fix(ci): remove nixbuild build step #47
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release Component | ||
on: | ||
push: | ||
# tags: ['*/v[0-9]+\.[0-9]+\.[0-9]+\-rc[0-9]+', '*/v[0-9]+\.[0-9]+\.[0-9]+'] | ||
jobs: | ||
eval-tag: | ||
runs-on: ubuntu-latest | ||
outputs: | ||
build: ${{ steps.eval.outputs.BUILD }} | ||
component: ${{ steps.eval.outputs.COMPONENT }} | ||
image-produced: ${{ steps.eval.outputs.IMAGE_PRODUCED}} | ||
version: ${{ steps.eval.outputs.VERSION }} | ||
systems: ${{ steps.eval.outputs.SYSTEMS }} | ||
archive: ${{ steps.eval.outputs.ARCHIVE }} | ||
steps: | ||
- id: eval | ||
env: | ||
# TAG: ${{github.ref_name}} | ||
TAG: bundle-testnet-9 | ||
run: | | ||
component="${TAG%/*}" | ||
case $component in | ||
bundle-testnet-9) | ||
attrs="[\"bundle-testnet-9\", \"bundle-testnet-9-image\"]" | ||
systems="[\"x86_64-linux\", \"aarch64-linux\"]" | ||
echo "COMPONENT=$component" >> $GITHUB_OUTPUT | ||
echo "IMAGE_PRODUCED=true" >> $GITHUB_OUTPUT | ||
echo "SYSTEMS=$systems" >> $GITHUB_OUTPUT | ||
echo "ARCHIVE=true" >> $GITHUB_OUTPUT | ||
;; | ||
cometbls-light-client) | ||
attrs="[\"cometbls-light-client\"]" | ||
systems="[\"x86_64-linux\"]" | ||
echo "COMPONENT=$component" >> $GITHUB_OUTPUT | ||
echo "SYSTEMS=$systems" >> $GITHUB_OUTPUT | ||
echo "ARCHIVE=true" >> $GITHUB_OUTPUT | ||
;; | ||
ucs01-relay) | ||
attrs="[\"ucs01-relay\"]" | ||
systems="[\"x86_64-linux\"]" | ||
echo "COMPONENT=$component" >> $GITHUB_OUTPUT | ||
echo "SYSTEMS=$systems" >> $GITHUB_OUTPUT | ||
echo "ARCHIVE=true" >> $GITHUB_OUTPUT | ||
;; | ||
uniond) | ||
attrs="[\"uniond-release\", \"uniond-release-image\"]" | ||
systems="[\"x86_64-linux\", \"aarch64-linux\"]" | ||
echo "COMPONENT=uniond-release" >> $GITHUB_OUTPUT | ||
echo "IMAGE_PRODUCED=true" >> $GITHUB_OUTPUT | ||
echo "SYSTEMS=$systems" >> $GITHUB_OUTPUT | ||
;; | ||
voyager) | ||
attrs="[\"voyager\"]" | ||
systems="[\"x86_64-linux\", \"aarch64-linux\"]" | ||
echo "COMPONENT=$component" >> $GITHUB_OUTPUT | ||
echo "SYSTEMS=$systems" >> $GITHUB_OUTPUT | ||
;; | ||
evm-contracts) | ||
attrs="[\"evm-contracts\"]" | ||
systems="[\"x86_64-linux\"]" | ||
echo "COMPONENT=$component" >> $GITHUB_OUTPUT | ||
echo "SYSTEMS=$systems" >> $GITHUB_OUTPUT | ||
echo "ARCHIVE=true" >> $GITHUB_OUTPUT | ||
;; | ||
*) | ||
echo "Invalid tag $TAG" | ||
exit 1 | ||
;; | ||
esac | ||
echo "BUILD=(.top_attr == \"packages\") \ | ||
and ([.system] | inside($systems) ) \ | ||
and ([.attr] | inside($attrs))" >> $GITHUB_OUTPUT | ||
echo "VERSION=${TAG##*/}" >> $GITHUB_OUTPUT | ||
download-images-x86_64: | ||
if: ${{ needs.eval-tag.outputs.image-produced }} | ||
needs: [build, eval-tag] | ||
Check failure on line 79 in .github/workflows/release-component.yml GitHub Actions / Release ComponentInvalid workflow file
|
||
runs-on: ubuntu-24.04 | ||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
lfs: true | ||
- uses: nixbuild/nix-quick-install-action@v28 | ||
with: | ||
nix_conf: | | ||
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= union.cachix.org-1:TV9o8jexzNVbM1VNBOq9fu8NK+hL6ZhOyOh0quATy+M= | ||
trusted-substituters = https://cache.nixos.org https://cache.garnix.io https://union.cachix.org | ||
- name: Fetch from Cache | ||
env: | ||
COMPONENT: ${{ needs.eval-tag.outputs.component }} | ||
run: | | ||
nix build .#packages.x86_64-linux."$COMPONENT" | ||
cp -Lr result x86_64-linux.${{ needs.eval-tag.outputs.component }}-image | ||
exit 1 | ||
- uses: actions/upload-artifact@v4 | ||
with: | ||
name: x86_64-linux.${{ needs.eval-tag.outputs.component }}-image | ||
path: x86_64-linux.${{ needs.eval-tag.outputs.component }}-image | ||
download-images-aarch64: | ||
if: ${{ needs.eval-tag.outputs.image-produced }} | ||
needs: [build, eval-tag] | ||
runs-on: ubuntu-24.04-arm | ||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
lfs: true | ||
- uses: nixbuild/nix-quick-install-action@v28 | ||
with: | ||
nix_conf: | | ||
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= union.cachix.org-1:TV9o8jexzNVbM1VNBOq9fu8NK+hL6ZhOyOh0quATy+M= | ||
trusted-substituters = https://cache.nixos.org https://cache.garnix.io https://union.cachix.org | ||
- name: Fetch from Cache | ||
env: | ||
COMPONENT: ${{ needs.eval-tag.outputs.component }} | ||
run: | | ||
nix build .#packages.aarch64-linux."$COMPONENT" | ||
cp -Lr result aarch64-linux."$COMPONENT"-image | ||
exit 1 | ||
- uses: actions/upload-artifact@v4 | ||
with: | ||
name: aarch64-linux.${{ needs.eval-tag.outputs.component }}-image | ||
path: aarch64-linux.${{ needs.eval-tag.outputs.component }}-image | ||
download-binaries-x86_64: | ||
needs: [build, eval-tag] | ||
runs-on: ubuntu-24.04 | ||
strategy: | ||
matrix: | ||
system: ${{ fromJSON(needs.eval-tag.outputs.systems) }} | ||
steps: | ||
- uses: actions/download-artifact@v4 | ||
with: | ||
name: packages.${{ matrix.system }}.${{ needs.eval-tag.outputs.component }} | ||
- uses: nixbuild/nix-quick-install-action@v28 | ||
- uses: nixbuild/nixbuild-action@812f1ab2b51842b0d44b9b79574611502d6940a0 | ||
with: | ||
nixbuild_token: ${{ secrets.nixbuild_token }} | ||
- env: | ||
ARCHIVE: ${{ needs.eval-tag.outputs.archive }} | ||
COMPONENT: ${{ needs.eval-tag.outputs.component }} | ||
SYSTEM: ${{ matrix.system }} | ||
run: | | ||
exit 1 | ||
mkdir "$SYSTEM" | ||
echo "Getting OUTPUT and NARINFO_NAME" | ||
OUTPUT=$(jq -r \ | ||
--arg component "$COMPONENT" \ | ||
--arg system "$SYSTEM" \ | ||
'.packages[$system][$component].outputs.out' result.json) | ||
NARINFO_NAME=$(basename "$OUTPUT" | cut -d'-' -f1) | ||
echo "Copying $OUTPUT from nixbuild.net" | ||
nix copy --to "file://$(pwd)/$SYSTEM" --from ssh-ng://eu.nixbuild.net "$OUTPUT" --extra-experimental-features nix-command | ||
echo "Get the NAR_URL" | ||
nar_url_line=$(cat "./$SYSTEM/$NARINFO_NAME.narinfo" | grep "URL:") | ||
NAR_URL=$(echo "$nar_url_line" | cut -d " " -f 2-) | ||
echo "Restore the package from the NAR_URL archive" | ||
cat "$SYSTEM/$NAR_URL" | xz -dc | nix-store --restore "$SYSTEM.$COMPONENT" | ||
if [[ "$COMPONENT" =~ uniond-release ]] | ||
then | ||
mv "$SYSTEM.$COMPONENT"/bin/uniond "$COMPONENT-$SYSTEM" | ||
elif [[ $ARCHIVE ]] | ||
then | ||
ls -la | ||
tar -zcf "$COMPONENT-$SYSTEM" "$SYSTEM.$COMPONENT" | ||
else | ||
mv "$SYSTEM.$COMPONENT/bin/$COMPONENT" "$COMPONENT-$SYSTEM" | ||
fi | ||
- uses: actions/upload-artifact@v4 | ||
with: | ||
name: ${{ needs.eval-tag.outputs.component }}-${{ matrix.system }} | ||
path: ${{ needs.eval-tag.outputs.component }}-${{ matrix.system }} | ||
release-images: | ||
needs: [download-images-x86_64, eval-tag] | ||
if: ${{ needs.eval-tag.outputs.image-produced }} | ||
runs-on: ubuntu-latest | ||
permissions: | ||
packages: write | ||
services: | ||
registry: | ||
image: registry:2 | ||
ports: | ||
- 5000:5000 | ||
steps: | ||
- uses: docker/login-action@v2 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Download aarch64-linux.${{ needs.eval-tag.outputs.component }}-image | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: aarch64-linux.${{ needs.eval-tag.outputs.component }}-image | ||
- name: Download x86_64-linux.${{ needs.eval-tag.outputs.component }}-image | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: x86_64-linux.${{ needs.eval-tag.outputs.component }}-image | ||
- name: Tag Docker Images | ||
env: | ||
COMPONENT: ${{ needs.eval-tag.outputs.component }} | ||
TAG: ${{ needs.eval-tag.outputs.version }} | ||
run: | | ||
echo "Entering for loop" | ||
for arch in 'aarch64-linux' 'x86_64-linux' | ||
do | ||
echo "Tagging $COMPONENT for $arch" | ||
dockerstring=$(docker load < $arch.$COMPONENT-image) | ||
dockerstring=$(echo ${dockerstring##*':'}) | ||
echo "Getting image ID for $dockerstring" | ||
imageid=$(docker images --format "{{.ID}}:{{.Tag}}" | grep $dockerstring) | ||
imageid=$(echo ${imageid%%':'*}) | ||
echo "Tagging image" | ||
docker tag "$imageid" "localhost:5000/unionlabs/$COMPONENT:$TAG-$arch" | ||
echo "$COMPONENT for $arch is tagged" | ||
docker push "localhost:5000/unionlabs/$COMPONENT:$TAG-$arch" | ||
echo "localhost:5000/unionlabs/$COMPONENT:$TAG-$arch is pushed" | ||
done | ||
- name: Create Manifest | ||
env: | ||
COMPONENT: ${{ needs.eval-tag.outputs.component }} | ||
TAG: ${{ needs.eval-tag.outputs.version }} | ||
run: | | ||
docker pull "localhost:5000/unionlabs/$COMPONENT:$TAG-aarch64-linux" | ||
docker pull "localhost:5000/unionlabs/$COMPONENT:$TAG-x86_64-linux" | ||
docker manifest create --insecure \ | ||
"localhost:5000/unionlabs/$COMPONENT:$TAG" \ | ||
--amend "localhost:5000/unionlabs/$COMPONENT:$TAG-aarch64-linux" \ | ||
--amend "localhost:5000/unionlabs/$COMPONENT:$TAG-x86_64-linux" \ | ||
- name: Push Manifest to Local Registry | ||
env: | ||
COMPONENT: ${{ needs.eval-tag.outputs.component }} | ||
TAG: ${{ needs.eval-tag.outputs.version }} | ||
run: docker manifest push "localhost:5000/unionlabs/$COMPONENT:$TAG" | ||
- uses: actions/checkout@v4 | ||
with: | ||
lfs: true | ||
fetch-depth: 0 | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Annotate Manifest | ||
env: | ||
COMPONENT: ${{ needs.eval-tag.outputs.component }} | ||
TAG: ${{ needs.eval-tag.outputs.version }} | ||
run: | | ||
curl -L https://github.com/regclient/regclient/releases/latest/download/regctl-linux-amd64 >regctl | ||
chmod 755 regctl && sudo cp ./regctl /usr/bin | ||
echo "downloaded & installed regctl" | ||
regctl registry set --tls disabled localhost:5000 | ||
regctl image mod "localhost:5000/unionlabs/$COMPONENT:$TAG" --to-oci --create "$TAG" --annotation org.opencontainers.image.description="$(cat "$GITHUB_WORKSPACE/.github/container-descriptions/$COMPONENT.txt")" | ||
- uses: docker/login-action@v2 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Copy Manifest to GHCR | ||
env: | ||
COMPONENT: ${{ needs.eval-tag.outputs.component }} | ||
TAG: ${{ needs.eval-tag.outputs.version }} | ||
run: | | ||
wget https://github.com/rapidsai/skopeo/releases/download/v1.12/skopeo-linux-amd64 -O ./skopeo | ||
chmod +x ./skopeo && sudo cp ./skopeo /usr/bin | ||
echo "downloaded & installed skopeo" | ||
skopeo copy --multi-arch=all --insecure-policy --src-tls-verify=false "docker://localhost:5000/unionlabs/$COMPONENT:$TAG" "docker://ghcr.io/unionlabs/$COMPONENT:$TAG" | ||
echo "Copied $COMPONENT:$TAG multi-arch to GHCR" | ||
public-release: | ||
needs: [download-binaries-x86_64, eval-tag] | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/download-artifact@v4 | ||
- id: prep-artifacts | ||
env: | ||
COMPONENT: ${{ needs.eval-tag.outputs.component }} | ||
ARCHIVE: ${{ needs.eval-tag.outputs.archive }} | ||
SYSTEMS: ${{ needs.eval-tag.outputs.systems }} | ||
run: | | ||
echo "# sha256 Checksums" >> release.md | ||
x86_64=$(echo "$SYSTEMS" | jq 'contains(["x86_64-linux"])') | ||
aarch64=$(echo "$SYSTEMS" | jq 'contains(["aarch64-linux"])') | ||
if [[ $ARCHIVE ]]; then | ||
if [[ $x86_64 = true ]]; then | ||
echo "Renaming x86_64-linux archive" | ||
comp_x86_64="$COMPONENT-x86_64-linux" | ||
comp_x86_64_archive="$comp_x86_64.tar.gz" | ||
echo "- $(cd "$comp_x86_64" && mv "$comp_x86_64" "$comp_x86_64_archive" && sha256sum "$comp_x86_64_archive")" >> release.md | ||
fi | ||
if [[ $aarch64 = true ]]; then | ||
echo "Renaming aarch64-linux archive" | ||
comp_aarch64="$COMPONENT-aarch64-linux" | ||
comp_aarch64_archive="$comp_aarch64.tar.gz" | ||
echo "- $(cd "$comp_aarch64" && mv "$comp_aarch64" "$comp_aarch64_archive" && sha256sum "$comp_aarch64_archive")" >> release.md | ||
fi | ||
echo "Setting archive output" | ||
echo "FILES=**/$COMPONENT-*.tar.gz" >> $GITHUB_OUTPUT | ||
else | ||
if [[ $x86_64 = true ]]; then | ||
echo "Renaming x86_64-linux binary" | ||
comp_x86_64="$COMPONENT-x86_64-linux" | ||
echo "- $(cd "$comp_x86_64" && sha256sum "$comp_x86_64")" >> release.md | ||
fi | ||
if [[ $aarch64 = true ]]; then | ||
echo "Renaming aarch64-linux binary" | ||
comp_aarch64="$COMPONENT-aarch64-linux" | ||
echo "- $(cd "$comp_aarch64" && sha256sum "$comp_aarch64")" >> release.md | ||
fi | ||
echo "Setting binary output" | ||
echo "FILES=**/$COMPONENT-*" >> $GITHUB_OUTPUT | ||
fi | ||
tree | ||
- uses: softprops/action-gh-release@v2 | ||
with: | ||
body_path: release.md | ||
prerelease: false | ||
repository: unionlabs/union | ||
token: ${{ secrets.UNION_RELEASES_PAT }} | ||
name: ${{needs.eval-tag.outputs.component}} ${{needs.eval-tag.outputs.version}} | ||
tag_name: ${{ needs.eval-tag.outputs.version }} | ||
fail_on_unmatched_files: true | ||
files: ${{ steps.prep-artifacts.outputs.FILES }} |