz > "${ARCHIVE_ANDROID}.tar.gz.sha256sum" | |
sha256sum ${ARCHIVE_IOS}.zip > "${ARCHIVE_IOS}.zip.sha256sum" | |
sha256sum ${ARCHIVE_WINDOWS}.zip > "${ARCHIVE_WINDOWS}.zip.sha256sum" | |
pushd ${{ env.UPLOAD_DIR_DEB }} | |
for deb in nym-vpn*_amd64.deb; do | |
sha256sum ${deb} > ${deb}.sha256sum | |
done | |
popd | |
echo 'SHA256_CHECKSUMS<<EOF' >> $GITHUB_ENV | |
cat ${ARCHIVE_LINUX}.tar.gz.sha256sum >> $GITHUB_ENV | |
cat ${ARCHIVE_MAC}.tar.gz.sha256sum >> $GITHUB_ENV | |
cat ${ARCHIVE_ANDROID}.tar.gz.sha256sum >> $GITHUB_ENV | |
cat ${ARCHIVE_IOS}.zip.sha256sum >> $GITHUB_ENV | |
cat ${ARCHIVE_WINDOWS}.zip.sha256sum >> $GITHUB_ENV | |
pushd ${{ env.UPLOAD_DIR_DEB }} | |
for deb_sha256 in nym-vpn*_amd64.deb.sha256sum; do | |
cat ${deb_sha256} >> $GITHUB_ENV | |
done | |
echo 'EOF' >> $GITHUB_ENV | |
- name: Setting subject, prerelease and notes files | |
if: ${{ contains(env.TAG_NAME, 'nightly') }} | |
run: | | |
(echo "SUBJECT=nym-vpn-core-v${{ steps.package-version-lib.outputs.metadata }} nightly prerelease build"; | |
echo 'PRERELEASE=--prerelease'; | |
echo 'NOTES_FILE=release-notes/release-notes-core-nightly.md') >> $GITHUB_ENV | |
gh release delete nightly --yes || true | |
git push origin :nightly || true | |
- name: Removing --prerelease if needed | |
if: ${{ !contains(env.TAG_NAME, 'nightly') }} | |
run: | | |
(echo "SUBJECT=$TAG_NAME" | |
echo 'PRERELEASE=' | |
echo 'NOTES_FILE=release-notes/release-notes-core.md') >> $GITHUB_ENV | |
- name: Build info | |
run: | | |
echo 'BUILD_INFO<<EOF' >> $GITHUB_ENV | |
cat build-info/build-info.txt >> $GITHUB_ENV | |
echo 'EOF' >> $GITHUB_ENV | |
- name: Publish release | |
run: | | |
envsubst < "$GITHUB_WORKSPACE/.github/workflows/$NOTES_FILE" > "$RUNNER_TEMP/release-notes.md" | |
gh release create $TAG_NAME ${{ env.PRERELEASE }} \ | |
--notes-file "$RUNNER_TEMP/release-notes.md" \ | |
--title "$SUBJECT" \ | |
--target $GITHUB_SHA \ | |
${{ env.ARCHIVE_LINUX }}.tar.gz ${{ env.ARCHIVE_LINUX }}.tar.gz.sha256sum \ | |
${{ env.ARCHIVE_MAC }}.tar.gz ${{ env.ARCHIVE_MAC }}.tar.gz.sha256sum \ | |
${{ env.ARCHIVE_ANDROID }}.tar.gz ${{ env.ARCHIVE_ANDROID }}.tar.gz.sha256sum \ | |
${{ env.ARCHIVE_IOS }}.zip ${{ env.ARCHIVE_IOS }}.zip.sha256sum \ | |
${{ env.ARCHIVE_WINDOWS }}.zip ${{ env.ARCHIVE_WINDOWS }}.zip.sha256sum \ | |
${{ env.UPLOAD_DIR_DEB}}/nym-vpn*_amd64.deb ${{ env.UPLOAD_DIR_DEB }}/nym-vpn*_amd64.deb.sha256sum | |
gen-hashes: | |
uses: ./.github/workflows/gen-hashes-json.yml | |
needs: publish | |
with: | |
release_tag: ${{ needs.publish.outputs.tag }} | |
secrets: inherit |