Earl Warren
82395a1f72
Refs: https://codeberg.org/forgejo/forgejo/issues/2051 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2053 Reviewed-by: Loïc Dachary <dachary@noreply.codeberg.org> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org> (cherry picked from commit 01abf4d505b092886ed22cdb903ec834061cd7d6) [CI] Forgejo Actions based release process (squash) no ownca The private Forgejo instance trusted with the release signing keys no longer requires the installation of the ownca certificate authority. Refs: https://codeberg.org/forgejo/docs/pulls/338 (cherry picked from commit 72f9ae796d7d7328e87129485e83251708f3d2fb) (cherry picked from commit b0ca4236d76bcc24dfeecba54b602af542355c7d) (cherry picked from commit 81619cf8b5e1650eeb8cb315ee7fa70d0c2d82ba) (cherry picked from commit 2cb32c1a2bd1dd58bb51b81b06e5453608cf0b5d) (cherry picked from commit f817d97f85fff41392ff3017245b80a3ab73cf8a) (cherry picked from commit 7499661326231f5f353c977546f57787a130346f)
77 lines
2.7 KiB
YAML
77 lines
2.7 KiB
YAML
# SPDX-License-Identifier: MIT
|
|
#
|
|
# See also https://forgejo.org/docs/next/developer/RELEASE/#release-process
|
|
#
|
|
# https://codeberg.org/forgejo-experimental/forgejo
|
|
#
|
|
# Copies a release from codeberg.org/forgejo-integration to codeberg.org/forgejo-experimental
|
|
#
|
|
# vars.ROLE: forgejo-experimental
|
|
# vars.FORGEJO: https://codeberg.org
|
|
# vars.FROM_OWNER: forgejo-integration
|
|
# vars.TO_OWNER: forgejo-experimental
|
|
# vars.REPO: forgejo
|
|
# vars.DOER: forgejo-experimental-ci
|
|
# secrets.TOKEN: <generated from codeberg.org/forgejo-experimental-ci>
|
|
#
|
|
# http://private.forgejo.org/forgejo/forgejo
|
|
#
|
|
# Copies & sign a release from codeberg.org/forgejo-integration to codeberg.org/forgejo
|
|
#
|
|
# vars.ROLE: forgejo-release
|
|
# vars.FORGEJO: https://codeberg.org
|
|
# vars.FROM_OWNER: forgejo-integration
|
|
# vars.TO_OWNER: forgejo
|
|
# vars.REPO: forgejo
|
|
# vars.DOER: release-team
|
|
# secrets.TOKEN: <generated from codeberg.org/release-team>
|
|
# secrets.GPG_PRIVATE_KEY: <XYZ>
|
|
# secrets.GPG_PASSPHRASE: <ABC>
|
|
#
|
|
name: Pubish release
|
|
|
|
on:
|
|
push:
|
|
tags: 'v*'
|
|
|
|
jobs:
|
|
publish:
|
|
runs-on: self-hosted
|
|
if: vars.DOER != '' && vars.FORGEJO != '' && vars.TO_OWNER != '' && vars.FROM_OWNER != '' && secrets.TOKEN != ''
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: copy & sign
|
|
uses: https://code.forgejo.org/forgejo/forgejo-build-publish/publish@v1
|
|
with:
|
|
forgejo: ${{ vars.FORGEJO }}
|
|
from-owner: ${{ vars.FROM_OWNER }}
|
|
to-owner: ${{ vars.TO_OWNER }}
|
|
repo: ${{ vars.REPO }}
|
|
ref-name: ${{ github.ref_name }}
|
|
release-notes: "See https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#{ANCHOR}"
|
|
doer: ${{ vars.DOER }}
|
|
token: ${{ secrets.TOKEN }}
|
|
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
|
|
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
|
|
verbose: ${{ vars.VERBOSE }}
|
|
|
|
|
|
- name: set up go for the DNS update below
|
|
if: vars.ROLE == 'forgejo-experimental' && secrets.OVH_APP_KEY != ''
|
|
uses: https://code.forgejo.org/actions/setup-go@v4
|
|
with:
|
|
go-version: ">=1.21"
|
|
check-latest: true
|
|
- name: update the _release.experimental DNS record
|
|
if: vars.ROLE == 'forgejo-experimental' && secrets.OVH_APP_KEY != ''
|
|
uses: https://code.forgejo.org/actions/ovh-dns-update@v1
|
|
with:
|
|
subdomain: _release.experimental
|
|
domain: forgejo.com # there is a CNAME from .org to .com (for security reasons)
|
|
record-id: 5283602601
|
|
value: v=${{ github.ref_name }}
|
|
ovh-app-key: ${{ secrets.OVH_APP_KEY }}
|
|
ovh-app-secret: ${{ secrets.OVH_APP_SECRET }}
|
|
ovh-consumer-key: ${{ secrets.OVH_CON_KEY }}
|