feat(cd): automatic AUR release #5265
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD Process | ||
on: | ||
workflow_call: | ||
workflow_dispatch: | ||
jobs: | ||
compute-build-ref: | ||
runs-on: ubuntu-22.04 | ||
outputs: | ||
build-ref: ${{ steps.compute-build-ref.outputs.build-ref }} | ||
steps: | ||
- name: Compute build ref | ||
id: compute-build-ref | ||
run: echo "${{ github.workflow }}-${{ github.event.number || github.ref }}" >> $GITHUB_OUTPUT | ||
select-java-version: | ||
outputs: | ||
java-version: ${{ steps.java-version.outputs.java-version }} | ||
runs-on: ubuntu-22.04 | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
- name: Compute Java version | ||
id: java-version | ||
run: ruby -e 'puts("java-version=#{/^minJavaVersion\s*=\s*(\d+)$/.match(File.read("gradle.properties"))[1]}")' >> $GITHUB_OUTPUT | ||
# Complete build, including testing, static analysis, and packaging | ||
build: | ||
needs: | ||
- select-java-version | ||
- compute-build-ref | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
os: [ windows-2022, macos-12, ubuntu-22.04 ] | ||
runs-on: ${{ matrix.os }} | ||
timeout-minutes: 180 | ||
concurrency: | ||
group: build-${{ matrix.os }}-${{ needs.compute-build-ref.outputs.build-ref }} | ||
cancel-in-progress: true | ||
steps: | ||
- name: Checkout | ||
uses: danysk/action-checkout@0.2.14 | ||
- uses: DanySK/build-check-deploy-gradle-action@2.2.17 | ||
with: | ||
pre-build-command: ./gradlew kotlinUpgradeYarnLock --parallel | ||
# check that all tasks used in subsequent phases are there | ||
build-command: | | ||
COMMAND="./gradlew \ | ||
build clean close \ | ||
hugoBuild \ | ||
performWebsiteStringReplacements \ | ||
publishKotlinOSSRHPublicationToGithubRepository \ | ||
release \ | ||
shadowJar \ | ||
uploadKotlinOSSRH uploadKotlinMultiplatform uploadJvm uploadJs \ | ||
--dry-run | ||
" | ||
eval $COMMAND || eval $COMMAND | ||
check-command: | | ||
./gradlew check --parallel || ./gradlew check --parallel | ||
clean-command: | | ||
./gradlew clean --parallel || ./gradlew clean --parallel || true | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
should-run-codecov: ${{ contains('Linux', runner.os) }} | ||
should-deploy: false | ||
should-validate-wrapper: ${{ contains('Linux', runner.os) }} | ||
- name: Generate fatjars and platform-specific packages | ||
run: ./gradlew shadowJar jpackageFull --parallel | ||
- name: Upload fatjars built on Linux | ||
if: ${{ runner.os == 'Linux' }} | ||
uses: actions/upload-artifact@v4.3.0 | ||
with: | ||
name: fat-jars-${{ needs.compute-build-ref.outputs.build-ref }} | ||
path: build/shadow/* | ||
if-no-files-found: error | ||
- name: Upload platform-specific packages | ||
uses: actions/upload-artifact@v4.3.0 | ||
with: | ||
name: installer-package-${{ runner.os }}-${{ needs.compute-build-ref.outputs.build-ref }} | ||
path: build/package/* | ||
if-no-files-found: error | ||
# Performs a dry-deployment on Central if credentials are available | ||
test-deploy: | ||
needs: | ||
- select-java-version | ||
- compute-build-ref | ||
runs-on: ubuntu-22.04 | ||
if: >- | ||
!github.event.repository.fork | ||
&& ( | ||
github.event_name != 'pull_request' | ||
|| github.event.pull_request.head.repo.full_name == github.repository | ||
) | ||
timeout-minutes: 120 | ||
concurrency: | ||
group: test-deploy-${{ needs.compute-build-ref.outputs.build-ref }} | ||
cancel-in-progress: true | ||
steps: | ||
- name: Checkout | ||
uses: danysk/action-checkout@0.2.14 | ||
- uses: DanySK/build-check-deploy-gradle-action@2.2.17 | ||
with: | ||
build-command: ./gradlew kotlinUpgradeYarnLock --parallel | ||
check-command: true | ||
deploy-command: | | ||
COMMAND="./gradlew uploadJvm uploadJs uploadKotlinOSSRH uploadKotlinMultiplatform close drop --parallel" | ||
eval "$COMMAND" || eval "$COMMAND" || eval "$COMMAND" | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
should-run-codecov: false | ||
should-deploy: true | ||
should-validate-wrapper: false | ||
maven-central-password: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | ||
signing-key: ${{ secrets.SIGNING_KEY }} | ||
signing-password: ${{ secrets.SIGNING_PASSWORD }} | ||
# Test packages correctness | ||
test-packages: | ||
needs: | ||
- compute-build-ref | ||
- select-java-version | ||
- build | ||
strategy: | ||
matrix: | ||
os: [ windows-2022, macos-12, ubuntu-22.04 ] | ||
fail-fast: false | ||
runs-on: ${{ matrix.os }} | ||
concurrency: | ||
group: test-packages-${{ needs.compute-build-ref.outputs.build-ref }} | ||
cancel-in-progress: true | ||
steps: | ||
- name: Checkout | ||
uses: danysk/action-checkout@0.2.14 | ||
- name: Setup Java | ||
uses: actions/setup-java@v4.0.0 | ||
with: | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
distribution: 'temurin' | ||
- name: Install bsdtar | ||
if: runner.os == 'Linux' | ||
run: sudo apt update && sudo apt install libarchive-tools | ||
- name: Download packages | ||
uses: actions/download-artifact@v4.1.1 | ||
with: | ||
name: installer-package-${{ runner.os }} | ||
path: build/package/ | ||
merge-multiple: true | ||
- name: Test package | ||
shell: bash | ||
run: ./gradlew testJpackageOutput --info | ||
# Test PKGBUILD for aur release | ||
test-aur-package: | ||
needs: | ||
- compute-build-ref | ||
- select-java-version | ||
- build | ||
runs-on: ubuntu-22.04 | ||
container: | ||
image: archlinux:base-devel-20240101.0.204074 | ||
concurrency: | ||
group: test-aur-release-${{ needs.compute-build-ref.outputs.build-ref }} | ||
cancel-in-progress: true | ||
steps: | ||
- name: Setup arch | ||
run: | | ||
sudo pacman --noconfirm -Syu | ||
sudo pacman --noconfirm -Sy git rpm-tools | ||
- run: git config --system --add safe.directory /__w/Alchemist/Alchemist # https://github.com/actions/checkout/issues/1169 | ||
- name: Checkout | ||
uses: danysk/action-checkout@0.2.14 | ||
- name: Setup Java | ||
uses: actions/setup-java@v4.0.0 | ||
with: | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
distribution: 'temurin' | ||
- name: Download packages | ||
uses: actions/download-artifact@v4.1.1 | ||
with: | ||
pattern: installer-package-Linux | ||
path: build/package/ | ||
merge-multiple: true | ||
- name: Generate PKGBUILD | ||
run: ./gradlew generatePKGBUILD -DgeneratePKGBUILD.testSource=true | ||
- name: Makepkg Build and Check | ||
uses: edlanglois/pkgbuild-action@v1 | ||
with: | ||
pkgdir: build/package | ||
- name: Test installation | ||
working-directory: build/package | ||
run: | | ||
sudo pacman -U --noconfirm alchemist-*.zst | ||
(sudo pacman -Q | grep -q alchemist && echo "Success! Alchemist found in the package list") || exit 1 | ||
(/usr/bin/alchemist --help | grep -q options_list && echo "Success! Alchemist available") || exit 2 | ||
# Builds the website and verifies link sanity | ||
build-website: | ||
needs: | ||
- select-java-version | ||
- compute-build-ref | ||
runs-on: ubuntu-22.04 | ||
timeout-minutes: 30 | ||
concurrency: | ||
group: build-website-${{ needs.compute-build-ref.outputs.build-ref }} | ||
cancel-in-progress: true | ||
steps: | ||
- name: Checkout | ||
uses: danysk/action-checkout@0.2.14 | ||
- uses: DanySK/build-check-deploy-gradle-action@2.2.17 | ||
with: | ||
build-command: | | ||
for i in 1 2 3 4 5; do | ||
./gradlew hugoBuild --parallel && break || sleep 120 | ||
if [ "$i" = 5 ]; then | ||
false | ||
fi | ||
done | ||
check-command: true | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
should-run-codecov: false | ||
should-deploy: false | ||
should-validate-wrapper: false | ||
- name: Tar files | ||
run: tar -cvf website.tar build/website | ||
- name: Upload website | ||
uses: actions/upload-artifact@v4.3.0 | ||
with: | ||
name: website | ||
path: website.tar | ||
- uses: DanySK/build-check-deploy-gradle-action@2.2.17 | ||
with: | ||
build-command: | | ||
check-command: | | ||
# Temporarily disable checks on kdoc/javadoc: too many bugs in Dokka. | ||
# See: | ||
# https://github.com/Kotlin/dokka/issues/2320 | ||
# https://github.com/Kotlin/dokka/issues/2321 | ||
# https://github.com/Kotlin/dokka/issues/2322 | ||
# https://github.com/Kotlin/dokka/issues/2323 | ||
# Once everything gets fixed, lychee could simply run on '/website/**/*.html' | ||
FILES="$( | ||
find build/website/ -name '*.html' | | ||
grep -v /kdoc/ | | ||
grep -v /javadoc/ | | ||
grep -v /tags/ | | ||
sed -e 's#^build##' | ||
)" | ||
for file in $FILES; do | ||
# Ignore all meta tags containing absolute links | ||
perl -i -pe 's/<meta.*\"http.*\".*>//g' "build/$file" | ||
done | ||
CHECK_LINKS="docker run --rm -v ""$(pwd)/build/website:/website"" -e GITHUB_TOKEN lycheeverse/lychee:0.10.3 $(echo "$FILES") --exclude-file /website/lycheeignore -m 100 --accept 403,429,500,502,503" | ||
for i in 1 2 3 4 5; do | ||
$(echo $CHECK_LINKS) && break || sleep 30 | ||
if [ "$i" = 5 ]; then | ||
false | ||
fi | ||
done | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
should-run-codecov: false | ||
should-deploy: false | ||
should-validate-wrapper: false | ||
# Performs a release if needed | ||
release: | ||
concurrency: | ||
# Only one release job at a time per branch, as only master releases. | ||
# Strictly sequential. | ||
group: release-${{ github.event.number || github.ref }} | ||
needs: | ||
- compute-build-ref | ||
- select-java-version | ||
- build | ||
- build-website | ||
- test-deploy | ||
- test-packages | ||
- test-aur-package | ||
concurrency: | ||
# Only one release job at a time per branch, as only master releases. | ||
# Strictly sequential. | ||
group: release-${{ needs.compute-build-ref.outputs.build-ref }} | ||
runs-on: ubuntu-22.04 | ||
if: >- | ||
!github.event.repository.fork | ||
&& ( | ||
github.event_name != 'pull_request' | ||
|| github.event.pull_request.head.repo.full_name == github.repository | ||
) | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
with: | ||
submodules: recursive | ||
token: ${{ secrets.DEPLOYMENT_TOKEN }} | ||
- name: Checkout the docs | ||
if: contains(github.repository, 'AlchemistSimulator/Alchemist') | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
with: | ||
path: website | ||
fetch-depth: 0 | ||
persist-credentials: true | ||
repository: AlchemistSimulator/alchemistsimulator.github.io | ||
token: ${{ secrets.DEPLOYMENT_TOKEN }} | ||
- name: Download website artifact | ||
uses: actions/download-artifact@v4.1.1 | ||
with: | ||
name: website | ||
- name: Download packages | ||
uses: actions/download-artifact@v4.1.1 | ||
with: | ||
pattern: installer-package-* | ||
path: build/package/ | ||
merge-multiple: true | ||
- name: Download fatJars | ||
uses: actions/download-artifact@v4.1.1 | ||
with: | ||
name: fat-jars | ||
path: build/shadow/ | ||
merge-multiple: true | ||
- name: Find the version of Node from package.json | ||
id: node-version | ||
run: echo "version=$(jq -r .engines.node package.json)" >> $GITHUB_OUTPUT | ||
- name: Install Node | ||
uses: actions/setup-node@v4.0.1 | ||
with: | ||
node-version: ${{ steps.node-version.outputs.version }} | ||
- uses: DanySK/build-check-deploy-gradle-action@2.2.17 | ||
with: | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
build-command: | | ||
ls -ahl | ||
echo Copying the new website | ||
tar -xf website.tar | ||
echo Copying git information | ||
mv website/.git build/website/.git | ||
# git -C build/website/ status | ||
echo Removing old website | ||
rm -rf website | ||
echo Adding changes to the stage | ||
git -C build/website/ add . | ||
# git -C build/website/ status | ||
check-command: true | ||
deploy-command: | | ||
npm install | ||
npx semantic-release | ||
should-run-codecov: false | ||
should-deploy: true | ||
should-validate-wrapper: false | ||
github-token: ${{ secrets.DEPLOYMENT_TOKEN }} | ||
maven-central-password: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | ||
signing-key: ${{ secrets.SIGNING_KEY }} | ||
signing-password: ${{ secrets.SIGNING_PASSWORD }} | ||
custom-secret-0: ${{ secrets.AUR_USERNAME }} | ||
custom-secret-1: ${{ secrets.AUR_EMAIL }} | ||
custom-secret-2: ${{ secrets.AUR_SSH_PRIVATE_KEY }} | ||
success: | ||
runs-on: ubuntu-22.04 | ||
needs: | ||
- build | ||
- build-website | ||
- release | ||
- test-deploy | ||
- test-packages | ||
- test-aur-package | ||
if: >- | ||
always() && ( | ||
contains(join(needs.*.result, ','), 'failure') | ||
|| !contains(join(needs.*.result, ','), 'cancelled') | ||
) | ||
steps: | ||
- name: Verify that there were no failures | ||
run: ${{ !contains(join(needs.*.result, ','), 'failure') }} |