pezkuwichain/pezkuwi-subxt
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-subxt.git synced 2026-04-22 21:58:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5754de6ad30c4e2c9bef3b1b6d75b0c4d2d5eaaa
pezkuwi-subxt/.github/workflows/release-50_docker.yml
T
dependabot[bot] b42855d892 Bump actions/checkout from 3.5.1 to 3.5.2 (#2452) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.1 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/83b7061638ee4956cf7545a6f7efe594e5ad0247...8e5e7e5ab8b370d6c329ec480221332ada57f0ab)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-14 11:25:54 +00:00

134 lines
4.3 KiB
YAML
Raw Blame History

name: Release - Docker
# This workflow listens to pubished releases.
# It includes releases and pre-releases.
# It fetches the binaries, checks sha256 and GPG
# signatures, then builds an injected docker
# image and publishes it.
on:
release:
types:
- published
jobs:
docker_build_publish:
env:
BINARY: polkadot-parachain
TMP: tmp
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
ref: ${{ github.event.release.tag_name }}
- name: Prepare temp folder
run: |
mkdir ${TMP}
ls -al
- name: Fetch files from release
working-directory: ${{ env.TMP }}
run: |
echo "Repo: ${{ github.event.repository.full_name }}"
echo "Name: ${{ github.event.release.name }}"
echo "Tag: ${{ github.event.release.tag_name }}"
echo "Draft: ${{ github.event.release.draft }}"
echo "Prerelease: ${{ github.event.release.prerelease }}"
echo "Assets: ${{ github.event.release.assets }}"
for f in $BINARY $BINARY.asc $BINARY.sha256; do
URL="https://github.com/${{ github.event.repository.full_name }}/releases/download/${{ github.event.release.tag_name }}/$f"
echo " - Fetching $f from $URL"
wget "$URL" -O "$f"
done
chmod a+x $BINARY
ls -al
- name: Check files
working-directory: ${{ env.TMP }}
run: |
ls -al *$BINARY*
shasum -a 256 -c $BINARY.sha256
sha_result=$?
KEY_PARITY_SEC=9D4B2B6EB8F97156D19669A9FF0812D491B96798
KEY_CHEVDOR=2835EAF92072BC01D188AF2C4A092B93E97CE1E2
KEYSERVER=keyserver.ubuntu.com
gpg --keyserver $KEYSERVER --receive-keys $KEY_PARITY_SEC
if [[ ${{ github.event.release.prerelease }} == "true" ]]; then
gpg --keyserver $KEYSERVER --receive-keys $KEY_CHEVDOR
fi
gpg --verify $BINARY.asc
gpg_result=$?
echo sha_result: $sha_result
echo gpg_result: $gpg_result
# If it fails, it would fail earlier but a second check
# does not hurt in case of refactoring...
if [[ $sha_result -ne 0 || $gpg_result -ne 0 ]]; then
echo "Check failed, exiting with error"
exit 1
else
echo "Checks passed"
fi
- name: Build injected image
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_ORG: parity
run: |
export OWNER=$DOCKERHUB_ORG
mkdir -p target/release
cp -f ${TMP}/$BINARY* target/release/
./docker/scripts/build-injected-image.sh
- name: Login to Dockerhub
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Tag and Publish
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_ORG: parity
run: |
docker run --pull never --rm $DOCKERHUB_ORG/$BINARY --version
VERSION=$(docker run --pull never --rm $DOCKERHUB_ORG/$BINARY --version | awk '{ print $2 }' )
SEMVER=$( echo $VERSION | cut -f1 -d- )
GITREF=$( echo $VERSION | cut -f2 -d- )
PRE=${{ github.event.release.prerelease }}
PRE_STR=""
echo "SEMVER=$SEMVER"
echo "GITREF=$GITREF"
echo "PRE=$PRE"
# Build a tag such as:
# 1.2.3-8a1201273 or
# 1.2.3-pre-8a1201273 for pre-releases
[[ $PRE == "true" ]] && PRE_STR="-pre"
TAG=${SEMVER}${PRE_STR}-${GITREF}
echo "PRE_STR=$PRE_STR"
echo "TAG=$TAG"
docker tag $DOCKERHUB_ORG/$BINARY $DOCKERHUB_ORG/$BINARY:$TAG
docker push $DOCKERHUB_ORG/$BINARY:$TAG
if [[ $PRE != "true" ]]; then
docker tag $DOCKERHUB_ORG/$BINARY $DOCKERHUB_ORG/$BINARY:latest
docker tag $DOCKERHUB_ORG/$BINARY $DOCKERHUB_ORG/$BINARY:$SEMVER
docker push $DOCKERHUB_ORG/$BINARY:latest
docker push $DOCKERHUB_ORG/$BINARY:$SEMVER
fi
docker images | grep $DOCKERHUB_ORG/$BINARY
Reference in New Issue View Git Blame Copy Permalink