From c70e7501adef376d5194d8df8c2e9a22e2452eb3 Mon Sep 17 00:00:00 2001 From: Paulo Gomes Date: Mon, 29 Jan 2024 13:19:06 +0000 Subject: [PATCH] build: Publish artefacts to the GH release Signed-off-by: Paulo Gomes --- .github/workflows/release.yml | 6 +++- Makefile | 7 +++++ hack/make/tools.mk | 5 ++++ hack/upload-gh | 56 +++++++++++++++++++++++++++++++++++ 4 files changed, 73 insertions(+), 1 deletion(-) create mode 100755 hack/upload-gh diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 157cfe2..69e4669 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,7 +6,7 @@ on: - v* permissions: - contents: read + contents: write # Upload artefacts to release. jobs: build: @@ -35,3 +35,7 @@ jobs: PRODUCTION_AWS_ACCESS_KEY_ID: ${{ secrets.PRODUCTION_AWS_ACCESS_KEY_ID }} PRODUCTION_AWS_SECRET_ACCESS_KEY: ${{ secrets.PRODUCTION_AWS_SECRET_ACCESS_KEY }} PRODUCTION_AWS_S3_BUCKET: ${{ secrets.PRODUCTION_AWS_S3_BUCKET }} + + - run: make upload-gh + env: + GH_TOKEN: ${{ github.token }} diff --git a/Makefile b/Makefile index 8c8603a..11bdaf5 100644 --- a/Makefile +++ b/Makefile @@ -80,6 +80,13 @@ upload: $(AWSCLI) version ## uploads all artefacts from each policy into S3. PRODUCTION_AWS_S3_BUCKET="$(PRODUCTION_AWS_S3_BUCKET)" \ ./hack/upload +upload-gh: $(GH) ## upload all artefacts to the GitHub release. + $(MAKE) $(addsuffix -upload-gh, $(POLICIES)) + +%-upload-gh: + TAG=$(TAG) \ + ./hack/upload-gh $(subst :,/,$*) + version: ## parse and display version. ifdef VERSION_MSG @echo $(VERSION_MSG); exit 1 diff --git a/hack/make/tools.mk b/hack/make/tools.mk index a2c5e42..dd6a4bb 100644 --- a/hack/make/tools.mk +++ b/hack/make/tools.mk @@ -5,3 +5,8 @@ $(AWSCLI): ## Download awscliv2 if not yet downloaded. curl "https://awscli.amazonaws.com/awscli-exe-linux-$(shell uname -m).zip" -o "$(TOOLS_BIN)/awscliv2.zip" cd $(TOOLS_BIN) && unzip -q $(TOOLS_BIN)/awscliv2.zip rm $(TOOLS_BIN)/awscliv2.zip + +GH = $(shell which gh) +$(GH): + echo "GitHub CLI gh was not found. To install use your package manager." + exit 1 diff --git a/hack/upload-gh b/hack/upload-gh new file mode 100755 index 0000000..02152f7 --- /dev/null +++ b/hack/upload-gh @@ -0,0 +1,56 @@ +#!/bin/bash +set -eo pipefail + +BASE_DIR="build" + +function usage(){ + echo "$0 " + exit 1 +} + +function check_input(){ + policy=$1 + if [[ ! -d "${BASE_DIR}/${policy}" ]]; then + echo "Policy ${policy} not found, run make build and try again." + exit 2 + fi + + [ -z "${TAG}" ] && echo "TAG is not set." && exit 1 + return 0 +} + +function checksum_file(){ + policy=$1 + + sumfile="${BASE_DIR}/${policy}/sha256sum-${policy}-noarch.txt" + echo -n "" > "${sumfile}" + + files=$(ls build/"${policy}"/**/*.rpm) + for file in ${files}; do + sha256sum "${file}" | sed "s;$(dirname ${file})/;;g" >> "${sumfile}" + done + + cat "${sumfile}" +} + +function upload_files(){ + policy=$1 + + files=("${BASE_DIR}/${policy}/sha256sum-${policy}-noarch.txt ") + files+=$(ls build/"${policy}"/**/*.rpm) + + for file in ${files}; do + gh release upload ${TAG} $file + done +} + +function main() +{ + check_input "$1" + checksum_file "$1" + upload_files "$1" +} + +[[ -z "$1" ]] && usage + +main "$1"