.github/workflows/ci.yaml

name: release posichain

on:
  push:
    tags:
      - v*

jobs:
  check:
    name: Per-check for current tag
    runs-on: ubuntu-latest
    continue-on-error: false
    outputs:
      tag_annotated: ${{ steps.check-tag-annotated.outputs.tag_annotated }}

    steps:
      - name: Checkout posichain core code
        uses: actions/checkout@v2
        with:
          path: posichain
          ref: ${{ github.ref }}
          fetch-depth: 0

      - name: Check tag annotated
        id: check-tag-annotated
        run: |
          VERSION=$(git tag -l --sort=-v:refname | head -n 1)
          if git rev-parse $VERSION^{tag} -- &>/dev/null
          then
            echo "::set-output name=tag_annotated::true"
          else
            echo "::set-output name=tag_annotated::false"
          fi
        working-directory: posichain

  build:
    name: Build posichain binary
    needs: check
    runs-on: ${{ matrix.os }}
    if: needs.check.outputs.tag_annotated == 'true'
    strategy:
      matrix:
        os: [ubuntu-latest, macos-12]

    steps:
      - name: Import GPG key
        uses: crazy-max/ghaction-import-gpg@v3
        with:
          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
          passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASS }}

      - name: Set up Go 1.18
        uses: actions/setup-go@v2
        with:
          go-version: 1.18.4

      - name: Checkout dependence repo
        uses: actions/checkout@v2
        with:
          repository: PositionExchange/mcl
          path: mcl

      - name: Checkout dependence repo
        uses: actions/checkout@v2
        with:
          repository: PositionExchange/bls
          path: bls

      - name: Checkout posichain core code
        uses: actions/checkout@v2
        with:
          path: posichain
          ref: ${{ github.ref }}
          fetch-depth: 0

      - name: Get latest version and release
        run: |
          VERSION=$(git tag -l --sort=-v:refname | head -n 1 | tr -d v)
          RELEASE=$(git describe --long | cut -f2 -d-)
          echo "build_version=$VERSION" >> $GITHUB_ENV
          echo "build_release=$RELEASE" >> $GITHUB_ENV
        working-directory: posichain

      - name: Build posichain binary and packages for Linux
        if: matrix.os == 'ubuntu-latest'
        run: |
          make linux_static
          make deb
          echo %_signature gpg >> $HOME/.rpmmacros && echo "%_gpg_name Posichain (posichain.org)" >> $HOME/.rpmmacros
          make rpm
          mv ./bin/posichain ./bin/posichain-amd64
          mv ./bin/bootnode ./bin/bootnode-amd64
          mv $HOME/debbuild/posichain-$build_version-$build_release.deb ./bin/
          mv $HOME/rpmbuild/RPMS/x86_64/posichain-$build_version-$build_release.x86_64.rpm ./bin/
          ./bin/posichain-amd64 config dump -n=mainnet ./bin/posichain-mainnet.conf
          ./bin/posichain-amd64 config dump -n=testnet ./bin/posichain-testnet.conf
          ./bin/posichain-amd64 config dump -n=devnet ./bin/posichain-devnet.conf
        working-directory: posichain

      - name: Build posichain binary and packages for MacOS
        if: matrix.os == 'macos-12'
        run: |
          brew install bash
          sudo rm -f /usr/local/opt/openssl
          sudo ln -sf /usr/local/opt/openssl@1.1 /usr/local/opt/openssl
          make
          cd ./bin && mkdir ./lib && mv ./*.dylib ./lib && rm -f ./bootnode
          gpg --detach-sign posichain
          zip -qr ./posichain-macos.zip ./*
          rm -rf `ls * | egrep -v posichain-macos.zip`
        working-directory: posichain

      - name: Upload artifact
        uses: actions/upload-artifact@v2
        with:
          name: posichain
          path: posichain/bin/*
          retention-days: 1

  release-page:
    name: Sign binary and create and publish release page
    needs: [check, build]
    runs-on: ubuntu-latest
    if: needs.check.outputs.tag_annotated == 'true'

    steps:
      - name: Import GPG key
        uses: crazy-max/ghaction-import-gpg@v3
        with:
          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
          passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASS }}

      - name: Checkout posichain core code
        uses: actions/checkout@v2
        with:
          path: posichain
          ref: ${{ github.ref }}
          fetch-depth: 0

      - name: Get latest version
        run: |
          VERSION=$(git tag -l --sort=-v:refname | head -n 1 | tr -d v)
          VERSION_LONG=$(git describe --always --long --dirty)
          RELEASE=$(git describe --long | cut -f2 -d-)
          echo "build_version=$VERSION" >> $GITHUB_ENV
          echo "build_version_long=$VERSION_LONG" >> $GITHUB_ENV
          echo "build_release=$RELEASE" >> $GITHUB_ENV
        working-directory: posichain

      - name: Download artifact
        uses: actions/download-artifact@v2
        with:
          name: posichain

      - name: Signed amd64 posichain binary
        run: |
          gpg --detach-sign posichain-amd64
          sha256sum posichain-amd64 >> posichain-amd64.sha256

      - name: Signed macos posichain binary
        run: |
          shasum -a 256 posichain-macos.zip >> posichain-macos.zip.sha256

      - name: Get tag message
        env:
          TAG_SHA: ${{ github.event.after }}
        run: |
          touch ./tag_message.md
          TAG_MESSAGE=$(git cat-file tag v$build_version | tail -n+6)
          echo -e "$TAG_MESSAGE\n\nThe released version: $build_version_long" >> ./tag_message.md
        working-directory: posichain

      - name: Create Release
        id: create_release
        uses: actions/create-release@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tag_name: ${{ github.ref }}
          release_name: Release ${{ env.build_version }}
          draft: true
          prerelease: false
          body_path: ./posichain/tag_message.md

      - name: Upload posichain amd64 binary for Linux
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./posichain-amd64
          asset_name: posichain-amd64
          asset_content_type: application/octet-stream

      - name: Upload sha256 signature of posichain amd64 binary for Linux
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./posichain-amd64.sha256
          asset_name: posichain-amd64.sha256
          asset_content_type: text/plain

      - name: Upload gpg signature of posichain amd64 binary for Linux
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./posichain-amd64.sig
          asset_name: posichain-amd64.sig
          asset_content_type: application/octet-stream

      - name: Upload posichain deb package for Linux
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./posichain-${{ env.build_version }}-${{ env.build_release }}.deb
          asset_name: posichain-${{ env.build_version }}.deb
          asset_content_type: application/x-deb

      - name: Upload posichain rpm package for Linux
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./posichain-${{ env.build_version }}-${{ env.build_release }}.x86_64.rpm
          asset_name: posichain-${{ env.build_version }}.x86_64.rpm
          asset_content_type: application/x-rpm

      - name: Upload posichain binary for MacOS
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./posichain-macos.zip
          asset_name: posichain-macos-${{ env.build_version }}.zip
          asset_content_type: application/zip

      - name: Upload sha256 signature of posichain for MacOS
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./posichain-macos.zip.sha256
          asset_name: posichain-macos.zip.sha256
          asset_content_type: text/plain

      - name: Upload bootnode amd64 binary for Linux
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./bootnode-amd64
          asset_name: bootnode-amd64
          asset_content_type: application/octet-stream

      - name: Upload mainnet config
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./posichain-mainnet.conf
          asset_name: posichain-mainnet.conf
          asset_content_type: text/plain

      - name: Upload testnet config
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./posichain-testnet.conf
          asset_name: posichain-testnet.conf
          asset_content_type: text/plain

      - name: Upload devnet config
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./posichain-devnet.conf
          asset_name: posichain-devnet.conf
          asset_content_type: text/plain