-
Notifications
You must be signed in to change notification settings - Fork 207
218 lines (185 loc) · 7.32 KB
/
package-release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
name: "Package Release"
run-name: "Package Release ${{ github.ref_name }}"
on:
push:
tags:
- "*"
jobs:
build-pecl:
environment: release
name: "Create PECL package"
runs-on: "ubuntu-latest"
permissions:
id-token: write
steps:
- name: "Create temporary app token"
uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
- name: "Store GitHub token in environment"
run: echo "GH_TOKEN=${{ steps.app-token.outputs.token }}" >> "$GITHUB_ENV"
shell: bash
- name: "Checkout"
uses: "actions/checkout@v4"
with:
# Manually specify a ref. When actions/checkout is run for a tag without a ref, it looks up the underlying
# commit and specifically fetches this to the refs/tags/<tag> ref, which denies us access to the tag message
ref: ${{ github.ref }}
submodules: true
- name: "Set up drivers-github-tools"
uses: mongodb-labs/drivers-github-tools/setup@v2
with:
aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
aws_region_name: ${{ vars.AWS_REGION_NAME }}
aws_secret_id: ${{ secrets.AWS_SECRET_ID }}
- name: "Build Driver"
uses: ./.github/actions/linux/build
with:
version: "8.3"
- name: "Write changelog file for packaging"
run: git tag -l ${{ github.ref_name }} --format='%(contents)' > changelog
# This will fill in the release notes from the previously generated changelog
- name: "Build package.xml"
run: "make package.xml RELEASE_NOTES_FILE=$(pwd)/changelog"
- name: "Build release archive"
run: "make package"
# PECL always uses the version for the package name.
# Read it from the version file and store in env to use when uploading artifacts
- name: "Read current package version"
run: |
PACKAGE_VERSION=$(./bin/update-release-version.php get-version)
echo "PACKAGE_VERSION=${PACKAGE_VERSION}" >> "$GITHUB_ENV"
echo "PACKAGE_FILE=mongodb-${PACKAGE_VERSION}.tgz" >> "$GITHUB_ENV"
- name: "Create detached signature for PECL package"
uses: mongodb-labs/drivers-github-tools/gpg-sign@v2
with:
filenames: ${{ env.PACKAGE_FILE }}
- name: "Install release archive to verify correctness"
run: sudo pecl install ${{ env.PACKAGE_FILE }}
# Copy the signature file from the release asset directory to avoid directory issues in the ZIP file
# This can be removed once we're no longer uploading build artifacts
- name: "Copy signature file"
run: cp ${RELEASE_ASSETS}/${{ env.PACKAGE_FILE }}.sig .
- name: "Upload artifacts"
uses: actions/upload-artifact@v4
with:
name: ${{ env.PACKAGE_FILE }}
path: |
${{ env.PACKAGE_FILE }}
${{ env.PACKAGE_FILE }}.sig
retention-days: 3
- name: "Upload release artifacts"
run: gh release upload ${{ github.ref_name }} ${{ env.PACKAGE_FILE }} ${{ env.PACKAGE_FILE }}.sig
continue-on-error: true
build-windows:
name: "Create Windows package"
# windows-latest is required to use enableCrossOsArchive with Ubuntu in the
# next step. See https://github.com/actions/cache/blob/main/tips-and-workarounds.md#cross-os-cache
runs-on: windows-latest
defaults:
run:
shell: cmd
strategy:
fail-fast: false
matrix:
# Note: keep this in sync with the Windows matrix in windows-tests.yml
php: [ "7.4", "8.0", "8.1", "8.2", "8.3" ]
arch: [ x64, x86 ]
ts: [ ts, nts ]
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: "Build Driver"
id: build-driver
uses: ./.github/actions/windows/build
with:
version: ${{ matrix.php }}
arch: ${{ matrix.arch }}
ts: ${{ matrix.ts }}
- name: "Copy DLL and PDB files to CWD"
run: |
cp %BUILD_DIR%\php_mongodb.dll .
cp %BUILD_DIR%\php_mongodb.pdb .
env:
BUILD_DIR: ${{ steps.build-driver.outputs.build-dir }}
- name: "Cache build artifacts for subsequent builds"
uses: actions/cache/save@v4
with:
key: ${{ github.sha }}-${{ matrix.php }}-${{ matrix.ts }}-${{ matrix.arch }}
enableCrossOsArchive: true
path: |
php_mongodb.dll
php_mongodb.pdb
sign-and-publish-windows:
environment: release
name: "Sign and Publish Windows package"
needs: [build-windows]
# ubuntu-latest is required to use enableCrossOsArchive
# See https://github.com/actions/cache/blob/main/tips-and-workarounds.md#cross-os-cache
runs-on: "ubuntu-latest"
permissions:
id-token: write
strategy:
fail-fast: false
matrix:
# Note: keep this in sync with the Windows matrix in windows-tests.yml
php: [ "7.4", "8.0", "8.1", "8.2", "8.3" ]
arch: [ x64, x86 ]
ts: [ ts, nts ]
steps:
- name: "Create temporary app token"
uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
- name: "Store GitHub token in environment"
run: echo "GH_TOKEN=${{ steps.app-token.outputs.token }}" >> "$GITHUB_ENV"
shell: bash
- uses: actions/checkout@v4
- name: "Set up drivers-github-tools"
uses: mongodb-labs/drivers-github-tools/setup@v2
with:
aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
aws_region_name: ${{ vars.AWS_REGION_NAME }}
aws_secret_id: ${{ secrets.AWS_SECRET_ID }}
- name: Restore cached build artifacts
id: cache-build-artifacts
uses: actions/cache/restore@v4
with:
fail-on-cache-miss: true
key: ${{ github.sha }}-${{ matrix.php }}-${{ matrix.ts }}-${{ matrix.arch }}
enableCrossOsArchive: true
path: |
php_mongodb.dll
php_mongodb.pdb
- name: "Create detached DLL signature"
uses: mongodb-labs/drivers-github-tools/gpg-sign@v2
with:
filenames: php_mongodb.dll
# Copy the signature file from the release asset directory to avoid directory issues in the ZIP file
- name: "Copy signature file"
run: cp ${RELEASE_ASSETS}/php_mongodb.dll.sig .
- name: "Upload DLL and PDB files as build artifacts"
uses: actions/upload-artifact@v4
with:
name: php_mongodb-${{ github.ref_name }}-${{ matrix.php }}-${{ matrix.ts }}-${{ matrix.arch }}
path: |
php_mongodb.dll
php_mongodb.dll.sig
php_mongodb.pdb
CREDITS
CONTRIBUTING.md
LICENSE
README.md
THIRD_PARTY_NOTICES
retention-days: 3
- name: "Create and upload release artifact"
run: |
ARCHIVE=php_mongodb-${{ github.ref_name }}-${{ matrix.php }}-${{ matrix.ts }}-${{ matrix.arch }}.zip
zip ${ARCHIVE} php_mongodb.dll php_mongodb.dll.sig php_mongodb.pdb CREDITS CONTRIBUTING.md LICENSE README.md THIRD_PARTY_NOTICES
gh release upload ${{ github.ref_name }} ${ARCHIVE}
continue-on-error: true