Release - Publish polakdot deb package #20

Workflow file for this run

.github/workflows/release-40_publish-deb-package.yml at 68186cf

	name: Release - Publish polakdot deb package

	on:
	workflow_dispatch:
	inputs:
	tag:
	description: Current final release tag in the format polakdot-stableYYMM or polkadot-stable-YYMM-X
	default: polakdot-stable2412
	required: true
	type: string

	distribution:
	description: Distribution where to publish deb package (release, staging, stable2407, etc)
	default: staging
	required: true
	type: string

	jobs:
	# check-synchronization:
	# uses: paritytech-release/sync-workflows/.github/workflows/check-syncronization.yml@main

	validate-inputs:
	# needs: [check-synchronization]
	# if: ${{ needs.check-synchronization.outputs.checks_passed }} == 'true'
	runs-on: ubuntu-latest
	outputs:
	release_tag: ${{ steps.validate_inputs.outputs.release_tag }}

	steps:
	- name: Checkout sources
	uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0

	- name: Validate inputs
	id: validate_inputs
	run: \|
	. ./.github/scripts/common/lib.sh

	RELEASE_TAG=$(validate_stable_tag ${{ inputs.tag }})
	echo "release_tag=${RELEASE_TAG}" >> $GITHUB_OUTPUT


	fetch-artifacts-from-s3:
	runs-on: ubuntu-latest
	needs: [validate-inputs]
	env:
	REPO: ${{ github.repository }}
	RELEASE_TAG: ${{ needs.validate-inputs.outputs.release_tag }}

	steps:
	- name: Checkout sources
	uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0

	- name: Fetch rc artifacts or release artifacts from s3 based on version
	run: \|
	. ./.github/scripts/common/lib.sh

	#VERSION="$(get_polkadot_node_version_from_code)"
	VERSION="1.16.1"

	fetch_debian_package_from_s3 polkadot

	- name: Upload artifacts
	uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
	with:
	name: release-artifacts
	path: release-artifacts/polkadot/*.deb

	publish-deb-package:
	runs-on: ubuntu-latest
	needs: [fetch-artifacts-from-s3]
	environment: release
	env:
	PGP_KMS_KEY: ${{ secrets.PGP_KMS_KEY }}
	PGP_KMS_HASH: ${{ secrets.PGP_KMS_HASH }}
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
	AWS_RELEASE_ACCESS_KEY_ID: ${{ secrets.AWS_RELEASE_ACCESS_KEY_ID }}
	AWS_RELEASE_SECRET_ACCESS_KEY: ${{ secrets.AWS_RELEASE_SECRET_ACCESS_KEY }}

	steps:
	- name: Install pgpkkms
	run: \|
	# Install pgpkms that is used to sign built artifacts
	python3 -m pip install "pgpkms-reprepro @ git+https://github.com/paritytech-release/pgpkms.git@1f8555426662ac93a3849480a35449f683b1c89f"
	echo "PGPKMS-REPREPRO_PATH=$(which pgpkms-reprepro)" >> $GITHUB_ENV

	- name: Install awscli
	run: \|
	python3 -m pip install awscli
	which aws

	- name: Checkout sources
	uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0

	- name: Import gpg keys
	shell: bash
	run: \|
	. ./.github/scripts/common/lib.sh

	import_gpg_keys

	- name: Download artifacts
	uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
	with:
	name: release-artifacts
	path: release-artifacts

	- name: Setup local deb repo
	run: \|
	sudo apt-get install -y reprepro
	which reprepro

	sed -i "s/^SignWith:.*/"SignWith: ! $PGPKMS_REPREPRO_PATH"/" ${{ github.workspace }}/.github/scripts/release/distributions

	mkdir -p ${{ github.workspace }}/deb/conf
	cp ${{ github.workspace }}/.github/scripts/release/distributions ${{ github.workspace }}/deb/conf/distributions
	cat ${{ github.workspace }}/deb/conf/distributions

	- name: Publish deb package
	run: \|

	. ${{ github.workspace }}/.github/scripts/release/publish-deb-package.sh ${{ inputs.distribution }} polkadot 1.16.1 ${{ github.workspace }}/deb

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Release - Publish polakdot deb package #20

Workflow file

Release - Publish polakdot deb package #20

Jobs

Run details

Workflow file for this run