+++ /dev/null
----
-kind: pipeline
-name: release-version
-
-platform:
- os: linux
- arch: amd64
-
-workspace:
- base: /source
- path: /
-
-trigger:
- event:
- - tag
-
-volumes:
- - name: deps
- temp: {}
-
-steps:
- - name: fetch-tags
- image: docker:git
- pull: always
- commands:
- - git fetch --tags --force
-
- - name: deps-frontend
- image: node:20
- pull: always
- commands:
- - make deps-frontend
-
- - name: deps-backend
- image: gitea/test_env:linux-1.20-amd64
- pull: always
- commands:
- - make deps-backend
- volumes:
- - name: deps
- path: /go
-
- - name: static
- image: techknowlogick/xgo:go-1.21.x
- pull: always
- commands:
- - apt-get update && apt-get -qqy install ca-certificates curl gnupg
- - mkdir -p /etc/apt/keyrings && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
- - echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" > /etc/apt/sources.list.d/nodesource.list
- - apt-get update && apt-get -qqy install nodejs
- - export PATH=$PATH:$GOPATH/bin
- - make release
- environment:
- GOPROXY: https://goproxy.io # proxy.golang.org is blocked in China, this proxy is not
- TAGS: bindata sqlite sqlite_unlock_notify
- DEBIAN_FRONTEND: noninteractive
- depends_on: [fetch-tags]
- volumes:
- - name: deps
- path: /go
-
- - name: gpg-sign
- image: plugins/gpgsign:1
- pull: always
- settings:
- detach_sign: true
- excludes:
- - "dist/release/*.sha256"
- files:
- - "dist/release/*"
- environment:
- GPGSIGN_KEY:
- from_secret: gpgsign_key
- GPGSIGN_PASSPHRASE:
- from_secret: gpgsign_passphrase
- depends_on: [static]
-
- - name: release-tag
- image: woodpeckerci/plugin-s3:latest
- pull: always
- settings:
- acl:
- from_secret: aws_s3_acl
- region:
- from_secret: aws_s3_region
- bucket:
- from_secret: aws_s3_bucket
- endpoint:
- from_secret: aws_s3_endpoint
- path_style:
- from_secret: aws_s3_path_style
- source: "dist/release/*"
- strip_prefix: dist/release/
- target: "/gitea/${DRONE_TAG##v}"
- environment:
- AWS_ACCESS_KEY_ID:
- from_secret: aws_access_key_id
- AWS_SECRET_ACCESS_KEY:
- from_secret: aws_secret_access_key
- depends_on: [gpg-sign]
-
- - name: github
- image: plugins/github-release:latest
- pull: always
- settings:
- files:
- - "dist/release/*"
- file_exists: overwrite
- environment:
- GITHUB_TOKEN:
- from_secret: github_token
- depends_on: [gpg-sign]
-
----
-kind: pipeline
-type: docker
-name: docker-linux-amd64-release-version
-
-platform:
- os: linux
- arch: amd64
-
-trigger:
- ref:
- include:
- - "refs/tags/**"
- exclude:
- - "refs/tags/**-rc*"
- paths:
- exclude:
- - "docs/**"
-
-steps:
- - name: fetch-tags
- image: docker:git
- pull: always
- commands:
- - git fetch --tags --force
-
- - name: publish
- image: plugins/docker:latest
- pull: always
- settings:
- auto_tag: true
- auto_tag_suffix: linux-amd64
- repo: gitea/gitea
- build_args:
- - GOPROXY=https://goproxy.io
- password:
- from_secret: docker_password
- username:
- from_secret: docker_username
- environment:
- PLUGIN_MIRROR:
- from_secret: plugin_mirror
- DOCKER_BUILDKIT: 1
- when:
- event:
- exclude:
- - pull_request
-
- - name: publish-rootless
- image: plugins/docker:latest
- settings:
- dockerfile: Dockerfile.rootless
- auto_tag: true
- auto_tag_suffix: linux-amd64-rootless
- repo: gitea/gitea
- build_args:
- - GOPROXY=https://goproxy.io
- password:
- from_secret: docker_password
- username:
- from_secret: docker_username
- environment:
- PLUGIN_MIRROR:
- from_secret: plugin_mirror
- DOCKER_BUILDKIT: 1
- when:
- event:
- exclude:
- - pull_request
----
-
-kind: pipeline
-type: docker
-name: docker-linux-amd64-release-candidate-version
-
-platform:
- os: linux
- arch: amd64
-
-trigger:
- ref:
- - "refs/tags/**-rc*"
- paths:
- exclude:
- - "docs/**"
-
-steps:
- - name: fetch-tags
- image: docker:git
- pull: always
- commands:
- - git fetch --tags --force
-
- - name: publish
- image: plugins/docker:latest
- pull: always
- settings:
- tags: ${DRONE_TAG##v}-linux-amd64
- repo: gitea/gitea
- build_args:
- - GOPROXY=https://goproxy.io
- password:
- from_secret: docker_password
- username:
- from_secret: docker_username
- environment:
- PLUGIN_MIRROR:
- from_secret: plugin_mirror
- DOCKER_BUILDKIT: 1
- when:
- event:
- exclude:
- - pull_request
-
- - name: publish-rootless
- image: plugins/docker:latest
- settings:
- dockerfile: Dockerfile.rootless
- tags: ${DRONE_TAG##v}-linux-amd64-rootless
- repo: gitea/gitea
- build_args:
- - GOPROXY=https://goproxy.io
- password:
- from_secret: docker_password
- username:
- from_secret: docker_username
- environment:
- PLUGIN_MIRROR:
- from_secret: plugin_mirror
- DOCKER_BUILDKIT: 1
- when:
- event:
- exclude:
- - pull_request
-
----
-kind: pipeline
-type: docker
-name: docker-linux-arm64-release-version
-
-platform:
- os: linux
- arch: arm64
-
-trigger:
- ref:
- include:
- - "refs/tags/**"
- exclude:
- - "refs/tags/**-rc*"
- paths:
- exclude:
- - "docs/**"
-
-steps:
- - name: fetch-tags
- image: docker:git
- pull: always
- commands:
- - git fetch --tags --force
-
- - name: publish
- image: plugins/docker:latest
- pull: always
- settings:
- auto_tag: true
- auto_tag_suffix: linux-arm64
- repo: gitea/gitea
- build_args:
- - GOPROXY=https://goproxy.io
- password:
- from_secret: docker_password
- username:
- from_secret: docker_username
- environment:
- PLUGIN_MIRROR:
- from_secret: plugin_mirror
- DOCKER_BUILDKIT: 1
- when:
- event:
- exclude:
- - pull_request
-
- - name: publish-rootless
- image: plugins/docker:latest
- settings:
- dockerfile: Dockerfile.rootless
- auto_tag: true
- auto_tag_suffix: linux-arm64-rootless
- repo: gitea/gitea
- build_args:
- - GOPROXY=https://goproxy.io
- password:
- from_secret: docker_password
- username:
- from_secret: docker_username
- environment:
- PLUGIN_MIRROR:
- from_secret: plugin_mirror
- DOCKER_BUILDKIT: 1
- when:
- event:
- exclude:
- - pull_request
-
----
-kind: pipeline
-type: docker
-name: docker-linux-arm64-release-candidate-version
-
-platform:
- os: linux
- arch: arm64
-
-trigger:
- ref:
- - "refs/tags/**-rc*"
- paths:
- exclude:
- - "docs/**"
-
-steps:
- - name: fetch-tags
- image: docker:git
- pull: always
- commands:
- - git fetch --tags --force
-
- - name: publish
- image: plugins/docker:latest
- pull: always
- settings:
- tags: ${DRONE_TAG##v}-linux-arm64
- repo: gitea/gitea
- build_args:
- - GOPROXY=https://goproxy.io
- password:
- from_secret: docker_password
- username:
- from_secret: docker_username
- environment:
- PLUGIN_MIRROR:
- from_secret: plugin_mirror
- DOCKER_BUILDKIT: 1
- when:
- event:
- exclude:
- - pull_request
-
- - name: publish-rootless
- image: plugins/docker:latest
- settings:
- dockerfile: Dockerfile.rootless
- tags: ${DRONE_TAG##v}-linux-arm64-rootless
- repo: gitea/gitea
- build_args:
- - GOPROXY=https://goproxy.io
- password:
- from_secret: docker_password
- username:
- from_secret: docker_username
- environment:
- PLUGIN_MIRROR:
- from_secret: plugin_mirror
- DOCKER_BUILDKIT: 1
- when:
- event:
- exclude:
- - pull_request
-
----
-kind: pipeline
-type: docker
-name: docker-manifest-version
-
-platform:
- os: linux
- arch: amd64
-
-steps:
- - name: manifest-rootless
- image: plugins/manifest
- pull: always
- settings:
- auto_tag: true
- ignore_missing: true
- spec: docker/manifest.rootless.tmpl
- password:
- from_secret: docker_password
- username:
- from_secret: docker_username
-
- - name: manifest
- image: plugins/manifest
- settings:
- auto_tag: true
- ignore_missing: true
- spec: docker/manifest.tmpl
- password:
- from_secret: docker_password
- username:
- from_secret: docker_username
-
-trigger:
- ref:
- - "refs/tags/**"
- paths:
- exclude:
- - "docs/**"
-
-depends_on:
- - docker-linux-amd64-release-version
- - docker-linux-amd64-release-candidate-version
- - docker-linux-arm64-release-version
- - docker-linux-arm64-release-candidate-version
-name: release-nightly-assets
+name: release-nightly
on:
push:
--- /dev/null
+name: release-tag-rc
+
+on:
+ push:
+ tags:
+ - 'v1*-rc*'
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: false
+
+jobs:
+ binary:
+ runs-on: nscloud
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: actions/setup-go@v4
+ with:
+ go-version: "~1.21"
+ check-latest: true
+ - uses: actions/setup-node@v3
+ with:
+ node-version: 20
+ - run: make deps-frontend deps-backend
+ # xgo build
+ - run: make release
+ env:
+ TAGS: bindata sqlite sqlite_unlock_notify
+ - name: import gpg key
+ id: import_gpg
+ uses: crazy-max/ghaction-import-gpg@v5
+ with:
+ gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
+ passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
+ - name: sign binaries
+ run: |
+ for f in dist/release/*; do
+ echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
+ done
+ # clean branch name to get the folder name in S3
+ - name: Get cleaned branch name
+ id: clean_name
+ run: |
+ REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
+ echo "Cleaned name is ${REF_NAME}"
+ echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
+ - name: configure aws
+ uses: aws-actions/configure-aws-credentials@v4
+ with:
+ aws-region: ${{ secrets.AWS_REGION }}
+ aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ - name: upload binaries to s3
+ run: |
+ aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
+ - name: create github release
+ run: |
+ gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/*
+ env:
+ GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
+ docker-rootful:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: docker/setup-qemu-action@v2
+ - uses: docker/setup-buildx-action@v2
+ - uses: docker/metadata-action@v5
+ id: meta
+ with:
+ images: gitea/gitea
+ # 1.2.3-rc0
+ tags: |
+ type=semver,pattern={{version}}
+ - name: Login to Docker Hub
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ - name: build rootful docker image
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ platforms: linux/amd64,linux/arm64
+ push: true
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+ docker-rootless:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: docker/setup-qemu-action@v2
+ - uses: docker/setup-buildx-action@v2
+ - uses: docker/metadata-action@v5
+ id: meta
+ with:
+ images: gitea/gitea
+ # each tag below will have the suffix of -rootless
+ flavor: |
+ suffix=-rootless
+ # 1.2.3-rc0
+ tags: |
+ type=semver,pattern={{version}}
+ - name: Login to Docker Hub
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ - name: build rootless docker image
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ platforms: linux/amd64,linux/arm64
+ push: true
+ file: Dockerfile.rootless
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
--- /dev/null
+name: release-tag-version
+
+on:
+ push:
+ tags:
+ - 'v1.*'
+ - '!v1*-rc*'
+ - '!v1*-dev'
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: false
+
+jobs:
+ binary:
+ runs-on: nscloud
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: actions/setup-go@v4
+ with:
+ go-version: "~1.21"
+ check-latest: true
+ - uses: actions/setup-node@v3
+ with:
+ node-version: 20
+ - run: make deps-frontend deps-backend
+ # xgo build
+ - run: make release
+ env:
+ TAGS: bindata sqlite sqlite_unlock_notify
+ - name: import gpg key
+ id: import_gpg
+ uses: crazy-max/ghaction-import-gpg@v5
+ with:
+ gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
+ passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
+ - name: sign binaries
+ run: |
+ for f in dist/release/*; do
+ echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
+ done
+ # clean branch name to get the folder name in S3
+ - name: Get cleaned branch name
+ id: clean_name
+ run: |
+ REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
+ echo "Cleaned name is ${REF_NAME}"
+ echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
+ - name: configure aws
+ uses: aws-actions/configure-aws-credentials@v4
+ with:
+ aws-region: ${{ secrets.AWS_REGION }}
+ aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ - name: upload binaries to s3
+ run: |
+ aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
+ - name: create github release
+ run: |
+ gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/*
+ env:
+ GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
+ docker-rootful:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: docker/setup-qemu-action@v2
+ - uses: docker/setup-buildx-action@v2
+ - uses: docker/metadata-action@v5
+ id: meta
+ with:
+ images: gitea/gitea
+ # this will generate tags in the following format:
+ # latest
+ # 1
+ # 1.2
+ # 1.2.3
+ tags: |
+ type=raw,value=latest
+ type=semver,pattern={{major}}
+ type=semver,pattern={{major}}.{{minor}}
+ type=semver,pattern={{version}}
+ - name: Login to Docker Hub
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ - name: build rootful docker image
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ platforms: linux/amd64,linux/arm64
+ push: true
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+ docker-rootless:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: docker/setup-qemu-action@v2
+ - uses: docker/setup-buildx-action@v2
+ - uses: docker/metadata-action@v5
+ id: meta
+ with:
+ images: gitea/gitea
+ # each tag below will have the suffix of -rootless
+ flavor: |
+ suffix=-rootless
+ # this will generate tags in the following format (with -rootless suffix added):
+ # latest
+ # 1
+ # 1.2
+ # 1.2.3
+ tags: |
+ type=raw,value=latest
+ type=semver,pattern={{major}}
+ type=semver,pattern={{major}}.{{minor}}
+ type=semver,pattern={{version}}
+ - name: Login to Docker Hub
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ - name: build rootless docker image
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ platforms: linux/amd64,linux/arm64
+ push: true
+ file: Dockerfile.rootless
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
document-start:
level: error
present: false
- ignore: |
- /.drone.yml
document-end:
present: false
projects / gitea.git / commitdiff