Added missing newline to release.yml #131

Workflow file for this run

.github/workflows/release.yml at 9bb1a0e

	name: "Test and release"

	on:
	workflow_dispatch:
	push:

	jobs:
	prepare:
	name: Prepare
	runs-on: ubuntu-latest
	outputs:
	type: ${{ steps.get_type.outputs.type }}
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- name: Check if release, prerelease or snapshot
	id: get_type
	run: \|
	if [[ "${{ github.ref_type }}" == "tag" ]]; then
	# Branch with a tag -> release or prerelease
	if [[ ${{ github.ref_name }} == "rc" ]] \|\| \
	[[ ${{ github.ref_name }} == "beta" ]] \|\| \
	[[ ${{ github.ref_name }} == "alpha" ]]; then
	echo "type=prerelease" >> $GITHUB_OUTPUT
	else
	echo "type=release" >> $GITHUB_OUTPUT
	fi
	else
	# everything else -> snapshot
	echo "type=snapshot" >> $GITHUB_OUTPUT
	fi

	test:
	name: Test
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- name: Setup Go
	id: setup_go
	uses: actions/setup-go@v3
	with:
	go-version-file: 'go.mod'
	cache: true
	check-latest: true

	- name: Tests
	id: test
	run: \|
	go mod tidy
	go test -v ./...

	build-snapshot:
	name: Build snapshot
	needs: [ prepare, test ]
	if: ${{ needs.prepare.outputs.type == 'snapshot' }}
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- name: Setup Go
	id: setup_go
	uses: actions/setup-go@v3
	with:
	go-version-file: 'go.mod'
	cache: true
	check-latest: true

	- name: Run GoReleaser snapshot
	id: goreleaser-snapshot
	uses: goreleaser/goreleaser-action@v4
	with:
	version: latest
	args: --clean --snapshot
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Upload artifacts
	uses: actions/upload-artifact@v3
	with:
	name: packages-snapshot
	path: \|
	dist/*.deb
	dist/*.rpm
	dist/*.tar.gz
	dist/*.zip
	dist/Checksums.txt
	if-no-files-found: error

	build-release:
	name: Build release
	needs: [ prepare, test ]
	if: ${{ needs.prepare.outputs.type == 'release' \|\| needs.prepare.outputs.type == 'prerelease' }}
	runs-on: ubuntu-latest
	outputs:
	gpg_fingerprint: ${{ steps.import_gpg.outputs.fingerprint }}
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- name: Setup Go
	id: setup_go
	uses: actions/setup-go@v3
	with:
	go-version-file: 'go.mod'
	cache: true
	check-latest: true

	- name: Import GPG key
	id: import_gpg
	uses: crazy-max/ghaction-import-gpg@v5
	with:
	gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
	passphrase: ${{ secrets.GPG_PASSPHRASE }}

	- name: Install required packages for deb and rpm signing
	run: \|
	sudo apt-get install rpm dpkg-sig -y

	- name: Run GoReleaser release
	id: goreleaser-release
	uses: goreleaser/goreleaser-action@v4
	with:
	version: latest
	args: release --clean
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Sign deb packages
	id: sign_deb
	run: \|
	for file in dist/*.deb; do
	dpkg-sig --sign builder -k ${{ steps.import_gpg.outputs.fingerprint }} $file
	done

	- name: Sign rpm packages
	id: sign_rpm
	run: \|
	# Setup .rpmmacros
	cat <<EOF > ~/.rpmmacros
	%_signature gpg
	%_gpg_name ${{ steps.import_gpg.outputs.fingerprint }}
	%_gpgbin /usr/bin/gpg2
	%__gpg_sign_cmd %{__gpg} \
	gpg \
	--batch \
	--pinentry-mode loopback \
	--verbose \
	--digest-algo sha512 \
	--local-user "%{_gpg_name}" \
	--no-armour \
	--detach-sign \
	--output %{__signature_filename} %{__plaintext_filename}
	EOF
	for file in dist/*.rpm; do
	rpm --addsign $file
	done

	- name: Upload artifacts
	id: upload_artifacts
	uses: actions/upload-artifact@v3
	with:
	name: packages-release
	path: \|
	dist/*.deb
	dist/*.rpm
	dist/*.tar.gz
	dist/*.zip
	dist/Checksums.txt
	if-no-files-found: error

	create-github-release:
	name: Create GitHub release
	needs: [ prepare, build-release ]
	if: ${{ needs.prepare.outputs.type == 'release' \|\| needs.prepare.outputs.type == 'prerelease' }}
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	with:
	fetch-depth: 0

	- name: Create change log using git log
	id: changelog
	run: \|
	cat <<EOF > CHANGELOG.md
	## Changelog
	$(git log --graph --pretty=format:'%h - %s (@%an)' --abbrev-commit $(git describe --tags --abbrev=0)..HEAD)
	EOF

	- name: Download artifacts
	id: download_artifacts
	uses: actions/download-artifact@v3
	with:
	name: packages-release
	path: packages

	- name: Create GitHub release
	id: create_release
	uses: softprops/action-gh-release@v1
	with:
	tag_name: ${{ github.ref_name }}
	name: Release v${{ github.ref_name }}
	body_path: CHANGELOG.md
	prerelease: ${{ needs.prepare.outputs.type == 'prerelease' }}
	files: \|
	packages/*.deb
	packages/*.rpm
	packages/*.tar.gz
	packages/*.zip
	packages/Checksums.txt

	# upload-to-deb-repository:
	# name: Upload to deb repository
	# needs: [ build-release ]
	# #if: ${{ needs.prepare.outputs.type == 'release' }}
	# runs-on: ubuntu-latest
	# steps:
	# - name: Download artifacts
	# uses: actions/download-artifact@v3
	# with:
	# name: packages-release
	# path: packages
	#
	# - name: Set up SSH
	# id: setup_ssh
	# uses: webfactory/ssh-agent@v0.7.0
	# with:
	# ssh-private-key: ${{ secrets.REPOSITORY_SSH_KEY }}
	# log-public-key: false
	#
	# - name: Add repository host to known hosts
	# run: \|
	# mkdir -p ~/.ssh
	# echo "${{ secrets.KNOWN_HOSTS }}" >> ~/.ssh/known_hosts
	#
	# - name: Upload using rsync over SSH
	# id: upload_to_repository
	# run: \|
	# package_type="deb"
	# package_dir="${{ secrets.REPOSITORY_PATH }}/$package_type/pool/main"
	#
	# packages=$(find packages -type f -name *.$package_type)
	#
	# for package in $packages; do
	# package_name=$(basename $package)
	# package_arch=${package_name%.$package_type}
	# package_arch=${package_arch##*_}
	#
	# # Create directory if not exists
	# ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \
	# "mkdir -p $package_dir"
	#
	# # Upload package
	# echo "Uploading $package_name to ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir"
	# rsync -avz --no-perms --no-owner --no-group -e "ssh -p ${{ secrets.REPOSITORY_HOST_PORT }}" $package \
	# ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir/
	# done
	#
	# - name: Update DEB repository
	# id: update_deb_repository
	# run: \|
	# package_type="deb"
	# base_dir="${{ secrets.REPOSITORY_PATH }}/$package_type"
	# package_dir=$base_dir/pool/main
	# dist_dir_base=$base_dir/dists
	# dist_dir_stable=$dist_dir_base/stable
	# dist_dir=$dist_dir_stable/main
	#
	# ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \
	# "cd $base_dir && \
	# mkdir -p $package_dir && \
	# mkdir -p $dist_dir_base && \
	# mkdir -p $dist_dir_stable && \
	# mkdir -p $dist_dir && \
	# apt-ftparchive packages ${package_dir#"${base_dir}/"}/ > $dist_dir/Packages && \
	# gzip -c $dist_dir/Packages > $dist_dir/Packages.gz && \
	# bzip2 -c $dist_dir/Packages > $dist_dir/Packages.bz2 && \
	# apt-ftparchive release $dist_dir > $dist_dir/Release && \
	# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \
	# --batch \
	# --pinentry-mode loopback \
	# --verbose \
	# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \
	# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \
	# --armor \
	# --detach-sign \
	# --output $dist_dir/Release.gpg \
	# --yes $dist_dir/Release && \
	# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \
	# --batch \
	# --pinentry-mode loopback \
	# --verbose \
	# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \
	# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \
	# --clearsign \
	# --output $dist_dir/InRelease \
	# --yes $dist_dir/Release \
	# apt-ftparchive release $dist_dir_stable > $dist_dir_stable/Release && \
	# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \
	# --batch \
	# --pinentry-mode loopback \
	# --verbose \
	# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \
	# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \
	# --armor \
	# --detach-sign \
	# --output $dist_dir_stable/Release.gpg \
	# --yes $dist_dir_stable/Release && \
	# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \
	# --batch \
	# --pinentry-mode loopback \
	# --verbose \
	# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \
	# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \
	# --clearsign \
	# --output $dist_dir_stable/InRelease \
	# --yes $dist_dir_stable/Release"


	upload-to-rpm-repository:
	name: Upload to rpm repository
	needs: [ prepare, build-release ]
	if: ${{ needs.prepare.outputs.type == 'release' }}
	runs-on: ubuntu-latest
	steps:
	- name: Download artifacts
	uses: actions/download-artifact@v3
	with:
	name: packages-release
	path: packages

	- name: Set up SSH
	id: setup_ssh
	uses: webfactory/ssh-agent@v0.7.0
	with:
	ssh-private-key: ${{ secrets.REPOSITORY_SSH_KEY }}
	log-public-key: false

	- name: Add repository host to known hosts
	run: \|
	mkdir -p ~/.ssh
	echo "${{ secrets.KNOWN_HOSTS }}" >> ~/.ssh/known_hosts

	- name: Upload using rsync over SSH and update repository
	id: upload_to_repository
	run: \|
	package_type="rpm"
	packages=$(find packages -type f -name *.$package_type)

	for package in $packages; do
	package_name=$(basename $package)
	package_arch=${package_name%.$package_type}
	package_arch=${package_arch##*.}

	package_dir=${{ secrets.REPOSITORY_PATH }}/$package_type/release/$package_arch

	# Create directory if not exists
	ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \
	"mkdir -p $package_dir"

	# Upload package
	echo "Uploading $package_name to ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir"
	rsync -avz --no-perms --no-owner --no-group -e "ssh -p ${{ secrets.REPOSITORY_HOST_PORT }}" $package \
	${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir/

	# Update rpm repository
	ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \
	"cd $package_dir && \
	createrepo --update . && \
	gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \
	--batch \
	--pinentry-mode loopback \
	--verbose \
	--local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \
	--passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \
	--armor \
	--detach-sign \
	--yes ./repodata/repomd.xml"
	done

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Added missing newline to release.yml #131

Workflow file

Added missing newline to release.yml #131

Jobs

Run details

Workflow file for this run