forgejo-federation/.forgejo/workflows/publish-release.yml
oliverpool 21f168209b
[CI] update DNS on experimental release (#1298)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1298
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
(cherry picked from commit 2aebc5ab4d58a90ed79e5487776d4f3eeea3b33f)
(cherry picked from commit 8d66b6e7bcc1f2eae06e1dee65b4b8736f217824)
(cherry picked from commit c782935f1b3d54a928f81a4dcd19bbca52c6f77c)
(cherry picked from commit 51e071da7304badd0f301771322bde7a86d33ef5)
(cherry picked from commit 81dbc87e1639510c1026541eb944267e9cbdb78b)
(cherry picked from commit 7a9820474341ae05e39e7de92cfe7501014dc91d)
(cherry picked from commit c679954950fb7641f3b281b3d33ae5dfb23aef8a)
(cherry picked from commit 8e4a03f302db5270967cb82ef0371429ba512f85)
(cherry picked from commit 5846953f61fe9202f49a1b9330369fea0d664149)
(cherry picked from commit ffda919030dee2c9801676a4470545269302ff88)
(cherry picked from commit f923b26d1e2287bbb0f03c16fe741c2c34d934dc)
(cherry picked from commit abfe5ec45d72098058af864fefb82414e2e4b99c)
(cherry picked from commit 35a7f5eb201a879af362f989d16fc61c3c68af1d)
(cherry picked from commit c996d51bd60cbf5c66be6a9ef830b88e4519e14d)
(cherry picked from commit c9d4a3d917960c997d4bb206f1ffaafa8308cd44)
(cherry picked from commit ae22f9c34ffa429a3ac133091e02368d3125874f)
(cherry picked from commit 9c4eee7aab6c72879f6c3dfe36c6b985cab29d8c)
(cherry picked from commit 6245948d6cb7c8ee47d56850782ce5240f896cb2)
(cherry picked from commit a286163c0bb2ebc57f80f75934c9be1ead663703)
(cherry picked from commit 0bad00bb1c8182c3564f8a5915ae93eef987e95c)
(cherry picked from commit 7653151793b1eec0886ff28f4dfb1ccb321137cc)
(cherry picked from commit 614cc71c88d852d271c14184b6ad8087bcf4b6cd)
(cherry picked from commit aa3a7249f7faf14363089783460da19744df35d1)
(cherry picked from commit acde52ddb67e6c257a62508d2dc44319569c99fc)
2024-02-05 13:33:59 +01:00

79 lines
2.8 KiB
YAML

# SPDX-License-Identifier: MIT
#
# See also https://forgejo.org/docs/next/developer/RELEASE/#release-process
#
# https://codeberg.org/forgejo-experimental/forgejo
#
# Copies a release from codeberg.org/forgejo-integration to codeberg.org/forgejo-experimental
#
# ROLE: forgejo-experimental
# FORGEJO: https://codeberg.org
# FROM_OWNER: forgejo-integration
# TO_OWNER: forgejo-experimental
# DOER: forgejo-experimental-ci
# TOKEN: <generated from codeberg.org/forgejo-experimental-ci>
#
# https://forgejo.octopuce.forgejo.org/forgejo/forgejo
#
# Copies & sign a release from codeberg.org/forgejo-integration to codeberg.org/forgejo
#
# ROLE: forgejo-release
# FORGEJO: https://codeberg.org
# FROM_OWNER: forgejo-integration
# TO_OWNER: forgejo
# DOER: release-team
# TOKEN: <generated from codeberg.org/release-team>
# GPG_PRIVATE_KEY: <XYZ>
# GPG_PASSPHRASE: <ABC>
#
name: Pubish release
on:
push:
tags: 'v*'
jobs:
publish:
runs-on: self-hosted
if: secrets.DOER != '' && secrets.FORGEJO != '' && secrets.TO_OWNER != '' && secrets.FROM_OWNER != '' && secrets.TOKEN != ''
steps:
- name: install the certificate authority
if: secrets.ROLE == 'forgejo-release'
run: |
apt-get install -qq -y wget
wget --no-check-certificate -O /usr/local/share/ca-certificates/enough.crt https://forgejo.octopuce.forgejo.org/forgejo/enough/raw/branch/main/certs/2023-05-13/ca.crt
update-ca-certificates --fresh
- uses: actions/checkout@v3
- name: copy & sign binaries and container images from one owner to another
uses: ./.forgejo/actions/publish-release
with:
forgejo: ${{ secrets.FORGEJO }}
from-owner: ${{ secrets.FROM_OWNER }}
to-owner: ${{ secrets.TO_OWNER }}
ref-name: ${{ github.ref_name }}
doer: ${{ secrets.DOER }}
token: ${{ secrets.TOKEN }}
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
verbose: ${{ secrets.VERBOSE }}
- name: set up go for the DNS update below
uses: https://code.forgejo.org/actions/setup-go@v4
if: secrets.ROLE == 'forgejo-experimental'
with:
go-version: ">=1.21"
check-latest: true
- name: update the _release.experimental DNS record
if: secrets.ROLE == 'forgejo-experimental'
uses: https://code.forgejo.org/actions/ovh-dns-update@v1
with:
subdomain: _release.experimental
domain: forgejo.com # there is a CNAME from .org to .com (for security reasons)
record-id: 5283602601
value: v=${{ github.ref_name }}
ovh-app-key: ${{ secrets.OVH_APP_KEY }}
ovh-app-secret: ${{ secrets.OVH_APP_SECRET }}
ovh-consumer-key: ${{ secrets.OVH_CON_KEY }}