mirror of
https://github.com/fluencelabs/trust-graph
synced 2025-03-15 20:50:51 +00:00
193 lines
5.6 KiB
YAML
193 lines
5.6 KiB
YAML
name: "release"
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- "master"
|
|
|
|
concurrency:
|
|
group: "${{ github.workflow }}-${{ github.ref }}"
|
|
|
|
jobs:
|
|
release-please:
|
|
runs-on: ubuntu-latest
|
|
|
|
outputs:
|
|
releases-created: ${{ steps.release.outputs['releases_created'] }}
|
|
trust-graph-api-release-created: ${{ steps.release.outputs['aqua--release_created'] }}
|
|
trust-graph-release-created: ${{ steps.release.outputs['trust-graph--release_created'] }}
|
|
trust-graph-tag-name: ${{ steps.release.outputs['trust-graph--tag_name'] }}
|
|
|
|
steps:
|
|
- name: Run release-please
|
|
id: release
|
|
uses: google-github-actions/release-please-action@v3
|
|
with:
|
|
token: ${{ secrets.FLUENCEBOT_RELEASE_PLEASE_PAT }}
|
|
command: manifest
|
|
config-file: .github/release-please/config.json
|
|
manifest-file: .github/release-please/manifest.json
|
|
|
|
- name: Show output from release-please
|
|
if: steps.release.outputs.releases_created
|
|
env:
|
|
RELEASE_PLEASE_OUTPUT: ${{ toJSON(steps.release.outputs) }}
|
|
run: echo "${RELEASE_PLEASE_OUTPUT}" | jq
|
|
|
|
publish:
|
|
runs-on: builder
|
|
|
|
needs: release-please
|
|
if: needs.release-please.outputs.releases-created
|
|
|
|
permissions:
|
|
contents: write
|
|
id-token: write
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Import secrets
|
|
uses: hashicorp/vault-action@v2.4.3
|
|
with:
|
|
url: https://vault.fluence.dev
|
|
path: jwt/github
|
|
role: ci
|
|
method: jwt
|
|
jwtGithubAudience: "https://github.com/fluencelabs"
|
|
jwtTtl: 300
|
|
exportToken: false
|
|
secrets: |
|
|
kv/npmjs/fluencebot token | NODE_AUTH_TOKEN ;
|
|
kv/crates.io/fluencebot token | CARGO_REGISTRY_TOKEN
|
|
|
|
- name: Setup Rust toolchain
|
|
uses: actions-rust-lang/setup-rust-toolchain@v1
|
|
|
|
- name: Setup marine
|
|
uses: fluencelabs/setup-marine@v1
|
|
|
|
- name: Build
|
|
run: ./build.sh
|
|
working-directory: service
|
|
|
|
- name: Install cargo-workspaces
|
|
uses: baptiste0928/cargo-install@v1.3.0
|
|
with:
|
|
crate: cargo-workspaces
|
|
|
|
- name: Publish to crates.io
|
|
run: |
|
|
cargo ws publish \
|
|
--no-git-commit \
|
|
--allow-dirty \
|
|
--from-git \
|
|
--skip-published \
|
|
--yes
|
|
|
|
- name: Setup node
|
|
uses: actions/setup-node@v3
|
|
with:
|
|
node-version: "16"
|
|
registry-url: "https://registry.npmjs.org"
|
|
cache-dependency-path: "aqua/package-lock.json"
|
|
cache: "npm"
|
|
|
|
- run: npm i
|
|
working-directory: aqua
|
|
|
|
- run: npm run build
|
|
working-directory: aqua
|
|
|
|
- name: Publish to NPM registry
|
|
if: needs.release-please.outputs.trust-graph-api-release-created
|
|
run: npm publish --access public
|
|
working-directory: aqua
|
|
|
|
- name: Install ipfs
|
|
uses: nahsi/setup-ipfs@v1
|
|
|
|
- name: Create builtin distribution package
|
|
if: needs.release-please.outputs.trust-graph-release-created
|
|
run: ./builtin-package/package.sh
|
|
|
|
- name: Calculate SHA256
|
|
if: needs.release-please.outputs.trust-graph-release-created
|
|
id: sha
|
|
run: |
|
|
# Calculate sha256
|
|
du -hs trust-graph.tar.gz
|
|
sha256sum trust-graph.tar.gz
|
|
sha=($(sha256sum trust-graph.tar.gz))
|
|
echo "sha256=${sha}" >> $GITHUB_OUTPUT
|
|
|
|
- name: Upload trust-graph package
|
|
if: needs.release-please.outputs.trust-graph-release-created
|
|
uses: softprops/action-gh-release@v1
|
|
with:
|
|
files: trust-graph.tar.gz
|
|
tag_name: ${{ needs.release-please.outputs.trust-graph-tag-name }}
|
|
|
|
- name: Update version in node-distro repo
|
|
if: needs.release-please.outputs.trust-graph-release-created
|
|
uses: benc-uk/workflow-dispatch@v1
|
|
with:
|
|
workflow: update_service
|
|
repo: fluencelabs/node-distro
|
|
ref: "main"
|
|
token: ${{ secrets.PERSONAL_TOKEN }}
|
|
inputs: '{
|
|
"name": "trust-graph",
|
|
"version": "${{ needs.release-please.outputs.version }}",
|
|
"url": "https://github.com/fluencelabs/trust-graph/releases/download/${{ needs.release-please.outputs.trust-graph-tag-name }}/trust-graph.tar.gz",
|
|
"sha256": "${{ steps.sha.outputs.sha256 }}"
|
|
}'
|
|
|
|
slack:
|
|
if: always()
|
|
name: "Notify"
|
|
runs-on: ubuntu-latest
|
|
|
|
needs:
|
|
- release-please
|
|
- publish
|
|
|
|
permissions:
|
|
contents: read
|
|
id-token: write
|
|
|
|
steps:
|
|
- uses: lwhiteley/dependent-jobs-result-check@v1
|
|
id: status
|
|
with:
|
|
statuses: failure
|
|
dependencies: ${{ toJSON(needs) }}
|
|
|
|
- name: Log output
|
|
run: |
|
|
echo "statuses:" "${{ steps.status.outputs.statuses }}"
|
|
echo "jobs:" "${{ steps.status.outputs.jobs }}"
|
|
echo "found any?:" "${{ steps.status.outputs.found }}"
|
|
|
|
- name: Import secrets
|
|
uses: hashicorp/vault-action@v2.4.3
|
|
with:
|
|
url: https://vault.fluence.dev
|
|
path: jwt/github
|
|
role: ci
|
|
method: jwt
|
|
jwtGithubAudience: "https://github.com/fluencelabs"
|
|
jwtTtl: 300
|
|
exportToken: false
|
|
secrets: |
|
|
kv/slack/release-please webhook | SLACK_WEBHOOK_URL
|
|
|
|
- uses: ravsamhq/notify-slack-action@v2
|
|
if: steps.status.outputs.found == 'true'
|
|
with:
|
|
status: "failure"
|
|
notification_title: "*{workflow}* has {status_message}"
|
|
message_format: "${{ steps.status.outputs.jobs }} {status_message} in <{repo_url}|{repo}>"
|
|
footer: "<{run_url}>"
|