add comments #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: push | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| build: | |
| name: "Sidecar Build" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout sidecar project | |
| uses: actions/checkout@v4 | |
| - name: Setup Go environment | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.21' | |
| - name: "compile" | |
| run: | | |
| go version | |
| go mod vendor | |
| make test | |
| make build-all | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USER }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Sign Windows binaries | |
| run: > | |
| docker run --rm | |
| -e "CODESIGN_USER=$CODESIGN_USER" | |
| -e "CODESIGN_PASS=$CODESIGN_PASS" | |
| -e "CODESIGN_TOTP_SECRET=$CODESIGN_TOTP_SECRET" | |
| -e "CODESIGN_CREDENTIAL_ID=$CODESIGN_CREDENTIAL_ID" | |
| -v $(pwd):/home/jenkins | |
| graylog/internal-codesigntool:latest | |
| make sign-binaries | |
| env: | |
| CODESIGN_USER: ${{ secrets.CODESIGN_USER }} | |
| CODESIGN_PASS: ${{ secrets.CODESIGN_PASS }} | |
| CODESIGN_TOTP_SECRET: ${{ secrets.CODESIGN_TOTP_SECRET }} | |
| CODESIGN_CREDENTIAL_ID: ${{ secrets.CODESIGN_CREDENTIAL_ID }} | |
| - name: Build packages | |
| run: mkdir dist/pkg && docker run --rm -v $(pwd):/home torch/jenkins-fpm-cook-root:latest sh -c "cd /home && make package-all" | |
| - name: Sign Windows Installer | |
| run: > | |
| docker run --rm | |
| -e "CODESIGN_USER=$CODESIGN_USER" | |
| -e "CODESIGN_PASS=$CODESIGN_PASS" | |
| -e "CODESIGN_TOTP_SECRET=$CODESIGN_TOTP_SECRET" | |
| -e "CODESIGN_CREDENTIAL_ID=$CODESIGN_CREDENTIAL_ID" | |
| -v $(pwd):/home/jenkins | |
| graylog/internal-codesigntool:latest | |
| make sign-windows-installer | |
| env: | |
| CODESIGN_USER: ${{ secrets.CODESIGN_USER }} | |
| CODESIGN_PASS: ${{ secrets.CODESIGN_PASS }} | |
| CODESIGN_TOTP_SECRET: ${{ secrets.CODESIGN_TOTP_SECRET }} | |
| CODESIGN_CREDENTIAL_ID: ${{ secrets.CODESIGN_CREDENTIAL_ID }} | |
| - name: Chocolatey Pack | |
| uses: ./.github/shared/docker-chocolatey | |
| with: | |
| command: make package-chocolatey | |
| - name: Create checksums | |
| run: cd dist/pkg && sha256sum * | tee CHECKSUMS-SHA256.txt | |
| - name: Archive artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: sidecar-artifacts | |
| retention-days: 7 | |
| path: | | |
| dist/pkg | |
| - name: Chocolatey Push | |
| # publish release if tags are pushed | |
| if: startsWith(github.ref, 'refs/tags/') | |
| uses: ./.github/shared/docker-chocolatey | |
| with: | |
| command: make push-chocolatey | |
| env: | |
| CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} | |
| - name: "Upload sidecar artifacts to S3" | |
| # publish release if tags are pushed | |
| if: startsWith(github.ref, 'refs/tags/') | |
| env: | |
| AWS_DEFAULT_REGION: "eu-west-1" | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_SIDECAR_RELEASES_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SIDECAR_RELEASES_SECRET_KEY }} | |
| run: | | |
| aws s3 cp --no-progress --recursive dist/pkg s3://graylog2-releases/graylog-collector-sidecar/${{ github.ref_name }}/ | |
| - name: "Releasing to Github" | |
| # publish release if tags are pushed | |
| if: startsWith(github.ref, 'refs/tags/') | |
| run: | | |
| gh release create ${{ github.ref_name }} --draft --notes "Insert changes here." dist/pkg/* |