This repository has been archived by the owner on Dec 8, 2024. It is now read-only.
Release #135
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| publishChocolatey: | |
| type: choice | |
| description: "Publish to chocolatey" | |
| options: | |
| - "true" | |
| - "false" | |
| default: "false" | |
| env: | |
| REPOSITORY_OWNER: "kaytu-io" | |
| REPOSITORY_NAME: "kaytu" | |
| HOMEBREW_TAP: "homebrew-cli-tap" | |
| OWNER_EMAIL: "dev@kaytu.io" | |
| jobs: | |
| tag: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| latest_tag: ${{ steps.set_latest_tag.outputs.latest_tag }} | |
| previous_tag: ${{ steps.set_latest_tag.outputs.previous_tag }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.GH_TOKEN }} | |
| - name: Tag version | |
| id: tag_version | |
| uses: mathieudutour/github-tag-action@v6.1 | |
| with: | |
| github_token: ${{ secrets.GH_TOKEN }} | |
| release_branches: main | |
| tag_prefix: v | |
| - name: Set latest tag output | |
| id: set_latest_tag | |
| run: | | |
| if [[ -z "${{ steps.tag_version.outputs.new_tag }}" ]]; then | |
| echo "latest_tag=${{ steps.tag_version.outputs.previous_tag }}" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "latest_tag=${{ steps.tag_version.outputs.new_tag }}" >> "$GITHUB_OUTPUT" | |
| fi | |
| echo "previous_tag=${{ steps.tag_version.outputs.previous_tag }}" >> "$GITHUB_OUTPUT" | |
| - name: Save new tag | |
| id: save_new_tag | |
| run: | | |
| version=${{ steps.tag_version.outputs.new_tag }} | |
| version=${version#v} | |
| echo $version > new_tag.txt | |
| - name: Upload new tag | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: new_tag | |
| path: new_tag.txt | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - tag | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: stable | |
| - name: Install cosign | |
| run: | | |
| curl -O -L "https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64" | |
| sudo mv cosign-linux-amd64 /usr/local/bin/cosign | |
| sudo chmod +x /usr/local/bin/cosign | |
| - name: Install musl cc | |
| uses: awalsh128/cache-apt-pkgs-action@v1 | |
| with: | |
| packages: musl-tools musl-dev musl | |
| - name: Run GoReleaser | |
| uses: goreleaser/goreleaser-action@v5 | |
| with: | |
| distribution: goreleaser | |
| version: latest | |
| args: release --clean | |
| env: | |
| GORELEASER_CURRENT_TAG: ${{ needs.tag.outputs.latest_tag }} | |
| GORELEASER_PREVIOUS_TAG: ${{ needs.tag.outputs.previous_tag }} | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
| COSIGN_PWD: ${{ secrets.COSIGN_PWD }} | |
| COSIGN_SECRET: ${{ secrets.COSIGN_SECRET }} | |
| REPOSITORY_OWNER: ${{ env.REPOSITORY_OWNER }} | |
| REPOSITORY_NAME: ${{ env.REPOSITORY_NAME }} | |
| OWNER_EMAIL: ${{ env.OWNER_EMAIL }} | |
| HOMEBREW_TAP: ${{ env.HOMEBREW_TAP }} | |
| GORELEASER_MAKE_LATEST: "true" | |
| sign-windows: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - tag | |
| - release | |
| steps: | |
| - name: Download new tag | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: new_tag | |
| - name: Set new tag | |
| id: set_new_tag | |
| run: | | |
| echo "::set-output name=new_tag::$(cat new_tag.txt)" | |
| - uses: robinraju/release-downloader@v1.10 | |
| id: download_release_amd64 | |
| with: | |
| repository: "${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}" | |
| fileName: '*' | |
| latest: true | |
| - name: Add windows zip | |
| id: add_windows_zip | |
| run: | | |
| ls -l | |
| sudo apt-get -qq update -y | |
| sudo apt-get -qq -y install cmake libssl-dev libcurl4-openssl-dev zlib1g-dev python3 | |
| sudo apt-get -qq update -y | |
| sudo apt-get -qq -y install osslsigncode | |
| echo "${{ secrets.SELFSIGNED_KEY }}" | base64 --decode > cert.key | |
| echo "${{ secrets.SELFSIGNED_CRT }}" | base64 --decode > cert.crt | |
| osslsigncode sign -certs cert.crt -key cert.key -n "Kaytu" -i https://kaytu.io/ -in kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.exe -out kaytu.exe | |
| mkdir kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64 | |
| mv kaytu.exe kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64 | |
| zip -r kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.zip kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64 | |
| sha256sum kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.zip > kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64_checksum.txt | |
| sed -i '/kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.zip/{ | |
| r kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64_checksum.txt | |
| d | |
| }' kaytu_${{ steps.set_new_tag.outputs.new_tag }}_checksums.txt | |
| export UPLOAD_URL=$(curl --silent "https://api.github.com/repos/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}/releases/latest" -H "Authorization: Bearer ${{ secrets.GH_TOKEN }}" | jq -r .upload_url) | |
| echo "$UPLOAD_URL" | |
| echo "upload_url=$UPLOAD_URL" >> $GITHUB_OUTPUT | |
| release_id=$(curl --request GET \ | |
| --url https://api.github.com/repos/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}/releases/latest \ | |
| --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}' | jq '.id') | |
| echo $release_id | |
| assets=$(curl --request GET \ | |
| --url https://api.github.com/repos/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}/releases/$release_id/assets \ | |
| --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}') | |
| echo $assets | |
| amd64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.exe") | .id') | |
| curl --request DELETE \ | |
| --url https://api.github.com/repos/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}/releases/assets/$amd64 \ | |
| --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}' | |
| linuxarm64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_linux_arm64") | .id') | |
| curl --request DELETE \ | |
| --url https://api.github.com/repos/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}/releases/assets/$linuxarm64 \ | |
| --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}' | |
| linuxamd64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_linux_amd64") | .id') | |
| curl --request DELETE \ | |
| --url https://api.github.com/repos/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}/releases/assets/$linuxamd64 \ | |
| --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}' | |
| darwinarm64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_darwin_arm64") | .id') | |
| curl --request DELETE \ | |
| --url https://api.github.com/repos/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}/releases/assets/$darwinarm64 \ | |
| --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}' | |
| darwinamd64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_darwin_amd64") | .id') | |
| curl --request DELETE \ | |
| --url https://api.github.com/repos/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}/releases/assets/$darwinamd64 \ | |
| --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}' | |
| windowszip=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.zip") | .id') | |
| curl --request DELETE \ | |
| --url https://api.github.com/repos/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}/releases/assets/$windowszip \ | |
| --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}' | |
| windowschecksum=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_checksums.txt") | .id') | |
| curl --request DELETE \ | |
| --url https://api.github.com/repos/${{ env.REPOSITORY_OWNER }}/${{ env.REPOSITORY_NAME}}/releases/assets/$windowschecksum \ | |
| --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}' | |
| - name: Upload Release Asset amd64 zip | |
| id: upload-release-asset-amd64-zip | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.add_windows_zip.outputs.upload_url }} | |
| asset_path: ./kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.zip | |
| asset_name: kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.zip | |
| asset_content_type: application/zip | |
| - name: Upload Release Asset amd64 zip checksum | |
| id: upload-release-asset-amd64-zip-checksum | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.add_windows_zip.outputs.upload_url }} | |
| asset_path: ./kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64_checksum.txt | |
| asset_name: kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64_checksum.txt | |
| asset_content_type: text/plain | |
| - name: Upload Release Asset new checksum | |
| id: upload-release-asset-new-checksum | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.add_windows_zip.outputs.upload_url }} | |
| asset_path: ./kaytu_${{ steps.set_new_tag.outputs.new_tag }}_checksums.txt | |
| asset_name: kaytu_${{ steps.set_new_tag.outputs.new_tag }}_checksums.txt | |
| asset_content_type: text/plain | |
| chocolatey-publish: | |
| name: Release Kaytu choco | |
| if: github.event.inputs.publishChocolatey == 'true' | |
| runs-on: windows-latest | |
| needs: | |
| - tag | |
| - release | |
| - sign-windows | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Generate & push | |
| run: scripts/build.ps1 | |
| env: | |
| CHOCO_API_KEY: ${{ secrets.CHOCO_APIKEY }} |