From 9dea81bdff7807d8bdc944d647edd39a3905722f Mon Sep 17 00:00:00 2001 From: Kevin Yue Date: Sat, 9 Mar 2024 10:41:11 +0800 Subject: [PATCH] Update CI --- .editorconfig | 2 +- .github/workflows/publish.yaml | 85 ++++++++++++++ .github/workflows/release-deb.yaml | 114 ------------------ .github/workflows/release-pkgbuild.yaml | 114 ------------------ .github/workflows/release-rpm.yaml | 114 ------------------ .github/workflows/release.yaml | 148 ++++++++++++++++++++++++ Makefile | 4 +- packaging/binary/Makefile.in | 2 +- packaging/deb/rules | 6 - packaging/deb/rules.in | 7 ++ 10 files changed, 244 insertions(+), 352 deletions(-) create mode 100644 .github/workflows/publish.yaml delete mode 100644 .github/workflows/release-deb.yaml delete mode 100644 .github/workflows/release-pkgbuild.yaml delete mode 100644 .github/workflows/release-rpm.yaml create mode 100644 .github/workflows/release.yaml delete mode 100755 packaging/deb/rules create mode 100755 packaging/deb/rules.in diff --git a/.editorconfig b/.editorconfig index b200914..511fd1a 100644 --- a/.editorconfig +++ b/.editorconfig @@ -8,5 +8,5 @@ end_of_line = lf insert_final_newline = true trim_trailing_whitespace = true -[Makefile] +[{Makefile,Makefile.in}] indent_style = tab diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml new file mode 100644 index 0000000..efdea7c --- /dev/null +++ b/.github/workflows/publish.yaml @@ -0,0 +1,85 @@ +name: Publish Packages + +on: + workflow_dispatch: + inputs: + tag: + description: 'Tag to publish' + required: true + revision: + description: 'Package revision' + required: true + default: "1" + ppa: + description: 'Publish to PPA' + type: boolean + required: true + default: true + obs: + description: 'Publish to OBS' + type: boolean + required: true + default: true + aur: + description: 'Publish to AUR' + type: boolean + required: true + default: true + +jobs: + check: + runs-on: ubuntu-latest + steps: + - name: Check tag exists + uses: mukunku/tag-exists-action@v1.6.0 + id: check-tag + with: + tag: ${{ inputs.tag }} + - name: Exit if tag does not exist + run: | + if [[ "${{ steps.check-tag.outputs.exists }}" == "false" ]]; then + echo "Tag ${{ inputs.tag }} does not exist" + exit 1 + fi + + publish-ppa: + needs: check + if: ${{ inputs.ppa }} + runs-on: ubuntu-latest + steps: + - uses: pnpm/action-setup@v2 + with: + version: 8 + - name: Prepare workspace + run: rm -rf publish-ppa && mkdir publish-ppa + - name: Download ${{ inputs.tag }} source code + uses: robinraju/release-downloader@v1.9 + with: + token: ${{ secrets.GH_PAT }} + tag: ${{ inputs.tag }} + fileName: globalprotect-openconnect-*.tar.gz + tarBall: false + zipBall: false + out-file-path: publish-ppa + - name: Make the offline tarball + run: | + cd publish-ppa + tar -xf globalprotect-openconnect-*.tar.gz + cd globalprotect-openconnect-*/ + make tarball OFFLINE=1 + + mkdir -p .build/debian + sed 's/@RUST@/rust-all(>=1.70)/g' packaging/deb/control.in > .build/debian/control + sed 's/@OFFLINE@/1/g' packaging/deb/rules.in > .build/debian/rules + - name: Publish to PPA + uses: yuezk/publish-ppa-package@dev + with: + repository: "yuezk/globalprotect-openconnect-snapshot" + gpg_private_key: ${{ secrets.PPA_GPG_PRIVATE_KEY }} + gpg_passphrase: ${{ secrets.PPA_GPG_PASSPHRASE }} + tarball: publish-ppa/globalprotect-openconnect-*/.build/tarball/*.tar.gz + debian_dir: publish-ppa/globalprotect-openconnect-*/.build/debian + deb_email: "k3vinyue@gmail.com" + deb_fullname: "Kevin Yue" + extra_ppa: "liushuyu-011/rust-bpo-1.75" + revision: ${{ inputs.revision }} diff --git a/.github/workflows/release-deb.yaml b/.github/workflows/release-deb.yaml deleted file mode 100644 index 7e98d48..0000000 --- a/.github/workflows/release-deb.yaml +++ /dev/null @@ -1,114 +0,0 @@ -name: "Release DEB" - -on: - workflow_dispatch: - inputs: - tag: - description: 'Tag to release' - required: true - arch: - type: choice - description: 'Architecture to build' - required: true - default: all - options: - - all - - x86_64 - - arm64 - gh-release: - type: boolean - description: 'Update GitHub release' - required: true - default: true - -jobs: - check: - runs-on: ubuntu-latest - steps: - - name: Check tag exists - uses: mukunku/tag-exists-action@v1.6.0 - id: check-tag - with: - tag: ${{ github.event.inputs.tag }} - - name: Exit if tag does not exist - run: | - if [[ "${{ steps.check-tag.outputs.exists }}" == "false" ]]; then - echo "Tag ${{ github.event.inputs.tag }} does not exist" - exit 1 - fi - - setup-matrix: - needs: - - check - runs-on: ubuntu-latest - outputs: - matrix: ${{ steps.set-matrix.outputs.matrix }} - steps: - - name: Set up matrix - id: set-matrix - run: | - if [[ "${{ github.event.inputs.arch }}" == "all" ]]; then - echo "matrix=[\"ubuntu-latest\", \"arm64\"]" >> $GITHUB_OUTPUT - elif [[ "${{ github.event.inputs.arch }}" == "x86_64" ]]; then - echo "matrix=[\"ubuntu-latest\"]" >> $GITHUB_OUTPUT - else - echo "matrix=[\"arm64\"]" >> $GITHUB_OUTPUT - fi - - build: - needs: - - setup-matrix - strategy: - matrix: - os: ${{fromJson(needs.setup-matrix.outputs.matrix)}} - runs-on: ${{ matrix.os }} - steps: - - name: Prepare workspace - run: rm -rf build-deb && mkdir build-deb - - name: Download ${{ github.event.inputs.tag }} source code - uses: robinraju/release-downloader@v1.9 - with: - token: ${{ secrets.GH_PAT }} - tag: ${{ github.event.inputs.tag }} - fileName: globalprotect-openconnect-*.tar.gz - tarBall: false - zipBall: false - out-file-path: build-deb - - name: Docker Login - run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin - - name: Build DEB package in Docker - run: | - docker run --rm -v $(pwd)/build-deb:/deb -e INCLUDE_GUI=1 yuezk/gpdev:deb-builder - - name: Install DEB package in Docker - run: | - docker run --rm -v $(pwd)/build-deb:/deb yuezk/gpdev:deb-builder \ - bash -c "sudo dpkg -i /deb/*.deb; gpclient -V; gpservice -V; gpauth -V; gpgui-helper -V; gpgui -V;" - - name: Upload DEB package - uses: actions/upload-artifact@v3 - with: - name: artifact-deb-${{ matrix.os }} - if-no-files-found: error - path: | - build-deb/*.deb - - gh-release: - needs: - - build - runs-on: ubuntu-latest - if: ${{ github.event.inputs.gh-release == 'true' }} - steps: - - name: Prepare workspace - run: rm -rf gh-release && mkdir gh-release - - name: Download artifact - uses: actions/download-artifact@v3 - with: - path: gh-release - - name: Update release - uses: softprops/action-gh-release@v1 - with: - token: ${{ secrets.GH_PAT }} - prerelease: ${{ contains(github.ref, 'latest') }} - fail_on_unmatched_files: true - tag_name: ${{ github.event.inputs.tag }} - files: | - gh-release/artifact-*/* diff --git a/.github/workflows/release-pkgbuild.yaml b/.github/workflows/release-pkgbuild.yaml deleted file mode 100644 index 0130550..0000000 --- a/.github/workflows/release-pkgbuild.yaml +++ /dev/null @@ -1,114 +0,0 @@ -name: "Release PKGBUILD" - -on: - workflow_dispatch: - inputs: - tag: - description: 'Tag to release' - required: true - arch: - type: choice - description: 'Architecture to build' - required: true - default: all - options: - - all - - x86_64 - - arm64 - gh-release: - type: boolean - description: 'Update GitHub release' - required: true - default: true - -jobs: - check: - runs-on: ubuntu-latest - steps: - - name: Check tag exists - uses: mukunku/tag-exists-action@v1.6.0 - id: check-tag - with: - tag: ${{ github.event.inputs.tag }} - - name: Exit if tag does not exist - run: | - if [[ "${{ steps.check-tag.outputs.exists }}" == "false" ]]; then - echo "Tag ${{ github.event.inputs.tag }} does not exist" - exit 1 - fi - - setup-matrix: - needs: - - check - runs-on: ubuntu-latest - outputs: - matrix: ${{ steps.set-matrix.outputs.matrix }} - steps: - - name: Set up matrix - id: set-matrix - run: | - if [[ "${{ github.event.inputs.arch }}" == "all" ]]; then - echo "matrix=[\"ubuntu-latest\", \"arm64\"]" >> $GITHUB_OUTPUT - elif [[ "${{ github.event.inputs.arch }}" == "x86_64" ]]; then - echo "matrix=[\"ubuntu-latest\"]" >> $GITHUB_OUTPUT - else - echo "matrix=[\"arm64\"]" >> $GITHUB_OUTPUT - fi - - build: - needs: - - setup-matrix - strategy: - matrix: - os: ${{fromJson(needs.setup-matrix.outputs.matrix)}} - runs-on: ${{ matrix.os }} - steps: - - name: Prepare workspace - run: rm -rf build-pkgbuild && mkdir build-pkgbuild - - name: Download ${{ github.event.inputs.tag }} source code - uses: robinraju/release-downloader@v1.9 - with: - token: ${{ secrets.GH_PAT }} - tag: ${{ github.event.inputs.tag }} - fileName: globalprotect-openconnect-*.tar.gz - tarBall: false - zipBall: false - out-file-path: build-pkgbuild - - name: Docker Login - run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin - - name: Build PKGBUILD package in Docker - run: | - docker run --rm -v $(pwd)/build-pkgbuild:/pkgbuild -e INCLUDE_GUI=1 yuezk/gpdev:pkgbuild - - name: Install PKGBUILD package in Docker - run: | - docker run --rm -v $(pwd)/build-pkgbuild:/pkgbuild yuezk/gpdev:pkgbuild \ - bash -c "sudo pacman -U --noconfirm /pkgbuild/*.pkg.tar.zst; gpclient -V; gpservice -V; gpauth -V; gpgui-helper -V; gpgui -V;" - - name: Upload PKGBUILD package - uses: actions/upload-artifact@v3 - with: - name: artifact-pkgbuild-${{ matrix.os }} - if-no-files-found: error - path: | - build-pkgbuild/*.pkg.tar.zst - - gh-release: - needs: - - build - runs-on: ubuntu-latest - if: ${{ github.event.inputs.gh-release == 'true' }} - steps: - - name: Prepare workspace - run: rm -rf gh-release && mkdir gh-release - - name: Download artifact - uses: actions/download-artifact@v3 - with: - path: gh-release - - name: Update release - uses: softprops/action-gh-release@v1 - with: - token: ${{ secrets.GH_PAT }} - prerelease: ${{ contains(github.ref, 'latest') }} - fail_on_unmatched_files: true - tag_name: ${{ github.event.inputs.tag }} - files: | - gh-release/artifact-*/* diff --git a/.github/workflows/release-rpm.yaml b/.github/workflows/release-rpm.yaml deleted file mode 100644 index f2bfbf8..0000000 --- a/.github/workflows/release-rpm.yaml +++ /dev/null @@ -1,114 +0,0 @@ -name: "Release RPM" - -on: - workflow_dispatch: - inputs: - tag: - description: 'Tag to release' - required: true - arch: - type: choice - description: 'Architecture to build' - required: true - default: all - options: - - all - - x86_64 - - arm64 - gh-release: - type: boolean - description: 'Update GitHub release' - required: true - default: true - -jobs: - check: - runs-on: ubuntu-latest - steps: - - name: Check tag exists - uses: mukunku/tag-exists-action@v1.6.0 - id: check-tag - with: - tag: ${{ github.event.inputs.tag }} - - name: Exit if tag does not exist - run: | - if [[ "${{ steps.check-tag.outputs.exists }}" == "false" ]]; then - echo "Tag ${{ github.event.inputs.tag }} does not exist" - exit 1 - fi - - setup-matrix: - needs: - - check - runs-on: ubuntu-latest - outputs: - matrix: ${{ steps.set-matrix.outputs.matrix }} - steps: - - name: Set up matrix - id: set-matrix - run: | - if [[ "${{ github.event.inputs.arch }}" == "all" ]]; then - echo "matrix=[\"ubuntu-latest\", \"arm64\"]" >> $GITHUB_OUTPUT - elif [[ "${{ github.event.inputs.arch }}" == "x86_64" ]]; then - echo "matrix=[\"ubuntu-latest\"]" >> $GITHUB_OUTPUT - else - echo "matrix=[\"arm64\"]" >> $GITHUB_OUTPUT - fi - - build: - needs: - - setup-matrix - strategy: - matrix: - os: ${{fromJson(needs.setup-matrix.outputs.matrix)}} - runs-on: ${{ matrix.os }} - steps: - - name: Prepare workspace - run: rm -rf build-rpm && mkdir build-rpm - - name: Download ${{ github.event.inputs.tag }} source code - uses: robinraju/release-downloader@v1.9 - with: - token: ${{ secrets.GH_PAT }} - tag: ${{ github.event.inputs.tag }} - fileName: globalprotect-openconnect-*.tar.gz - tarBall: false - zipBall: false - out-file-path: build-rpm - - name: Docker Login - run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin - - name: Build RPM package in Docker - run: | - docker run --rm -v $(pwd)/build-rpm:/rpm -e INCLUDE_GUI=1 yuezk/gpdev:rpm-builder - - name: Install RPM package in Docker - run: | - docker run --rm -v $(pwd)/build-rpm:/rpm yuezk/gpdev:rpm-builder \ - bash -c "sudo rpm -i /rpm/*.$(uname -m).rpm; gpclient -V; gpservice -V; gpauth -V; gpgui-helper -V; gpgui -V;" - - name: Upload RPM package - uses: actions/upload-artifact@v3 - with: - name: artifact-rpm-${{ matrix.os }} - if-no-files-found: error - path: | - build-rpm/*.rpm - - gh-release: - needs: - - build - runs-on: ubuntu-latest - if: ${{ github.event.inputs.gh-release == 'true' }} - steps: - - name: Prepare workspace - run: rm -rf gh-release && mkdir gh-release - - name: Download artifact - uses: actions/download-artifact@v3 - with: - path: gh-release - - name: Update release - uses: softprops/action-gh-release@v1 - with: - token: ${{ secrets.GH_PAT }} - prerelease: ${{ contains(github.ref, 'latest') }} - fail_on_unmatched_files: true - tag_name: ${{ github.event.inputs.tag }} - files: | - gh-release/artifact-*/* diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..05a172e --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,148 @@ +name: Release Packages + +on: + workflow_dispatch: + inputs: + tag: + description: 'Tag to release' + required: true + arch: + type: choice + description: 'Architecture to build' + required: true + default: all + options: + - all + - x86_64 + - arm64 + release-deb: + type: boolean + description: 'Build DEB package' + required: true + default: true + release-rpm: + type: boolean + description: 'Build RPM package' + required: true + default: true + release-pkg: + type: boolean + description: 'Build PKG package' + required: true + default: true + release-binary: + type: boolean + description: 'Build binary package' + required: true + default: true + gh-release: + type: boolean + description: 'Update GitHub release' + required: true + default: true + +jobs: + check: + runs-on: ubuntu-latest + steps: + - name: Check tag exists + uses: mukunku/tag-exists-action@v1.6.0 + id: check-tag + with: + tag: ${{ inputs.tag }} + - name: Exit if tag does not exist + run: | + if [[ "${{ steps.check-tag.outputs.exists }}" == "false" ]]; then + echo "Tag ${{ inputs.tag }} does not exist" + exit 1 + fi + + setup-matrix: + needs: + - check + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.set-matrix.outputs.result }} + steps: + - name: Set up matrix + id: set-matrix + uses: actions/github-script@v7 + with: + result-encoding: string + script: | + const inputs = ${{ toJson(inputs) }} + const { arch } = inputs + const osMap = { + "all": ["ubuntu-latest", "arm64"], + "x86_64": ["ubuntu-latest"], + "arm64": ["arm64"] + } + + const package = Object.entries(inputs) + .filter(([key, value]) => key.startsWith('release-') && value) + .map(([key, value]) => key.replace('release-', '')) + + return JSON.stringify({ + os: osMap[arch], + package, + }) + + build: + needs: + - setup-matrix + strategy: + matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }} + runs-on: ${{ matrix.os }} + steps: + - name: Prepare workspace + run: rm -rf build-${{ matrix.package }} && mkdir -p build-${{ matrix.package }} + - name: Download ${{ inputs.tag }} source code + uses: robinraju/release-downloader@v1.9 + with: + token: ${{ secrets.GH_PAT }} + tag: ${{ inputs.tag }} + fileName: globalprotect-openconnect-*.tar.gz + tarBall: false + zipBall: false + out-file-path: build-${{ matrix.package }} + - name: Docker Login + run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin + - name: Build ${{ matrix.package }} package in Docker + run: | + docker run --rm -v $(pwd)/build-${{ matrix.package }}:/${{ matrix.package }} -e INCLUDE_GUI=1 yuezk/gpdev:${{ matrix.package }}-builder + + - name: Install ${{ matrix.package }} package in Docker + run: | + docker run --rm -v $(pwd)/build-${{ matrix.package }}:/${{ matrix.package }} yuezk/gpdev:${{ matrix.package }}-builder \ + bash install.sh + + - name: Upload ${{ matrix.package }} package + uses: actions/upload-artifact@v3 + with: + name: artifact-${{ matrix.os }}-${{ matrix.package }} + if-no-files-found: error + path: | + build-${{ matrix.package }}/artifacts/* + + gh-release: + needs: + - build + runs-on: ubuntu-latest + if: ${{ inputs.gh-release }} + steps: + - name: Prepare workspace + run: rm -rf gh-release && mkdir gh-release + - name: Download artifact + uses: actions/download-artifact@v3 + with: + path: gh-release + - name: Update release + uses: softprops/action-gh-release@v1 + with: + token: ${{ secrets.GH_PAT }} + prerelease: ${{ contains(github.ref, 'latest') }} + fail_on_unmatched_files: true + tag_name: ${{ inputs.tag }} + files: | + gh-release/artifact-*/* + diff --git a/Makefile b/Makefile index c58d0d1..bc4ef25 100644 --- a/Makefile +++ b/Makefile @@ -144,7 +144,7 @@ init-debian: clean-debian tarball cd .build/deb/${PKG} && debmake cp -f packaging/deb/control.in .build/deb/$(PKG)/debian/control - cp -f packaging/deb/rules .build/deb/$(PKG)/debian/rules + cp -f packaging/deb/rules.in .build/deb/$(PKG)/debian/rules sed -i "s/@OFFLINE@/$(OFFLINE)/g" .build/deb/$(PKG)/debian/rules @@ -242,7 +242,7 @@ binary: clean-binary tarball mkdir -p .build/binary/$(PKG_NAME)_$(VERSION)/artifacts - make -C .build/binary/${PKG} build OFFLINE=$(OFFLINE) BUILD_FE=0 + make -C .build/binary/${PKG} build OFFLINE=$(OFFLINE) BUILD_FE=0 INCLUDE_GUI=$(INCLUDE_GUI) make -C .build/binary/${PKG} install DESTDIR=$(PWD)/.build/binary/$(PKG_NAME)_$(VERSION)/artifacts cp packaging/binary/Makefile.in .build/binary/$(PKG_NAME)_$(VERSION)/Makefile diff --git a/packaging/binary/Makefile.in b/packaging/binary/Makefile.in index 244dccb..8f71e68 100644 --- a/packaging/binary/Makefile.in +++ b/packaging/binary/Makefile.in @@ -5,7 +5,7 @@ install: install -Dm755 artifacts/usr/bin/gpservice $(DESTDIR)/usr/bin/gpservice install -Dm755 artifacts/usr/bin/gpauth $(DESTDIR)/usr/bin/gpauth install -Dm755 artifacts/usr/bin/gpgui-helper $(DESTDIR)/usr/bin/gpgui-helper - install -Dm755 artifacts/usr/bin/gpgui $(DESTDIR)/usr/bin/gpgui + install -Dm755 artifacts/usr/bin/gpgui $(DESTDIR)/usr/bin/gpgui install -Dm644 artifacts/usr/share/applications/gpgui.desktop $(DESTDIR)/usr/share/applications/gpgui.desktop install -Dm644 artifacts/usr/share/icons/hicolor/scalable/apps/gpgui.svg $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/gpgui.svg diff --git a/packaging/deb/rules b/packaging/deb/rules deleted file mode 100755 index a4e4314..0000000 --- a/packaging/deb/rules +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/make -f - -export OFFLINE = @OFFLINE@ BUILD_FE=0 - -%: - dh $@ --no-parallel diff --git a/packaging/deb/rules.in b/packaging/deb/rules.in new file mode 100755 index 0000000..af86075 --- /dev/null +++ b/packaging/deb/rules.in @@ -0,0 +1,7 @@ +#!/usr/bin/make -f + +export OFFLINE = @OFFLINE@ +export BUILD_FE = 0 + +%: + dh $@ --no-parallel