letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change GHA release workflow to not use artifacts (#6590) 

Fixes #6571
This commit is contained in:
Jacob Hoffman-Andrews 2023-01-19 14:30:26 -08:00 committed by GitHub
parent 994e9d3d0b
commit 85e8f1f5cf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 34 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
.github/workflows/release.yml vendored
View File

@ -1,66 +1,31 @@
# Build the Boulder Debian package on every PR, push to main, and tag push. On # Build the Boulder Debian package on every PR, push to main, and tag push. On
# tag pushes, additionally create a GitHub release and with the resulting Debian # tag pushes, additionally create a GitHub release and with the resulting Debian
# package. # package.
# Keep in sync with try-release.yml
name: Build release name: Build release
on: on:
push: push:
tags: tags:
- release-* - release-*
branches: [main]
pull_request:
branches: [main]
jobs: jobs:
build-release: push-release:
strategy:
fail-fast: false
matrix:
GO_VERSION:
- 1.19.2
- 1.19.5
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
permissions: permissions:
contents: read contents: write
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
with: with:
persist-credentials: false persist-credentials: false
# This step will create an output called `filename` which contains the
# path of the produced .deb file.
- name: Build .deb - name: Build .deb
id: build id: build
env: env:
GO_VERSION: ${{ matrix.GO_VERSION }} GO_VERSION: 1.19.5
run: ./tools/make-deb.sh run: ./tools/make-deb.sh
# Because each copy of this job (one for each entry in the matrix) uploads
# to the same artifact name, all of the files will live side-by-side in
# the same artifact, and can be downloaded as a single unit.
- name: Upload .deb
uses: actions/upload-artifact@v3
with:
name: boulder_debs
path: ${{ steps.build.outputs.filename }}
push-release:
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
needs: build-release
runs-on: ubuntu-20.04
permissions:
contents: write
steps:
# This downloads every artifact uploaded by the matrix jobs above,
# directly into the current pwd.
- name: Download .debs
id: download
uses: actions/download-artifact@v3
with:
name: boulder_debs
# We have to pass the -R flag here because this job skipped checkout.
- name: Create release - name: Create release
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# https://cli.github.com/manual/gh_release_create # https://cli.github.com/manual/gh_release_create
run: gh release -R ${{ github.repository }} create "${GITHUB_REF_NAME}" boulder*.deb run: gh release create "${GITHUB_REF_NAME}" boulder*.deb

24
.github/workflows/try-release.yml vendored Normal file
View File

@ -0,0 +1,24 @@
# Try building the Boulder Debian package on every PR and push to main.
# This is to make sure the actual release job will succeed when we tag a
# release.
# Keep in sync with release.yml
name: Try release
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
try-release:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
with:
persist-credentials: false
- name: Build .deb
id: build
env:
GO_VERSION: 1.19.5
run: ./tools/make-deb.sh

6
docker-compose.yml
View File

@ -1,10 +1,8 @@
version: '3' version: '3'
services: services:
boulder: boulder:
# CAUTION: Changing the Go version in this tag changes the version of Go # When updating the Go version here, please also update
# used for release builds. make-deb.sh relies on being able to parse the # .github/workflows/release.yml and .github/workflows/try-release.yml
# numeric version between 'go' and the underscore-prefixed date. If you make
# changes to these tokens, please update this parsing logic.
image: &boulder_image letsencrypt/boulder-tools:${BOULDER_TOOLS_TAG:-go1.19.5_2023-01-10} image: &boulder_image letsencrypt/boulder-tools:${BOULDER_TOOLS_TAG:-go1.19.5_2023-01-10}
environment: environment:
FAKE_DNS: 10.77.77.77 FAKE_DNS: 10.77.77.77

3
test/boulder-tools/tag_and_upload.sh
View File

@ -7,6 +7,9 @@ cd $(dirname $0)
DATESTAMP=$(date +%Y-%m-%d) DATESTAMP=$(date +%Y-%m-%d)
DOCKER_REPO="letsencrypt/boulder-tools" DOCKER_REPO="letsencrypt/boulder-tools"
# When updating these GO_VERSIONS, please also update
# .github/workflows/release.yml and
# .github/workflows/try-release.yml if appropriate.
GO_VERSIONS=( "1.19.2" "1.19.5" ) GO_VERSIONS=( "1.19.2" "1.19.5" )
echo "Please login to allow push to DockerHub" echo "Please login to allow push to DockerHub"

4
tools/make-deb.sh
View File

@ -40,7 +40,3 @@ export VERSION="${GO_VERSION}.$(date +%s)"
# Build Boulder and produce a Debian Package at $PWD. # Build Boulder and produce a Debian Package at $PWD.
make deb make deb
# We expect the final filename produced by `make deb` to be consistent.
# Print it so that the github action can grab it as an output.
echo ::set-output name=filename::boulder-${VERSION}-$(git rev-parse --short=8 HEAD).x86_64.deb