-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloudbuild.yaml
117 lines (99 loc) · 2.96 KB
/
cloudbuild.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
steps:
- name: tarosky/gcbseq:latest
args:
- -n
- cloudbuild-gutenberg-parallelefs
- -o
- work/BUILD_NUMBER
- -i
- '1'
env:
- PROJECT_ID=$PROJECT_ID
- name: gcr.io/cloud-builders/curl
entrypoint: bash
args:
- -c
- script/cloudbuild/download-jq
- name: gcr.io/cloud-builders/gcloud
# Decrypt GitHub token
entrypoint: bash
args:
- -c
- |
set -eu
base64 -d <<< "$_ENCRYPTED_GITHUB_TOKEN" | gcloud kms decrypt \
--ciphertext-file=- \
--plaintext-file="work/github-token.txt" \
--location=global \
--keyring=cloudbuild \
--key=github_token
- name: golang:1.20
args:
- go
- build
- -o
- work/parallelefs
env:
- GO111MODULE=on
- CGO_ENABLED=0
- name: gcr.io/cloud-builders/curl
# Generate version
entrypoint: bash
args:
- -c
- |
set -eu
vcurl () {
local tmp
local code
tmp="$(mktemp)"
code="$(curl -sSLD /dev/stderr -w '%{http_code}' -o "$tmp" "$@")"
cat "$tmp"
rm "$tmp"
if [ 200 -le "$code" ] && [ "$code" -lt 300 ]; then
return 0
fi
echo "failed: status code: $code"
return 204
}
export -f vcurl
if [ "$BRANCH_NAME" = "$_MAIN_BRANCH" ]; then
build_url='https://console.cloud.google.com/cloud-build/builds/$BUILD_ID?project=$PROJECT_ID'
build_num="$(< work/BUILD_NUMBER)"
body="$(cat <<EOF
[Google Cloud Build]($build_url)
EOF
)"
json="$(work/cache/jq -n \
--arg tag "build-$build_num" \
--arg commit "$COMMIT_SHA" \
--arg name "Build $build_num" \
--arg body "$body" \
'{tag_name: $tag, target_commitish: $commit, name: $name, body: $body}')"
echo "$json"
vcurl --user "$_GITHUB_USER:$(< work/github-token.txt)" \
-H "Content-Type: application/json" -X POST -d "$json" "$_GITHUB_API/releases" | tee work/release.json
release_id="$(work/cache/jq '.id' work/release.json)"
export release_id
vcurl \
--user "$_GITHUB_USER:$(< work/github-token.txt)" \
-H "Content-Type: application/json" -X POST --data-binary @work/parallelefs \
"$_GITHUB_UPLOADS/releases/$release_id/assets?name=parallelefs"
fi
env:
- AWS_DEFAULT_REGION=ap-northeast-1
substitutions:
# _ENCRYPTED_GITHUB_TOKEN was generated using the following command:
#
# gcloud kms encrypt \
# --plaintext-file=github-token.txt \
# --ciphertext-file=- \
# --location=global \
# --keyring=cloudbuild \
# --key=github_token | base64 -w 0
_ENCRYPTED_GITHUB_TOKEN: CiQAXggxFlZO0lAp/hGWfwr0RvWjEv6WHir+iu9iMhizQLKk7lgSUQABGSIRu7qIi1IMt1ub3ahxfKXJDC//XzpD99uTT9ZdIjKx1dsK6PXT2RaKhyoiY2MNu13wG7Kuj0S+eSgeYPmyvsqzCoq9ucl/4SzBlC11XQ==
_GITHUB_USER: taroskybot
_GITHUB_API: https://api.github.com/repos/tarosky/gutenberg-parallelefs
_GITHUB_UPLOADS: https://uploads.github.com/repos/tarosky/gutenberg-parallelefs
_GITHUB_RELEASES: https://github.com/tarosky/gutenberg-parallelefs/releases
_MAIN_BRANCH: master