From 7afec520c4b1032d7e67a05a41e4e2913bcd9312 Mon Sep 17 00:00:00 2001 From: Earl Warren Date: Fri, 16 Jun 2023 07:44:19 +0200 Subject: [PATCH] [CI] Forgejo Actions based release process (squash) generate .xz files and sources Generate .xz files Check .sha256 Generate the source tarbal --- .forgejo/actions/build-release/action.yml | 13 +++++-- .../workflows/build-release-integration.yml | 38 +++++++++++++------ .forgejo/workflows/build-release.yml | 23 ++++++++--- Makefile | 2 + 4 files changed, 57 insertions(+), 19 deletions(-) diff --git a/.forgejo/actions/build-release/action.yml b/.forgejo/actions/build-release/action.yml index 90f2f6f722..1eb53bab7f 100644 --- a/.forgejo/actions/build-release/action.yml +++ b/.forgejo/actions/build-release/action.yml @@ -44,6 +44,10 @@ runs: - run: echo "${{ github.action_path }}" >> $GITHUB_PATH shell: bash + - name: Install dependencies + run: | + apt-get install -y -qq xz-utils + - name: set -x if verbose is required id: verbose run: | @@ -124,12 +128,15 @@ runs: run: | ${{ steps.verbose.outputs.shell }} mkdir -p release + cd release for platform in $(echo ${{ inputs.platforms }} | tr ',' ' '); do arch=$(echo $platform | sed -e 's|linux/||g' -e 's|arm/v6|arm-6|g') docker create --platform $platform --name forgejo-$arch ${{ steps.registry.outputs.host-port }}/${{ inputs.owner }}/${{ inputs.repository }}:${{ steps.build.outputs.tag }}${{ inputs.suffix }} - binary="${{ inputs.binary-name }}-${{ steps.build.outputs.tag }}" - docker cp forgejo-$arch:${{ inputs.binary-path }} release/$binary-$arch - shasum -a 256 < release/$binary-$arch | cut -f1 -d ' ' > release/$binary-$arch.sha256 + binary="${{ inputs.binary-name }}-${{ steps.build.outputs.tag }}-linux" + docker cp forgejo-$arch:${{ inputs.binary-path }} $binary-$arch + xz --keep -9 $binary-$arch + shasum -a 256 $binary-$arch > $binary-$arch.sha256 + shasum -a 256 $binary-$arch.xz > $binary-$arch.xz.sha256 docker rm forgejo-$arch done diff --git a/.forgejo/workflows/build-release-integration.yml b/.forgejo/workflows/build-release-integration.yml index 8ca995cc29..bb3a460951 100644 --- a/.forgejo/workflows/build-release-integration.yml +++ b/.forgejo/workflows/build-release-integration.yml @@ -28,6 +28,7 @@ jobs: run: | set -x + version=1.2.3 cat > /etc/docker/daemon.json < $dir/Dockerfile < /app/gitea/gitea ; chmod +x /app/gitea/gitea + RUN ( echo '#!/bin/sh' ; echo "echo forgejo v$version" ) > /app/gitea/gitea ; chmod +x /app/gitea/gitea EOF cp $dir/Dockerfile $dir/Dockerfile.rootless + sources=forgejo-src-$version.tar.gz + ( echo 'sources-tarbal:' ; echo -e '\tmkdir -p dist/release ; cd dist/release ; sources=forgejo-src-$(VERSION).tar.gz ; echo sources > $$sources ; shasum -a 256 $$sources > $$sources.sha256' ) > $dir/Makefile forgejo-test-helper.sh push $dir $url root forgejo |& tee $dir/pushed eval $(grep '^sha=' < $dir/pushed) @@ -60,13 +65,13 @@ jobs: # # Push a tag to trigger the release workflow and wait for it to complete # - forgejo-test-helper.sh api POST $url repos/root/forgejo/tags ${{ steps.forgejo.outputs.token }} --data-raw '{"tag_name": "v1.2.3", "target": "'$sha'"}' + forgejo-test-helper.sh api POST $url repos/root/forgejo/tags ${{ steps.forgejo.outputs.token }} --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}' LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha # # uncomment to see the logs even when everything is reported to be working ok # - cat $FORGEJO_RUNNER_LOGS + #cat $FORGEJO_RUNNER_LOGS # # Minimal sanity checks. e2e test is for the setup-forgejo @@ -75,12 +80,23 @@ jobs: # build, only the sanity of the naming of the binaries. # for arch in amd64 arm64 arm-6 ; do - curl -L -sS $url/root/forgejo/releases/download/v1.2.3/forgejo-1.2.3-$arch > forgejo - chmod +x forgejo - ./forgejo --version | grep 1.2.3 - curl -L -sS $url/root/forgejo/releases/download/v1.2.3/forgejo-1.2.3-$arch.sha256 > forgejo.one - shasum -a 256 < forgejo | cut -f1 -d ' ' > forgejo.two - diff forgejo.one forgejo.two + binary=forgejo-$version-linux-$arch + for suffix in '' '.xz' ; do + curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix + if test "$suffix" = .xz ; then + unxz --keep $binary$suffix + fi + chmod +x $binary + ./$binary --version | grep $version + curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256 + shasum -a 256 --check $binary$suffix.sha256 + rm $binary$suffix + done done - docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:1.2.3 - docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:1.2.3-rootless + + curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources + curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256 + shasum -a 256 --check $sources.sha256 + + docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version + docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless diff --git a/.forgejo/workflows/build-release.yml b/.forgejo/workflows/build-release.yml index 908f52e5c0..3767d7178d 100644 --- a/.forgejo/workflows/build-release.yml +++ b/.forgejo/workflows/build-release.yml @@ -12,9 +12,9 @@ jobs: steps: - uses: actions/checkout@v3 - - id: verbose + - name: Increase the verbosity when there are no secrets + id: verbose run: | - # if there are no secrets, be verbose if test -z "${{ secrets.TOKEN }}"; then value=true else @@ -22,17 +22,17 @@ jobs: fi echo "value=$value" >> "$GITHUB_OUTPUT" - - id: repository + - name: Sanitize the name of the repository + id: repository run: | set -x # comment out repository="${{ github.repository }}" echo "value=${repository##*/}" >> "$GITHUB_OUTPUT" - - name: when in a test environment, create a token + - name: When in a test environment, create a token id: token if: ${{ secrets.TOKEN == '' }} run: | - set -x # comment out apt-get -qq install -y jq url="${{ env.GITHUB_SERVER_URL }}" hostport=${url##http*://} @@ -43,6 +43,19 @@ jobs: token=$(curl -sS -X POST -H 'Content-Type: application/json' --data-raw '{"name": "release", "scopes": ["all"]}' $api | jq --raw-output .sha1) echo "value=${token}" >> "$GITHUB_OUTPUT" + - uses: https://code.forgejo.org/actions/setup-go@v4 + with: + go-version: ">=1.20" + check-latest: true + + - name: build sources + run: | + apt-get -qq install -y make + tag="${{ github.ref_name }}" + make VERSION=${tag##*v} sources-tarbal + mv dist/release release + find release | grep tar.gz # sanity check to fail fast + - name: build container & release (when TOKEN secret is not set) if: ${{ secrets.TOKEN == '' }} uses: ./.forgejo/actions/build-release diff --git a/Makefile b/Makefile index fa664b5c57..56ab728881 100644 --- a/Makefile +++ b/Makefile @@ -821,6 +821,8 @@ $(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ) .PHONY: release release: frontend generate release-linux release-copy release-compress vendor release-sources release-check +sources-tarbal: vendor release-sources release-check + $(DIST_DIRS): mkdir -p $(DIST_DIRS)