name: Release on: push: tags: - 'v*' jobs: release: runs-on: ubuntu-latest container: node:20 steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: Check if release is already finalized run: | VERSION=${GITHUB_REF_NAME#v} TARBALL_URL="https://github.com/cpfarhood/headlamp-polaris-plugin/releases/download/${GITHUB_REF_NAME}/headlamp-polaris-plugin-${VERSION}.tar.gz" HTTP_CODE=$(curl -sL -o /tmp/release.tar.gz -w "%{http_code}" "$TARBALL_URL" 2>/dev/null) if [ "$HTTP_CODE" = "200" ]; then ACTUAL="sha256:$(sha256sum /tmp/release.tar.gz | awk '{print $1}')" EXPECTED=$(grep 'archive-checksum' artifacthub-pkg.yml | awk '{print $2}') echo "Release tarball checksum: $ACTUAL" echo "Metadata checksum: $EXPECTED" if [ "$ACTUAL" = "$EXPECTED" ]; then echo "SKIP_BUILD=true" >> $GITHUB_ENV echo "Checksums match - release is finalized, nothing to do" fi else echo "No existing release (HTTP $HTTP_CODE) - will build" fi rm -f /tmp/release.tar.gz - name: Install dependencies run: | [ "$SKIP_BUILD" = "true" ] && exit 0 npm ci - name: Build plugin run: | [ "$SKIP_BUILD" = "true" ] && exit 0 npx @kinvolk/headlamp-plugin build - name: Package tarball run: | [ "$SKIP_BUILD" = "true" ] && exit 0 npx @kinvolk/headlamp-plugin package - name: Compute tarball checksum run: | [ "$SKIP_BUILD" = "true" ] && exit 0 TARBALL=$(ls *.tar.gz) CHECKSUM=$(sha256sum "$TARBALL" | awk '{print $1}') echo "TARBALL=$TARBALL" >> $GITHUB_ENV echo "CHECKSUM=$CHECKSUM" >> $GITHUB_ENV echo "Tarball: $TARBALL" echo "Checksum: sha256:$CHECKSUM" - name: Install Docker CLI run: | [ "$SKIP_BUILD" = "true" ] && exit 0 apt-get update && apt-get install -y docker.io - name: Build and push Docker image run: | [ "$SKIP_BUILD" = "true" ] && exit 0 docker build -t git.farh.net/${{ github.repository }}:${{ github.ref_name }} -t git.farh.net/${{ github.repository }}:latest . echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.farh.net -u ${{ github.actor }} --password-stdin docker push git.farh.net/${{ github.repository }}:${{ github.ref_name }} docker push git.farh.net/${{ github.repository }}:latest - name: Create Gitea release run: | [ "$SKIP_BUILD" = "true" ] && exit 0 API_URL="${GITHUB_SERVER_URL}/api/v1/repos/${GITHUB_REPOSITORY}" # Create release (or get existing) RELEASE=$(curl -s -X POST \ -H "Authorization: token ${{ github.token }}" \ -H "Content-Type: application/json" \ "${API_URL}/releases" \ -d "{\"tag_name\":\"${GITHUB_REF_NAME}\",\"name\":\"${GITHUB_REF_NAME}\"}") RELEASE_ID=$(echo "$RELEASE" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id))") if [ "$RELEASE_ID" = "undefined" ]; then RELEASE=$(curl -sf \ -H "Authorization: token ${{ github.token }}" \ "${API_URL}/releases/tags/${GITHUB_REF_NAME}") RELEASE_ID=$(echo "$RELEASE" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id))") fi echo "Gitea Release ID: $RELEASE_ID" # Delete existing assets ASSETS=$(curl -sf \ -H "Authorization: token ${{ github.token }}" \ "${API_URL}/releases/${RELEASE_ID}/assets") echo "$ASSETS" | node -e " process.stdin.resume();let d=''; process.stdin.on('data',c=>d+=c); process.stdin.on('end',()=>{ JSON.parse(d).forEach(a=>console.log(a.id)); })" | while read -r ASSET_ID; do curl -sf -X DELETE \ -H "Authorization: token ${{ github.token }}" \ "${API_URL}/releases/${RELEASE_ID}/assets/${ASSET_ID}" done # Upload tarball curl -sf -X POST \ -H "Authorization: token ${{ github.token }}" \ -F "attachment=@${TARBALL}" \ "${API_URL}/releases/${RELEASE_ID}/assets?name=${TARBALL}" echo "Gitea release updated" - name: Create GitHub release run: | [ "$SKIP_BUILD" = "true" ] && exit 0 # GitHub API to create/update release GITHUB_API="https://api.github.com/repos/cpfarhood/headlamp-polaris-plugin" # Check if release exists RELEASE_DATA=$(curl -sf \ -H "Authorization: token ${{ secrets.GH_TOKEN }}" \ "${GITHUB_API}/releases/tags/${GITHUB_REF_NAME}" || echo "{}") RELEASE_ID=$(echo "$RELEASE_DATA" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id||''))") if [ -z "$RELEASE_ID" ]; then # Create new release RELEASE_DATA=$(curl -sf -X POST \ -H "Authorization: token ${{ secrets.GH_TOKEN }}" \ -H "Content-Type: application/json" \ "${GITHUB_API}/releases" \ -d "{\"tag_name\":\"${GITHUB_REF_NAME}\",\"name\":\"${GITHUB_REF_NAME}\",\"draft\":false,\"prerelease\":false}") RELEASE_ID=$(echo "$RELEASE_DATA" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id))") fi echo "GitHub Release ID: $RELEASE_ID" # Upload tarball to GitHub UPLOAD_URL=$(echo "$RELEASE_DATA" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>{const r=JSON.parse(d);console.log(r.upload_url||'https://uploads.github.com/repos/cpfarhood/headlamp-polaris-plugin/releases/${RELEASE_ID}/assets')})" | sed 's/{.*}//') curl -sf -X POST \ -H "Authorization: token ${{ secrets.GH_TOKEN }}" \ -H "Content-Type: application/gzip" \ --data-binary "@${TARBALL}" \ "${UPLOAD_URL}?name=${TARBALL}" echo "GitHub release updated" - name: Update metadata and align tag run: | [ "$SKIP_BUILD" = "true" ] && exit 0 VERSION=${GITHUB_REF_NAME#v} git config user.name "gitea-actions[bot]" git config user.email "gitea-actions[bot]@git.farh.net" # Determine which Gitea branch to update based on version suffix if [[ "$VERSION" == *"-dev."* ]]; then GITEA_BRANCH="dev" else GITEA_BRANCH="main" fi git fetch origin ${GITEA_BRANCH} git checkout origin/${GITEA_BRANCH} -B temp-update sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"https://github.com/cpfarhood/headlamp-polaris-plugin/releases/download/${GITHUB_REF_NAME}/headlamp-polaris-plugin-${VERSION}.tar.gz\"|" artifacthub-pkg.yml sed -i "s|^version:.*|version: ${VERSION}|" artifacthub-pkg.yml git add artifacthub-pkg.yml git diff --cached --quiet || { git commit -m "ci: update artifact hub metadata for ${GITHUB_REF_NAME}" git push origin temp-update:${GITEA_BRANCH} } # Force-move tag to the commit with correct checksum. # This triggers a new CI run, but the guard step will detect # that the release checksum already matches and skip the build. git tag -f ${GITHUB_REF_NAME} git push -f origin ${GITHUB_REF_NAME} echo "Tag ${GITHUB_REF_NAME} aligned with updated metadata" echo "Note: GitHub sync handled by Gitea mirror configuration"