Merge #4092 Linux: Improve desktop entries #653
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy CKAN + NetKAN | |
on: | |
push: | |
branches: | |
- master | |
workflow_dispatch: | |
repository_dispatch: | |
types: | |
- deploy | |
concurrency: deploy | |
env: | |
AWS_S3_BUCKET: ksp-ckan | |
jobs: | |
test-release: | |
uses: ./.github/workflows/test.yml | |
smoke-inflator: | |
uses: ./.github/workflows/smoke.yml | |
check-dev-build: | |
runs-on: ubuntu-latest | |
outputs: | |
dev-build: ${{ steps.check-version.outputs.dev-build }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Treat as dev build if final piece of version is odd | |
id: check-version | |
shell: bash | |
run: | | |
VERSION=$(egrep '^\s*\#\#\s+v.*$' CHANGELOG.md | head -1 | sed -e 's/^\s*\#\#\s\+v//' -e 's/-.*$//') | |
if [[ $VERSION =~ [13579]$ ]] | |
then | |
echo 'dev-build=true' >> $GITHUB_OUTPUT | |
fi | |
upload-release-s3: | |
needs: | |
- test-release | |
- smoke-inflator | |
runs-on: ubuntu-latest | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
steps: | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
aws-region: us-east-1 | |
- uses: actions/checkout@v4 | |
- name: Download repack artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: Release-repack-unsigned | |
path: _build/repack/ | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: 3.11 | |
- name: Create a version.json file for dev builds on S3 | |
shell: bash | |
run: | | |
export PIP_ROOT_USER_ACTION=ignore | |
pip install gitpython | |
git config --global --add safe.directory '*' | |
python bin/version_info.py > _build/repack/Release/version.json | |
- name: Push ckan.exe, netkan.exe, and version.json to S3 | |
run: aws s3 sync _build/repack/Release s3://${AWS_S3_BUCKET} --follow-symlinks | |
upload-deb: | |
needs: | |
- check-dev-build | |
- test-release | |
- smoke-inflator | |
runs-on: ubuntu-latest | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
if: needs.check-dev-build.outputs.dev-build | |
steps: | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
aws-region: us-east-1 | |
- uses: actions/checkout@v4 | |
- name: Download repack artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: Release-repack-unsigned | |
path: _build/repack/ | |
- name: Build deb | |
env: | |
CODENAME: nightly | |
run: ./build deb --configuration=Release --exclusive | |
- name: Import GPG key | |
env: | |
DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }} | |
run: | | |
echo "$DEBIAN_PRIVATE_KEY" | base64 --decode | gpg --batch --import | |
gpg --list-secret-keys --keyid-format LONG | |
if: ${{ env.DEBIAN_PRIVATE_KEY }} | |
- name: Sign deb release | |
env: | |
CODENAME: nightly | |
DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }} | |
run: ./build deb-sign --configuration=Release --exclusive | |
if: ${{ env.DEBIAN_PRIVATE_KEY }} | |
- name: Push deb to S3 | |
run: aws s3 sync _build/deb/apt-repo-root s3://${AWS_S3_BUCKET}/deb --follow-symlinks | |
- name: Push nightly APT repo to S3 | |
run: aws s3 sync _build/deb/apt-repo-dist s3://${AWS_S3_BUCKET}/deb/dists/nightly --follow-symlinks | |
upload-rpm: | |
needs: | |
- check-dev-build | |
- test-release | |
- smoke-inflator | |
runs-on: ubuntu-latest | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
if: needs.check-dev-build.outputs.dev-build | |
steps: | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: us-east-1 | |
- uses: actions/checkout@v4 | |
- name: Install rpm build dependencies | |
run: sudo apt-get install -y createrepo-c | |
- name: Download repack artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: Release-repack-unsigned | |
path: _build/repack/ | |
- name: Build rpm | |
run: ./build rpm --configuration=Release --exclusive | |
- name: Import GPG key | |
env: | |
DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }} | |
run: | | |
echo "$DEBIAN_PRIVATE_KEY" | base64 --decode | gpg --batch --import | |
gpg --list-secret-keys --keyid-format LONG | |
if: ${{ env.DEBIAN_PRIVATE_KEY }} | |
- name: Build nightly RPM repo | |
env: | |
CODENAME: nightly | |
DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }} | |
run: ./build rpm-repo --configuration=Release --exclusive | |
if: ${{ env.DEBIAN_PRIVATE_KEY }} | |
- name: Push nightly PRM repo to S3 | |
run: aws s3 sync _build/rpm/repo s3://${AWS_S3_BUCKET}/rpm/nightly --follow-symlinks | |
upload-inflator: | |
needs: | |
- test-release | |
- smoke-inflator | |
runs-on: ubuntu-latest | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Download repack artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: Release-repack-unsigned | |
path: _build/repack/ | |
- name: Generate inflator Docker image, publish to Hub, and restart AWS containers | |
env: | |
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: us-west-2 | |
if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_PASSWORD }} | |
run: | | |
echo "$DOCKERHUB_PASSWORD" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin | |
./build docker-inflator --configuration=Release --exclusive | |
upload-metadata-tester: | |
needs: | |
- test-release | |
- smoke-inflator | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Download repack artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: Release-repack-unsigned | |
path: _build/repack/ | |
- name: Generate metadata tester Docker image and publish to Hub | |
env: | |
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} | |
if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_PASSWORD }} | |
run: | | |
echo "$DOCKERHUB_PASSWORD" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin | |
./build docker-metadata --configuration=Release --exclusive | |
notify-discord: | |
needs: | |
- test-release | |
- smoke-inflator | |
- upload-release-s3 | |
- upload-deb | |
- upload-rpm | |
- upload-inflator | |
- upload-metadata-tester | |
if: always() | |
uses: ./.github/workflows/notify.yml | |
with: | |
name: ${{ github.workflow }} | |
success: ${{ !contains(needs.*.result, 'failure') }} | |
secrets: inherit |