diff options
| author | Robert Czechowski <robert@code-intelligence.com> | 2023-08-16 16:41:13 +0200 |
|---|---|---|
| committer | zgtm <zgtm@users.noreply.github.com> | 2023-09-18 16:29:18 +0200 |
| commit | edec53150f23c9b8cee087ffa8cb414978feab09 (patch) | |
| tree | aaf5e3de4408763332167ea07f115deeab489525 | |
| parent | 94b558c16366b429bbb9168fbaa9dfe5c42540da (diff) | |
| download | jazzer-api-edec53150f23c9b8cee087ffa8cb414978feab09.tar.gz | |
CI: Update release pipeline to deploy full releases
This splits up the release pipeline into a pre-release pipeline and a
release pipeline.
The prerelease pipeline, in addition to creating the release builds
also:
- Uploads the artifacts to maven
- Creates a draft release on Github
The release pipeline now:
- Runs as soon as the draft release on Github is released
- Pushes the docker images to Docker Hub
| -rw-r--r-- | .github/workflows/prerelease.yaml | 146 | ||||
| -rw-r--r-- | .github/workflows/release.yml | 84 | ||||
| -rwxr-xr-x | deploy/deploy.sh | 3 |
3 files changed, 159 insertions, 74 deletions
diff --git a/.github/workflows/prerelease.yaml b/.github/workflows/prerelease.yaml new file mode 100644 index 00000000..2fb7be28 --- /dev/null +++ b/.github/workflows/prerelease.yaml @@ -0,0 +1,146 @@ +name: Pre-Release + +on: + workflow_dispatch: + +jobs: + build_release: + runs-on: ${{ matrix.os }} + strategy: + matrix: + include: + - os: ubuntu-20.04 + name: linux + - os: macos-11 + name: macos + - os: windows-2019 + name: windows + + steps: + - uses: actions/checkout@v3 + + - name: Set up JDK + uses: actions/setup-java@v3 + with: + distribution: zulu + java-version: 8 + + - name: Set Build Buddy config + shell: bash + run: .github/scripts/echoBuildBuddyConfig.sh ${{ secrets.BUILDBUDDY_API_KEY }} >> $GITHUB_ENV + + - name: Append build settings to .bazelrc + shell: bash + run: | + echo "build --announce_rc" >> .bazelrc + echo "build:linux --config=toolchain" >> .bazelrc + echo "build:linux --extra_toolchains=@llvm_toolchain//:cc-toolchain-x86_64-linux" >> .bazelrc + + - name: Build + shell: bash + # Double forward slashes are converted to single ones by Git Bash on Windows, so we use working directory + # relative labels instead. + run: | + bazelisk build ${{env.BUILD_BUDDY_CONFIG}} deploy:jazzer :jazzer_release + cp -L $(bazel cquery --output=files deploy:jazzer) jazzer-${{ matrix.name }}.jar + cp -L $(bazel cquery --output=files :jazzer_release) jazzer-${{ matrix.name }}.tar.gz + + - name: Upload jazzer.jar + uses: actions/upload-artifact@v3 + with: + name: jazzer_tmp + path: jazzer-${{ matrix.name }}.jar + if-no-files-found: error + + - name: Upload release archive + uses: actions/upload-artifact@v3 + with: + name: jazzer_releases + path: jazzer-${{ matrix.name }}.tar.gz + if-no-files-found: error + + merge_jars: + runs-on: ubuntu-latest + needs: build_release + + steps: + - uses: actions/checkout@v3 + + - name: Download individual jars + uses: actions/download-artifact@v3 + with: + name: jazzer_tmp + path: _tmp/ + + - name: Merge jars + run: | + bazel run @rules_jvm_external//private/tools/java/com/github/bazelbuild/rules_jvm_external/jar:MergeJars -- \ + --output "$(pwd)"/_tmp/jazzer.jar \ + $(find "$(pwd)/_tmp/" -name '*.jar' -printf "--sources %h/%f ") + + - name: Upload merged jar + uses: actions/upload-artifact@v3 + with: + name: jazzer + path: _tmp/jazzer.jar + if-no-files-found: error + + maven_predeploy: + runs-on: ubuntu-latest + needs: merge_jars + + environment: + name: Deploy + + steps: + - uses: actions/checkout@v3 + + - name: Download merged jar + uses: actions/download-artifact@v3 + with: + name: jazzer + path: _tmp/ + + - name: Run Deployment + env: + RELEASE_SIGNING_KEY_ID: ${{ secrets.RELEASE_SIGNING_KEY_ID }} + RELEASE_SIGNING_KEY_PRIVATE: ${{ secrets.RELEASE_SIGNING_KEY_PRIVATE }} + MAVEN_USER: ${{ secrets.MAVEN_USER }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + run: JAZZER_JAR_PATH="$(pwd)/_tmp/jazzer.jar" bazel run deploy + + create_release: + needs: build_release + runs-on: ubuntu-latest + + permissions: + contents: write # for creating releases + + steps: + - name: checkout + uses: actions/checkout@v3 + + - name: Download individual tar.gzs + uses: actions/download-artifact@v3 + with: + name: jazzer_releases + path: _releases/ + + - name: read version + id: read-version + run: | + echo ::set-output name=version::\ + $(sed -nr 's/JAZZER_VERSION = "(.*)"/\1/p' maven.bzl) + shell: bash + + - name: create release + uses: softprops/action-gh-release@v1 + with: + name: v${{ steps.read-version.outputs.version }} + tag_name: v${{ steps.read-version.outputs.version }} + generate_release_notes: true + draft: true + files: | + _releases/jazzer-linux.tar.gz + _releases/jazzer-macos.tar.gz + _releases/jazzer-windows.tar.gz diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fb25268d..63ba738a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -2,85 +2,21 @@ name: Release on: workflow_dispatch: + release: + types: [released] jobs: - build_release: - runs-on: ${{ matrix.os }} - strategy: - matrix: - include: - - os: ubuntu-20.04 - name: linux - - os: macos-11 - name: macos - - os: windows-2019 - name: windows - - steps: - - uses: actions/checkout@v3 - - - name: Set up JDK - uses: actions/setup-java@v3 - with: - distribution: zulu - java-version: 8 - - - name: Set Build Buddy config - shell: bash - run: .github/scripts/echoBuildBuddyConfig.sh ${{ secrets.BUILDBUDDY_API_KEY }} >> $GITHUB_ENV - - - name: Append build settings to .bazelrc - shell: bash - run: | - echo "build --announce_rc" >> .bazelrc - echo "build:linux --config=toolchain" >> .bazelrc - echo "build:linux --extra_toolchains=@llvm_toolchain//:cc-toolchain-x86_64-linux" >> .bazelrc - - - name: Build - shell: bash - # Double forward slashes are converted to single ones by Git Bash on Windows, so we use working directory - # relative labels instead. - run: | - bazelisk build ${{env.BUILD_BUDDY_CONFIG}} deploy:jazzer :jazzer_release - cp -L $(bazel cquery --output=files deploy:jazzer) jazzer-${{ matrix.name }}.jar - cp -L $(bazel cquery --output=files :jazzer_release) jazzer-${{ matrix.name }}.tar.gz - - - name: Upload jazzer.jar - uses: actions/upload-artifact@v3 - with: - name: jazzer_tmp - path: jazzer-${{ matrix.name }}.jar - if-no-files-found: error - - - name: Upload release archive - uses: actions/upload-artifact@v3 - with: - name: jazzer_releases - path: jazzer-${{ matrix.name }}.tar.gz - if-no-files-found: error - - merge_jars: + docker_push: runs-on: ubuntu-latest - needs: build_release + + environment: + name: Deploy steps: - uses: actions/checkout@v3 - - name: Download individual jars - uses: actions/download-artifact@v3 - with: - name: jazzer_tmp - path: _tmp/ - - - name: Merge jars - run: | - bazel run @rules_jvm_external//private/tools/java/com/github/bazelbuild/rules_jvm_external/jar:MergeJars -- \ - --output "$(pwd)"/_tmp/jazzer.jar \ - $(find "$(pwd)/_tmp/" -name '*.jar' -printf "--sources %h/%f ") + - name: Docker login + run: echo "${{ secrets.DOCKER_TOKEN }}" | docker login --username ${{ secrets.DOCKER_USER }} --password-stdin - - name: Upload merged jar - uses: actions/upload-artifact@v3 - with: - name: jazzer - path: _tmp/jazzer.jar - if-no-files-found: error + - name: Push docker containers + run: docker/push_all.sh diff --git a/deploy/deploy.sh b/deploy/deploy.sh index ffd45455..0f20e168 100755 --- a/deploy/deploy.sh +++ b/deploy/deploy.sh @@ -22,6 +22,9 @@ fail() { cd "$BUILD_WORKSPACE_DIRECTORY" || fail "BUILD_WORKSPACE_DIRECTORY not found" +echo "$RELEASE_SIGNING_KEY_PRIVATE" | gpg --import +echo "default-key $RELEASE_SIGNING_KEY_ID" > $HOME/.gnupg/gpg.conf + JAZZER_COORDINATES=$1 [ -z "${MAVEN_USER+x}" ] && \ |