mirror of
https://github.com/AlchemillaHQ/Sylve.git
synced 2026-06-15 00:56:36 +03:00
hayzam
277 lines
8.6 KiB
YAML
277 lines
8.6 KiB
YAML
name: Tip
|
|
|
|
on:
|
|
workflow_run:
|
|
workflows:
|
|
- Test
|
|
branches:
|
|
- master
|
|
types:
|
|
- completed
|
|
|
|
permissions:
|
|
actions: read
|
|
contents: write
|
|
|
|
concurrency:
|
|
group: tip-release-master
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
select-runner:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
linux_runner: ${{ steps.pick.outputs.linux_runner }}
|
|
steps:
|
|
- name: Pick self-hosted runner when available
|
|
id: pick
|
|
uses: actions/github-script@v8
|
|
with:
|
|
github-token: ${{ secrets.RUNNER_DISCOVERY_TOKEN || github.token }}
|
|
script: |
|
|
const selfHosted = ["self-hosted", "linux", "x64"];
|
|
let selected = ["ubuntu-latest"];
|
|
|
|
try {
|
|
const { owner, repo } = context.repo;
|
|
const runners = await github.paginate(
|
|
github.rest.actions.listSelfHostedRunnersForRepo,
|
|
{ owner, repo, per_page: 100 },
|
|
);
|
|
|
|
const available = runners.some((runner) => {
|
|
if (runner.status !== "online" || runner.busy) {
|
|
return false;
|
|
}
|
|
const labels = runner.labels.map((label) => label.name);
|
|
return selfHosted.every((required) => labels.includes(required));
|
|
});
|
|
|
|
if (available) {
|
|
selected = selfHosted;
|
|
}
|
|
} catch (error) {
|
|
const message = `${error?.message || ""}`;
|
|
const accessDenied =
|
|
error?.status === 403 ||
|
|
/resource not accessible by integration/i.test(message);
|
|
|
|
if (accessDenied) {
|
|
core.info(
|
|
"No permission to list self-hosted runners with current token; falling back to ubuntu-latest.",
|
|
);
|
|
} else {
|
|
core.warning(`Falling back to ubuntu-latest: ${message}`);
|
|
}
|
|
}
|
|
|
|
core.info(`Selected runner labels: ${selected.join(", ")}`);
|
|
core.setOutput("linux_runner", JSON.stringify(selected));
|
|
|
|
prepare-release:
|
|
needs: select-runner
|
|
if: >
|
|
github.event.workflow_run.conclusion == 'success' &&
|
|
github.event.workflow_run.event == 'push'
|
|
runs-on: ${{ fromJSON(needs.select-runner.outputs.linux_runner) }}
|
|
outputs:
|
|
head_sha: ${{ steps.vars.outputs.head_sha }}
|
|
should_publish: ${{ steps.vars.outputs.should_publish }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
ref: ${{ github.event.workflow_run.head_sha }}
|
|
|
|
- name: Decide if this run should publish
|
|
id: vars
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
HEAD_SHA="${{ github.event.workflow_run.head_sha }}"
|
|
MASTER_SHA="$(git ls-remote --heads origin master | awk '{print $1}')"
|
|
|
|
echo "head_sha=${HEAD_SHA}" >> "$GITHUB_OUTPUT"
|
|
|
|
if [ "${HEAD_SHA}" != "${MASTER_SHA}" ]; then
|
|
echo "should_publish=false" >> "$GITHUB_OUTPUT"
|
|
echo "Skipping stale run for ${HEAD_SHA}; master is ${MASTER_SHA}."
|
|
exit 0
|
|
fi
|
|
|
|
echo "should_publish=true" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Move tip tag
|
|
if: steps.vars.outputs.should_publish == 'true'
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
git config user.name "github-actions[bot]"
|
|
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
|
git tag -fa tip -m "Latest Continuous Release" "${{ steps.vars.outputs.head_sha }}"
|
|
git push --force origin tip
|
|
|
|
- name: Ensure tip prerelease exists
|
|
if: steps.vars.outputs.should_publish == 'true'
|
|
env:
|
|
GH_TOKEN: ${{ github.token }}
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
if gh release view tip >/dev/null 2>&1; then
|
|
echo "tip release already exists"
|
|
exit 0
|
|
fi
|
|
|
|
gh release create tip \
|
|
--title "tip" \
|
|
--target "${{ steps.vars.outputs.head_sha }}" \
|
|
--prerelease \
|
|
--notes "Rolling prerelease for Sylve tip."
|
|
|
|
build-web:
|
|
needs:
|
|
- select-runner
|
|
- prepare-release
|
|
if: needs.prepare-release.outputs.should_publish == 'true'
|
|
runs-on: ${{ fromJSON(needs.select-runner.outputs.linux_runner) }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
ref: ${{ needs.prepare-release.outputs.head_sha }}
|
|
|
|
- name: Setup Node
|
|
uses: actions/setup-node@v5
|
|
with:
|
|
node-version: 24
|
|
|
|
- name: Build Web Assets
|
|
run: |
|
|
make frontend
|
|
|
|
- name: Upload Web Assets
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: tip-web-assets
|
|
path: internal/assets/web-files/
|
|
|
|
- name: Verify tip still points to this commit
|
|
id: freshness
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
EXPECTED_SHA="${{ needs.prepare-release.outputs.head_sha }}"
|
|
TIP_SHA="$(git ls-remote origin "refs/tags/tip^{}" | awk '{print $1}')"
|
|
|
|
if [ -z "${TIP_SHA}" ] || [ "${TIP_SHA}" != "${EXPECTED_SHA}" ]; then
|
|
echo "upload=false" >> "$GITHUB_OUTPUT"
|
|
echo "Skipping web upload; tip points to '${TIP_SHA}' and this run built '${EXPECTED_SHA}'."
|
|
exit 0
|
|
fi
|
|
|
|
echo "upload=true" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Package Web Assets
|
|
if: steps.freshness.outputs.upload == 'true'
|
|
run: |
|
|
set -euo pipefail
|
|
tar -czf sylve-web-assets.tar.gz -C internal/assets web-files
|
|
|
|
- name: Upload web assets to tip prerelease
|
|
if: steps.freshness.outputs.upload == 'true'
|
|
env:
|
|
GH_TOKEN: ${{ github.token }}
|
|
run: |
|
|
set -euo pipefail
|
|
ASSET_NAME="sylve-web-assets.tar.gz"
|
|
while gh release delete-asset tip "${ASSET_NAME}" --yes >/dev/null 2>&1; do
|
|
echo "Deleted existing ${ASSET_NAME}"
|
|
done
|
|
gh release upload tip "sylve-web-assets.tar.gz"
|
|
|
|
build-freebsd:
|
|
needs:
|
|
- select-runner
|
|
- prepare-release
|
|
- build-web
|
|
if: needs.prepare-release.outputs.should_publish == 'true'
|
|
runs-on: ${{ fromJSON(needs.select-runner.outputs.linux_runner) }}
|
|
env:
|
|
FREEBSD_VERSION: 15.0-RELEASE
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- arch: amd64
|
|
- arch: arm64
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
ref: ${{ needs.prepare-release.outputs.head_sha }}
|
|
|
|
- name: Setup Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version: "1.26.x"
|
|
|
|
- name: Install cross-build toolchain
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y clang lld xz-utils tar file
|
|
|
|
- name: Download Web Assets
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: tip-web-assets
|
|
path: internal/assets/web-files
|
|
|
|
- name: Cache FreeBSD sysroot
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: .cache/freebsd/${{ matrix.arch }}-${{ env.FREEBSD_VERSION }}
|
|
key: freebsd-sysroot-${{ runner.os }}-${{ matrix.arch }}-${{ env.FREEBSD_VERSION }}
|
|
|
|
- name: Build FreeBSD binary on Linux (${{ matrix.arch }})
|
|
run: |
|
|
make cross-build-${{ matrix.arch }} FREEBSD_VERSION=${{ env.FREEBSD_VERSION }}
|
|
|
|
- name: Verify binary format
|
|
run: |
|
|
set -euo pipefail
|
|
file bin/sylve | tee /tmp/sylve-file.txt
|
|
grep -q "FreeBSD" /tmp/sylve-file.txt
|
|
|
|
if [ "${{ matrix.arch }}" = "amd64" ]; then
|
|
grep -Eq "x86-64|amd64" /tmp/sylve-file.txt
|
|
else
|
|
grep -Eq "aarch64|arm64|ARM aarch64" /tmp/sylve-file.txt
|
|
fi
|
|
|
|
- name: Verify tip still points to this commit
|
|
id: freshness
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
EXPECTED_SHA="${{ needs.prepare-release.outputs.head_sha }}"
|
|
TIP_SHA="$(git ls-remote origin "refs/tags/tip^{}" | awk '{print $1}')"
|
|
|
|
if [ -z "${TIP_SHA}" ] || [ "${TIP_SHA}" != "${EXPECTED_SHA}" ]; then
|
|
echo "upload=false" >> "$GITHUB_OUTPUT"
|
|
echo "Skipping upload; tip points to '${TIP_SHA}' and this run built '${EXPECTED_SHA}'."
|
|
exit 0
|
|
fi
|
|
|
|
echo "upload=true" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Upload binary to tip prerelease
|
|
if: steps.freshness.outputs.upload == 'true'
|
|
env:
|
|
GH_TOKEN: ${{ github.token }}
|
|
run: |
|
|
set -euo pipefail
|
|
ASSET_NAME="sylve-${{ matrix.arch }}"
|
|
while gh release delete-asset tip "${ASSET_NAME}" --yes >/dev/null 2>&1; do
|
|
echo "Deleted existing ${ASSET_NAME}"
|
|
done
|
|
cp bin/sylve "${ASSET_NAME}"
|
|
gh release upload tip "${ASSET_NAME}"
|