File: cd.yml

package info (click to toggle)
backblaze-b2 3.19.1-4
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 1,372 kB
  • sloc: python: 12,571; makefile: 21; sh: 12
file content (188 lines) | stat: -rw-r--r-- 7,147 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
 
name: Continuous Delivery

on:
  push:
    tags: 'v*'  # push events to matching v*, i.e. v1.0, v20.15.10

env:
  CD: "true"
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  PYTHON_DEFAULT_VERSION: "3.12"

jobs:
  deploy:
    env:
      B2_PYPI_PASSWORD: ${{ secrets.B2_PYPI_PASSWORD }}
    runs-on: ubuntu-latest
    outputs:
      version: ${{ steps.build.outputs.version }}
      prerelease: ${{ steps.prerelease_check.outputs.prerelease }}
      # publish_docker: ${{ steps.prerelease_check.outputs.prerelease == 'false' && secrets.DOCKERHUB_USERNAME != '' }}  # doesn't work, hence the workaround
      publish_docker: ${{ steps.prerelease_check.outputs.publish_docker }}
    steps:
      - name: Determine if pre-release
        id: prerelease_check
        run: |
          export IS_PRERELEASE=$([[ ${{ github.ref }} =~ [^0-9]$ ]] && echo true || echo false)
          echo "prerelease=$IS_PRERELEASE" >> $GITHUB_OUTPUT
          export PUBLISH_DOCKER=$([[ $IS_PRERELEASE == 'false' && "${{ secrets.DOCKERHUB_USERNAME }}" != '' ]] && echo true || echo false)
          echo "publish_docker=$PUBLISH_DOCKER" >> $GITHUB_OUTPUT
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Set up Python ${{ env.PYTHON_DEFAULT_VERSION }}
        uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_DEFAULT_VERSION }}
      - name: Install dependencies
        run: python -m pip install --upgrade nox pdm
      - name: Build the distribution
        id: build
        run: nox -vs build
      - name: Read the Changelog
        id: read-changelog
        uses: mindsers/changelog-reader-action@v2
        with:
          version: ${{ steps.build.outputs.version }}
      - name: Create GitHub release and upload the distribution
        id: create-release
        uses: softprops/action-gh-release@v2
        with:
          name: ${{ steps.build.outputs.version }}
          body: ${{ steps.read-changelog.outputs.changes }}
          draft: false
          prerelease: ${{ steps.prerelease_check.outputs.prerelease }}
          files: ${{ steps.build.outputs.asset_path }}
      - name: Upload the distribution to PyPI
        if: ${{ env.B2_PYPI_PASSWORD != '' && steps.prerelease_check.outputs.prerelease == 'false' }}
        uses: pypa/gh-action-pypi-publish@v1.3.1
        with:
          user: __token__
          password: ${{ secrets.B2_PYPI_PASSWORD }}
  deploy-linux-bundle:
    needs: deploy
    runs-on: ubuntu-latest
    container:
      image: "python:3.12"  # can not use ${{ env.PYTHON_DEFAULT_VERSION }} here
      env:
        DEBIAN_FRONTEND: noninteractive
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Install dependencies
        run: |
          apt-get -y update
          apt-get -y install patchelf
          python -m pip install --upgrade nox pdm
          git config --global --add safe.directory '*'
      - name: Bundle the distribution
        id: bundle
        run: nox -vs bundle
      - name: Sign the bundle
        id: sign
        run: nox -vs sign
      - name: Generate hashes
        id: hashes
        run: nox -vs make_dist_digest
      - name: Upload the bundle to the GitHub release
        uses: softprops/action-gh-release@v2
        with:
          name: ${{ needs.deploy.outputs.version }}
          draft: false
          prerelease: ${{ needs.deploy.outputs.prerelease }}
          files: ${{ steps.sign.outputs.asset_path }}
  deploy-windows-bundle:
    needs: deploy
    env:
      B2_WINDOWS_CODE_SIGNING_CERTIFICATE: ${{ secrets.B2_WINDOWS_CODE_SIGNING_CERTIFICATE }}
      B2_WINDOWS_CODE_SIGNING_CERTIFICATE_PASSWORD: ${{ secrets.B2_WINDOWS_CODE_SIGNING_CERTIFICATE_PASSWORD }}
    runs-on: windows-2019
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Set up Python ${{ env.PYTHON_DEFAULT_VERSION }}
        uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_DEFAULT_VERSION }}
      - name: Install dependencies
        run: python -m pip install --upgrade nox pdm
      - name: Bundle the distribution
        id: bundle
        shell: bash
        run: nox -vs bundle
      - name: Import certificate
        id: windows_import_cert
        if: ${{ env.B2_WINDOWS_CODE_SIGNING_CERTIFICATE != '' }}
        uses: timheuer/base64-to-file@v1
        with:
          fileName: 'cert.pfx'
          encodedString: ${{ secrets.B2_WINDOWS_CODE_SIGNING_CERTIFICATE }}
      - name: Sign the bundle
        if: ${{ env.B2_WINDOWS_CODE_SIGNING_CERTIFICATE != '' }}
        id: sign
        shell: bash
        run: nox -vs sign -- '${{ steps.windows_import_cert.outputs.filePath }}' '${{ env.B2_WINDOWS_CODE_SIGNING_CERTIFICATE_PASSWORD }}'
      - name: Generate hashes
        id: hashes
        run: nox -vs make_dist_digest
      - name: Create GitHub release and upload the distribution
        id: create-release
        uses: softprops/action-gh-release@v2
        with:
          name: ${{ needs.deploy.outputs.version }}
          draft: false
          prerelease: ${{ needs.deploy.outputs.prerelease }}
          files:
            ${{ steps.sign.outputs.asset_path || steps.bundle.outputs.asset_path }}
  deploy-docker:
    needs: deploy
    if: ${{ needs.deploy.outputs.publish_docker == 'true' }}
    runs-on: ubuntu-latest
    env:
      DEBIAN_FRONTEND: noninteractive
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Set up Python ${{ env.PYTHON_DEFAULT_VERSION }}
        uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_DEFAULT_VERSION }}
      - name: Install dependencies
        run: python -m pip install --upgrade nox pdm
      - name: Build Dockerfile
        run: nox -vs generate_dockerfile
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Prepare Docker tags
        id: docker_tags_prep
        run: |
          DOCKER_TAGS=backblazeit/b2:${{ needs.deploy.outputs.version }}
          if [ "${{ needs.deploy.outputs.prerelease }}" != "true" ]; then
            DOCKER_TAGS="$DOCKER_TAGS,backblazeit/b2:latest"
          fi
          echo DOCKER_TAGS=$DOCKER_TAGS
          echo "docker_tags=$DOCKER_TAGS" >> $GITHUB_OUTPUT
      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Build and push
        uses: docker/build-push-action@v3
        with:
          context: .
          push: true
          tags: ${{ steps.docker_tags_prep.outputs.docker_tags }}
          platforms: linux/amd64,linux/arm64
      - name: Update Docker Hub Description
        uses: peter-evans/dockerhub-description@v4
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
          repository: backblazeit/b2
          short-description: "Official Backblaze B2 CLI docker image"