workflow test

Author: jakub-tldr

.github/workflows/release.yml

@@ -1,42 +1,43 @@
 name: Make a new release
-
 on:
   push:
-    tags:
-      - v*.*.*
+    branches:
+      - apt_repository
+    # tags:
+    #   - v*.*.*
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 jobs:
-  build-docker-release:
-    # Ignore tags with -, like v1.0.0-alpha
-    # This job will build the docker container with the "latest" tag which
-    # is a tag used in production, thus it should only be run for full releases.
-    if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, '-')
-    name: Build Release Docker image
-    uses: ./.github/workflows/build-docker.yml
-    with:
-      tags: |
-        type=raw,value=latest
-        type=semver,pattern={{version}}
-        type=semver,pattern={{major}}.{{minor}}
-        type=sha
-
-  build-docker-prerelease:
-    # Only build tags with -, like v1.0.0-alpha
-    if: startsWith(github.ref, 'refs/tags/') && contains(github.ref, '-')
-    name: Build Pre-release Docker image
-    uses: ./.github/workflows/build-docker.yml
-    with:
-      tags: |
-        type=raw,value=pre-release
-        type=semver,pattern={{version}}
-        type=sha
-      # Explicitly disable latest tag. It will be added otherwise.
-      flavor: |
-        latest=false
+  # build-docker-release:
+  #   # Ignore tags with -, like v1.0.0-alpha
+  #   # This job will build the docker container with the "latest" tag which
+  #   # is a tag used in production, thus it should only be run for full releases.
+  #   if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, '-')
+  #   name: Build Release Docker image
+  #   uses: ./.github/workflows/build-docker.yml
+  #   with:
+  #     tags: |
+  #       type=raw,value=latest
+  #       type=semver,pattern={{version}}
+  #       type=semver,pattern={{major}}.{{minor}}
+  #       type=sha
+
+  # build-docker-prerelease:
+  #   # Only build tags with -, like v1.0.0-alpha
+  #   if: startsWith(github.ref, 'refs/tags/') && contains(github.ref, '-')
+  #   name: Build Pre-release Docker image
+  #   uses: ./.github/workflows/build-docker.yml
+  #   with:
+  #     tags: |
+  #       type=raw,value=pre-release
+  #       type=semver,pattern={{version}}
+  #       type=sha
+  #     # Explicitly disable latest tag. It will be added otherwise.
+  #     flavor: |
+  #       latest=false
 
   create-release:
     name: create-release
@@ -47,16 +48,16 @@ jobs:
       - name: Create GitHub release
         id: release
         uses: softprops/action-gh-release@v1
-        if: startsWith(github.ref, 'refs/tags/')
+        # if: startsWith(github.ref, 'refs/tags/')
         with:
           draft: true
           generate_release_notes: true
 
-  create-sbom:
-    needs: [create-release, build-docker-release]
-    uses: ./.github/workflows/sbom.yml
-    with:
-      upload_url: ${{ needs.create-release.outputs.upload_url }}
+  # create-sbom:
+  #   needs: [create-release, build-docker-release]
+  #   uses: ./.github/workflows/sbom.yml
+  #   with:
+  #     upload_url: ${{ needs.create-release.outputs.upload_url }}
 
   build-binaries:
     needs: [create-release]
@@ -67,27 +68,32 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        build: [linux, linux-arm64, freebsd]
+        build: [linux] #, linux-arm64, freebsd]
         include:
           - build: linux
             arch: amd64
             os: Linux
             target: x86_64-unknown-linux-gnu
-          - build: linux-arm64
-            arch: arm64
-            os: Linux
-            target: aarch64-unknown-linux-gnu
-          - build: freebsd
-            arch: amd64
-            os: Linux
-            target: x86_64-unknown-freebsd
+          # - build: linux-arm64
+          #   arch: arm64
+          #   os: Linux
+          #   target: aarch64-unknown-linux-gnu
+          # - build: freebsd
+          #   arch: amd64
+          #   os: Linux
+          #   target: x86_64-unknown-freebsd
     steps:
       # Store the version, stripping any v-prefix
+      # - name: Write release version
+      #   run: |
+      #     VERSION=${GITHUB_REF_NAME#v}
+      #     echo Version: $VERSION
+      #     echo "VERSION=$VERSION" >> $GITHUB_ENV
       - name: Write release version
         run: |
           VERSION=${GITHUB_REF_NAME#v}
           echo Version: $VERSION
-          echo "VERSION=$VERSION" >> $GITHUB_ENV
+          echo "VERSION=1.5.1" >> $GITHUB_ENV
 
       - name: Checkout
         uses: actions/checkout@v4
@@ -177,41 +183,49 @@ jobs:
           asset_path: defguard-proxy-${{ env.VERSION }}-${{ matrix.target }}.deb
           asset_name: defguard-proxy-${{ env.VERSION }}-${{ matrix.target }}.deb
           asset_content_type: application/octet-stream
+      - name: Upload DEB to apt repository
+        if: matrix.build == 'linux'
+        run: |
+          export PATH="/srv/github/defguard/.local/share/gem/ruby/3.3.0/bin:$PATH"
+          COMPONENT=$([[ "${{ github.ref_name }}" == *"-"* ]] && echo "pre-release" || echo "release") # if tag contain "-" assume it's pre-release.
+
+          deb-s3 upload -l --bucket=apt.defguard.net --access-key-id=${{ secrets.AWS_ACCESS_KEY }} --secret-access-key=${{ secrets.AWS_SECRET_KEY }} --s3-region=eu-north-1 --no-fail-if-exists --codename=trixie --component="$COMPONENT" defguard-proxy-${{ env.VERSION }}-${{ matrix.target }}.deb
+
 
       - name: Run `packer init`
         if: matrix.build == 'linux' && matrix.arch == 'amd64'
         id: init
         run: "packer init ./images/ami/proxy.pkr.hcl"
 
-      - name: Build AMI images for multiple regions
-        if: matrix.build == 'linux' && matrix.arch == 'amd64'
-        run: |
-          regions=(us-east-1 eu-west-1 ap-northeast-1 eu-central-1)
-          for region in "${regions[@]}"; do
-            echo "Building AMI for region: $region"
-            echo "Running packer validate for $region..."
-            packer validate --var "package_version=${{ env.VERSION }}" --var "region=$region" ./images/ami/proxy.pkr.hcl
-            echo "Building AMI image for $region..."
-            packer build -color=false -on-error=abort --var "package_version=${{ env.VERSION }}" --var "region=$region" ./images/ami/proxy.pkr.hcl
-          done
-        env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-
-      - name: Build RPM package
-        if: matrix.build == 'linux'
-        uses: bpicode/github-action-fpm@master
-        with:
-          fpm_args: "defguard-proxy-${{ github.ref_name }}-${{ matrix.target }}=/usr/bin/defguard-proxy defguard-proxy.service=/usr/lib/systemd/system/defguard-proxy.service example-config.toml=/etc/defguard/proxy.toml"
-          fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type rpm --version ${{ env.VERSION }} --package defguard-proxy-${{ env.VERSION }}-${{ matrix.target }}.rpm"
-
-      - name: Upload RPM
-        if: matrix.build == 'linux'
-        uses: actions/[email protected]
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ needs.create-release.outputs.upload_url }}
-          asset_path: defguard-proxy-${{ env.VERSION }}-${{ matrix.target }}.rpm
-          asset_name: defguard-proxy-${{ env.VERSION }}-${{ matrix.target }}.rpm
-          asset_content_type: application/octet-stream
+      # - name: Build AMI images for multiple regions
+      #   if: matrix.build == 'linux' && matrix.arch == 'amd64'
+      #   run: |
+      #     regions=(us-east-1 eu-west-1 ap-northeast-1 eu-central-1)
+      #     for region in "${regions[@]}"; do
+      #       echo "Building AMI for region: $region"
+      #       echo "Running packer validate for $region..."
+      #       packer validate --var "package_version=${{ env.VERSION }}" --var "region=$region" ./images/ami/proxy.pkr.hcl
+      #       echo "Building AMI image for $region..."
+      #       packer build -color=false -on-error=abort --var "package_version=${{ env.VERSION }}" --var "region=$region" ./images/ami/proxy.pkr.hcl
+      #     done
+      #   env:
+      #     AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      #     AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
+      # - name: Build RPM package
+      #   if: matrix.build == 'linux'
+      #   uses: bpicode/github-action-fpm@master
+      #   with:
+      #     fpm_args: "defguard-proxy-${{ github.ref_name }}-${{ matrix.target }}=/usr/bin/defguard-proxy defguard-proxy.service=/usr/lib/systemd/system/defguard-proxy.service example-config.toml=/etc/defguard/proxy.toml"
+      #     fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type rpm --version ${{ env.VERSION }} --package defguard-proxy-${{ env.VERSION }}-${{ matrix.target }}.rpm"
+
+      # - name: Upload RPM
+      #   if: matrix.build == 'linux'
+      #   uses: actions/[email protected]
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      #   with:
+      #     upload_url: ${{ needs.create-release.outputs.upload_url }}
+      #     asset_path: defguard-proxy-${{ env.VERSION }}-${{ matrix.target }}.rpm
+      #     asset_name: defguard-proxy-${{ env.VERSION }}-${{ matrix.target }}.rpm
+      #     asset_content_type: application/octet-stream