[CI] Forgejo Actions based release process (squash) doc / ca / verbosity
- Document workflow - Increase verbosity if VERBOSE=true - Download the Certificate Authority if behind the VPN (cherry picked from commit 168d5d586904835762d213b2b8815b458a38c78f) (cherry picked from commit d6784841599f2f52b7f551b9d91293dfa008a4b0) (cherry picked from commit 1c7698055adfd08b7690ea98b31fd97a384255d9)
This commit is contained in:
parent
4085181bd9
commit
574e6e205b
2 changed files with 47 additions and 6 deletions
|
@ -5,30 +5,33 @@ description: |
|
||||||
|
|
||||||
inputs:
|
inputs:
|
||||||
forgejo:
|
forgejo:
|
||||||
description: 'URL of the Forgejo instance where the release is uploaded'
|
description: 'URL of the Forgejo instance where the release is uploaded (e.g. https://codeberg.org)'
|
||||||
required: true
|
required: true
|
||||||
from-owner:
|
from-owner:
|
||||||
description: 'the owner from which a release is to be copied'
|
description: 'the owner from which a release is to be copied (e.g forgejo-integration)'
|
||||||
required: true
|
required: true
|
||||||
to-owner:
|
to-owner:
|
||||||
description: 'the owner to which a release is to be copied'
|
description: 'the owner to which a release is to be copied (e.g. forgejo-experimental). It has be an organization in which doer has the required permissions. Or be the same as the doer'
|
||||||
required: true
|
required: true
|
||||||
repo:
|
repo:
|
||||||
description: 'the repository from which a release is to be copied relative to from-owner and to-owner'
|
description: 'the repository from which a release is to be copied relative to from-owner and to-owner'
|
||||||
default: 'forgejo'
|
default: 'forgejo'
|
||||||
ref-name:
|
ref-name:
|
||||||
description: 'ref_name of the tag of the release to be copied'
|
description: 'ref_name of the tag of the release to be copied (e.g. github.ref_name)'
|
||||||
required: true
|
required: true
|
||||||
doer:
|
doer:
|
||||||
description: 'Name of the user authoring the release'
|
description: 'Name of the user authoring the release (e.g. release-team). The user must be authorized to create packages in to-owner and releases in to-owner/repo'
|
||||||
required: true
|
required: true
|
||||||
token:
|
token:
|
||||||
description: 'application token on FORGEJO with permission to the repository and the packages'
|
description: 'application token created on forgejo by the doer, with a scope allowing it to create packages in to-owner and releases in to-owner/repo'
|
||||||
required: true
|
required: true
|
||||||
gpg-private-key:
|
gpg-private-key:
|
||||||
description: 'GPG Private Key to sign the release artifacts'
|
description: 'GPG Private Key to sign the release artifacts'
|
||||||
gpg-passphrase:
|
gpg-passphrase:
|
||||||
description: 'Passphrase of the GPG Private Key'
|
description: 'Passphrase of the GPG Private Key'
|
||||||
|
verbose:
|
||||||
|
description: 'Increase the verbosity level'
|
||||||
|
default: 'false'
|
||||||
|
|
||||||
runs:
|
runs:
|
||||||
using: "composite"
|
using: "composite"
|
||||||
|
@ -59,6 +62,7 @@ runs:
|
||||||
release-dir: release
|
release-dir: release
|
||||||
download-retry: 60
|
download-retry: 60
|
||||||
token: ${{ inputs.token }}
|
token: ${{ inputs.token }}
|
||||||
|
verbose: ${{ inputs.verbose }}
|
||||||
|
|
||||||
- name: upload release
|
- name: upload release
|
||||||
uses: https://code.forgejo.org/actions/forgejo-release@v1
|
uses: https://code.forgejo.org/actions/forgejo-release@v1
|
||||||
|
@ -71,6 +75,7 @@ runs:
|
||||||
token: ${{ inputs.token }}
|
token: ${{ inputs.token }}
|
||||||
gpg-private-key: ${{ inputs.gpg-private-key }}
|
gpg-private-key: ${{ inputs.gpg-private-key }}
|
||||||
gpg-passphrase: ${{ inputs.gpg-passphrase }}
|
gpg-passphrase: ${{ inputs.gpg-passphrase }}
|
||||||
|
verbose: ${{ inputs.verbose }}
|
||||||
|
|
||||||
- name: login to the registry
|
- name: login to the registry
|
||||||
uses: https://github.com/docker/login-action@v2
|
uses: https://github.com/docker/login-action@v2
|
||||||
|
@ -91,3 +96,4 @@ runs:
|
||||||
tag: ${{ steps.tag-version.outputs.value }}
|
tag: ${{ steps.tag-version.outputs.value }}
|
||||||
doer: ${{ inputs.doer }}
|
doer: ${{ inputs.doer }}
|
||||||
token: ${{ inputs.token }}
|
token: ${{ inputs.token }}
|
||||||
|
verbose: ${{ inputs.verbose }}
|
||||||
|
|
|
@ -1,4 +1,31 @@
|
||||||
# SPDX-License-Identifier: MIT
|
# SPDX-License-Identifier: MIT
|
||||||
|
#
|
||||||
|
# See also https://forgejo.org/docs/next/developer/RELEASE/#release-process
|
||||||
|
#
|
||||||
|
# https://codeberg.org/forgejo-experimental/forgejo
|
||||||
|
#
|
||||||
|
# Copies a release from codeberg.org/forgejo-integration to codeberg.org/forgejo-experimental
|
||||||
|
#
|
||||||
|
# ROLE: forgejo-experimental
|
||||||
|
# FORGEJO: https://codeberg.org
|
||||||
|
# FROM_OWNER: forgejo-integration
|
||||||
|
# TO_OWNER: forgejo-experimental
|
||||||
|
# DOER: forgejo-experimental-ci
|
||||||
|
# TOKEN: <generated from codeberg.org/forgejo-experimental-ci>
|
||||||
|
#
|
||||||
|
# https://forgejo.octopuce.forgejo.org/forgejo/forgejo
|
||||||
|
#
|
||||||
|
# Copies & sign a release from codeberg.org/forgejo-integration to codeberg.org/forgejo
|
||||||
|
#
|
||||||
|
# ROLE: forgejo-release
|
||||||
|
# FORGEJO: https://codeberg.org
|
||||||
|
# FROM_OWNER: forgejo-integration
|
||||||
|
# TO_OWNER: forgejo
|
||||||
|
# DOER: release-team
|
||||||
|
# TOKEN: <generated from codeberg.org/release-team>
|
||||||
|
# GPG_PRIVATE_KEY: <XYZ>
|
||||||
|
# GPG_PASSPHRASE: <ABC>
|
||||||
|
#
|
||||||
name: Pubish release
|
name: Pubish release
|
||||||
|
|
||||||
on:
|
on:
|
||||||
|
@ -10,6 +37,13 @@ jobs:
|
||||||
runs-on: self-hosted
|
runs-on: self-hosted
|
||||||
if: secrets.DOER != '' && secrets.FORGEJO != '' && secrets.TO_OWNER != '' && secrets.FROM_OWNER != '' && secrets.TOKEN != ''
|
if: secrets.DOER != '' && secrets.FORGEJO != '' && secrets.TO_OWNER != '' && secrets.FROM_OWNER != '' && secrets.TOKEN != ''
|
||||||
steps:
|
steps:
|
||||||
|
- name: install the certificate authority
|
||||||
|
if: secrets.ROLE == 'forgejo-release'
|
||||||
|
run: |
|
||||||
|
apt-get install -qq -y wget
|
||||||
|
wget --no-check-certificate -O /usr/local/share/ca-certificates/enough.crt https://forgejo.octopuce.forgejo.org/forgejo/enough/raw/branch/main/certs/2023-05-13/ca.crt
|
||||||
|
update-ca-certificates --fresh
|
||||||
|
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
|
|
||||||
- name: copy & sign binaries and container images from one owner to another
|
- name: copy & sign binaries and container images from one owner to another
|
||||||
|
@ -23,3 +57,4 @@ jobs:
|
||||||
token: ${{ secrets.TOKEN }}
|
token: ${{ secrets.TOKEN }}
|
||||||
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
|
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
|
||||||
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
|
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
|
||||||
|
verbose: ${{ secrets.VERBOSE }}
|
||||||
|
|
Loading…
Reference in a new issue