Merge pull request #2685 from openziti/fix-ha-startup-bugs #27
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: | |
push: | |
tags: | |
- 'v*.*.*' | |
workflow_dispatch: | |
env: | |
GOFLAGS: "-tags=pkcs11 -trimpath" | |
GOX_OUTPUT: "release/{{.Arch}}/{{.OS}}/{{.Dir}}" | |
GOX_TEST_OUTPUT: "test/{{.Arch}}/{{.OS}}/bin/{{.Dir}}" | |
gh_ci_key: ${{ secrets.GH_CI_KEY }} | |
BUILD_NUMBER: ${{ format('{0}-{1}-{2}', github.run_id, github.run_number, github.run_attempt) }} | |
ZITI_BASE_VERSION: ${{ vars.ZITI_BASE_VERSION || null }} | |
jobs: | |
mac-os-build: | |
name: Build Mac OS binaries | |
# allow fors to opt-out of time-consuming macOS builds | |
if: vars.ZITI_SKIP_MACOS_BUILD != 'true' | |
runs-on: macos-latest | |
steps: | |
- name: Git Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: ./go.mod | |
- name: Install Ziti CI | |
uses: openziti/ziti-ci@v1 | |
- name: Build and Test | |
shell: bash | |
run: | | |
go install github.com/mitchellh/gox@latest | |
$(go env GOPATH)/bin/gox -ldflags "$($(go env GOPATH)/bin/ziti-ci -q -t go-build-flags)" -cgo -os=darwin -arch=amd64 -output=$GOX_OUTPUT ./ziti/ | |
$(go env GOPATH)/bin/gox -ldflags "$($(go env GOPATH)/bin/ziti-ci -q -t go-build-flags)" -cgo -os=darwin -arch=arm64 -output=$GOX_OUTPUT ./ziti/ | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: darwin-release-${{ github.run_id }} | |
path: release/ | |
retention-days: 5 | |
windows-build: | |
name: Build Windows binaries | |
# allow fors to opt-out of time-consuming Windows builds | |
if: vars.ZITI_SKIP_WINDOWS_BUILD != 'true' | |
runs-on: windows-2019 | |
steps: | |
- name: Git Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: ./go.mod | |
- name: Install Ziti CI | |
uses: openziti/ziti-ci@v1 | |
- name: Build and Test | |
shell: bash | |
run: | | |
go install github.com/mitchellh/gox@latest | |
$(go env GOPATH)/bin/gox -ldflags "$($(go env GOPATH)/bin/ziti-ci -q -t go-build-flags)" -cgo -os=windows -arch=amd64 -output=$GOX_OUTPUT ./ziti/ | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: windows-release-${{ github.run_id }} | |
path: release/ | |
retention-days: 5 | |
linux-build: | |
name: Build Linux binaries | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Git Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: ./go.mod | |
- name: Install Ziti CI | |
uses: openziti/ziti-ci@v1 | |
- name: Build and Test | |
shell: bash | |
run: | | |
sudo apt-get update | |
sudo apt-get -yq install gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf gcc-aarch64-linux-gnu | |
$(go env GOPATH)/bin/ziti-ci configure-git | |
go install github.com/mitchellh/gox@latest | |
$(go env GOPATH)/bin/ziti-ci -t go-build-flags | |
$(go env GOPATH)/bin/gox -ldflags "$($(go env GOPATH)/bin/ziti-ci -q -t go-build-flags)" -cgo -os=linux -arch=amd64 -output=$GOX_OUTPUT ./ziti/ | |
CC=arm-linux-gnueabihf-gcc \ | |
$(go env GOPATH)/bin/gox -ldflags "$($(go env GOPATH)/bin/ziti-ci -q -t go-build-flags)" -cgo -os=linux -arch=arm -output=$GOX_OUTPUT ./ziti/ | |
CC=aarch64-linux-gnu-gcc \ | |
$(go env GOPATH)/bin/gox -ldflags "$($(go env GOPATH)/bin/ziti-ci -q -t go-build-flags)" -cgo -os=linux -arch=arm64 -output=$GOX_OUTPUT ./ziti/ | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linux-release-${{ github.run_id }} | |
path: release/ | |
retention-days: 5 | |
tests: | |
name: Run Unit and Integration Tests | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Git Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: ./go.mod | |
- name: Install Ziti CI | |
uses: openziti/ziti-ci@v1 | |
- name: Run Go Quickstart Test | |
timeout-minutes: 5 | |
shell: bash | |
run: | | |
go test -v -tags "quickstart automated" ./ziti/cmd/edge/...; | |
- name: Run Unit and Integration Tests | |
timeout-minutes: 10 | |
shell: bash | |
run: | | |
go test ./... --tags apitests | |
publish: | |
name: Publish Binaries | |
# !cancelled() overrides default behavior, allowing this job to proceed if needed jobs failed, unless "if" | |
# expression specifies a required outcome | |
if: ${{ | |
!cancelled() | |
&& (needs.mac-os-build.result == 'success' || needs.mac-os-build.result == 'skipped') | |
&& (needs.windows-build.result == 'success' || needs.windows-build.result == 'skipped') | |
&& (needs.linux-build.result == 'success') | |
&& (needs.tests.result == 'success') | |
}} | |
# ensure required job outcomes are specified in "if" expression | |
needs: [ tests, linux-build, mac-os-build, windows-build ] | |
runs-on: ubuntu-20.04 | |
outputs: | |
ZITI_VERSION: ${{ steps.get_version.outputs.ZITI_VERSION }} | |
steps: | |
- name: Git Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: ./go.mod | |
- name: Install Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.7' | |
- name: Install Ziti CI | |
uses: openziti/ziti-ci@v1 | |
- name: Download linux release artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: linux-release-${{ github.run_id }} | |
path: release/ | |
- name: Download darwin release artifact | |
if: needs.mac-os-build.result == 'success' | |
uses: actions/download-artifact@v4 | |
with: | |
name: darwin-release-${{ github.run_id }} | |
path: release/ | |
- name: Download windows release artifact | |
if: needs.windows-build.result == 'success' | |
uses: actions/download-artifact@v4 | |
with: | |
name: windows-release-${{ github.run_id }} | |
path: release/ | |
- name: List downloaded release artifacts | |
shell: bash | |
run: | | |
ls -lAhR release/ | |
- name: Restore execute filemode on macOS and Linux release artifacts before publishing | |
shell: bash | |
run: | | |
find ./release \ | |
-type f \ | |
-print0 \ | |
-path "./release/*/darwin/ziti" \ | |
-o \ | |
-path "./release/*/linux/ziti" \ | |
| xargs -0 chmod -c +x | |
- name: Publish GitHub Release | |
# forks need to run this step with their own GPG key because ziti-ci creates the GH release | |
if: env.ziti_ci_gpg_key_id != null && startsWith(github.ref, 'refs/tags/v') | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
ziti_ci_gpg_key: ${{ secrets.ZITI_CI_GPG_KEY }} | |
ziti_ci_gpg_key_id: ${{ secrets.ZITI_CI_GPG_KEY_ID }} | |
shell: bash | |
run: | | |
$(go env GOPATH)/bin/ziti-ci configure-git | |
$(go env GOPATH)/bin/ziti-ci publish-to-github -t --prerelease --archive-base "" --dry-run | |
mkdir tmp | |
tar xfzv ./release/ziti-linux-amd64-* -C ./tmp | |
$(go env GOPATH)/bin/ziti-ci verify-current-version -t $(./tmp/ziti version) | |
$(go env GOPATH)/bin/ziti-ci publish-to-github -t --prerelease --archive-base "" | |
# only ziti-ci computed version for release branches and {version}-{run_id} for non-release branches | |
- name: Compute the Ziti Version String used for Linux Packages and Container Image Tags | |
id: get_version | |
shell: bash | |
run: | | |
# drop the leading 'v', if any | |
ZITI_VERSION=${GITHUB_REF_NAME#v} | |
echo ZITI_VERSION="${ZITI_VERSION}" | tee -a $GITHUB_OUTPUT | |
call-publish-docker-images: | |
# - !cancelled() allows evaluating further conditional expressions even if | |
# needed jobs were skipped | |
if: ${{ !cancelled() && needs.publish.result == 'success' }} | |
name: Publish Release Docker Images | |
needs: publish | |
uses: ./.github/workflows/publish-docker-images.yml | |
secrets: inherit | |
with: | |
ziti-tag: ${{ needs.publish.outputs.ZITI_VERSION }} | |
# call on release tags to publish linux packages to "release" package repos in Artifactory | |
call-publish-linux-packages: | |
# - !cancelled() allows evaluating further conditional expressions even if | |
# needed jobs were skipped | |
if: ${{ !cancelled() && needs.publish.result == 'success' }} | |
name: Publish Linux Packages | |
needs: publish | |
uses: ./.github/workflows/publish-linux-packages.yml | |
secrets: inherit | |
with: | |
ziti-version: ${{ needs.publish.outputs.ZITI_VERSION }} |