From 2d4b6ff9b756b74cd0187281c646509cc0e3f81d Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Thu, 17 Oct 2024 23:23:54 +0000 Subject: [PATCH 01/27] build: add linux release automation and release automation validation Signed-off-by: Justin Alvarez --- .github/workflows/build-and-test-msi.yaml | 33 +-- .github/workflows/build-and-test-pkg.yaml | 23 +- .github/workflows/ci-docs.yaml | 14 + .github/workflows/ci-release.yaml | 268 ++++++++++++++++++ .../get-version-and-tag-for-ref.yaml | 55 ++++ .github/workflows/release-linux.yaml | 118 ++++++++ Makefile | 10 +- 7 files changed, 480 insertions(+), 41 deletions(-) create mode 100644 .github/workflows/ci-release.yaml create mode 100644 .github/workflows/get-version-and-tag-for-ref.yaml create mode 100644 .github/workflows/release-linux.yaml diff --git a/.github/workflows/build-and-test-msi.yaml b/.github/workflows/build-and-test-msi.yaml index 53fd2a97d..f9d828552 100644 --- a/.github/workflows/build-and-test-msi.yaml +++ b/.github/workflows/build-and-test-msi.yaml @@ -5,13 +5,19 @@ on: workflow_dispatch: inputs: ref_name: + description: "the ref (tag/branch) to use to extract tag/version" required: true type: string workflow_call: inputs: ref_name: + description: "the ref (tag/branch) to use to extract tag/version" required: true type: string + version: + description: "override for version, will be used instead of ref if set, used for testing" + required: false + type: string schedule: - cron: '0 9 * * *' env: @@ -26,29 +32,10 @@ permissions: jobs: get-tag-name: name: Get tag name - runs-on: ubuntu-latest - outputs: - tag: ${{ steps.check-tag.outputs.tag }} - version: ${{ steps.check-tag.outputs.version }} - steps: - - name: Check tag from workflow input and github ref - id: check-tag - run: | - if [ -n "${{ inputs.ref_name }}" ]; then - tag=${{ inputs.ref_name }} - else - tag=${{ github.ref_name }} - fi - echo "tag=$tag" >> ${GITHUB_OUTPUT} - - version=${tag#v} - if [[ $version =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then - echo "Version matches format: $version" - else - echo "Version $version doesn't match format. Using test version: 0.0.1" - version="0.0.1" - fi - echo "version=$version" >> ${GITHUB_OUTPUT} + uses: ./.github/workflows/get-version-and-tag-for-ref.yaml + with: + ref_name: ${{ inputs.ref_name }} + version: ${{ inputs.version }} windows-msi-build: needs: get-tag-name diff --git a/.github/workflows/build-and-test-pkg.yaml b/.github/workflows/build-and-test-pkg.yaml index 258b76b4d..62a0a38e6 100644 --- a/.github/workflows/build-and-test-pkg.yaml +++ b/.github/workflows/build-and-test-pkg.yaml @@ -5,13 +5,19 @@ on: workflow_dispatch: inputs: ref_name: + description: "the ref (tag/branch) to use to extract tag/version" required: true type: string workflow_call: inputs: ref_name: + description: "the ref (tag/branch) to use to extract tag/version" required: true type: string + version: + description: "override for version, will be used instead of ref if set, used for testing" + required: false + type: string schedule: - cron: '0 9 * * *' env: @@ -20,19 +26,10 @@ env: jobs: get-tag-name: name: Get tag name - runs-on: ubuntu-latest - outputs: - tag: ${{ steps.check-tag.outputs.tag }} - steps: - - name: Check tag from workflow input and github ref - id: check-tag - run: | - if [ -n "${{ inputs.ref_name }}" ]; then - tag=${{ inputs.ref_name }} - else - tag=${{ github.ref_name }} - fi - echo "tag=$tag" >> ${GITHUB_OUTPUT} + uses: ./.github/workflows/get-version-and-tag-for-ref.yaml + with: + ref_name: ${{ inputs.ref_name }} + version: ${{ inputs.version }} macos-aarch64-pkg-build: needs: get-tag-name diff --git a/.github/workflows/ci-docs.yaml b/.github/workflows/ci-docs.yaml index b5ba265dc..8a9f8fd59 100644 --- a/.github/workflows/ci-docs.yaml +++ b/.github/workflows/ci-docs.yaml @@ -24,6 +24,13 @@ on: - '!.github/workflows/e2e-macos.yaml' - '!.github/workflows/e2e-windows.yaml' - '!.github/workflows/e2e-linux.yaml' + - '!.github/workflows/release-automation.yaml' + - '!.github/workflows/release-linux.yaml' + - '!.github/workflows/upload-build-to-S3.yaml' + - '!.github/workflows/build-and-test-msi.yaml' + - '!.github/workflows/build-and-test-pkg.yaml' + - '!.github/workflows/ci-release.yaml' + - '!CHANGELOG.md' pull_request: branches: - main @@ -39,6 +46,13 @@ on: - '!.github/workflows/e2e-macos.yaml' - '!.github/workflows/e2e-windows.yaml' - '!.github/workflows/e2e-linux.yaml' + - '!.github/workflows/release-automation.yaml' + - '!.github/workflows/release-linux.yaml' + - '!.github/workflows/upload-build-to-S3.yaml' + - '!.github/workflows/build-and-test-msi.yaml' + - '!.github/workflows/build-and-test-pkg.yaml' + - '!.github/workflows/ci-release.yaml' + - '!CHANGELOG.md' jobs: git-secrets: diff --git a/.github/workflows/ci-release.yaml b/.github/workflows/ci-release.yaml new file mode 100644 index 000000000..5553e7a38 --- /dev/null +++ b/.github/workflows/ci-release.yaml @@ -0,0 +1,268 @@ +name: CI +on: + push: + branches: + - main + paths: + - '.github/workflows/release-automation.yaml' + - '.github/workflows/release-linux.yaml' + - '.github/workflows/upload-build-to-S3.yaml' + - '.github/workflows/build-and-test-msi.yaml' + - '.github/workflows/build-and-test-pkg.yaml' + - 'deps/finch-core' + - 'CHANGELOG.md' + pull_request: + branches: + - main + paths: + - '.github/workflows/release-automation.yaml' + - '.github/workflows/release-linux.yaml' + - '.github/workflows/upload-build-to-S3.yaml' + - '.github/workflows/build-and-test-msi.yaml' + - '.github/workflows/build-and-test-pkg.yaml' + - 'deps/finch-core' + - 'CHANGELOG.md' + workflow_dispatch: +permissions: + id-token: write + contents: write + +env: + DEBUG: ${{ secrets.ACTIONS_STEP_DEBUG }} + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + git-secrets: + runs-on: ubuntu-latest + steps: + - name: Pull latest awslabs/git-secrets repo + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + with: + repository: awslabs/git-secrets + ref: 1.3.0 + fetch-tags: true + path: git-secrets + - name: Install git secrets from source + run: sudo make install + working-directory: git-secrets + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - name: Scan repository for git secrets + run: | + git secrets --register-aws + git secrets --scan-history + + gen-code-no-diff: + strategy: + matrix: + os: [macos-latest, windows-latest, ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + with: + go-version-file: go.mod + cache: true + - run: make gen-code + - run: git diff --exit-code + unit-tests: + strategy: + fail-fast: false + matrix: + os: [macos-latest, windows-latest, ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - name: Configure git CRLF settings + run: | + git config --global core.autocrlf false + git config --global core.eol lf + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + with: + # Since this repository is not meant to be used as a library, + # we don't need to test the latest 2 major releases like Go does: https://go.dev/doc/devel/release#policy. + go-version-file: go.mod + cache: true + - run: make test-unit + # It's recommended to run golangci-lint in a job separate from other jobs (go test, etc) because different jobs run in parallel. + go-linter: + name: lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + with: + go-version-file: go.mod + cache: false # caching can result in tar errors that files already exist + - name: set GOOS env to windows + run: | + echo "GOOS=windows" >> $GITHUB_ENV + - name: golangci-lint - windows + uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 + with: + # Pin the version in case all the builds start to fail at the same time. + # There may not be an automatic way (e.g., dependabot) to update a specific parameter of a GitHub Action, + # so we will just update it manually whenever it makes sense (e.g., a feature that we want is added). + version: v1.56.1 + args: --fix=false --timeout=5m + - name: set GOOS env to darwin + run: | + echo "GOOS=darwin" >> $GITHUB_ENV + - name: golangci-lint - darwin + uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 + with: + # Pin the version in case all the builds start to fail at the same time. + # There may not be an automatic way (e.g., dependabot) to update a specific parameter of a GitHub Action, + # so we will just update it manually whenever it makes sense (e.g., a feature that we want is added). + version: v1.56.1 + args: --fix=false --timeout=5m --skip-dirs="(^|/)deps($|/)" + shellcheck: + name: ShellCheck + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - name: Run ShellCheck + uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # 2.0.0 + with: + version: v0.9.0 + continue-on-error: true + go-mod-tidy-check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + with: + go-version-file: go.mod + cache: true + # TODO: Use `go mod tidy --check` after https://github.com/golang/go/issues/27005 is fixed. + - run: go mod tidy + - run: git diff --exit-code + check-licenses: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + with: + go-version-file: go.mod + cache: true + - run: make check-licenses + macos-e2e-tests: + strategy: + matrix: + version: ['13', '14'] + test-command: ['test-e2e-vm-serial', 'test-e2e-container'] + arch: ['X64', 'arm64'] + runner-type: ['test'] + uses: ./.github/workflows/e2e-docs.yaml + windows-e2e-tests: + strategy: + matrix: + test-command: ['test-e2e-vm-serial', 'test-e2e-container'] + arch: ['amd64'] + runner-type: ['test'] + uses: ./.github/workflows/e2e-docs.yaml + linux-e2e-tests: + strategy: + matrix: + os: ['amazonlinux'] + arch: ['X64', 'arm64'] + version: ['2023', '2'] + runner-type: ['test'] + uses: ./.github/workflows/e2e-docs.yaml + + mdlint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: avto-dev/markdown-lint@04d43ee9191307b50935a753da3b775ab695eceb # v1.5.0 + with: + args: '**/*.md' + # CHANGELOG.md is only updated by release-please bot. + ignore: 'CHANGELOG.md' + + get-intermediate-version: + name: Create intermediate version + runs-on: ubuntu-latest + outputs: + version: ${{ steps.get-intermediate-version.version }} + steps: + - name: Creates an intermediate version + id: calculate-version + run: | + version=$(git describe --match 'v[0-9]*' --dirty='.modified' --always --tags) + version="${version}-no-release" + echo "version=$version" >> ${GITHUB_OUTPUT} + + release-linux: + needs: get-intermediate-version + uses: ./.github/workflows/release-linux.yaml + secrets: inherit + with: + ref_name: "" + version: ${{ needs.get-intermediate-version.outputs.version }} + + build-and-test-finch-msi: + needs: get-intermediate-version + uses: ./.github/workflows/build-and-test-msi.yaml + secrets: inherit + with: + ref_name: "" + version: ${{ needs.get-intermediate-version.outputs.version }} + + macos-aarch64-pkg-build: + needs: get-intermediate-version + uses: ./.github/workflows/build-pkg.yaml + secrets: inherit + with: + os: macos + arch: arm64 + output_arch: aarch64 + version: 14 + tag: ${{ needs.get-intermediate-version.outputs.version }} + + macos-x86-64-pkg-build: + needs: get-intermediate-version + uses: ./.github/workflows/build-pkg.yaml + secrets: inherit + with: + os: macos + arch: amd64 + output_arch: x86_64 + version: 14 + tag: ${{ needs.get-intermediate-version.outputs.version }} + + macos-aarch64-pkg-test: + strategy: + fail-fast: false + matrix: + version: [13, 14] + needs: + - get-intermediate-version + - macos-aarch64-pkg-build + uses: ./.github/workflows/test-pkg.yaml + secrets: inherit + with: + os: macos + arch: arm64 + output_arch: aarch64 + version: ${{ matrix.version }} + tag: ${{ needs.get-intermediate-version.outputs.version } + + macos-x86-64-pkg-test: + strategy: + fail-fast: false + matrix: + version: [13, 14] + needs: + - get-intermediate-version + - macos-x86-64-pkg-build + uses: ./.github/workflows/test-pkg.yaml + secrets: inherit + with: + os: macos + arch: amd64 + output_arch: x86_64 + version: ${{ matrix.version }} + tag: ${{ needs.get-intermediate-version.outputs.version } diff --git a/.github/workflows/get-version-and-tag-for-ref.yaml b/.github/workflows/get-version-and-tag-for-ref.yaml new file mode 100644 index 000000000..0c6148b27 --- /dev/null +++ b/.github/workflows/get-version-and-tag-for-ref.yaml @@ -0,0 +1,55 @@ +name: get tag and version from ref + +on: + workflow_dispatch: + inputs: + ref_name: + description: "the ref (tag/branch) to use to extract tag/version" + required: true + type: string + workflow_call: + inputs: + ref_name: + description: "the ref (tag/branch) to use to extract tag/version" + required: true + type: string + version: + description: "override for version, will be used instead of ref if set, used for testing" + required: false + type: string + outputs: + tag: + description: "The first output string" + value: ${{ jobs.get-version-and-tag-for-ref.outputs.tag }} + version: + description: "The second output string" + value: ${{ jobs.get-version-and-tag-for-ref.outputs.version }} + +jobs: + get-version-and-tag-for-ref: + name: Get tag name + runs-on: ubuntu-latest + outputs: + tag: ${{ steps.calculate-tag.outputs.tag }} + version: ${{ steps.calculate-tag.outputs.version }} + steps: + - name: Calculate a version and tag for a given ref + id: calculate-tag + run: | + if [ -n "${{ inputs.ref_name }}" ]; then + tag=${{ inputs.ref_name }} + else + tag=${{ github.ref_name }} + fi + echo "tag=$tag" >> ${GITHUB_OUTPUT} + + version=${tag#v} + if [[ $version =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + echo "Version matches format: $version" + elif [ -n "${{ inputs.ref_name }}" ]; then + version=${{ inputs.version }} + else + echo "Version $version doesn't match format. Using test version: 0.0.1" + version="0.0.1" + fi + echo "version=$version" >> ${GITHUB_OUTPUT} diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml new file mode 100644 index 000000000..6816fd867 --- /dev/null +++ b/.github/workflows/release-linux.yaml @@ -0,0 +1,118 @@ +name: Release Linux + +on: + workflow_dispatch: + inputs: + ref_name: + description: "the ref (tag/branch) to use to extract tag/version" + required: true + type: string + workflow_call: + inputs: + ref_name: + description: "the ref (tag/branch) to use to extract tag/version" + required: true + type: string + version: + description: "override for version, will be used instead of ref if set, used for testing" + required: false + type: string + schedule: + - cron: '0 9 * * *' + +env: + GO_VERSION: "1.22.7" +permissions: + contents: write + deployments: write +jobs: + get-tag-name: + name: Get tag name + uses: ./.github/workflows/get-version-and-tag-for-ref.yaml + with: + ref_name: ${{ inputs.ref_name }} + version: ${{ inputs.version }} + generate-artifacts: + needs: get-latest-tag + runs-on: ubuntu-latest + env: + # Set during setup. + RELEASE_TAG: ${{ needs.get-latest-tag.outputs.tag }} + STATIC_BINARY_NAME: "" + steps: + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + fetch-tags: true + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + with: + go-version: ${{ env.GO_VERSION }} + cache: false + - name: "Echo RELEASE_TAG ENV" + run: echo ${{ env.RELEASE_TAG }} + - name: Build + run: | + RELEASE_VERSION="${{ needs.get-tag-name.outputs.version }}" + make download-licenses + # static amd64 + export STATIC_AMD64_BINARY_NAME="finch-${RELEASE_VERSION}-linux-amd64-static.tar.gz" + GOARCH=amd64 STATIC=1 make + pushd _output/ + touch "${STATIC_AMD64_BINARY_NAME}" + tar --exclude "*.tar.gz" --exclude "*.tar.gz.sha256sum" -cvzf "${STATIC_AMD64_BINARY_NAME}" . + echo "${STATIC_AMD64_BINARY_NAME}" >> $GITHUB_ENV + popd + rm -rf ./_output/bin/ + # static arm64 + export STATIC_ARM64_BINARY_NAME="finch-${RELEASE_VERSION}-linux-arm64-static.tar.gz" + GOARCH=arm64 STATIC=1 make + pushd _output/ + touch "${STATIC_ARM64_BINARY_NAME}" + tar --exclude "*.tar.gz" --exclude "*.tar.gz.sha256sum" -cvzf "${STATIC_ARM64_BINARY_NAME}" . + echo "${STATIC_ARM64_BINARY_NAME}" >> $GITHUB_ENV + popd + + pushd _output/ + sha256sum "${STATIC_AMD64_BINARY_NAME}" > "${STATIC_AMD64_BINARY_NAME}".sha256sum + sha256sum "${STATIC_ARM64_BINARY_NAME}" > "${STATIC_ARM64_BINARY_NAME}".sha256sum + popd + + rm -rf ./_output/bin/ + - name: Verify Release versions + run: | + mkdir -p ./_output/${{ env.RELEASE_TAG }}/static/amd64 + tar -xzf ./_output/${{ env.STATIC_AMD64_BINARY_NAME }} -C ./_output/static/amd64 + STATIC_AMD64_BINARY_VERSION=$(./output/${{ env.RELEASE_TAG }}/static/amd64/finch --version | grep -oP 'v\d+\.\d+\.\d+') + export RELEASE_TAG=${{ env.RELEASE_TAG }} + if [ "$STATIC_AMD64_BINARY_VERSION" != "$RELEASE_TAG" ]; then + echo "Version mismatch" + exit 1 + fi + - uses: actions/upload-artifact@v4 + with: + name: artifacts + path: release/ + if-no-files-found: error + outputs: + static_amd64_binary_name: ${{ env.STATIC_AMD64_BINARY_NAME }} + static_arm64_binary_name: ${{ env.STATIC_ARM64_BINARY_NAME }} + validate-artifacts: + needs: generate-artifacts + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/download-artifact@v4 + with: + name: artifacts + path: release/ + - run: bash scripts/verify-release-artifacts.sh ${{ needs.generate-artifacts.outputs.release_tag }} + upload-artifacts: + needs: + - generate-artifacts + runs-on: ubuntu-latest + steps: + - name: upload to S3 + run: | + aws s3 cp --no-progress ${{ needs.generate-artifacts.outputs.static_amd64_binary_name }} s3://${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }}/ + aws s3 cp --no-progress ${{ needs.generate-artifacts.outputs.static_amd64_binary_name }}.sha256sum s3://${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }}/ + aws s3 cp --no-progress ${{ needs.generate-artifacts.outputs.static_arm64_binary_name }} s3://${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }}/ + aws s3 cp --no-progress ${{ needs.generate-artifacts.outputs.static_arm64_binary_name }}.sha256sum s3://${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }}/ diff --git a/Makefile b/Makefile index c5adf413f..0411ff9e5 100644 --- a/Makefile +++ b/Makefile @@ -121,10 +121,8 @@ ifeq ($(GOOS),windows) finch: finch-windows finch-all else ifeq ($(GOOS),darwin) finch: finch-macos -else ifeq ($(NATIVE_BUILD),true) -finch: finch-native else -finch: finch-all +finch: finch-linux endif finch-windows: @@ -137,9 +135,11 @@ finch-macos: finch-unix finch-unix: finch-all -finch-native: GO_BUILD_TAGS += native -finch-native: finch-all +finch-linux: finch-all +ifneq ($(STATIC),) +finch-all: export CGO_ENABLED=0 +endif finch-all: $(GO) build -ldflags $(LDFLAGS) -tags "$(GO_BUILD_TAGS)" -o $(OUTDIR)/bin/$(BINARYNAME) $(PACKAGE)/cmd/finch From 1098aad86d62783f3aa22a978579176641ece710 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:02:44 +0000 Subject: [PATCH 02/27] update file list Signed-off-by: Justin Alvarez --- .github/workflows/ci-release.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci-release.yaml b/.github/workflows/ci-release.yaml index 5553e7a38..f919c2dc9 100644 --- a/.github/workflows/ci-release.yaml +++ b/.github/workflows/ci-release.yaml @@ -9,6 +9,7 @@ on: - '.github/workflows/upload-build-to-S3.yaml' - '.github/workflows/build-and-test-msi.yaml' - '.github/workflows/build-and-test-pkg.yaml' + - '.github/workflows/get-version-and-tag-for-ref.yaml' - 'deps/finch-core' - 'CHANGELOG.md' pull_request: @@ -20,6 +21,7 @@ on: - '.github/workflows/upload-build-to-S3.yaml' - '.github/workflows/build-and-test-msi.yaml' - '.github/workflows/build-and-test-pkg.yaml' + - '.github/workflows/get-version-and-tag-for-ref.yaml' - 'deps/finch-core' - 'CHANGELOG.md' workflow_dispatch: From 345c60b2fe07db0f389c445cea9ea6daf481624b Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:03:00 +0000 Subject: [PATCH 03/27] temporariliy ignore ci-docs.yaml changes for CI Signed-off-by: Justin Alvarez --- .github/workflows/ci-docs.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/ci-docs.yaml b/.github/workflows/ci-docs.yaml index 8a9f8fd59..3652a04f3 100644 --- a/.github/workflows/ci-docs.yaml +++ b/.github/workflows/ci-docs.yaml @@ -30,6 +30,8 @@ on: - '!.github/workflows/build-and-test-msi.yaml' - '!.github/workflows/build-and-test-pkg.yaml' - '!.github/workflows/ci-release.yaml' + - '!.github/workflows/get-version-and-tag-for-ref.yaml' + - '!.github/workflows/ci-docs.yaml' - '!CHANGELOG.md' pull_request: branches: @@ -52,6 +54,8 @@ on: - '!.github/workflows/build-and-test-msi.yaml' - '!.github/workflows/build-and-test-pkg.yaml' - '!.github/workflows/ci-release.yaml' + - '!.github/workflows/get-version-and-tag-for-ref.yaml' + - '!.github/workflows/ci-docs.yaml' - '!CHANGELOG.md' jobs: From 8ed01f5eb4a681a47e7e52ba25ff2b6da3e92ac3 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:05:18 +0000 Subject: [PATCH 04/27] fix syntax error Signed-off-by: Justin Alvarez --- .github/workflows/ci-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-release.yaml b/.github/workflows/ci-release.yaml index f919c2dc9..1f390dbd1 100644 --- a/.github/workflows/ci-release.yaml +++ b/.github/workflows/ci-release.yaml @@ -267,4 +267,4 @@ jobs: arch: amd64 output_arch: x86_64 version: ${{ matrix.version }} - tag: ${{ needs.get-intermediate-version.outputs.version } + tag: ${{ needs.get-intermediate-version.outputs.version }} From e78b57f7c0f511a290cdd08e9c7e690303a8c526 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:06:20 +0000 Subject: [PATCH 05/27] fix syntax error Signed-off-by: Justin Alvarez --- .github/workflows/ci-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-release.yaml b/.github/workflows/ci-release.yaml index 1f390dbd1..09d43e25c 100644 --- a/.github/workflows/ci-release.yaml +++ b/.github/workflows/ci-release.yaml @@ -250,7 +250,7 @@ jobs: arch: arm64 output_arch: aarch64 version: ${{ matrix.version }} - tag: ${{ needs.get-intermediate-version.outputs.version } + tag: ${{ needs.get-intermediate-version.outputs.version }} macos-x86-64-pkg-test: strategy: From 47391a63c0bd3f6b8e50fe3386cfe8f9cef07d5c Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:07:20 +0000 Subject: [PATCH 06/27] update linux release workflow Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index 6816fd867..dcba88970 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -95,16 +95,6 @@ jobs: outputs: static_amd64_binary_name: ${{ env.STATIC_AMD64_BINARY_NAME }} static_arm64_binary_name: ${{ env.STATIC_ARM64_BINARY_NAME }} - validate-artifacts: - needs: generate-artifacts - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: actions/download-artifact@v4 - with: - name: artifacts - path: release/ - - run: bash scripts/verify-release-artifacts.sh ${{ needs.generate-artifacts.outputs.release_tag }} upload-artifacts: needs: - generate-artifacts From ec497d4f823797304e288d96a1be33335b663b82 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:08:45 +0000 Subject: [PATCH 07/27] fix permissions Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index dcba88970..ba26f9c12 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -24,7 +24,6 @@ env: GO_VERSION: "1.22.7" permissions: contents: write - deployments: write jobs: get-tag-name: name: Get tag name From 1c23f49ca177f84855c23c1252fd9910dc01a9a6 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:10:42 +0000 Subject: [PATCH 08/27] fix action name Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index ba26f9c12..e11916eb8 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -32,11 +32,11 @@ jobs: ref_name: ${{ inputs.ref_name }} version: ${{ inputs.version }} generate-artifacts: - needs: get-latest-tag + needs: get-tag-name runs-on: ubuntu-latest env: # Set during setup. - RELEASE_TAG: ${{ needs.get-latest-tag.outputs.tag }} + RELEASE_TAG: ${{ needs.get-tag-name.outputs.tag }} STATIC_BINARY_NAME: "" steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 From ff4069d4b61547dbbb89b975bd0c11572eb8e756 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:12:22 +0000 Subject: [PATCH 09/27] add checkout step Signed-off-by: Justin Alvarez --- .github/workflows/ci-release.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci-release.yaml b/.github/workflows/ci-release.yaml index 09d43e25c..aaf7e903d 100644 --- a/.github/workflows/ci-release.yaml +++ b/.github/workflows/ci-release.yaml @@ -190,6 +190,7 @@ jobs: outputs: version: ${{ steps.get-intermediate-version.version }} steps: + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Creates an intermediate version id: calculate-version run: | From c2d1b19846eb609ed377ef8fa7d7f86262bcf765 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:24:11 +0000 Subject: [PATCH 10/27] echo version to help with debug Signed-off-by: Justin Alvarez --- .github/workflows/ci-release.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-release.yaml b/.github/workflows/ci-release.yaml index aaf7e903d..a691b75ca 100644 --- a/.github/workflows/ci-release.yaml +++ b/.github/workflows/ci-release.yaml @@ -185,17 +185,19 @@ jobs: ignore: 'CHANGELOG.md' get-intermediate-version: - name: Create intermediate version + name: Get intermediate version runs-on: ubuntu-latest outputs: version: ${{ steps.get-intermediate-version.version }} steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - - name: Creates an intermediate version + - name: Gets an intermediate version string id: calculate-version run: | version=$(git describe --match 'v[0-9]*' --dirty='.modified' --always --tags) + echo "${version}" version="${version}-no-release" + echo "${version}" echo "version=$version" >> ${GITHUB_OUTPUT} release-linux: From 643c691bef3c48d44c67796c0e7b9f70f286985f Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:24:19 +0000 Subject: [PATCH 11/27] fix license check Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 5 ++--- Makefile | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index e11916eb8..37ad5a21d 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -51,10 +51,9 @@ jobs: - name: Build run: | RELEASE_VERSION="${{ needs.get-tag-name.outputs.version }}" - make download-licenses # static amd64 export STATIC_AMD64_BINARY_NAME="finch-${RELEASE_VERSION}-linux-amd64-static.tar.gz" - GOARCH=amd64 STATIC=1 make + GOARCH=amd64 STATIC=1 make release pushd _output/ touch "${STATIC_AMD64_BINARY_NAME}" tar --exclude "*.tar.gz" --exclude "*.tar.gz.sha256sum" -cvzf "${STATIC_AMD64_BINARY_NAME}" . @@ -63,7 +62,7 @@ jobs: rm -rf ./_output/bin/ # static arm64 export STATIC_ARM64_BINARY_NAME="finch-${RELEASE_VERSION}-linux-arm64-static.tar.gz" - GOARCH=arm64 STATIC=1 make + GOARCH=arm64 STATIC=1 make release pushd _output/ touch "${STATIC_ARM64_BINARY_NAME}" tar --exclude "*.tar.gz" --exclude "*.tar.gz.sha256sum" -cvzf "${STATIC_ARM64_BINARY_NAME}" . diff --git a/Makefile b/Makefile index 0411ff9e5..14e5eba17 100644 --- a/Makefile +++ b/Makefile @@ -167,7 +167,7 @@ coverage: download-licenses: GOBIN = $(CURDIR)/tools_bin download-licenses: GOBIN=$(GOBIN) go install github.com/google/go-licenses - $(GOBIN)/go-licenses save ./... --save_path="$(LICENSEDIR)" --force --include_tests + $(GOBIN)/go-licenses save ./... --ignore github.com/multiformats/go-base36 --save_path="$(LICENSEDIR)" --force --include_tests ### dependencies in tools.go - start ### @@ -249,7 +249,7 @@ check-licenses: GOBIN = $(CURDIR)/tools_bin check-licenses: go mod download GOBIN=$(GOBIN) go install github.com/google/go-licenses - $(GOBIN)/go-licenses check --ignore golang.org/x,github.com/runfinch/finch --ignore github.com/multiformats/go-base36 --allowed_licenses Apache-2.0,BSD-2-Clause,BSD-3-Clause,ISC,MIT --include_tests ./... + $(GOBIN)/go-licenses check --ignore golang.org/x,github.com/runfinch/finch --ignore github.com/multiformats/go-base36 --allowed_licenses Apache-2.0,BSD-2-Clause,BSD-3-Clause,ISC,MIT --include_tests ./... .PHONY: test-unit test-unit: From b9838633a0a4b8dc0d844e218477b58affb4ec3f Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:29:14 +0000 Subject: [PATCH 12/27] fix linux permissions Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index 37ad5a21d..5c76b4da4 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -23,6 +23,7 @@ on: env: GO_VERSION: "1.22.7" permissions: + id-token: write contents: write jobs: get-tag-name: From 27b54c2c22595ded528b87026a1cb28d1656d657 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:33:37 +0000 Subject: [PATCH 13/27] fix version calculation Signed-off-by: Justin Alvarez --- .github/workflows/ci-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-release.yaml b/.github/workflows/ci-release.yaml index a691b75ca..12118b421 100644 --- a/.github/workflows/ci-release.yaml +++ b/.github/workflows/ci-release.yaml @@ -188,7 +188,7 @@ jobs: name: Get intermediate version runs-on: ubuntu-latest outputs: - version: ${{ steps.get-intermediate-version.version }} + version: ${{ steps.calculate-version.version }} steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Gets an intermediate version string From cc70965942d7bf2d20151e8839b921af3aee5707 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:36:30 +0000 Subject: [PATCH 14/27] avoid cross-arch golicense installation Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index 5c76b4da4..427161e05 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -52,9 +52,10 @@ jobs: - name: Build run: | RELEASE_VERSION="${{ needs.get-tag-name.outputs.version }}" + make check-licenses download-licenses # static amd64 export STATIC_AMD64_BINARY_NAME="finch-${RELEASE_VERSION}-linux-amd64-static.tar.gz" - GOARCH=amd64 STATIC=1 make release + GOARCH=amd64 STATIC=1 make pushd _output/ touch "${STATIC_AMD64_BINARY_NAME}" tar --exclude "*.tar.gz" --exclude "*.tar.gz.sha256sum" -cvzf "${STATIC_AMD64_BINARY_NAME}" . @@ -63,7 +64,7 @@ jobs: rm -rf ./_output/bin/ # static arm64 export STATIC_ARM64_BINARY_NAME="finch-${RELEASE_VERSION}-linux-arm64-static.tar.gz" - GOARCH=arm64 STATIC=1 make release + GOARCH=arm64 STATIC=1 make pushd _output/ touch "${STATIC_ARM64_BINARY_NAME}" tar --exclude "*.tar.gz" --exclude "*.tar.gz.sha256sum" -cvzf "${STATIC_ARM64_BINARY_NAME}" . From b233a0a0e6e473bb635ff3e593e9d758f62f8059 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:43:14 +0000 Subject: [PATCH 15/27] use ref instead of ref_name Signed-off-by: Justin Alvarez --- .github/workflows/get-version-and-tag-for-ref.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/get-version-and-tag-for-ref.yaml b/.github/workflows/get-version-and-tag-for-ref.yaml index 0c6148b27..a09a8a12c 100644 --- a/.github/workflows/get-version-and-tag-for-ref.yaml +++ b/.github/workflows/get-version-and-tag-for-ref.yaml @@ -39,7 +39,7 @@ jobs: if [ -n "${{ inputs.ref_name }}" ]; then tag=${{ inputs.ref_name }} else - tag=${{ github.ref_name }} + tag=${{ github.ref }} fi echo "tag=$tag" >> ${GITHUB_OUTPUT} From d55f95637b3cf34fe88725d2ac2ef155b4e6af74 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:50:25 +0000 Subject: [PATCH 16/27] fix version output Signed-off-by: Justin Alvarez --- .github/workflows/ci-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-release.yaml b/.github/workflows/ci-release.yaml index 12118b421..b898cabb9 100644 --- a/.github/workflows/ci-release.yaml +++ b/.github/workflows/ci-release.yaml @@ -188,7 +188,7 @@ jobs: name: Get intermediate version runs-on: ubuntu-latest outputs: - version: ${{ steps.calculate-version.version }} + version: ${{ steps.calculate-version.outputs.version }} steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Gets an intermediate version string From 4cd592de3a61546471e87c83c9206d4432bc9d47 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:55:17 +0000 Subject: [PATCH 17/27] fix version conditional Signed-off-by: Justin Alvarez --- .github/workflows/get-version-and-tag-for-ref.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/get-version-and-tag-for-ref.yaml b/.github/workflows/get-version-and-tag-for-ref.yaml index a09a8a12c..a0fc1ed15 100644 --- a/.github/workflows/get-version-and-tag-for-ref.yaml +++ b/.github/workflows/get-version-and-tag-for-ref.yaml @@ -43,11 +43,10 @@ jobs: fi echo "tag=$tag" >> ${GITHUB_OUTPUT} - version=${tag#v} - if [[ $version =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + if [ -n "${{ inputs.version }}" ]; then echo "Version matches format: $version" - elif [ -n "${{ inputs.ref_name }}" ]; then - version=${{ inputs.version }} + elif [[ "${tag#v}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + version="${tag#v}" else echo "Version $version doesn't match format. Using test version: 0.0.1" version="0.0.1" From fcce212c70378e243c0b7ca7accc0ea4d844e1cf Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 15:56:26 +0000 Subject: [PATCH 18/27] use version instead of tag Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index 427161e05..1e8380ac9 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -37,8 +37,7 @@ jobs: runs-on: ubuntu-latest env: # Set during setup. - RELEASE_TAG: ${{ needs.get-tag-name.outputs.tag }} - STATIC_BINARY_NAME: "" + RELEASE_VERSION: ${{ needs.get-tag-name.outputs.version }} steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: @@ -47,11 +46,11 @@ jobs: with: go-version: ${{ env.GO_VERSION }} cache: false - - name: "Echo RELEASE_TAG ENV" - run: echo ${{ env.RELEASE_TAG }} + - name: "Echo RELEASE_VERSION ENV" + run: echo ${{ env.RELEASE_VERSION }} - name: Build run: | - RELEASE_VERSION="${{ needs.get-tag-name.outputs.version }}" + RELEASE_VERSION="${{ env.RELEASE_VERSION }}" make check-licenses download-licenses # static amd64 export STATIC_AMD64_BINARY_NAME="finch-${RELEASE_VERSION}-linux-amd64-static.tar.gz" @@ -79,11 +78,11 @@ jobs: rm -rf ./_output/bin/ - name: Verify Release versions run: | - mkdir -p ./_output/${{ env.RELEASE_TAG }}/static/amd64 + mkdir -p ./_output/${{ env.RELEASE_VERSION }}/static/amd64 tar -xzf ./_output/${{ env.STATIC_AMD64_BINARY_NAME }} -C ./_output/static/amd64 - STATIC_AMD64_BINARY_VERSION=$(./output/${{ env.RELEASE_TAG }}/static/amd64/finch --version | grep -oP 'v\d+\.\d+\.\d+') - export RELEASE_TAG=${{ env.RELEASE_TAG }} - if [ "$STATIC_AMD64_BINARY_VERSION" != "$RELEASE_TAG" ]; then + STATIC_AMD64_BINARY_VERSION=$(./output/${{ env.RELEASE_VERSION }}/static/amd64/finch --version | grep -oP 'v\d+\.\d+\.\d+') + export RELEASE_VERSION=${{ env.RELEASE_VERSION }} + if [ "$STATIC_AMD64_BINARY_VERSION" != "$RELEASE_VERSION" ]; then echo "Version mismatch" exit 1 fi From 5aa5bd4e082ed39d73cf71c6f33176ceec23935c Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 16:01:41 +0000 Subject: [PATCH 19/27] actually fix version Signed-off-by: Justin Alvarez --- .github/workflows/get-version-and-tag-for-ref.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/get-version-and-tag-for-ref.yaml b/.github/workflows/get-version-and-tag-for-ref.yaml index a0fc1ed15..4f5c09f7e 100644 --- a/.github/workflows/get-version-and-tag-for-ref.yaml +++ b/.github/workflows/get-version-and-tag-for-ref.yaml @@ -44,9 +44,11 @@ jobs: echo "tag=$tag" >> ${GITHUB_OUTPUT} if [ -n "${{ inputs.version }}" ]; then - echo "Version matches format: $version" + version=${{ inputs.version }} + echo "Version was supplied as input: $version" elif [[ "${tag#v}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then version="${tag#v}" + echo "Version matches release format: $version" else echo "Version $version doesn't match format. Using test version: 0.0.1" version="0.0.1" From 921ec6fee809e7b1ec7e41439dabc2cd4b3d671b Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 16:11:31 +0000 Subject: [PATCH 20/27] debug logs Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index 1e8380ac9..7ceb214ad 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -58,7 +58,9 @@ jobs: pushd _output/ touch "${STATIC_AMD64_BINARY_NAME}" tar --exclude "*.tar.gz" --exclude "*.tar.gz.sha256sum" -cvzf "${STATIC_AMD64_BINARY_NAME}" . + echo "${STATIC_AMD64_BINARY_NAME}" echo "${STATIC_AMD64_BINARY_NAME}" >> $GITHUB_ENV + echo $GITHUB_ENV popd rm -rf ./_output/bin/ # static arm64 @@ -67,7 +69,9 @@ jobs: pushd _output/ touch "${STATIC_ARM64_BINARY_NAME}" tar --exclude "*.tar.gz" --exclude "*.tar.gz.sha256sum" -cvzf "${STATIC_ARM64_BINARY_NAME}" . + echo "${STATIC_ARM64_BINARY_NAME}" echo "${STATIC_ARM64_BINARY_NAME}" >> $GITHUB_ENV + echo $GITHUB_ENV popd pushd _output/ From 6cbc3464113d0c1abcea7f06975b1bddce7f2845 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 16:11:45 +0000 Subject: [PATCH 21/27] simplify Signed-off-by: Justin Alvarez --- .github/workflows/ci-release.yaml | 54 ++----------------------------- 1 file changed, 3 insertions(+), 51 deletions(-) diff --git a/.github/workflows/ci-release.yaml b/.github/workflows/ci-release.yaml index b898cabb9..cbdf7e948 100644 --- a/.github/workflows/ci-release.yaml +++ b/.github/workflows/ci-release.yaml @@ -218,56 +218,8 @@ jobs: macos-aarch64-pkg-build: needs: get-intermediate-version - uses: ./.github/workflows/build-pkg.yaml + uses: ./.github/workflows/build-and-test-pkg.yaml secrets: inherit with: - os: macos - arch: arm64 - output_arch: aarch64 - version: 14 - tag: ${{ needs.get-intermediate-version.outputs.version }} - - macos-x86-64-pkg-build: - needs: get-intermediate-version - uses: ./.github/workflows/build-pkg.yaml - secrets: inherit - with: - os: macos - arch: amd64 - output_arch: x86_64 - version: 14 - tag: ${{ needs.get-intermediate-version.outputs.version }} - - macos-aarch64-pkg-test: - strategy: - fail-fast: false - matrix: - version: [13, 14] - needs: - - get-intermediate-version - - macos-aarch64-pkg-build - uses: ./.github/workflows/test-pkg.yaml - secrets: inherit - with: - os: macos - arch: arm64 - output_arch: aarch64 - version: ${{ matrix.version }} - tag: ${{ needs.get-intermediate-version.outputs.version }} - - macos-x86-64-pkg-test: - strategy: - fail-fast: false - matrix: - version: [13, 14] - needs: - - get-intermediate-version - - macos-x86-64-pkg-build - uses: ./.github/workflows/test-pkg.yaml - secrets: inherit - with: - os: macos - arch: amd64 - output_arch: x86_64 - version: ${{ matrix.version }} - tag: ${{ needs.get-intermediate-version.outputs.version }} + ref_name: "" + version: ${{ needs.get-intermediate-version.outputs.version }} From cb46c20fbc04f40c055f3217b76377523349ac1b Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 16:26:23 +0000 Subject: [PATCH 22/27] use outputs instead of env Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index 7ceb214ad..c22b9d1a6 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -49,6 +49,7 @@ jobs: - name: "Echo RELEASE_VERSION ENV" run: echo ${{ env.RELEASE_VERSION }} - name: Build + id: build run: | RELEASE_VERSION="${{ env.RELEASE_VERSION }}" make check-licenses download-licenses @@ -58,9 +59,7 @@ jobs: pushd _output/ touch "${STATIC_AMD64_BINARY_NAME}" tar --exclude "*.tar.gz" --exclude "*.tar.gz.sha256sum" -cvzf "${STATIC_AMD64_BINARY_NAME}" . - echo "${STATIC_AMD64_BINARY_NAME}" - echo "${STATIC_AMD64_BINARY_NAME}" >> $GITHUB_ENV - echo $GITHUB_ENV + echo "STATIC_AMD64_BINARY_NAME=${STATIC_AMD64_BINARY_NAME}" >> ${GITHUB_OUTPUT} popd rm -rf ./_output/bin/ # static arm64 @@ -69,9 +68,7 @@ jobs: pushd _output/ touch "${STATIC_ARM64_BINARY_NAME}" tar --exclude "*.tar.gz" --exclude "*.tar.gz.sha256sum" -cvzf "${STATIC_ARM64_BINARY_NAME}" . - echo "${STATIC_ARM64_BINARY_NAME}" - echo "${STATIC_ARM64_BINARY_NAME}" >> $GITHUB_ENV - echo $GITHUB_ENV + echo "STATIC_ARM64_BINARY_NAME=${STATIC_ARM64_BINARY_NAME}" >> ${GITHUB_OUTPUT} popd pushd _output/ @@ -83,7 +80,7 @@ jobs: - name: Verify Release versions run: | mkdir -p ./_output/${{ env.RELEASE_VERSION }}/static/amd64 - tar -xzf ./_output/${{ env.STATIC_AMD64_BINARY_NAME }} -C ./_output/static/amd64 + tar -xzf ./_output/${{ steps.build.outputs.STATIC_AMD64_BINARY_NAME }} -C ./_output/static/amd64 STATIC_AMD64_BINARY_VERSION=$(./output/${{ env.RELEASE_VERSION }}/static/amd64/finch --version | grep -oP 'v\d+\.\d+\.\d+') export RELEASE_VERSION=${{ env.RELEASE_VERSION }} if [ "$STATIC_AMD64_BINARY_VERSION" != "$RELEASE_VERSION" ]; then @@ -96,8 +93,8 @@ jobs: path: release/ if-no-files-found: error outputs: - static_amd64_binary_name: ${{ env.STATIC_AMD64_BINARY_NAME }} - static_arm64_binary_name: ${{ env.STATIC_ARM64_BINARY_NAME }} + static_amd64_binary_name: ${{ steps.build.outputs.STATIC_AMD64_BINARY_NAME }} + static_arm64_binary_name: ${{ steps.build.outputs.STATIC_ARM64_BINARY_NAME }} upload-artifacts: needs: - generate-artifacts From 1eadb1e0f00afe4a813cb55b12532824f0e2a07c Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 16:29:12 +0000 Subject: [PATCH 23/27] fix path Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index c22b9d1a6..53ba1c43a 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -80,7 +80,7 @@ jobs: - name: Verify Release versions run: | mkdir -p ./_output/${{ env.RELEASE_VERSION }}/static/amd64 - tar -xzf ./_output/${{ steps.build.outputs.STATIC_AMD64_BINARY_NAME }} -C ./_output/static/amd64 + tar -xzf ./_output/${{ steps.build.outputs.STATIC_AMD64_BINARY_NAME }} -C ./_output/${{ env.RELEASE_VERSION }}/static/amd64 STATIC_AMD64_BINARY_VERSION=$(./output/${{ env.RELEASE_VERSION }}/static/amd64/finch --version | grep -oP 'v\d+\.\d+\.\d+') export RELEASE_VERSION=${{ env.RELEASE_VERSION }} if [ "$STATIC_AMD64_BINARY_VERSION" != "$RELEASE_VERSION" ]; then From 3b7866336401a66635c24ad0de1fe0fd9c3600aa Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 16:32:11 +0000 Subject: [PATCH 24/27] fix bin path Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index 53ba1c43a..5a964cc72 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -81,7 +81,7 @@ jobs: run: | mkdir -p ./_output/${{ env.RELEASE_VERSION }}/static/amd64 tar -xzf ./_output/${{ steps.build.outputs.STATIC_AMD64_BINARY_NAME }} -C ./_output/${{ env.RELEASE_VERSION }}/static/amd64 - STATIC_AMD64_BINARY_VERSION=$(./output/${{ env.RELEASE_VERSION }}/static/amd64/finch --version | grep -oP 'v\d+\.\d+\.\d+') + STATIC_AMD64_BINARY_VERSION=$(./output/${{ env.RELEASE_VERSION }}/static/amd64/bin/finch --version | grep -oP 'v\d+\.\d+\.\d+') export RELEASE_VERSION=${{ env.RELEASE_VERSION }} if [ "$STATIC_AMD64_BINARY_VERSION" != "$RELEASE_VERSION" ]; then echo "Version mismatch" From c4502d763fbcc881db0fb4d6b242782a2d40e64e Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 16:35:26 +0000 Subject: [PATCH 25/27] add debug logs Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index 5a964cc72..937591340 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -81,6 +81,9 @@ jobs: run: | mkdir -p ./_output/${{ env.RELEASE_VERSION }}/static/amd64 tar -xzf ./_output/${{ steps.build.outputs.STATIC_AMD64_BINARY_NAME }} -C ./_output/${{ env.RELEASE_VERSION }}/static/amd64 + ls ./output/${{ env.RELEASE_VERSION }}/static/ + ls ./output/${{ env.RELEASE_VERSION }}/static/amd64/ + ls ./output/${{ env.RELEASE_VERSION }}/static/amd64/bin STATIC_AMD64_BINARY_VERSION=$(./output/${{ env.RELEASE_VERSION }}/static/amd64/bin/finch --version | grep -oP 'v\d+\.\d+\.\d+') export RELEASE_VERSION=${{ env.RELEASE_VERSION }} if [ "$STATIC_AMD64_BINARY_VERSION" != "$RELEASE_VERSION" ]; then From 997591fcff7e85def464a00fe46f26f4002f47e1 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 20:09:55 +0000 Subject: [PATCH 26/27] fix directory paths Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index 937591340..0b0989591 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -81,10 +81,10 @@ jobs: run: | mkdir -p ./_output/${{ env.RELEASE_VERSION }}/static/amd64 tar -xzf ./_output/${{ steps.build.outputs.STATIC_AMD64_BINARY_NAME }} -C ./_output/${{ env.RELEASE_VERSION }}/static/amd64 - ls ./output/${{ env.RELEASE_VERSION }}/static/ - ls ./output/${{ env.RELEASE_VERSION }}/static/amd64/ - ls ./output/${{ env.RELEASE_VERSION }}/static/amd64/bin - STATIC_AMD64_BINARY_VERSION=$(./output/${{ env.RELEASE_VERSION }}/static/amd64/bin/finch --version | grep -oP 'v\d+\.\d+\.\d+') + ls ./_output/${{ env.RELEASE_VERSION }}/static/ + ls ./_output/${{ env.RELEASE_VERSION }}/static/amd64/ + ls ./_output/${{ env.RELEASE_VERSION }}/static/amd64/bin + STATIC_AMD64_BINARY_VERSION=$(./_output/${{ env.RELEASE_VERSION }}/static/amd64/bin/finch --version | grep -oP 'v\d+\.\d+\.\d+') export RELEASE_VERSION=${{ env.RELEASE_VERSION }} if [ "$STATIC_AMD64_BINARY_VERSION" != "$RELEASE_VERSION" ]; then echo "Version mismatch" From e3815dcffd157986ca1f9aeb06b7196f9810c345 Mon Sep 17 00:00:00 2001 From: Justin Alvarez Date: Fri, 18 Oct 2024 20:12:38 +0000 Subject: [PATCH 27/27] add sudo Signed-off-by: Justin Alvarez --- .github/workflows/release-linux.yaml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/release-linux.yaml b/.github/workflows/release-linux.yaml index 0b0989591..02b586417 100644 --- a/.github/workflows/release-linux.yaml +++ b/.github/workflows/release-linux.yaml @@ -81,10 +81,7 @@ jobs: run: | mkdir -p ./_output/${{ env.RELEASE_VERSION }}/static/amd64 tar -xzf ./_output/${{ steps.build.outputs.STATIC_AMD64_BINARY_NAME }} -C ./_output/${{ env.RELEASE_VERSION }}/static/amd64 - ls ./_output/${{ env.RELEASE_VERSION }}/static/ - ls ./_output/${{ env.RELEASE_VERSION }}/static/amd64/ - ls ./_output/${{ env.RELEASE_VERSION }}/static/amd64/bin - STATIC_AMD64_BINARY_VERSION=$(./_output/${{ env.RELEASE_VERSION }}/static/amd64/bin/finch --version | grep -oP 'v\d+\.\d+\.\d+') + STATIC_AMD64_BINARY_VERSION=$(sudo ./_output/${{ env.RELEASE_VERSION }}/static/amd64/bin/finch --version | grep -oP 'v\d+\.\d+\.\d+') export RELEASE_VERSION=${{ env.RELEASE_VERSION }} if [ "$STATIC_AMD64_BINARY_VERSION" != "$RELEASE_VERSION" ]; then echo "Version mismatch"