Release Platform #674
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release Packages | |
on: | |
release: | |
types: | |
- published | |
workflow_dispatch: | |
inputs: | |
tag: | |
description: "Version (i.e. v0.22.3-pre.2)" | |
required: true | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
release-npm: | |
name: Release NPM packages | |
runs-on: [ "self-hosted", "linux", "x64", "ubuntu-platform" ] | |
timeout-minutes: 15 | |
if: github.event_name != 'workflow_dispatch' | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
- name: Check package version matches tag | |
uses: geritol/[email protected] | |
env: | |
TAG_PREFIX: v | |
- name: Setup Rust | |
uses: ./.github/actions/rust | |
with: | |
toolchain: stable | |
target: wasm32-unknown-unknown | |
- name: Setup Node.JS | |
uses: ./.github/actions/nodejs | |
- name: Build packages | |
run: yarn build | |
env: | |
CARGO_BUILD_PROFILE: release | |
- name: Set suffix | |
uses: actions/github-script@v6 | |
id: suffix | |
with: | |
result-encoding: string | |
script: | | |
const fullTag = context.payload.release.tag_name; | |
if (fullTag.includes('-')) { | |
const [, fullSuffix] = fullTag.split('-'); | |
const [suffix] = fullSuffix.split('.'); | |
return suffix; | |
} else { | |
return ''; | |
} | |
- name: Set NPM release tag | |
uses: actions/github-script@v6 | |
id: tag | |
with: | |
result-encoding: string | |
script: | | |
const tag = context.payload.release.tag_name; | |
const [, major, minor] = tag.match(/^v([0-9]+)\.([0-9]+)/); | |
return (tag.includes('-') ? `${major}.${minor}-${{steps.suffix.outputs.result}}` : 'latest'); | |
- name: Configure NPM auth token | |
run: yarn config set npmAuthToken ${{ secrets.NPM_TOKEN }} | |
- name: Publish NPM packages | |
run: yarn workspaces foreach --all --no-private --parallel npm publish --access public --tag ${{ steps.tag.outputs.result }} | |
release-drive-docker-image: | |
name: Release Drive to Docker Hub | |
runs-on: [ "self-hosted", "linux", "x64", "8x-ubuntu-platform" ] | |
timeout-minutes: 120 | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Restore timestamps | |
uses: chetan/git-restore-mtime-action@v2 | |
- name: Get image tag | |
uses: actions/github-script@v6 | |
id: tag | |
with: | |
result-encoding: string | |
script: | | |
return ( | |
context.eventName === 'workflow_dispatch' | |
? '${{ github.event.inputs.tag }}' | |
: context.payload.release.tag_name | |
); | |
- name: Build Docker image | |
uses: ./.github/actions/docker | |
with: | |
image: dashpay/drive | |
target: drive-abci | |
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }} | |
dockerhub_token: ${{ secrets.DOCKERHUB_TOKEN }} | |
push: true | |
image_tag: ${{steps.tag.outputs.result}} | |
cache_mounts: | | |
cargo_registry_index | |
cargo_registry_cache | |
cargo_git | |
target_amd64 | |
target_arm64 | |
release-dapi-docker-image: | |
name: Release DAPI to Docker Hub | |
runs-on: [ "self-hosted", "linux", "x64", "ubuntu-platform" ] | |
timeout-minutes: 120 | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Restore timestamps | |
uses: chetan/git-restore-mtime-action@v2 | |
- name: Get image tag | |
uses: actions/github-script@v6 | |
id: tag | |
with: | |
result-encoding: string | |
script: | | |
return ( | |
context.eventName === 'workflow_dispatch' | |
? '${{ github.event.inputs.tag }}' | |
: context.payload.release.tag_name | |
); | |
- name: Build Docker image | |
uses: ./.github/actions/docker | |
with: | |
image: dashpay/dapi | |
target: dapi | |
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }} | |
dockerhub_token: ${{ secrets.DOCKERHUB_TOKEN }} | |
push: true | |
image_tag: ${{steps.tag.outputs.result}} | |
cache_mounts: | | |
cargo_registry_index | |
cargo_registry_cache | |
cargo_git | |
target_amd64 | |
target_arm64 | |
target_wasm | |
unplugged_amd64 | |
unplugged_arm64 | |
release-test-suite-docker-image: | |
name: Release Test Suite to Docker Hub | |
runs-on: [ "self-hosted", "linux", "x64", "ubuntu-platform" ] | |
timeout-minutes: 120 | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Restore timestamps | |
uses: chetan/git-restore-mtime-action@v2 | |
- name: Get image tag | |
uses: actions/github-script@v6 | |
id: tag | |
with: | |
result-encoding: string | |
script: | | |
return ( | |
context.eventName === 'workflow_dispatch' | |
? '${{ github.event.inputs.tag }}' | |
: context.payload.release.tag_name | |
); | |
- name: Build Docker image | |
uses: ./.github/actions/docker | |
with: | |
image: dashpay/platform-test-suite | |
target: test-suite | |
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }} | |
dockerhub_token: ${{ secrets.DOCKERHUB_TOKEN }} | |
push: true | |
image_tag: ${{steps.tag.outputs.result}} | |
cache_mounts: | | |
cargo_registry_index | |
cargo_registry_cache | |
cargo_git | |
target_amd64 | |
target_arm64 | |
target_wasm | |
unplugged_amd64 | |
unplugged_arm64 | |
release-dashmate-helper-docker-image: | |
name: Release Dashmate helper to Docker Hub | |
runs-on: [ "self-hosted", "linux", "x64", "ubuntu-platform" ] | |
timeout-minutes: 120 | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Restore timestamps | |
uses: chetan/git-restore-mtime-action@v2 | |
- name: Get image tag | |
uses: actions/github-script@v6 | |
id: tag | |
with: | |
result-encoding: string | |
script: | | |
return ( | |
context.eventName === 'workflow_dispatch' | |
? '${{ github.event.inputs.tag }}' | |
: context.payload.release.tag_name | |
); | |
- name: Build Docker image | |
uses: ./.github/actions/docker | |
with: | |
image: dashpay/dashmate-helper | |
target: dashmate-helper | |
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }} | |
dockerhub_token: ${{ secrets.DOCKERHUB_TOKEN }} | |
push: true | |
image_tag: ${{steps.tag.outputs.result}} | |
cache_mounts: | | |
cargo_registry_index | |
cargo_registry_cache | |
cargo_git | |
target_amd64 | |
target_arm64 | |
target_wasm | |
unplugged_amd64 | |
unplugged_arm64 | |
release-dashmate-packages: | |
name: Release Dashmate packages | |
runs-on: ${{ matrix.os }} | |
needs: release-npm | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- package_type: tarballs | |
os: ubuntu-22.04 | |
- package_type: win | |
os: ubuntu-22.04 | |
- package_type: deb | |
os: ubuntu-22.04 | |
- package_type: macos | |
os: macos-12 | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v4 | |
- name: Install macOS build deps | |
if: runner.os == 'macOS' | |
run: | | |
brew install llvm docker colima coreutils | |
colima start | |
echo "/usr/local/opt/llvm/bin" >> $GITHUB_PATH | |
- name: Install the Apple certificate | |
if: runner.os == 'macOS' | |
env: | |
BUILD_CERTIFICATE_BASE64: ${{ secrets.MACOS_BUILD_CERTIFICATE_BASE64 }} | |
P12_PASSWORD: ${{ secrets.MACOS_P12_PASSWORD }} | |
KEYCHAIN_PASSWORD: ${{ secrets.MACOS_KEYCHAIN_PASSWORD }} | |
run: | | |
# create variables | |
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
# import certificate and provisioning profile from secrets | |
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH | |
# create temporary keychain | |
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
# import certificate to keychain | |
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
security list-keychain -d user -s $KEYCHAIN_PATH | |
- name: Install Linux build deps | |
if: runner.os == 'Linux' | |
run: sudo apt-get install -y nsis | |
- name: Setup Node.JS | |
uses: ./.github/actions/nodejs | |
- name: Setup Rust | |
uses: ./.github/actions/rust | |
with: | |
toolchain: stable | |
target: wasm32-unknown-unknown | |
# TODO: We don't need to build it, since pack should use released npm packages | |
- name: Build packages | |
run: yarn build --filter "+dashmate" | |
- name: Create package | |
env: | |
OSX_KEYCHAIN: $RUNNER_TEMP/app-signing.keychain-db | |
run: "${GITHUB_WORKSPACE}/scripts/pack_dashmate.sh ${{ matrix.package_type }}" | |
- name: Upload artifacts to action summary | |
uses: actions/upload-artifact@v3 | |
if: github.event_name != 'release' | |
with: | |
name: dashmate | |
path: packages/dashmate/dist/** | |
- name: Notarize MacOS Release Build | |
if: runner.os == 'macOS' | |
run: | | |
find packages/dashmate/dist/ -name '*.pkg' -exec sh -c 'xcrun notarytool submit "{}" --apple-id "${{ secrets.MACOS_APPLE_ID }}" --team-id "${{ secrets.MACOS_TEAM_ID }}" --password "${{ secrets.MACOS_NOTARIZING_PASSWORD }}" --wait;' \; | |
- name: Upload artifacts to release | |
uses: softprops/[email protected] | |
if: github.event_name == 'release' | |
with: | |
files: packages/dashmate/dist/** |