make public #81
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - '*' | |
| env: | |
| # GCS_BUCKET is the name of the Google Cloud Storage bucket to which all artifacts are deployed. | |
| GCS_BUCKET: mitbattlecode-releases | |
| # RELEASE_ARTIFACT_ID is the name of the Maven artifact produced by the buildsystem. | |
| # Important: you must make sure no ID is a prefix of a different ID. Otherwise, you could | |
| # inadvertently cause unintended episodes to become public. | |
| RELEASE_ARTIFACT_ID: battlecode24 | |
| # IS_PUBLIC is whether to release deployments publicly. Set to exactly the text "YES" to do so. | |
| IS_PUBLIC: YES | |
| jobs: | |
| build-client: | |
| name: Build client | |
| permissions: | |
| contents: read | |
| id-token: write | |
| strategy: | |
| matrix: | |
| include: | |
| - platform-name: "macos-latest" | |
| build-name: "macos" | |
| tauri-target: "universal-apple-darwin" | |
| tauri-copy-path: "bundle/macos/*.app" | |
| - platform-name: "ubuntu-latest" | |
| build-name: "linux" | |
| tauri-target: "x86_64-unknown-linux-gnu" | |
| tauri-copy-path: "bundle/appimage/*.AppImage" | |
| upload-dist: true | |
| - platform-name: "windows-latest" | |
| build-name: "windows" | |
| tauri-target: "x86_64-pc-windows-msvc" | |
| tauri-copy-path: "*.exe" | |
| runs-on: ${{ matrix.platform-name }} | |
| env: | |
| TAURI_OUTPUT: ./src-tauri/target/${{ matrix.tauri-target }}/release/${{ matrix.tauri-copy-path }} | |
| TAURI_BUILD_COMMAND: npm run tauri-pack -- -t ${{ matrix.tauri-target }} | |
| ELECTRON_BUILD_COMMAND: npm run electron-pack | |
| steps: | |
| - name: Checkout branch | |
| uses: actions/checkout@v3 | |
| - name: Set up Node 16 | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 16 | |
| # Rust toolchain is preinstalled on runner images, but we need to add the arm64 | |
| # toolchain on macos to compile universal apps from the x86 runner | |
| - name: Install macos dependencies | |
| if: startsWith(matrix.platform-name, 'macos') | |
| run: | | |
| rustup target add aarch64-apple-darwin | |
| npm install @tauri-apps/cli-darwin-x64 | |
| - name: Install linux dependencies | |
| if: startsWith(matrix.platform-name, 'ubuntu') | |
| run: | | |
| sudo apt-get install -y libwebkit2gtk-4.0-dev build-essential wget libssl-dev libgtk-3-dev libayatana-appindicator3-dev librsvg2-dev | |
| npm install @tauri-apps/cli-linux-x64-gnu | |
| - name: Install windows dependencies | |
| if: startsWith(matrix.platform-name, 'windows') | |
| run: npm install @tauri-apps/cli-win32-x64-msvc | |
| - name: Install schema | |
| run: npm install | |
| working-directory: ./schema | |
| - name: Install client | |
| run: npm install | |
| working-directory: ./client | |
| - name: Build client webpack | |
| run: npm run build | |
| working-directory: ./client | |
| - name: Build client applications | |
| run: npm run concurrently -- --kill-others-on-fail "${{ env.ELECTRON_BUILD_COMMAND }}" "${{ env.TAURI_BUILD_COMMAND }}" | |
| working-directory: ./client | |
| # 7-zip is preinstalled on runner images | |
| - name: Zip tauri result | |
| run: 7z a packaged-client/tauri-output.zip "${{ env.TAURI_OUTPUT }}" | |
| working-directory: ./client | |
| # Only need to create this artifact on one job since all platforms produce | |
| # the same result | |
| - name: Upload dist files artifact | |
| if: matrix.upload-dist | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: client-dist | |
| path: ./client/dist | |
| - name: Upload client artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: client-${{ matrix.build-name }} | |
| path: | | |
| ./client/packaged-client/*-output.zip | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| needs: build-client | |
| permissions: | |
| contents: read | |
| id-token: write | |
| actions: write # To cleanup artifacts | |
| steps: | |
| - name: Checkout branch | |
| uses: actions/checkout@v3 | |
| - name: Inject release version | |
| run: | | |
| release_version=${GITHUB_REF#refs/*/} | |
| echo "RELEASE_VERSION=$release_version" >> $GITHUB_ENV | |
| echo "The release version is $release_version" | |
| - name: Authenticate to Google Cloud Platform | |
| uses: google-github-actions/auth@v1 | |
| with: | |
| create_credentials_file: true | |
| workload_identity_provider: projects/830784087321/locations/global/workloadIdentityPools/releases/providers/github-workflow | |
| service_account: releases-agent@mitbattlecode.iam.gserviceaccount.com | |
| - name: Set up Google Cloud SDK | |
| uses: 'google-github-actions/setup-gcloud@v1' | |
| - name: Clone private maps | |
| if: ${{ env.IS_PUBLIC != 'YES' }} | |
| uses: actions/checkout@v3 | |
| with: | |
| repository: battlecode/private-maps | |
| token: ${{ secrets.CI_REPOSITORY_CLONE_PAT }} | |
| path: private-maps | |
| - name: Inject private maps | |
| if: ${{ env.IS_PUBLIC != 'YES' }} | |
| run: | | |
| source="private-maps/$RELEASE_ARTIFACT_ID" | |
| dest="engine/src/main/battlecode/world/resources" | |
| if [ -d "$source" ]; then | |
| cp -r -i "$source/." "$dest/" < /dev/null &> private-maps-copy-log | |
| if [ -s "private-maps-copy-log" ]; then | |
| echo "FAILED! Public and private maps should not intersect." | |
| cat private-maps-copy-log | |
| exit 1 | |
| fi | |
| fi | |
| - name: Set up JDK 8 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 8 | |
| distribution: adopt | |
| - name: Download all client artifacts | |
| uses: actions/download-artifact@v3 | |
| with: | |
| path: ./client/artifacts | |
| # Always cleanup even if other commands failed so we don't unnecessarily store | |
| # the artifacts in the cloud | |
| - name: Cleanup client artifacts | |
| uses: geekyeggo/delete-artifact@54ab544f12cdb7b71613a16a2b5a37a9ade990af | |
| if: always() | |
| with: | |
| name: client-* | |
| - name: Publish to local repository | |
| run: ./gradlew publishToMavenLocal -Prelease_version=$RELEASE_VERSION | |
| - name: Determine access control | |
| run: | | |
| [[ "$IS_PUBLIC" = "YES" ]] && acl="public-read" || acl="project-private" | |
| echo "OBJECT_ACL=$acl" >> $GITHUB_ENV | |
| echo "Objects will be uploaded with ACL $acl" | |
| - name: Upload maven artifacts to remote repository | |
| run: gsutil -m rsync -a $OBJECT_ACL -r $HOME/.m2/repository/org/battlecode gs://$GCS_BUCKET/maven/org/battlecode | |
| - name: Upload javadocs | |
| run: | | |
| unzip -d ${{ runner.temp }}/javadoc $HOME/.m2/repository/org/battlecode/$RELEASE_ARTIFACT_ID/$RELEASE_VERSION/*-javadoc.jar | |
| gsutil -m rsync -a $OBJECT_ACL -r ${{ runner.temp }}/javadoc gs://$GCS_BUCKET/javadoc/$RELEASE_ARTIFACT_ID/$RELEASE_VERSION | |
| - name: Upload specs | |
| run: gsutil -m rsync -a $OBJECT_ACL -r ./specs gs://$GCS_BUCKET/specs/$RELEASE_ARTIFACT_ID/$RELEASE_VERSION | |
| - name: Upload web client | |
| run: | | |
| gsutil -m rsync -r -a $OBJECT_ACL ./artifacts/client-dist gs://$GCS_BUCKET/client/$RELEASE_ARTIFACT_ID/$RELEASE_VERSION | |
| working-directory: ./client |