Skip to content

publish-nym-vpn-core #428

publish-nym-vpn-core

publish-nym-vpn-core #428

name: publish-nym-vpn-core
on:
schedule:
- cron: "4 2 * * *"
workflow_dispatch:
inputs:
tag_name:
description: "Tag name for release"
required: false
default: nym-vpn-core-nightly
publish:
type: boolean
default: true
required: true
push:
tags:
- nym-vpn-core-v[0-9]+.[0-9]+.[0-9]+*
env:
CARGO_TERM_COLOR: always
UPLOAD_DIR_LINUX: linux_artifacts
UPLOAD_DIR_MAC: mac_artifacts
UPLOAD_DIR_DEB: deb_artifacts
UPLOAD_DIR_ANDROID: android_artifacts
UPLOAD_DIR_IOS: ios_artifacts
UPLOAD_DIR_WINDOWS: windows_artifacts
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
build-nym-vpn-core-linux:
uses: ./.github/workflows/build-nym-vpn-core-linux.yml
build-nym-vpn-core-deb:
uses: ./.github/workflows/build-nym-vpn-core-deb.yml
build-nym-vpn-core-mac:
uses: ./.github/workflows/build-nym-vpn-core-mac.yml
build-nym-vpn-core-android:
uses: ./.github/workflows/build-nym-vpn-core-android.yml
build-nym-vpn-core-ios:
uses: ./.github/workflows/build-nym-vpn-core-ios.yml
build-nym-vpn-core-windows:
uses: ./.github/workflows/build-nym-vpn-core-windows.yml
generate-build-info-core:
uses: ./.github/workflows/generate-build-info-core.yml
needs: build-nym-vpn-core-linux
with:
build-profile: release
rust-version: ${{ needs.build-nym-vpn-core-linux.outputs.RUST_VERSION }}
publish:
needs:
- build-nym-vpn-core-linux
- build-nym-vpn-core-mac
- build-nym-vpn-core-deb
- build-nym-vpn-core-android
- build-nym-vpn-core-ios
- build-nym-vpn-core-windows
- generate-build-info-core
runs-on: ubuntu-22.04
permissions:
contents: write
outputs:
tag: ${{ steps.set_tag.outputs.tag }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
# Adding envsubst, gh cli
- name: Install system dependencies
run: |
sudo apt update && sudo apt install -y gettext-base gh zip
- name: Install rust toolchain
uses: brndnmtthws/rust-action-rustup@v1
with:
toolchain: stable
components: rustfmt, clippy
- name: Get nym-vpn-core workspace version
id: workspace-version-pre
uses: nicolaiunrein/cargo-get@master
with:
subcommand: workspace.package.version --entry nym-vpn-core
- name: Append timestamp if it's a dev version
run: ./scripts/append-timestamp-to-version.sh nym-vpn-core/Cargo.toml ${{ steps.workspace-version.outputs.output }}
- name: Get nym-vpn-core workspace version (post-append)
id: workspace-version
uses: nicolaiunrein/cargo-get@master
with:
subcommand: workspace.package.version --entry nym-vpn-core
- name: Download artifacts
uses: actions/download-artifact@v4
# Setup TAG_NAME, which is used as a general "name"
- if: github.event_name == 'workflow_dispatch'
run: echo "TAG_NAME=${{ github.event.inputs.tag_name }}" >> $GITHUB_ENV
- if: github.event_name == 'schedule'
run: echo 'TAG_NAME=nym-vpn-core-nightly' >> $GITHUB_ENV
- if: github.event_name == 'push'
run: echo "TAG_NAME=${{ github.ref_name }}" >> $GITHUB_ENV
- name: Set tag
id: set_tag
run: echo "tag=${{ env.TAG_NAME }}" >> "$GITHUB_OUTPUT"
- name: Generate checksums and create tar.gz archive per platform
run: |
ARCHIVE_LINUX=nym-vpn-core-v${{ steps.workspace-version.outputs.metadata }}_linux_x86_64
ARCHIVE_MAC=nym-vpn-core-v${{ steps.workspace-version.outputs.metadata }}_macos_universal
ARCHIVE_ANDROID=nym-vpn-core-v${{ steps.workspace-version.outputs.metadata }}_android_aarch64
ARCHIVE_IOS=nym-vpn-core-v${{ steps.workspace-version.outputs.metadata }}_ios_universal
ARCHIVE_WINDOWS=nym-vpn-core-v${{ steps.workspace-version.outputs.metadata }}_windows_x86_64
echo "ARCHIVE_LINUX=${ARCHIVE_LINUX}" >> $GITHUB_ENV
echo "ARCHIVE_MAC=${ARCHIVE_MAC}" >> $GITHUB_ENV
echo "ARCHIVE_ANDROID=${ARCHIVE_ANDROID}" >> $GITHUB_ENV
echo "ARCHIVE_IOS=${ARCHIVE_IOS}" >> $GITHUB_ENV
echo "ARCHIVE_WINDOWS=${ARCHIVE_WINDOWS}" >> $GITHUB_ENV
mv ${{ env.UPLOAD_DIR_LINUX }} ${ARCHIVE_LINUX}
mv ${{ env.UPLOAD_DIR_MAC }} ${ARCHIVE_MAC}
mv ${{ env.UPLOAD_DIR_ANDROID }} ${ARCHIVE_ANDROID}
mv ${{ env.UPLOAD_DIR_IOS }} ${ARCHIVE_IOS}
mv ${{ env.UPLOAD_DIR_WINDOWS }} ${ARCHIVE_WINDOWS}
tar cvzf ${ARCHIVE_LINUX}.tar.gz ${ARCHIVE_LINUX}
tar cvzf ${ARCHIVE_MAC}.tar.gz ${ARCHIVE_MAC}
tar cvzf ${ARCHIVE_ANDROID}.tar.gz ${ARCHIVE_ANDROID}
zip -r ${ARCHIVE_IOS}.zip ${ARCHIVE_IOS}
zip -r ${ARCHIVE_WINDOWS}.zip ${ARCHIVE_WINDOWS}
sha256sum ${ARCHIVE_LINUX}.tar.gz > "${ARCHIVE_LINUX}.tar.gz.sha256sum"
sha256sum ${ARCHIVE_MAC}.tar.gz > "${ARCHIVE_MAC}.tar.gz.sha256sum"
sha256sum ${ARCHIVE_ANDROID}.tar.gz > "${ARCHIVE_ANDROID}.tar.gz.sha256sum"
sha256sum ${ARCHIVE_IOS}.zip > "${ARCHIVE_IOS}.zip.sha256sum"
sha256sum ${ARCHIVE_WINDOWS}.zip > "${ARCHIVE_WINDOWS}.zip.sha256sum"
pushd ${{ env.UPLOAD_DIR_DEB }}
for deb in nym-vpn*_amd64.deb; do
sha256sum ${deb} > ${deb}.sha256sum
done
popd
echo 'SHA256_CHECKSUMS<<EOF' >> $GITHUB_ENV
cat ${ARCHIVE_LINUX}.tar.gz.sha256sum >> $GITHUB_ENV
cat ${ARCHIVE_MAC}.tar.gz.sha256sum >> $GITHUB_ENV
cat ${ARCHIVE_ANDROID}.tar.gz.sha256sum >> $GITHUB_ENV
cat ${ARCHIVE_IOS}.zip.sha256sum >> $GITHUB_ENV
cat ${ARCHIVE_WINDOWS}.zip.sha256sum >> $GITHUB_ENV
pushd ${{ env.UPLOAD_DIR_DEB }}
for deb_sha256 in nym-vpn*_amd64.deb.sha256sum; do
cat ${deb_sha256} >> $GITHUB_ENV
done
echo 'EOF' >> $GITHUB_ENV
- name: Setting subject, prerelease and notes files
if: ${{ contains(env.TAG_NAME, 'nightly') }}
run: |
(echo "SUBJECT=nym-vpn-core-v${{ steps.workspace-version.outputs.metadata }} nightly prerelease build";
echo 'PRERELEASE=--prerelease';
echo 'NOTES_FILE=release-notes/release-notes-core-nightly.md') >> $GITHUB_ENV
gh release delete nym-vpn-core-nightly --yes || true
git push origin :nym-vpn-core-nightly || true
- name: Removing --prerelease if needed
if: ${{ !contains(env.TAG_NAME, 'nightly') }}
run: |
(echo "SUBJECT=$TAG_NAME"
echo 'PRERELEASE='
echo 'NOTES_FILE=release-notes/release-notes-core.md') >> $GITHUB_ENV
- name: Build info
run: |
echo 'BUILD_INFO<<EOF' >> $GITHUB_ENV
cat build-info/build-info.txt >> $GITHUB_ENV
echo 'EOF' >> $GITHUB_ENV
- name: Publish release
if: ${{ inputs.publish == 'true' }}
run: |
envsubst < "$GITHUB_WORKSPACE/.github/workflows/$NOTES_FILE" > "$RUNNER_TEMP/release-notes.md"
gh release create $TAG_NAME ${{ env.PRERELEASE }} \
--notes-file "$RUNNER_TEMP/release-notes.md" \
--title "$SUBJECT" \
--target $GITHUB_SHA \
${{ env.ARCHIVE_LINUX }}.tar.gz ${{ env.ARCHIVE_LINUX }}.tar.gz.sha256sum \
${{ env.ARCHIVE_MAC }}.tar.gz ${{ env.ARCHIVE_MAC }}.tar.gz.sha256sum \
${{ env.ARCHIVE_IOS }}.zip ${{ env.ARCHIVE_IOS }}.zip.sha256sum \
${{ env.ARCHIVE_ANDROID }}.tar.gz ${{ env.ARCHIVE_ANDROID }}.tar.gz.sha256sum \
${{ env.ARCHIVE_WINDOWS }}.zip ${{ env.ARCHIVE_WINDOWS }}.zip.sha256sum \
${{ env.UPLOAD_DIR_DEB}}/nym-vpn*_amd64.deb ${{ env.UPLOAD_DIR_DEB }}/nym-vpn*_amd64.deb.sha256sum
# Upload to CI server
- name: Prepare build output directory
shell: bash
env:
OUTPUT_DIR_BASE: ci-builds/${{ github.ref_name }}
run: |
TIMESTAMP=$(date +%Y%m%d%H%M) # Short and suitable for paths
OUTPUT_DIR="$OUTPUT_DIR_BASE/${{ github.ref_name }}/$TIMESTAMP"
echo "OUTPUT_DIR=$OUTPUT_DIR" >> $GITHUB_ENV
rm -rf ci-builds || true
mkdir -p $OUTPUT_DIR
echo $OUTPUT_DIR
- name: Prepare build output
shell: bash
run: |
cp -v ${{ env.ARCHIVE_LINUX }}.tar.gz ${{ env.OUTPUT_DIR }}
cp -v ${{ env.ARCHIVE_LINUX }}.tar.gz.sha256sum ${{ env.OUTPUT_DIR }}
cp -v ${{ env.ARCHIVE_MAC }}.tar.gz ${{ env.OUTPUT_DIR }}
cp -v ${{ env.ARCHIVE_MAC }}.tar.gz.sha256sum ${{ env.OUTPUT_DIR }}
cp -v ${{ env.ARCHIVE_IOS }}.zip ${{ env.OUTPUT_DIR }}
cp -v ${{ env.ARCHIVE_IOS }}.zip.sha256sum ${{ env.OUTPUT_DIR }}
cp -v ${{ env.ARCHIVE_ANDROID }}.tar.gz ${{ env.OUTPUT_DIR }}
cp -v ${{ env.ARCHIVE_ANDROID }}.tar.gz.sha256sum ${{ env.OUTPUT_DIR }}
cp -v ${{ env.ARCHIVE_WINDOWS }}.zip ${{ env.OUTPUT_DIR }}
cp -v ${{ env.ARCHIVE_WINDOWS }}.zip.sha256sum ${{ env.OUTPUT_DIR }}
cp -v ${{ env.UPLOAD_DIR_DEB }}/nym-vpn*_amd64.deb ${{ env.OUTPUT_DIR }}
cp -v ${{ env.UPLOAD_DIR_DEB }}/nym-vpn*_amd64.deb.sha256sum ${{ env.OUTPUT_DIR }}
- name: Upload to www
continue-on-error: true
uses: easingthemes/ssh-deploy@main
env:
SSH_PRIVATE_KEY: ${{ secrets.CI_WWW_SSH_PRIVATE_KEY }}
ARGS: "-avzr"
SOURCE: "ci-builds/"
REMOTE_HOST: ${{ secrets.CI_WWW_REMOTE_HOST }}
REMOTE_USER: ${{ secrets.CI_WWW_REMOTE_USER }}
TARGET: ${{ secrets.CI_WWW_REMOTE_TARGET }}/builds/nym-vpn-client
gen-hashes:
uses: ./.github/workflows/gen-hashes-json.yml
needs: publish
with:
release_tag: ${{ needs.publish.outputs.tag }}
secrets: inherit