Build and Create Pre-Release #121

Workflow file for this run

.github/workflows/create-prerelease.yml at 79fd24a

	name: Build and Create Pre-Release

	on:
	workflow_dispatch:
	inputs:
	version:
	description: 'If this is a release what version is this for? If this is a pre-release what version are you developing toward?'
	required: true
	type: string
	preRelease:
	description: 'Create Pre-release? -SNAPSHOT-{COMMIT} will be appended to the version above.'
	required: false
	type: boolean
	deletePrevBuild:
	description: 'Cleanup existing pre-releases?'
	required: false
	type: boolean


	jobs:
	build:
	outputs:
	version: ${{ steps.save-version.outputs.version }}
	rpm-version: ${{ steps.save-version.outputs.rpm-version }}
	artifacts: ${{ steps.save-version.outputs.artifacts }}
	rpm-artifacts: ${{ steps.save-version.outputs.rpm-artifacts }}
	deb-artifacts: ${{ steps.save-version.outputs.deb-artifacts }}
	zip-artifacts: ${{ steps.save-version.outputs.zip-artifacts }}
	pkg-artifacts: ${{ steps.save-version.outputs.pkg-artifacts }}
	sha-artifacts: ${{ steps.save-version.outputs.sha-artifacts }}
	asc-artifacts: ${{ steps.save-version.outputs.asc-artifacts }}
	runs-on: macos-13
	steps:
	- name: "Git checkout"
	uses: actions/checkout@v3
	with:
	fetch-depth: 0
	- name: "Install Homebrew"
	run: /bin/bash -c "NONINTERACTIVE=1 $(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
	- name: "Install Dependencies"
	run: \|
	/usr/local/bin/brew install --overwrite python@3.11 \|\| echo "I1.1"
	/usr/local/bin/brew link --overwrite python@3.11 \|\| echo "I1.2"
	/usr/local/bin/brew install --overwrite dpkg zip make wget jq rpm \|\| echo "I2"
	/usr/local/bin/brew link --overwrite python@3.11 \|\| echo "I1.3"
	/usr/local/bin/brew install python-gdbm@3.11 \|\| echo "I1.4"
	/usr/local/bin/brew install python-tk@3.11 \|\| echo "I1.5"
	for i in dpkg zip make wget jq rpm python3.11; do command -v $i \|\| exit 1; done
	echo "Dependencies checked"

	- name: Get go version from go.mod
	run: \|
	echo "GO_VERSION=$(grep '^go ' go.mod \| cut -d " " -f 2)" >> $GITHUB_ENV
	- uses: actions/setup-go@v4
	with:
	go-version: ${{ env.GO_VERSION }}
	check-latest: true
	- name: "Install Packages.pkg for making macos PKG files"
	run: \|
	wget http://s.sudre.free.fr/Software/files/Packages.dmg
	hdiutil attach -mountpoint /Volumes/Packages Packages.dmg
	cd /Volumes/Packages
	sudo installer -pkg Install\ Packages.pkg -target /
	- name: Tag Before Building
	id: tag
	if: inputs.version != ''
	env:
	TAG: ${{ inputs.version }}
	SNAPSHOT: ${{ inputs.preRelease }}
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	echo "Tagging the repository with ${TAG}"
	git config --global user.email "actions@github.com"
	git config --global user.name "GitHub Actions"

	if [ "${SNAPSHOT}" = "true" ]; then
	COMMIT=$(git rev-parse --short HEAD)
	TAG="${TAG}-SNAPSHOT-${COMMIT}"
	fi

	# Ensure the tag does not already exist
	if ! gh release view "${TAG}" > /dev/null 2>&1; then
	git tag -a "${TAG}" -m "Release ${TAG}"
	git push origin "${TAG}"

	echo "Tag ${TAG} created and pushed successfully."
	else
	echo "Tag ${TAG} already exists."
	fi

	- name: "Compile"
	env:
	ADDCOMMIT: ${{ inputs.preRelease }}
	run: \|
	buildcmd="build-prerelease"
	[ "${ADDCOMMIT}" = "false" ] && buildcmd="build-official"
	export PATH=$PATH:/usr/local/bin:/usr/local/go/bin
	cd ~/work/asvec/asvec && make cleanall && make ${buildcmd}
	- name: "Create linux packages"
	env:
	ADDCOMMIT: ${{ inputs.preRelease }}
	run: \|
	buildcmd="build-prerelease"
	[ "${ADDCOMMIT}" = "false" ] && buildcmd="build-official"
	export PATH=$PATH:/usr/local/bin:/usr/local/go/bin
	cd ~/work/asvec/asvec && make pkg-linux
	- name: "Create windows zips"
	env:
	ADDCOMMIT: ${{ inputs.preRelease }}
	run: \|
	buildcmd="build-prerelease"
	[ "${ADDCOMMIT}" = "false" ] && buildcmd="build-official"
	export PATH=$PATH:/usr/local/bin:/usr/local/go/bin
	cd ~/work/asvec/asvec && make pkg-windows-zip
	- name: "Print asvec version"
	run: cd ~/work/asvec/asvec && ./bin/asvec-macos-amd64 --version
	- name: "Prepare keychain for signing MacOS"
	env:
	keypw: ${{ secrets.APPLEUSERPW }}
	INSTALLERP12: ${{ secrets.INSTALLERP12 }}
	APPLICATIONP12: ${{ secrets.APPLICATIONP12 }}
	run: \|
	set -e
	security create-keychain -p mysecretpassword build.keychain
	security default-keychain -s build.keychain
	security unlock-keychain -p mysecretpassword build.keychain
	security set-keychain-settings build.keychain
	security unlock-keychain -p mysecretpassword build.keychain
	echo "$APPLICATIONP12" \| base64 -d > app.p12
	echo "$INSTALLERP12" \| base64 -d > install.p12
	security import app.p12 -k build.keychain -P $keypw -A
	security import install.p12 -k build.keychain -P $keypw -A
	security set-key-partition-list -S apple-tool:,apple: -s -k mysecretpassword build.keychain
	- name: "Sign and build MacOS"
	env:
	xasvec_appleid: ${{ secrets.APPLEUSER }}
	xasvec_applepw: ${{ secrets.APPLEAPPPW }}
	xasvec_signer: ${{ secrets.APPLESIGNER }}
	xasvec_installsigner: ${{ secrets.APPLEINSTALLSIGNER }}
	xasvec_teamid: ${{ secrets.APPLETEAMID }}
	run: \|
	set -e
	export asvec_appleid="${xasvec_appleid}"
	export asvec_applepw="${xasvec_applepw}"
	export asvec_signer="${xasvec_signer}"
	export asvec_installsigner="${xasvec_installsigner}"
	export asvec_teamid="${xasvec_teamid}"
	export PATH=$PATH:/usr/local/bin:/usr/local/go/bin && cd ~/work/asvec/asvec && make macos-build-all && make macos-notarize-all
	- name: Save Version
	id: save-version
	run: \|
	VER=$(cat VERSION.md)
	echo version=${VER} >> $GITHUB_OUTPUT

	RPM_VER=$(echo ${VER} \| sed 's/-/_/g')
	echo rpm-verion=${RPM_VER} >> $GITHUB_OUTPUT

	ARTIFACTS="asvec-linux-amd64-${VER}.deb asvec-linux-amd64-${RPM_VER}.rpm asvec-linux-amd64-${VER}.zip asvec-linux-arm64-${VER}.deb asvec-linux-arm64-${RPM_VER}.rpm asvec-linux-arm64-${VER}.zip asvec-macos-${VER}.pkg asvec-macos-amd64-${VER}.zip asvec-macos-arm64-${VER}.zip asvec-windows-amd64-${VER}.zip asvec-windows-arm64-${VER}.zip"
	echo "artifacts=${ARTIFACTS}" >> $GITHUB_OUTPUT

	RPM_ARTIFACTS=$(echo "${ARTIFACTS}" \| tr ' ' '\n' \| grep '\.rpm$' \| tr '\n' ' ')
	echo "rpm-artifacts=${RPM_ARTIFACTS}" >> $GITHUB_OUTPUT

	DEB_ARTIFACTS=$(echo "${ARTIFACTS}" \| tr ' ' '\n' \| grep '\.deb$' \| tr '\n' ' ')
	echo "deb-artifacts=${DEB_ARTIFACTS}" >> $GITHUB_OUTPUT

	ZIP_ARTIFACTS=$(echo "${ARTIFACTS}" \| tr ' ' '\n' \| grep '\.zip$' \| tr '\n' ' ')
	echo "zip-artifacts=${ZIP_ARTIFACTS}" >> $GITHUB_OUTPUT

	PKG_ARTIFACTS=$(echo "${ARTIFACTS}" \| tr ' ' '\n' \| grep '\.pkg$' \| tr '\n' ' ')
	echo "pkg-artifacts=${PKG_ARTIFACTS}" >> $GITHUB_OUTPUT

	SHA256_FILES=$(for pkg in ${ARTIFACTS}; do echo "${pkg}.sha256"; done \| tr '\n' ' ')
	echo "sha-artifacts=${SHA256_FILES}" >> $GITHUB_OUTPUT

	ASC_FILES=$(for pkg in ${ARTIFACTS} ${SHA256_FILES}; do
	if [[ ! "${pkg}" =~ \.rpm$ && ! "${pkg}" =~ \.deb$ ]]; then
	echo "${pkg}.asc"
	fi
	done \| tr '\n' ' ')
	echo "asc-artifacts=${ASC_FILES}" >> $GITHUB_OUTPUT

	- name: "Upload Artifacts"
	uses: actions/upload-artifact@v4
	with:
	name: asvec-artifacts
	path: ~/work/asvec/asvec/bin/packages/asvec-*

	sign:
	needs: build
	runs-on: ubuntu-latest
	steps:
	- name: "Git checkout"
	uses: actions/checkout@v3
	with:
	fetch-depth: 0
	- name: "Download Artifacts"
	uses: actions/download-artifact@v4
	with:
	name: asvec-artifacts
	- name: setup GPG
	uses: aerospike/shared-workflows/devops/setup-gpg@main
	with:
	gpg-private-key: ${{ secrets.GPG_SECRET_KEY }}
	gpg-public-key: ${{ secrets.GPG_PUBLIC_KEY }}
	gpg-key-pass: ${{ secrets.GPG_PASS }}
	gpg-key-name: "aerospike-inc"

	- name: GPG Sign All Files
	env:
	GPG_TTY: no-tty
	GPG_PASSPHRASE: ${{ secrets.GPG_PASS }}
	run: \|
	rpm --addsign ${{needs.build.outputs.rpm-artifacts}}
	rpm --checksig ${{needs.build.outputs.rpm-artifacts}}

	dpkg-sig --sign builder ${{needs.build.outputs.deb-artifacts}}
	dpkg-sig --verify ${{needs.build.outputs.deb-artifacts}}

	for file in ${{needs.build.outputs.zip-artifacts}} ${{needs.build.outputs.pkg-artifacts}}; do
	gpg --detach-sign --no-tty --batch --yes --output "${file}.asc" --passphrase "$GPG_PASSPHRASE" "${file}"
	gpg --verify "${file}.asc" "${file}"
	done

	- name: Create Checksums
	run: \|
	for pkg in ${{needs.build.outputs.artifacts}}; do
	shasum -a 256 $pkg > ${pkg}.sha256
	done

	for file in ${{needs.build.outputs.sha-artifacts}}; do
	gpg --detach-sign --no-tty --batch --yes --output "${file}.asc" --passphrase "$GPG_PASSPHRASE" "${file}"
	gpg --verify "${file}.asc" "${file}"
	done
	- name: "Upload Artifacts"
	uses: actions/upload-artifact@v4
	with:
	name: asvec-artifacts
	path: asvec-*
	overwrite: true


	pre-release:
	needs:
	- sign
	- build
	runs-on: ubuntu-latest
	steps:
	- name: "Git checkout"
	uses: actions/checkout@v3
	with:
	fetch-depth: 0
	- name: "Download Artifacts"
	uses: actions/download-artifact@v4
	with:
	name: asvec-artifacts
	- name: "Create a new pre-release"
	env:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	set -e
	TAG=${{needs.build.outputs.version}}
	FULLCOMMIT=$(git rev-parse HEAD)
	gh release create -R github.com/aerospike/asvec --prerelease --target ${FULLCOMMIT} --title "Asvec - ${TAG}" ${TAG} ${{needs.build.outputs.artifacts}} ${{needs.build.outputs.sha-artifacts}} ${{needs.build.outputs.asc-artifacts}}
	- name: "Delete previous pre-release"
	env:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	DELPREV: ${{ inputs.deletePrevBuild }}
	run: \|
	if [ "${DELPREV}" = "true" ]; then
	set -e
	gh release list -R github.com/aerospike/asvec -L 100 \| grep Pre-release \| awk -F'\t' '{print $3}' \| while read -r line; do
	if [ "$line" != "${{needs.build.outputs.version}}" ]; then
	if [[ "$line" == "${{ inputs.version }}-SNAPSHOT-"* ]]; then
	echo "Removing $line"
	gh release delete "$line" -R github.com/aerospike/asvec --yes --cleanup-tag
	fi
	fi
	done
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build and Create Pre-Release #121

Workflow file

Build and Create Pre-Release #121

Jobs

Run details

Workflow file for this run