99 lines (99 loc) · 3.08 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
name: CI
on:
push:
branches:
- main
pull_request:
workflow_call:
inputs:
force_rebuild:
type: boolean
default: false
workflow_dispatch:
inputs:
force_rebuild:
type: boolean
default: false
jobs:
detect_changed_extensions:
name: Detect changed extensions
runs-on: ubuntu-latest
outputs:
changed_extensions: ${{ steps.detect-changed-files.outputs.changed_extensions }}
steps:
- uses: actions/checkout@v4
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v44
with:
files: |
buildkit/*.yaml
- id: detect-changed-files
run: |
changed_extensions=$(script/changed-extensions ${{ steps.changed-files.outputs.all_changed_files }})
if [ "${{ inputs.force_rebuild }}" = true ]; then
changed_extensions=".+"
fi
echo "$changed_extensions"
echo "changed_extensions=$changed_extensions" >> "$GITHUB_OUTPUT"
build:
name: Build Extensions
needs: [detect_changed_extensions]
uses: ./.github/workflows/build.yaml
with:
extensions: ${{ needs.detect_changed_extensions.outputs.changed_extensions }}
secrets: inherit
publish:
name: Publish Extensions
runs-on: ubuntu-latest
needs: build
if: github.ref == 'refs/heads/main'
steps:
- uses: ruby/setup-ruby@v1
with:
ruby-version: 3.2.2
- uses: actions/checkout@v4
with:
path: buildkit
- uses: actions/checkout@v4
with:
repository: deb-s3/deb-s3
path: deb-s3
ref: ee4fb051073a8387c9d3d5275a41194b62942c83
- name: Install deb-s3
run: |
gem install deb-s3
- name: Install pgxman
env:
REPO: pgxman/pgxman
run: |
curl -sfL https://install.pgx.sh | sh -
- name: Import GPG Key
env:
GPG_PRIVATE: ${{ secrets.GPG_PRIVATE }}
GPG_PUBLIC: ${{ secrets.GPG_PUBLIC }}
run: |
echo -e "$GPG_PRIVATE" | gpg --import --no-tty --batch --yes
echo -e "$GPG_PUBLIC" | gpg --import --no-tty --batch --yes
echo "allow-preset-passphrase" > ~/.gnupg/gpg-agent.conf
gpg-connect-agent RELOADAGENT /bye
- name: Download Artifacts
uses: actions/download-artifact@v4
with:
path: artifacts
merge-multiple: true
- name: Publish Artifacts
env:
AWS_DEBIAN_S3_BUCKET: ${{ secrets.AWS_DEBIAN_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
GPG_SIGNING_KEY_ID: C9ADBB93237BCD3B
PGXMAN_REGISTRY_URL: ${{ secrets.PGXMAN_REGISTRY_URL }}
run: |
if [ -d "$(pwd)/artifacts" ]; then
tree "$(pwd)/artifacts"
buildkit/script/deb-s3-upload "$(pwd)/artifacts"
buildkit/script/pgxman-publish "$(pwd)/artifacts" "$(pwd)/buildkit"
else
echo "No artifacts to publish"
fi