Build Binaries and Deploy #50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build Binaries and Deploy | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: "Version number" | |
required: true | |
type: string | |
defaults: | |
run: | |
working-directory: ./backend | |
jobs: | |
build-and-deploy: | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: | |
arch: [x64, arm64] | |
os: [linux] | |
include: | |
- os: linux | |
target: node20-linux | |
- os: win | |
target: node20-win | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 20 | |
- name: Set up QEMU | |
if: matrix.arch == 'arm64' && matrix.os == 'linux' | |
uses: docker/setup-qemu-action@v2 | |
- name: Install dependencies and build (x64) | |
if: matrix.arch == 'x64' | |
run: | | |
npm install | |
npm install --prefix ../frontend | |
npm run binary:build | |
- name: Install dependencies and build (arm64) | |
if: matrix.arch == 'arm64' && matrix.os == 'linux' | |
run: | | |
docker run --rm -v ${{ github.workspace }}:/workspace --platform linux/arm64 node:20 bash -c " | |
cd /workspace/backend && npm install && | |
cd /workspace/frontend && npm install && npm run build && | |
cd /workspace/backend && npm run binary:build | |
" | |
- name: Install pkg | |
run: npm install -g @yao-pkg/pkg | |
- name: Package into node binary (x64) | |
if: matrix.arch == 'x64' | |
run: | | |
if [ "${{ matrix.os }}" != "linux" ]; then | |
pkg --no-bytecode --public-packages "*" --public --compress Brotli --target ${{ matrix.target }}-${{ matrix.arch }} --output ./binary/infisical-core-${{ matrix.os }}-${{ matrix.arch }} . | |
else | |
pkg --no-bytecode --public-packages "*" --public --compress Brotli --target ${{ matrix.target }}-${{ matrix.arch }} --output ./binary/infisical-core . | |
fi | |
- name: Package into node binary (arm64) | |
if: matrix.arch == 'arm64' && matrix.os == 'linux' | |
run: | | |
docker run --rm -v ${{ github.workspace }}:/workspace --platform linux/arm64 node:20 bash -c " | |
cd /workspace/backend && | |
npm install -g @yao-pkg/pkg && | |
pkg --no-bytecode --public-packages '*' --public --compress Brotli --target ${{ matrix.target }}-${{ matrix.arch }} --output ./binary/infisical-core . | |
" | |
# Set up .deb package structure (Debian/Ubuntu only) | |
- name: Set up .deb package structure | |
if: matrix.os == 'linux' | |
run: | | |
mkdir -p infisical-core/DEBIAN | |
mkdir -p infisical-core/usr/local/bin | |
cp ./binary/infisical-core infisical-core/usr/local/bin/ | |
chmod +x infisical-core/usr/local/bin/infisical-core | |
- name: Create control file | |
if: matrix.os == 'linux' | |
run: | | |
cat <<EOF > infisical-core/DEBIAN/control | |
Package: infisical-core | |
Version: ${{ github.event.inputs.version }} | |
Section: base | |
Priority: optional | |
Architecture: ${{ matrix.arch == 'x64' && 'amd64' || matrix.arch }} | |
Maintainer: Infisical <daniel@infisical.com> | |
Description: Infisical Core standalone executable (app.infisical.com) | |
EOF | |
# Build .deb file (Debian/Ubunutu only) | |
- name: Build .deb package | |
if: matrix.os == 'linux' | |
run: | | |
dpkg-deb --build infisical-core | |
mv infisical-core.deb ./binary/infisical-core-${{matrix.arch}}.deb | |
- uses: actions/setup-python@v4 | |
- run: pip install --upgrade cloudsmith-cli | |
# Publish .deb file to Cloudsmith (Debian/Ubuntu only) | |
- name: Publish to Cloudsmith (Debian/Ubuntu) | |
if: matrix.os == 'linux' && matrix.arch == 'TEMP_DISABLED' | |
working-directory: ./backend | |
run: cloudsmith push deb --republish --no-wait-for-sync --api-key=${{ secrets.CLOUDSMITH_API_KEY }} infisical/infisical-core/any-distro/any-version ./binary/infisical-core-${{ matrix.arch }}.deb | |
# Publish .exe file to Cloudsmith (Windows only) | |
- name: Publish to Cloudsmith (Windows) | |
if: matrix.os == 'win' && matrix.arch == 'TEMP_DISABLED' | |
working-directory: ./backend | |
run: cloudsmith push raw infisical/infisical-core ./binary/infisical-core-${{ matrix.os }}-${{ matrix.arch }}.exe --republish --no-wait-for-sync --version ${{ github.event.inputs.version }} --api-key ${{ secrets.CLOUDSMITH_API_KEY }} | |
- uses: actions/upload-artifact@v4 | |
if: matrix.os == 'linux' && matrix.arch == 'arm64' | |
with: | |
name: test-binary | |
path: ./backend/binary/infisical-core-${{ matrix.os }}-${{ matrix.arch }}.deb |