add automated release workflow (#2077)
## Issue Addressed Resolves #1674 ## Proposed Changes - Whenever a tag is pushed with the prefix `v` this workflow is triggered - creates portable and non-portable binaries for linux x86_64, linux aarch64, macOS - an attempt at using github actions caching - signs each binary using GPG - auto-generates full changelog based on commit messages since the last release - creates a **draft** release - hot new formatting (preview [here](https://github.com/realbigsean/lighthouse/releases/tag/v0.9.23)) - has been taking around 35 minutes ## Additional Info TODOs: - Figure out how we should automate dockerhub's version tag. - It'd be quickest just to tag `latest`, but we'd need to make sure the docker workflow completes before this starts - we do the same cross-compile in the `docker` workflow, we could try to use the same binary - integrate a similar flow for unstable binaries (`-rc` tag?) - improve caching, potentially use sccache - if we start using a self-hosted runner this'll require some re-working Need to add the following secrets to Github: - `GPG_PASSPHRASE` - ~~`GPG_PUBLIC_KEY`~~ hard-coded this, because it was tough manage as a secret - `GPG_SIGNING_KEY` Co-authored-by: realbigsean <seananderson33@gmail.com>
This commit is contained in:
parent
3381266998
commit
b5e81eb6b2
1
.github/workflows/book.yml
vendored
1
.github/workflows/book.yml
vendored
@ -8,6 +8,7 @@ on:
|
||||
jobs:
|
||||
build-and-upload-to-s3:
|
||||
runs-on: ubuntu-18.04
|
||||
environment: protected
|
||||
steps:
|
||||
- uses: actions/checkout@master
|
||||
|
||||
|
2
.github/workflows/docker.yml
vendored
2
.github/workflows/docker.yml
vendored
@ -22,6 +22,7 @@ jobs:
|
||||
BRANCH_NAME: ${{ steps.extract_branch.outputs.BRANCH_NAME }}
|
||||
build-docker-arm64:
|
||||
runs-on: ubuntu-18.04
|
||||
environment: protected
|
||||
needs: [extract-branch-name]
|
||||
# We need to enable experimental docker features in order to use `docker buildx`
|
||||
env:
|
||||
@ -60,6 +61,7 @@ jobs:
|
||||
--push
|
||||
build-docker-amd64:
|
||||
runs-on: ubuntu-18.04
|
||||
environment: protected
|
||||
needs: [extract-branch-name]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
186
.github/workflows/release.yml
vendored
Normal file
186
.github/workflows/release.yml
vendored
Normal file
@ -0,0 +1,186 @@
|
||||
name: Release Suite
|
||||
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- v*
|
||||
|
||||
env:
|
||||
REPO_NAME: sigp/lighthouse
|
||||
|
||||
jobs:
|
||||
extract-version:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Extract version
|
||||
run: echo "::set-output name=VERSION::$(echo ${GITHUB_REF#refs/tags/})"
|
||||
id: extract_version
|
||||
outputs:
|
||||
VERSION: ${{ steps.extract_version.outputs.VERSION }}
|
||||
|
||||
build:
|
||||
name: Build Release
|
||||
strategy:
|
||||
matrix:
|
||||
arch: [aarch64-unknown-linux-gnu,
|
||||
aarch64-unknown-linux-gnu-portable,
|
||||
x86_64-unknown-linux-gnu,
|
||||
x86_64-unknown-linux-gnu-portable,
|
||||
x86_64-apple-darwin,
|
||||
x86_64-apple-darwin-portable]
|
||||
include:
|
||||
- arch: aarch64-unknown-linux-gnu
|
||||
platform: ubuntu-latest
|
||||
- arch: aarch64-unknown-linux-gnu-portable
|
||||
platform: ubuntu-latest
|
||||
- arch: x86_64-unknown-linux-gnu
|
||||
platform: ubuntu-latest
|
||||
- arch: x86_64-unknown-linux-gnu-portable
|
||||
platform: ubuntu-latest
|
||||
- arch: x86_64-apple-darwin
|
||||
platform: macos-latest
|
||||
- arch: x86_64-apple-darwin-portable
|
||||
platform: macos-latest
|
||||
|
||||
runs-on: ${{ matrix.platform }}
|
||||
environment: protected
|
||||
needs: extract-version
|
||||
steps:
|
||||
- name: Checkout sources
|
||||
uses: actions/checkout@v2
|
||||
- name: Build toolchain
|
||||
uses: actions-rs/toolchain@v1
|
||||
with:
|
||||
toolchain: stable
|
||||
profile: minimal
|
||||
override: true
|
||||
|
||||
# ==============================
|
||||
# Builds
|
||||
# ==============================
|
||||
|
||||
- name: Build Lighthouse for ${{matrix.arch}}
|
||||
if: startsWith(matrix.arch, 'aarch64') && endsWith(matrix.arch, 'portable')
|
||||
run: |
|
||||
cargo install cross
|
||||
make build-aarch64-portable
|
||||
|
||||
- name: Build Lighthouse for ${{matrix.arch}}
|
||||
if: startsWith(matrix.arch, 'aarch64') && !endsWith(matrix.arch, 'portable')
|
||||
run: |
|
||||
cargo install cross
|
||||
make build-aarch64
|
||||
|
||||
- name: Move cross-compiled binary
|
||||
if: startsWith(matrix.arch, 'aarch64')
|
||||
run: mv target/aarch64-unknown-linux-gnu/release/lighthouse ~/.cargo/bin/lighthouse
|
||||
|
||||
- name: Build Lighthouse for ${{matrix.arch}} portable
|
||||
if: startsWith(matrix.arch, 'x86_64') && endsWith(matrix.arch, 'portable')
|
||||
run: cargo install --path lighthouse --force --locked --features portable
|
||||
|
||||
- name: Build Lighthouse for ${{matrix.arch}} modern
|
||||
if: startsWith(matrix.arch, 'x86_64') && !endsWith(matrix.arch, 'portable')
|
||||
run: cargo install --path lighthouse --force --locked --features modern
|
||||
|
||||
- name: Configure GPG and create artifacts
|
||||
env:
|
||||
GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
|
||||
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
|
||||
run: |
|
||||
export GPG_TTY=$(tty)
|
||||
echo "$GPG_SIGNING_KEY" | gpg --batch --import
|
||||
mkdir artifacts
|
||||
mv ~/.cargo/bin/lighthouse ./artifacts
|
||||
cd artifacts
|
||||
tar -czf lighthouse-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz lighthouse
|
||||
echo "$GPG_PASSPHRASE" | gpg --passphrase-fd 0 --pinentry-mode loopback --batch -ab lighthouse-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz
|
||||
mv *tar.gz* ..
|
||||
|
||||
# =======================================================================
|
||||
# Upload artifacts
|
||||
# This is required to share artifacts between different jobs
|
||||
# =======================================================================
|
||||
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-artifact@v2
|
||||
with:
|
||||
name: lighthouse-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz
|
||||
path: lighthouse-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz
|
||||
|
||||
- name: Upload signature
|
||||
uses: actions/upload-artifact@v2
|
||||
with:
|
||||
name: lighthouse-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz.asc
|
||||
path: lighthouse-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz.asc
|
||||
|
||||
draft-release:
|
||||
name: Draft Release
|
||||
needs: [build, extract-version]
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
VERSION: ${{ needs.extract-version.outputs.VERSION }}
|
||||
steps:
|
||||
# This is necessary for generating the changelog. It has to come before "Download Artifacts" or else it deletes the artifacts.
|
||||
- name: Checkout sources
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
# ==============================
|
||||
# Download artifacts
|
||||
# ==============================
|
||||
|
||||
- name: Download artifacts
|
||||
uses: actions/download-artifact@v2
|
||||
|
||||
# ==============================
|
||||
# Create release draft
|
||||
# ==============================
|
||||
|
||||
- name: Generate Full Changelog
|
||||
id: changelog
|
||||
run: echo "::set-output name=CHANGELOG::$(git log --pretty=format:"- %s" $(git describe --tags --abbrev=0 ${{ env.VERSION }}^)..${{ env.VERSION }})"
|
||||
|
||||
- name: Create Release Draft
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
# The formatting here is borrowed from OpenEthereum: https://github.com/openethereum/openethereum/blob/main/.github/workflows/build.yml
|
||||
run: |
|
||||
body=$(cat <<- "ENDBODY"
|
||||
<Rick and Morty character>
|
||||
|
||||
## Summary
|
||||
|
||||
Add a summary.
|
||||
|
||||
## All Changes
|
||||
|
||||
${{ steps.changelog.outputs.CHANGELOG }}
|
||||
|
||||
## Binaries
|
||||
|
||||
[See pre-built binaries documentation.](https://lighthouse-book.sigmaprime.io/installation-binaries.html)
|
||||
|
||||
The binaries are signed with Sigma Prime's PGP key: `15E66D941F697E28F49381F426416DC3F30674B0`
|
||||
|
||||
| System | Architecture | Binary | PGP Signature |
|
||||
|:---:|:---:|:---:|:---|
|
||||
| <img src="https://simpleicons.org/icons/apple.svg" style="width: 32px;"/> | x86_64 | [lighthouse-${{ env.VERSION }}-x86_64-apple-darwin.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-x86_64-apple-darwin.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-x86_64-apple-darwin.tar.gz.asc) |
|
||||
| <img src="https://simpleicons.org/icons/apple.svg" style="width: 32px;"/> | x86_64 | [lighthouse-${{ env.VERSION }}-x86_64-apple-darwin-portable.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-x86_64-apple-darwin-portable.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-x86_64-apple-darwin-portable.tar.gz.asc) |
|
||||
| <img src="https://simpleicons.org/icons/linux.svg" style="width: 32px;"/> | x86_64 | [lighthouse-${{ env.VERSION }}-x86_64-unknown-linux-gnu.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-x86_64-unknown-linux-gnu.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-x86_64-unknown-linux-gnu.tar.gz.asc) |
|
||||
| <img src="https://simpleicons.org/icons/linux.svg" style="width: 32px;"/> | x86_64 | [lighthouse-${{ env.VERSION }}-x86_64-unknown-linux-gnu-portable.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-x86_64-unknown-linux-gnu-portable.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-x86_64-unknown-linux-gnu-portable.tar.gz.asc) |
|
||||
| <img src="https://simpleicons.org/icons/raspberrypi.svg" style="width: 32px;"/> | aarch64 | [lighthouse-${{ env.VERSION }}-aarch64-unknown-linux-gnu.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-aarch64-unknown-linux-gnu.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-aarch64-unknown-linux-gnu.tar.gz.asc) |
|
||||
| <img src="https://simpleicons.org/icons/raspberrypi.svg" style="width: 32px;"/> | aarch64 | [lighthouse-${{ env.VERSION }}-aarch64-unknown-linux-gnu-portable.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-aarch64-unknown-linux-gnu-portable.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/lighthouse-${{ env.VERSION }}-aarch64-unknown-linux-gnu-portable.tar.gz.asc) |
|
||||
| | | | |
|
||||
| **System** | **Option** | - | **Resource** |
|
||||
| <img src="https://simpleicons.org/icons/docker.svg" style="width: 32px;"/> | Docker | - | [sigp/lighthouse](https://hub.docker.com/r/sigp/lighthouse) |
|
||||
ENDBODY
|
||||
)
|
||||
assets=()
|
||||
for asset in ./lighthouse-*.tar.gz*; do
|
||||
assets+=("-a" "$asset/$asset")
|
||||
done
|
||||
tag_name="${{ env.VERSION }}"
|
||||
echo "$body" | hub release create --draft "${assets[@]}" -F "-" "$tag_name"
|
Loading…
Reference in New Issue
Block a user