chore(influxdb tls + mqtt tls): Use built-in certification bundle for server verification #477
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Release | |
on: | |
push: | |
pull_request: | |
jobs: | |
######################################################################################### | |
## Create release - PART 1: Prepare Release PR / Create release tag | |
# | |
# Use of release-please action to create a 'Release PR' which gets maintained automatically. | |
# After merging the 'Release PR', a new tag and release is getting created. | |
######################################################################################### | |
prepare-release: | |
runs-on: ubuntu-latest | |
outputs: | |
release_created: ${{ steps.release.outputs.release_created }} | |
upload_url: ${{ steps.release.outputs.upload_url }} | |
version: "${{steps.release.outputs.major}}.${{steps.release.outputs.minor}}.${{steps.release.outputs.patch}}" | |
tag_name: ${{ steps.release.outputs.tag_name }} | |
steps: | |
- uses: googleapis/release-please-action@v4 | |
id: release | |
with: | |
target-branch: develop | |
config-file: .release-please-config.json | |
manifest-file: .release-please-manifest.json | |
######################################################################################### | |
## Build Firmware | |
# | |
# Build firmware and create artifact packages | |
######################################################################################### | |
build: | |
runs-on: ubuntu-latest | |
needs: [prepare-release] | |
strategy: | |
fail-fast: false | |
matrix: | |
plat: | |
- esp32cam | |
- xiao-esp32s3-sense | |
steps: | |
- name: Checkout branch | |
if: ${{ ! needs.prepare-release.outputs.release_created }} | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Checkout tag # checkout tagged version when build a release for this tag | |
if: ${{ needs.prepare-release.outputs.release_created }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.prepare-release.outputs.tag_name }} | |
submodules: recursive | |
- name: Set variables | |
id: vars | |
run: | | |
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
echo "branch=$(echo ${{ github.ref_name }} | tr / __)" >> $GITHUB_OUTPUT | |
- name: Cache pip & platformIO cache files | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cache/pip | |
~/.platformio/.cache | |
key: platformio-${{ github.run_id }} | |
restore-keys: platformio # This matches above key as it is only used as a prefix. It restores the nearest cache | |
- name: Cache PIO build files | |
if: ${{ ! needs.prepare-release.outputs.release_created }} # do not use cached data when building a release | |
uses: actions/cache@v4 | |
with: | |
path: ./code/.pio | |
key: build-${{ matrix.plat }}-${{ github.run_id }} | |
restore-keys: build-${{ matrix.plat }} # This matches above key as it is only used as a prefix. It restores the nearest cache | |
- name: Setup python environment | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.11' | |
- name: Install PlatformIO environment | |
run: | | |
python -m pip install --upgrade pip | |
pip install --upgrade platformio | |
- name: Build firmware | |
run: cd code; platformio run -e ${{ matrix.plat }} | |
- name: Prepare WebUI (Generate parameter tooltips, API docs and update hash) | |
run: | | |
python -m pip install markdown | |
python ./tools/parameter-tooltip-generator/generate-param-doc-tooltips.py | |
python ./tools/docs-generator/generate-api-docs.py | |
rm -rf ./html | |
mkdir ./html | |
cp -r ./sd-card/html/* ./html/ | |
echo "Update hash..." | |
cd ./html; find . -type f -exec sed -i 's/$COMMIT_HASH/${{ steps.vars.outputs.sha_short }}/g' {} \; | |
######################################################################################### | |
## Create firmware package | |
# - Inital flashing using web installer, device's access point or serial console | |
# - OTA update using WebUI | |
# | |
# Package contents: | |
# - Firmware binaries (firmware.bin, partitions.bin, bootloader.bin) | |
# - WebUI Files (/html/* (inkl. subfolders)) | |
# - Config Files (/config/templates/*, /config/models/*.tflite) | |
######################################################################################### | |
- name: Firmware package - Prepare artifact | |
run: | | |
rm -rf ./artifact | |
mkdir -p ./artifact | |
cp -f "./code/.pio/build/${{ matrix.plat }}/firmware.bin" "./artifact/firmware.bin" | |
cp -f "./code/.pio/build/${{ matrix.plat }}/bootloader.bin" "./artifact/bootloader.bin" | |
cp -f "./code/.pio/build/${{ matrix.plat }}/partitions.bin" "./artifact/partitions.bin" | |
cp -f "./docs/Installation/Firmware/${{ matrix.plat }}.md" "./artifact/readme.md" | |
cp -r ./html ./artifact/ | |
rm -rf ./artifact/config/ | |
mkdir -p ./artifact/config | |
mkdir -p ./artifact/config/templates | |
mkdir -p ./artifact/config/models | |
cp ./sd-card/config/templates/* ./artifact/config/templates/ 2>/dev/null || true | |
cp ./sd-card/config/models/*.tfl ./artifact/config/models/ 2>/dev/null || true | |
cp ./sd-card/config/models/*.tflite ./artifact/config/models/ 2>/dev/null || true | |
- name: Firmware package - Upload artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: "AI-on-the-edge-device__${{ matrix.plat }}__SLFork_${{ steps.vars.outputs.branch }}_${{ steps.vars.outputs.sha_short }}" | |
path: ./artifact | |
######################################################################################### | |
## Create package with additional files for debugging purpose | |
# | |
# Package contents: | |
# - firmware.elf | |
# - sdkconfig.${{ matrix.plat }} | |
######################################################################################### | |
- name: Debug files package - Prepare artifact | |
run: | | |
rm -rf ./debug | |
mkdir -p ./debug | |
cp -f "./code/.pio/build/${{ matrix.plat }}/firmware.elf" "debug/firmware.elf" | |
cp -f "./code/sdkconfig.${{ matrix.plat }}" "debug/sdkconfig.${{ matrix.plat }}" | |
- name: Debug files package - Upload artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: "AI-on-the-edge-device__${{ matrix.plat }}__debug-files__SLFork_${{ steps.vars.outputs.branch }}_${{ steps.vars.outputs.sha_short }}" | |
path: ./debug | |
######################################################################################### | |
## Create release - PART 2: Upload release related artifacts | |
# | |
# Artifacts will gets uploaded to newly created release tag. | |
######################################################################################### | |
upload-release-artifacts: | |
runs-on: ubuntu-latest | |
outputs: | |
branch: ${{ steps.vars.outputs.branch }} | |
sha_short: ${{ steps.vars.outputs.sha_short }} | |
needs: [prepare-release, build] | |
if: ${{ needs.prepare-release.outputs.release_created }} | |
strategy: | |
fail-fast: false | |
matrix: | |
plat: | |
- esp32cam | |
- xiao-esp32s3-sense | |
# Sets permissions of the GITHUB_TOKEN to allow downloading artifacts | |
permissions: | |
actions: read | |
contents: write | |
steps: | |
- name: Checkout tag | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.prepare-release.outputs.tag_name }} | |
- name: Set variables | |
id: vars | |
run: | | |
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
echo "branch=$(echo ${{ github.ref_name }} | tr / __)" >> $GITHUB_OUTPUT | |
- name: Pull artifacts | |
uses: actions/download-artifact@v4 | |
- name: Prepare artifacts for release | |
run: | | |
rm -rf release | |
mkdir -p release | |
cd "AI-on-the-edge-device__${{ matrix.plat }}__SLFork_${{ steps.vars.outputs.branch }}_${{ steps.vars.outputs.sha_short }}" | |
zip -r ../release/AI-on-the-edge-device__${{ matrix.plat }}__SLFork_v${{ needs.prepare-release.outputs.version }}.zip * | |
cd .. | |
cd "AI-on-the-edge-device__${{ matrix.plat }}__debug-files__SLFork_${{ steps.vars.outputs.branch }}_${{ steps.vars.outputs.sha_short }}" | |
zip -r ../release/AI-on-the-edge-device__${{ matrix.plat }}__debug-files__SLFork_v${{ needs.prepare-release.outputs.version }}.zip * | |
cd .. | |
- name: Upload artifacts to release tag | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | |
gh release upload ${{ needs.prepare-release.outputs.tag_name }} release/* | |
######################################################################################### | |
## Update web installer (branch: gh-pages-webinstaller) | |
# | |
# Firmware files are commited to branch gh-pages-webinstaller | |
######################################################################################### | |
update-webinstaller: | |
runs-on: ubuntu-latest | |
needs: [prepare-release, build, upload-release-artifacts] | |
if: ${{ needs.prepare-release.outputs.release_created }} | |
strategy: | |
max-parallel: 1 | |
fail-fast: false | |
matrix: | |
plat: | |
- esp32cam | |
- xiao-esp32s3-sense | |
# Sets permissions of the GITHUB_TOKEN to allow downloading artifacts | |
permissions: | |
actions: read | |
contents: write | |
steps: | |
- name: Checkout branch gh-pages-webinstaller | |
uses: actions/checkout@v4 | |
with: | |
ref: gh-pages-webinstaller | |
- name: Pull artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: "AI-on-the-edge-device__${{ matrix.plat }}__SLFork_${{ needs.upload-release-artifacts.outputs.branch }}_${{ needs.upload-release-artifacts.outputs.sha_short }}" | |
path: './artifacts/' | |
- name: Prepare data | |
run: | | |
echo "Updating files ..." | |
cd ./artifacts | |
ls | |
cd .. | |
cp -f ./artifacts/bootloader.bin ./firmware/${{ matrix.plat }}/bootloader.bin | |
cp -f ./artifacts/partitions.bin ./firmware/${{ matrix.plat }}/partitions.bin | |
cp -f ./artifacts/firmware.bin ./firmware/${{ matrix.plat }}/firmware.bin | |
echo "Updating version strings (index.html, manifest) ..." | |
sed -i -E 's/Firmware: .*./\Firmware: <b\>${{ needs.prepare-release.outputs.tag_name }}\<\/b\>/g' index.html | |
sed -i -E 's/"version":.*.,/"version": "${{ needs.prepare-release.outputs.tag_name }}",/g' manifest_${{ matrix.plat }}.json | |
- name: Commit data to branch gh-pages-webinstaller | |
shell: pwsh | |
run: | | |
& git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
& git config --local user.name "github-actions[bot]" | |
& git add . | |
& git diff HEAD --exit-code | Out-Null | |
if ($LASTEXITCODE -ne 0) | |
{ | |
& git commit -m "${{ matrix.plat }}: Update firmware files to ${{ needs.prepare-release.outputs.tag_name }}" | |
& git push | |
} |