diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9502a36..ba9b597 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -3,18 +3,28 @@ name: Build on: - release: - types: - - published + pull_request: push: - branches-ignore: - - 'gh-pages' workflow_dispatch: jobs: - build-artifacts: - name: Build artifacts - runs-on: windows-2022 + build-self-contained: + name: Build Self Contained Artifacts + runs-on: ubuntu-22.04 + strategy: + fail-fast: false + matrix: + include: + - rid: win-x64 + - rid: win-x86 + - rid: win-arm64 + - rid: linux-x64 + - rid: linux-arm + - rid: linux-arm64 + - rid: linux-musl-x64 + - rid: linux-musl-arm64 + - rid: osx-x64 + - rid: osx-arm64 steps: - name: Checkout repo uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 @@ -22,9 +32,9 @@ jobs: - name: Print environment run: | dotnet --info - echo "GitHub ref: $Env:GITHUB_REF" - echo "GitHub ref name: $Env:GITHUB_REF_NAME" - echo "GitHub event: $Env:GITHUB_EVENT_NAME" + echo "GitHub ref: $GITHUB_REF" + echo "GitHub ref name: $GITHUB_REF_NAME" + echo "GitHub event: $GITHUB_EVENT_NAME" - name: Restore/Clean service run: | @@ -32,171 +42,54 @@ jobs: dotnet restore echo "Clean" dotnet clean -c "Release" - - - name: Publish service (self contained) - shell: pwsh + + - name: Build Self Contained Binary + env: + RID: ${{ matrix.rid }} run: | - ./build.ps1 -task binary-sc -os win -ref $Env:GITHUB_REF_NAME -event $Env:GITHUB_EVENT_NAME - ./build.ps1 -task binary-sc -os lin -ref $Env:GITHUB_REF_NAME -event $Env:GITHUB_EVENT_NAME - ./build.ps1 -task binary-sc -os mac -ref $Env:GITHUB_REF_NAME -event $Env:GITHUB_EVENT_NAME - - - name: Publish service (framework dependent) - shell: pwsh + OUTPUT_DIR="$(pwd)/build/sc/$RID" + echo "### Building self contained binary for $RID to $OUTPUT_DIR" + dotnet publish -c Release -p:PublishDir=$OUTPUT_DIR -r $RID \ + -p:PublishReadyToRun=true -p:PublishSingleFile=true \ + -p:DebugType=None -p:DebugSymbols=false -p:PublishTrimmed=true \ + --self-contained true -p:IncludeNativeLibrariesForSelfExtract=true \ + -p:EnableCompressionInSingleFile=true + cd $OUTPUT_DIR + FILENAME=$(ls hbs*) + SUFFIX=${FILENAME#hbs} + NEW_FILENAME="hbs_${RID}${SUFFIX}" + mv -- "$FILENAME" "$NEW_FILENAME" + zip -j hbs_${RID}.zip $NEW_FILENAME + rm $NEW_FILENAME + + - name: Upload Self Contained artifact (${{ matrix.rid }}) + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + with: + name: hbs_${{ matrix.rid }} + path: build/sc/${{ matrix.rid }} + if-no-files-found: error + + - name: Build Framework Dependent Binary + env: + RID: ${{ matrix.rid }} run: | - ./build.ps1 -task binary-fd -os win -ref $Env:GITHUB_REF_NAME -event $Env:GITHUB_EVENT_NAME - ./build.ps1 -task binary-fd -os lin -ref $Env:GITHUB_REF_NAME -event $Env:GITHUB_EVENT_NAME - ./build.ps1 -task binary-fd -os mac -ref $Env:GITHUB_REF_NAME -event $Env:GITHUB_EVENT_NAME - - - name: Upload Self Contained artifacts (win-x64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_win-x64 - path: build/sc/win-x64 - if-no-files-found: error - - - name: Upload Self Contained artifacts (win-x86) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_win-x86 - path: build/sc/win-x86 - if-no-files-found: error - - - name: Upload Self Contained artifacts (linux-x64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_linux-x64 - path: build/sc/linux-x64 - if-no-files-found: error - - - name: Upload Self Contained artifacts (linux-arm64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_linux-arm64 - path: build/sc/linux-arm64 - if-no-files-found: error - - - name: Upload Self Contained artifacts (linux-armv7) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_linux-armv7 - path: build/sc/linux-arm - if-no-files-found: error - - - name: Upload Self Contained artifacts (alpine-x64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_alpine-x64 - path: build/sc/linux-musl-x64 - if-no-files-found: error - - - name: Upload Self Contained artifacts (alpine-armv7) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_alpine-armv7 - path: build/sc/linux-musl-arm - if-no-files-found: error - - - name: Upload Self Contained artifacts (alpine-arm64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_alpine-arm64 - path: build/sc/linux-musl-arm64 - if-no-files-found: error - - - name: Upload Self Contained artifacts (osx-x64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_osx-x64 - path: build/sc/osx-x64 - if-no-files-found: error - - - name: Upload Self Contained artifacts (osx.12-arm64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_osx.12-arm64 - path: build/sc/osx.12-arm64 - if-no-files-found: error - - - name: Upload Self Contained artifacts (osx.11.0-arm64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_osx.11.0-arm64 - path: build/sc/osx.11.0-arm64 - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (win-x64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_win-x64_dotnet - path: build/fd/win-x64 - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (win-x86) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_win-x86_dotnet - path: build/fd/win-x86 - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (linux-x64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_linux-x64_dotnet - path: build/fd/linux-x64 - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (linux-arm64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_linux-arm64_dotnet - path: build/fd/linux-arm64 - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (linux-armv7) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_linux-armv7_dotnet - path: build/fd/linux-arm - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (alpine-x64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_alpine-x64_dotnet - path: build/fd/linux-musl-x64 - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (alpine-armv7) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_alpine-armv7_dotnet - path: build/fd/linux-musl-arm - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (alpine-arm64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_alpine-arm64_dotnet - path: build/fd/linux-musl-arm64 - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (osx-x64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_osx-x64_dotnet - path: build/fd/osx-x64 - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (osx.12-arm64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_osx.12-arm64_dotnet - path: build/fd/osx.12-arm64 - if-no-files-found: error - - - name: Upload Framework Dependent artifacts (osx.11.0-arm64) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 - with: - name: hbs_osx.11.0-arm64_dotnet - path: build/fd/osx.11.0-arm64 + OUTPUT_DIR="$(pwd)/build/fd/$RID" + echo "### Building framework dependent binary for $RID to $OUTPUT_DIR" + dotnet publish -c Release -p:PublishDir=$OUTPUT_DIR -r $RID \ + -p:PublishReadyToRun=true -p:PublishSingleFile=true \ + -p:DebugType=None -p:DebugSymbols=false \ + --self-contained false -p:IncludeNativeLibrariesForSelfExtract=true + cd $OUTPUT_DIR + FILENAME=$(ls hbs*) + SUFFIX=${FILENAME#hbs} + NEW_FILENAME="hbs_${RID}_dotnet${SUFFIX}" + mv -- "$FILENAME" "$NEW_FILENAME" + zip -j hbs_${RID}_dotnet.zip $NEW_FILENAME + rm $NEW_FILENAME + + - name: Upload Framework Dependent artifact (${{ matrix.rid }}) + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + with: + name: hbs_${{ matrix.rid }}_dotnet + path: build/fd/${{ matrix.rid }} if-no-files-found: error diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8a12476..40babff 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,13 +1,119 @@ --- name: Release +run-name: Release - ${{ inputs.release_type }} on: workflow_dispatch: + inputs: + release_type: + description: "Release Options" + required: true + default: "Release" + type: choice + options: + - Release + - Dry Run jobs: - stub: - name: Stub job + release: + name: Release runs-on: ubuntu-22.04 steps: - - name: Stub step - run: exit 0 + - name: Branch check + if: ${{ inputs.release_type != 'Dry Run' }} + run: | + if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then + echo "===================================" + echo "[!] Can only release from the 'main' branch" + echo "===================================" + exit 1 + fi + + - name: Checkout repo + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Check Release Version + id: version + uses: bitwarden/gh-actions/release-version-check@main + with: + release-type: ${{ inputs.release_type }} + project-type: dotnet + file: src/Handlebars.conf/Handlebars.conf.csproj + + - name: Download all Release artifacts + uses: bitwarden/gh-actions/download-artifacts@main + with: + workflow: build.yml + path: artifacts + workflow_conclusion: success + branch: ${{ github.ref_name }} + + - name: Create release + if: ${{ inputs.release_type != 'Dry Run' }} + uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0 + env: + PKG_VERSION: ${{ steps.version.outputs.version }} + with: + artifacts: "artifacts/hbs_linux-arm.zip, + artifacts/hbs_linux-arm64.zip, + artifacts/hbs_linux-arm64_dotnet.zip, + artifacts/hbs_linux-arm_dotnet.zip, + artifacts/hbs_linux-musl-arm64.zip, + artifacts/hbs_linux-musl-arm64_dotnet.zip, + artifacts/hbs_linux-musl-x64.zip, + artifacts/hbs_linux-musl-x64_dotnet.zip, + artifacts/hbs_linux-x64.zip, + artifacts/hbs_linux-x64_dotnet.zip, + artifacts/hbs_osx-arm64.zip, + artifacts/hbs_osx-arm64_dotnet.zip, + artifacts/hbs_osx-x64.zip, + artifacts/hbs_osx-x64_dotnet.zip, + artifacts/hbs_win-arm64.zip, + artifacts/hbs_win-arm64_dotnet.zip, + artifacts/hbs_win-x64.zip, + artifacts/hbs_win-x64_dotnet.zip, + artifacts/hbs_win-x86.zip, + artifacts/hbs_win-x86_dotnet.zip" + commit: ${{ github.sha }} + tag: v${{ env.PKG_VERSION }} + name: Version ${{ env.PKG_VERSION }} + body: "" + token: ${{ secrets.GITHUB_TOKEN }} + draft: true + + check-failures: + name: Check for failures + if: always() + runs-on: ubuntu-22.04 + needs: release + steps: + - name: Check if any job failed + if: github.ref == 'refs/heads/main' + env: + RELEASE_STATUS: ${{ needs.release.result }} + run: | + if [ "$RELEASE_STATUS" = "failure" ]; then + exit 1 + fi + + - name: Login to Azure - CI subscription + uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 + if: failure() + with: + creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} + + - name: Retrieve secrets + id: retrieve-secrets + uses: bitwarden/gh-actions/get-keyvault-secrets@main + if: failure() + with: + keyvault: "bitwarden-ci" + secrets: "devops-alerts-slack-webhook-url" + + - name: Notify Slack on failure + uses: act10ns/slack@ed1309ab9862e57e9e583e51c7889486b9a00b0f # v2.0.0 + if: failure() + env: + SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} + with: + status: ${{ job.status }} diff --git a/LICENSE b/LICENSE index 61c1c79..76e6186 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2022 Kyle Spearrin +Copyright (c) 2024 Bitwarden Inc Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index e183cb4..e9f6ff1 100644 --- a/README.md +++ b/README.md @@ -4,12 +4,12 @@ Handlebars templates for config files. ## Install -Download the latest release binary for your system from the [Releases page](https://github.com/kspearrin/Handlebars.conf/releases). Note that there are different binaries for various architectures on Linux, Alpine, macOS, and Windows. +Download the latest release binary for your system from the [Releases page](https://github.com/bitwarden/Handlebars.conf/releases). Note that there are different binaries for various architectures on Linux, macOS, and Windows. Linux x64 example: ```sh -curl -L -o hbs.zip https://github.com/kspearrin/Handlebars.conf/releases/download/v1.3.0/hbs_linux-x64.zip +curl -L -o hbs.zip https://github.com/bitwarden/Handlebars.conf/releases/download/v2024.2.0/hbs_linux-x64.zip sudo unzip hbs.zip -d /usr/local/bin && rm hbs.zip sudo chmod +x /usr/local/bin/hbs @@ -125,4 +125,4 @@ user is KYLE. ### Real World Example -You can see this tool in use with Bitwarden's Nginx config here: https://github.com/bitwarden/server/tree/master/docker-unified/hbs +You can see this tool in use with Bitwarden Unified's NGINX config here: https://github.com/bitwarden/self-host/tree/main/docker-unified/hbs diff --git a/src/Handlebars.conf/Handlebars.conf.csproj b/src/Handlebars.conf/Handlebars.conf.csproj index 82ed516..e7421b1 100644 --- a/src/Handlebars.conf/Handlebars.conf.csproj +++ b/src/Handlebars.conf/Handlebars.conf.csproj @@ -5,6 +5,7 @@ net8.0 enable hbs + 2024.2.0