-
Notifications
You must be signed in to change notification settings - Fork 4
140 lines (121 loc) · 4.52 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
---
# kics-scan ignore
name: Release Apollo
defaults:
run:
shell: bash
concurrency:
group: ${{ github.head_ref }}${{ github.ref }}
cancel-in-progress: true
env:
JAVA_VERSION: 17
GITHUB_ACTOR: "hyperledger-bot"
GITHUB_ACTOR_EMAIL: "[email protected]"
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
OSSRH_GPG_SECRET_KEY: ${{ secrets.OSSRH_GPG_SECRET_KEY }}
OSSRH_GPG_SECRET_KEY_PASSWORD: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
on:
workflow_dispatch:
permissions:
contents: write
packages: write
jobs:
release:
runs-on: macos-13
steps:
- name: "Checkout the repo"
uses: actions/checkout@v4
with:
submodules: recursive
token: ${{ secrets.IDENTUS_CI }}
fetch-depth: 0
- name: "Install Java ${{ env.JAVA_VERSION }}"
uses: actions/setup-java@v4
continue-on-error: true
with:
java-version: "${{ env.JAVA_VERSION }}"
distribution: zulu
server-id: ossrh
server-username: ${{ secrets.OSSRH_USERNAME }}
server-password: ${{ secrets.OSSRH_PASSWORD }}
gpg-private-key: ${{ secrets.HYP_BOT_GPG_PRIVATE }}
gpg-passphrase: ${{ secrets.HYP_BOT_GPG_PASSWORD }}
- name: "Install Homebrew"
run: >
/bin/bash -c "$(curl -fsSL
https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
- name: "Install autoconf, automake, libtool, rustup"
run: |
brew install autoconf automake libtool rustup
- name: "Install Mac ToolChain"
run: |
brew tap messense/macos-cross-toolchains
- name: "Install Linux GNU for x86_64"
run: |
rm -f '/usr/local/bin/2to3'
rm -f '/usr/local/bin/2to3-3.11'
rm -f '/usr/local/bin/2to3-3.12'
rm -f '/usr/local/bin/python3'
rm -f '/usr/local/bin/python3.11'
rm -f '/usr/local/bin/python3.12'
rm -f '/usr/local/bin/idle3'
rm -f '/usr/local/bin/idle3.11'
rm -f '/usr/local/bin/idle3.12'
rm -f '/usr/local/bin/pydoc3'
rm -f '/usr/local/bin/pydoc3.11'
rm -f '/usr/local/bin/pydoc3.12'
rm -f '/usr/local/bin/python3-config'
rm -f '/usr/local/bin/python3.11-config'
rm -f '/usr/local/bin/python3.12-config'
brew install --overwrite x86_64-unknown-linux-gnu
- name: "Install Linux GNU for aarch64"
run: |
brew install --overwrite aarch64-unknown-linux-gnu
- name: "Install Rust Targets"
run: |
rustup target add armv7-linux-androideabi
rustup target add i686-linux-android
rustup target add aarch64-linux-android
rustup target add x86_64-linux-android
rustup target add aarch64-apple-darwin
rustup target add x86_64-apple-darwin
rustup target add aarch64-unknown-linux-gnu
rustup target add x86_64-unknown-linux-gnu
- uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: '15.0.1'
- uses: crazy-max/ghaction-import-gpg@v5
id: import_gpg
with:
gpg_private_key: ${{ secrets.HYP_BOT_GPG_PRIVATE }}
passphrase: ${{ secrets.HYP_BOT_GPG_PASSWORD }}
git_user_signingkey: true
git_commit_gpgsign: true
git_config_global: true
git_tag_gpgsign: false
- name: "Install rust toolchain (Linux)"
if: matrix.os-type == 'linux'
run: sudo apt install rustc build-essential -y
- name: "Install rust toolchain (Macos)"
if: matrix.os-type == 'macos'
run: brew install rustup
- name: "Install wasm-pack"
run: cargo install wasm-pack
- name: "Release"
env:
GITHUB_TOKEN: ${{ secrets.IDENTUS_CI }}
GIT_AUTHOR_EMAIL: ${{ steps.import_gpg.outputs.email }}
GIT_COMMITTER_EMAIL: ${{ steps.import_gpg.outputs.email }}
GIT_AUTHOR_NAME: ${{ steps.import_gpg.outputs.name }}
GIT_COMMITTER_NAME: ${{ steps.import_gpg.outputs.name }}
OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
OSSRH_GPG_SECRET_KEY: ${{ secrets.OSSRH_GPG_SECRET_KEY }}
OSSRH_GPG_SECRET_KEY_PASSWORD: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}
run: |
npm install
npx semantic-release