From 937cbd4c8414283516c3f9b952d795576dd3ebc6 Mon Sep 17 00:00:00 2001 From: 4ndyZ Date: Mon, 1 Jul 2024 23:40:00 +0200 Subject: [PATCH] feat: Update GitHub workflow release.yml to use latest actions Updated GitHub workflow "Test an and release" from release.yml to use latest GitHub actions. Changes: * Bumps actions/checkout to v4 * Bumps actions/setup-go to v5 * Bumps goreleaser/goreleaser-action to v6 * Bumps actions/upload-artifact to v4 * Bumps crazy-max/ghaction-import-gpg to v6 * Bumps actions/download-artifact to v4 * Bumps softprops/action-gh-release to v2 * Bumps webfactory/ssh-agent to v0.9.0 --- .github/workflows/release.yml | 219 ++++++++++------------------------ 1 file changed, 66 insertions(+), 153 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bb0f787..a0437e6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,3 +1,4 @@ +--- name: "Test and release" on: @@ -9,28 +10,48 @@ jobs: name: Prepare runs-on: ubuntu-latest outputs: - type: ${{ steps.get_type.outputs.type }} + version: ${{ steps.get_version.outputs.version }} + is_release: ${{ steps.check.outputs.is_release }} + is_snapshot: ${{ steps.check.outputs.is_snapshot }} + is_prerelease: ${{ steps.prerelease.outputs.is_prerelease }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Check if release, prerelease or snapshot - id: get_type + - name: Get version + id: get_version run: | - if [[ "${{ github.ref_type }}" == "tag" ]]; then - # Branch with a tag -> release or prerelease - if [[ ${{ github.ref_name }} == *"rc"* ]] || \ - [[ ${{ github.ref_name }} == *"beta"* ]] || \ - [[ ${{ github.ref_name }} == *"alpha"* ]]; then - echo "type=prerelease" >> $GITHUB_OUTPUT - else - echo "type=release" >> $GITHUB_OUTPUT - fi + version=$(echo "${{ github.ref }}" | sed -e 's/^refs\/tags\///' | sed -e 's/^refs\/heads\///') + echo "version=$version" >> $GITHUB_OUTPUT + + - name: Check if release/snapshot + id: check + run: | + if [[ $GITHUB_REF == refs/tags/v* && $GITHUB_BRANCH == refs/heads/main ]]; then + echo "is_release=true" >> $GITHUB_OUTPUT + echo "is_snapshot=false" >> $GITHUB_OUTPUT else - # everything else -> snapshot - echo "type=snapshot" >> $GITHUB_OUTPUT + echo "is_release=false" >> $GITHUB_OUTPUT + echo "is_snapshot=true" >> $GITHUB_OUTPUT + fi + + - name: Check if prerelease + id: prerelease + run: | + # Check for non semver tags + if [[ ${{ steps.get_version.outputs.version }} != "v"* ]]; then + echo "is_prerelease=true" >> $GITHUB_OUTPUT + exit 0 + fi + + if [[ ${{ steps.get_version.outputs.version }} == *"rc"* ]] || \ + [[ ${{ steps.get_version.outputs.version }} == *"beta"* ]] || \ + [[ ${{ steps.get_version.outputs.version }} == *"alpha"* ]]; then + echo "is_prerelease=true" >> $GITHUB_OUTPUT + else + echo "is_prerelease=false" >> $GITHUB_OUTPUT fi test: @@ -38,13 +59,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Setup Go id: setup_go - uses: actions/setup-go@v3 + uses: actions/setup-go@v5 with: go-version-file: 'go.mod' cache: true @@ -58,18 +79,18 @@ jobs: build-snapshot: name: Build snapshot - needs: [ prepare, test ] - if: ${{ needs.prepare.outputs.type == 'snapshot' }} + needs: [ test, prepare ] + if: ${{ needs.prepare.outputs.is_snapshot == 'true' }} runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Setup Go id: setup_go - uses: actions/setup-go@v3 + uses: actions/setup-go@v5 with: go-version-file: 'go.mod' cache: true @@ -77,7 +98,7 @@ jobs: - name: Run GoReleaser snapshot id: goreleaser-snapshot - uses: goreleaser/goreleaser-action@v4 + uses: goreleaser/goreleaser-action@v6 with: version: latest args: --clean --snapshot @@ -85,7 +106,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: packages-snapshot path: | @@ -98,20 +119,20 @@ jobs: build-release: name: Build release - needs: [ prepare, test ] - if: ${{ needs.prepare.outputs.type == 'release' || needs.prepare.outputs.type == 'prerelease' }} + needs: [ test, prepare ] + if: ${{ needs.prepare.outputs.is_release == 'true' }} runs-on: ubuntu-latest outputs: gpg_fingerprint: ${{ steps.import_gpg.outputs.fingerprint }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Setup Go id: setup_go - uses: actions/setup-go@v3 + uses: actions/setup-go@v5 with: go-version-file: 'go.mod' cache: true @@ -119,7 +140,7 @@ jobs: - name: Import GPG key id: import_gpg - uses: crazy-max/ghaction-import-gpg@v5 + uses: crazy-max/ghaction-import-gpg@v6 with: gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} passphrase: ${{ secrets.GPG_PASSPHRASE }} @@ -130,7 +151,7 @@ jobs: - name: Run GoReleaser release id: goreleaser-release - uses: goreleaser/goreleaser-action@v4 + uses: goreleaser/goreleaser-action@v6 with: version: latest args: release --clean @@ -169,7 +190,7 @@ jobs: - name: Upload artifacts id: upload_artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: packages-release path: | @@ -182,12 +203,12 @@ jobs: create-github-release: name: Create GitHub release - needs: [ prepare, build-release ] - if: ${{ needs.prepare.outputs.type == 'release' || needs.prepare.outputs.type == 'prerelease' }} + needs: [ build-release ] + if: ${{ needs.build-release.outputs.is_release == 'true' }} runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -201,19 +222,19 @@ jobs: - name: Download artifacts id: download_artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: packages-release path: packages - name: Create GitHub release id: create_release - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@v2 with: - tag_name: ${{ github.ref_name }} - name: Release v${{ github.ref_name }} + tag_name: ${{ needs.build-release.outputs.version }} + name: Release ${{ needs.build-release.outputs.version }} body_path: CHANGELOG.md - prerelease: ${{ needs.prepare.outputs.type == 'prerelease' }} + prerelease: ${{ needs.build-release.outputs.is_prerelease }} files: | packages/*.deb packages/*.rpm @@ -221,129 +242,21 @@ jobs: packages/*.zip packages/Checksums.txt - # upload-to-deb-repository: -# name: Upload to deb repository -# needs: [ build-release ] - # #if: ${{ needs.prepare.outputs.type == 'release' }} -# runs-on: ubuntu-latest -# steps: -# - name: Download artifacts -# uses: actions/download-artifact@v3 -# with: -# name: packages-release -# path: packages -# -# - name: Set up SSH -# id: setup_ssh -# uses: webfactory/ssh-agent@v0.7.0 -# with: -# ssh-private-key: ${{ secrets.REPOSITORY_SSH_KEY }} -# log-public-key: false -# -# - name: Add repository host to known hosts -# run: | -# mkdir -p ~/.ssh -# echo "${{ secrets.KNOWN_HOSTS }}" >> ~/.ssh/known_hosts -# -# - name: Upload using rsync over SSH -# id: upload_to_repository -# run: | -# package_type="deb" -# package_dir="${{ secrets.REPOSITORY_PATH }}/$package_type/pool/main" -# -# packages=$(find packages -type f -name *.$package_type) -# -# for package in $packages; do -# package_name=$(basename $package) -# package_arch=${package_name%.$package_type} -# package_arch=${package_arch##*_} -# -# # Create directory if not exists -# ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \ -# "mkdir -p $package_dir" -# -# # Upload package -# echo "Uploading $package_name to ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir" -# rsync -avz --no-perms --no-owner --no-group -e "ssh -p ${{ secrets.REPOSITORY_HOST_PORT }}" $package \ -# ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir/ -# done -# -# - name: Update DEB repository -# id: update_deb_repository -# run: | -# package_type="deb" -# base_dir="${{ secrets.REPOSITORY_PATH }}/$package_type" -# package_dir=$base_dir/pool/main -# dist_dir_base=$base_dir/dists -# dist_dir_stable=$dist_dir_base/stable -# dist_dir=$dist_dir_stable/main -# -# ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \ -# "cd $base_dir && \ -# mkdir -p $package_dir && \ -# mkdir -p $dist_dir_base && \ -# mkdir -p $dist_dir_stable && \ -# mkdir -p $dist_dir && \ -# apt-ftparchive packages ${package_dir#"${base_dir}/"}/ > $dist_dir/Packages && \ -# gzip -c $dist_dir/Packages > $dist_dir/Packages.gz && \ -# bzip2 -c $dist_dir/Packages > $dist_dir/Packages.bz2 && \ -# apt-ftparchive release $dist_dir > $dist_dir/Release && \ -# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \ -# --batch \ -# --pinentry-mode loopback \ -# --verbose \ -# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \ -# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \ -# --armor \ -# --detach-sign \ -# --output $dist_dir/Release.gpg \ -# --yes $dist_dir/Release && \ -# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \ -# --batch \ -# --pinentry-mode loopback \ -# --verbose \ -# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \ -# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \ -# --clearsign \ -# --output $dist_dir/InRelease \ -# --yes $dist_dir/Release \ -# apt-ftparchive release $dist_dir_stable > $dist_dir_stable/Release && \ -# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \ -# --batch \ -# --pinentry-mode loopback \ -# --verbose \ -# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \ -# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \ -# --armor \ -# --detach-sign \ -# --output $dist_dir_stable/Release.gpg \ -# --yes $dist_dir_stable/Release && \ -# gpg2 --homedir=/home/${{ secrets.REPOSITORY_USER }}/.gnupg \ -# --batch \ -# --pinentry-mode loopback \ -# --verbose \ -# --local-user "${{ needs.build-release.outputs.gpg_fingerprint }}" \ -# --passphrase-file "/home/${{ secrets.REPOSITORY_USER }}/.gnupg/passphrase" \ -# --clearsign \ -# --output $dist_dir_stable/InRelease \ -# --yes $dist_dir_stable/Release" - - upload-to-rpm-repository: name: Upload to rpm repository - needs: [ prepare, build-release ] - if: ${{ needs.prepare.outputs.type == 'release' }} + needs: [ build-release ] + if: ${{ needs.build-release.outputs.is_release == 'true' }} runs-on: ubuntu-latest steps: - name: Download artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: packages-release path: packages - name: Set up SSH id: setup_ssh - uses: webfactory/ssh-agent@v0.7.0 + uses: webfactory/ssh-agent@v0.9.0 with: ssh-private-key: ${{ secrets.REPOSITORY_SSH_KEY }} log-public-key: false @@ -365,16 +278,16 @@ jobs: package_arch=${package_arch##*.} package_dir=${{ secrets.REPOSITORY_PATH }}/$package_type/release/$package_arch - + # Create directory if not exists ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \ "mkdir -p $package_dir" - + # Upload package echo "Uploading $package_name to ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir" rsync -avz --no-perms --no-owner --no-group -e "ssh -p ${{ secrets.REPOSITORY_HOST_PORT }}" $package \ ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }}:$package_dir/ - + # Update rpm repository ssh -p ${{ secrets.REPOSITORY_HOST_PORT }} ${{ secrets.REPOSITORY_USER }}@${{ secrets.REPOSITORY_HOST }} \ "cd $package_dir && \