-
Notifications
You must be signed in to change notification settings - Fork 38
207 lines (185 loc) · 8.54 KB
/
releaser.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
# When a tag is push on the repo, this workflow will run to create a release and add some artifact to it.
name: Releaser
on:
pull_request:
paths:
- .github/workflows/package-server.yml
- .github/workflows/releaser.yml
push:
tags:
- v[0-9]+.[0-9]+.[0-9]+*
- nightly
schedule:
- cron: 30 22 * * * # At 22:30
permissions:
contents: write
# We set `concurrency` to prevent having this workflow being more than once for the same tag.
concurrency:
group: releaser-${{ github.workflow }}-${{ github.ref_name }}
cancel-in-progress: true
env:
NIGHTLY_RELEASE: ${{ (github.event_name == 'schedule' || github.ref == 'refs/tags/nightly') && 'true' || 'false' }}
jobs:
scheduled-nightly-build:
if: github.event_name == 'schedule'
uses: ./.github/workflows/_releaser_nightly_build.yml
version:
needs: scheduled-nightly-build
# Always run the job if `scheduled-nightly-build` job is skipped otherwise only if `scheduled-nightly-build` job was successful.
if: github.event_name != 'schedule' && always() || success()
uses: ./.github/workflows/_parse_version.yml
with:
version: >-
${{
(github.event_name == 'schedule' && needs.scheduled-nightly-build.outputs.version_full) ||
(github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') && github.ref_name != 'nightly' && github.ref_name) ||
''
}}
commit_sha: ${{ needs.scheduled-nightly-build.outputs.commit_sha || github.sha }}
package-parsec-server:
needs: version
if: needs.version.result == 'success' && always()
uses: ./.github/workflows/package-server.yml
with:
version: ${{ needs.version.outputs.full }}
version_patch_run_id: ${{ github.run_id }}
commit_sha: ${{ needs.version.outputs.commit_sha }}
package-parsec-client:
needs: version
if: needs.version.result == 'success' && always()
uses: ./.github/workflows/package-client.yml
with:
version: ${{ needs.version.outputs.full }}
version_patch_run_id: ${{ github.run_id }}
commit_sha: ${{ needs.version.outputs.commit_sha }}
releaser:
needs:
- version
- package-parsec-server
- package-parsec-client
name: 🚛 Releaser
permissions:
contents: write
if: needs.version.result == 'success' && needs.package-parsec-client.result == 'success' && needs.package-parsec-server.result && always()
runs-on: ubuntu-22.04
steps:
- name: Download every artifact generated (and uploaded)
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # pin v4.1.7
with:
path: artifacts
timeout-minutes: 5
- name: List downloaded artifacts
run: tree artifacts
- name: Create the folder that will contain the release files
run: mkdir release-files
- name: Copy artifacts to the release folder
run: |
set -ex
cp -v artifacts/Linux-X64-wheel/parsec_cloud-${{ needs.version.outputs.pep440 }}-*.whl release-files
cp -v artifacts/macOS-X64-wheel/parsec_cloud-${{ needs.version.outputs.pep440 }}-*.whl release-files
cp -v artifacts/Windows-X64-wheel/parsec_cloud-${{ needs.version.outputs.pep440 }}-*.whl release-files
cp -v artifacts/Linux-X64-electron-app/Parsec-v3_${{ needs.version.outputs.full }}_linux_*.snap release-files
cp -v artifacts/macOS-X64-electron-app/Parsec-v3_${{ needs.version.outputs.full }}_macos_*.dmg{,.blockmap} release-files
cp -v artifacts/Windows-X64-electron-app/Parsec-v3_${{ needs.version.outputs.full }}_win_*.exe{,.blockmap} release-files
env:
BASH_XTRACEFD: 1
- name: Copy SBOM files
run: cp -v artifacts/**/Parsec-SBOM-*.spdx.json release-files
- name: Generate version file
run:
(
echo "full=${{ needs.version.outputs.full }}";
echo "pep440=${{ needs.version.outputs.pep440 }}";
echo "major=${{ needs.version.outputs.major }}";
echo "minor=${{ needs.version.outputs.minor }}";
echo "patch=${{ needs.version.outputs.patch }}";
echo "pre=${{ needs.version.outputs.pre }}";
echo "dev=${{ needs.version.outputs.dev }}";
echo "local=${{ needs.version.outputs.local }}";
) | tee release-files/version
- name: Generate checksums file released files
run: sha256sum release-files/* | sed 's;release-files/;;' | tee checksums.sha256
- name: Extract checksum for each file
run: |
set -x
# Every files that don't end with '.sha256'
for file in $(find release-files -type f -not -name '*.sha256'); do
grep "$(basename "$file")" checksums.sha256 | cut -d ' ' -f 1 > "$file".sha256
done
- name: List files in 'release-files'.
run: tree release-files
- name: Generate summary
id: summary
run: |
EOF="EOF-$(dd if=/dev/urandom bs=15 count=1 status=none | base64)"
(
set -e
echo "output<<$EOF"
echo '# Parsec ${{ needs.version.outputs.full }}'
echo
echo 'You can find all assets checksums below, or use `<asset name>.sha256`'
echo
echo '```txt'
cat checksums.sha256
echo '```'
echo
echo 'Generated by <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}>'
echo "$EOF"
) | tee -a $GITHUB_OUTPUT
- name: Remove previous nightly release
if: env.NIGHTLY_RELEASE == 'true'
run: |
if gh release ${{ env.GH_ARGS }} view nightly; then
gh release ${{ env.GH_ARGS }} delete nightly
else
echo "No nightly release to remove"
fi
env:
GH_ARGS: --repo=${{ github.server_url}}/${{ github.repository }}
GH_TOKEN: ${{ github.token }}
- name: Create release
if: github.event_name == 'schedule' || (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/'))
# FIXME: rollback to `softprops/action-gh-release` once the issue <https://github.com/softprops/action-gh-release/issues/362> is fixed.
uses: FirelightFlagboy/action-gh-release@d9a17b2b70a11ff00e4a7d0be3ca04e74d66de24
with:
draft: ${{ env.NIGHTLY_RELEASE != 'true' }}
tag_name: ${{ github.event_name == 'schedule' && 'nightly' || github.ref }}
body: ${{ steps.summary.outputs.output }}
prerelease: ${{ needs.version.outputs.pre != '' || needs.version.outputs.dev != '' || needs.version.outputs.local != '' }}
name: ${{ env.NIGHTLY_RELEASE == 'true' && 'Nightly release' || format('Release v{0}', needs.version.outputs.full) }}
files: |
release-files/parsec_cloud-${{ needs.version.outputs.pep440 }}-*.whl*
release-files/Parsec-v3_${{ needs.version.outputs.full }}_linux_*.snap*
release-files/Parsec-v3_${{ needs.version.outputs.full }}_win_*.exe*
release-files/Parsec-v3_${{ needs.version.outputs.full }}_macos_*.dmg*
release-files/Parsec-SBOM-Wheel-linux.spdx.json
release-files/Parsec-SBOM-Wheel-linux.spdx.json.sha256
release-files/Parsec-SBOM-Wheel-windows.spdx.json
release-files/Parsec-SBOM-Wheel-windows.spdx.json.sha256
release-files/Parsec-SBOM-Wheel-macos.spdx.json
release-files/Parsec-SBOM-Wheel-macos.spdx.json.sha256
release-files/Parsec-SBOM-Electron-linux.spdx.json
release-files/Parsec-SBOM-Electron-linux.spdx.json.sha256
release-files/Parsec-SBOM-Electron-windows.spdx.json
release-files/Parsec-SBOM-Electron-windows.spdx.json.sha256
release-files/Parsec-SBOM-Electron-macos.spdx.json
release-files/Parsec-SBOM-Electron-macos.spdx.json.sha256
release-files/Parsec-SBOM-Web.spdx.json
release-files/Parsec-SBOM-Web.spdx.json.sha256
release-files/version
release-files/version.sha256
fail_on_unmatched_files: true
generate_release_notes: false
timeout-minutes: 5
publish:
needs: releaser
if: >-
(github.event_name == 'schedule' || (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')))
&& needs.releaser.result == 'success'
&& always()
uses: ./.github/workflows/publish.yml
permissions:
contents: read
id-token: write
with:
release_tag: ${{ github.event_name == 'schedule' && 'nightly' || github.ref_name }}