Build, test and publish #1070
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build, test and publish | |
| on: | |
| push: | |
| branches: '**' | |
| release: | |
| types: [created] | |
| schedule: | |
| # Daily 5am australian/brisbane time (7pm UTC) | |
| - cron: '0 19 * * *' | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| name: Build and unit test code | |
| runs-on: windows-latest | |
| # conditionally skip build on PR merge of release-please, because the release creation is going to trigger the real build | |
| if: ${{ github.ref_name != github.event.repository.default_branch || github.event.head_commit.author.username != 'team-integrations-fnm-bot' }} | |
| outputs: | |
| version: ${{ steps.nuke-build.outputs.version }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup .NET | |
| uses: actions/setup-dotnet@v2 | |
| with: | |
| dotnet-version: 6.0.x | |
| - name: Run Nuke Build 🏗 | |
| id: nuke-build | |
| env: | |
| DOTNET_CLI_TELEMETRY_OPTOUT: true | |
| DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true | |
| OCTOVERSION_CurrentBranch: ${{ (github.event_name == 'schedule' && 'nightly') || github.head_ref || github.ref }} # For pull_request events we override the /refs/pull/xx/merge branch to the PR's head branch | |
| RunNumber: ${{ github.run_number }} | |
| AzureKeyVaultUrl: ${{ secrets.AZURE_KEYVAULT_URL }} | |
| AzureKeyVaultAppId: ${{ secrets.AZURE_KEYVAULT_CLIENT_ID }} | |
| AzureKeyVaultTenantId: ${{ secrets.AZURE_KEYVAULT_TENANT_ID }} | |
| AzureKeyVaultAppSecret: ${{ secrets.AZURE_KEYVAULT_CLIENT_SECRET }} | |
| AzureKeyVaultCertificateName: ${{ secrets.AZURE_KEYVAULT_CERTIFICATE_NAME }} | |
| run: | | |
| ./build.cmd | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: artifacts | |
| path: artifacts/ | |
| docker-build: | |
| name: Create and test Docker image | |
| needs: build | |
| runs-on: ubuntu-latest | |
| env: | |
| VERSION: ${{ needs.build.outputs.version }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: artifacts | |
| path: artifacts | |
| - name: Build Docker image | |
| id: build-docker-image | |
| run: | | |
| PLATFORM="alpine" | |
| TAG="octopusdeploy/octo-prerelease:${VERSION}-${PLATFORM}" | |
| LATEST="octopusdeploy/octo-prerelease:latest-${PLATFORM}" | |
| echo "DOCKER_IMAGE_TAG=${TAG}" >> $GITHUB_OUTPUT | |
| docker build \ | |
| --build-arg OCTO_TOOLS_VERSION=${VERSION} \ | |
| --file "${{ github.workspace }}/Dockerfiles/${PLATFORM}/Dockerfile" \ | |
| --tag ${TAG} \ | |
| --tag ${LATEST} \ | |
| ${{ github.workspace }}/artifacts | |
| - name: Test Docker image | |
| run: | | |
| OCTO_RESPONSE="$(docker run --rm ${{ steps.build-docker-image.outputs.DOCKER_IMAGE_TAG }} version)" | |
| if [[ "$OCTO_RESPONSE" == "$VERSION" ]] | |
| then | |
| echo "Image successfully created - running 'docker run --rm ${DOCKER_IMAGE_TAG} version' returned ${OCTO_RESPONSE}" | |
| else | |
| echo "Built image did not return expected version ${VERSION} - it returned ${OCTO_RESPONSE}" >&2 && exit 1 | |
| fi | |
| - name: Package Docker image | |
| run: | | |
| tarFile="Octo.Docker.Image.$VERSION.tar" | |
| gzipFile="${tarFile}.gz" | |
| docker save \ | |
| --output "${{ github.workspace }}/artifacts/${tarFile}" \ | |
| octopusdeploy/octo-prerelease | |
| gzip -c "${{ github.workspace }}/artifacts/${tarFile}" > "${{ github.workspace }}/artifacts/${gzipFile}" | |
| rm "${{ github.workspace }}/artifacts/${tarFile}" | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: docker-image | |
| path: artifacts/Octo.Docker.Image.*.tar.gz | |
| linux-distro-packages-build: | |
| name: Create Linux distro packages | |
| needs: build | |
| runs-on: ubuntu-latest | |
| env: | |
| VERSION: ${{ needs.build.outputs.version }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/checkout@v3 | |
| with: | |
| repository: OctopusDeploy/linux-package-feeds | |
| token: ${{ secrets.RENOVATE_GITHUB_TOKEN }} | |
| path: linux-package-feeds-repo | |
| - run: | | |
| ln -s linux-package-feeds-repo/source linux-package-feeds | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: artifacts | |
| path: artifacts | |
| - name: Extract linux-x64 package | |
| run: | | |
| mkdir -p artifacts/OctopusTools.$VERSION.linux-x64.extracted | |
| tar -xf artifacts/OctopusTools.$VERSION.linux-x64.tar.gz -C artifacts/OctopusTools.$VERSION.linux-x64.extracted | |
| - name: Build the distro images | |
| env: | |
| SIGN_PRIVATE_KEY: ${{ secrets.SIGN_LINUX_DISTRO_PRIVATE_KEY }} | |
| SIGN_PASSPHRASE: ${{ secrets.SIGN_LINUX_DISTRO_PASSPHRASE }} | |
| run: | | |
| docker run --env VERSION=$VERSION --env BINARIES_PATH=/artifacts/OctopusTools.$VERSION.linux-x64.extracted/ \ | |
| --env PACKAGES_PATH=/artifacts --env SIGN_PRIVATE_KEY --env SIGN_PASSPHRASE \ | |
| --volume ${{ github.workspace }}/BuildAssets:/BuildAssets \ | |
| --volume ${{ github.workspace }}/linux-package-feeds:/opt/linux-package-feeds \ | |
| --volume ${{ github.workspace }}/artifacts:/artifacts \ | |
| --rm --tty \ | |
| octopusdeploy/package-linux-docker:latest \ | |
| bash -c /BuildAssets/create-octopuscli-linux-packages.sh | |
| - name: Re-compress result | |
| run: | | |
| rm -rf ${{ github.workspace }}/artifacts/OctopusTools.$VERSION.linux-x64.extracted | |
| mkdir -p ${{ github.workspace }}/artifacts/linuxpackages | |
| mv ${{ github.workspace }}/artifacts/*.deb ${{ github.workspace }}/artifacts/linuxpackages | |
| mv ${{ github.workspace }}/artifacts/*.rpm ${{ github.workspace }}/artifacts/linuxpackages | |
| cp ${{ github.workspace }}/linux-package-feeds/publish-apt.sh \ | |
| ${{ github.workspace }}/linux-package-feeds/publish-rpm.sh \ | |
| ${{ github.workspace }}/BuildAssets/repos/test-linux-package-from-feed-in-dists.sh \ | |
| ${{ github.workspace }}/BuildAssets/repos/test-linux-package-from-feed.sh \ | |
| ${{ github.workspace }}/BuildAssets/test-linux-package.sh \ | |
| ${{ github.workspace }}/linux-package-feeds/install-linux-package.sh \ | |
| ${{ github.workspace }}/linux-package-feeds/install-linux-feed-package.sh \ | |
| ${{ github.workspace }}/artifacts/linuxpackages | |
| zip -rj ${{ github.workspace }}/artifacts/OctopusTools.Packages.linux-x64.$VERSION.zip ${{ github.workspace }}/artifacts/linuxpackages | |
| rm -rf ${{ github.workspace }}/artifacts/linuxpackages | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: packages-linux | |
| path: artifacts/OctopusTools.Packages.linux-x64.${{ needs.build.outputs.version }}.zip | |
| linux-distro-packages-test: | |
| name: Test Linux distro packages | |
| needs: [build, linux-distro-packages-build, docker-build] | |
| runs-on: ubuntu-latest | |
| env: | |
| VERSION: ${{ needs.build.outputs.version }} | |
| strategy: | |
| matrix: | |
| distro: [ | |
| 'debian:stable-slim', | |
| 'debian:oldstable-slim', | |
| 'ubuntu:latest', | |
| 'ubuntu:focal', | |
| 'ubuntu:bionic', | |
| 'ubuntu:xenial', | |
| 'ubuntu:trusty', | |
| 'fedora:32', | |
| 'linuxmintd/mint19.3-amd64', | |
| 'roboxes/rhel8', | |
| 'roboxes/rhel7' | |
| ] | |
| steps: | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: packages-linux | |
| path: artifacts | |
| - name: Extract package | |
| run: unzip ${{ github.workspace }}/artifacts/OctopusTools.Packages.linux-x64.$VERSION.zip -d ${{ github.workspace }}/artifacts/OctopusTools.Packages | |
| - name: Test the distro image | |
| env: | |
| OCTOPUS_CLI_SERVER: ${{ secrets.OCTOPUS_URL }} | |
| OCTOPUS_CLI_API_KEY: ${{ secrets.OCTOPUS_API_KEY }} | |
| REDHAT_SUBSCRIPTION_USERNAME: ${{ secrets.REDHAT_SUBSCRIPTION_USERNAME }} | |
| REDHAT_SUBSCRIPTION_PASSWORD: ${{ secrets.REDHAT_SUBSCRIPTION_PASSWORD }} | |
| run: | | |
| docker run --env OCTOPUS_SPACE=Integrations --env "OCTOPUS_EXPECT_ENV=Components - Internal" --env PKG_PATH_PREFIX=octopuscli \ | |
| --env REDHAT_SUBSCRIPTION_USERNAME --env REDHAT_SUBSCRIPTION_PASSWORD --env OCTOPUS_CLI_SERVER --env OCTOPUS_CLI_API_KEY \ | |
| --volume ${{ github.workspace }}/artifacts/OctopusTools.Packages:/working \ | |
| --rm --tty \ | |
| ${{ matrix.distro }} \ | |
| bash -c "cd /working && bash ./test-linux-package.sh" | |
| publish: | |
| name: Publish the packages | |
| needs: [build, docker-build, linux-distro-packages-test] | |
| runs-on: ubuntu-latest | |
| env: | |
| OCTOPUS_URL: ${{ secrets.OCTOPUS_URL }} | |
| OCTOPUS_API_KEY: ${{ secrets.OCTOPUS_API_KEY }} | |
| VERSION: ${{ needs.build.outputs.version }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: artifacts | |
| path: artifacts | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: packages-linux | |
| path: artifacts | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: docker-image | |
| path: artifacts | |
| - name: Generate sha256 checksums | |
| if: github.event_name == 'release' | |
| run: | | |
| releaseVersion=${{ needs.build.outputs.version }} | |
| for filePath in $(find artifacts/* -name "OctopusTools.${releaseVersion}.*.tar.gz" -or -name "OctopusTools.${releaseVersion}.*.zip") | |
| do | |
| fileName="$(basename -- $filePath)" | |
| newSha=$(sha256sum "$filePath" | awk '{ print $1 }') | |
| echo "$newSha $fileName" >> artifacts/OctopusTools.${releaseVersion}.SHA256SUMS | |
| done | |
| - name: Upload binaries and checksum file to release | |
| if: github.event_name == 'release' | |
| run: | | |
| releaseVersion=${{ needs.build.outputs.version }} | |
| args=("v$releaseVersion") | |
| for filePath in $(find artifacts/* -name "OctopusTools.${releaseVersion}.*.tar.gz" -or -name "OctopusTools.${releaseVersion}.*.zip" -or -name '*.SHA256SUMS') | |
| do | |
| args+=($filePath) | |
| done | |
| gh release upload ${args[@]} | |
| - name: Compress packages | |
| id: compress-packages | |
| run: | | |
| cd artifacts | |
| tar -xf OctopusTools.$VERSION.linux-x64.tar.gz | |
| zip OctopusTools.Zips.$VERSION.zip *.zip *.tar.gz | |
| - name: Push a package to Octopus Deploy 🐙 | |
| uses: OctopusDeploy/push-package-action@v3 | |
| with: | |
| space: Integrations | |
| packages: | | |
| artifacts/Octopus.DotNet.Cli.${{ needs.build.outputs.version }}.nupkg | |
| artifacts/OctopusTools.${{ needs.build.outputs.version }}.nupkg | |
| artifacts/Octo.Docker.Image.${{ needs.build.outputs.version }}.tar.gz | |
| artifacts/OctopusTools.Packages.linux-x64.${{ needs.build.outputs.version }}.zip | |
| artifacts/OctopusTools.Zips.${{ needs.build.outputs.version }}.zip | |
| - name: Fetch Release Notes | |
| id: fetch-release-notes | |
| if: github.event_name == 'release' | |
| run: | | |
| echo "::debug::${{github.event_name}}" | |
| OUTPUT_FILE="release_notes.txt" | |
| jq --raw-output '.release.body' ${{ github.event_path }} | sed 's#\r# #g' > $OUTPUT_FILE | |
| echo "release-note-file=$OUTPUT_FILE" >> $GITHUB_OUTPUT | |
| - name: Create a release in Octopus Deploy 🐙 | |
| uses: OctopusDeploy/create-release-action@v3 | |
| with: | |
| space: Integrations | |
| project: 'Octopus CLI' | |
| package_version: ${{ needs.build.outputs.version }} | |
| packages: '*:NuGet.CommandLine:4.4.1' | |
| release_notes_file: ${{ (github.event_name == 'release' && steps.fetch-release-notes.outputs.release-note-file) || ''}} | |
| git_ref: ${{ (github.ref_type == 'tag' && github.event.repository.default_branch ) || (github.head_ref || github.ref) }} | |
| git_commit: ${{ github.event.after || github.event.pull_request.head.sha }} |