diff --git a/.github/actions/s3-distribution/action.yml b/.github/actions/s3-distribution/action.yml index 4662d71b..b1366d94 100644 --- a/.github/actions/s3-distribution/action.yml +++ b/.github/actions/s3-distribution/action.yml @@ -70,7 +70,7 @@ runs: ls -la "${{ inputs.artifacts-path }}" echo "Uploading tarballs to S3..." - npx oclif upload tarballs --root=${{ inputs.artifacts-path }} + npx oclif upload tarballs --targets=linux-x64,win32-x64,darwin-arm64 --no-xz echo "Verifying uploaded files in S3:" aws s3 ls s3://${{ inputs.bucket }}/versions/${{ inputs.version }}/ @@ -91,7 +91,9 @@ runs: --channel=${{ inputs.channel }} \ --version=${{ inputs.version }} \ --sha=${{ github.sha }} \ - --indexes + --indexes \ + --targets=linux-x64,win32-x64,darwin-arm64 \ + --ignore-missing echo "Verifying channel promotion in S3:" aws s3 ls s3://${{ inputs.bucket }}/channels/${{ inputs.channel }}/ diff --git a/.github/workflows/manual-release.yml b/.github/workflows/manual-release.yml index 08d34aad..3dd47331 100644 --- a/.github/workflows/manual-release.yml +++ b/.github/workflows/manual-release.yml @@ -34,38 +34,10 @@ jobs: run: echo "version=$(node -p "require('./package.json').version")" >> $GITHUB_OUTPUT outputs: version: ${{ steps.version.outputs.version }} - build-platform-tarballs: - strategy: - matrix: - include: - - os: windows-2022 - target: x86_64-pc-windows-msvc - code-target: win32-x64 - - os: ubuntu-20.04 - target: x86_64-unknown-linux-gnu - code-target: linux-x64 - - os: macos-14 - target: aarch64-apple-darwin - code-target: darwin-arm64 - name: Build ${{ matrix.code-target }} binaries - runs-on: ${{ matrix.os }} - needs: check - env: - version: ${{ needs.check.outputs.version }} - steps: - - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - name: Install Node.js - uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0 - with: - node-version-file: '.nvmrc' - - name: Build tarballs - uses: ./.github/actions/build-tarballs - with: - code-target: ${{ matrix.code-target }} + release: runs-on: ubuntu-latest - needs: [check, build-platform-tarballs] + needs: check permissions: contents: write id-token: write @@ -75,52 +47,59 @@ jobs: with: node-version-file: '.nvmrc' registry-url: 'https://registry.npmjs.org' + + # Build and test - run: npm ci - run: npm run build - run: npm test - run: npm run test:e2e - # NPM Release (always runs, respects dry-run) - - name: Create NPM release - run: npm publish --tag ${{ inputs.channel }} --provenance --access public ${{ inputs.dry-run == true && '--dry-run' || '' }} - env: - NODE_AUTH_TOKEN: ${{ secrets.HD_CLI_NPM_TOKEN }} + # Build platform-specific tarballs + - name: Install linux toolchain + run: | + sudo apt update + sudo apt install nsis p7zip-full p7zip-rar -y - # GitHub Release (only if not dry-run) - - name: Create Release - if: ${{ !inputs.dry-run }} - uses: ./.github/actions/create-release - with: - version: ${{ needs.check.outputs.version }} - channel: ${{ inputs.channel }} - github-token: ${{ secrets.GITHUB_TOKEN }} + - name: Build linux-x64 tarball + run: npx oclif pack tarballs --targets=linux-x64 --no-xz - # S3 Binary Distribution (only if not dry-run) - - name: Download CLI artifacts - if: ${{ !inputs.dry-run }} - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9 - with: - pattern: 'cli-tarballs-*' - path: ${{ github.workspace }}/dist - merge-multiple: true + - name: Build win32-x64 tarball + run: npx oclif pack tarballs --targets=win32-x64 --no-xz - - name: Debug downloaded artifacts - if: ${{ !inputs.dry-run }} - shell: bash - run: | - echo "=== Downloaded artifacts ===" - ls -la ${{ github.workspace }}/dist - echo "=== Contents of dist directory ===" - find ${{ github.workspace }}/dist -type f + - name: Build darwin-arm64 tarball + run: npx oclif pack tarballs --targets=darwin-arm64 --no-xz - - name: Distribute binaries to S3 + # S3 Distribution + - name: Configure AWS credentials if: ${{ !inputs.dry-run }} - uses: ./.github/actions/s3-distribution + uses: aws-actions/configure-aws-credentials@v4 with: - version: ${{ needs.check.outputs.version }} - channel: ${{ inputs.channel }} - bucket: end-of-life-dataset-cli-releases aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - artifacts-path: ${{ github.workspace }}/dist + + - name: Upload and promote to S3 + if: ${{ !inputs.dry-run }} + run: | + # Enable oclif debug logging + export DEBUG=oclif:* + + # Upload tarballs + npx oclif upload tarballs \ + --targets=linux-x64,win32-x64,darwin-arm64 \ + --no-xz + + # Promote to channel + npx oclif promote \ + --channel=${{ inputs.channel }} \ + --version=${{ needs.check.outputs.version }} \ + --sha=${{ github.sha }} \ + --indexes \ + --targets=linux-x64,win32-x64,darwin-arm64 \ + --ignore-missing + + # # NPM Release + - name: Create NPM release + run: npm publish --tag ${{ inputs.channel }} --provenance --access public ${{ inputs.dry-run == true && '--dry-run' || '' }} + env: + NODE_AUTH_TOKEN: ${{ secrets.HD_CLI_NPM_TOKEN }} diff --git a/package.json b/package.json index e61a2c04..400a6528 100644 --- a/package.json +++ b/package.json @@ -91,7 +91,7 @@ "s3": { "bucket": "end-of-life-dataset-cli-releases", "host": "https://end-of-life-dataset-cli-releases.s3.amazonaws.com", - "acl": "public-read" + "acl": "bucket-owner-full-control" } } },