-
Notifications
You must be signed in to change notification settings - Fork 0
111 lines (99 loc) · 4.39 KB
/
nightly.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
name: Client Tools nightly build
on:
workflow_dispatch:
inputs:
nightly-id:
description: "ID to use for the build in place of YYYYMMDD"
required: true
type: string
schedule:
# Keep this during US working hours, but ideally within EU too.
# * Note that the cron spec is interpreted as being in UTC.
# * The USA East Coast is either 5 or 4 hours behind UTC.
# * Poland uses Central European Time, so is either 1 or 2 hours ahead of UTC.
# * So if we pick around 14:30ish UTC, that's at latest 4.30pm Poland, at soonest 9.30am New York.
# Definitely not a "nightly", more like "daily", but this works for being able to sensibly alert without shenanigans when things go wrong.
- cron: "33 14 * * *"
permissions:
# Control the GITHUB_TOKEN permissions.
# By having this block, all permissions not listed here are set to none.
# Available permissions listed at:
# <https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token>
# Which API calls need which permissions at what level, listed at:
# <https://docs.github.com/en/rest/reference/permissions-required-for-github-apps>
#
contents: read
jobs:
nightly_release:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
# NB: the `fetch-depth: 0` setting is documented by goreleaser
# as a requirement, for the changelog feature to work correctly.
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v5
# v5 over v4 updates the Node runtime from node16 to node20.
with:
# This should be quoted or use .x, but should not be unquoted.
# Remember that a YAML bare float drops trailing zeroes.
go-version: '1.23'
check-latest: true
# As of v3 of this action, we could also use `go-version-file: # go.mod`
# and get the version from there, but that is semantically wrong: the
# version in the go.mod is the version of the compiler we're
# compatible to, and might often be one version behind current.
- name: Install GoReleaser
id: goreleaser-install
uses: goreleaser/goreleaser-action@v6
with:
distribution: goreleaser-pro
version: "~> v2"
install-only: true
- name: Install cosign
id: cosign-install
uses: sigstore/cosign-installer@main
# As of actions/setup-go@v4, go modules and build outputs are cached by default.
# Prior to the update to use that, we used actions/cache@v3 here for a step:
# name: Setup caching of Go modules and packages
- name: Run nightlies build-and-release tool (if scheduled)
id: build-cron
if: ${{ github.event_name == 'schedule' }}
run: |
./build-nightlies.sh
env:
CLOUDFLARE_AUTH_TOKEN: ${{ secrets.CLOUDFLARE_AUTH_TOKEN }}
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NIGHTLY_SIGNING_KEY_COSIGN: ${{ secrets.NIGHTLY_SIGNING_KEY_COSIGN }}
NIGHTLY_SIGNING_KEY_SSH: ${{ secrets.NIGHTLY_SIGNING_KEY_SSH }}
- name: Run manual build-and-release tool (if manual trigger)
id: build-manual
if: ${{ github.event_name == 'workflow_dispatch' }}
run: |
./build-nightlies.sh
env:
CLOUDFLARE_AUTH_TOKEN: ${{ secrets.CLOUDFLARE_AUTH_TOKEN }}
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NIGHTLY_SIGNING_KEY_COSIGN: ${{ secrets.NIGHTLY_SIGNING_KEY_COSIGN }}
NIGHTLY_SIGNING_KEY_SSH: ${{ secrets.NIGHTLY_SIGNING_KEY_SSH }}
#
NIGHTLY_DATE: ${{ github.event.inputs.nightly-id }}
# NB: IF ADDING HERE, PROBABLY ALSO ADD TO 'schedule' INVOCATION ABOVE
report_build_failure:
if: failure()
runs-on: ubuntu-latest
permissions: {}
needs: [nightly_release]
steps:
- name: Notify Synadia Communications Slack
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_SYNADIA_BUILDS_GITHUB }}
SLACK_USERNAME: "client-tools-nightlies-builder"
SLACK_ICON_EMOJI: ":moon:"
SLACK_COLOR: "#FF0000"
SLACK_MESSAGE: "client-tools nightly release build failed"