Skip to content

Commit e9bd96b

Browse files
asmodatasmodat
authored
Merge pull request #329 from KiraCore/v0.1.26-rc.11
v0.1.26-rc.11 -> master
2 parents 2357bf1 + 8e519e6 commit e9bd96b

17 files changed

+229
-94
lines changed

.github/workflows/branch.yml

+10-2
Original file line numberDiff line numberDiff line change
@@ -14,13 +14,20 @@ jobs:
1414
id-token: write
1515
pull-requests: write
1616
steps:
17+
# Work around https://github.com/actions/checkout/issues/760
18+
- name: Add safe.directory
19+
run: |
20+
git config --global --add safe.directory /github/workspace
21+
git config --global --add safe.directory $PWD
1722
# ref.: https://github.com/actions/checkout, v3.0.0
1823
- name: Checkout repository
1924
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
2025
- name: Extract branch name on pull request
2126
shell: bash
2227
run: |
23-
chmod -v 666 ./RELEASE.md
28+
set -x
29+
git branch -r -l
30+
echo "(current dir): $PWD" && ls -l ./
2431
chmod -Rv 555 ./scripts
2532
RELEASE_VER=$(./scripts/version.sh) && echo "RELEASE_VER=$RELEASE_VER" >> $GITHUB_ENV
2633
REPOSITORY_NAME="${{ github.event.repository.name }}" && echo "REPOSITORY_NAME=$REPOSITORY_NAME" >> $GITHUB_ENV
@@ -50,11 +57,12 @@ jobs:
5057
branch: ${{ env.RELEASE_VER }}
5158
sha: ${{ env.MASTER_REF }}
5259
- name: Create PR from feature to version branch
60+
# ref. repo-sync/pull-request is broken, using cea2aj/pull-request instead
61+
uses: cea2aj/pull-request@84eb0c3478f13651e5649367941b867ca02d7926
5362
if: |
5463
( env.TARGET_BRANCH_EXISTS == false || env.TARGET_BRANCH_EXISTS == 'false' ) &&
5564
( env.RELEASE_EXISTS == false || env.RELEASE_EXISTS == 'false' ) &&
5665
( startsWith(env.RELEASE_VER, 'v') && contains(env.RELEASE_VER, '.') )
57-
uses: repo-sync/pull-request@5ba2c80b97c87b9174c1548141b7acd80f6376e1
5866
with:
5967
github_token: ${{ secrets.REPO_ACCESS }}
6068
source_branch: ${{ env.SOURCE_BRANCH }}

.github/workflows/main.yml

+73-48
Original file line numberDiff line numberDiff line change
@@ -16,18 +16,22 @@ jobs:
1616
id-token: write
1717
pull-requests: write
1818
container:
19-
image: ghcr.io/kiracore/docker/base-image:v0.8.0.0
19+
image: ghcr.io/kiracore/docker/base-image:v0.9.1.1
2020
steps:
21+
# Work around https://github.com/actions/checkout/issues/760
22+
- name: Add safe.directory
23+
run: |
24+
git config --global --add safe.directory /github/workspace
25+
git config --global --add safe.directory $PWD
26+
# ref.: https://github.com/actions/checkout, v3.0.0
2127
- name: Checkout repository
2228
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
23-
- name: Verify repo content
29+
- name: Checking dependency versions & packaging source files
2430
run: |
2531
echo "(current dir): $PWD" && ls -l ./
2632
cd ../ && tar -czvf src.tar.gz -C ./sekai . && cp ./src.tar.gz ./sekai/src.tar.gz
2733
cd ./sekai
28-
- name: Checking dependency versions
29-
run: |
30-
. /etc/profile && echo "Utils Version: $(utilsVersion)"
34+
. /etc/profile && echo "Utils Version: $(bashUtilsVersion)"
3135
go version
3236
echo "ENVS: $(env)"
3337
echo "HOME: $HOME"
@@ -50,20 +54,24 @@ jobs:
5054
- name: Inspecting & organizing artifacts
5155
run: |
5256
echo "(current dir): $PWD" && ls -l ./
53-
tar xvf ./src.tar.gz
5457
chmod -Rv 555 ./scripts
58+
RELEASE_VER="$(./scripts/version.sh)" && echo "RELEASE_VER=$RELEASE_VER" >> $GITHUB_ENV
5559
REPOSITORY_NAME="${{ github.event.repository.name }}" && echo "REPOSITORY_NAME=$REPOSITORY_NAME" >> $GITHUB_ENV
56-
RELEASE_VER=$(./scripts/version.sh) && echo "RELEASE_VER=$RELEASE_VER" >> $GITHUB_ENV
57-
echo "RELEASE_VER=$RELEASE_VER" >> $GITHUB_ENV
5860
git ls-remote https://github.com/kiracore/$REPOSITORY_NAME | egrep -q "refs/tags/${RELEASE_VER}$" && echo "RELEASE_EXISTS=true" >> $GITHUB_ENV || echo "RELEASE_EXISTS=false" >> $GITHUB_ENV
61+
if [[ "$RELEASE_VER" =~ $VERSION_REGEX ]] && [[ "$SOURCE_BRANCH" =~ $VERSION_REGEX ]] && [ "$SOURCE_BRANCH" != "$RELEASE_VER" ] ; then
62+
echo "ERROR: Version branch name MUST be the same as the app version, run scripts/version.sh to check app version!"
63+
exit 1
64+
else
65+
echo "INFO: Variables setup succeeded"
66+
fi
5967
- name: Print debug data before testing
6068
run: |
6169
echo " Source branch: ${{ env.SOURCE_BRANCH }}"
6270
echo "Destination branch: ${{ env.DESTINATION_BRANCH }}"
63-
echo " Event name: ${{ github.event_name }}"
64-
echo " Repository name: ${{ env.REPOSITORY_NAME }}"
65-
echo " Release version: ${{ env.RELEASE_VER }}"
66-
echo " Release exists: ${{ env.RELEASE_EXISTS }}"
71+
echo " Event name: ${{ github.event_name }}"
72+
echo " Repository name: ${{ env.REPOSITORY_NAME }}"
73+
echo " Release version: ${{ env.RELEASE_VER }}"
74+
echo " Release exists: ${{ env.RELEASE_EXISTS }}"
6775
- name: Testing SEKAI
6876
run: |
6977
make test
@@ -87,8 +95,9 @@ jobs:
8795
echo " sekai-linux-arm64.deb: sha256:$(sha256sum ./bin/sekai-linux-arm64.deb | awk '{ print $1 }')" >> ./bin/RELEASE.md
8896
echo "sekai-windows-amd64.exe: sha256:$(sha256sum ./bin/sekai-windows-amd64.exe | awk '{ print $1 }')" >> ./bin/RELEASE.md
8997
echo "sekai-windows-arm64.exe: sha256:$(sha256sum ./bin/sekai-windows-arm64.exe | awk '{ print $1 }')" >> ./bin/RELEASE.md
90-
echo " sekai-utils.sh: sha256:$(sha256sum ./bin/sekai-utils.sh | awk '{ print $1 }')" >> ./bin/RELEASE.md
9198
echo " source-code.tar.gz: sha256:$(sha256sum ./bin/source-code.tar.gz | awk '{ print $1 }')" >> ./bin/RELEASE.md
99+
echo " sekai-utils.sh: sha256:$(sha256sum ./bin/sekai-utils.sh | awk '{ print $1 }')" >> ./bin/RELEASE.md
100+
echo " sekai-env.sh: sha256:$(sha256sum ./bin/sekai-env.sh | awk '{ print $1 }')" >> ./bin/RELEASE.md
92101
echo -e "\`\`\`" >> ./bin/RELEASE.md
93102
tar -czvf deb.tar.gz -C ./bin .
94103
- name: Uploading artifacts
@@ -106,6 +115,12 @@ jobs:
106115
id-token: write
107116
pull-requests: write
108117
steps:
118+
# Install the cosign tool
119+
# ref.: https://github.com/sigstore/cosign-installer, v2.2.0
120+
- name: Install cosign
121+
uses: sigstore/cosign-installer@d6a3abf1bdea83574e28d40543793018b6035605
122+
with:
123+
cosign-release: 'v1.7.2'
109124
- name: Download artifacts
110125
uses: actions/download-artifact@v3.0.0
111126
with:
@@ -117,31 +132,36 @@ jobs:
117132
chmod -Rv 777 ./
118133
RELEASE_VER=$(cat ./RELEASE.md | tac | grep -Fn -m 1 'Release Versions: ' | rev | cut -d ":" -f1 | rev | xargs | tr -dc '[:alnum:]\-\.' || echo '')
119134
echo "RELEASE_VER=$RELEASE_VER" >> $GITHUB_ENV
120-
git ls-remote https://github.com/kiracore/${{ github.event.repository.name }} | egrep -q "refs/tags/${RELEASE_VER}$" && echo "RELEASE_EXISTS=true" >> $GITHUB_ENV || echo "RELEASE_EXISTS=false" >> $GITHUB_ENV
135+
REPOSITORY_NAME="${{ github.event.repository.name }}"
136+
echo "REPOSITORY_NAME=$REPOSITORY_NAME" >> $GITHUB_ENV
137+
git ls-remote https://github.com/kiracore/$REPOSITORY_NAME | egrep -q "refs/tags/${RELEASE_VER}$" && echo "RELEASE_EXISTS=true" >> $GITHUB_ENV || echo "RELEASE_EXISTS=false" >> $GITHUB_ENV
138+
[[ "$RELEASE_VER" == *"-rc"* ]] && echo "PRE_RELEASE=true" >> $GITHUB_ENV || echo "PRE_RELEASE=false" >> $GITHUB_ENV
121139
# Branch name is also a version of the release
122140
# ref: https://stackoverflow.com/questions/58033366/how-to-get-the-current-branch-within-github-actions
123141
- name: Extract branch name on push
124142
if: github.event_name == 'push'
125143
shell: bash
126144
run: |
127-
echo "SOURCE_BRANCH=$(echo ${GITHUB_REF#refs/heads/} | tr / -)" >> $GITHUB_ENV
128-
echo "DESTINATION_BRANCH=$(echo ${GITHUB_REF#refs/heads/} | tr / -)" >> $GITHUB_ENV
145+
echo "SOURCE_BRANCH=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV
146+
echo "DESTINATION_BRANCH=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV
129147
- name: Extract branch name on pull request
130148
if: github.event_name == 'pull_request'
131149
env:
132150
REF_BRANCH: ${{ github.event.pull_request.head.ref }}
133151
BASE_REF_BRANCH: ${{ github.base_ref }}
134152
shell: bash
135153
run: |
136-
echo "SOURCE_BRANCH=$(echo ${{ env.REF_BRANCH }} | tr / -)" >> $GITHUB_ENV
137-
echo "DESTINATION_BRANCH=$(echo ${{ env.BASE_REF_BRANCH }} | tr / -)" >> $GITHUB_ENV
154+
echo "SOURCE_BRANCH=$(echo ${{ env.REF_BRANCH }})" >> $GITHUB_ENV
155+
echo "DESTINATION_BRANCH=$(echo ${{ env.BASE_REF_BRANCH }})" >> $GITHUB_ENV
138156
- name: Print debug data before publishing
139157
run: |
140-
echo " Source branch: ${{ env.SOURCE_BRANCH }}"
141-
echo "Destination branch: ${{ env.DESTINATION_BRANCH }}"
142-
echo " Event name: ${{ github.event_name }}"
143-
echo " Release version: ${{ env.RELEASE_VER }}"
144-
echo " Release exists: ${{ env.RELEASE_EXISTS }}"
158+
echo " Source branch: ${{ env.SOURCE_BRANCH }}"
159+
echo " Dest. branch: ${{ env.DESTINATION_BRANCH }}"
160+
echo " Repo Name: ${{ env.REPOSITORY_NAME }}"
161+
echo " Event name: ${{ github.event_name }}"
162+
echo " Release ver.: ${{ env.RELEASE_VER }}"
163+
echo "Release exists: ${{ env.RELEASE_EXISTS }}"
164+
echo " Pre-release: ${{ env.PRE_RELEASE }}"
145165
- name: Reject on error
146166
# ref.: https://github.com/andrewslotin/rummelsnuff, v1.1.0
147167
uses: andrewslotin/rummelsnuff@a0c9c1929f44eefff922aced1ee4dd64eddf12d6
@@ -152,59 +172,59 @@ jobs:
152172
access_token: ${{ secrets.GITHUB_TOKEN }}
153173
# ref: https://github.com/softprops/action-gh-release, v0.1.14
154174
# Release on merge only (push action) - this should run only once
155-
- name: Publish release
175+
- name: Signing release files
156176
if: |
157177
github.event_name == 'push' &&
158178
( env.RELEASE_EXISTS == false || env.RELEASE_EXISTS == 'false' ) &&
159-
( startsWith(env.SOURCE_BRANCH, 'v') && contains(env.SOURCE_BRANCH, '.') && !contains(env.SOURCE_BRANCH, 'rc') && !contains(env.SOURCE_BRANCH, '-') )
160-
uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5
161-
with:
162-
body_path: RELEASE.md
163-
tag_name: ${{ env.SOURCE_BRANCH }}
164-
name: ${{ env.SOURCE_BRANCH }}
165-
prerelease: false
166-
draft: false
167-
fail_on_unmatched_files: true
168-
files: |
169-
./sekai-linux-amd64.deb
170-
./sekai-linux-arm64.deb
171-
./sekai-darwin-amd64.deb
172-
./sekai-darwin-arm64.deb
173-
./sekai-windows-amd64.exe
174-
./sekai-windows-arm64.exe
175-
./sekai-utils.sh
176-
./source-code.tar.gz
179+
( startsWith(env.SOURCE_BRANCH, 'v') && contains(env.SOURCE_BRANCH, '.') )
180+
shell: bash
181+
env:
182+
KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
183+
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
184+
run: |
185+
echo "$KEY" > ../cosign.key
186+
for FILE in *; do FILE_NAME=$(basename $FILE); cosign sign-blob --key=../cosign.key --output-signature=./${FILE_NAME}.sig ./$FILE_NAME; done
187+
rm -fv ../cosign.key
177188
# ref: https://github.com/softprops/action-gh-release, v0.1.14
178189
# Release on merge only (push action) - this should run only once
179-
- name: Publish pre-release
190+
- name: Publish release
180191
if: |
181192
github.event_name == 'push' &&
182193
( env.RELEASE_EXISTS == false || env.RELEASE_EXISTS == 'false' ) &&
183-
( startsWith(env.SOURCE_BRANCH, 'v') && contains(env.SOURCE_BRANCH, '.') && contains(env.SOURCE_BRANCH, '-') )
194+
( startsWith(env.SOURCE_BRANCH, 'v') && contains(env.SOURCE_BRANCH, '.') )
184195
uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5
185196
with:
186197
body_path: RELEASE.md
187198
tag_name: ${{ env.SOURCE_BRANCH }}
188199
name: ${{ env.SOURCE_BRANCH }}
189-
prerelease: true
200+
prerelease: ${{ env.PRE_RELEASE }}
190201
draft: false
191202
fail_on_unmatched_files: true
192203
files: |
193204
./sekai-linux-amd64.deb
205+
./sekai-linux-amd64.deb.sig
194206
./sekai-linux-arm64.deb
207+
./sekai-linux-arm64.deb.sig
195208
./sekai-darwin-amd64.deb
209+
./sekai-darwin-amd64.deb.sig
196210
./sekai-darwin-arm64.deb
211+
./sekai-darwin-arm64.deb.sig
197212
./sekai-windows-amd64.exe
213+
./sekai-windows-amd64.exe.sig
198214
./sekai-windows-arm64.exe
215+
./sekai-windows-arm64.exe.sig
199216
./sekai-utils.sh
217+
./sekai-utils.sh.sig
218+
./sekai-env.sh
219+
./sekai-env.sh.sig
200220
./source-code.tar.gz
221+
./source-code.tar.gz.sig
201222
# ref.: https://github.com/hmarr/auto-approve-action, v2.1.0
202223
# Do NOT approve IF release exists and the source branch is NOT a version branch
203224
- name: Approve pull request on success
204225
uses: hmarr/auto-approve-action@5d04a5ca6da9aeb8ca9f31a5239b96fc3e003029
205226
if: |
206227
( github.event_name == 'pull_request' ) &&
207-
(( env.RELEASE_EXISTS == false || env.RELEASE_EXISTS == 'false' ) || env.SOURCE_BRANCH == env.RELEASE_VER) &&
208228
( env.SOURCE_BRANCH == env.RELEASE_VER || env.DESTINATION_BRANCH == env.RELEASE_VER )
209229
with:
210230
github-token: "${{ secrets.GITHUB_TOKEN }}"
@@ -213,15 +233,20 @@ jobs:
213233
run: |
214234
rm -rfv ./*
215235
echo "(current dir): $PWD" && ls -l ./
236+
# Work around https://github.com/actions/checkout/issues/760
237+
- name: Add safe.directory
238+
run: |
239+
git config --global --add safe.directory /github/workspace
240+
git config --global --add safe.directory $PWD
216241
# ref.: https://github.com/actions/checkout, v3.0.0
217242
- name: Checkout repository
218243
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
219244
- name: Create PR from a version branch to latest
220-
# ref: https://github.com/repo-sync/pull-request
245+
# ref. repo-sync/pull-request is broken, using cea2aj/pull-request instead
246+
uses: cea2aj/pull-request@84eb0c3478f13651e5649367941b867ca02d7926
221247
if: |
222248
github.event_name == 'push' &&
223249
( startsWith(env.SOURCE_BRANCH, 'v') && contains(env.SOURCE_BRANCH, '.') )
224-
uses: repo-sync/pull-request@5ba2c80b97c87b9174c1548141b7acd80f6376e1
225250
with:
226251
github_token: ${{ secrets.REPO_ACCESS }}
227252
source_branch: ${{ env.SOURCE_BRANCH }}

.github/workflows/master.yml

+14-6
Original file line numberDiff line numberDiff line change
@@ -19,22 +19,30 @@ jobs:
1919
shell: bash
2020
run: |
2121
echo "SOURCE_BRANCH=$(echo ${GITHUB_REF#refs/heads/} | tr / -)" >> $GITHUB_ENV
22+
echo "DEFAULT_BRANCH=${{ github.event.repository.default_branch }}" >> $GITHUB_ENV
2223
- name: Print debug data before publishing
2324
run: |
24-
echo "Source branch: ${{ env.SOURCE_BRANCH }}"
25-
echo " Event name: ${{ github.event_name }}"
26-
echo " Repo. name: ${{ github.event.repository.name }}"
25+
echo " Source branch: ${{ env.DEFAULT_BRANCH }}"
26+
echo "Default branch: ${{ env.SOURCE_BRANCH }}"
27+
echo " Event name: ${{ github.event_name }}"
28+
echo " Repo. name: ${{ github.event.repository.name }}"
29+
# Work around https://github.com/actions/checkout/issues/760
30+
- name: Add safe.directory
31+
run: |
32+
git config --global --add safe.directory /github/workspace
33+
git config --global --add safe.directory $PWD
2734
# ref.: https://github.com/actions/checkout, v3.0.0
2835
- name: Checkout repository
2936
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
3037
- name: Create PR from a version branch to master after version branch push
38+
# ref. repo-sync/pull-request is broken, using cea2aj/pull-request instead
39+
uses: cea2aj/pull-request@84eb0c3478f13651e5649367941b867ca02d7926
3140
if: startsWith(env.SOURCE_BRANCH, 'v') && contains(env.SOURCE_BRANCH, '.')
32-
uses: repo-sync/pull-request@5ba2c80b97c87b9174c1548141b7acd80f6376e1
3341
with:
3442
github_token: ${{ secrets.REPO_ACCESS }}
3543
source_branch: ${{ env.SOURCE_BRANCH }}
36-
destination_branch: ${{ github.event.repository.default_branch }}
37-
pr_title: "${{ env.SOURCE_BRANCH }} -> ${{ github.event.repository.default_branch }}"
44+
destination_branch: ${{ env.DEFAULT_BRANCH}}
45+
pr_title: "${{ env.SOURCE_BRANCH }} -> ${{ env.DEFAULT_BRANCH}}"
3846
pr_label: "kira-automation"
3947
pr_assignee: "asmodat"
4048
pr_allow_empty: true

.github/workflows/spam.yml

+12-3
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,11 @@ jobs:
1818
REF_BRANCH: ${{ github.event.pull_request.head.ref }}
1919
BASE_REF_BRANCH: ${{ github.base_ref }}
2020
steps:
21+
# Work around https://github.com/actions/checkout/issues/760
22+
- name: Add safe.directory
23+
run: |
24+
git config --global --add safe.directory /github/workspace
25+
git config --global --add safe.directory $PWD
2126
# ref.: https://github.com/actions/checkout, v3.0.0
2227
- name: Checkout repository
2328
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
@@ -27,10 +32,14 @@ jobs:
2732
shell: bash
2833
run: |
2934
chmod -Rv 555 ./scripts
35+
VERSION_REGEX="^(v?)([0-9]+)\.([0-9]+)\.([0-9]+)(-?)([a-zA-Z]+)?(\.?([0-9]+)?)$"
36+
REPOSITORY_NAME=${{ github.event.repository.name }}
3037
RELEASE_VER=$(./scripts/version.sh) && echo "RELEASE_VER=$RELEASE_VER" >> $GITHUB_ENV
31-
echo "SOURCE_BRANCH=$(echo ${{ env.REF_BRANCH }} | tr / -)" >> $GITHUB_ENV
32-
echo "DESTINATION_BRANCH=$(echo ${{ env.BASE_REF_BRANCH }} | tr / -)" >> $GITHUB_ENV
33-
git ls-remote https://github.com/kiracore/${{ github.event.repository.name }} | egrep -q "refs/tags/${RELEASE_VER}$" && echo "RELEASE_EXISTS=true" >> $GITHUB_ENV || echo "RELEASE_EXISTS=false" >> $GITHUB_ENV
38+
SOURCE_BRANCH="$(echo ${{ env.REF_BRANCH }})" && echo "SOURCE_BRANCH=$SOURCE_BRANCH" >> $GITHUB_ENV
39+
DESTINATION_BRANCH="$(echo ${{ env.BASE_REF_BRANCH }})" && echo "DESTINATION_BRANCH=$DESTINATION_BRANCH" >> $GITHUB_ENV
40+
git ls-remote https://github.com/kiracore/$REPOSITORY_NAME | egrep -q "refs/tags/${RELEASE_VER}$" && echo "RELEASE_EXISTS=true" >> $GITHUB_ENV || echo "RELEASE_EXISTS=false" >> $GITHUB_ENV
41+
[[ "$SOURCE_BRANCH" =~ $VERSION_REGEX ]] && echo "SOURCE_VERSIONED=true" >> $GITHUB_ENV || echo "SOURCE_VERSIONED=false" >> $GITHUB_ENV
42+
[[ "$DESTINATION_BRANCH" =~ $VERSION_REGEX ]] && echo "DESTINATION_VERSIONED=true" >> $GITHUB_ENV || echo "DESTINATION_VERSIONED=false" >> $GITHUB_ENV
3443
- name: Print debug data before publishing
3544
run: |
3645
echo " Source branch: ${{ env.SOURCE_BRANCH }}"

Makefile

+2
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
.PHONY: all install go.sum test test-local lint proto-gen proto-gen-local build start publish
2+
13
all: install
24
install:
35
./scripts/build.sh

0 commit comments

Comments
 (0)