-
Notifications
You must be signed in to change notification settings - Fork 20
132 lines (130 loc) · 4.14 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: "Wordfence CLI build"
on:
push:
tags:
- "v*.*.*"
workflow_dispatch:
inputs:
jobs:
linux_standalone_build:
name: Linux standalone build
runs-on: ubuntu-20.04
strategy:
matrix:
include:
- arch: amd64
- arch: arm64
steps:
- name: Checkout
uses: actions/checkout@v4
# Set up QEMU to support additional platforms
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Docker build
run: ./docker/build/host-refresh.sh "$GITHUB_WORKSPACE" "$ARCHITECTURE" standalone
env:
ARCHITECTURE: ${{ matrix.arch }}
- name: Docker run
run: ./docker/build/host-build.sh "$GITHUB_WORKSPACE" "$ARCHITECTURE" standalone
env:
ARCHITECTURE: ${{ matrix.arch }}
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: wordfence_cli_${{ matrix.arch }}
path: ${{ github.workspace }}/docker/build/volumes/output/wordfence_*.tar.gz
deb_build:
name: deb build
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Docker build
run: ./docker/build/host-refresh.sh "$GITHUB_WORKSPACE" amd64 deb
- name: Docker run
run: ./docker/build/host-build.sh "$GITHUB_WORKSPACE" amd64 deb
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: wordfence_cli_deb
path: ${{ github.workspace }}/docker/build/volumes/output/wordfence.deb
rpm_build:
name: RPM build
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Docker build
run: ./docker/build/host-refresh.sh "$GITHUB_WORKSPACE" amd64 rpm
- name: Docker run
run: ./docker/build/host-build.sh "$GITHUB_WORKSPACE" amd64 rpm
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: wordfence_cli_rpm_el9
path: ${{ github.workspace }}/docker/build/volumes/output/wordfence-el9.rpm
python_build:
name: Python build
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.8'
- name: Transform readme
run: ./scripts/transform-readme.py README.md ${{ github.server_url }}/${{ github.repository }}/blob/${{ github.ref_name }}/
- name: Python build
run: |
pip install build~=0.10
python3 -m build
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: wordfence_cli_python
path: |
${{ github.workspace }}/dist/*.tar.gz
${{ github.workspace }}/dist/*.whl
${{ github.workspace }}/dist/*.sha256
${{ github.workspace }}/dist/*.asc
generate_checksums:
name: Generate checksums
runs-on: ubuntu-22.04
needs:
- linux_standalone_build
- deb_build
- rpm_build
- python_build
steps:
- name: Download artifacts
uses: actions/download-artifact@v3
- name: Create checksums
run: |
touch checksums.txt
for artifact in \
wordfence_cli_amd64 \
wordfence_cli_arm64 \
wordfence_cli_deb \
wordfence_cli_rpm_el9 \
wordfence_cli_python
do
pushd "$artifact"
sha256sum * >> ../checksums.txt
popd
done
cat checksums.txt
- name: Import GPG key
uses: crazy-max/[email protected]
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
- name: Sign checksums file
run: gpg --detach-sign --armor --local-user '=Wordfence <[email protected]>' checksums.txt
- name: Upload checksums and signature
uses: actions/upload-artifact@v3
with:
name: wordfence_cli_checksums
path: |
${{ github.workspace }}/checksums.txt
${{ github.workspace }}/checksums.txt.asc