[CI] Forgejo Actions based release process (squash) generate .xz files and sources

Generate .xz files Check .sha256 Generate the source tarbal
2024-11-22 05:36:16 +00:00 · 2023-06-16 07:44:19 +02:00 · 2023-06-16 07:44:19 +02:00 · 7afec520c4
parent ff74da1cb6
commit 7afec520c4
4 changed files with 57 additions and 19 deletions
--- a/.forgejo/actions/build-release/action.yml
+++ b/.forgejo/actions/build-release/action.yml
@ -44,6 +44,10 @@ runs:
    - run: echo "${{ github.action_path }}" >> $GITHUB_PATH
      shell: bash

+    - name: Install dependencies
+      run: |
+        apt-get install -y -qq xz-utils
+
    - name: set -x if verbose is required
      id: verbose
      run: |
@ -124,12 +128,15 @@ runs:
      run: |
        ${{ steps.verbose.outputs.shell }}
        mkdir -p release
+        cd release
        for platform in $(echo ${{ inputs.platforms }} | tr ',' ' '); do
          arch=$(echo $platform | sed -e 's|linux/||g' -e 's|arm/v6|arm-6|g')
          docker create --platform $platform --name forgejo-$arch ${{ steps.registry.outputs.host-port }}/${{ inputs.owner }}/${{ inputs.repository }}:${{ steps.build.outputs.tag }}${{ inputs.suffix }}
-          binary="${{ inputs.binary-name }}-${{ steps.build.outputs.tag }}"
-          docker cp forgejo-$arch:${{ inputs.binary-path }} release/$binary-$arch
-          shasum -a 256 < release/$binary-$arch | cut -f1 -d ' ' > release/$binary-$arch.sha256
+          binary="${{ inputs.binary-name }}-${{ steps.build.outputs.tag }}-linux"
+          docker cp forgejo-$arch:${{ inputs.binary-path }} $binary-$arch
+          xz --keep -9 $binary-$arch
+          shasum -a 256 $binary-$arch > $binary-$arch.sha256
+          shasum -a 256 $binary-$arch.xz > $binary-$arch.xz.sha256
          docker rm forgejo-$arch
        done

--- a/.forgejo/workflows/build-release-integration.yml
+++ b/.forgejo/workflows/build-release-integration.yml
@ -28,6 +28,7 @@ jobs:
        run: |
          set -x

+          version=1.2.3
          cat > /etc/docker/daemon.json <<EOF
            {
              "insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"]
@ -35,6 +36,8 @@ jobs:
          EOF
          systemctl restart docker

+          apt-get install -qq -y xz-utils
+
          dir=$(mktemp -d)
          trap "rm -fr $dir" EXIT

@ -50,9 +53,11 @@ jobs:
          cat > $dir/Dockerfile <<EOF
          FROM docker.io/library/alpine:3.18
          RUN mkdir -p /app/gitea
-          RUN ( echo '#!/bin/sh' ; echo 'echo forgejo v1.2.3' ) > /app/gitea/gitea ; chmod +x /app/gitea/gitea
+          RUN ( echo '#!/bin/sh' ; echo "echo forgejo v$version" ) > /app/gitea/gitea ; chmod +x /app/gitea/gitea
          EOF
          cp $dir/Dockerfile $dir/Dockerfile.rootless
+          sources=forgejo-src-$version.tar.gz
+          ( echo 'sources-tarbal:' ; echo -e '\tmkdir -p dist/release ; cd dist/release ; sources=forgejo-src-$(VERSION).tar.gz ; echo sources > $$sources ; shasum -a 256 $$sources > $$sources.sha256' ) > $dir/Makefile

          forgejo-test-helper.sh push $dir $url root forgejo |& tee $dir/pushed
          eval $(grep '^sha=' < $dir/pushed)
@ -60,13 +65,13 @@ jobs:
          #
          # Push a tag to trigger the release workflow and wait for it to complete
          #
-          forgejo-test-helper.sh api POST $url repos/root/forgejo/tags ${{ steps.forgejo.outputs.token }} --data-raw '{"tag_name": "v1.2.3", "target": "'$sha'"}'
+          forgejo-test-helper.sh api POST $url repos/root/forgejo/tags ${{ steps.forgejo.outputs.token }} --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}'
          LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha

          #
          # uncomment to see the logs even when everything is reported to be working ok
          #
-          cat $FORGEJO_RUNNER_LOGS
+          #cat $FORGEJO_RUNNER_LOGS

          #
          # Minimal sanity checks. e2e test is for the setup-forgejo
@ -75,12 +80,23 @@ jobs:
          # build, only the sanity of the naming of the binaries.
          #
          for arch in amd64 arm64 arm-6 ; do
-            curl -L -sS $url/root/forgejo/releases/download/v1.2.3/forgejo-1.2.3-$arch > forgejo
-            chmod +x forgejo
-            ./forgejo --version | grep 1.2.3
-            curl -L -sS $url/root/forgejo/releases/download/v1.2.3/forgejo-1.2.3-$arch.sha256 > forgejo.one
-            shasum -a 256 < forgejo | cut -f1 -d ' ' > forgejo.two
-            diff forgejo.one forgejo.two
+            binary=forgejo-$version-linux-$arch
+            for suffix in '' '.xz' ; do
+              curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix
+              if test "$suffix" = .xz ; then
+                 unxz --keep $binary$suffix
+              fi
+              chmod +x $binary
+              ./$binary --version | grep $version
+              curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256
+              shasum -a 256 --check $binary$suffix.sha256
+              rm $binary$suffix
+            done
          done
-          docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:1.2.3
-          docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:1.2.3-rootless
+
+          curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources
+          curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256
+          shasum -a 256 --check $sources.sha256
+
+          docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version
+          docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless
--- a/.forgejo/workflows/build-release.yml
+++ b/.forgejo/workflows/build-release.yml
@ -12,9 +12,9 @@ jobs:
    steps:
      - uses: actions/checkout@v3

-      - id: verbose
+      - name: Increase the verbosity when there are no secrets
+        id: verbose
        run: |
-          # if there are no secrets, be verbose
          if test -z "${{ secrets.TOKEN }}"; then
            value=true
          else
@ -22,17 +22,17 @@ jobs:
          fi
          echo "value=$value" >> "$GITHUB_OUTPUT"

-      - id: repository
+      - name: Sanitize the name of the repository
+        id: repository
        run: |
          set -x # comment out
          repository="${{ github.repository }}"
          echo "value=${repository##*/}" >> "$GITHUB_OUTPUT"

-      - name: when in a test environment, create a token
+      - name: When in a test environment, create a token
        id: token
        if: ${{ secrets.TOKEN == '' }}
        run: |
-          set -x # comment out
          apt-get -qq install -y jq
          url="${{ env.GITHUB_SERVER_URL }}"
          hostport=${url##http*://}
@ -43,6 +43,19 @@ jobs:
          token=$(curl -sS -X POST -H 'Content-Type: application/json' --data-raw '{"name": "release", "scopes": ["all"]}' $api | jq --raw-output .sha1)
          echo "value=${token}" >> "$GITHUB_OUTPUT"

+      - uses: https://code.forgejo.org/actions/setup-go@v4
+        with:
+          go-version: ">=1.20"
+          check-latest: true
+
+      - name: build sources
+        run: |
+          apt-get -qq install -y make
+          tag="${{ github.ref_name }}"
+          make VERSION=${tag##*v} sources-tarbal
+          mv dist/release release
+          find release | grep tar.gz # sanity check to fail fast
+
      - name: build container & release (when TOKEN secret is not set)
        if: ${{ secrets.TOKEN == '' }}
        uses: ./.forgejo/actions/build-release
--- a/2
+++ b/2
@ -821,6 +821,8 @@ $(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
 .PHONY: release
 release: frontend generate release-linux release-copy release-compress vendor release-sources release-check

+sources-tarbal: vendor release-sources release-check
+
 $(DIST_DIRS):
 	mkdir -p $(DIST_DIRS)