Merge pull request #266 from id/20240920-fix-apple-sign-and-notarize #28
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: | |
push: | |
tags: | |
- "*" | |
- "!v*" | |
workflow_dispatch: | |
inputs: | |
branch_or_tag: | |
required: false | |
publish_release_artifacts: | |
type: boolean | |
required: true | |
default: false | |
jobs: | |
docker: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
otp: | |
- 26.2.5-1 | |
elixir: | |
- 1.15.7 | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
ref: ${{ github.event.inputs.branch_or_tag }} | |
fetch-depth: 0 | |
- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 | |
- uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 | |
- uses: docker/metadata-action@dbef88086f6cef02e264edb7dbf63250c17cef6c # v5.5.0 | |
id: meta | |
with: | |
images: ${{ github.repository }} | |
tags: | | |
type=ref,event=branch | |
type=ref,event=tag | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
- uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 | |
if: github.event_name == 'push' || inputs.publish_release_artifacts | |
with: | |
username: ${{ secrets.DOCKER_HUB_USER }} | |
password: ${{ secrets.DOCKER_HUB_TOKEN }} | |
- uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 | |
with: | |
context: . | |
platforms: linux/amd64,linux/arm64 | |
push: ${{ github.event_name == 'push' || inputs.publish_release_artifacts == true }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
build-args: | | |
FROM=ghcr.io/emqx/emqx-builder/5.3-7:${{ matrix.elixir }}-${{ matrix.otp }}-debian12 | |
linux: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
otp: | |
- 26.2.5-1 | |
elixir: | |
- 1.15.7 | |
quic_support: | |
- true | |
- false | |
os: | |
- ubuntu22.04 | |
- ubuntu20.04 | |
- debian12 | |
- debian11 | |
- el9 | |
- el8 | |
- amzn2 | |
- amzn2023 | |
env: | |
IMAGE: ghcr.io/emqx/emqx-builder/5.3-7:1.15.7-${{ matrix.otp }}-${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
fetch-depth: 0 | |
ref: ${{ github.event.inputs.branch_or_tag }} | |
- name: build | |
run: >- | |
if [ "false" == ${{ matrix.quic_support }} ]; then | |
docker run --rm -v ${PWD}:/wd -w /wd -e BUILD_WITHOUT_QUIC=1 ${IMAGE} bash -euc "git config --global --add safe.directory '*' && make" | |
else | |
docker run --rm -v ${PWD}:/wd -w /wd ${IMAGE} bash -euc "git config --global --add safe.directory '*' && make" | |
fi | |
- if: failure() | |
run: cat rebar3.crashdump | |
- name: Verify that we have working release | |
run: | | |
mkdir test-package | |
cp *.tar.gz test-package/ | |
pushd test-package | |
tar xfz ./emqtt-bench*.tar.gz | |
docker network create emqtt-bench | |
docker run -d --name emqx --network emqtt-bench -p 18083:18083 emqx/emqx:latest | |
attempts=10 | |
url="http://localhost:18083/status" | |
while ! curl "$url" >/dev/null 2>&1; do | |
if [ $attempts -eq 0 ]; then | |
echo "emqx is not responding on $url" | |
exit 1 | |
fi | |
sleep 5 | |
attempts=$((attempts-1)) | |
done | |
docker run -t --rm -v $(pwd):/emqtt-bench -w /emqtt-bench --network emqtt-bench $IMAGE bash -c 'bin/emqtt_bench pub -c 1 -t bench/%i -s 256 -h emqx --limit 5' | |
popd | |
- uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 | |
with: | |
name: "emqtt-bench-${{ matrix.os }}-${{ matrix.otp }}-${{ matrix.elixir }}-${{ matrix.quic_support }}" | |
path: ./*.tar.gz | |
mac: | |
strategy: | |
fail-fast: false | |
matrix: | |
macos: | |
- macos-13 | |
- macos-14 | |
otp: | |
- 26.2.5-1 | |
runs-on: ${{ matrix.macos }} | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
fetch-depth: 0 | |
ref: ${{ github.event.inputs.branch_or_tag }} | |
- name: prepare | |
run: | | |
brew install curl zip unzip gnu-sed kerl unixodbc freetds | |
echo "/usr/local/bin" >> $GITHUB_PATH | |
git config --global credential.helper store | |
- uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 | |
id: cache | |
with: | |
path: ~/.kerl | |
key: otp-${{ matrix.otp }}-${{ matrix.macos }} | |
- name: build erlang | |
if: steps.cache.outputs.cache-hit != 'true' | |
timeout-minutes: 60 | |
env: | |
OTP: ${{ matrix.otp }} | |
KERL_CONFIGURE_OPTIONS: '--disable-hipe --disable-jit' | |
run: | | |
set -eux | |
kerl delete build $OTP || true | |
kerl delete installation $OTP || true | |
rm -rf $HOME/.kerl/$OTP | |
kerl build git https://github.com/emqx/otp.git OTP-$OTP $OTP | |
kerl install $OTP $HOME/.kerl/$OTP | |
- name: build | |
env: | |
OTP: ${{ matrix.otp }} | |
APPLE_ID: ${{ secrets.APPLE_ID }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} | |
APPLE_DEVELOPER_IDENTITY: ${{ secrets.APPLE_DEVELOPER_IDENTITY }} | |
APPLE_DEVELOPER_ID_BUNDLE: ${{ secrets.APPLE_DEVELOPER_ID_BUNDLE }} | |
APPLE_DEVELOPER_ID_BUNDLE_PASSWORD: ${{ secrets.APPLE_DEVELOPER_ID_BUNDLE_PASSWORD }} | |
run: | | |
. $HOME/.kerl/$OTP/activate | |
make | |
- if: failure() | |
run: cat rebar3.crashdump | |
- name: test release | |
run: | | |
set -e | |
mkdir test-release | |
cp ./emqtt-bench*.zip test-release | |
cd test-release | |
unzip -q ./emqtt-bench*.zip | |
bin/emqtt_bench | |
- uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 | |
with: | |
name: "emqtt-bench-${{ matrix.otp }}-${{ matrix.macos }}" | |
path: ./*.zip | |
release: | |
runs-on: ubuntu-latest | |
needs: | |
- linux | |
- mac | |
if: github.event_name == 'push' || inputs.publish_release_artifacts | |
steps: | |
- uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 | |
with: | |
pattern: "emqtt-bench-*" | |
path: packages | |
merge-multiple: true | |
- name: Create Release | |
uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5 | |
with: | |
name: Emqtt Bench ${{ github.ref_name }} Released | |
body: Emqtt Bench ${{ github.ref_name }} Released | |
files: packages/* | |
draft: false | |
prerelease: false | |
- uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
- name: upload to aws s3 | |
run: | | |
set -euo pipefail | |
aws s3 cp --recursive packages s3://${{ secrets.AWS_S3_BUCKET }}/emqtt-bench/${{ github.ref_name }} | |
aws cloudfront create-invalidation --distribution-id ${{ secrets.AWS_CLOUDFRONT_ID }} --paths "/emqtt-bench/${{ github.ref_name }}/*" | |
- name: update to emqx.io | |
run: | | |
set -eux | |
curl -w %{http_code} \ | |
--insecure \ | |
-H "Content-Type: application/json" \ | |
-H "token: ${{ secrets.EMQX_IO_TOKEN }}" \ | |
-X POST \ | |
-d "{\"repo\":\"emqx/emqtt-bench\", \"tag\": \"${{ github.ref_name }}\" }" \ | |
${{ secrets.EMQX_IO_RELEASE_API }} |