Publish Linux ARM binaries #46
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Delivery | |
| on: | |
| push: | |
| tags: 'v*' # push events to matching v*, i.e. v1.0, v20.15.10 | |
| env: | |
| CD: "true" | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| PYTHON_DEFAULT_VERSION: "3.12" | |
| jobs: | |
| deploy: | |
| env: | |
| B2_PYPI_PASSWORD: ${{ secrets.B2_PYPI_PASSWORD }} | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.build.outputs.version }} | |
| prerelease: ${{ steps.prerelease_check.outputs.prerelease }} | |
| # publish_docker: ${{ steps.prerelease_check.outputs.prerelease == 'false' && secrets.DOCKERHUB_USERNAME != '' }} # doesn't work, hence the workaround | |
| publish_docker: ${{ steps.prerelease_check.outputs.publish_docker }} | |
| steps: | |
| - name: Determine if pre-release | |
| id: prerelease_check | |
| # it checks for PEP 440 compatible prerelease tags | |
| run: | | |
| export IS_PRERELEASE=$([[ ${{ github.ref }} =~ [abrcdev]+[0-9]+$ ]] && echo true || echo false) | |
| echo "prerelease=$IS_PRERELEASE" >> $GITHUB_OUTPUT | |
| export PUBLISH_DOCKER=$([[ $IS_PRERELEASE == 'false' && "${{ secrets.DOCKERHUB_USERNAME }}" != '' ]] && echo true || echo false) | |
| echo "publish_docker=$PUBLISH_DOCKER" >> $GITHUB_OUTPUT | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Python ${{ env.PYTHON_DEFAULT_VERSION }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_DEFAULT_VERSION }} | |
| - name: Install dependencies | |
| run: python -m pip install --upgrade nox pdm | |
| - name: Build the distribution | |
| id: build | |
| run: nox -vs build | |
| - name: Read the Changelog | |
| id: read-changelog | |
| uses: mindsers/changelog-reader-action@v2 | |
| with: | |
| version: ${{ steps.build.outputs.version }} | |
| - name: Create GitHub release and upload the distribution | |
| id: create-release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| name: ${{ steps.build.outputs.version }} | |
| body: ${{ steps.read-changelog.outputs.changes }} | |
| draft: false | |
| prerelease: ${{ steps.prerelease_check.outputs.prerelease }} | |
| files: ${{ steps.build.outputs.asset_path }} | |
| - name: Upload the distribution to PyPI | |
| if: ${{ env.B2_PYPI_PASSWORD != '' && steps.prerelease_check.outputs.prerelease == 'false' }} | |
| uses: pypa/[email protected] | |
| with: | |
| user: __token__ | |
| password: ${{ secrets.B2_PYPI_PASSWORD }} | |
| deploy-linux-bundle: | |
| needs: deploy | |
| strategy: | |
| matrix: | |
| os: [ "ubuntu-22.04", "ubuntu-22.04-arm" ] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Python ${{ env.PYTHON_DEFAULT_VERSION }} (deadsnakes) | |
| uses: deadsnakes/[email protected] # staticx doesn't work with python installed by setup-python action | |
| with: | |
| python-version: ${{ env.PYTHON_DEFAULT_VERSION }} | |
| - name: Install dependencies | |
| run: | | |
| apt-get -y update | |
| apt-get -y install patchelf scons | |
| python -m pip install --upgrade nox pdm | |
| git config --global --add safe.directory '*' | |
| - name: Bundle the distribution | |
| id: bundle | |
| run: nox -vs bundle | |
| - name: Sign the bundle | |
| id: sign | |
| run: nox -vs sign | |
| - name: Generate hashes | |
| id: hashes | |
| run: nox -vs make_dist_digest | |
| - name: Upload the bundle to the GitHub release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| name: ${{ needs.deploy.outputs.version }} | |
| draft: false | |
| prerelease: ${{ needs.deploy.outputs.prerelease }} | |
| files: ${{ steps.sign.outputs.asset_path }} | |
| deploy-windows-bundle: | |
| needs: deploy | |
| env: | |
| SM_HOST: ${{ secrets.SM_HOST }} | |
| SM_API_KEY: ${{ secrets.SM_API_KEY }} | |
| SM_CLIENT_CERT_FILE_B64: ${{ secrets.SM_CLIENT_CERT_FILE_B64 }} | |
| SM_CLIENT_CERT_PASSWORD: ${{ secrets. SM_CLIENT_CERT_PASSWORD }} | |
| runs-on: windows-2022 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Python ${{ env.PYTHON_DEFAULT_VERSION }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_DEFAULT_VERSION }} | |
| - name: Install dependencies | |
| run: python -m pip install --upgrade nox pdm | |
| - name: Bundle the distribution | |
| id: bundle | |
| shell: bash | |
| run: nox -vs bundle | |
| - name: Install client for code signing with Software Trust Manager | |
| uses: digicert/[email protected] | |
| env: | |
| FORCE_DOWNLOAD_TOOLS: 'true' | |
| - name: Set up client authentication certificate | |
| id: client_cert | |
| run: | | |
| echo "${{ env.SM_CLIENT_CERT_FILE_B64 }}" | base64 --decode > /d/Certificate_pkcs12.p12 | |
| echo "SM_CLIENT_CERT_FILE=D:\\Certificate_pkcs12.p12" >> "$GITHUB_ENV" | |
| shell: bash | |
| - name: Sign the bundle using a keypair alias | |
| id: sign | |
| run: nox -vs sign -- '${{ secrets.SM_KEYPAIR_ALIAS }}' '${{ secrets.SM_CERT_FINGERPRINT }}' | |
| - name: Generate hashes | |
| id: hashes | |
| run: nox -vs make_dist_digest | |
| - name: Create GitHub release and upload the distribution | |
| id: create-release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| name: ${{ needs.deploy.outputs.version }} | |
| draft: false | |
| prerelease: ${{ needs.deploy.outputs.prerelease }} | |
| files: | |
| ${{ steps.sign.outputs.asset_path || steps.bundle.outputs.asset_path }} | |
| deploy-docker: | |
| needs: deploy | |
| if: ${{ needs.deploy.outputs.publish_docker == 'true' }} | |
| runs-on: ubuntu-latest | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Python ${{ env.PYTHON_DEFAULT_VERSION }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_DEFAULT_VERSION }} | |
| - name: Install dependencies | |
| run: python -m pip install --upgrade nox pdm | |
| - name: Build Dockerfile | |
| run: nox -vs generate_dockerfile | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Prepare Docker tags | |
| id: docker_tags_prep | |
| run: | | |
| DOCKER_TAGS=backblazeit/b2:${{ needs.deploy.outputs.version }} | |
| if [ "${{ needs.deploy.outputs.prerelease }}" != "true" ]; then | |
| DOCKER_TAGS="$DOCKER_TAGS,backblazeit/b2:latest" | |
| fi | |
| echo DOCKER_TAGS=$DOCKER_TAGS | |
| echo "docker_tags=$DOCKER_TAGS" >> $GITHUB_OUTPUT | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push | |
| uses: docker/build-push-action@v3 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.docker_tags_prep.outputs.docker_tags }} | |
| platforms: linux/amd64,linux/arm64 | |
| - name: Update Docker Hub Description | |
| uses: peter-evans/dockerhub-description@v4 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| repository: backblazeit/b2 | |
| short-description: "Official Backblaze B2 CLI docker image" |