Pull in certs bundle from remote #842
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Build And Deploy | |
on: | |
push: | |
branches: | |
- "**" | |
jobs: | |
dagger_build: | |
name: Dagger Build and Test | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set keys | |
run: | | |
echo "${{secrets.QUILL_SIGN_P12}}" | base64 -d > ./cert.p12 | |
echo "${{secrets.QUILL_NOTORY_KEY}}" > ./key.p8 | |
echo "QUILL_SIGN_PASSWORD=${{secrets.QUILL_SIGN_PASSWORD}}" >> $GITHUB_ENV | |
echo "GITHUB_TOKEN=${{secrets.GH_TOKEN}}" >> $GITHUB_ENV | |
- name: All | |
uses: dagger/dagger-for-github@v5 | |
with: | |
verb: call | |
module: ./dagger | |
args: all --output=./output --src=. --github-token=GITHUB_TOKEN --notorize-cert=./cert.p12 --notorize-cert-password=QUILL_SIGN_PASSWORD --notorize-key=./key.p8 --notorize-id=${{secrets.QUILL_NOTARY_KEY_ID}} --notorize-issuer=${{secrets.QUILL_NOTARY_ISSUER}} | |
version: "0.11.0" | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v2 | |
with: | |
name: archives | |
path: | | |
./output | |
- name: Send status to Discord | |
uses: sarisia/actions-status-discord@v1 | |
if: always() | |
with: | |
webhook: ${{ secrets.DISCORD_WEBHOOK }} | |
tile: ${{ github.job_id }} | |
description: "Build application" | |
functional_test_docker: | |
name: Test Docker | |
runs-on: ubuntu-latest | |
needs: dagger_build | |
strategy: | |
max-parallel: 5 | |
fail-fast: false | |
matrix: | |
folder: [ | |
'/container', | |
'/build', | |
'/docs', | |
'/nomad', | |
'/single_k3s_cluster', | |
'/multiple_k3s_clusters', | |
'/exec', | |
'/certificates', | |
'/terraform', | |
'/registries', | |
] | |
steps: | |
- name: Download-Binaries | |
uses: actions/download-artifact@v2 | |
with: | |
name: archives | |
path: ./build_artifacts | |
- name: Install binary executable | |
run: | | |
cp $(find ./build_artifacts -name "jumppad_*_linux_x86_64.tar.gz" -type f) ./build_artifacts/jumppad.tar.gz | |
sudo tar -xzf ./build_artifacts/jumppad.tar.gz | |
sudo mv ./jumppad /usr/local/bin/jumppad | |
sudo chmod +x /usr/local/bin/jumppad | |
- uses: actions/checkout@v2 | |
- name: All | |
uses: dagger/dagger-for-github@v5 | |
with: | |
verb: call | |
module: ./dagger | |
args: functional-test --src=./examples --working-directory=${{matrix.folder}} --jumppad=/usr/local/bin/jumppad --runtime=docker | |
version: "0.11.0" | |
- name: Send status to Discord | |
uses: sarisia/actions-status-discord@v1 | |
if: always() | |
with: | |
webhook: ${{ secrets.DISCORD_WEBHOOK }} | |
tile: ${{ github.job_id }} | |
description: "Functional tests for docker: ${{matrix.folder}}" | |
functional_test_podman: | |
name: Test Podman | |
runs-on: ubuntu-latest | |
needs: dagger_build | |
strategy: | |
max-parallel: 5 | |
fail-fast: false | |
matrix: | |
folder: [ | |
'/container', | |
'/build', | |
'/docs', | |
'/nomad', | |
'/single_k3s_cluster', | |
'/multiple_k3s_clusters', | |
'/exec', | |
'/certificates', | |
'/terraform', | |
] | |
steps: | |
- name: Download-Binaries | |
uses: actions/download-artifact@v2 | |
with: | |
name: archives | |
path: ./build_artifacts | |
- name: Install binary executable | |
run: | | |
cp $(find ./build_artifacts -name "jumppad_*_linux_x86_64.tar.gz" -type f) ./build_artifacts/jumppad.tar.gz | |
sudo tar -xzf ./build_artifacts/jumppad.tar.gz | |
sudo mv ./jumppad /usr/local/bin/jumppad | |
sudo chmod +x /usr/local/bin/jumppad | |
- uses: actions/checkout@v2 | |
- name: All | |
uses: dagger/dagger-for-github@v5 | |
with: | |
verb: call | |
module: ./dagger | |
args: functional-test --src=./examples --working-directory=${{matrix.folder}} --jumppad=/usr/local/bin/jumppad --runtime=podman | |
version: "0.11.0" | |
- name: Send status to Discord | |
uses: sarisia/actions-status-discord@v1 | |
if: always() | |
with: | |
webhook: ${{ secrets.DISCORD_WEBHOOK }} | |
tile: ${{ github.job_id }} | |
description: "Functional tests for ${{matrix.folder}}" | |
release: | |
name: Create GitHub Release | |
if: ${{ github.ref == 'refs/heads/main' }} | |
needs: | |
- functional_test_docker | |
- functional_test_podman | |
environment: | |
name: release | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set keys | |
run: | | |
echo "GITHUB_TOKEN=${{secrets.GH_TOKEN}}" >> $GITHUB_ENV | |
echo "GEMFURY_TOKEN=${{secrets.FURY_TOKEN}}" >> $GITHUB_ENV | |
- uses: actions/checkout@v2 | |
- name: Download-Binaries | |
uses: actions/download-artifact@v2 | |
with: | |
name: archives | |
path: ./build_artifacts | |
- name: Release | |
uses: dagger/dagger-for-github@v5 | |
with: | |
verb: call | |
module: ./dagger | |
args: release --src=. --github-token=GITHUB_TOKEN --gemfury-token=GEMFURY_TOKEN --archives=./build_artifacts --output=./version.txt | |
version: "0.11.0" | |
- name: Set output | |
id: setoutput | |
run: | | |
echo "version=$(cat ./version.txt)" >> $GITHUB_OUTPUT | |
outputs: | |
version: ${{ steps.setoutput.outputs.version }} | |
sync_winget: | |
name: Sync winget-pkgs repo | |
if: ${{ github.ref == 'refs/heads/main' }} | |
needs: | |
- functional_test_docker | |
- functional_test_podman | |
runs-on: ubuntu-latest | |
steps: | |
- run: gh repo sync nicholasjackson/winget-pkgs -b master | |
env: | |
GH_TOKEN: ${{ secrets.GH_TOKEN }} | |
winget: | |
name: Publish to WinGet | |
needs: | |
- release | |
- sync_winget | |
runs-on: windows-latest | |
steps: | |
- uses: jumppad-labs/[email protected] | |
with: | |
publish-type: "Update" | |
user: "jumppad" | |
package: "jumppad" | |
version: ${{ needs.release.outputs.version }} | |
url: "https://github.com/jumppad-labs/jumppad/releases/download/${{ needs.release.outputs.version }}/jumppad_${{ needs.release.outputs.version }}_windows_x86_64.zip|x64" | |
token: '${{ secrets.GH_TOKEN }}' | |
- name: Send status to Discord | |
uses: sarisia/actions-status-discord@v1 | |
if: always() | |
with: | |
tile: ${{ github.job_id }} | |
webhook: ${{ secrets.DISCORD_WEBHOOK }} | |
description: "Push new version ${{ needs.github_release.outputs.version }} to Winget" |