Skip to content

runner: Block execution from suspended/disabled users tasks #999

runner: Block execution from suspended/disabled users tasks

runner: Block execution from suspended/disabled users tasks #999

Workflow file for this run

name: Build binaries
on:
pull_request:
push:
branches:
- main
- dev
tags:
- "v*"
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build:
strategy:
fail-fast: false
matrix:
arch:
# Disabling arm64 builds till ffmpeg installation support isn't available
- arm64
- amd64
platform:
- os: ubuntu-20.04
name: linux
- os: ubuntu-20.04
name: windows
- os: macos-11
name: darwin
name: Build binaries for ${{ matrix.platform.name }}-${{ matrix.arch }}
runs-on: ${{ matrix.platform.os }}
steps:
- name: Check out code
uses: actions/checkout@v3
with:
fetch-depth: 0
# Check https://github.com/livepeer/go-livepeer/pull/1891
# for ref value discussion
ref: ${{ github.event.pull_request.head.sha }}
- name: Set up go
id: go
uses: actions/setup-go@v3
with:
go-version-file: go.mod
cache: true
cache-dependency-path: go.sum
- name: Export OS and platform env
run: |
echo "GOOS=${{ matrix.platform.name }}" >> $GITHUB_ENV
echo "GOARCH=${{ matrix.arch }}" >> $GITHUB_ENV
- name: Download dependencies
if: steps.go.outputs.cache-hit != 'true'
run: go mod download
- name: Build
run: |
mkdir -p build/ releases/
export PKG_CONFIG_PATH=~/compiled/lib/pkgconfig
make
- uses: actions-ecosystem/action-regex-match@v2
id: match-tag
with:
text: ${{ github.ref_name }}
regex: '^(master|main|v[0-9]+\.\d+\.\d+)$'
- name: Codesign and notarize binaries
if: ${{ steps.match-tag.outputs.match != '' && matrix.platform.name == 'darwin' }}
uses: livepeer/action-gh-codesign-apple@latest
with:
developer-certificate-id: ${{ secrets.CI_MACOS_CERTIFICATE_ID }}
developer-certificate-base64: ${{ secrets.CI_MACOS_CERTIFICATE_BASE64 }}
developer-certificate-password: ${{ secrets.CI_MACOS_CERTIFICATE_PASSWORD }}
app-notarization-email: ${{ secrets.CI_MACOS_NOTARIZATION_USER }}
app-notarization-password: ${{ secrets.CI_MACOS_NOTARIZATION_PASSWORD }}
app-notarization-team-id: ${{ secrets.CI_MACOS_NOTARIZATION_TEAM_ID }}
binary-path: "build/task-runner"
- name: Archive binaries for windows
if: matrix.platform.name == 'windows'
run: |
cd build/
mv task-runner livepeer-task-runner.exe
zip -9q "../releases/livepeer-task-runner-${GOOS}-${GOARCH}.zip" ./livepeer-task-runner.exe
- name: Archive binaries for not windows
if: matrix.platform.name != 'windows'
run: |
cd build/
mv task-runner livepeer-task-runner
tar -czf "../releases/livepeer-task-runner-${GOOS}-${GOARCH}.tar.gz" ./livepeer-task-runner
- name: Upload artifacts for processing further in linux
uses: actions/upload-artifact@v3
with:
name: release-artifacts
path: releases/
upload:
name: Upload artifacts to google bucket
permissions:
contents: "read"
id-token: "write"
runs-on: ubuntu-latest
needs:
- build
steps:
- name: Download artifacts
uses: actions/download-artifact@v3
with:
name: release-artifacts
path: releases/
- name: Generate sha256 checksum and gpg signatures for release artifacts
uses: livepeer/action-gh-checksum-and-gpg-sign@latest
with:
artifacts-dir: releases
release-name: ${{ github.ref_type == 'tag' && github.ref_name || github.sha }}
gpg-key: ${{ secrets.CI_GPG_SIGNING_KEY }}
gpg-key-passphrase: ${{ secrets.CI_GPG_SIGNING_PASSPHRASE }}
- name: Generate branch manifest
id: branch-manifest
uses: livepeer/branch-manifest-action@latest
with:
project-name: ${{ github.event.repository.name }}
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v1
with:
workload_identity_provider: ${{ secrets.CI_GOOGLE_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ secrets.CI_GOOGLE_SERVICE_ACCOUNT }}
- name: Upload release archives to Google Cloud
id: upload-archives
uses: google-github-actions/upload-cloud-storage@v1
with:
path: "releases"
destination: "build.livepeer.live/${{ github.event.repository.name }}/${{ (github.ref_type == 'tag' && github.ref_name) || github.sha }}"
parent: false
- name: Upload branch manifest file
id: upload-manifest
uses: google-github-actions/upload-cloud-storage@v1
with:
path: ${{ steps.branch-manifest.outputs.manifest-file }}
destination: "build.livepeer.live/${{ github.event.repository.name }}/"
parent: false