89 lines
3 KiB
YAML
89 lines
3 KiB
YAML
name: Build and Release
|
|
|
|
on:
|
|
push:
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Check out repository code
|
|
uses: actions/checkout@v4
|
|
- name: Setup Zig
|
|
uses: https://github.com/mlugg/setup-zig@v2.0.1
|
|
with:
|
|
version: 0.14.1
|
|
- name: Restore Zig caches
|
|
uses: https://github.com/Hanaasagi/zig-action-cache@3954aae427f8b05914e08dfd79f15e1f2e435929
|
|
|
|
- name: Run tests
|
|
run: zig build test --verbose --summary all
|
|
|
|
- name: Run tests (release mode)
|
|
run: zig build test -Dtarget=x86_64-linux-musl -Doptimize=ReleaseSafe --verbose
|
|
|
|
- name: Build release binary
|
|
run: |
|
|
zig build -Dtarget=x86_64-linux-musl -Doptimize=ReleaseSafe --verbose
|
|
|
|
- name: Create release archive (linux x86_64)
|
|
run: |
|
|
mkdir -p release-tracker-x86_64-linux
|
|
cp zig-out/bin/release-tracker release-tracker-x86_64-linux/
|
|
cp config.example.json release-tracker-x86_64-linux/
|
|
cp README.md release-tracker-x86_64-linux/
|
|
tar -czf release-tracker-x86_64-linux.tar.gz release-tracker-x86_64-linux/
|
|
|
|
- name: Publish release archive
|
|
run: |
|
|
curl -s --user ${{ github.actor }}:${{ secrets.PACKAGE_PUSH }} \
|
|
--upload-file release-tracker-x86_64-linux.tar.gz \
|
|
https://git.lerch.org/api/packages/lobo/generic/aws-sdk-with-models/${{ github.sha }}/release-tracker-x86_64-linux.tar.gz
|
|
|
|
- name: Upload
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: release-tracker-x86_64-linux
|
|
path: 'zig-out/bin/release-tracker'
|
|
|
|
- name: Notify
|
|
uses: https://git.lerch.org/lobo/action-notify-ntfy@v2
|
|
if: always()
|
|
with:
|
|
host: ${{ secrets.NTFY_HOST }}
|
|
topic: ${{ secrets.NTFY_TOPIC }}
|
|
user: ${{ secrets.NTFY_USER }}
|
|
password: ${{ secrets.NTFY_PASSWORD }}
|
|
sign:
|
|
runs-on: ubuntu-latest-with-hsm
|
|
needs: build
|
|
steps:
|
|
- name: Download Artifact
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: release-tracker-x86_64-linux
|
|
- name: "Make executable actually executable"
|
|
run: "chmod 755 release-tracker"
|
|
- name: Sign
|
|
id: sign
|
|
uses: https://git.lerch.org/lobo/action-hsm-sign@v1
|
|
with:
|
|
pin: ${{ secrets.HSM_USER_PIN }}
|
|
files: release-tracker-linux-x86_64
|
|
public_key: 'https://emil.lerch.org/serverpublic.pem'
|
|
- name: Output signature URL
|
|
run: echo "Signature URL is ${{ steps.sign.outputs.URL_0 }}"
|
|
- name: Upload Artifact
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: signature
|
|
path: ${{ steps.sign.outputs.SIG_0 }}
|
|
- name: Notify
|
|
uses: https://git.lerch.org/lobo/action-notify-ntfy@v2
|
|
if: always()
|
|
with:
|
|
host: ${{ secrets.NTFY_HOST }}
|
|
topic: ${{ secrets.NTFY_TOPIC }}
|
|
user: ${{ secrets.NTFY_USER }}
|
|
password: ${{ secrets.NTFY_PASSWORD }}
|