Merge pull request 'workflows to publish the release' (#11) from earl-warren/runner:wip-release into main
Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/11
This commit is contained in:
commit
0048a1dfbc
7 changed files with 199 additions and 7 deletions
3
.dockerignore
Normal file
3
.dockerignore
Normal file
|
@ -0,0 +1,3 @@
|
|||
.git
|
||||
Dockerfile
|
||||
forgejo-runner
|
51
.forgejo/workflows/integration.yml
Normal file
51
.forgejo/workflows/integration.yml
Normal file
|
@ -0,0 +1,51 @@
|
|||
name: Integration tests for the release process
|
||||
|
||||
on:
|
||||
push:
|
||||
paths:
|
||||
- .forgejo/workflows/release.yml
|
||||
- .forgejo/workflows/integration.yml
|
||||
|
||||
jobs:
|
||||
release-simulation:
|
||||
runs-on: self-hosted
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- id: forgejo
|
||||
uses: https://code.forgejo.org/actions/setup-forgejo@v1
|
||||
with:
|
||||
user: root
|
||||
password: admin1234
|
||||
image-version: 1.19
|
||||
lxc-ip-prefix: 10.0.9
|
||||
|
||||
- name: publish the runner release
|
||||
run: |
|
||||
set -x
|
||||
|
||||
dir=$(mktemp -d)
|
||||
trap "rm -fr $dir" EXIT
|
||||
|
||||
url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }}
|
||||
export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}"
|
||||
|
||||
#
|
||||
# Create a new project with the runner and the release workflow only
|
||||
#
|
||||
rsync -a --exclude .git ./ $dir/
|
||||
rm $(find $dir/.forgejo/workflows/*.yml | grep -v release.yml)
|
||||
forgejo-test-helper.sh push $dir $url root runner |& tee $dir/pushed
|
||||
eval $(grep '^sha=' < $dir/pushed)
|
||||
|
||||
#
|
||||
# Push a tag to trigger the release workflow and wait for it to complete
|
||||
#
|
||||
forgejo-test-helper.sh api POST $url repos/root/runner/tags ${{ steps.forgejo.outputs.token }} --data-raw '{"tag_name": "v1.2.3", "target": "'$sha'"}'
|
||||
LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/runner $sha
|
||||
|
||||
#
|
||||
# Minimal sanity checks. e2e test is for the setup-forgejo action
|
||||
# and the infrastructure playbook.
|
||||
#
|
||||
curl -sS $url/root/runner/releases/download/v1.2.3/forgejo-runner-amd64 > /dev/null
|
114
.forgejo/workflows/release.yml
Normal file
114
.forgejo/workflows/release.yml
Normal file
|
@ -0,0 +1,114 @@
|
|||
name: Publish release
|
||||
|
||||
on:
|
||||
push:
|
||||
tags: 'v*'
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: self-hosted
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- id: verbose
|
||||
run: |
|
||||
# if there are no secrets, be verbose
|
||||
if test -z "${{ secrets.TOKEN }}"; then
|
||||
value=true
|
||||
else
|
||||
value=false
|
||||
fi
|
||||
echo "value=$value" >> "$GITHUB_OUTPUT"
|
||||
echo "shell=set -x" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- id: registry
|
||||
run: |
|
||||
${{ steps.verbose.outputs.shell }}
|
||||
url="${{ env.GITHUB_SERVER_URL }}"
|
||||
hostport=${url##http*://}
|
||||
hostport=${hostport%%/}
|
||||
echo "host-port=${hostport}" >> "$GITHUB_OUTPUT"
|
||||
if ! [[ $url =~ ^http:// ]] ; then
|
||||
exit 0
|
||||
fi
|
||||
cat >> "$GITHUB_OUTPUT" <<EOF
|
||||
insecure=true
|
||||
buildx-config<<ENDVAR
|
||||
[registry."${hostport}"]
|
||||
http = true
|
||||
ENDVAR
|
||||
EOF
|
||||
|
||||
- id: secrets
|
||||
run: |
|
||||
token="${{ secrets.TOKEN }}"
|
||||
doer="${{ secrets.DOER }}"
|
||||
if test -z "$token"; then
|
||||
apt-get -qq install -y jq
|
||||
doer=root
|
||||
api=http://$doer:admin1234@${{ steps.registry.outputs.host-port }}/api/v1/users/$doer/tokens
|
||||
curl -sS -X DELETE $api/release
|
||||
token=$(curl -sS -X POST -H 'Content-Type: application/json' --data-raw '{"name": "release", "scopes": ["all"]}' $api | jq --raw-output .sha1)
|
||||
fi
|
||||
echo "token=${token}" >> "$GITHUB_OUTPUT"
|
||||
echo "doer=${doer}" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: allow docker pull/push to forgejo
|
||||
if: ${{ steps.registry.outputs.insecure }}
|
||||
run: |-
|
||||
mkdir /etc/docker
|
||||
cat > /etc/docker/daemon.json <<EOF
|
||||
{
|
||||
"insecure-registries" : ["${{ steps.registry.outputs.host-port }}"],
|
||||
"bip": "172.26.0.1/16"
|
||||
}
|
||||
EOF
|
||||
|
||||
- run: |
|
||||
echo deb http://deb.debian.org/debian bullseye-backports main | tee /etc/apt/sources.list.d/backports.list && apt-get -qq update
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -qq -y -t bullseye-backports docker.io
|
||||
|
||||
- uses: https://github.com/docker/setup-buildx-action@v2
|
||||
with:
|
||||
config-inline: |
|
||||
${{ steps.registry.outputs.buildx-config }}
|
||||
|
||||
- run: |
|
||||
BASE64_AUTH=`echo -n "${{ steps.secrets.outputs.doer }}:${{ steps.secrets.outputs.token }}" | base64`
|
||||
mkdir -p ~/.docker
|
||||
echo "{\"auths\": {\"$CI_REGISTRY\": {\"auth\": \"$BASE64_AUTH\"}}}" > ~/.docker/config.json
|
||||
env:
|
||||
CI_REGISTRY: "${{ env.GITHUB_SERVER_URL }}${{ env.GITHUB_REPOSITORY_OWNER }}"
|
||||
|
||||
- id: build
|
||||
run: |
|
||||
${{ steps.verbose.outputs.shell }}
|
||||
tag="${{ github.ref_name }}"
|
||||
tag=${tag##*v}
|
||||
echo "tag=$tag" >> "$GITHUB_OUTPUT"
|
||||
echo "image=${{ steps.registry.outputs.host-port }}/${{ github.repository }}:${tag}" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- uses: https://github.com/docker/build-push-action@v4
|
||||
with:
|
||||
context: .
|
||||
push: true
|
||||
platforms: linux/amd64,linux/arm64
|
||||
tags: ${{ steps.build.outputs.image }}
|
||||
|
||||
- run: |
|
||||
${{ steps.verbose.outputs.shell }}
|
||||
mkdir -p release
|
||||
for arch in amd64 arm64; do
|
||||
docker create --platform linux/$arch --name runner ${{ steps.build.outputs.image }}
|
||||
docker cp runner:/bin/forgejo-runner release/forgejo-runner-$arch
|
||||
shasum -a 256 < release/forgejo-runner-$arch > release/forgejo-runner-$arch.sha256
|
||||
docker rm runner
|
||||
done
|
||||
|
||||
- uses: https://code.forgejo.org/actions/forgejo-release@v1
|
||||
with:
|
||||
direction: upload
|
||||
release-dir: release
|
||||
release-notes: "RELEASE-NOTES#${{ steps.build.outputs.tag }}"
|
||||
token: ${{ steps.secrets.outputs.token }}
|
||||
verbose: ${{ steps.verbose.outputs.value }}
|
|
@ -1,7 +1,8 @@
|
|||
name: checks
|
||||
on:
|
||||
- push
|
||||
- pull_request
|
||||
- push:
|
||||
branches: [main]
|
||||
|
||||
env:
|
||||
GOPROXY: https://goproxy.io,direct
|
||||
|
@ -21,3 +22,14 @@ jobs:
|
|||
run: make build
|
||||
- name: test
|
||||
run: make test
|
||||
- run: |
|
||||
mkdir release
|
||||
mv forgejo-runner release
|
||||
- if: ${{ startsWith(github.ref, 'refs/tags/v') }}
|
||||
uses: https://code.forgejo.org/actions/forgejo-release@v1
|
||||
with:
|
||||
direction: upload
|
||||
release-dir: release
|
||||
release-notes: "RELEASE-NOTES#${{ github.ref_name }}"
|
||||
token: ${{ secrets.TOKEN }}
|
||||
verbose: true
|
||||
|
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,3 +1,4 @@
|
|||
*~
|
||||
forgejo-runner
|
||||
.env
|
||||
.runner
|
||||
|
|
15
Dockerfile
Normal file
15
Dockerfile
Normal file
|
@ -0,0 +1,15 @@
|
|||
#Build stage
|
||||
FROM golang:1.20-alpine3.17 AS build-env
|
||||
|
||||
RUN apk --no-cache add build-base git
|
||||
|
||||
COPY . /srv
|
||||
WORKDIR /srv
|
||||
RUN make build
|
||||
|
||||
FROM alpine:3.17
|
||||
LABEL maintainer="contact@forgejo.org"
|
||||
|
||||
COPY --from=build-env /srv/forgejo-runner /bin/forgejo-runner
|
||||
|
||||
ENTRYPOINT ["/bin/forgejo-runner"]
|
8
Makefile
8
Makefile
|
@ -17,11 +17,7 @@ WINDOWS_ARCHS ?= windows/amd64
|
|||
GO_FMT_FILES := $(shell find . -type f -name "*.go" ! -name "generated.*")
|
||||
GOFILES := $(shell find . -type f -name "*.go" -o -name "go.mod" ! -name "generated.*")
|
||||
|
||||
ifneq ($(shell uname), Darwin)
|
||||
EXTLDFLAGS = -extldflags "-static" $(null)
|
||||
else
|
||||
EXTLDFLAGS =
|
||||
endif
|
||||
EXTLDFLAGS = -extldflags "-static" $(null)
|
||||
|
||||
ifeq ($(HAS_GO), GO)
|
||||
GOPATH ?= $(shell $(GO) env GOPATH)
|
||||
|
@ -107,7 +103,7 @@ install: $(GOFILES)
|
|||
build: go-check $(EXECUTABLE)
|
||||
|
||||
$(EXECUTABLE): $(GOFILES)
|
||||
$(GO) build -v -tags '$(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o $@
|
||||
$(GO) build -v -tags 'netgo osusergo $(TAGS)' -ldflags '$(EXTLDFLAGS)-s -w $(LDFLAGS)' -o $@
|
||||
|
||||
.PHONY: deps-backend
|
||||
deps-backend:
|
||||
|
|
Loading…
Reference in a new issue