Skip to content

Commit

Permalink
Merge pull request #7115 from ivotron/use-goreleaser-for-rpk-releases
Browse files Browse the repository at this point in the history 
Use goreleaser for rpk releases
  • Loading branch information
@ivotron
ivotron authored Dec 4, 2022
2 parents d66576e + c553d8c commit 8f86dee
Show file tree
Hide file tree
Showing 5 changed files with 130 additions and 194 deletions.
27 changes: 0 additions & 27 deletions .github/workflows/homebrew-publish.yml
View file

This file was deleted.

198 changes: 51 additions & 147 deletions .github/workflows/rpk-build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
# the Business Source License, use of this software will be governed
# by the Apache License, Version 2.0

name: Go
name: rpk
on:
push:
tags:
Expand All @@ -20,180 +20,84 @@ on:
- dev

jobs:
build:
name: Test and Build
test:
name: Run tests
strategy:
matrix:
os: [linux, darwin, windows]
arch: [amd64, arm64]
runs-on: ubuntu-latest
steps:

- name: Check out code
uses: actions/checkout@v2
- name: Check out code
uses: actions/checkout@v3

- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.19.2
id: go

- name: Set up Node
uses: actions/setup-node@v2-beta
with:
node-version: '12.16.1'

- name: Test
working-directory: src/go/rpk/
run: go test -v ./...

- name: Build
working-directory: src/go/rpk/
run: |
pkg='vectorized/pkg/cli/cmd/version'
tag=$(echo ${{ github.ref }} | sed 's;refs/tags/;;g')
GOOS=${{ matrix.os }} GOARCH=${{ matrix.arch }} ./build.sh $tag ${{ github.sha }}
- name: Package
if: ${{ matrix.os != 'windows'}}
working-directory: src/go/rpk/
run: |
zip -j rpk-${{ matrix.os }}-${{ matrix.arch }}.zip ./${{ matrix.os }}-${{ matrix.arch }}/rpk
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.19.2

- name: Upload build artifacts
uses: actions/upload-artifact@v2
if: startsWith(github.ref, 'refs/tags/v')
with:
name: rpk-archives
path: |
src/go/rpk/rpk-*.zip
- name: Run tests
working-directory: src/go/rpk/
run: go test -v ./...

sign-darwin:
name: Sign and notarize the darwin release_name
needs: create-release
release:
name: Release using goreleaser
if: startsWith(github.ref, 'refs/tags/v')
strategy:
matrix:
arch: [amd64, arm64]
runs-on: macos-latest
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2

- name: Download zip
uses: actions/download-artifact@v2
uses: actions/checkout@v3
with:
name: rpk-archives
path: zip/
fetch-depth: 0

- name: Unzip darwin build
working-directory: zip/
- name: Install quill
run: |
unzip rpk-darwin-${{ matrix.arch }}.zip
rm rpk-darwin-${{ matrix.arch }}.zip
mkdir -p "$HOME/.local/bin"
echo "$HOME/.local/bin" >> $GITHUB_PATH
curl -sSfL https://raw.githubusercontent.com/anchore/quill/main/install.sh | sh -s -- -b "$HOME/.local/bin" v0.2.0
- name: Import Code-Signing Certificates
uses: Apple-Actions/import-codesign-certs@v1
- name: Set up Go
uses: actions/setup-go@v3
with:
p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
p12-password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }}
go-version: 1.19.2

- name: Install gon for code signing and app notarization
- name: Create empty release notes
run: |
curl -LO https://github.com/mitchellh/gon/releases/download/v0.2.5/gon_macos.zip
unzip gon_macos.zip
rm gon_macos.zip
echo "" > /tmp/empty_notes
- name: Sign the mac binaries with Gon
working-directory: zip/
- name: Invoke goreleaser
uses: goreleaser/goreleaser-action@v3
env:
AC_USERNAME: ${{ secrets.AC_USERNAME }}
AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
run: |
../gon -log-level=info ../src/go/rpk/gon_${{ matrix.arch }}.json
- name: Upload signed Package
uses: actions/upload-artifact@v2
QUILL_SIGN_P12: ${{ secrets.QUILL_SIGN_P12_BASE64 }}
QUILL_SIGN_PASSWORD: ${{ secrets.QUILL_SIGN_PASSWORD }}
QUILL_NOTARY_KEY_ID: ${{ secrets.QUILL_NOTARY_KEY_ID }}
QUILL_NOTARY_KEY: ${{ secrets.QUILL_NOTARY_KEY_BASE64 }}
QUILL_NOTARY_ISSUER: ${{ secrets.QUILL_NOTARY_ISSUER }}
GITHUB_TOKEN: ${{ secrets.VBOT_GITHUB_API_TOKEN }}
with:
name: rpk-archives
path: zip/rpk-darwin-${{ matrix.arch }}.zip
outputs:
upload_url: ${{ needs.create-release.outputs.upload_url }}
distribution: goreleaser
version: ${{ env.GITHUB_REF_NAME }}
workdir: src/go/rpk/
args: release --rm-dist --release-notes /tmp/empty_notes

- name: Archive quill output
if: failure()
uses: actions/upload-artifact@v3
with:
name: quill-logs
path: src/go/rpk/dist/quill-*.log

notify-sign-failure:
notify-release-failure:
name: Notify of release failures
runs-on: ubuntu-latest
if: ${{ failure() }}
needs: [sign-darwin]
if: failure()
needs: [release]
steps:
- name: Notify sign failed
id: notify_sign_failure
- name: Notify release failure
uses: slackapi/[email protected]
with:
channel-id: ${{ secrets.INTERNAL_RELEASES_SLACK_CHANNEL }}
slack-message: "ERROR: signing darwin binaries for `${{ github.ref_name }}` failed in ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}"
slack-message: "ERROR: release of `rpk` binaries for `${{ github.ref_name }}` failed in ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}"
env:
SLACK_BOT_TOKEN: ${{ secrets.VBOTBUILDOVICH_SLACK_BOT_TOKEN }}

create-release:
name: Create release
needs: [build]
if: startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
steps:
- name: Create rpk release
id: create_rpk_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: ${{ github.ref }}
draft: true
prerelease: false
outputs:
upload_url: ${{ steps.create_rpk_release.outputs.upload_url }}

upload-release-artifacts-linux:
name: Upload linux binaries
needs: [create-release]
if: startsWith(github.ref, 'refs/tags/v')
strategy:
matrix:
arch: [amd64, arm64]
runs-on: ubuntu-latest
steps:
- name: Download compressed rpk artifacts
uses: actions/download-artifact@v2

- name: Upload rpk artifacts to release
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ needs.create-release.outputs.upload_url }}
asset_path: rpk-archives/rpk-linux-${{ matrix.arch }}.zip
asset_name: rpk-linux-${{ matrix.arch }}.zip
asset_content_type: application/zip

upload-release-artifacts-darwin:
name: Upload darwin binaries
needs: [sign-darwin]
if: startsWith(github.ref, 'refs/tags/v')
strategy:
matrix:
arch: [amd64, arm64]
runs-on: ubuntu-latest
steps:
- name: Download compressed rpk artifacts
uses: actions/download-artifact@v2

- name: Upload rpk artifacts to release
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ needs.sign-darwin.outputs.upload_url }}
asset_path: rpk-archives/rpk-darwin-${{ matrix.arch }}.zip
asset_name: rpk-darwin-${{ matrix.arch }}.zip
asset_content_type: application/zip
79 changes: 79 additions & 0 deletions src/go/rpk/.goreleaser.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
project_name: rpk
builds:
- id: rpk-windows
main: ./cmd/rpk
binary: rpk
ldflags:
- -X github.com/redpanda-data/redpanda/src/go/rpk/pkg/cli/cmd/version.version={{.Tag}}
- -X github.com/redpanda-data/redpanda/src/go/rpk/pkg/cli/cmd/version.rev={{.ShortCommit}}
- -X github.com/redpanda-data/redpanda/src/go/rpk/pkg/cli/cmd/container/common.tag={{.Tag}}
env:
- CGO_ENABLED=0
goos:
- windows
goarch:
- amd64
- arm64
# we need separate build for darwin to sign/notarize using quill
- id: rpk-darwin
main: ./cmd/rpk
binary: rpk
ldflags:
- -X github.com/redpanda-data/redpanda/src/go/rpk/pkg/cli/cmd/version.version={{.Tag}}
- -X github.com/redpanda-data/redpanda/src/go/rpk/pkg/cli/cmd/version.rev={{.ShortCommit}}
- -X github.com/redpanda-data/redpanda/src/go/rpk/pkg/cli/cmd/container/common.tag={{.Tag}}
env:
- CGO_ENABLED=0
goos:
- darwin
goarch:
- amd64
- arm64
hooks:
post:
# The binary is signed and notarized when running a production release, but for snapshot builds notarization is
# skipped and only ad-hoc signing is performed (not cryptographic material is needed).
#
# note: environment variables required for signing and notarization (set in CI) but are not needed for snapshot builds
# QUILL_SIGN_P12, QUILL_SIGN_PASSWORD, QUILL_NOTARY_KEY, QUILL_NOTARY_KEY_ID, QUILL_NOTARY_ISSUER
- cmd: quill sign-and-notarize "{{ .Path }}" --dry-run={{ .IsSnapshot }} --ad-hoc={{ .IsSnapshot }} -vv
env:
- QUILL_LOG_FILE=dist/quill-{{ .Target }}.log
release:
github:
owner: redpanda-data
name: redpanda
draft: true
discussion_category_name: Releases
brews:
- name: redpanda
homepage: "https://redpanda.com"
description: "Redpanda CLI & toolbox"
tap:
owner: redpanda-data
name: homebrew-tap
folder: Formula
skip_upload: auto
caveats: |
Redpanda Keeper (rpk) is Redpanda's command line interface (CLI)
utility. The rpk commands let you configure, manage, and tune
Redpanda clusters. They also let you manage topics, groups,
and access control lists (ACLs).
Start a three-node docker cluster locally:
rpk container start -n 3
Interact with the cluster using commands like:
rpk topic list
When done, stop and delete the docker cluster:
rpk container purge
For more examples and guides, visit: https://docs.redpanda.com
commit_author:
name: vbotbuildovich
email: [email protected]
announce:
skip: "true"
10 changes: 0 additions & 10 deletions src/go/rpk/gon_amd64.json
View file

This file was deleted.

10 changes: 0 additions & 10 deletions src/go/rpk/gon_arm64.json
View file

This file was deleted.

0 comments on commit 8f86dee

Please sign in to comment.