From 926c138f7ec3e7c6932453082a48555b811345ad Mon Sep 17 00:00:00 2001 From: mozillazg Date: Wed, 17 May 2023 14:21:24 +0800 Subject: [PATCH] ci: add new dist publisher --- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 19 +++++- .gitignore | 2 + ci/ossutil/main.go | 112 ++++++++++++++++++++++++++++++++++ 4 files changed, 133 insertions(+), 2 deletions(-) create mode 100644 ci/ossutil/main.go diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a6b33975..e67f5209 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -31,7 +31,7 @@ jobs: # either 'goreleaser' (default) or 'goreleaser-pro' distribution: goreleaser version: latest - args: release --rm-dist + args: release env: GOPATH: ${{ env.HOME }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index fb1dbe2b..ec6933da 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -30,6 +30,8 @@ jobs: releaser-test: runs-on: ubuntu-latest + permissions: + id-token: write # This is required for requesting the JWT steps: - uses: actions/checkout@v3 @@ -46,10 +48,25 @@ jobs: # either 'goreleaser' (default) or 'goreleaser-pro' distribution: goreleaser version: latest - args: release --snapshot --rm-dist --skip-publish + args: release --snapshot --skip-publish env: GOPATH: ${{ env.HOME }} + - uses: 'mozillazg/alibabacloud-oidc-auth@v1' + with: + role-arn-to-assume: '${{ secrets.ALIBABA_CLOUD_RAM_ROLE_ARN }}' + oidc-provider-arn: '${{ secrets.ALIBABA_CLOUD_RAM_OIDC_ARN }}' + export-environment-variables: 'true' + - run: | + set -e + cd ci/ossutil && go build && \ + chmod +x ossutil && cp ossutil ../../cputil && cd ../../ + ./cputil --endpoint=oss-cn-hangzhou.aliyuncs.com \ + --bucket '${{ secrets.OSS_BUCKET_NAME }}' \ + --objectdir '${{ secrets.OSS_OBJECT_DIR }}/${{ github.ref_name }}' \ + dist/ack-ram-tool*.tar.gz + + build: runs-on: ubuntu-latest steps: diff --git a/.gitignore b/.gitignore index 7796e9e4..73c29daf 100644 --- a/.gitignore +++ b/.gitignore @@ -21,3 +21,5 @@ kubeconfig /examples/rrsa/go-sdk/go-sdk /bin/ /examples/rrsa/kaniko-in-ack/deploy.yaml +ossutil +cputil diff --git a/ci/ossutil/main.go b/ci/ossutil/main.go new file mode 100644 index 00000000..221924df --- /dev/null +++ b/ci/ossutil/main.go @@ -0,0 +1,112 @@ +package main + +import ( + "flag" + "fmt" + "log" + "path" + "time" + + "github.com/alibabacloud-go/tea/tea" + "github.com/aliyun/aliyun-oss-go-sdk/oss" + "github.com/aliyun/credentials-go/credentials" +) + +type ossCredentials struct { + teaCred credentials.Credential +} + +func (cred *ossCredentials) GetAccessKeyID() string { + value, err := cred.teaCred.GetAccessKeyId() + if err != nil { + log.Printf("get access key id failed: %+v", err) + return "" + } + return tea.StringValue(value) +} + +func (cred *ossCredentials) GetAccessKeySecret() string { + value, err := cred.teaCred.GetAccessKeySecret() + if err != nil { + log.Printf("get access key secret failed: %+v", err) + return "" + } + return tea.StringValue(value) +} + +func (cred *ossCredentials) GetSecurityToken() string { + value, err := cred.teaCred.GetSecurityToken() + if err != nil { + log.Printf("get access security token failed: %+v", err) + return "" + } + return tea.StringValue(value) +} + +type ossCredentialsProvider struct { + cred credentials.Credential +} + +func (p *ossCredentialsProvider) GetCredentials() oss.Credentials { + return &ossCredentials{teaCred: p.cred} +} + +func NewClient(endpoint string) (*oss.Client, error) { + cred, err := credentials.NewCredential(nil) + if err != nil { + return nil, err + } + provider := &ossCredentialsProvider{cred: cred} + client, err := oss.New(endpoint, "", "", oss.SetCredentialsProvider(provider)) + return client, err +} + +func UploadFile(bucket *oss.Bucket, baseObjectDir, filePath string) (string, error) { + objectPath := fmt.Sprintf("%s/%s", baseObjectDir, path.Base(filePath)) + + var err error + maxN := 5 + for i := 0; i < maxN; i++ { + err = bucket.PutObjectFromFile(objectPath, filePath) + if err == nil { + return objectPath, nil + } + log.Printf("%d/%d upload file failed: %s", i+1, maxN, err) + if i < maxN { + time.Sleep(time.Second * 3 * time.Duration(i+1)) + } + } + if err != nil { + return "", err + } + return objectPath, nil +} + +func main() { + endpoint := flag.String("endpoint", "", "") + bucketName := flag.String("bucket", "", "") + objectDir := flag.String("objectdir", "", "") + flag.Parse() + + filepathList := flag.Args() + if *endpoint == "" || *bucketName == "" || *objectDir == "" || len(filepathList) == 0 { + log.Fatalln("missing required arguments") + } + + client, err := NewClient(*endpoint) + if err != nil { + log.Fatalf("init client failed: %s", err) + } + bucket, err := client.Bucket(*bucketName) + if err != nil { + log.Fatalf("init bucket client failed: %s", err) + } + + for _, ph := range filepathList { + _, err = UploadFile(bucket, *objectDir, ph) + if err != nil { + log.Fatalf("upload %s failed: %s", ph, err) + } + log.Printf("uploaded %s to oss", ph) + } +}