Skip to content
Publish binaries

Publish binaries #27

Sign in to view logs

Publish binaries

Publish binaries #27

Workflow file for this run

.github/workflows/publish.yml at 6198701
# https://docs.github.com/en/actions/creating-actions/creating-a-composite-action
name: Publish binaries
on:
pull_request:
types: [opened, synchronize, closed]
branches:
- "main"
- "master"
workflow_dispatch:
inputs:
distro:
description: Distro
required: true
type: choice
options:
- debian
- alpine
default: alpine
arch:
description: Arch
required: true
type: choice
options:
- aarch64
- amd64
- armv6hf
- armv7hf
- i386
node-version:
description: Node version
required: true
type: string
env:
DISTRO: ${{ inputs.distro || 'alpine' }}
ARCH: ${{ inputs.arch || 'aarch64' }}
NODE_VERSION: ${{ inputs.node-version || '19.6.1' }}
BUCKET_NAME: ${{ vars.BUCKET_NAME || 'resin-packages' }}
permissions:
actions: read
checks: read
contents: read
deployments: read
id-token: write # AWS GitHub OIDC required: write
issues: read
discussions: read
packages: read
pages: read
pull-requests: read
repository-projects: read
security-events: read
statuses: read
# https://docs.github.com/en/actions/using-jobs/using-concurrency
concurrency:
group: ${{ github.workflow }}-${{ github.event.number || github.ref }}-${{ inputs.distro }}-${{ inputs.arch }}-${{ inputs.node-version }}
cancel-in-progress: true
jobs:
select-runner:
name: Select runner
runs-on: ubuntu-latest
outputs:
runner: ${{ steps.check-arch.outputs.runner }}
awscli-arch: ${{ steps.check-arch.outputs.awscli-arch }}
steps:
- name: Check architecture
id: check-arch
run: |
case ${{ env.ARCH }} in
amd64|i386)
echo "runner=actuated-8cpu-8gb" >> "${GITHUB_OUTPUT}"
echo "awscli-arch=amd64" >> "${GITHUB_OUTPUT}"
;;
aarch64|armv6hf|armv7hf)
echo "runner=actuated-arm64-8cpu-8gb" >> "${GITHUB_OUTPUT}"
echo "awscli-arch=arm64" >> "${GITHUB_OUTPUT}"
;;
*)
echo "Unsupported architecture: ${{ env.ARCH }}" ; exit 1 ;;
esac
publish:
name: Publish binaries
needs: select-runner
runs-on: ${{ needs.select-runner.outputs.runner }}
steps:
# https://github.com/actions/checkout
- name: Checkout
uses: actions/[email protected]
# https://github.com/aws-actions/configure-aws-credentials
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
id: creds
with:
role-to-assume: ${{ vars.AWS_IAM_ROLE || 'arn:aws:iam::491725000532:role/resin-packages-role' }}
role-session-name: github-${{ github.job }}-${{ github.run_id }}-${{ github.run_attempt }}
aws-region: ${{ vars.AWS_DEFAULT_REGION || 'us-east-1' }}
# https://github.com/orgs/community/discussions/26636#discussioncomment-3252664
mask-aws-account-id: false
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# https://github.com/docker/build-push-action
- name: Build node from source
uses: docker/build-push-action@v5
with:
push: false
context: .
target: output
outputs: type=local,dest=out
cache-to: type=gha,mode=max,scope=${{ env.DISTRO }}-${{ env.ARCH }}-${{ env.NODE_VERSION }}
cache-from: type=gha,scope=${{ env.DISTRO }}-${{ env.ARCH }}-${{ env.NODE_VERSION }}
build-args: |
DISTRO=${{ env.DISTRO }}
BALENA_ARCH=${{ env.ARCH }}
NODE_VERSION=${{ env.NODE_VERSION }}
# https://github.com/unfor19/install-aws-cli-action
- name: setup awscli
uses: unfor19/install-aws-cli-action@v1
with:
version: 2
arch: ${{ needs.select-runner.outputs.awscli-arch }}
- name: s3 copy
if: github.event_name == 'workflow_dispatch'
run: |
aws s3 cp *.tar.gz "s3://$BUCKET_NAME/node/v$NODE_VERSION/"
curl -SLO "http://resin-packages.s3.amazonaws.com/SHASUMS256.txt"
sha256sum *.tar.gz >> SHASUMS256.txt
aws s3 cp SHASUMS256.txt "s3://$BUCKET_NAME/"
env:
AWS_ACCESS_KEY_ID: ${{ steps.creds.outputs.aws-access-key-id }}
AWS_SECRET_ACCESS_KEY: ${{ steps.creds.outputs.aws-secret-access-key }}
AWS_SESSION_TOKEN: ${{ steps.creds.outputs.aws-session-token }}
AWS_DEFAULT_REGION: ${{ vars.AWS_DEFAULT_REGION || 'us-east-1' }}