pezkuwichain/pezkuwi-subxt
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-subxt.git synced 2026-04-28 14:27:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
569cbab6782afdbfce089dae0f7e50681f6cd072
pezkuwi-subxt/cumulus/.github/workflows/release-50_docker.yml
T
Egor_P 640f5ad5c1 exclude polkadot-parachain.asc and .sha256 from .dockerignore (#3013) (#3017) 
* exclude polkadot-parachain .asc and .sha256 from .dockerignore

* refactor docker image creation GHA



* add debug

* try without quotes

* test action

* add quotes

* fix quotes atumated image publishing GHA

* delete old unused part

---------

Co-authored-by: Chevdor <chevdor@users.noreply.github.com>
2023-08-16 08:26:42 +00:00

155 lines
5.0 KiB
YAML
Raw Blame History

name: Release - Docker
# This workflow listens to pubished releases.
# It includes releases and pre-releases.
# It fetches the binaries, checks sha256 and GPG
# signatures, then builds an injected docker
# image and publishes it.
on:
release:
types:
- published
jobs:
docker_build_publish:
env:
BINARY: polkadot-parachain
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
ref: ${{ github.event.release.tag_name }}
- name: Prepare temp folder
run: |
TMP=$(mktemp -d)
echo "TMP=$TMP" >> "$GITHUB_ENV"
pwd
ls -al "$TMP"
- name: Fetch files from release
working-directory: ${{ env.TMP }}
run: |
echo "Repo: ${{ github.event.repository.full_name }}"
echo "Name: ${{ github.event.release.name }}"
echo "Tag: ${{ github.event.release.tag_name }}"
echo "Draft: ${{ github.event.release.draft }}"
echo "Prerelease: ${{ github.event.release.prerelease }}"
echo "Assets: ${{ github.event.release.assets }}"
for f in $BINARY $BINARY.asc $BINARY.sha256; do
URL="https://github.com/${{ github.event.repository.full_name }}/releases/download/${{ github.event.release.tag_name }}/$f"
echo " - Fetching $f from $URL"
wget "$URL" -O "$f"
done
chmod a+x $BINARY
ls -al
- name: Check SHA256
working-directory: ${{ env.TMP }}
run: |
ls -al *$BINARY*
shasum -a 256 -c $BINARY.sha256
sha_result=$?
echo sha_result: $sha_result
if [[ $sha_result -ne 0 ]]; then
echo "SHA256 check failed, exiting with error"
exit 1
else
echo "SHA256 check passed"
fi
- name: Check GPG
working-directory: ${{ env.TMP }}
run: |
KEY_PARITY_SEC=9D4B2B6EB8F97156D19669A9FF0812D491B96798
KEY_CHEVDOR=2835EAF92072BC01D188AF2C4A092B93E97CE1E2
KEY_EGOR=E6FC4D4782EB0FA64A4903CCDB7D3555DD3932D3
KEYSERVER=keyserver.ubuntu.com
gpg --keyserver $KEYSERVER --receive-keys $KEY_PARITY_SEC
echo -e "5\ny\n" | gpg --no-tty --command-fd 0 --expert --edit-key $KEY_PARITY_SEC trust;
if [[ "${{ github.event.release.prerelease }}" == "true" ]]; then
for key in $KEY_CHEVDOR $KEY_EGOR; do
(
echo "Importing GPG key $key"
gpg --no-tty --quiet --keyserver $GPG_KEYSERVER --recv-keys $key
echo -e "4\ny\n" | gpg --no-tty --command-fd 0 --expert --edit-key $key trust;
) &
done
wait
fi
gpg --no-tty --verify $BINARY.asc
gpg_result=$?
echo gpg_result: $gpg_result
if [[ $gpg_result -ne 0 ]]; then
echo "GPG check failed, exiting with error"
exit 1
else
echo "GPG check passed"
fi
- name: Build injected image
env:
DOCKERHUB_ORG: parity
OWNER: ${{ env.DOCKERHUB_ORG }}
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
IMAGE_NAME: polkadot-parachain
run: |
mkdir -p target/release-artifacts
cp -f ${TMP}/$BINARY* target/release-artifacts/
./docker/scripts/build-injected-image.sh
- name: Login to Dockerhub
uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Tag and Publish
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_ORG: parity
run: |
docker run --pull never --rm $DOCKERHUB_ORG/$BINARY --version
VERSION=$(docker run --pull never --rm $DOCKERHUB_ORG/$BINARY --version | awk '{ print $2 }' )
SEMVER=$( echo $VERSION | cut -f1 -d- )
GITREF=$( echo $VERSION | cut -f2 -d- )
PRE=${{ github.event.release.prerelease }}
PRE_STR=""
echo "SEMVER=$SEMVER"
echo "GITREF=$GITREF"
echo "PRE=$PRE"
# Build a tag such as:
# 1.2.3-8a1201273 or
# 1.2.3-pre-8a1201273 for pre-releases
[[ $PRE == "true" ]] && PRE_STR="-pre"
TAG=${SEMVER}${PRE_STR}-${GITREF}
echo "PRE_STR=$PRE_STR"
echo "TAG=$TAG"
docker tag $DOCKERHUB_ORG/$BINARY $DOCKERHUB_ORG/$BINARY:$TAG
docker push $DOCKERHUB_ORG/$BINARY:$TAG
if [[ $PRE != "true" ]]; then
docker tag $DOCKERHUB_ORG/$BINARY $DOCKERHUB_ORG/$BINARY:latest
docker tag $DOCKERHUB_ORG/$BINARY $DOCKERHUB_ORG/$BINARY:$SEMVER
docker push $DOCKERHUB_ORG/$BINARY:latest
docker push $DOCKERHUB_ORG/$BINARY:$SEMVER
fi
docker images
Reference in New Issue View Git Blame Copy Permalink