Bumped zerolog to 1.30.0 #134
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Test and release" | |
on: | |
workflow_dispatch: | |
push: | |
jobs: | |
prepare: | |
name: Prepare | |
runs-on: ubuntu-latest | |
outputs: | |
type: ${{ steps.get_type.outputs.type }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Check if release, prerelease or snapshot | |
id: get_type | |
run: | | |
if [[ "${{ github.ref_type }}" == "tag" ]]; then | |
# Branch with a tag -> release or prerelease | |
if [[ ${{ github.ref_name }} == *"rc"* ]] || \ | |
[[ ${{ github.ref_name }} == *"beta"* ]] || \ | |
[[ ${{ github.ref_name }} == *"alpha"* ]]; then | |
echo "type=prerelease" >> $GITHUB_OUTPUT | |
else | |
echo "type=release" >> $GITHUB_OUTPUT | |
fi | |
else | |
# everything else -> snapshot | |
echo "type=snapshot" >> $GITHUB_OUTPUT | |
fi | |
test: | |
name: Test | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Setup Go | |
id: setup_go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: 'go.mod' | |
cache: true | |
check-latest: true | |
- name: Tests | |
id: test | |
run: | | |
go mod tidy | |
go test -v ./... | |
build-snapshot: | |
name: Build snapshot | |
needs: [ prepare, test ] | |
if: ${{ needs.prepare.outputs.type == 'snapshot' }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Setup Go | |
id: setup_go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: 'go.mod' | |
cache: true | |
check-latest: true | |
- name: Run GoReleaser snapshot | |
id: goreleaser-snapshot | |
uses: goreleaser/goreleaser-action@v4 | |
with: | |
version: latest | |
args: --clean --snapshot | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: packages-snapshot | |
path: | | |
dist/*.deb | |
dist/*.rpm | |
dist/*.tar.gz | |
dist/*.zip | |
dist/Checksums.txt | |
if-no-files-found: error | |
build-release: | |
name: Build release | |
needs: [ prepare, test ] | |
if: ${{ needs.prepare.outputs.type == 'release' || needs.prepare.outputs.type == 'prerelease' }} | |
runs-on: ubuntu-latest | |
outputs: | |
gpg_fingerprint: ${{ steps.import_gpg.outputs.fingerprint }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Setup Go | |
id: setup_go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: 'go.mod' | |
cache: true | |
check-latest: true | |
- name: Import GPG key | |
id: import_gpg | |
uses: crazy-max/ghaction-import-gpg@v5 | |
with: | |
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.GPG_PASSPHRASE }} | |
- name: Install required packages for deb and rpm signing | |
run: | | |
sudo apt-get install rpm dpkg-sig -y | |
- name: Run GoReleaser release | |
id: goreleaser-release | |
uses: goreleaser/goreleaser-action@v4 | |
with: | |
version: latest | |
args: release --clean | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Sign deb packages | |
id: sign_deb | |
run: | | |
for file in dist/*.deb; do | |
dpkg-sig --sign builder -k ${{ steps.import_gpg.outputs.fingerprint }} $file | |
done | |
- name: Sign rpm packages | |
id: sign_rpm | |
run: | | |
# Setup .rpmmacros | |
cat <<EOF > ~/.rpmmacros | |
%_signature gpg | |
%_gpg_name ${{ steps.import_gpg.outputs.fingerprint }} | |
%_gpgbin /usr/bin/gpg2 | |
%__gpg_sign_cmd %{__gpg} \ | |
gpg \ | |
--batch \ | |
--pinentry-mode loopback \ | |
--verbose \ | |
--digest-algo sha512 \ | |
--local-user "%{_gpg_name}" \ | |
--no-armour \ | |
--detach-sign \ | |
--output %{__signature_filename} %{__plaintext_filename} | |
EOF | |
for file in dist/*.rpm; do | |
rpm --addsign $file | |
done | |
- name: Upload artifacts | |
id: upload_artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: packages-release | |
path: | | |
dist/*.deb | |
dist/*.rpm | |
dist/*.tar.gz | |
dist/*.zip | |
dist/Checksums.txt | |
if-no-files-found: error | |
create-github-release: | |
name: Create GitHub release | |
needs: [ prepare, build-release ] | |
if: ${{ needs.prepare.outputs.type == 'release' || needs.prepare.outputs.type == 'prerelease' }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Create change log using git log | |
id: changelog | |
run: | | |
cat <<EOF > CHANGELOG.md | |
## Changelog | |
$(git log --graph --pretty=format:'%h - %s (@%an)' --abbrev-commit $(git describe --tags --abbrev=0)..HEAD) | |
EOF | |
- name: Download artifacts | |
id: download_artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: packages-release | |
path: packages | |
- name: Create GitHub release | |
id: create_release | |
uses: softprops/action-gh-release@v1 | |
with: | |
tag_name: ${{ github.ref_name }} | |
name: Release v${{ github.ref_name }} | |
body_path: CHANGELOG.md | |
prerelease: ${{ needs.prepare.outputs.type == 'prerelease' }} | |
files: | | |
packages/*.deb | |
packages/*.rpm | |
packages/*.tar.gz | |
packages/*.zip | |
packages/Checksums.txt | |
# upload-to-deb-repository: | |
# name: Upload to deb repository | |
# needs: [ build-release ] | |
# #if: ${{ needs.prepare.outputs.type == 'release' }} | |
# runs-on: ubuntu-latest | |
# steps: | |
# - name: Download artifacts | |
# uses: actions/download-artifact@v3 | |
# with: | |
# name: packages-release | |
# path: packages | |
# | |
# - name: Set up SSH | |
# id: setup_ssh | |
# uses: webfactory/ssh-agent@v0.7.0 | |
# with: | |
# ssh-private-key: ${{ secrets.REPOSITORY_SSH_KEY }} | |
# log-public-key: false | |
# | |
# - name: Add repository host to known hosts | |
# run: | | |
# mkdir -p ~/.ssh | |
# echo "${{ secrets.KNOWN_HOSTS }}" >> ~/.ssh/known_hosts | |
# | |
# - name: Upload using rsync over SSH | |
# id: upload_to_repository | |
# run: | | |
# package_type="deb" | |
# package_dir="${{ secrets.REPOSITORY_PATH }}/$package_type/pool/main" | |
# | |
# packages=$(find packages -type f -name *.$package_type) | |
# | |
# for package in $packages; do | |
# package_name=$(basename $package) | |
# package_arch=${package_name%.$package_type} | |
# package_arch=${package_arch##*_} | |
# | |
# # Create directory if not exists | |
# ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \ | |
# "mkdir -p $package_dir" | |
# | |
# # Upload package | |
# echo "Uploading $package_name to ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir" | |
# rsync -avz --no-perms --no-owner --no-group -e "ssh -p ${{ secrets.REPOSITORY_HOST_PORT }}" $package \ | |
# ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir/ | |
# done | |
# | |
# - name: Update DEB repository | |
# id: update_deb_repository | |
# run: | | |
# package_type="deb" | |
# base_dir="${{ secrets.REPOSITORY_PATH }}/$package_type" | |
# package_dir=$base_dir/pool/main | |
# dist_dir_base=$base_dir/dists | |
# dist_dir_stable=$dist_dir_base/stable | |
# dist_dir=$dist_dir_stable/main | |
# | |
# ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \ | |
# "cd $base_dir && \ | |
# mkdir -p $package_dir && \ | |
# mkdir -p $dist_dir_base && \ | |
# mkdir -p $dist_dir_stable && \ | |
# mkdir -p $dist_dir && \ | |
# apt-ftparchive packages ${package_dir#"${base_dir}/"}/ > $dist_dir/Packages && \ | |
# gzip -c $dist_dir/Packages > $dist_dir/Packages.gz && \ | |
# bzip2 -c $dist_dir/Packages > $dist_dir/Packages.bz2 && \ | |
# apt-ftparchive release $dist_dir > $dist_dir/Release && \ | |
# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \ | |
# --batch \ | |
# --pinentry-mode loopback \ | |
# --verbose \ | |
# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \ | |
# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \ | |
# --armor \ | |
# --detach-sign \ | |
# --output $dist_dir/Release.gpg \ | |
# --yes $dist_dir/Release && \ | |
# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \ | |
# --batch \ | |
# --pinentry-mode loopback \ | |
# --verbose \ | |
# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \ | |
# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \ | |
# --clearsign \ | |
# --output $dist_dir/InRelease \ | |
# --yes $dist_dir/Release \ | |
# apt-ftparchive release $dist_dir_stable > $dist_dir_stable/Release && \ | |
# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \ | |
# --batch \ | |
# --pinentry-mode loopback \ | |
# --verbose \ | |
# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \ | |
# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \ | |
# --armor \ | |
# --detach-sign \ | |
# --output $dist_dir_stable/Release.gpg \ | |
# --yes $dist_dir_stable/Release && \ | |
# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \ | |
# --batch \ | |
# --pinentry-mode loopback \ | |
# --verbose \ | |
# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \ | |
# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \ | |
# --clearsign \ | |
# --output $dist_dir_stable/InRelease \ | |
# --yes $dist_dir_stable/Release" | |
upload-to-rpm-repository: | |
name: Upload to rpm repository | |
needs: [ prepare, build-release ] | |
if: ${{ needs.prepare.outputs.type == 'release' }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: packages-release | |
path: packages | |
- name: Set up SSH | |
id: setup_ssh | |
uses: webfactory/ssh-agent@v0.7.0 | |
with: | |
ssh-private-key: ${{ secrets.REPOSITORY_SSH_KEY }} | |
log-public-key: false | |
- name: Add repository host to known hosts | |
run: | | |
mkdir -p ~/.ssh | |
echo "${{ secrets.KNOWN_HOSTS }}" >> ~/.ssh/known_hosts | |
- name: Upload using rsync over SSH and update repository | |
id: upload_to_repository | |
run: | | |
package_type="rpm" | |
packages=$(find packages -type f -name *.$package_type) | |
for package in $packages; do | |
package_name=$(basename $package) | |
package_arch=${package_name%.$package_type} | |
package_arch=${package_arch##*.} | |
package_dir=${{ secrets.REPOSITORY_PATH }}/$package_type/release/$package_arch | |
# Create directory if not exists | |
ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \ | |
"mkdir -p $package_dir" | |
# Upload package | |
echo "Uploading $package_name to ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir" | |
rsync -avz --no-perms --no-owner --no-group -e "ssh -p ${{ secrets.REPOSITORY_HOST_PORT }}" $package \ | |
${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir/ | |
# Update rpm repository | |
ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \ | |
"cd $package_dir && \ | |
createrepo --update . && \ | |
gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \ | |
--batch \ | |
--pinentry-mode loopback \ | |
--verbose \ | |
--local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \ | |
--passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \ | |
--armor \ | |
--detach-sign \ | |
--yes ./repodata/repomd.xml" | |
done |