summaryrefslogtreecommitdiffstats
path: root/.github
diff options
context:
space:
mode:
authorGiteabot <teabot@gitea.io>2023-10-11 20:03:06 +0800
committerGitHub <noreply@github.com>2023-10-11 12:03:06 +0000
commit4986dc835118d117a07596b4fd3dc5a58a417002 (patch)
treed234742adc70978824ba5aa7a16a7beb60045d77 /.github
parent1380a46623736a994e4162f2c47d07b9eea2e1b6 (diff)
downloadgitea-4986dc835118d117a07596b4fd3dc5a58a417002.tar.gz
gitea-4986dc835118d117a07596b4fd3dc5a58a417002.zip
fully replace drone with actions (#27556) (#27575)
Backport #27556 by @techknowlogick this builds binaries and docker images for tags Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Diffstat (limited to '.github')
-rw-r--r--.github/workflows/release-nightly.yml2
-rw-r--r--.github/workflows/release-tag-rc.yml125
-rw-r--r--.github/workflows/release-tag-version.yml141
3 files changed, 267 insertions, 1 deletions
diff --git a/.github/workflows/release-nightly.yml b/.github/workflows/release-nightly.yml
index 72e7b3321c..d12b14572f 100644
--- a/.github/workflows/release-nightly.yml
+++ b/.github/workflows/release-nightly.yml
@@ -1,4 +1,4 @@
-name: release-nightly-assets
+name: release-nightly
on:
push:
diff --git a/.github/workflows/release-tag-rc.yml b/.github/workflows/release-tag-rc.yml
new file mode 100644
index 0000000000..9019fc9a3a
--- /dev/null
+++ b/.github/workflows/release-tag-rc.yml
@@ -0,0 +1,125 @@
+name: release-tag-rc
+
+on:
+ push:
+ tags:
+ - 'v1*-rc*'
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: false
+
+jobs:
+ binary:
+ runs-on: nscloud
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: actions/setup-go@v4
+ with:
+ go-version: "~1.21"
+ check-latest: true
+ - uses: actions/setup-node@v3
+ with:
+ node-version: 20
+ - run: make deps-frontend deps-backend
+ # xgo build
+ - run: make release
+ env:
+ TAGS: bindata sqlite sqlite_unlock_notify
+ - name: import gpg key
+ id: import_gpg
+ uses: crazy-max/ghaction-import-gpg@v5
+ with:
+ gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
+ passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
+ - name: sign binaries
+ run: |
+ for f in dist/release/*; do
+ echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
+ done
+ # clean branch name to get the folder name in S3
+ - name: Get cleaned branch name
+ id: clean_name
+ run: |
+ REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
+ echo "Cleaned name is ${REF_NAME}"
+ echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
+ - name: configure aws
+ uses: aws-actions/configure-aws-credentials@v4
+ with:
+ aws-region: ${{ secrets.AWS_REGION }}
+ aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ - name: upload binaries to s3
+ run: |
+ aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
+ - name: create github release
+ run: |
+ gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/*
+ env:
+ GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
+ docker-rootful:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: docker/setup-qemu-action@v2
+ - uses: docker/setup-buildx-action@v2
+ - uses: docker/metadata-action@v5
+ id: meta
+ with:
+ images: gitea/gitea
+ # 1.2.3-rc0
+ tags: |
+ type=semver,pattern={{version}}
+ - name: Login to Docker Hub
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ - name: build rootful docker image
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ platforms: linux/amd64,linux/arm64
+ push: true
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+ docker-rootless:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: docker/setup-qemu-action@v2
+ - uses: docker/setup-buildx-action@v2
+ - uses: docker/metadata-action@v5
+ id: meta
+ with:
+ images: gitea/gitea
+ # each tag below will have the suffix of -rootless
+ flavor: |
+ suffix=-rootless
+ # 1.2.3-rc0
+ tags: |
+ type=semver,pattern={{version}}
+ - name: Login to Docker Hub
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ - name: build rootless docker image
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ platforms: linux/amd64,linux/arm64
+ push: true
+ file: Dockerfile.rootless
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/workflows/release-tag-version.yml b/.github/workflows/release-tag-version.yml
new file mode 100644
index 0000000000..c643166666
--- /dev/null
+++ b/.github/workflows/release-tag-version.yml
@@ -0,0 +1,141 @@
+name: release-tag-version
+
+on:
+ push:
+ tags:
+ - 'v1.*'
+ - '!v1*-rc*'
+ - '!v1*-dev'
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: false
+
+jobs:
+ binary:
+ runs-on: nscloud
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: actions/setup-go@v4
+ with:
+ go-version: "~1.21"
+ check-latest: true
+ - uses: actions/setup-node@v3
+ with:
+ node-version: 20
+ - run: make deps-frontend deps-backend
+ # xgo build
+ - run: make release
+ env:
+ TAGS: bindata sqlite sqlite_unlock_notify
+ - name: import gpg key
+ id: import_gpg
+ uses: crazy-max/ghaction-import-gpg@v5
+ with:
+ gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
+ passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
+ - name: sign binaries
+ run: |
+ for f in dist/release/*; do
+ echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
+ done
+ # clean branch name to get the folder name in S3
+ - name: Get cleaned branch name
+ id: clean_name
+ run: |
+ REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
+ echo "Cleaned name is ${REF_NAME}"
+ echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
+ - name: configure aws
+ uses: aws-actions/configure-aws-credentials@v4
+ with:
+ aws-region: ${{ secrets.AWS_REGION }}
+ aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ - name: upload binaries to s3
+ run: |
+ aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
+ - name: create github release
+ run: |
+ gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/*
+ env:
+ GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
+ docker-rootful:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: docker/setup-qemu-action@v2
+ - uses: docker/setup-buildx-action@v2
+ - uses: docker/metadata-action@v5
+ id: meta
+ with:
+ images: gitea/gitea
+ # this will generate tags in the following format:
+ # latest
+ # 1
+ # 1.2
+ # 1.2.3
+ tags: |
+ type=raw,value=latest
+ type=semver,pattern={{major}}
+ type=semver,pattern={{major}}.{{minor}}
+ type=semver,pattern={{version}}
+ - name: Login to Docker Hub
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ - name: build rootful docker image
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ platforms: linux/amd64,linux/arm64
+ push: true
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+ docker-rootless:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ # fetch all commits instead of only the last as some branches are long lived and could have many between versions
+ # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
+ - run: git fetch --unshallow --quiet --tags --force
+ - uses: docker/setup-qemu-action@v2
+ - uses: docker/setup-buildx-action@v2
+ - uses: docker/metadata-action@v5
+ id: meta
+ with:
+ images: gitea/gitea
+ # each tag below will have the suffix of -rootless
+ flavor: |
+ suffix=-rootless
+ # this will generate tags in the following format (with -rootless suffix added):
+ # latest
+ # 1
+ # 1.2
+ # 1.2.3
+ tags: |
+ type=raw,value=latest
+ type=semver,pattern={{major}}
+ type=semver,pattern={{major}}.{{minor}}
+ type=semver,pattern={{version}}
+ - name: Login to Docker Hub
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ - name: build rootless docker image
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ platforms: linux/amd64,linux/arm64
+ push: true
+ file: Dockerfile.rootless
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}