From 374bef71fcff86850a4a098a1ef505f588cf703f Mon Sep 17 00:00:00 2001 From: NipunaMadhushan Date: Tue, 29 Oct 2024 15:46:44 +0530 Subject: [PATCH] Remove sigining artifacts --- .github/workflows/publish_release_bi.yml | 370 +++-------------------- 1 file changed, 41 insertions(+), 329 deletions(-) diff --git a/.github/workflows/publish_release_bi.yml b/.github/workflows/publish_release_bi.yml index 001bbf6314..65f74f85bb 100644 --- a/.github/workflows/publish_release_bi.yml +++ b/.github/workflows/publish_release_bi.yml @@ -192,48 +192,18 @@ jobs: cd installers/linux-deb ./build-ballerina-linux-deb-x64.sh -v ${{ steps.version-set.outputs.longVersion }} -p ./../../ballerina/build/distributions echo "Created linux-deb successfully" - - name: Sign the linux-deb installer - run: | - cosign sign-blob installers/linux-deb/target/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb --output-certificate ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb.pem --output-signature ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb.sig --yes - - name: Verify the linux-deb installer - run: | - cosign verify-blob installers/linux-deb/target/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb --certificate ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb.pem --signature ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - name: Create linux-rpm Installer id: run_installers_rpm run: | cd installers/linux-rpm ./build-ballerina-linux-rpm-x64.sh -v ${{ steps.version-set.outputs.longVersion }} -p ./../../ballerina/build/distributions echo "Created linux-rpm successfully" - - name: Sign the linux-rpm installer - run: | - cosign sign-blob installers/linux-rpm/rpmbuild/RPMS/x86_64/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm --output-certificate ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm.pem --output-signature ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm.sig --yes - - name: Verify the linux-rpm installer - run: | - cosign verify-blob installers/linux-rpm/rpmbuild/RPMS/x86_64/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm --certificate ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm.pem --signature ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - name: Generate Hashes run: | openssl dgst -sha256 -out ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb.sha256 installers/linux-deb/target/ballerina-*-linux-x64.deb openssl dgst -sha256 -out ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm.sha256 installers/linux-rpm/rpmbuild/RPMS/x86_64/ballerina-*-linux-x64.rpm openssl dgst -sha256 -out ballerina-${{ steps.version-set.outputs.longVersion }}.zip.sha256 ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}.zip openssl dgst -sha256 -out ballerina-${{ steps.version-set.outputs.sversion }}.zip.sha256 ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.sversion }}.zip - - name: Sign the zip artifacts - run: | - cosign sign-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}.zip --output-certificate ballerina-${{ steps.version-set.outputs.longVersion }}.pem --output-signature ballerina-${{ steps.version-set.outputs.longVersion }}.sig --yes - cosign sign-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.sversion }}.zip --output-certificate ballerina-${{ steps.version-set.outputs.sversion }}.pem --output-signature ballerina-${{ steps.version-set.outputs.sversion }}.sig --yes - cosign sign-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-linux.zip --output-certificate ballerina-${{ steps.version-set.outputs.longVersion }}-linux.pem --output-signature ballerina-${{ steps.version-set.outputs.longVersion }}-linux.sig --yes - cosign sign-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.zip --output-certificate ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.pem --output-signature ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.sig --yes - cosign sign-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-macos.zip --output-certificate ballerina-${{ steps.version-set.outputs.longVersion }}-macos.pem --output-signature ballerina-${{ steps.version-set.outputs.longVersion }}-macos.sig --yes - cosign sign-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.zip --output-certificate ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.pem --output-signature ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.sig --yes - cosign sign-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-windows.zip --output-certificate ballerina-${{ steps.version-set.outputs.longVersion }}-windows.pem --output-signature ballerina-${{ steps.version-set.outputs.longVersion }}-windows.sig --yes - - name: Verify the zip artifacts - run: | - cosign verify-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}.zip --certificate ballerina-${{ steps.version-set.outputs.longVersion }}.pem --signature ballerina-${{ steps.version-set.outputs.longVersion }}.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - cosign verify-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.sversion }}.zip --certificate ballerina-${{ steps.version-set.outputs.sversion }}.pem --signature ballerina-${{ steps.version-set.outputs.sversion }}.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - cosign verify-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-linux.zip --certificate ballerina-${{ steps.version-set.outputs.longVersion }}-linux.pem --signature ballerina-${{ steps.version-set.outputs.longVersion }}-linux.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - cosign verify-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.zip --certificate ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.pem --signature ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - cosign verify-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-macos.zip --certificate ballerina-${{ steps.version-set.outputs.longVersion }}-macos.pem --signature ballerina-${{ steps.version-set.outputs.longVersion }}-macos.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - cosign verify-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.zip --certificate ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.pem --signature ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - cosign verify-blob ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-windows.zip --certificate ballerina-${{ steps.version-set.outputs.longVersion }}-windows.pem --signature ballerina-${{ steps.version-set.outputs.longVersion }}-windows.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - name: Upload zip artifacts uses: actions/upload-release-asset@v1 env: @@ -243,24 +213,6 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}.zip asset_path: ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}.zip asset_content_type: application/octet-stream - - name: Upload zip artifact's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}.pem - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}.pem - asset_content_type: application/octet-stream - - name: Upload zip artifact's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}.sig - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}.sig - asset_content_type: application/octet-stream - name: Upload zip without tool artifacts uses: actions/upload-release-asset@v1 env: @@ -270,24 +222,6 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.sversion }}.zip asset_path: ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.sversion }}.zip asset_content_type: application/octet-stream - - name: Upload zip without tool artifact's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.sversion }}.pem - asset_path: ./ballerina-${{ steps.version-set.outputs.sversion }}.pem - asset_content_type: application/octet-stream - - name: Upload zip without tool artifact's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.sversion }}.sig - asset_path: ./ballerina-${{ steps.version-set.outputs.sversion }}.sig - asset_content_type: application/octet-stream - name: Upload Linux deb Installer uses: actions/upload-release-asset@v1 env: @@ -297,24 +231,6 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb asset_path: installers/linux-deb/target/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb asset_content_type: application/octet-stream - - name: Upload Linux deb Installer's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb.pem - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb.pem - asset_content_type: application/octet-stream - - name: Upload Linux deb Installer's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb.sig - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.deb.sig - asset_content_type: application/octet-stream - name: Upload Linux rpm Installer uses: actions/upload-release-asset@v1 env: @@ -324,24 +240,6 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm asset_path: installers/linux-rpm/rpmbuild/RPMS/x86_64/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm asset_content_type: application/octet-stream - - name: Upload Linux rpm Installer's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm.pem - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm.pem - asset_content_type: application/octet-stream - - name: Upload Linux rpm Installer's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm.sig - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-linux-x64.rpm.sig - asset_content_type: application/octet-stream - name: Upload Linux zip artifacts uses: actions/upload-release-asset@v1 env: @@ -351,24 +249,6 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux.zip asset_path: ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-linux.zip asset_content_type: application/octet-stream - - name: Upload Linux zip artifact's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux.pem - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-linux.pem - asset_content_type: application/octet-stream - - name: Upload Linux zip artifact's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux.sig - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-linux.sig - asset_content_type: application/octet-stream - name: Upload Linux-ARM zip artifacts uses: actions/upload-release-asset@v1 env: @@ -378,24 +258,6 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.zip asset_path: ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.zip asset_content_type: application/octet-stream - - name: Upload Linux-ARM zip artifact's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.pem - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.pem - asset_content_type: application/octet-stream - - name: Upload Linux-ARM zip artifact's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.sig - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm.sig - asset_content_type: application/octet-stream - name: Upload MacOS zip artifacts uses: actions/upload-release-asset@v1 env: @@ -405,24 +267,6 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-macos.zip asset_path: ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-macos.zip asset_content_type: application/octet-stream - - name: Upload MacOS zip artifact's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-macos.pem - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-macos.pem - asset_content_type: application/octet-stream - - name: Upload MacOS zip artifact's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-macos.sig - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-macos.sig - asset_content_type: application/octet-stream - name: Upload MacOS-ARM zip artifacts uses: actions/upload-release-asset@v1 env: @@ -432,24 +276,6 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.zip asset_path: ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.zip asset_content_type: application/octet-stream - - name: Upload MacOS-ARM zip artifact's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.pem - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.pem - asset_content_type: application/octet-stream - - name: Upload MacOS-ARM zip artifact's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.sig - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-macos-arm.sig - asset_content_type: application/octet-stream - name: Upload Windows zip artifacts uses: actions/upload-release-asset@v1 env: @@ -459,24 +285,6 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-windows.zip asset_path: ballerina/build/distributions/ballerina-${{ steps.version-set.outputs.longVersion }}-windows.zip asset_content_type: application/octet-stream - - name: Upload Windows zip artifact's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-windows.pem - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-windows.pem - asset_content_type: application/octet-stream - - name: Upload Windows zip artifact's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-windows.sig - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-windows.sig - asset_content_type: application/octet-stream - name: Upload Linux deb Hashes uses: actions/upload-release-asset@v1 env: @@ -513,30 +321,24 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.sversion }}.zip.sha256 asset_path: ballerina-${{ steps.version-set.outputs.sversion }}.zip.sha256 asset_content_type: application/octet-stream - - name: Install Ballerina DEB - run: sudo dpkg -i installers/linux-deb/target/ballerina-*-linux-x64.deb - - name: Update Installer Test Configs - run: | - DISPLAY_TEXT=${{ steps.version-set.outputs.langVersion }} - SWAN_LAKE_LATEST_VERSION="swan-lake-"+$DISPLAY_TEXT - perl -pi -e "s/^\s*swan-lake-latest-version-display-text=.*/swan-lake-latest-version-display-text=$DISPLAY_TEXT/" ballerina-test-automation/gradle.properties - perl -pi -e "s/^\s*swan-lake-latest-version=.*/swan-lake-latest-version=$SWAN_LAKE_LATEST_VERSION/" ballerina-test-automation/gradle.properties - - name: Run Installer Tests - working-directory: ./ballerina-test-automation/installer-test - run: ./../gradlew build --stacktrace -scan --console=plain --no-daemon -DballerinaInstalled=true - env: - TEST_MODE_ACTIVE: true +# - name: Install Ballerina DEB +# run: sudo dpkg -i installers/linux-deb/target/ballerina-*-linux-x64.deb +# - name: Update Installer Test Configs +# run: | +# DISPLAY_TEXT=${{ steps.version-set.outputs.langVersion }} +# SWAN_LAKE_LATEST_VERSION="swan-lake-"+$DISPLAY_TEXT +# perl -pi -e "s/^\s*swan-lake-latest-version-display-text=.*/swan-lake-latest-version-display-text=$DISPLAY_TEXT/" ballerina-test-automation/gradle.properties +# perl -pi -e "s/^\s*swan-lake-latest-version=.*/swan-lake-latest-version=$SWAN_LAKE_LATEST_VERSION/" ballerina-test-automation/gradle.properties +# - name: Run Installer Tests +# working-directory: ./ballerina-test-automation/installer-test +# run: ./../gradlew build --stacktrace -scan --console=plain --no-daemon -DballerinaInstalled=true +# env: +# TEST_MODE_ACTIVE: true - name: Create linux-arm-deb Installer run: | cd installers/linux-deb ./build-ballerina-linux-deb-x64.sh -v ${{ steps.version-set.outputs.longVersion }} -p ./../../ballerina/build/distributions -a arm echo "Created linux-arm-deb successfully" - - name: Sign the linux-arm-deb installer - run: | - cosign sign-blob installers/linux-deb/target/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb --output-certificate ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb.pem --output-signature ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb.sig --yes - - name: Verify the linux-arm-deb installer - run: | - cosign verify-blob installers/linux-deb/target/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb --certificate ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb.pem --signature ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - name: Upload Linux-ARM deb Installer uses: actions/upload-release-asset@v1 env: @@ -546,24 +348,6 @@ jobs: asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb asset_path: installers/linux-deb/target/ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb asset_content_type: application/octet-stream - - name: Upload Linux-ARM deb Installer's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb.pem - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb.pem - asset_content_type: application/octet-stream - - name: Upload Linux-ARM deb Installer's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_name: ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb.sig - asset_path: ./ballerina-${{ steps.version-set.outputs.longVersion }}-linux-arm-x64.deb.sig - asset_content_type: application/octet-stream outputs: project-version: ${{ steps.version-set.outputs.longVersion }} @@ -595,12 +379,6 @@ jobs: cd installers/mac ./build-ballerina-macos-x64.sh -v ${{ needs.publish-release.outputs.project-version }} -p ./../../ echo "Created macos-pkg successfully" - - name: Sign the MacOS installer - run: | - cosign sign-blob installers/mac/target/pkg/ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg --output-certificate ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg.pem --output-signature ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg.sig --yes - - name: Verify the MacOS installer - run: | - cosign verify-blob installers/mac/target/pkg/ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg --certificate ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg.pem --signature ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - name: Generate Hashes run: | openssl dgst -sha256 -out ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg.sha256 installers/mac/target/pkg/ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg @@ -622,37 +400,19 @@ jobs: asset_name: ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg asset_path: installers/mac/target/pkg/ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg asset_content_type: application/octet-stream - - name: Upload MacOS installer's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ needs.publish-release.outputs.upload-asset-url }} - asset_name: ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg.pem - asset_path: ./ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg.pem - asset_content_type: application/octet-stream - - name: Upload MacOS installer's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ needs.publish-release.outputs.upload-asset-url }} - asset_name: ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg.sig - asset_path: ./ballerina-${{ needs.publish-release.outputs.project-version }}-macos-x64.pkg.sig - asset_content_type: application/octet-stream - - name: Install Ballerina PKG - run: sudo installer -pkg installers/mac/target/pkg/ballerina-*-macos-x64.pkg -target / - - name: Update Installer Test Configs - run: | - DISPLAY_TEXT=${{ needs.publish-release.outputs.lang-version }} - SWAN_LAKE_LATEST_VERSION="swan-lake-"+$DISPLAY_TEXT - perl -pi -e "s/^\s*swan-lake-latest-version-display-text=.*/swan-lake-latest-version-display-text=$DISPLAY_TEXT/" ballerina-test-automation/gradle.properties - perl -pi -e "s/^\s*swan-lake-latest-version=.*/swan-lake-latest-version=$SWAN_LAKE_LATEST_VERSION/" ballerina-test-automation/gradle.properties - - name: Run Installer Tests - working-directory: ./ballerina-test-automation/installer-test - run: ./../gradlew build --stacktrace -scan --console=plain --no-daemon -DballerinaInstalled=true - env: - TEST_MODE_ACTIVE: true +# - name: Install Ballerina PKG +# run: sudo installer -pkg installers/mac/target/pkg/ballerina-*-macos-x64.pkg -target / +# - name: Update Installer Test Configs +# run: | +# DISPLAY_TEXT=${{ needs.publish-release.outputs.lang-version }} +# SWAN_LAKE_LATEST_VERSION="swan-lake-"+$DISPLAY_TEXT +# perl -pi -e "s/^\s*swan-lake-latest-version-display-text=.*/swan-lake-latest-version-display-text=$DISPLAY_TEXT/" ballerina-test-automation/gradle.properties +# perl -pi -e "s/^\s*swan-lake-latest-version=.*/swan-lake-latest-version=$SWAN_LAKE_LATEST_VERSION/" ballerina-test-automation/gradle.properties +# - name: Run Installer Tests +# working-directory: ./ballerina-test-automation/installer-test +# run: ./../gradlew build --stacktrace -scan --console=plain --no-daemon -DballerinaInstalled=true +# env: +# TEST_MODE_ACTIVE: true - name: Download MacOS-ARM Installer Zip run: | wget https://github.com/ballerina-platform/ballerina-distribution/releases/download/v${{ needs.publish-release.outputs.release-version }}/ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm.zip @@ -662,12 +422,6 @@ jobs: cd installers/mac ./build-ballerina-macos-x64.sh -v ${{ needs.publish-release.outputs.project-version }} -p ./../../ -a arm echo "Created macos-arm-pkg successfully" - - name: Sign the MacOS-ARM installer - run: | - cosign sign-blob installers/mac/target/pkg/ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg --output-certificate ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg.pem --output-signature ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg.sig --yes - - name: Verify the MacOS-ARM installer - run: | - cosign verify-blob installers/mac/target/pkg/ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg --certificate ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg.pem --signature ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - name: Generate Hashes run: | openssl dgst -sha256 -out ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg.sha256 installers/mac/target/pkg/ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg @@ -689,24 +443,6 @@ jobs: asset_name: ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg asset_path: installers/mac/target/pkg/ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg asset_content_type: application/octet-stream - - name: Upload MacOS-ARM installer's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ needs.publish-release.outputs.upload-asset-url }} - asset_name: ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg.pem - asset_path: ./ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg.pem - asset_content_type: application/octet-stream - - name: Upload MacOS-ARM installer's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ needs.publish-release.outputs.upload-asset-url }} - asset_name: ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg.sig - asset_path: ./ballerina-${{ needs.publish-release.outputs.project-version }}-macos-arm-x64.pkg.sig - asset_content_type: application/octet-stream windows-installer-build: name: Windows Installer Build @@ -742,12 +478,6 @@ jobs: ren windows w cd w .\build-ballerina-windows-x64.bat --version ${{ needs.publish-release.outputs.project-version }} --path .\..\ - - name: Sign the Windows installer - run: | - cosign sign-blob w\target\msi\ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi --output-certificate ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi.pem --output-signature ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi.sig --yes - - name: Verify the Windows installer - run: | - cosign verify-blob w\target\msi\ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi --certificate ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi.pem --signature ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi.sig --certificate-identity=https://github.com/ballerina-platform/ballerina-distribution/.github/workflows/publish-release.yml@${{ github.ref }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com - name: Generate Hashes run: | openssl dgst -sha256 -out ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi.sha256 w\target\msi\ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi @@ -769,36 +499,18 @@ jobs: asset_name: ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi asset_path: w\target\msi\ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi asset_content_type: application/octet-stream - - name: Upload Windows installer's Certificate - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ needs.publish-release.outputs.upload-asset-url }} - asset_name: ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi.pem - asset_path: ./ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi.pem - asset_content_type: application/octet-stream - - name: Upload Windows installer's Signature - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.BALLERINA_BOT_TOKEN }} - with: - upload_url: ${{ needs.publish-release.outputs.upload-asset-url }} - asset_name: ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi.sig - asset_path: ./ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi.sig - asset_content_type: application/octet-stream - - name: Install Ballerina msi - run: msiexec /i w\target\msi\ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi /quiet /qr - shell: cmd - - name: Update Installer Test Configs - run: | - set DISPLAY_TEXT=${{ needs.publish-release.outputs.lang-version }} - set SWAN_LAKE_LATEST_VERSION=swan-lake-%DISPLAY_TEXT% - perl -pi -e "s/^\s*swan-lake-latest-version-display-text=.*/swan-lake-latest-version-display-text=%DISPLAY_TEXT%/" ballerina-test-automation/gradle.properties - perl -pi -e "s/^\s*swan-lake-latest-version=.*/swan-lake-latest-version=%SWAN_LAKE_LATEST_VERSION%/" ballerina-test-automation/gradle.properties - shell: cmd - - name: Run Installer Tests - working-directory: .\ballerina-test-automation\installer-test - run: | - $env:Path += ";C:\Program Files\Ballerina\bin" - .\..\gradlew build --stacktrace -scan --console=plain --no-daemon -DballerinaInstalled=true +# - name: Install Ballerina msi +# run: msiexec /i w\target\msi\ballerina-${{ needs.publish-release.outputs.project-version }}-windows-x64.msi /quiet /qr +# shell: cmd +# - name: Update Installer Test Configs +# run: | +# set DISPLAY_TEXT=${{ needs.publish-release.outputs.lang-version }} +# set SWAN_LAKE_LATEST_VERSION=swan-lake-%DISPLAY_TEXT% +# perl -pi -e "s/^\s*swan-lake-latest-version-display-text=.*/swan-lake-latest-version-display-text=%DISPLAY_TEXT%/" ballerina-test-automation/gradle.properties +# perl -pi -e "s/^\s*swan-lake-latest-version=.*/swan-lake-latest-version=%SWAN_LAKE_LATEST_VERSION%/" ballerina-test-automation/gradle.properties +# shell: cmd +# - name: Run Installer Tests +# working-directory: .\ballerina-test-automation\installer-test +# run: | +# $env:Path += ";C:\Program Files\Ballerina\bin" +# .\..\gradlew build --stacktrace -scan --console=plain --no-daemon -DballerinaInstalled=true