Update build-artifacts.yml #116
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build-artifacts.yml | |
| permissions: | |
| contents: read | |
| id-token: write | |
| attestations: write | |
| on: | |
| workflow_dispatch: {} | |
| push: | |
| branches: | |
| - MASTER-SERVER-216 | |
| jobs: | |
| get-version: | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| outputs: | |
| VERSION: ${{ steps.git_describe.outputs.version }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - name: Compute version from git describe | |
| id: git_describe | |
| run: echo "version=$(git describe --tags --always)" >> "$GITHUB_OUTPUT" | |
| build-artifacts: | |
| needs: get-version | |
| if: ${{ github.repository_owner == 'aerospike' }} | |
| strategy: | |
| matrix: | |
| distro: | |
| - el8 | |
| - el9 | |
| - el10 | |
| - amzn2023 | |
| - debian12 | |
| - debian13 | |
| - ubuntu20.04 | |
| - ubuntu22.04 | |
| - ubuntu24.04 | |
| host: | |
| - ubuntu-24.04 | |
| - ubuntu-24.04-arm | |
| uses: aerospike/shared-workflows/.github/workflows/[email protected] | |
| with: | |
| runs-on: ${{ matrix.host }} | |
| jf-project: database | |
| jf-build-id: ${{ needs.get-version.outputs.VERSION }} | |
| # this is the default behaviour so we can leave it out but if it is wanted to be explicit | |
| # we need to use the ref not the ref_name in github actions. The ref_name is the short name and so not a valid ref. | |
| # gh-source-ref: ${{ github.ref }} | |
| build-script: local/.github/packaging/project/gha-main.sh "${{ matrix.distro }}" | |
| gh-artifact-directory: dist | |
| gh-artifact-name: unsigned-artifacts-${{ matrix.distro }}-${{ matrix.host }} | |
| gh-retention-days: 1 | |
| dry-run: false | |
| oidc-provider-name: database-gh-aerospike | |
| oidc-audience: database-gh-aerospike | |
| jf-build-name: ${{ | |
| (startsWith(matrix.distro, 'el') || startsWith(matrix.distro, 'amzn')) | |
| && format('{0}-rpm', github.event.repository.name) | |
| || format('{0}-deb', github.event.repository.name) | |
| }} | |
| sign-artifacts: | |
| strategy: | |
| matrix: | |
| distro: | |
| - el8 | |
| - el9 | |
| - el10 | |
| - amzn2023 | |
| - debian12 | |
| - debian13 | |
| - ubuntu20.04 | |
| - ubuntu22.04 | |
| - ubuntu24.04 | |
| host: | |
| - ubuntu-24.04 | |
| - ubuntu-24.04-arm | |
| needs: | |
| - get-version | |
| - build-artifacts | |
| uses: aerospike/shared-workflows/.github/workflows/[email protected] | |
| with: | |
| gh-artifact-name: signed-artifacts-${{ matrix.distro }}-${{ matrix.host }} | |
| gh-unsigned-artifacts: unsigned-artifacts-${{ matrix.distro }}-${{ matrix.host }} | |
| secrets: | |
| gpg-private-key: ${{ secrets.GPG_SECRET_KEY }} | |
| gpg-public-key: ${{ secrets.GPG_PUBLIC_KEY }} | |
| gpg-key-pass: ${{ secrets.GPG_PASS }} | |
| upload-artifacts: | |
| strategy: | |
| matrix: | |
| distro: | |
| - el8 | |
| - el9 | |
| - el10 | |
| - amzn2023 | |
| - debian12 | |
| - debian13 | |
| - ubuntu20.04 | |
| - ubuntu22.04 | |
| - ubuntu24.04 | |
| host: | |
| - ubuntu-24.04 | |
| - ubuntu-24.04-arm | |
| needs: | |
| - get-version | |
| - sign-artifacts | |
| uses: aerospike/shared-workflows/.github/workflows/[email protected] | |
| with: | |
| jf-project: database | |
| jf-build-name: ${{ | |
| (startsWith(matrix.distro, 'el') || startsWith(matrix.distro, 'amzn')) | |
| && format('{0}-rpm', github.event.repository.name) | |
| || format('{0}-deb', github.event.repository.name) | |
| }} | |
| version: ${{ needs.get-version.outputs.VERSION }} | |
| oidc-provider-name: database-gh-aerospike | |
| oidc-audience: database-gh-aerospike | |
| gh-artifact-name: signed-artifacts-${{ matrix.distro }}-${{ matrix.host }} | |
| gh-retention-days: 1 | |
| dry-run: false | |
| jf-build-id: ${{ needs.get-version.outputs.VERSION }} | |
| jf-metadata-build-id: ${{ needs.get-version.outputs.VERSION }}-metadata | |
| # create-release-bundle: | |
| # permissions: | |
| # contents: read | |
| # id-token: write | |
| # attestations: write | |
| # needs: | |
| # - upload-artifacts | |
| # - get-version | |
| # uses: aerospike/shared-workflows/.github/workflows/[email protected] | |
| # with: | |
| # jf-project: "database" | |
| # jf-build-names: "aerospike-admin-deb:${{ needs.get-version.outputs.VERSION }}, aerospike-admin-rpm:${{ needs.get-version.outputs.VERSION }}" | |
| # jf-bundle-name: "aerospike-admin" | |
| # version: ${{ needs.get-version.outputs.VERSION }} | |
| # gh-workflows-ref: v2.0.2 # Use specific shared-workflows version | |
| # dry-run: false | |
| Create-release-bundle: | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| id-token: write | |
| attestations: write | |
| needs: | |
| - upload-artifacts | |
| - get-version | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - name: Setup JFrog CLI | |
| uses: jfrog/setup-jfrog-cli@f748a0599171a192a2668afee8d0497f7c1069df # v4.5.6 | |
| env: | |
| JF_URL: https://aerospike.jfrog.io | |
| JF_PROJECT: database | |
| with: | |
| oidc-provider-name: database-gh-aerospike | |
| oidc-audience: database-gh-aerospike | |
| - name: Check JFrog Configuration | |
| run: | | |
| jf c show | |
| jf rt ping | |
| - name: Create release bundle | |
| run: | | |
| echo '{ | |
| "name": "${{ github.event.repository.name }}-release-bundle", | |
| "version": "${{ needs.get-version.outputs.VERSION }}", | |
| "description": "Release for build version ${{ needs.get-version.outputs.VERSION }}", | |
| "files": [ | |
| { | |
| "project": "database", | |
| "build": "${{ github.event.repository.name }}-rpm/${{ needs.get-version.outputs.VERSION }}" | |
| }, | |
| { | |
| "project": "database", | |
| "build": "${{ github.event.repository.name }}-rpm/${{ needs.get-version.outputs.VERSION }}-artifacts" | |
| }, | |
| { | |
| "project": "database", | |
| "build": "${{ github.event.repository.name }}-deb/${{ needs.get-version.outputs.VERSION }}" | |
| }, | |
| { | |
| "project": "database", | |
| "build": "${{ github.event.repository.name }}-deb/${{ needs.get-version.outputs.VERSION }}-artifacts" | |
| } | |
| ] | |
| }' > release-bundle-spec.json | |
| cat release-bundle-spec.json | |
| jf release-bundle-create "${{ github.event.repository.name }}" "${{ needs.get-version.outputs.VERSION }}" \ | |
| --spec release-bundle-spec.json \ | |
| --project="database" \ | |
| --signing-key="aerospike" | |
| test-install-from-jfrog-and-execute: | |
| strategy: | |
| matrix: | |
| distro: | |
| - el8 | |
| - el9 | |
| - el10 | |
| - amzn2023 | |
| - debian12 | |
| - debian13 | |
| - ubuntu20.04 | |
| - ubuntu22.04 | |
| - ubuntu24.04 | |
| host: | |
| - ubuntu-24.04 | |
| - ubuntu-24.04-arm | |
| needs: upload-artifacts | |
| env: | |
| JFROG_CLI_BUILD_NAME: ${{ inputs.jf-build-name || github.workflow }} | |
| JFROG_CLI_LOG_LEVEL: INFO | |
| runs-on: ${{ matrix.host }} | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| steps: | |
| - name: Install JFrog CLI | |
| id: jf | |
| uses: jfrog/setup-jfrog-cli@5b06f730cc5a6f55d78b30753f8583454b08c0aa # v4.8.1 | |
| env: | |
| JF_URL: https://artifact.aerospike.io | |
| JF_PROJECT: database | |
| with: | |
| oidc-provider-name: database-gh-aerospike | |
| oidc-audience: database-gh-aerospike | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ github.ref }} | |
| submodules: recursive | |
| - name: Run test cases | |
| env: | |
| JF_TOKEN: ${{ steps.jf.outputs.oidc-token }} | |
| JF_USERNAME: ${{ steps.jf.outputs.oidc-user }} | |
| run: .github/packaging/project/test/gha-test-main.sh ${{ matrix.distro }} ${{ github.event.repository.name }} | |