fix: set Connected field in node-authed /api/v1/nodes response #125
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - "v*" | |
| concurrency: | |
| group: release | |
| cancel-in-progress: false | |
| permissions: | |
| contents: write | |
| packages: write | |
| pull-requests: write | |
| jobs: | |
| build: | |
| name: Build ${{ matrix.goos }}/${{ matrix.goarch }} | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - goos: linux | |
| goarch: amd64 | |
| suffix: x86_64-unknown-linux-musl | |
| - goos: linux | |
| goarch: arm64 | |
| suffix: aarch64-unknown-linux-gnu | |
| - goos: darwin | |
| goarch: amd64 | |
| suffix: x86_64-apple-darwin | |
| - goos: darwin | |
| goarch: arm64 | |
| suffix: aarch64-apple-darwin | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Build | |
| env: | |
| GOOS: ${{ matrix.goos }} | |
| GOARCH: ${{ matrix.goarch }} | |
| CGO_ENABLED: "0" | |
| run: | | |
| VERSION=${GITHUB_REF_NAME} | |
| go build -ldflags="-s -w -X main.version=${VERSION}" -o "cw-${VERSION}-${{ matrix.suffix }}" ./cmd/cw | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: cw-${{ matrix.suffix }} | |
| path: cw-${{ github.ref_name }}-${{ matrix.suffix }} | |
| release: | |
| name: Create Release | |
| needs: build | |
| runs-on: ubuntu-latest | |
| environment: build | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download all artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: artifacts | |
| merge-multiple: true | |
| - name: Generate checksums | |
| run: | | |
| cd artifacts | |
| sha256sum cw-* > SHA256SUMS | |
| - name: Import GPG key and sign checksums | |
| env: | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| echo "$GPG_PRIVATE_KEY" | gpg --batch --import | |
| cd artifacts | |
| gpg --batch --yes --pinentry-mode loopback \ | |
| --passphrase "$GPG_PASSPHRASE" --armor --detach-sign SHA256SUMS | |
| - name: Create GitHub Release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| # Check if release already exists (avoids duplicate-trigger failures). | |
| if gh release view ${{ github.ref_name }} &>/dev/null; then | |
| echo "Release ${{ github.ref_name }} already exists, uploading assets" | |
| gh release upload ${{ github.ref_name }} artifacts/* --clobber | |
| else | |
| gh release create ${{ github.ref_name }} \ | |
| --title "${{ github.ref_name }}" \ | |
| --generate-notes \ | |
| artifacts/* | |
| fi | |
| helm-publish: | |
| name: Publish Helm Chart | |
| needs: release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Helm | |
| uses: azure/setup-helm@v4 | |
| - name: Log in to GHCR | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login ghcr.io -u ${{ github.actor }} --password-stdin | |
| - name: Package Helm chart | |
| run: | | |
| VERSION=${GITHUB_REF_NAME#v} | |
| sed -i "s/^version:.*/version: ${VERSION}/" charts/codewire-relay/Chart.yaml | |
| sed -i "s/^appVersion:.*/appVersion: \"${VERSION}\"/" charts/codewire-relay/Chart.yaml | |
| helm package charts/codewire-relay/ | |
| - name: Push to OCI registry | |
| run: | | |
| VERSION=${GITHUB_REF_NAME#v} | |
| helm push codewire-relay-${VERSION}.tgz oci://ghcr.io/codewiresh | |
| relay-image: | |
| name: Build & Push Relay Image | |
| needs: release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push relay image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: true | |
| platforms: linux/amd64,linux/arm64 | |
| build-args: | | |
| VERSION=${{ github.ref_name }} | |
| tags: | | |
| ghcr.io/codewiresh/codewire:${{ github.ref_name }} | |
| ghcr.io/codewiresh/codewire:latest | |
| update-homebrew: | |
| name: Update Homebrew Formula | |
| needs: release | |
| runs-on: ubuntu-latest | |
| environment: build | |
| steps: | |
| - name: Trigger homebrew formula update | |
| env: | |
| GH_TOKEN: ${{ secrets.HOMEBREW_TAP_TOKEN }} | |
| run: | | |
| gh workflow run update-formula.yml \ | |
| --repo codewiresh/homebrew-codewire \ | |
| --field version=${{ github.ref_name }} | |
| deb-packages: | |
| name: Build .deb Packages | |
| needs: release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install nfpm | |
| run: go install github.com/goreleaser/nfpm/v2/cmd/nfpm@latest | |
| - name: Download linux artifacts from release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| VERSION=${{ github.ref_name }} | |
| gh release download ${VERSION} \ | |
| --repo ${{ github.repository }} \ | |
| --pattern "cw-${VERSION}-x86_64-unknown-linux-musl" \ | |
| --pattern "cw-${VERSION}-aarch64-unknown-linux-gnu" | |
| - name: Build .deb packages | |
| run: | | |
| VERSION=${GITHUB_REF_NAME#v} | |
| for pair in "amd64:x86_64-unknown-linux-musl" "arm64:aarch64-unknown-linux-gnu"; do | |
| ARCH="${pair%%:*}" | |
| SUFFIX="${pair##*:}" | |
| cp "cw-${{ github.ref_name }}-${SUFFIX}" cw | |
| chmod +x cw | |
| ARCH="${ARCH}" VERSION="${VERSION}" nfpm package --packager deb --target "codewire_${VERSION}_${ARCH}.deb" | |
| rm cw | |
| done | |
| - name: Upload .deb packages to release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| gh release upload ${{ github.ref_name }} codewire_*.deb --clobber | |
| apt-repo: | |
| name: Update APT Repository | |
| needs: deb-packages | |
| runs-on: ubuntu-latest | |
| environment: build | |
| steps: | |
| - name: Checkout gh-pages branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: gh-pages | |
| fetch-depth: 0 | |
| - name: Download .deb packages from release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| VERSION=${{ github.ref_name }} | |
| mkdir -p pool | |
| gh release download ${VERSION} \ | |
| --repo ${{ github.repository }} \ | |
| --pattern "*.deb" \ | |
| --dir pool \ | |
| --clobber | |
| - name: Generate APT repository metadata | |
| run: | | |
| mkdir -p dists/stable/main/binary-amd64 | |
| mkdir -p dists/stable/main/binary-arm64 | |
| apt-ftparchive packages pool/ > dists/stable/main/binary-amd64/Packages | |
| cp dists/stable/main/binary-amd64/Packages dists/stable/main/binary-arm64/Packages | |
| gzip -kf dists/stable/main/binary-amd64/Packages | |
| gzip -kf dists/stable/main/binary-arm64/Packages | |
| apt-ftparchive \ | |
| -o APT::FTPArchive::Release::Suite="stable" \ | |
| -o APT::FTPArchive::Release::Codename="stable" \ | |
| -o APT::FTPArchive::Release::Architectures="amd64 arm64" \ | |
| -o APT::FTPArchive::Release::Components="main" \ | |
| release dists/stable/ > dists/stable/Release | |
| - name: Sign APT repository | |
| env: | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| echo "$GPG_PRIVATE_KEY" | gpg --batch --import | |
| gpg --batch --yes --pinentry-mode loopback \ | |
| --passphrase "$GPG_PASSPHRASE" \ | |
| --detach-sign -a -o dists/stable/Release.gpg dists/stable/Release | |
| gpg --batch --yes --pinentry-mode loopback \ | |
| --passphrase "$GPG_PASSPHRASE" \ | |
| --clearsign -o dists/stable/InRelease dists/stable/Release | |
| gpg --batch --yes --armor --export > gpg.key | |
| - name: Commit and push to gh-pages | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| git add pool/ dists/ gpg.key | |
| git diff --cached --quiet && { echo "No changes to commit"; exit 0; } | |
| git commit -m "apt: update repo for ${{ github.ref_name }}" | |
| git pull --rebase origin gh-pages | |
| git push origin gh-pages | |
| aur-publish: | |
| name: Publish AUR Package | |
| needs: release | |
| runs-on: ubuntu-latest | |
| environment: build | |
| container: archlinux:base | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: pacman -Sy --noconfirm openssh git base-devel | |
| - name: Download SHA256SUMS from release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| pacman -S --noconfirm github-cli | |
| gh release download ${{ github.ref_name }} \ | |
| --repo ${{ github.repository }} \ | |
| --pattern SHA256SUMS \ | |
| --output SHA256SUMS | |
| - name: Generate PKGBUILD | |
| run: | | |
| VERSION=${GITHUB_REF_NAME#v} | |
| SHA_AMD64=$(grep x86_64-unknown-linux-musl SHA256SUMS | awk '{print $1}') | |
| SHA_ARM64=$(grep aarch64-unknown-linux-gnu SHA256SUMS | awk '{print $1}') | |
| sed -e "s/^pkgver=VERSION/pkgver=${VERSION}/" \ | |
| -e "s/SHA256_AMD64/${SHA_AMD64}/" \ | |
| -e "s/SHA256_ARM64/${SHA_ARM64}/" \ | |
| aur/PKGBUILD > PKGBUILD | |
| # Generate .SRCINFO (must run as non-root in writable dir) | |
| useradd -m builder | |
| cp PKGBUILD /home/builder/PKGBUILD | |
| chown builder:builder /home/builder/PKGBUILD | |
| su builder -c "cd /home/builder && makepkg --printsrcinfo" > .SRCINFO | |
| - name: Push to AUR | |
| env: | |
| AUR_SSH_PRIVATE_KEY: ${{ secrets.AUR_SSH_PRIVATE_KEY }} | |
| run: | | |
| export HOME=/root | |
| mkdir -p /root/.ssh | |
| echo "$AUR_SSH_PRIVATE_KEY" > /root/.ssh/aur | |
| chmod 600 /root/.ssh/aur | |
| ssh-keyscan aur.archlinux.org >> /root/.ssh/known_hosts 2>/dev/null | |
| printf 'Host aur.archlinux.org\n IdentityFile /root/.ssh/aur\n' > /root/.ssh/config | |
| git clone ssh://aur@aur.archlinux.org/codewire-bin.git aur-repo | |
| cd aur-repo | |
| git checkout master 2>/dev/null || git checkout -b master origin/master | |
| cp ../PKGBUILD ../.SRCINFO . | |
| git config user.name "Codewire Bot" | |
| git config user.email "hello@codewire.sh" | |
| git add PKGBUILD .SRCINFO | |
| git diff --cached --quiet && { echo "No changes to commit"; exit 0; } | |
| git commit -m "Update to ${GITHUB_REF_NAME#v}" | |
| git pull --rebase origin master | |
| git push origin master |