publish release

2023-03-30 14:25:58 +02:00 · 2023-03-30 14:25:58 +02:00 · 70d68a491d
parent a06bc05fd1
commit 70d68a491d
6 changed files with 195 additions and 1 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,3 @@
 .git
 Dockerfile
 forgejo-runner
--- a/.forgejo/workflows/integration.yml
+++ b/.forgejo/workflows/integration.yml
@ -0,0 +1,51 @@
 name: Test the release process
 on: 
  pull_request:
    paths: '.forgejo/workflows/release.yml'
 jobs:
  release-simulation:
    runs-on: self-hosted
    steps:
      - uses: actions/checkout@v3
      - id: forgejo
        uses: https://code.forgejo.org/actions/setup-forgejo@v1
        with:
          user: root
          password: admin1234
          image-version: 1.19
      - run: |
          LXC_IP_PREFIX=10.0.9 forgejo-dependencies.sh
      - name: publish the runner release
        run: |
          set -x
          dir=$(mktemp -d)
          trap "rm -fr $dir" EXIT
          url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }}
          export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}"
          #
          # Create a new project with the runner and the release workflow only
          #
          rsync -a --exclude .git ./ $dir/
          rm $(find $dir/.forgejo/workflows | grep -v release.yml)
          forgejo-test-helper.sh push $dir $url root runner
          sha=$(git -C $dir rev-parse HEAD)
          #
          # Push a tag to trigger the release workflow and wait for it to complete
          #
          forgejo-test-helper.sh api POST $url repos/root/runner/tags ${{ steps.forgejo.outputs.token }} --data-raw '{"tag_name": "v1.2.3", "target": "'$sha'"}'
          forgejo-test-helper.sh wait_success "$url" root/runner $sha
          #
          # Minimal sanity checks. e2e test is for the setup-forgejo action
          # and the infrastructure playbook.
          #
          curl -sS $url/root/runner/releases/download/v1.2.3/runner-1.2.3-amd64 > /dev/null
--- a/.forgejo/workflows/release.yml
+++ b/.forgejo/workflows/release.yml
@ -0,0 +1,114 @@
 name: Publish release
 on: 
  push:
    tags: 'v*'
 jobs:
  release:
    runs-on: self-hosted
    steps:
      - uses: actions/checkout@v3
      - id: verbose
        run: |
          # if there are no secrets, be verbose
          if test -z "${{ secrets.TOKEN }}"; then
            value=true
          else
            value=false
          fi
          echo "value=$value" >> "$GITHUB_OUTPUT"
          echo "shell=set -x" >> "$GITHUB_OUTPUT"
      - id: registry
        run: |
          ${{ steps.verbose.outputs.shell }}
          url="${{ env.GITHUB_SERVER_URL }}"
          hostport=${url##http*://}
          hostport=${hostport%%/}
          echo "host-port=${hostport}" >> "$GITHUB_OUTPUT"
          if ! [[ $url =~ ^http:// ]] ; then
             exit 0
          fi
          cat >> "$GITHUB_OUTPUT" <<EOF
          insecure=true
          buildx-config<<ENDVAR
          [registry."${hostport}"]
            http = true
          ENDVAR
          EOF
      - id: secrets
        run: |
          token="${{ secrets.TOKEN }}"
          doer="${{ secrets.DOER }}"
          if test -z "$token"; then
             apt-get -qq install -y jq
             doer=root
             api=http://$doer:admin1234@${{ steps.registry.outputs.host-port }}/api/v1/users/$doer/tokens
             curl -sS -X DELETE $api/release
             token=$(curl -sS -X POST -H 'Content-Type: application/json' --data-raw '{"name": "release", "scopes": ["all"]}' $api | jq --raw-output .sha1)
          fi
          echo "token=${token}" >> "$GITHUB_OUTPUT"
          echo "doer=${doer}" >> "$GITHUB_OUTPUT"
      - name: allow docker pull/push to forgejo
        if: ${{ steps.registry.outputs.insecure }}
        run: |-
          mkdir /etc/docker
          cat > /etc/docker/daemon.json <<EOF
            {
              "insecure-registries" : ["${{ steps.registry.outputs.host-port }}"],
              "bip": "172.26.0.1/16"
            }
          EOF
      - run: |
          echo deb http://deb.debian.org/debian bullseye-backports main | tee /etc/apt/sources.list.d/backports.list && apt-get -qq update
          DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -qq -y -t bullseye-backports docker.io
      - uses: https://github.com/docker/setup-buildx-action@v2
        with:
          config-inline: |
           ${{ steps.registry.outputs.buildx-config }}
      - run: |
          BASE64_AUTH=`echo -n "${{ steps.secrets.outputs.doer }}:${{ steps.secrets.outputs.token }}" | base64`
          mkdir -p ~/.docker
          echo "{\"auths\": {\"$CI_REGISTRY\": {\"auth\": \"$BASE64_AUTH\"}}}" > ~/.docker/config.json
        env:
          CI_REGISTRY: "${{ env.GITHUB_SERVER_URL }}${{ env.GITHUB_REPOSITORY_OWNER }}"
      - id: build
        run: |
          ${{ steps.verbose.outputs.shell }}
          tag="${{ github.ref_name }}"
          tag=${tag##*v}
          echo "tag=$tag" >> "$GITHUB_OUTPUT"
          echo "image=${{ steps.registry.outputs.host-port }}/${{ github.repository }}:${tag}" >> "$GITHUB_OUTPUT"
      - uses: https://github.com/docker/build-push-action@v4
        with:
          context: .
          push: true
          platforms: linux/amd64,linux/arm64
          tags: ${{ steps.build.outputs.image }}
      - run: |
          ${{ steps.verbose.outputs.shell }}
          mkdir -p release
          for arch in amd64 arm64; do
            docker create --platform linux/$arch --name runner ${{ steps.build.outputs.image }}
            docker cp runner:/bin/forgejo-runner release/forgejo-runner-$arch
            shasum -a 256 < release/forgejo-runner-$arch > release/forgejo-runner-$arch.sha256
            docker rm runner
          done
      - uses: https://code.forgejo.org/actions/forgejo-release@v1
        with:
          direction: upload
          release-dir: release
          release-notes: "RELEASE-NOTES#${{ steps.build.outputs.tag }}"
          token: ${{ steps.secrets.outputs.token }}
          verbose: ${{ steps.verbose.outputs.value }}
--- a/.forgejo/workflows/test.yml
+++ b/.forgejo/workflows/test.yml
@ -1,6 +1,5 @@
 name: checks
 on: 
  - push
  - pull_request
  - push:
      branches: [main]
@ -23,3 +22,14 @@ jobs:
        run: make build
      - name: test
        run: make test
      - run: |
          mkdir release
          mv forgejo-runner release
      - if: ${{ startsWith(github.ref, 'refs/tags/v') }}
        uses: https://code.forgejo.org/actions/forgejo-release@v1
        with:
          direction: upload
          release-dir: release
          release-notes: "RELEASE-NOTES#${{ github.ref_name }}"
          token: ${{ secrets.TOKEN }}
          verbose: true
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,4 @@
 *~
 forgejo-runner
 .env
 .runner
--- a/15
+++ b/15
@ -0,0 +1,15 @@
 #Build stage
 FROM golang:1.20-alpine3.17 AS build-env
 RUN apk --no-cache add build-base git
 COPY . /srv
 WORKDIR /srv
 RUN make build
 FROM alpine:3.17
 LABEL maintainer="contact@forgejo.org"
 COPY --from=build-env /srv/forgejo-runner /bin/forgejo-runner
 ENTRYPOINT ["/bin/forgejo-runner"]