feat(cd): automatic AUR release #5265
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD Process | ||
on: | ||
workflow_call: | ||
workflow_dispatch: | ||
jobs: | ||
compute-build-ref: | ||
runs-on: ubuntu-22.04 | ||
outputs: | ||
build-ref: ${{ steps.compute-build-ref.outputs.build-ref }} | ||
steps: | ||
- name: Compute build ref | ||
id: compute-build-ref | ||
run: echo "${{ github.workflow }}-${{ github.event.number || github.ref }}" >> $GITHUB_OUTPUT | ||
select-java-version: | ||
outputs: | ||
java-version: ${{ steps.java-version.outputs.java-version }} | ||
runs-on: ubuntu-22.04 | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
- name: Compute Java version | ||
id: java-version | ||
run: ruby -e 'puts("java-version=#{/^minJavaVersion\s*=\s*(\d+)$/.match(File.read("gradle.properties"))[1]}")' >> $GITHUB_OUTPUT | ||
# Complete build, including testing, static analysis, and packaging | ||
build: | ||
needs: | ||
- select-java-version | ||
- compute-build-ref | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
os: [ windows-2022, macos-12, ubuntu-22.04 ] | ||
runs-on: ${{ matrix.os }} | ||
timeout-minutes: 180 | ||
concurrency: | ||
group: build-${{ matrix.os }}-${{ needs.compute-build-ref.outputs.build-ref }} | ||
cancel-in-progress: true | ||
steps: | ||
- name: Checkout | ||
uses: danysk/[email protected] | ||
- uses: DanySK/[email protected] | ||
with: | ||
pre-build-command: ./gradlew kotlinUpgradeYarnLock --parallel | ||
# check that all tasks used in subsequent phases are there | ||
build-command: | | ||
COMMAND="./gradlew \ | ||
build clean close \ | ||
hugoBuild \ | ||
performWebsiteStringReplacements \ | ||
publishKotlinOSSRHPublicationToGithubRepository \ | ||
release \ | ||
shadowJar \ | ||
uploadKotlinOSSRH uploadKotlinMultiplatform uploadJvm uploadJs \ | ||
--dry-run | ||
" | ||
eval $COMMAND || eval $COMMAND | ||
check-command: | | ||
./gradlew check --parallel || ./gradlew check --parallel | ||
clean-command: | | ||
./gradlew clean --parallel || ./gradlew clean --parallel || true | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
should-run-codecov: ${{ contains('Linux', runner.os) }} | ||
should-deploy: false | ||
should-validate-wrapper: ${{ contains('Linux', runner.os) }} | ||
- name: Generate fatjars and platform-specific packages | ||
run: ./gradlew shadowJar jpackageFull --parallel | ||
- name: Upload fatjars built on Linux | ||
if: ${{ runner.os == 'Linux' }} | ||
uses: actions/[email protected] | ||
with: | ||
name: fat-jars-${{ needs.compute-build-ref.outputs.build-ref }} | ||
path: build/shadow/* | ||
if-no-files-found: error | ||
- name: Upload platform-specific packages | ||
uses: actions/[email protected] | ||
with: | ||
name: installer-package-${{ runner.os }}-${{ needs.compute-build-ref.outputs.build-ref }} | ||
path: build/package/* | ||
if-no-files-found: error | ||
# Performs a dry-deployment on Central if credentials are available | ||
test-deploy: | ||
needs: | ||
- select-java-version | ||
- compute-build-ref | ||
runs-on: ubuntu-22.04 | ||
if: >- | ||
!github.event.repository.fork | ||
&& ( | ||
github.event_name != 'pull_request' | ||
|| github.event.pull_request.head.repo.full_name == github.repository | ||
) | ||
timeout-minutes: 120 | ||
concurrency: | ||
group: test-deploy-${{ needs.compute-build-ref.outputs.build-ref }} | ||
cancel-in-progress: true | ||
steps: | ||
- name: Checkout | ||
uses: danysk/[email protected] | ||
- uses: DanySK/[email protected] | ||
with: | ||
build-command: ./gradlew kotlinUpgradeYarnLock --parallel | ||
check-command: true | ||
deploy-command: | | ||
COMMAND="./gradlew uploadJvm uploadJs uploadKotlinOSSRH uploadKotlinMultiplatform close drop --parallel" | ||
eval "$COMMAND" || eval "$COMMAND" || eval "$COMMAND" | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
should-run-codecov: false | ||
should-deploy: true | ||
should-validate-wrapper: false | ||
maven-central-password: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | ||
signing-key: ${{ secrets.SIGNING_KEY }} | ||
signing-password: ${{ secrets.SIGNING_PASSWORD }} | ||
# Test packages correctness | ||
test-packages: | ||
needs: | ||
- compute-build-ref | ||
- select-java-version | ||
- build | ||
strategy: | ||
matrix: | ||
os: [ windows-2022, macos-12, ubuntu-22.04 ] | ||
fail-fast: false | ||
runs-on: ${{ matrix.os }} | ||
concurrency: | ||
group: test-packages-${{ needs.compute-build-ref.outputs.build-ref }} | ||
cancel-in-progress: true | ||
steps: | ||
- name: Checkout | ||
uses: danysk/[email protected] | ||
- name: Setup Java | ||
uses: actions/[email protected] | ||
with: | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
distribution: 'temurin' | ||
- name: Install bsdtar | ||
if: runner.os == 'Linux' | ||
run: sudo apt update && sudo apt install libarchive-tools | ||
- name: Download packages | ||
uses: actions/[email protected] | ||
with: | ||
name: installer-package-${{ runner.os }} | ||
path: build/package/ | ||
merge-multiple: true | ||
- name: Test package | ||
shell: bash | ||
run: ./gradlew testJpackageOutput --info | ||
# Test PKGBUILD for aur release | ||
test-aur-package: | ||
needs: | ||
- compute-build-ref | ||
- select-java-version | ||
- build | ||
runs-on: ubuntu-22.04 | ||
container: | ||
image: archlinux:base-devel-20240101.0.204074 | ||
concurrency: | ||
group: test-aur-release-${{ needs.compute-build-ref.outputs.build-ref }} | ||
cancel-in-progress: true | ||
steps: | ||
- name: Setup arch | ||
run: | | ||
sudo pacman --noconfirm -Syu | ||
sudo pacman --noconfirm -Sy git rpm-tools | ||
- run: git config --system --add safe.directory /__w/Alchemist/Alchemist # https://github.com/actions/checkout/issues/1169 | ||
- name: Checkout | ||
uses: danysk/[email protected] | ||
- name: Setup Java | ||
uses: actions/[email protected] | ||
with: | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
distribution: 'temurin' | ||
- name: Download packages | ||
uses: actions/[email protected] | ||
with: | ||
pattern: installer-package-Linux | ||
path: build/package/ | ||
merge-multiple: true | ||
- name: Generate PKGBUILD | ||
run: ./gradlew generatePKGBUILD -DgeneratePKGBUILD.testSource=true | ||
- name: Makepkg Build and Check | ||
uses: edlanglois/pkgbuild-action@v1 | ||
with: | ||
pkgdir: build/package | ||
- name: Test installation | ||
working-directory: build/package | ||
run: | | ||
sudo pacman -U --noconfirm alchemist-*.zst | ||
(sudo pacman -Q | grep -q alchemist && echo "Success! Alchemist found in the package list") || exit 1 | ||
(/usr/bin/alchemist --help | grep -q options_list && echo "Success! Alchemist available") || exit 2 | ||
# Builds the website and verifies link sanity | ||
build-website: | ||
needs: | ||
- select-java-version | ||
- compute-build-ref | ||
runs-on: ubuntu-22.04 | ||
timeout-minutes: 30 | ||
concurrency: | ||
group: build-website-${{ needs.compute-build-ref.outputs.build-ref }} | ||
cancel-in-progress: true | ||
steps: | ||
- name: Checkout | ||
uses: danysk/[email protected] | ||
- uses: DanySK/[email protected] | ||
with: | ||
build-command: | | ||
for i in 1 2 3 4 5; do | ||
./gradlew hugoBuild --parallel && break || sleep 120 | ||
if [ "$i" = 5 ]; then | ||
false | ||
fi | ||
done | ||
check-command: true | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
should-run-codecov: false | ||
should-deploy: false | ||
should-validate-wrapper: false | ||
- name: Tar files | ||
run: tar -cvf website.tar build/website | ||
- name: Upload website | ||
uses: actions/[email protected] | ||
with: | ||
name: website | ||
path: website.tar | ||
- uses: DanySK/[email protected] | ||
with: | ||
build-command: | | ||
check-command: | | ||
# Temporarily disable checks on kdoc/javadoc: too many bugs in Dokka. | ||
# See: | ||
# https://github.com/Kotlin/dokka/issues/2320 | ||
# https://github.com/Kotlin/dokka/issues/2321 | ||
# https://github.com/Kotlin/dokka/issues/2322 | ||
# https://github.com/Kotlin/dokka/issues/2323 | ||
# Once everything gets fixed, lychee could simply run on '/website/**/*.html' | ||
FILES="$( | ||
find build/website/ -name '*.html' | | ||
grep -v /kdoc/ | | ||
grep -v /javadoc/ | | ||
grep -v /tags/ | | ||
sed -e 's#^build##' | ||
)" | ||
for file in $FILES; do | ||
# Ignore all meta tags containing absolute links | ||
perl -i -pe 's/<meta.*\"http.*\".*>//g' "build/$file" | ||
done | ||
CHECK_LINKS="docker run --rm -v ""$(pwd)/build/website:/website"" -e GITHUB_TOKEN lycheeverse/lychee:0.10.3 $(echo "$FILES") --exclude-file /website/lycheeignore -m 100 --accept 403,429,500,502,503" | ||
for i in 1 2 3 4 5; do | ||
$(echo $CHECK_LINKS) && break || sleep 30 | ||
if [ "$i" = 5 ]; then | ||
false | ||
fi | ||
done | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
should-run-codecov: false | ||
should-deploy: false | ||
should-validate-wrapper: false | ||
# Performs a release if needed | ||
release: | ||
concurrency: | ||
# Only one release job at a time per branch, as only master releases. | ||
# Strictly sequential. | ||
group: release-${{ github.event.number || github.ref }} | ||
needs: | ||
- compute-build-ref | ||
- select-java-version | ||
- build | ||
- build-website | ||
- test-deploy | ||
- test-packages | ||
- test-aur-package | ||
concurrency: | ||
# Only one release job at a time per branch, as only master releases. | ||
# Strictly sequential. | ||
group: release-${{ needs.compute-build-ref.outputs.build-ref }} | ||
runs-on: ubuntu-22.04 | ||
if: >- | ||
!github.event.repository.fork | ||
&& ( | ||
github.event_name != 'pull_request' | ||
|| github.event.pull_request.head.repo.full_name == github.repository | ||
) | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
with: | ||
submodules: recursive | ||
token: ${{ secrets.DEPLOYMENT_TOKEN }} | ||
- name: Checkout the docs | ||
if: contains(github.repository, 'AlchemistSimulator/Alchemist') | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
with: | ||
path: website | ||
fetch-depth: 0 | ||
persist-credentials: true | ||
repository: AlchemistSimulator/alchemistsimulator.github.io | ||
token: ${{ secrets.DEPLOYMENT_TOKEN }} | ||
- name: Download website artifact | ||
uses: actions/[email protected] | ||
with: | ||
name: website | ||
- name: Download packages | ||
uses: actions/[email protected] | ||
with: | ||
pattern: installer-package-* | ||
path: build/package/ | ||
merge-multiple: true | ||
- name: Download fatJars | ||
uses: actions/[email protected] | ||
with: | ||
name: fat-jars | ||
path: build/shadow/ | ||
merge-multiple: true | ||
- name: Find the version of Node from package.json | ||
id: node-version | ||
run: echo "version=$(jq -r .engines.node package.json)" >> $GITHUB_OUTPUT | ||
- name: Install Node | ||
uses: actions/[email protected] | ||
with: | ||
node-version: ${{ steps.node-version.outputs.version }} | ||
- uses: DanySK/[email protected] | ||
with: | ||
java-version: ${{ needs.select-java-version.outputs.java-version }} | ||
build-command: | | ||
ls -ahl | ||
echo Copying the new website | ||
tar -xf website.tar | ||
echo Copying git information | ||
mv website/.git build/website/.git | ||
# git -C build/website/ status | ||
echo Removing old website | ||
rm -rf website | ||
echo Adding changes to the stage | ||
git -C build/website/ add . | ||
# git -C build/website/ status | ||
check-command: true | ||
deploy-command: | | ||
npm install | ||
npx semantic-release | ||
should-run-codecov: false | ||
should-deploy: true | ||
should-validate-wrapper: false | ||
github-token: ${{ secrets.DEPLOYMENT_TOKEN }} | ||
maven-central-password: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | ||
signing-key: ${{ secrets.SIGNING_KEY }} | ||
signing-password: ${{ secrets.SIGNING_PASSWORD }} | ||
custom-secret-0: ${{ secrets.AUR_USERNAME }} | ||
custom-secret-1: ${{ secrets.AUR_EMAIL }} | ||
custom-secret-2: ${{ secrets.AUR_SSH_PRIVATE_KEY }} | ||
success: | ||
runs-on: ubuntu-22.04 | ||
needs: | ||
- build | ||
- build-website | ||
- release | ||
- test-deploy | ||
- test-packages | ||
- test-aur-package | ||
if: >- | ||
always() && ( | ||
contains(join(needs.*.result, ','), 'failure') | ||
|| !contains(join(needs.*.result, ','), 'cancelled') | ||
) | ||
steps: | ||
- name: Verify that there were no failures | ||
run: ${{ !contains(join(needs.*.result, ','), 'failure') }} |