From 94b3a3090c523c3476021eab9eddf848bbc0b3e1 Mon Sep 17 00:00:00 2001 From: Lionello Lunesu Date: Tue, 2 Jul 2024 13:11:13 -0700 Subject: [PATCH 1/4] test split/merge --- .github/workflows/go.yml | 50 ++++++++++++++++++++++++++-------------- 1 file changed, 33 insertions(+), 17 deletions(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 425b91a61..ec9d8d062 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -139,13 +139,27 @@ jobs: run: go mod download working-directory: src - - name: Run GoReleaser (Windows and Linux) + - name: Run GoReleaser (Linux) uses: goreleaser/goreleaser-action@v5 with: - # distribution: goreleaser-pro # either 'goreleaser' (default) or 'goreleaser-pro' + distribution: goreleaser-pro # either 'goreleaser' (default) or 'goreleaser-pro' # version: latest args: release --split ${{ !startsWith(github.ref, 'refs/tags/v') && '--snapshot' || '' }} workdir: src + env: + GGOOS: linux + GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} + + - name: Run GoReleaser (Windows) + uses: goreleaser/goreleaser-action@v5 + with: + distribution: goreleaser-pro # either 'goreleaser' (default) or 'goreleaser-pro' + # version: latest + args: release --split ${{ !startsWith(github.ref, 'refs/tags/v') && '--snapshot' || '' }} + workdir: src + env: + GGOOS: windows + GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} # From https://github.com/Azure/trusted-signing-action/pull/37 - name: Azure login @@ -206,11 +220,13 @@ jobs: - name: Run GoReleaser (macOS) uses: goreleaser/goreleaser-action@v5 with: - # distribution: goreleaser-pro # either 'goreleaser' (default) or 'goreleaser-pro' + distribution: goreleaser-pro # either 'goreleaser' (default) or 'goreleaser-pro' # version: latest - args: build --id defang-mac ${{ !startsWith(github.ref, 'refs/tags/v') && '--snapshot' || '' }} + args: release --split ${{ !startsWith(github.ref, 'refs/tags/v') && '--snapshot' || '' }} workdir: src env: + GGOOS: darwin + GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} MACOS_CERTIFICATE_NAME: ${{ secrets.MACOS_CERTIFICATE_NAME }} MACOS_P12_BASE64: ${{ secrets.MACOS_P12_BASE64 }} MACOS_P12_PASSWORD: ${{ secrets.MACOS_P12_PASSWORD }} @@ -244,16 +260,16 @@ jobs: uses: actions/download-artifact@v4 with: name: dist-mac - path: src/distx + path: src/dist - name: Download dist-win folder uses: actions/download-artifact@v4 with: name: dist-win - path: src/distx + path: src/dist - name: List files - run: ls -lR src/distx + run: ls -lR src/dist - name: Set up Go # not sure why this is needed for release uses: actions/setup-go@v5 @@ -266,7 +282,7 @@ jobs: with: distribution: goreleaser-pro # either 'goreleaser' (default) or 'goreleaser-pro' # version: latest - args: release --config .goreleaser-prebuilt.yml + args: continue --merge workdir: src env: GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} @@ -275,15 +291,15 @@ jobs: DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }} DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }} - - name: Notarize macOS app # TODO: move to goreleaser.yml - shell: bash - run: | - bin/notarize.sh dist/defang_*_macOS.zip - working-directory: src - env: - MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }} - MACOS_NOTARIZATION_TEAM_ID: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }} - MACOS_NOTARIZATION_APP_PW: ${{ secrets.MACOS_NOTARIZATION_APP_PW }} + # - name: Notarize macOS app # TODO: move to goreleaser.yml + # shell: bash + # run: | + # bin/notarize.sh dist/defang_*_macOS.zip + # working-directory: src + # env: + # MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }} + # MACOS_NOTARIZATION_TEAM_ID: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }} + # MACOS_NOTARIZATION_APP_PW: ${{ secrets.MACOS_NOTARIZATION_APP_PW }} post-release: runs-on: ubuntu-latest From 05045a6497c69bbea941f250cb672dbbcb04bac6 Mon Sep 17 00:00:00 2001 From: Lionello Lunesu Date: Tue, 2 Jul 2024 13:30:35 -0700 Subject: [PATCH 2/4] fix post-release --- .github/workflows/go.yml | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index ec9d8d062..cf3854bc1 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -304,16 +304,6 @@ jobs: post-release: runs-on: ubuntu-latest needs: go-release - - env: - NODE_VERSION: "21" - NPM_REGISTRY_URL: "https://registry.npmjs.org" - - defaults: - run: - shell: bash - working-directory: ./pkgs/npm - steps: - name: Update Windows s.defang.io/defang_win_amd64.zip short link run: | @@ -350,10 +340,12 @@ jobs: - name: Install node uses: actions/setup-node@v4 with: - node-version: ${{ env.NODE_VERSION }} - registry-url: ${{ env.NPM_REGISTRY_URL }} + node-version: "20" # same as the version in flake.nix + registry-url: https://registry.npmjs.org - name: Publish to NPM + shell: bash + working-directory: ./pkgs/npm run: | # Get version number without the 'v' export version_number=`echo "${{ github.ref_name }}" | cut -c2- ` From ae919c6a1e9731151d0c7f0ce2026431d8c864df Mon Sep 17 00:00:00 2001 From: Lionello Lunesu Date: Tue, 2 Jul 2024 14:10:01 -0700 Subject: [PATCH 3/4] enable notarization --- .github/workflows/go.yml | 18 +++---- src/.goreleaser-prebuilt.yml | 102 ----------------------------------- src/.goreleaser.yml | 1 + 3 files changed, 10 insertions(+), 111 deletions(-) delete mode 100644 src/.goreleaser-prebuilt.yml diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index cf3854bc1..db8045c14 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -291,15 +291,15 @@ jobs: DISCORD_WEBHOOK_ID: ${{ secrets.DISCORD_WEBHOOK_ID }} DISCORD_WEBHOOK_TOKEN: ${{ secrets.DISCORD_WEBHOOK_TOKEN }} - # - name: Notarize macOS app # TODO: move to goreleaser.yml - # shell: bash - # run: | - # bin/notarize.sh dist/defang_*_macOS.zip - # working-directory: src - # env: - # MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }} - # MACOS_NOTARIZATION_TEAM_ID: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }} - # MACOS_NOTARIZATION_APP_PW: ${{ secrets.MACOS_NOTARIZATION_APP_PW }} + - name: Notarize macOS app # TODO: move to goreleaser.yml + shell: bash + run: | + bin/notarize.sh dist/defang_*_macOS.zip + working-directory: src + env: + MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }} + MACOS_NOTARIZATION_TEAM_ID: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }} + MACOS_NOTARIZATION_APP_PW: ${{ secrets.MACOS_NOTARIZATION_APP_PW }} post-release: runs-on: ubuntu-latest diff --git a/src/.goreleaser-prebuilt.yml b/src/.goreleaser-prebuilt.yml deleted file mode 100644 index 8bb61fd56..000000000 --- a/src/.goreleaser-prebuilt.yml +++ /dev/null @@ -1,102 +0,0 @@ -# yaml-language-server: $schema=https://goreleaser.com/static/schema-pro.json -project_name: defang -builds: - - builder: prebuilt - goos: - - linux - - windows - - darwin - goarch: - - amd64 - - arm64 - # - 386 - goamd64: - - v1 - prebuilt: - path: distx/defang-{{ if eq .Os "darwin" }}mac{{ else }}cli{{ end }}_{{ .Os }}_{{ .Arch }}{{ with .Amd64 }}_{{ . }}{{ end }}/defang{{ .Ext }} - binary: defang - -source: - enabled: false - -archives: - - format_overrides: - - goos: darwin - format: zip - - goos: windows - format: zip - # replace "darwin" with "macOS" in the filename; replace "all" with ""; NOTE: if you change this, also change go.yml GitHub Actions workflow - name_template: '{{ .ProjectName }}_{{ .Version }}_{{ if eq .Os "darwin" }}macOS{{ else }}{{ .Os }}{{ end }}{{ if ne .Arch "all" }}_{{ .Arch }}{{ end }}{{ with .Arm }}v{{ . }}{{ end }}{{ with .Mips }}_{{ . }}{{ end }}{{ if not (eq .Amd64 "v1") }}{{ .Amd64 }}{{ end }}' - # hooks: - # after: - # - '{{ if eq .Os "darwin" }}./bin/notarize.sh "{{ .Path }}"{{ else }}true{{ end }}' - -release: - github: - owner: DefangLabs - name: defang - header: | - # Defang CLI - This is the Command Line Interface (CLI) for [Defang](https://defang.io). This is a beta version and is provided as-is, intended primarily for testing purposes. - For alternative installation methods, please check the [README](https://github.com/DefangLabs/defang/blob/main/README.md). - ## Manual installation Instructions - 1. Download the archive file for your Operating System. - 2. Extract the archive. This should reveal the binary file for Defang. - 3. Manually place the binary file in a directory that's included in your system's `PATH` environment variable. - ### Additional Step for MacOS Users - If you're having trouble running the binary on MacOS, please check our [FAQs](https://docs.defang.io/docs/faq#im-having-trouble-running-the-binary-on-my-mac-what-should-i-do). - - Please remember this software is in beta, so please report any issues or feedback through our GitHub page. Your help in improving Defang is greatly appreciated! - # mode: keep-existing - # draft: true - # replace_existing_draft: true - # prerelease: "true" - -nix: - # commit_author: defang-io - - homepage: https://defang.io/ - description: Defang is the easiest way for developers to create and deploy their containerized applications - license: "mit" - repository: - owner: DefangLabs - name: defang - post_install: | - installShellCompletion --cmd defang \ - --bash <($out/bin/defang completion bash) \ - --zsh <($out/bin/defang completion zsh) \ - --fish <($out/bin/defang completion fish) - -changelog: - filters: - exclude: - # Ignore messages like "defang: v0.5.3 -> v0.5.4" (which are actually for the previous version) - - "^defang: v[0-9]+\\.[0-9]+\\.[0-9]+ -> v[0-9]+\\.[0-9]+\\.[0-9]+$" - - "^Merge branch " - - "^Merge remote-tracking branch " - - "^New version: DefangLabs." - -winget: - - publisher: DefangLabs - name: Defang - short_description: The Defang command-line interface (CLI) - description: Defang is the easiest way for developers to create and deploy their containerized applications to the cloud. - license: MIT - publisher_url: https://defang.io/ - homepage: https://github.com/DefangLabs/defang/ - publisher_support_url: https://github.com/DefangLabs/defang/issues/ - repository: - token: "{{ .Env.GH_PAT_WINGET }}" - owner: DefangLabs - name: winget-pkgs - branch: "Defang-{{.Version}}" - # pull_request: - # enabled: true - # draft: true - # base: - # owner: microsoft - # name: winget-pkgs - # branch: master - -announce: - discord: - enabled: true diff --git a/src/.goreleaser.yml b/src/.goreleaser.yml index b111f8df0..429c9cd08 100644 --- a/src/.goreleaser.yml +++ b/src/.goreleaser.yml @@ -81,6 +81,7 @@ nix: --fish <($out/bin/defang completion fish) changelog: + use: github filters: exclude: # Ignore messages like "defang: v0.5.3 -> v0.5.4" (which are actually for the previous version) From 0caf8c1915a31ed044364f2f54b471ec56b79d10 Mon Sep 17 00:00:00 2001 From: Lionello Lunesu Date: Tue, 2 Jul 2024 14:30:29 -0700 Subject: [PATCH 4/4] comments --- .github/workflows/go.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index db8045c14..7e4af35b2 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -31,9 +31,9 @@ jobs: # run: GOOS=darwin go build ./cmd/cli # working-directory: src - # - name: Build Windows binary - # run: GOOS=windows go build ./cmd/cli - # working-directory: src + - name: Build Windows binary + run: GOOS=windows go build ./cmd/cli + working-directory: src - name: Verify Go modules working-directory: src @@ -118,10 +118,10 @@ jobs: working-directory: src build-and-sign: - name: Build app and sign files with Trusted Signing - environment: release + name: Build app and sign files (with Trusted Signing) + environment: release # must use environment to be able to authenticate with Azure Federated Identity for Trusted Signing needs: go-test - runs-on: windows-latest # for signtool + runs-on: windows-latest env: # from https://github.com/spiffe/spire/pull/5158 GOPATH: 'D:\golang\go' GOCACHE: 'D:\golang\cache' @@ -201,7 +201,7 @@ jobs: if-no-files-found: error build-and-sign-mac: - name: Build app and sign MacOS + name: Build app and sign (MacOS) needs: go-test runs-on: macos-latest # for codesign and notarytool steps: