Cherry-pick cbf146b5ebefeb27acc409e105d14cfc83567b63 with conflicts #127
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This creates a {tar.gz,deb,rpm} file and uploads it to a release. | ||
| # To trigger this, create a new release.. but make sure that you publish | ||
| # it immediately and do not save it as a DRAFT. | ||
| name: Release | ||
| on: | ||
| release: | ||
| types: [created] | ||
| permissions: | ||
| contents: write | ||
| actions: read | ||
| jobs: | ||
| build: | ||
| name: Create Release | ||
| runs-on: ubuntu-24.04 | ||
| steps: | ||
| <<<<<<< HEAD | ||
| ======= | ||
| - name: Check out code | ||
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | ||
| with: | ||
| persist-credentials: 'false' | ||
| >>>>>>> cbf146b5eb (Security improvements to GitHub Actions (#17520)) | ||
| - name: Set up Go | ||
| uses: actions/setup-go@v5 | ||
| with: | ||
| <<<<<<< HEAD | ||
| go-version: 1.22.10 | ||
| - name: Setup node | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: '18.16.0' | ||
| ======= | ||
| go-version-file: go.mod | ||
| cache: 'false' | ||
| >>>>>>> cbf146b5eb (Security improvements to GitHub Actions (#17520)) | ||
| - name: Tune the OS | ||
| run: | | ||
| sudo sysctl -w net.ipv4.ip_local_port_range="22768 65535" | ||
| - name: Check out code | ||
| uses: actions/checkout@v4 | ||
| - name: Get dependencies | ||
| run: | | ||
| sudo apt-get update | ||
| sudo apt-get install -y make ruby ruby-dev | ||
| go mod download | ||
| # We use fpm to package our artifacts, we want to pin the version we use and | ||
| # ensure the checksum of the package matches the one published on the package's webpage. | ||
| # https://rubygems.org/gems/fpm/versions | ||
| - name: Get fpm | ||
| run: | | ||
| FPM_VERSION=1.16.0 | ||
| gem fetch fpm -v $FPM_VERSION | ||
| # Reviewers: The expected checksum MUST ALWAYS match the one published on this website: | ||
| # https://rubygems.org/gems/fpm/versions | ||
| EXPECTED_CHECKSUM="d9eafe613cfbdf9d3b8ef2e321e194cd0a2d300ce37f716c0be1b3a42b7db5df" | ||
| GOT_CHECKSUM=$(sha256sum fpm-$FPM_VERSION.gem | awk '{print $1}') | ||
| if [[ "$GOT_CHECKSUM" != "$EXPECTED_CHECKSUM" ]]; then | ||
| echo "Checksum validation failed" | ||
| echo "Expected: $EXPECTED_CHECKSUM" | ||
| echo "Got: $GOT_CHECKSUM" | ||
| exit 1 | ||
| fi | ||
| sudo gem install fpm-$FPM_VERSION.gem | ||
| - name: Make Packages | ||
| run: | | ||
| ./tools/make-release-packages.sh | ||
| - name: Upload Files | ||
| uses: csexton/release-asset-action@3567794e918fa3068116688122a76cdeb57b5f09 # v3.0.0 | ||
| with: | ||
| github-token: ${{ secrets.GITHUB_TOKEN }} | ||
| pattern: "releases/*.{tar.gz,rpm,deb}" | ||
