-
Notifications
You must be signed in to change notification settings - Fork 10
240 lines (236 loc) · 11.7 KB
/
main.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
name: Release
on:
push:
branches:
- main
jobs:
tag:
runs-on: ubuntu-latest
outputs:
latest_tag: ${{ steps.set_latest_tag.outputs.latest_tag }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GH_TOKEN }}
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: stable
- name: Tag version
id: tag_version
uses: mathieudutour/[email protected]
with:
github_token: ${{ secrets.GH_TOKEN }}
release_branches: main
tag_prefix: v
- name: Set latest tag output
id: set_latest_tag
run: |
if [[ -z "${{ steps.tag_version.outputs.new_tag }}" ]]; then
echo "latest_tag=${{ steps.tag_version.outputs.previous_tag }}" >> "$GITHUB_OUTPUT"
else
echo "latest_tag=${{ steps.tag_version.outputs.new_tag }}" >> "$GITHUB_OUTPUT"
fi
- name: Save new tag
id: save_new_tag
run: |
version=${{ steps.tag_version.outputs.new_tag }}
version=${version#v}
echo $version > new_tag.txt
- name: Upload new tag
uses: actions/upload-artifact@v2
with:
name: new_tag
path: new_tag.txt
release:
runs-on: ubuntu-latest
needs:
- tag
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GH_TOKEN }}
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: stable
# - name: Install cosign
# run: |
# curl -O -L "https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64"
# sudo mv cosign-linux-amd64 /usr/local/bin/cosign
# sudo chmod +x /usr/local/bin/cosign
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v5
with:
distribution: goreleaser
version: latest
args: release --clean
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
CHOCOLATEY_API_KEY: ${{ secrets.CHOCOLATEY_API_KEY }}
# COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
# COSIGN_SECRET: ${{ secrets.COSIGN_SECRET }}
sign-windows:
runs-on: ubuntu-latest
needs:
- tag
- release
steps:
- name: Download new tag
uses: actions/download-artifact@v2
with:
name: new_tag
- name: Set new tag
id: set_new_tag
run: |
echo "::set-output name=new_tag::$(cat new_tag.txt)"
- uses: robinraju/[email protected]
id: download_release_amd64
with:
repository: "kaytu-io/kaytu"
fileName: kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.exe
latest: true
- name: Add windows zip
id: add_windows_zip
run: |
sudo apt update -y && sudo apt -y install cmake libssl-dev libcurl4-openssl-dev zlib1g-dev python3
sudo apt-get update -y
sudo apt-get -y install osslsigncode
echo "${{ secrets.SELFSIGNED_KEY }}" | base64 --decode > cert.key
echo "${{ secrets.SELFSIGNED_CRT }}" | base64 --decode > cert.crt
osslsigncode sign -certs cert.crt -key cert.key -n "Kaytu" -i https://kaytu.io/ -in kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.exe -out kaytu.exe
mkdir kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64
mv kaytu.exe kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64
zip kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.zip kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64
export UPLOAD_URL=$(curl --silent "https://api.github.com/repos/kaytu-io/kaytu/releases/latest" -H "Authorization: Bearer ${{ secrets.GH_TOKEN }}" | jq -r .upload_url)
echo "$UPLOAD_URL"
echo "upload_url=$UPLOAD_URL" >> $GITHUB_OUTPUT
release_id=$(curl --request GET \
--url https://api.github.com/repos/kaytu-io/kaytu/releases/latest \
--header 'authorization: Bearer ${{ secrets.GH_TOKEN }}' | jq '.id')
echo $release_id
assets=$(curl --request GET \
--url https://api.github.com/repos/kaytu-io/kaytu/releases/$release_id/assets \
--header 'authorization: Bearer ${{ secrets.GH_TOKEN }}')
echo $assets
amd64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.exe") | .id')
curl --request DELETE \
--url https://api.github.com/repos/kaytu-io/kaytu/releases/assets/$amd64 \
--header 'authorization: Bearer ${{ secrets.GH_TOKEN }}'
linuxarm64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_linux_arm64") | .id')
curl --request DELETE \
--url https://api.github.com/repos/kaytu-io/kaytu/releases/assets/$linuxarm64 \
--header 'authorization: Bearer ${{ secrets.GH_TOKEN }}'
linuxamd64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_linux_amd64") | .id')
curl --request DELETE \
--url https://api.github.com/repos/kaytu-io/kaytu/releases/assets/$linuxamd64 \
--header 'authorization: Bearer ${{ secrets.GH_TOKEN }}'
darwinarm64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_darwin_arm64") | .id')
curl --request DELETE \
--url https://api.github.com/repos/kaytu-io/kaytu/releases/assets/$darwinarm64 \
--header 'authorization: Bearer ${{ secrets.GH_TOKEN }}'
darwinamd64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_darwin_amd64") | .id')
curl --request DELETE \
--url https://api.github.com/repos/kaytu-io/kaytu/releases/assets/$darwinamd64 \
--header 'authorization: Bearer ${{ secrets.GH_TOKEN }}'
- name: Upload Release Asset amd64 zip
id: upload-release-asset-amd64-zip
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
with:
upload_url: ${{ steps.add_windows_zip.outputs.upload_url }}
asset_path: ./kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.zip
asset_name: kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.zip
asset_content_type: application/zip
# - name: Sign executable
# id: sign_executable
# env:
# CODESIGN_KEY: ${{ secrets.SELFSIGNED_KEY}}
# CODESIGN_CRT: ${{ secrets.SELFSIGNED_CRT}}
# run: |
# sudo apt update -y && sudo apt -y install cmake libssl-dev libcurl4-openssl-dev zlib1g-dev python3
# sudo apt-get update -y
# sudo apt-get -y install osslsigncode
# echo "${{ secrets.SELFSIGNED_KEY }}" | base64 --decode > cert.key
# echo "${{ secrets.SELFSIGNED_CRT }}" | base64 --decode > cert.crt
# osslsigncode sign -certs cert.crt -key cert.key -n "kaytu" -i https://kaytu.io/ -in kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.exe -out kaytu.exe
# zip kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64_signed.zip kaytu.exe
# export UPLOAD_URL=$(curl --silent "https://api.github.com/repos/kaytu-io/kaytu/releases/latest" | jq -r .upload_url)
# echo "upload_url=$UPLOAD_URL" >> $GITHUB_OUTPUT
# release_id=$(curl --request GET \
# --url https://api.github.com/repos/kaytu-io/kaytu/releases/latest \
# --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}' | jq '.id')
# echo $release_id
# assets=$(curl --request GET \
# --url https://api.github.com/repos/kaytu-io/kaytu/releases/$release_id/assets \
# --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}')
# echo $assets
# amd64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.exe") | .id')
# curl --request DELETE \
# --url https://api.github.com/repos/kaytu-io/kaytu/releases/assets/$amd64 \
# --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}'
# linuxarm64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_linux_arm64") | .id')
# curl --request DELETE \
# --url https://api.github.com/repos/kaytu-io/kaytu/releases/assets/$linuxarm64 \
# --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}'
# linuxamd64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_linux_amd64") | .id')
# curl --request DELETE \
# --url https://api.github.com/repos/kaytu-io/kaytu/releases/assets/$linuxamd64 \
# --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}'
# darwinarm64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_darwin_arm64") | .id')
# curl --request DELETE \
# --url https://api.github.com/repos/kaytu-io/kaytu/releases/assets/$darwinarm64 \
# --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}'
# darwinamd64=$(echo $assets | jq '.[] | select(.name=="kaytu_${{ steps.set_new_tag.outputs.new_tag }}_darwin_amd64") | .id')
# curl --request DELETE \
# --url https://api.github.com/repos/kaytu-io/kaytu/releases/assets/$darwinamd64 \
# --header 'authorization: Bearer ${{ secrets.GH_TOKEN }}'
# - name: Upload Release Asset amd64 zip
# id: upload-release-asset-amd64-zip
# uses: actions/upload-release-asset@v1
# env:
# GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
# with:
# upload_url: ${{ steps.sign_executable.outputs.upload_url }}
# asset_path: ./kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64_signed.zip
# asset_name: kaytu_${{ steps.set_new_tag.outputs.new_tag }}_windows_amd64.zip
# asset_content_type: application/zip
#
# - name: update cli version in homebrew
# run: |
# sed -i "s+VERSION_HOMEBREW+$(echo "${{ steps.tag_version.outputs.new_tag }}" | sed 's/^.//')+g" homebrew/kaytu.rb
#
# sha256sum build/ktucli-macos-amd64 | awk '{print $1}' > newHash
# sed -i "s+HASH_MAC_AMD64+$(cat newHash)+g" homebrew/kaytu.rb
#
# sha256sum build/ktucli-macos-arm64 | awk '{print $1}' > newHash
# sed -i "s+HASH_MAC_ARM64+$(cat newHash)+g" homebrew/kaytu.rb
#
# sha256sum build/ktucli-linux-arm64 | awk '{print $1}' > newHash
# sed -i "s+HASH_LINUX_ARM64+$(cat newHash)+g" homebrew/kaytu.rb
#
# sha256sum build/ktucli-linux-amd64 | awk '{print $1}' > newHash
# sed -i "s+HASH_LINUX_AMD64+$(cat newHash)+g" homebrew/kaytu.rb
#
# git clone https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/kaytu-io/homebrew-cli-tap.git
#
# cd homebrew-cli-tap
#
# git remote add homebrew-cli-tap-origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/kaytu-io/homebrew-cli-tap.git
# git config user.name 'Kaytu Developer'
# git config user.email '[email protected]'
#
# cp ../homebrew/kaytu.rb kaytu.rb
#
# git checkout main
# git add .
# git commit -a -m "update cli version"
# git push homebrew-cli-tap-origin
#
# cd ..
# rm -rf homebrew-cli-tap