Build & Release #460
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build & Release | |
on: | |
push: | |
branches: | |
- stage | |
tags: | |
- "**" | |
pull_request: | |
branches: | |
- "**" | |
workflow_dispatch: {} | |
concurrency: | |
# SHA is added to the end if on `main` to let all main workflows run | |
group: ${{ github.ref }}-${{ github.workflow }}-${{ github.event_name }}-${{ github.ref == 'refs/heads/main' && github.sha || '' }} | |
cancel-in-progress: true | |
permissions: | |
id-token: write | |
contents: write | |
jobs: | |
build: | |
name: 👷 ${{ matrix.config.name }} ${{ matrix.os.emoji }} ${{ matrix.preconfiguration.name }} ${{ matrix.os.name }} ${{ matrix.arch.name }} | |
runs-on: ${{ matrix.os.runs-on[matrix.arch.matrix] }} | |
strategy: | |
fail-fast: false | |
matrix: | |
config: | |
- name: tokenization | |
app-name: climate-tokenization-chia | |
app-mode: registry | |
app-description: "Carbon tokenization application on the Chia blockchain" | |
add-to-apt: "true" | |
- name: explorer | |
app-name: climate-explorer-chia | |
app-mode: explorer | |
app-description: "Interface for tracking Chia on-chain carbon tokens" | |
add-to-apt: "true" | |
- name: client | |
app-name: climate-token-driver | |
app-mode: client | |
app-description: "Embedded climate token driver for carbon tokens on the Chia blockchain" | |
add-to-apt: "false" | |
- name: dev | |
app-name: dev-token-driver-chia | |
app-mode: dev | |
app-description: "Token driver in dev mode" | |
add-to-apt: "false" | |
os: | |
- name: Linux | |
matrix: linux | |
emoji: 🐧 | |
runs-on: | |
arm: [Linux, ARM64] | |
intel: [ubuntu-latest] | |
artifact-os-name: linux | |
executable-extension: "" | |
- name: macOS | |
matrix: macos | |
emoji: 🍎 | |
runs-on: | |
arm: [macos-13-arm64] | |
intel: [macos-13] | |
artifact-os-name: macos | |
executable-extension: "" | |
- name: Windows | |
matrix: windows | |
emoji: 🪟 | |
runs-on: | |
intel: [windows-latest] | |
artifact-os-name: windows | |
executable-extension: ".exe" | |
arch: | |
- name: ARM | |
matrix: arm | |
artifact-name: arm64 | |
deb-platform: arm64 | |
electron-builder-options: --arm64 | |
- name: Intel | |
matrix: intel | |
artifact-name: x64 | |
deb-platform: amd64 | |
electron-builder-options: --x64 | |
preconfiguration: | |
- name: default | |
cadt-api-server-host: "https://observer.climateactiondata.org/api" | |
- name: testneta | |
cadt-api-server-host: "https://chia-cadt-demo.chiamanaged.com/observer" | |
exclude: | |
- os: | |
matrix: windows | |
arch: | |
matrix: arm | |
- config: | |
app-mode: registry | |
preconfiguration: | |
name: testneta | |
- config: | |
app-mode: explorer | |
preconfiguration: | |
name: testneta | |
- config: | |
app-mode: dev | |
preconfiguration: | |
name: testneta | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
submodules: "recursive" | |
- name: Setup Python | |
uses: Chia-Network/actions/setup-python@main | |
with: | |
python-version: "3.10" | |
- name: Create .env file | |
run: | | |
echo "MODE=${{ matrix.config.app-mode }}" > .env | |
echo 'CHIA_ROOT="~/.chia/mainnet"' >> .env | |
echo 'CONFIG_PATH="climate_token/config/config.yaml"' >> .env | |
echo 'SERVER_PORT=31999' >> .env | |
- name: Apply preconfigurations | |
if: matrix.preconfiguration.name != 'default' | |
run: | | |
perl -pi -e 's{CADT_API_SERVER_HOST:\ str\ =.*}{CADT_API_SERVER_HOST:\ str\ =\ \"${{ matrix.preconfiguration.cadt-api-server-host }}\"}g' app/config.py | |
perl -pi -e 's{CADT_API_SERVER_HOST:.*}{CADT_API_SERVER_HOST:\ \"${{ matrix.preconfiguration.cadt-api-server-host }}\"}g' config.yaml | |
cat config.yaml | |
- name: Create virtual environment | |
uses: Chia-Network/actions/create-venv@main | |
id: create-venv | |
- name: Activate virtual environment | |
uses: Chia-Network/actions/activate-venv@main | |
with: | |
directories: ${{ steps.create-venv.outputs.activate-venv-directories }} | |
- name: Install pyinstaller | |
run: pip install pyinstaller | |
- name: Create virtual environment for Poetry | |
uses: Chia-Network/actions/create-venv@main | |
id: create-poetry-venv | |
- name: Run poetry install | |
uses: Chia-Network/actions/poetry@main | |
with: | |
python-executable: ${{ steps.create-poetry-venv.outputs.python_executable }} | |
- name: Run pyinstaller | |
run: python -m PyInstaller --clean pyinstaller.spec | |
- name: Get tag name | |
id: tag-name | |
shell: bash | |
run: | | |
TAGNAME=$(echo $GITHUB_REF | cut -d / -f 3) | |
echo "TAGNAME=${TAGNAME}" >> $GITHUB_OUTPUT | |
echo "Tag is ${TAGNAME}" | |
echo "github.sha is ${{ github.sha }}" | |
- name: Install j2 | |
run: | | |
pip install j2cli | |
- name: Rename binary | |
run: | | |
# no -p, we want to be sure this is clean so wildcards below don't get extra files | |
mkdir artifacts/ | |
cp ./dist/main${{ matrix.os.executable-extension }} ./artifacts/${{ matrix.config.app-name }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}_${{ matrix.arch.artifact-name }}${{ matrix.os.executable-extension }} | |
- name: Test for secrets access | |
id: check_secrets | |
shell: bash | |
run: | | |
unset HAS_SIGNING_SECRET | |
if [ -n "$SIGNING_SECRET" ]; then HAS_SIGNING_SECRET='true' ; fi | |
echo "HAS_SIGNING_SECRET=${HAS_SIGNING_SECRET}" >> "$GITHUB_OUTPUT" | |
env: | |
SIGNING_SECRET: "${{ secrets.SM_CLIENT_CERT_FILE_B64 }}" | |
# Windows Code Signing | |
- name: Sign windows artifacts | |
if: matrix.os.matrix == 'windows' && steps.check_secrets.outputs.HAS_SIGNING_SECRET | |
uses: chia-network/actions/digicert/windows-sign@main | |
env: | |
SM_TOOLS_DOWNLOAD_URL: ${{ vars.SM_TOOLS_DOWNLOAD_URL }} | |
with: | |
sm_api_key: ${{ secrets.SM_API_KEY }} | |
sm_client_cert_file_b64: ${{ secrets.SM_CLIENT_CERT_FILE_B64 }} | |
sm_client_cert_password: ${{ secrets.SM_CLIENT_CERT_PASSWORD }} | |
sm_code_signing_cert_sha1_hash: ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }} | |
file: ./artifacts/${{ matrix.config.app-name }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}_${{ matrix.arch.artifact-name }}.exe | |
- name: Create .deb Package | |
env: | |
APP_NAME: ${{ matrix.config.app-name }} | |
APP_VERSION: ${{ steps.tag-name.outputs.TAGNAME }} | |
PLATFORM: ${{ matrix.arch.deb-platform }} | |
APP_DESCRIPTION: ${{ matrix.config.app-description }} | |
run: | | |
DEB_BASE="${{ matrix.config.app-name }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}-1_${{ matrix.arch.deb-platform }}" | |
mkdir -p deb/$DEB_BASE/opt/${{ matrix.config.app-name }} | |
cp dist/main deb/$DEB_BASE/opt/${{ matrix.config.app-name }}/${{ matrix.config.app-name }} | |
chmod +x deb/$DEB_BASE/opt/${{ matrix.config.app-name }}/${{ matrix.config.app-name }} | |
mkdir -p deb/$DEB_BASE/DEBIAN | |
mkdir -p "deb/$DEB_BASE/etc/systemd/system" | |
mkdir -p deb/$DEB_BASE/usr/local/bin | |
j2 -o "deb/$DEB_BASE/DEBIAN/control" build-scripts/deb/control.j2 | |
j2 -o "deb/$DEB_BASE/etc/systemd/system/${{ matrix.config.app-name }}@.service" build-scripts/deb/[email protected] | |
ln -s ../../../opt/${{ matrix.config.app-name }}/${{ matrix.config.app-name }} deb/$DEB_BASE/usr/local/bin/${{ matrix.config.app-name }} | |
dpkg-deb --build --root-owner-group "deb/$DEB_BASE" | |
if: matrix.os.matrix == 'linux' | |
- name: Upload deb | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ matrix.config.app-name }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}-1_${{ matrix.arch.deb-platform }}.deb | |
path: ${{ github.workspace }}/deb/*.deb | |
if-no-files-found: error | |
if: matrix.os.matrix == 'linux' && matrix.preconfiguration.name == 'default' | |
- name: Upload preconfigured deb | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ matrix.config.app-name }}-${{ matrix.preconfiguration.name }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}-1_${{ matrix.arch.deb-platform }}.deb | |
path: ${{ github.workspace }}/deb/*.deb | |
if-no-files-found: error | |
if: matrix.os.matrix == 'linux' && matrix.preconfiguration.name != 'default' | |
- name: Upload binary | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ matrix.config.app-name }}-${{ matrix.os.artifact-os-name }}-${{ matrix.arch.artifact-name }} | |
path: ${{ github.workspace }}/artifacts/* | |
if-no-files-found: error | |
if: matrix.preconfiguration.name == 'default' | |
- name: Upload preconfigured binary | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ matrix.config.app-name }}-${{ matrix.preconfiguration.name }}-${{ matrix.os.artifact-os-name }}-${{ matrix.arch.artifact-name }} | |
path: ${{ github.workspace }}/artifacts/* | |
if-no-files-found: error | |
if: matrix.preconfiguration.name != 'default' | |
- name: Create zip files for release | |
uses: thedoctor0/[email protected] | |
with: | |
type: "zip" | |
filename: ${{ matrix.config.app-name }}_${{ matrix.os.artifact-os-name }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}_${{ matrix.arch.artifact-name }}.zip | |
directory: "artifacts" | |
if: startsWith(github.ref, 'refs/tags/') && matrix.preconfiguration.name == 'default' | |
- name: Release executable | |
uses: softprops/[email protected] | |
with: | |
files: ./artifacts/${{ matrix.config.app-name }}_${{ matrix.os.artifact-os-name }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}_${{ matrix.arch.artifact-name }}.zip | |
if: startsWith(github.ref, 'refs/tags/') && matrix.preconfiguration.name == 'default' | |
- name: Release debs | |
uses: softprops/[email protected] | |
with: | |
files: | | |
${{ github.workspace }}/deb/${{ matrix.config.app-name }}_${{ steps.tag-name.outputs.TAGNAME || github.sha }}-1_${{ matrix.arch.deb-platform }}.deb | |
if: startsWith(github.ref, 'refs/tags/') && matrix.os.matrix == 'linux' && matrix.preconfiguration.name == 'default' | |
# Only do for Intel builds as we know we build ARM and can pass that info along to the apt update automation | |
- name: Create artifact with metadata for apt upload | |
run: | | |
echo "${{ matrix.config.app-name }}" > APTDATA_${{ matrix.config.app-name }}.dat | |
if: startsWith(github.ref, 'refs/tags/') && matrix.os.matrix == 'linux' && matrix.config.add-to-apt == 'true' && matrix.arch.name == 'Intel' && matrix.preconfiguration.name == 'default' | |
- name: Upload artifact to pass apt data to release job | |
uses: actions/upload-artifact@v3 | |
with: | |
name: APTDATA_${{ matrix.config.app-name }} | |
path: APTDATA_${{ matrix.config.app-name }}.dat | |
if-no-files-found: error | |
retention-days: 1 | |
if: startsWith(github.ref, 'refs/tags/') && matrix.os.matrix == 'linux' && matrix.config.add-to-apt == 'true' && matrix.arch.name == 'Intel' && matrix.preconfiguration.name == 'default' | |
apt-upload: | |
name: Trigger update in apt repo | |
runs-on: ubuntu-latest | |
if: startsWith(github.ref, 'refs/tags/') | |
needs: | |
- build | |
steps: | |
- name: Get repo name to use for APT trigger | |
id: repo-name | |
run: | | |
echo "REPO_NAME=$(echo "$GITHUB_REPOSITORY" | cut -d "/" -f 2)" >>$GITHUB_OUTPUT | |
if: startsWith(github.ref, 'refs/tags/') | |
- name: Get tag name | |
id: tag-name | |
shell: bash | |
run: | | |
TAGNAME=$(echo $GITHUB_REF | cut -d / -f 3) | |
echo "TAGNAME=${TAGNAME}" >> $GITHUB_OUTPUT | |
echo "Tag is ${TAGNAME}" | |
echo "github.sha is ${{ github.sha }}" | |
- name: Download all artifacts | |
uses: actions/download-artifact@v3 | |
- name: Parse meta files for apt variables | |
id: apt-metadata | |
run: | | |
APPS_ARRAY="[" | |
DIRECTORIES="./APTDATA*" | |
for d in $DIRECTORIES; do \ | |
FILES="$d/*.dat"; \ | |
for f in $FILES; do \ | |
APP=`cat $f`; \ | |
APPS_ARRAY="${APPS_ARRAY}\\\"${APP}\\\", "; \ | |
done; \ | |
done; | |
APPS_ARRAY=${APPS_ARRAY%??} | |
APPS_ARRAY="${APPS_ARRAY}]" | |
echo "Array being passed is ${APPS_ARRAY}" | |
echo "APPLICATIONS=${APPS_ARRAY}" >> $GITHUB_OUTPUT | |
- name: Trigger apt repo update | |
if: startsWith(github.ref, 'refs/tags/') | |
uses: Chia-Network/actions/github/glue@main | |
with: | |
json_data: '{"climate_tokenization_repo":"${{ steps.repo-name.outputs.REPO_NAME }}","application_name":"${{ steps.apt-metadata.outputs.APPLICATIONS }}","release_version":"${{ steps.tag-name.outputs.TAGNAME }}","add_debian_version":"true","arm64":"available"}' | |
glue_url: ${{ secrets.GLUE_API_URL }} | |
glue_project: "climate-tokenization" | |
glue_path: "trigger" |