From c3326956f48a738dd8ae0785e73f47547b2206bc Mon Sep 17 00:00:00 2001 From: groot Date: Wed, 5 Nov 2025 08:11:24 +0000 Subject: [PATCH] =?UTF-8?q?.gitea/workflows/release.yml=20hinzugef=C3=BCgt?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitea/workflows/release.yml | 179 +++++++++++++++++++++++++++++++++++ 1 file changed, 179 insertions(+) create mode 100644 .gitea/workflows/release.yml diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml new file mode 100644 index 0000000..9a9ded6 --- /dev/null +++ b/.gitea/workflows/release.yml @@ -0,0 +1,179 @@ +name: build-binaries + +on: + push: + branches: [ "main" ] + tags: [ "v*" ] + +# Change this Variables to your needs +# Set these Secrets in your Organisation-Settings +# AGENT_URL=https://agent.your-domain.xyz <-- No Tailing-Slash (/) at the end!! +# AGENT_TOKEN= + +env: + GO_VERSION: "1.25" + BINARY_NAME: snscanner + +# Do not edit following except you need to change build-options + +jobs: + build: + if: startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-fast + + strategy: + matrix: + include: + - goos: windows + goarch: amd64 + ext: ".exe" + + steps: + - name: Checkout source + uses: actions/checkout@v3 + + - name: Set up Go ${{ env.GO_VERSION }} + uses: actions/setup-go@v4 + with: + go-version: ${{ env.GO_VERSION }} + cache: true + + - name: Build ${{ matrix.goos }}/${{ matrix.goarch }}${{ matrix.goarm && format('/v{0}', matrix.goarm) || '' }} + shell: bash + run: | + set -e + mkdir -p dist/package + if [ -n "${{ matrix.goarm }}" ]; then export GOARM=${{ matrix.goarm }}; fi + CGO_ENABLED=0 GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} go build -trimpath -ldflags "-s -w" \ + -o "dist/package/${BINARY_NAME}${{ matrix.ext }}" . + # cp -r static dist/package/ + + - name: Package archive with static assets + shell: bash + run: | + set -e + cd dist + if [ "${{ matrix.goos }}" == "windows" ]; then + ZIP_NAME="${BINARY_NAME}-windows-amd64.zip" + (cd package && zip -r "../$ZIP_NAME" .) + else + ARCH_SUFFIX="${{ matrix.goarch }}" + if [ "${{ matrix.goarch }}" == "arm" ]; then ARCH_SUFFIX="armv${{ matrix.goarm }}"; fi + TAR_NAME="${BINARY_NAME}-${{ matrix.goos }}-${ARCH_SUFFIX}.tar.gz" + tar -czf "$TAR_NAME" -C package . + fi + + - name: Upload workflow artifact + uses: actions/upload-artifact@v3 + with: + name: ${{ matrix.goos }}-${{ matrix.goarch }}${{ matrix.goarm && format('v{0}', matrix.goarm) || '' }} + path: dist/*.tar.gz + if-no-files-found: ignore + - uses: actions/upload-artifact@v3 + with: + name: windows-amd64 + path: dist/*.zip + if-no-files-found: ignore + + release: + if: startsWith(github.ref, 'refs/tags/') + needs: build + runs-on: ubuntu-fast + permissions: + contents: write + + steps: + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + path: ./dist + + - name: Create / Update release + uses: softprops/action-gh-release@v2 + env: + GITHUB_TOKEN: ${{ secrets.GITEA_TOKEN || github.token }} + with: + name: "Release ${{ github.ref_name }}" + tag_name: ${{ github.ref_name }} + draft: false + prerelease: false + files: | + dist/**/${{ env.BINARY_NAME }}-*.tar.gz + dist/**/${{ env.BINARY_NAME }}-*.zip + + publish-agent: + if: startsWith(github.ref, 'refs/tags/') + needs: release + runs-on: ubuntu-fast + env: + PRODUCT: ${{ env.BINARY_NAME }} + AGENT_URL: ${{ secrets.AGENT_URL }} + AGENT_TOKEN: ${{ secrets.AGENT_TOKEN }} + SERVER_URL: ${{ github.server_url }} + REPOSITORY: ${{ github.repository }} + TAG: ${{ github.ref_name }} + + steps: + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + path: ./dist + - name: Publish release metadata to Version Agent + shell: bash + run: | + set -euo pipefail + if [[ -z "${AGENT_URL:-}" || -z "${AGENT_TOKEN:-}" ]]; then + echo "Missing AGENT_URL or AGENT_TOKEN" >&2; exit 1 + fi + + VERSION="${TAG#v}" + MAJOR="${VERSION%%.*}" + BRANCH="${MAJOR}.x" + + CHANNEL="stable" + [[ "$VERSION" == *"-rc"* ]] && CHANNEL="rc" + [[ "$VERSION" == *"-beta"* ]] && CHANNEL="beta" + + RELEASED_AT="$(date -u +"%Y-%m-%dT%H:%M:%SZ")" + NOTES_URL="${SERVER_URL}/${REPOSITORY}/releases/tag/${TAG}" + + publish() { # args: OS ARCH FILE + local OS="$1" ARCH="$2" FILE="$3" + local BIT="64"; case "$ARCH" in 386|armv7) BIT="32";; esac + + local FNAME="$(basename "$FILE")" + local URL="${SERVER_URL}/${REPOSITORY}/releases/download/${TAG}/${FNAME}" + + local SHA256 SIZE + SHA256="$(sha256sum "$FILE" | awk '{print $1}')" + SIZE="$(stat -c%s "$FILE")" + + jq -n \ + --arg product "$PRODUCT" \ + --arg branch "$BRANCH" \ + --arg channel "$CHANNEL" \ + --arg arch "$ARCH" \ + --arg bit "$BIT" \ + --arg os "$OS" \ + --arg version "$VERSION" \ + --arg released_at "$RELEASED_AT" \ + --arg notes "$NOTES_URL" \ + --arg url "$URL" \ + --arg sha256 "$SHA256" \ + --argjson size "$SIZE" \ + '{ + product:$product, + branch:$branch, channel:$channel, arch:$arch, bit:$bit, os:$os, + release:{ + version:$version, released_at:$released_at, notes_url:$notes, + assets:[{url:$url, sha256:$sha256, size_bytes:$size}] + } + }' > payload.json + + curl -fsS -H "Content-Type: application/json" \ + -H "Authorization: Bearer ${AGENT_TOKEN}" \ + -d @payload.json "${AGENT_URL}/v1/publish" + } + + shopt -s nullglob + for f in dist/**/${PRODUCT}-windows-amd64.zip; do publish windows amd64 "$f"; done