1.7.1 #123
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Package | |
| on: | |
| push: | |
| branches: | |
| - 'master' | |
| - 'test/**' | |
| paths: | |
| - 'VERSION' | |
| permissions: | |
| contents: write | |
| defaults: | |
| run: | |
| shell: bash | |
| env: | |
| RELEASE: ${{ github.run_number }} | |
| CGO_ENABLED: 1 | |
| jobs: | |
| build_windows: | |
| name: "Build Windows" | |
| runs-on: windows-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Set up Go | |
| uses: WillAbides/setup-go-faster@a0ff5217a7d2567ed6ff1aa2b7d8f9d58173b2c9 # v1.14.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Read version | |
| run: | | |
| echo "VERSION=$(cat VERSION)" >> $GITHUB_ENV | |
| - name: Copy syso files | |
| run: | | |
| cp -r pkg/windows/syso/* . | |
| - name: Build binary | |
| run: >- | |
| go build | |
| -trimpath -p 4 | |
| -ldflags="-H=windowsgui -s -w -X main.version=${VERSION}" | |
| -o bin/pinnacle-windows-amd64.exe | |
| . | |
| - name: Authenticate with Google Cloud | |
| uses: google-github-actions/auth@71fee32a0bb7e97b4d33d548e7d957010649d8fa # v2.1.3 | |
| with: | |
| credentials_json: ${{ secrets.GCP_CREDENTIALS }} | |
| - name: Set up Google Cloud SDK | |
| uses: google-github-actions/setup-gcloud@98ddc00a17442e89a24bbf282954a3b65ce6d200 # v2.1.0 | |
| - name: Download jsign | |
| run: ./ci/download-jsign.sh | |
| - name: Decode certificate | |
| run: | | |
| echo "${{ secrets.CERTFILE_BASE64 }}" | base64 --decode > pinnacle-certificate.pem | |
| - name: Sign binary | |
| run: >- | |
| java -jar jsign.jar | |
| --storetype GOOGLECLOUD | |
| --storepass "$(gcloud auth print-access-token)" | |
| --keystore "${{ secrets.GCP_KEYSTORE }}" | |
| --alias "${{ secrets.GCP_KEY_ALIAS }}" | |
| --certfile pinnacle-certificate.pem | |
| --tsmode RFC3161 | |
| --tsaurl http://timestamp.globalsign.com/tsa/r6advanced1 | |
| bin/pinnacle-windows-amd64.exe | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 | |
| with: | |
| name: windows-binaries | |
| path: bin | |
| retention-days: 1 | |
| if-no-files-found: error | |
| build_linux: | |
| name: "Build Linux" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Install dependencies | |
| run: >- | |
| sudo apt-get update && | |
| sudo apt-get install -y | |
| libgl-dev | |
| libx11-dev | |
| libxrandr-dev | |
| libxxf86vm-dev | |
| libxi-dev | |
| libxcursor-dev | |
| libxinerama-dev | |
| libxkbcommon-dev | |
| - name: Set up Go | |
| uses: WillAbides/setup-go-faster@a0ff5217a7d2567ed6ff1aa2b7d8f9d58173b2c9 # v1.14.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Read version | |
| run: | | |
| echo "VERSION=$(cat VERSION)" >> $GITHUB_ENV | |
| - name: Build binary | |
| run: >- | |
| env | |
| GOARCH=amd64 | |
| go build -trimpath -p 4 | |
| -ldflags="-s -w -X main.version=${VERSION}" | |
| -o bin/pinnacle-linux-amd64 | |
| . | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 | |
| with: | |
| name: linux-binaries | |
| path: bin | |
| retention-days: 1 | |
| if-no-files-found: error | |
| build_macos: | |
| name: "Build MacOS" | |
| runs-on: macos-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Set up Go | |
| uses: WillAbides/setup-go-faster@a0ff5217a7d2567ed6ff1aa2b7d8f9d58173b2c9 # v1.14.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Read version | |
| run: | | |
| echo "VERSION=$(cat VERSION)" >> $GITHUB_ENV | |
| - name: Build AMD64 binary | |
| run: >- | |
| env | |
| GOARCH=amd64 | |
| GOOS=darwin | |
| go build -trimpath -buildmode=pie -p 3 | |
| -ldflags="-s -w -X main.version=${VERSION}" | |
| -o bin/pinnacle-darwin-amd64 | |
| . | |
| - name: Build ARM64 binary | |
| run: >- | |
| env | |
| GOARCH=arm64 | |
| GOOS=darwin | |
| go build -trimpath -buildmode=pie -p 3 | |
| -ldflags="-s -w -X main.version=${VERSION}" | |
| -o bin/pinnacle-darwin-arm64 | |
| . | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 | |
| with: | |
| name: macos-binaries | |
| path: bin | |
| retention-days: 1 | |
| if-no-files-found: error | |
| package_windows: | |
| name: "Package Windows" | |
| runs-on: windows-latest | |
| needs: [ build_windows ] | |
| steps: | |
| - name: Checkout .iss files | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| sparse-checkout: | | |
| pkg/windows | |
| VERSION | |
| ci | |
| - name: Download binaries | |
| uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
| with: | |
| name: windows-binaries | |
| path: bin | |
| - name: Read version | |
| run: | | |
| echo "VERSION=$(cat VERSION)" >> $GITHUB_ENV | |
| - name: Package AMD64 with InnoSetup | |
| run: | | |
| AMD_ISS=pkg/windows/iss/PackagePinnacle-amd64.iss | |
| sed -i "s/#define MyAppVersion \"1.0.0\"/#define MyAppVersion \"${VERSION}\"/" "$AMD_ISS" | |
| iscc.exe "$AMD_ISS" | |
| - name: Authenticate with Google Cloud | |
| uses: google-github-actions/auth@71fee32a0bb7e97b4d33d548e7d957010649d8fa # v2.1.3 | |
| with: | |
| credentials_json: ${{ secrets.GCP_CREDENTIALS }} | |
| - name: Set up Google Cloud SDK | |
| uses: google-github-actions/setup-gcloud@98ddc00a17442e89a24bbf282954a3b65ce6d200 # v2.1.0 | |
| - name: Download jsign | |
| run: ./ci/download-jsign.sh | |
| - name: Decode certificate | |
| run: | | |
| echo "${{ secrets.CERTFILE_BASE64 }}" | base64 --decode > pinnacle-certificate.pem | |
| - name: Sign installer | |
| run: >- | |
| java -jar jsign.jar | |
| --storetype GOOGLECLOUD | |
| --storepass "$(gcloud auth print-access-token)" | |
| --keystore "${{ secrets.GCP_KEYSTORE }}" | |
| --alias "${{ secrets.GCP_KEY_ALIAS }}" | |
| --certfile pinnacle-certificate.pem | |
| --tsmode RFC3161 | |
| --tsaurl http://timestamp.globalsign.com/tsa/r6advanced1 | |
| "build/out/AlpineClientSetup-${VERSION}-x86_64.exe" | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 | |
| with: | |
| name: windows-installers | |
| path: build/out | |
| retention-days: 1 | |
| if-no-files-found: error | |
| package_linux: | |
| name: "Package Linux" | |
| runs-on: ubuntu-latest | |
| needs: [ build_linux ] | |
| steps: | |
| - name: Checkout pkg files | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| sparse-checkout: | | |
| pkg/linux | |
| VERSION | |
| - name: Download binaries | |
| uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
| with: | |
| name: linux-binaries | |
| path: bin | |
| - name: Install dependencies | |
| run: >- | |
| sudo apt-get update && | |
| sudo apt-get install -y | |
| rpm | |
| debhelper | |
| devscripts | |
| dpkg-dev | |
| - name: Read version | |
| run: | | |
| echo "VERSION=$(cat VERSION)" >> $GITHUB_ENV | |
| - name: Prepare for packaging | |
| run: | | |
| # Edit version in spec/control files | |
| sed -i "s/^Version:.*/Version: ${VERSION}/" pkg/linux/rpm/SPECS/pinnacle.spec | |
| sed -i "s/^Release:.*/Release: ${RELEASE}/" pkg/linux/rpm/SPECS/pinnacle.spec | |
| sed -i "s/^Version:.*/Version: ${VERSION}-${RELEASE}/" pkg/linux/deb/DEBIAN/control | |
| # Set up rpmbuild/debbuild file tree | |
| mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS} | |
| mkdir -p ~/debbuild/alpine-client/{DEBIAN,usr/bin,usr/share/applications,usr/share/pixmaps} | |
| # Copy resources | |
| cp -r pkg/linux/rpm/* ~/rpmbuild/ | |
| cp -r pkg/linux/deb/* ~/debbuild/alpine-client/ | |
| # Copy binaries | |
| cp bin/pinnacle-linux-amd64 ~/rpmbuild/SOURCES/ | |
| cp bin/pinnacle-linux-amd64 ~/debbuild/alpine-client/usr/bin/alpine-client | |
| # Make binaries executable | |
| chmod +x ~/rpmbuild/SOURCES/pinnacle-linux-amd64 | |
| chmod +x ~/debbuild/alpine-client/usr/bin/alpine-client | |
| # Create output folder | |
| mkdir -p build/out | |
| - name: Package RPM | |
| run: >- | |
| rpmbuild -bb | |
| ~/rpmbuild/SPECS/pinnacle.spec | |
| --define "_rpmdir build/out" | |
| --target=x86_64 | |
| - name: Package DEB | |
| run: >- | |
| dpkg-deb -Zgzip | |
| --build ~/debbuild/alpine-client | |
| "build/out/alpine-client_${VERSION}-${RELEASE}_amd64.deb" | |
| - name: Tidy artifact | |
| run: | | |
| cp -r build/out/x86_64/* build/out/ | |
| rm -rf build/out/x86_64 | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 | |
| with: | |
| name: linux-installers | |
| path: build/out | |
| retention-days: 1 | |
| if-no-files-found: error | |
| package_macos: | |
| name: "Package MacOS" | |
| runs-on: macos-latest | |
| needs: [ build_macos ] | |
| steps: | |
| - name: Checkout pkg/darwin | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| sparse-checkout: | | |
| pkg/darwin | |
| VERSION | |
| - name: Download binaries | |
| uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
| with: | |
| name: macos-binaries | |
| path: bin | |
| - name: Read version | |
| run: | | |
| echo "VERSION=$(cat VERSION)" >> $GITHUB_ENV | |
| - name: Set up environment | |
| run: | | |
| # Set env variables for paths | |
| APP="pkg/darwin/Alpine Client.app/Contents" | |
| # Create necessary folders | |
| mkdir "${APP}/MacOS" | |
| mkdir -p build/out/ | |
| # Replace version in Info.plist file | |
| sed -i '' "s/<string>1.0.0<\/string>/<string>${VERSION}<\/string>/" "${APP}/Info.plist" | |
| # Move compiled binary | |
| cp bin/pinnacle-darwin-amd64 "${APP}/MacOS/pinnacle-darwin-amd64" | |
| # Set permissions | |
| chmod +x "${APP}/MacOS/pinnacle-darwin-amd64" | |
| # Export APP env for later | |
| echo "APP=${APP}" >> $GITHUB_ENV | |
| - name: Package AMD64 | |
| run: >- | |
| pkgbuild | |
| --root pkg/darwin | |
| --identifier com.alpineclient.pinnacle | |
| --version "${VERSION}" | |
| --install-location /Applications | |
| "build/out/AlpineClientSetup-${VERSION}-x86_64.pkg" | |
| - name: Swap AMD64 binary for ARM64 | |
| run: | | |
| rm -f "${APP}/MacOS/pinnacle-darwin-amd64" | |
| cp bin/pinnacle-darwin-arm64 "${APP}/MacOS/pinnacle-darwin-arm64" | |
| sed -i '' 's/amd64/arm64/g' "${APP}/Info.plist" | |
| chmod +x "${APP}/MacOS/pinnacle-darwin-arm64" | |
| - name: Package ARM64 | |
| run: >- | |
| pkgbuild | |
| --root pkg/darwin | |
| --identifier com.alpineclient.pinnacle | |
| --version "${VERSION}" | |
| --install-location /Applications | |
| "build/out/AlpineClientSetup-${VERSION}-ARM64.pkg" | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 | |
| with: | |
| name: macos-installers | |
| path: build/out | |
| retention-days: 1 | |
| if-no-files-found: error | |
| create_github_release: | |
| name: "Create GitHub Release" | |
| runs-on: ubuntu-latest | |
| needs: [ package_windows, package_linux, package_macos ] | |
| steps: | |
| - name: Checkout version file | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| sparse-checkout: | | |
| VERSION | |
| - name: Read version | |
| run: | | |
| echo "VERSION=$(cat VERSION)" >> $GITHUB_ENV | |
| - name: Download | |
| uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
| with: | |
| path: all | |
| - name: Reorganize artifacts | |
| run: | | |
| mkdir -p merged/{binaries,installers} | |
| # Combine binaries | |
| cp -r all/windows-binaries/* merged/binaries/ | |
| cp -r all/linux-binaries/* merged/binaries/ | |
| cp -r all/macos-binaries/* merged/binaries/ | |
| # Combine installers | |
| cp -r all/windows-installers/* merged/installers/ | |
| cp -r all/macos-installers/* merged/installers/ | |
| cp -r all/linux-installers/* merged/installers/ | |
| - name: Upload | |
| uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 | |
| with: | |
| name: all-artifacts-${{ env.RELEASE }} | |
| path: merged | |
| compression-level: 9 | |
| retention-days: 90 | |
| if-no-files-found: error | |
| - name: Create release | |
| if: github.ref == 'refs/heads/master' | |
| uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 | |
| with: | |
| tag_name: ${{ env.VERSION }} | |
| name: ${{ env.VERSION }} | |
| files: | | |
| merged/installers/* | |
| merged/binaries/* | |
| fail_on_unmatched_files: true | |
| prerelease: false | |
| make_latest: true | |
| draft: false | |
| publish_aur_package: | |
| name: "Publish AUR Package" | |
| runs-on: ubuntu-latest | |
| needs: [ create_github_release ] | |
| if: github.ref == 'refs/heads/master' | |
| steps: | |
| - name: Checkout pkg/linux/arch | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| sparse-checkout: | | |
| pkg/linux/arch | |
| VERSION | |
| - name: Read version | |
| run: | | |
| echo "VERSION=$(cat VERSION)" >> $GITHUB_ENV | |
| - name: Generate tarball checksum | |
| run: | | |
| src_url="${{ github.server_url }}/${{ github.repository }}/archive/${VERSION}.tar.gz" | |
| checksum=$(curl -sL ${src_url} | shasum -a 256 | cut -d " " -f 1) | |
| if [ -z "$checksum" ]; then | |
| echo "CHECKSUM is empty" | |
| exit 1 | |
| fi | |
| echo "CHECKSUM=${checksum}" >> $GITHUB_ENV | |
| - name: Update PKGBUILD | |
| run: | | |
| sed -i "s/pkgver=1.0.0/pkgver=${VERSION}/" pkg/linux/arch/PKGBUILD | |
| sed -i "s/sha256sums=('SKIP')/sha256sums=('${CHECKSUM}')/" pkg/linux/arch/PKGBUILD | |
| - name: Publish to AUR | |
| uses: KSXGitHub/github-actions-deploy-aur@9dfe151cf48f26a957bbd0379c120e79cb990e13 # v2.7.2 | |
| with: | |
| force_push: true | |
| pkgname: alpine-client | |
| pkgbuild: pkg/linux/arch/PKGBUILD | |
| commit_message: ${{ env.VERSION }} | |
| commit_email: ${{ secrets.AUR_EMAIL }} | |
| commit_username: ${{ secrets.AUR_USERNAME }} | |
| ssh_private_key: ${{ secrets.AUR_SSH_PRIVATE_KEY }} | |
| create_sentry_release: | |
| name: "Create Sentry Release" | |
| runs-on: ubuntu-latest | |
| needs: [ create_github_release ] | |
| if: github.ref == 'refs/heads/master' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| fetch-depth: 0 | |
| - name: Read version | |
| run: | | |
| echo "VERSION=$(cat VERSION)" >> $GITHUB_ENV | |
| - name: Create sentry.io release | |
| uses: getsentry/action-release@e769183448303de84c5a06aaaddf9da7be26d6c7 # v1.7.0 | |
| env: | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
| SENTRY_PROJECT: pinnacle | |
| with: | |
| environment: production | |
| version: ${{ env.VERSION }} |