Skip to content

Commit aa0ca8f

Browse files
vprusvprus
committed
Complete release flow for CLI tools.
1 parent 3e1f15f commit aa0ca8f

1 file changed

Lines changed: 90 additions & 19 deletions

File tree

.github/workflows/storage-advisor-release.yaml

Lines changed: 90 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -9,39 +9,110 @@ permissions:
99
packages: write
1010

1111
jobs:
12-
releases-matrix:
13-
name: Release
12+
build:
1413
runs-on: ubuntu-latest
1514
strategy:
1615
matrix:
1716
# build and publish in parallel: linux/386, linux/amd64, linux/arm64, windows/386, windows/amd64, darwin/amd64, darwin/arm64
1817
goos: [linux, windows, darwin]
19-
goarch: ["386", amd64, arm64]
18+
goarch: [amd64, arm64]
2019
exclude:
21-
- goarch: "386"
22-
goos: darwin
2320
- goarch: arm64
2421
goos: windows
2522
steps:
26-
- uses: actions/checkout@v3
27-
- uses: wangyoucao577/go-release-action@v1
28-
with:
29-
github_token: ${{ secrets.GITHUB_TOKEN }}
30-
goos: ${{ matrix.goos }}
31-
goarch: ${{ matrix.goarch }}
32-
goversion: 1.20.13
33-
project_path: "./tools/storage-advisor/src"
34-
binary_name: "storage-advisor"
35-
23+
- uses: actions/checkout@v4
24+
- name: Setup Go
25+
uses: actions/setup-go@v4
26+
with:
27+
go-version: '1.20.x'
28+
- name: Install dependencies
29+
working-directory: ./tools/storage-advisor/src
30+
run: GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} go get .
31+
- name: Build
32+
working-directory: ./tools/storage-advisor/src
33+
run: GOOS=${{ matrix.goos }} GOARCH=${{ matrix.goarch }} go build -o storage-advisor-${{ matrix.goos }}-${{ matrix.goarch }} .
34+
- uses: actions/upload-artifact@v4
35+
with:
36+
name: storage-advisor-${{ matrix.goos }}-${{ matrix.goarch }}
37+
path: tools/storage-advisor/src/storage-advisor-${{ matrix.goos }}-${{ matrix.goarch }}
38+
- name: Archive the binary
39+
working-directory: ./tools/storage-advisor/src
40+
run: |
41+
mv storage-advisor-${{ matrix.goos }}-${{ matrix.goarch }} storage-advisor
42+
tar -czvf storage-advisor-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz storage-advisor
43+
sha256sum storage-advisor-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz > storage-advisor-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz.sha256
44+
- name: Upload binaries to release
45+
uses: svenstaro/upload-release-action@v2
46+
if: ${{ matrix.goos != 'darwin' }}
47+
with:
48+
file: tools/storage-advisor/src/storage-advisor-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz
49+
tag: ${{ github.ref }}
50+
overwrite: true
51+
3652
notarize:
37-
needs: releases-matrix
53+
needs: [build]
3854
runs-on: macos-latest
3955
steps:
40-
- uses: actions/download-artifact@v4
4156
- name: Obtain release name
4257
id: release-id
4358
run: echo "RELEASE_TAG=$(jq -r .release.tag_name ${GITHUB_EVENT_PATH})" >> "$GITHUB_OUTPUT"
4459
- name: Download artifacts
45-
uses: uses: actions/upload-artifact@v4
60+
uses: actions/download-artifact@v4
61+
with:
62+
pattern: storage-advisor-darwin*
63+
merge-multiple: true
64+
- name: List
65+
run: ls -l
66+
- name: Sign
67+
env: # Or as an environment variable
68+
DEVELOPER_ID_APPLICATION_P12: ${{ secrets.DEVELOPER_ID_APPLICATION_P12 }}
69+
DEVELOPER_ID_APPLICATION_P12_PWD: ${{ secrets.DEVELOPER_ID_APPLICATION_P12_PWD }}
70+
FASTLANE_USER: ${{ secrets.FASTLANE_USER }}
71+
FASTLANE_PASSWORD: ${{ secrets.FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD }}
72+
run: |
73+
74+
lipo -create -output storage-advisor storage-advisor-darwin-arm64 storage-advisor-darwin-amd64
75+
76+
KEYCHAIN_NAME=$(LC_CTYPE=C openssl rand -base64 18 | tr -dc 'a-zA-Z' | head -c 16)
77+
KEYCHAIN_PASSWORD=$(LC_CTYPE=C openssl rand -base64 18 | tr -dc 'a-zA-Z' | head -c 16)
78+
79+
security create-keychain -p "${KEYCHAIN_PASSWORD}" "${KEYCHAIN_NAME}"
80+
security unlock-keychain -p "${KEYCHAIN_PASSWORD}" "${KEYCHAIN_NAME}"
81+
82+
curl -O https://www.apple.com/appleca/AppleIncRootCertificate.cer
83+
security import AppleIncRootCertificate.cer -t cert -k "${KEYCHAIN_NAME}" -T /usr/bin/codesign -T /usr/bin/xcodebuild
84+
curl -O https://www.apple.com/certificateauthority/DeveloperIDCA.cer
85+
security import DeveloperIDCA.cer -t cert -k "${KEYCHAIN_NAME}" -T /usr/bin/codesign -T /usr/bin/xcodebuild
86+
rm AppleIncRootCertificate.cer DeveloperIDCA.cer
87+
echo "$DEVELOPER_ID_APPLICATION_P12" | base64 -d > signing_cert.p12
88+
security import signing_cert.p12 -P "$DEVELOPER_ID_APPLICATION_P12_PWD" -k "${KEYCHAIN_NAME}" -T /usr/bin/codesign -T /usr/bin/xcodebuild
89+
rm signing_cert.p12
90+
security set-keychain-settings $KEYCHAIN_NAME
91+
92+
security set-key-partition-list -S apple-tool:,apple: -s -k "${KEYCHAIN_PASSWORD}" "${KEYCHAIN_NAME}"
93+
94+
# we need to add our new keychain to user search list to use the certificate
95+
keychainNames=();
96+
for keychain in $(security list-keychains -d user)
97+
do
98+
basename=$(basename "\$keychain")
99+
keychainName=${basename::${#basename}-4}
100+
keychainNames+=("$keychainName")
101+
done
102+
security -v list-keychains -s "${keychainNames[@]}" $KEYCHAIN_NAME
103+
codesign -s 98A9FF12B0FCCCEEDE752C824A2A7E189B5AEEAE -o runtime -v storage-advisor
104+
security -v delete-keychain $KEYCHAIN_NAME
105+
106+
zip storage-advisor-macos.zip storage-advisor
107+
xcrun notarytool submit --apple-id $FASTLANE_USER --password $FASTLANE_PASSWORD --team-id WDCQ6B387N storage-advisor-macos.zip --wait > "notarytool.log" 2>&1
108+
SUBMISSIONID=`awk '/id: / { print $2;exit; }' notarytool.log`
109+
echo "id: ${SUBMISSIONID}"
110+
xcrun notarytool log ${SUBMISSIONID} --apple-id $FASTLANE_USER --password $FASTLANE_PASSWORD --team-id WDCQ6B387N
111+
chmod +x storage-advisor
112+
tar -czvf storage-advisor-macos.tar.gz storage-advisor
113+
- name: Upload binaries to release
114+
uses: svenstaro/upload-release-action@v2
46115
with:
47-
name: storage-advisor-cli-${{ steps.release-id.outputs.RELEASE_TAG }}-darwin-amd64.tar.gz
116+
file: storage-advisor-macos.tar.gz
117+
tag: ${{ github.ref }}
118+
overwrite: true

0 commit comments

Comments
 (0)