Skip to content

build(deps-dev): bump jinja2 from 3.1.4 to 3.1.5 #531

build(deps-dev): bump jinja2 from 3.1.4 to 3.1.5

build(deps-dev): bump jinja2 from 3.1.4 to 3.1.5 #531

name: Build & Release
on:
push:
branches:
- stage
tags:
- "**"
pull_request:
branches:
- "**"
workflow_dispatch: {}
concurrency:
# SHA is added to the end if on `main` to let all main workflows run
group: ${{ github.ref }}-${{ github.workflow }}-${{ github.event_name }}-${{ github.ref == 'refs/heads/main' && github.sha || '' }}
cancel-in-progress: true
permissions:
id-token: write
contents: write
jobs:
build:
name: 👷 ${{ matrix.config.name }} ${{ matrix.os.emoji }} ${{ matrix.preconfiguration.name }} ${{ matrix.os.name }} ${{ matrix.arch.name }}
runs-on: ${{ matrix.os.runs-on[matrix.arch.matrix] }}
strategy:
fail-fast: false
matrix:
config:
- name: tokenization
app-name: climate-tokenization-chia
app-mode: registry
app-description: "Carbon tokenization application on the Chia blockchain"
add-to-apt: "true"
- name: explorer
app-name: climate-explorer-chia
app-mode: explorer
app-description: "Interface for tracking Chia on-chain carbon tokens"
add-to-apt: "true"
- name: client
app-name: climate-token-driver
app-mode: client
app-description: "Embedded climate token driver for carbon tokens on the Chia blockchain"
add-to-apt: "false"
- name: dev
app-name: dev-token-driver-chia
app-mode: dev
app-description: "Token driver in dev mode"
add-to-apt: "false"
os:
- name: Linux
matrix: linux
emoji: 🐧
runs-on:
arm: [Linux, ARM64]
intel: [ubuntu-latest]
artifact-os-name: linux
executable-extension: ""
- name: macOS
matrix: macos
emoji: 🍎
runs-on:
arm: [macos-13-arm64]
intel: [macos-13]
artifact-os-name: macos
executable-extension: ""
- name: Windows
matrix: windows
emoji: 🪟
runs-on:
intel: [windows-latest]
artifact-os-name: windows
executable-extension: ".exe"
arch:
- name: ARM
matrix: arm
artifact-name: arm64
deb-platform: arm64
electron-builder-options: --arm64
- name: Intel
matrix: intel
artifact-name: x64
deb-platform: amd64
electron-builder-options: --x64
preconfiguration:
- name: default
installer-string: ""
cadt-api-server-host: "https://observer.climateactiondata.org/api"
- name: testneta
installer-string: "-testneta"
cadt-api-server-host: "https://chia-cadt-demo.chiamanaged.com/observer"
exclude:
- os:
matrix: windows
arch:
matrix: arm
- config:
app-mode: registry
preconfiguration:
name: testneta
- config:
app-mode: explorer
preconfiguration:
name: testneta
- config:
app-mode: dev
preconfiguration:
name: testneta
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
submodules: "recursive"
- name: Setup Python
uses: Chia-Network/actions/setup-python@main
with:
python-version: "3.10"
- name: Create .env file
shell: bash
run: |
echo "MODE=${{ matrix.config.app-mode }}" > .env
echo 'CHIA_ROOT="~/.chia/mainnet"' >> .env
echo 'CONFIG_PATH="climate_token/config/config.yaml"' >> .env
echo 'SERVER_PORT=31999' >> .env
- name: Apply preconfigurations
if: matrix.preconfiguration.name != 'default'
shell: bash
run: |
perl -pi -e 's{CADT_API_SERVER_HOST:\ str\ =.*}{CADT_API_SERVER_HOST:\ str\ =\ \"${{ matrix.preconfiguration.cadt-api-server-host }}\"}g' app/config.py
perl -pi -e 's{CADT_API_SERVER_HOST:.*}{CADT_API_SERVER_HOST:\ \"${{ matrix.preconfiguration.cadt-api-server-host }}\"}g' config.yaml
cat config.yaml
- name: Install yq
if: startsWith(github.ref, 'refs/tags/') && contains( github.ref, '-rc')
run: pip install yq
- name: Change the pyproject.toml version if an RC tag
if: startsWith(github.ref, 'refs/tags/') && contains( github.ref, '-rc')
shell: bash
run: |
echo "Github ref: $GITHUB_REF"
IFS='/' read -r base directory tag <<< "$GITHUB_REF"
echo "Extracted tag is $tag"
cat pyproject.toml | tomlq --toml-output ".tool.poetry.version=\"${tag}\"" > pyproject.tmp
mv pyproject.tmp pyproject.toml
- name: Create virtual environment
uses: Chia-Network/actions/create-venv@main
id: create-venv
- name: Activate virtual environment
uses: Chia-Network/actions/activate-venv@main
with:
directories: ${{ steps.create-venv.outputs.activate-venv-directories }}
- name: Install pyinstaller
run: pip install pyinstaller
- name: Create virtual environment for Poetry
uses: Chia-Network/actions/create-venv@main
id: create-poetry-venv
- name: Run poetry install
uses: Chia-Network/actions/poetry@main
with:
python-executable: ${{ steps.create-poetry-venv.outputs.python_executable }}
- name: Run pyinstaller
run: python -m PyInstaller --clean pyinstaller.spec
- name: Get tag name
id: tag-name
shell: bash
run: |
TAGNAME=$(echo $GITHUB_REF | cut -d / -f 3)
echo "TAGNAME=${TAGNAME}" >> $GITHUB_OUTPUT
echo "Tag is ${TAGNAME}"
echo "github.sha is ${{ github.sha }}"
- name: Install j2
run: |
pip install j2cli
- name: Rename binary
run: |
# no -p, we want to be sure this is clean so wildcards below don't get extra files
mkdir artifacts/
cp ./dist/main${{ matrix.os.executable-extension }} ./artifacts/${{ matrix.config.app-name }}${{ matrix.preconfiguration.installer-string }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}_${{ matrix.arch.artifact-name }}${{ matrix.os.executable-extension }}
- name: Test for secrets access
id: check_secrets
shell: bash
run: |
unset HAS_SIGNING_SECRET
if [ -n "$SIGNING_SECRET" ]; then HAS_SIGNING_SECRET='true' ; fi
echo "HAS_SIGNING_SECRET=${HAS_SIGNING_SECRET}" >> "$GITHUB_OUTPUT"
env:
SIGNING_SECRET: "${{ secrets.SM_CLIENT_CERT_FILE_B64 }}"
# Windows Code Signing
- name: Sign windows artifacts
if: matrix.os.matrix == 'windows' && steps.check_secrets.outputs.HAS_SIGNING_SECRET
uses: chia-network/actions/digicert/windows-sign@main
env:
SM_TOOLS_DOWNLOAD_URL: ${{ vars.SM_TOOLS_DOWNLOAD_URL }}
with:
sm_api_key: ${{ secrets.SM_API_KEY }}
sm_client_cert_file_b64: ${{ secrets.SM_CLIENT_CERT_FILE_B64 }}
sm_client_cert_password: ${{ secrets.SM_CLIENT_CERT_PASSWORD }}
sm_code_signing_cert_sha1_hash: ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }}
file: ./artifacts/${{ matrix.config.app-name }}${{ matrix.preconfiguration.installer-string }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}_${{ matrix.arch.artifact-name }}.exe
- name: Create .deb Package
env:
APP_NAME: ${{ matrix.config.app-name }}
APP_VERSION: ${{ steps.tag-name.outputs.TAGNAME }}
PLATFORM: ${{ matrix.arch.deb-platform }}
APP_DESCRIPTION: ${{ matrix.config.app-description }}
run: |
DEB_BASE="${{ matrix.config.app-name }}${{ matrix.preconfiguration.installer-string }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}-1_${{ matrix.arch.deb-platform }}"
mkdir -p deb/$DEB_BASE/opt/${{ matrix.config.app-name }}
cp dist/main deb/$DEB_BASE/opt/${{ matrix.config.app-name }}/${{ matrix.config.app-name }}
chmod +x deb/$DEB_BASE/opt/${{ matrix.config.app-name }}/${{ matrix.config.app-name }}
mkdir -p deb/$DEB_BASE/DEBIAN
mkdir -p "deb/$DEB_BASE/etc/systemd/system"
mkdir -p deb/$DEB_BASE/usr/local/bin
j2 -o "deb/$DEB_BASE/DEBIAN/control" build-scripts/deb/control.j2
j2 -o "deb/$DEB_BASE/etc/systemd/system/${{ matrix.config.app-name }}@.service" build-scripts/deb/systemd-template@.service.j2
ln -s ../../../opt/${{ matrix.config.app-name }}/${{ matrix.config.app-name }} deb/$DEB_BASE/usr/local/bin/${{ matrix.config.app-name }}
dpkg-deb --build --root-owner-group "deb/$DEB_BASE"
if: matrix.os.matrix == 'linux'
- name: Upload deb
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.config.app-name }}${{ matrix.preconfiguration.installer-string }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}-1_${{ matrix.arch.deb-platform }}.deb
path: ${{ github.workspace }}/deb/*.deb
if-no-files-found: error
if: matrix.os.matrix == 'linux'
- name: Upload binary
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.config.app-name }}${{ matrix.preconfiguration.installer-string }}-${{ matrix.os.artifact-os-name }}-${{ matrix.arch.artifact-name }}
path: ${{ github.workspace }}/artifacts/*
if-no-files-found: error
- name: Create zip files for release
uses: thedoctor0/zip-release@0.7.1
with:
type: "zip"
filename: ${{ matrix.config.app-name }}${{ matrix.preconfiguration.installer-string }}_${{ matrix.os.artifact-os-name }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}_${{ matrix.arch.artifact-name }}.zip
directory: "artifacts"
if: startsWith(github.ref, 'refs/tags/')
# RC release should not be set as latest
- name: Decide if release should be set as latest
id: is_latest
shell: bash
run: |
unset IS_LATEST
echo "Github ref is $GITHUB_REF"
if [[ "$GITHUB_REF" =~ "-rc" ]]; then
echo "release candidate tag matched"
IS_LATEST='false'
IS_PRERELEASE='true'
else
echo "main branch release matched"
IS_LATEST='true'
IS_PRERELEASE='false'
fi
echo "IS_LATEST=${IS_LATEST}" >> "$GITHUB_OUTPUT"
echo "IS_PRERELEASE=${IS_PRERELEASE}" >> "$GITHUB_OUTPUT"
- name: Release executable
uses: softprops/action-gh-release@v2
with:
prerelease: ${{steps.is_latest.outputs.IS_PRERELEASE}}
make_latest: "${{steps.is_latest.outputs.IS_LATEST}}"
files: ./artifacts/${{ matrix.config.app-name }}${{ matrix.preconfiguration.installer-string }}_${{ matrix.os.artifact-os-name }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}_${{ matrix.arch.artifact-name }}.zip
if: startsWith(github.ref, 'refs/tags/')
- name: Release debs
uses: softprops/action-gh-release@v2
with:
prerelease: ${{steps.is_latest.outputs.IS_PRERELEASE}}
make_latest: "${{steps.is_latest.outputs.IS_LATEST}}"
files: |
${{ github.workspace }}/deb/${{ matrix.config.app-name }}${{ matrix.preconfiguration.installer-string }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}-1_${{ matrix.arch.deb-platform }}.deb
if: startsWith(github.ref, 'refs/tags/') && matrix.os.matrix == 'linux'
# Only do for Intel builds as we know we build ARM and can pass that info along to the apt update automation
- name: Create artifact with metadata for apt upload
shell: bash
run: |
echo "${{ matrix.config.app-name }}" > APTDATA_${{ matrix.config.app-name }}.dat
if: startsWith(github.ref, 'refs/tags/') && matrix.os.matrix == 'linux' && matrix.config.add-to-apt == 'true' && matrix.arch.name == 'Intel' && matrix.preconfiguration.name == 'default' && !contains( github.ref, '-rc')
- name: Upload artifact to pass apt data to release job
uses: actions/upload-artifact@v4
with:
name: APTDATA_${{ matrix.config.app-name }}
path: APTDATA_${{ matrix.config.app-name }}.dat
if-no-files-found: error
retention-days: 1
if: startsWith(github.ref, 'refs/tags/') && matrix.os.matrix == 'linux' && matrix.config.add-to-apt == 'true' && matrix.arch.name == 'Intel' && matrix.preconfiguration.name == 'default' && !contains( github.ref, '-rc')
apt-upload:
name: Trigger update in apt repo
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/') && !contains( github.ref, '-rc')
needs:
- build
steps:
- name: Get repo name to use for APT trigger
id: repo-name
run: |
echo "REPO_NAME=$(echo "$GITHUB_REPOSITORY" | cut -d "/" -f 2)" >>$GITHUB_OUTPUT
if: startsWith(github.ref, 'refs/tags/')
- name: Get tag name
id: tag-name
shell: bash
run: |
TAGNAME=$(echo $GITHUB_REF | cut -d / -f 3)
echo "TAGNAME=${TAGNAME}" >> $GITHUB_OUTPUT
echo "Tag is ${TAGNAME}"
echo "github.sha is ${{ github.sha }}"
- name: Download all artifacts
uses: actions/download-artifact@v4
- name: Parse meta files for apt variables
id: apt-metadata
shell: bash
run: |
APPS_ARRAY="["
DIRECTORIES="./APTDATA*"
for d in $DIRECTORIES; do \
FILES="$d/*.dat"; \
for f in $FILES; do \
APP=`cat $f`; \
APPS_ARRAY="${APPS_ARRAY}\\\"${APP}\\\", "; \
done; \
done;
APPS_ARRAY=${APPS_ARRAY%??}
APPS_ARRAY="${APPS_ARRAY}]"
echo "Array being passed is ${APPS_ARRAY}"
echo "APPLICATIONS=${APPS_ARRAY}" >> $GITHUB_OUTPUT
- name: Trigger apt repo update
if: startsWith(github.ref, 'refs/tags/')
uses: Chia-Network/actions/github/glue@main
with:
json_data: '{"climate_tokenization_repo":"${{ steps.repo-name.outputs.REPO_NAME }}","application_name":"${{ steps.apt-metadata.outputs.APPLICATIONS }}","release_version":"${{ steps.tag-name.outputs.TAGNAME }}","add_debian_version":"true","arm64":"available"}'
glue_url: ${{ secrets.GLUE_API_URL }}
glue_project: "climate-tokenization"
glue_path: "trigger"