|
| 1 | +name: Post Release Upload |
| 2 | +# This makes it easy to get download release binaries built using |
| 3 | +# a github action for any tagged commit. |
| 4 | +# |
| 5 | +# This workflow builds and uploads the linux |
| 6 | +# binary packages as github assets. |
| 7 | +# |
| 8 | +# It uses `--builders "" --max-jobs 0` to ensure the assets are |
| 9 | +# from the IOG cache. |
| 10 | +on: |
| 11 | + workflow_dispatch: |
| 12 | + release: |
| 13 | + types: |
| 14 | + - published |
| 15 | + push: |
| 16 | + tags: |
| 17 | + - '**' |
| 18 | +env: |
| 19 | + # Only to avoid some repetition |
| 20 | + FLAKE_REF: github:${{ github.repository }}/${{ github.ref_name }} |
| 21 | + GH_TOKEN: ${{ github.token }} |
| 22 | + |
| 23 | +jobs: |
| 24 | + wait-for-hydra: |
| 25 | + name: "Wait for hydra check-runs" |
| 26 | + runs-on: ubuntu-latest |
| 27 | + steps: |
| 28 | + - name: Waiting for ci/hydra-build:x86_64-linux.required to complete |
| 29 | + run: | |
| 30 | + while [[ true ]]; do |
| 31 | + check_name='ci/hydra-build:x86_64-linux.required' |
| 32 | + conclusion=$(gh api "repos/$GITHUB_REPOSITORY/commits/$GITHUB_SHA/check-runs?check_name=$check_name" --paginate --jq '.check_runs[].conclusion') |
| 33 | + case "$conclusion" in |
| 34 | + success) |
| 35 | + echo "$check_name succeeded" |
| 36 | + exit 0;; |
| 37 | + '') |
| 38 | + echo "$check_name pending. Waiting 30s..." |
| 39 | + sleep 30;; |
| 40 | + *) |
| 41 | + echo "$check_name terminated unsuccessfully" |
| 42 | + exit 1;; |
| 43 | + esac |
| 44 | + done |
| 45 | +
|
| 46 | + pull: |
| 47 | + needs: [wait-for-hydra] |
| 48 | + strategy: |
| 49 | + matrix: |
| 50 | + arch: [linux] |
| 51 | + name: "Download Asset from the Cache" |
| 52 | + runs-on: ubuntu-latest |
| 53 | + steps: |
| 54 | + - name: Install Nix with good defaults |
| 55 | + uses: input-output-hk/install-nix-action@v20 |
| 56 | + with: |
| 57 | + extra_nix_config: | |
| 58 | + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= |
| 59 | + substituters = https://cache.iog.io/ https://cache.nixos.org/ |
| 60 | + nix_path: nixpkgs=channel:nixos-unstable |
| 61 | + - name: Display flake metadata |
| 62 | + id: flake-metadata |
| 63 | + run: | |
| 64 | + nix flake metadata ${{ env.FLAKE_REF }} |
| 65 | + nix flake metadata ${{ env.FLAKE_REF }} --json | jq -r '"LOCKED_URL=\(.url)"' >> "$GITHUB_OUTPUT" |
| 66 | + - name: Build |
| 67 | + run: | |
| 68 | + case ${{ matrix.arch }} in |
| 69 | + linux) |
| 70 | + nix build --builders "" --max-jobs 0 ${{ steps.flake-metadata.outputs.LOCKED_URL }}#packages.x86_64-linux.dmq-node-static |
| 71 | + cp result/dmq-node-*-*-*.tar.gz . |
| 72 | + ;; |
| 73 | + esac |
| 74 | + - uses: actions/upload-artifact@v4 |
| 75 | + with: |
| 76 | + name: ${{ github.sha }}-${{ matrix.arch }} |
| 77 | + path: dmq-node-*-*.* |
| 78 | + retention-days: 1 |
| 79 | + |
| 80 | + upload-assets: |
| 81 | + needs: [pull] |
| 82 | + name: "Upload Assets" |
| 83 | + runs-on: ubuntu-latest |
| 84 | + steps: |
| 85 | + - uses: actions/download-artifact@v4 |
| 86 | + with: |
| 87 | + merge-multiple: true |
| 88 | + - name: Checksums |
| 89 | + run: | |
| 90 | + # find returns something like this: |
| 91 | + # "cardano-node-8.11.0-linux.tar.gz cardano-node-8.11.0-darwin.tar.gz ..." |
| 92 | + # We use the first member of this list to compute the prefix "cardano-node-8.11.0" |
| 93 | + first_archive=$(find . -maxdepth 1 -name "dmq-node-*" -printf '%P\n' | head -n 1) |
| 94 | + # Then we trim the architecture-specific suffix (last "-" and after) |
| 95 | + sha256sums_filename=$(echo "${first_archive%-*}-sha256sums.txt") |
| 96 | + sha256sum dmq-node-* >> "$sha256sums_filename" |
| 97 | + - name: Release |
| 98 | + uses: input-output-hk/action-gh-release@v1 |
| 99 | + with: |
| 100 | + draft: true |
| 101 | + files: | |
| 102 | + dmq-node-*-linux.tar.gz |
| 103 | + dmq-node-*-sha256sums.txt |
0 commit comments