sendnrw/snscanner
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

.gitea/workflows/release.yml hinzugefügt
All checks were successful
build-binaries / build (.exe, amd64, windows) (push) Successful in 51s
Details
build-binaries / release (push) Successful in 14s
Details
build-binaries / publish-agent (push) Successful in 9s
Details

Browse Source
This commit is contained in:
groot
2025-11-05 08:11:24 +00:00
parent 2f5eac2f50
commit c3326956f4
1 changed files with 179 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

179
.gitea/workflows/release.yml Normal file
View File

@@ -0,0 +1,179 @@
name: build-binaries
on:
push:
branches: [ "main" ]
tags: [ "v*" ]
# Change this Variables to your needs
# Set these Secrets in your Organisation-Settings
# AGENT_URL=https://agent.your-domain.xyz <-- No Tailing-Slash (/) at the end!!
# AGENT_TOKEN=
env:
GO_VERSION: "1.25"
BINARY_NAME: snscanner
# Do not edit following except you need to change build-options
jobs:
build:
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-fast
strategy:
matrix:
include:
- goos: windows
goarch: amd64
ext: ".exe"
steps:
- name: Checkout source
uses: actions/checkout@v3
- name: Set up Go ${{ env.GO_VERSION }}
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
cache: true
- name: Build ${{ matrix.goos }}/${{ matrix.goarch }}${{ matrix.goarm && format('/v{0}', matrix.goarm) || '' }}
shell: bash
run: |
set -e
mkdir -p dist/package
if [ -n "${{ matrix.goarm }}" ]; then export GOARM=${{ matrix.goarm }}; fi
CGO_ENABLED=0 GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} go build -trimpath -ldflags "-s -w" \
-o "dist/package/${BINARY_NAME}${{ matrix.ext }}" .
# cp -r static dist/package/
- name: Package archive with static assets
shell: bash
run: |
set -e
cd dist
if [ "${{ matrix.goos }}" == "windows" ]; then
ZIP_NAME="${BINARY_NAME}-windows-amd64.zip"
(cd package && zip -r "../$ZIP_NAME" .)
else
ARCH_SUFFIX="${{ matrix.goarch }}"
if [ "${{ matrix.goarch }}" == "arm" ]; then ARCH_SUFFIX="armv${{ matrix.goarm }}"; fi
TAR_NAME="${BINARY_NAME}-${{ matrix.goos }}-${ARCH_SUFFIX}.tar.gz"
tar -czf "$TAR_NAME" -C package .
fi
- name: Upload workflow artifact
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.goos }}-${{ matrix.goarch }}${{ matrix.goarm && format('v{0}', matrix.goarm) || '' }}
path: dist/*.tar.gz
if-no-files-found: ignore
- uses: actions/upload-artifact@v3
with:
name: windows-amd64
path: dist/*.zip
if-no-files-found: ignore
release:
if: startsWith(github.ref, 'refs/tags/')
needs: build
runs-on: ubuntu-fast
permissions:
contents: write
steps:
- name: Download artifacts
uses: actions/download-artifact@v3
with:
path: ./dist
- name: Create / Update release
uses: softprops/action-gh-release@v2
env:
GITHUB_TOKEN: ${{ secrets.GITEA_TOKEN || github.token }}
with:
name: "Release ${{ github.ref_name }}"
tag_name: ${{ github.ref_name }}
draft: false
prerelease: false
files: |
dist/**/${{ env.BINARY_NAME }}-*.tar.gz
dist/**/${{ env.BINARY_NAME }}-*.zip
publish-agent:
if: startsWith(github.ref, 'refs/tags/')
needs: release
runs-on: ubuntu-fast
env:
PRODUCT: ${{ env.BINARY_NAME }}
AGENT_URL: ${{ secrets.AGENT_URL }}
AGENT_TOKEN: ${{ secrets.AGENT_TOKEN }}
SERVER_URL: ${{ github.server_url }}
REPOSITORY: ${{ github.repository }}
TAG: ${{ github.ref_name }}
steps:
- name: Download artifacts
uses: actions/download-artifact@v3
with:
path: ./dist
- name: Publish release metadata to Version Agent
shell: bash
run: |
set -euo pipefail
if [[ -z "${AGENT_URL:-}" || -z "${AGENT_TOKEN:-}" ]]; then
echo "Missing AGENT_URL or AGENT_TOKEN" >&2; exit 1
fi
VERSION="${TAG#v}"
MAJOR="${VERSION%%.*}"
BRANCH="${MAJOR}.x"
CHANNEL="stable"
[[ "$VERSION" == *"-rc"* ]] && CHANNEL="rc"
[[ "$VERSION" == *"-beta"* ]] && CHANNEL="beta"
RELEASED_AT="$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
NOTES_URL="${SERVER_URL}/${REPOSITORY}/releases/tag/${TAG}"
publish() { # args: OS ARCH FILE
local OS="$1" ARCH="$2" FILE="$3"
local BIT="64"; case "$ARCH" in 386|armv7) BIT="32";; esac
local FNAME="$(basename "$FILE")"
local URL="${SERVER_URL}/${REPOSITORY}/releases/download/${TAG}/${FNAME}"
local SHA256 SIZE
SHA256="$(sha256sum "$FILE" | awk '{print $1}')"
SIZE="$(stat -c%s "$FILE")"
jq -n \
--arg product "$PRODUCT" \
--arg branch "$BRANCH" \
--arg channel "$CHANNEL" \
--arg arch "$ARCH" \
--arg bit "$BIT" \
--arg os "$OS" \
--arg version "$VERSION" \
--arg released_at "$RELEASED_AT" \
--arg notes "$NOTES_URL" \
--arg url "$URL" \
--arg sha256 "$SHA256" \
--argjson size "$SIZE" \
'{
product:$product,
branch:$branch, channel:$channel, arch:$arch, bit:$bit, os:$os,
release:{
version:$version, released_at:$released_at, notes_url:$notes,
assets:[{url:$url, sha256:$sha256, size_bytes:$size}]
}
}' > payload.json
curl -fsS -H "Content-Type: application/json" \
-H "Authorization: Bearer ${AGENT_TOKEN}" \
-d @payload.json "${AGENT_URL}/v1/publish"
}
shopt -s nullglob
for f in dist/**/${PRODUCT}-windows-amd64.zip; do publish windows amd64 "$f"; done