Skip to content

Build and Publish to APT #14

Build and Publish to APT

Build and Publish to APT #14

Workflow file for this run

name: Build and Publish to APT
on:
release:
types: [published]
workflow_dispatch:
inputs:
tag_name:
description: "Release tag name for testing (e.g., 2.1.2)"
required: true
default: ""
build_dists:
description: "Distributions to build for (comma-separated, e.g., focal,jammy, noble)"
required: false
default: "focal,jammy,noble"
smoke_test_images:
description: "Docker images for smoke testing (comma-separated, e.g., ubuntu:20.04,ubuntu:22.04,ubuntu:24.04)"
required: false
default: "ubuntu:20.04,ubuntu:22.04,ubuntu:24.04"
jobs:
build-source-package:
runs-on: ubuntu-latest
strategy:
matrix:
dist: ${{ fromJSON(vars.BUILD_DISTS) }}
steps:
- uses: actions/checkout@v4
with:
path: sources
- name: Install dependencies
run: |
sudo apt-get update && \
sudo apt-get install \
debhelper dput libevent-dev libpcre2-dev libssl-dev pkg-config
- name: Create changelog
env:
VERSION: ${{ github.event.inputs.tag_name || github.event.release.tag_name }}
DIST: ${{ matrix.dist }}
run: |
mkdir -p sources/debian
if [ "${{ github.event_name }}" = "release" ]; then
RELEASE_URL=": ${{ github.event.release.html_url }}"
else
RELEASE_URL=""
fi
(echo "memtier-benchmark ($VERSION~$DIST) $DIST; urgency=medium"
echo ""
echo " * Release $VERSION$RELEASE_URL"
echo ""
echo " -- Redis Team <[email protected]> $(date -R)") > sources/debian/changelog
- name: Build source package
run: |
cd sources && dpkg-buildpackage -S
- name: Upload source package artifact
uses: actions/upload-artifact@v4
with:
name: source-${{ matrix.dist }}
path: |
*.debian.tar.*
*.dsc
memtier-benchmark_*.tar.*
build-binary-package:
runs-on: ubuntu-latest
environment: build
strategy:
matrix:
dist: ${{ fromJSON(vars.BUILD_DISTS) }}
arch: ${{ fromJSON(vars.BUILD_ARCHS) }}
exclude: ${{ fromJSON(vars.BUILD_EXCLUDE) }}
needs: build-source-package
steps:
- uses: actions/checkout@v4
- name: Determine build architecture
run: |
if [ ${{ matrix.arch }} = "i386" ]; then
BUILD_ARCH=i386
else
BUILD_ARCH=amd64
fi
echo "BUILD_ARCH=${BUILD_ARCH}" >> $GITHUB_ENV
- name: Setup APT Signing key
run: |
mkdir -m 0700 -p ~/.gnupg
echo "$APT_SIGNING_KEY" | gpg --import
env:
APT_SIGNING_KEY: ${{ secrets.APT_SIGNING_KEY }}
- name: Install dependencies
run: |
sudo apt-get update && \
sudo apt-get install \
sbuild debhelper
sudo sbuild-adduser $USER
- name: Prepare sbuild environment
run: sudo ./debian/setup_sbuild.sh ${{ matrix.dist }} ${{ env.BUILD_ARCH }}
- name: Get source package
uses: actions/download-artifact@v4
with:
name: source-${{ matrix.dist }}
- name: Build binary package
run: |
sudo sbuild \
--nolog \
--host ${{ matrix.arch }} \
--build ${{ env.BUILD_ARCH }} \
--dist ${{ matrix.dist }} *.dsc
- name: Upload binary package artifact
uses: actions/upload-artifact@v4
with:
name: binary-${{ matrix.dist }}-${{ matrix.arch }}
path: |
*.deb
- name: Upload as release assets
# we don't upload on workflow dispatch
if: github.event_name == 'release'
uses: softprops/action-gh-release@v1
with:
files: |
*.deb
smoke-test-packages:
runs-on: ubuntu-latest
needs: build-binary-package
env:
ARCH: amd64
# required by ubuntu:bionic
# https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true
strategy:
matrix:
image: ${{ fromJSON(vars.SMOKE_TEST_IMAGES) }}
container: ${{ matrix.image }}
steps:
- name: Extract BUILD_ARCH from matrix.image
run: |
BUILD_ARCH=$(echo ${{ matrix.image }} | cut -d: -f2)
if [ -z "$BUILD_ARCH" ]; then
echo "Error: Failed to extract BUILD_ARCH from matrix.image" >&2
exit 1
fi
echo "BUILD_ARCH=$BUILD_ARCH" >> $GITHUB_ENV
- name: Get binary packages for ubuntu:bionic
if: matrix.image == 'ubuntu:bionic'
uses: actions/download-artifact@v3
with:
name: binary-${{ env.BUILD_ARCH }}-${{ env.ARCH }}
path: binary-${{ env.BUILD_ARCH }}-${{ env.ARCH }}
- name: Get binary packages for other versions
if: matrix.image != 'ubuntu:bionic'
uses: actions/download-artifact@v4
with:
name: binary-${{ env.BUILD_ARCH }}-${{ env.ARCH }}
path: binary-${{ env.BUILD_ARCH }}-${{ env.ARCH }}
- name: Install packages
run: |
apt-get update
cd binary-${{ env.BUILD_ARCH }}-${{ env.ARCH }} && apt install --yes ./*.deb
publish-to-apt:
env:
DEB_S3_VERSION: "0.11.3"
runs-on: ubuntu-latest
environment: build
needs: smoke-test-packages
steps:
- name: Setup APT Signing key
run: |
mkdir -m 0700 -p ~/.gnupg
echo "$APT_SIGNING_KEY" | gpg --import
env:
APT_SIGNING_KEY: ${{ secrets.APT_SIGNING_KEY }}
- name: Get binary packages
uses: actions/download-artifact@v4
- name: Setup ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: "2.7"
- name: Install deb-s3
run: |
curl -sLO https://github.com/deb-s3/deb-s3/releases/download/${{ env.DEB_S3_VERSION }}/deb-s3-${{ env.DEB_S3_VERSION }}.gem
gem install deb-s3-${{ env.DEB_S3_VERSION }}.gem
- name: Quick hack to deal with duplicate _all packages
run: |
# Quick hack to deal with duplicate _all packages
rm -f binary-*-i386/*_all.deb
- name: List all packages to be uploaded
run: |
for dir in binary-*; do \
dist=$(echo $dir | cut -d- -f 2) ; \
ls -lha $dir/*.deb ; \
done
- name: Upload packages
# We stop here on the workflow dispatch smoke tests and on the preleases
if: github.event_name == 'release' && github.event.release.prerelease == false
run: |
for dir in binary-*; do \
dist=$(echo $dir | cut -d- -f 2) ; \
deb-s3 upload \
--bucket ${{ secrets.APT_S3_BUCKET }} \
--s3-region ${{ secrets.APT_S3_REGION }} \
--codename $dist \
--preserve-versions \
--fail-if-exists \
--sign \
--prefix deb \
$dir/*.deb ; \
done
env:
AWS_ACCESS_KEY_ID: ${{ secrets.APT_S3_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.APT_S3_SECRET_ACCESS_KEY }}