-
Notifications
You must be signed in to change notification settings - Fork 57
107 lines (93 loc) · 3.49 KB
/
pr-and-release-build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
on: push
defaults:
run:
shell: bash
jobs:
build:
name: "Sidecar Build"
runs-on: ubuntu-latest
steps:
- name: Checkout sidecar project
uses: actions/checkout@v4
- name: Setup Go environment
uses: actions/setup-go@v5
with:
go-version: '1.21'
- name: "compile"
run: |
go version
go mod vendor
make test
make build-all
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Sign Windows binaries
run: >
docker run --rm
-e "CODESIGN_USER=$CODESIGN_USER"
-e "CODESIGN_PASS=$CODESIGN_PASS"
-e "CODESIGN_TOTP_SECRET=$CODESIGN_TOTP_SECRET"
-e "CODESIGN_CREDENTIAL_ID=$CODESIGN_CREDENTIAL_ID"
-v $(pwd):/home/jenkins
graylog/internal-codesigntool:latest
make sign-binaries
env:
CODESIGN_USER: ${{ secrets.CODESIGN_USER }}
CODESIGN_PASS: ${{ secrets.CODESIGN_PASS }}
CODESIGN_TOTP_SECRET: ${{ secrets.CODESIGN_TOTP_SECRET }}
CODESIGN_CREDENTIAL_ID: ${{ secrets.CODESIGN_CREDENTIAL_ID }}
- name: Build packages
run: mkdir dist/pkg && docker run --rm -v $(pwd):/home torch/jenkins-fpm-cook-root:latest sh -c "cd /home && make package-all"
- name: Sign Windows Installer
run: >
docker run --rm
-e "CODESIGN_USER=$CODESIGN_USER"
-e "CODESIGN_PASS=$CODESIGN_PASS"
-e "CODESIGN_TOTP_SECRET=$CODESIGN_TOTP_SECRET"
-e "CODESIGN_CREDENTIAL_ID=$CODESIGN_CREDENTIAL_ID"
-v $(pwd):/home/jenkins
graylog/internal-codesigntool:latest
make sign-windows-installer
env:
CODESIGN_USER: ${{ secrets.CODESIGN_USER }}
CODESIGN_PASS: ${{ secrets.CODESIGN_PASS }}
CODESIGN_TOTP_SECRET: ${{ secrets.CODESIGN_TOTP_SECRET }}
CODESIGN_CREDENTIAL_ID: ${{ secrets.CODESIGN_CREDENTIAL_ID }}
- name: Chocolatey Pack
uses: ./.github/shared/docker-chocolatey
with:
command: make package-chocolatey
- name: Create checksums
run: cd dist/pkg && sha256sum * | tee CHECKSUMS-SHA256.txt
- name: Archive artifacts
uses: actions/upload-artifact@v3
with:
name: sidecar-artifacts
retention-days: 7
path: |
dist/pkg
- name: Chocolatey Push
# publish release if tags are pushed
if: startsWith(github.ref, 'refs/tags/')
uses: ./.github/shared/docker-chocolatey
with:
command: make push-chocolatey
env:
CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }}
- name: "Upload sidecar artifacts to S3"
# publish release if tags are pushed
if: startsWith(github.ref, 'refs/tags/')
env:
AWS_DEFAULT_REGION: "eu-west-1"
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_SIDECAR_RELEASES_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SIDECAR_RELEASES_SECRET_KEY }}
run: |
aws s3 cp --no-progress --recursive dist/pkg s3://graylog2-releases/graylog-collector-sidecar/${{ github.ref_name }}/
- name: "Releasing to Github"
# publish release if tags are pushed
if: startsWith(github.ref, 'refs/tags/')
run: |
gh release create ${{ github.ref_name }} --draft --notes "Insert changes here." dist/pkg/*