00d4b224eb
Gitea's push mirroring syncs git objects (branches, tags, commits) but does not sync GitHub release objects or assets. Since ArtifactHub needs to download the plugin tarball from the GitHub release URL, the workflow must create releases on both Gitea and GitHub. Changes: - Added "Create GitHub release" step after Gitea release - Uses GITHUB_TOKEN secret for GitHub API authentication - Creates release and uploads tarball to GitHub - Mirroring still handles git data sync Generated with [Claude Code](https://claude.ai/code) via [Happy](https://happy.engineering) Co-Authored-By: Claude <noreply@anthropic.com> Co-Authored-By: Happy <yesreply@happy.engineering>
174 lines
8.1 KiB
YAML
174 lines
8.1 KiB
YAML
name: Release
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- 'v*'
|
|
|
|
jobs:
|
|
release:
|
|
runs-on: ubuntu-latest
|
|
container: node:20
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Check if release is already finalized
|
|
run: |
|
|
VERSION=${GITHUB_REF_NAME#v}
|
|
TARBALL_URL="https://github.com/cpfarhood/headlamp-polaris-plugin/releases/download/${GITHUB_REF_NAME}/headlamp-polaris-plugin-${VERSION}.tar.gz"
|
|
HTTP_CODE=$(curl -sL -o /tmp/release.tar.gz -w "%{http_code}" "$TARBALL_URL" 2>/dev/null)
|
|
if [ "$HTTP_CODE" = "200" ]; then
|
|
ACTUAL="sha256:$(sha256sum /tmp/release.tar.gz | awk '{print $1}')"
|
|
EXPECTED=$(grep 'archive-checksum' artifacthub-pkg.yml | awk '{print $2}')
|
|
echo "Release tarball checksum: $ACTUAL"
|
|
echo "Metadata checksum: $EXPECTED"
|
|
if [ "$ACTUAL" = "$EXPECTED" ]; then
|
|
echo "SKIP_BUILD=true" >> $GITHUB_ENV
|
|
echo "Checksums match - release is finalized, nothing to do"
|
|
fi
|
|
else
|
|
echo "No existing release (HTTP $HTTP_CODE) - will build"
|
|
fi
|
|
rm -f /tmp/release.tar.gz
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
[ "$SKIP_BUILD" = "true" ] && exit 0
|
|
npm ci
|
|
|
|
- name: Build plugin
|
|
run: |
|
|
[ "$SKIP_BUILD" = "true" ] && exit 0
|
|
npx @kinvolk/headlamp-plugin build
|
|
|
|
- name: Package tarball
|
|
run: |
|
|
[ "$SKIP_BUILD" = "true" ] && exit 0
|
|
npx @kinvolk/headlamp-plugin package
|
|
|
|
- name: Compute tarball checksum
|
|
run: |
|
|
[ "$SKIP_BUILD" = "true" ] && exit 0
|
|
TARBALL=$(ls *.tar.gz)
|
|
CHECKSUM=$(sha256sum "$TARBALL" | awk '{print $1}')
|
|
echo "TARBALL=$TARBALL" >> $GITHUB_ENV
|
|
echo "CHECKSUM=$CHECKSUM" >> $GITHUB_ENV
|
|
echo "Tarball: $TARBALL"
|
|
echo "Checksum: sha256:$CHECKSUM"
|
|
|
|
- name: Install Docker CLI
|
|
run: |
|
|
[ "$SKIP_BUILD" = "true" ] && exit 0
|
|
apt-get update && apt-get install -y docker.io
|
|
|
|
- name: Build and push Docker image
|
|
run: |
|
|
[ "$SKIP_BUILD" = "true" ] && exit 0
|
|
docker build -t git.farh.net/${{ github.repository }}:${{ github.ref_name }} -t git.farh.net/${{ github.repository }}:latest .
|
|
echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.farh.net -u ${{ github.actor }} --password-stdin
|
|
docker push git.farh.net/${{ github.repository }}:${{ github.ref_name }}
|
|
docker push git.farh.net/${{ github.repository }}:latest
|
|
|
|
- name: Create Gitea release
|
|
run: |
|
|
[ "$SKIP_BUILD" = "true" ] && exit 0
|
|
API_URL="${GITHUB_SERVER_URL}/api/v1/repos/${GITHUB_REPOSITORY}"
|
|
# Create release (or get existing)
|
|
RELEASE=$(curl -s -X POST \
|
|
-H "Authorization: token ${{ github.token }}" \
|
|
-H "Content-Type: application/json" \
|
|
"${API_URL}/releases" \
|
|
-d "{\"tag_name\":\"${GITHUB_REF_NAME}\",\"name\":\"${GITHUB_REF_NAME}\"}")
|
|
RELEASE_ID=$(echo "$RELEASE" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id))")
|
|
if [ "$RELEASE_ID" = "undefined" ]; then
|
|
RELEASE=$(curl -sf \
|
|
-H "Authorization: token ${{ github.token }}" \
|
|
"${API_URL}/releases/tags/${GITHUB_REF_NAME}")
|
|
RELEASE_ID=$(echo "$RELEASE" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id))")
|
|
fi
|
|
echo "Gitea Release ID: $RELEASE_ID"
|
|
# Delete existing assets
|
|
ASSETS=$(curl -sf \
|
|
-H "Authorization: token ${{ github.token }}" \
|
|
"${API_URL}/releases/${RELEASE_ID}/assets")
|
|
echo "$ASSETS" | node -e "
|
|
process.stdin.resume();let d='';
|
|
process.stdin.on('data',c=>d+=c);
|
|
process.stdin.on('end',()=>{
|
|
JSON.parse(d).forEach(a=>console.log(a.id));
|
|
})" | while read -r ASSET_ID; do
|
|
curl -sf -X DELETE \
|
|
-H "Authorization: token ${{ github.token }}" \
|
|
"${API_URL}/releases/${RELEASE_ID}/assets/${ASSET_ID}"
|
|
done
|
|
# Upload tarball
|
|
curl -sf -X POST \
|
|
-H "Authorization: token ${{ github.token }}" \
|
|
-F "attachment=@${TARBALL}" \
|
|
"${API_URL}/releases/${RELEASE_ID}/assets?name=${TARBALL}"
|
|
echo "Gitea release updated"
|
|
|
|
- name: Create GitHub release
|
|
run: |
|
|
[ "$SKIP_BUILD" = "true" ] && exit 0
|
|
# GitHub API to create/update release
|
|
GITHUB_API="https://api.github.com/repos/cpfarhood/headlamp-polaris-plugin"
|
|
# Check if release exists
|
|
RELEASE_DATA=$(curl -sf \
|
|
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
|
|
"${GITHUB_API}/releases/tags/${GITHUB_REF_NAME}" || echo "{}")
|
|
RELEASE_ID=$(echo "$RELEASE_DATA" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id||''))")
|
|
|
|
if [ -z "$RELEASE_ID" ]; then
|
|
# Create new release
|
|
RELEASE_DATA=$(curl -sf -X POST \
|
|
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
|
|
-H "Content-Type: application/json" \
|
|
"${GITHUB_API}/releases" \
|
|
-d "{\"tag_name\":\"${GITHUB_REF_NAME}\",\"name\":\"${GITHUB_REF_NAME}\",\"draft\":false,\"prerelease\":false}")
|
|
RELEASE_ID=$(echo "$RELEASE_DATA" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id))")
|
|
fi
|
|
|
|
echo "GitHub Release ID: $RELEASE_ID"
|
|
# Upload tarball to GitHub
|
|
UPLOAD_URL=$(echo "$RELEASE_DATA" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>{const r=JSON.parse(d);console.log(r.upload_url||'https://uploads.github.com/repos/cpfarhood/headlamp-polaris-plugin/releases/${RELEASE_ID}/assets')})" | sed 's/{.*}//')
|
|
curl -sf -X POST \
|
|
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
|
|
-H "Content-Type: application/gzip" \
|
|
--data-binary "@${TARBALL}" \
|
|
"${UPLOAD_URL}?name=${TARBALL}"
|
|
echo "GitHub release updated"
|
|
|
|
- name: Update metadata and align tag
|
|
run: |
|
|
[ "$SKIP_BUILD" = "true" ] && exit 0
|
|
VERSION=${GITHUB_REF_NAME#v}
|
|
git config user.name "gitea-actions[bot]"
|
|
git config user.email "gitea-actions[bot]@git.farh.net"
|
|
# Determine which Gitea branch to update based on version suffix
|
|
if [[ "$VERSION" == *"-dev."* ]]; then
|
|
GITEA_BRANCH="dev"
|
|
else
|
|
GITEA_BRANCH="main"
|
|
fi
|
|
git fetch origin ${GITEA_BRANCH}
|
|
git checkout origin/${GITEA_BRANCH} -B temp-update
|
|
sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml
|
|
sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"https://github.com/cpfarhood/headlamp-polaris-plugin/releases/download/${GITHUB_REF_NAME}/headlamp-polaris-plugin-${VERSION}.tar.gz\"|" artifacthub-pkg.yml
|
|
sed -i "s|^version:.*|version: ${VERSION}|" artifacthub-pkg.yml
|
|
git add artifacthub-pkg.yml
|
|
git diff --cached --quiet || {
|
|
git commit -m "ci: update artifact hub metadata for ${GITHUB_REF_NAME}"
|
|
git push origin temp-update:${GITEA_BRANCH}
|
|
}
|
|
# Force-move tag to the commit with correct checksum.
|
|
# This triggers a new CI run, but the guard step will detect
|
|
# that the release checksum already matches and skip the build.
|
|
git tag -f ${GITHUB_REF_NAME}
|
|
git push -f origin ${GITHUB_REF_NAME}
|
|
echo "Tag ${GITHUB_REF_NAME} aligned with updated metadata"
|
|
echo "Note: GitHub sync handled by Gitea mirror configuration"
|