completely switch to github actions

2020-06-20 21:47:06 +08:00 · 2020-06-20 21:47:06 +08:00 · 0341ee107c
parent 9cfcb49e41
commit 0341ee107c
6 changed files with 246 additions and 31 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -1,30 +0,0 @@
-version: 2
-jobs:
-  build:
-    branches:
-      only:
-        - master
-    docker:
-      - image: circleci/openjdk:8-jdk
-    working_directory: ~/authlib-injector
-    environment:
-      JVM_OPTS: -Xmx3200m
-      TERM: dumb
-    steps:
-      - checkout
-      - restore_cache:
-          keys:
-            - v1-cache
-      - run: 'git clone --single-branch --branch=toolchain --depth=1 git@github.com:yushijinhun/authlib-injector.yushi.moe ~/tools'
-      - run: 'echo $(( $(~/tools/get-latest-build-number.sh) + 1 )) > ~/build_number && echo "Build Number: $(<~/build_number)"'
-      - run: '~/tools/authlib-injector-deploy.sh --local-repo ~/authlib-injector.yushi.moe update-local-repo'
-      - run: 'AI_BUILD_NUMBER="$(<~/build_number)" gradle dependencies'
-      - run: 'AI_BUILD_NUMBER="$(<~/build_number)" gradle'
-      - store_artifacts:
-          path: ~/authlib-injector/build/libs
-      - run: '~/tools/authlib-injector-deploy.sh upload "$(<~/build_number)" ~/authlib-injector/build/libs/*.jar'
-      - save_cache:
-          paths:
-            - ~/.gradle
-            - ~/authlib-injector.yushi.moe
-          key: v1-cache-{{ epoch }}
--- a/.github/workflows/create_release.yml
+++ b/.github/workflows/create_release.yml
@ -0,0 +1,100 @@
+name: create_release
+on:
+  repository_dispatch:
+    types: [release_proposal_submit]
+jobs:
+  create_release:
+    runs-on: ubuntu-latest
+    steps:
+      - id: parse_pr
+        name: Parse pull request
+        shell: bash
+        run: |
+          pr=$(curl -Ss "${{ github.event.client_payload.pull }}")
+          pr_body=$(jq --raw-output '.body' <<< $pr)
+          if [ "$pr_body" == "" ]; then
+            echo "::error ::pull request body is empty."
+            exit 1
+          fi
+
+          prev_build_number=$(curl -Ss 'https://raw.githubusercontent.com/yushijinhun/authlib-injector.yushi.moe/master/artifacts.json' | jq -r '.artifacts|max_by(.build_number).build_number')
+          echo "prev_build_number=$prev_build_number"
+          build_number=$(grep -Pom1 '@@release_proposal\.build_number=\K.*(?=@@)' <<< $pr_body) || {
+            echo "no build number specified, using auto-increment build number."
+            build_number=$(( $prev_build_number + 1 ))
+          }
+          if (( $build_number <= $prev_build_number )); then
+            echo "::error ::specified build number is too small ($build_number)."
+            exit 1
+          fi
+          echo "::set-output name=build_number::$build_number"
+
+          version_number=$(grep -Pom1 '@@release_proposal\.version_number=\K.*(?=@@)' <<< $pr_body) || {
+            echo "::error ::release_proposal.version_number is not set."
+            exit 1
+          }
+          echo "::set-output name=version_number::$version_number"
+
+          release_notes=$(grep -oz '<!--changes_begin-->.*<!--changes_end-->' <<< $pr_body) || {
+            release_notes=$pr_body
+          }
+          echo "::set-output name=release_notes::$(jq --null-input -c '.text=$text' --arg text "$release_notes")"
+
+          echo "::set-output name=commit::$(jq --raw-output '.merge_commit_sha' <<< $pr)"
+          echo "::set-output name=pr::$(jq --raw-output '.number' <<< $pr)"
+
+      - id: create_release
+        name: Create release
+        uses: fleskesvor/create-release@feature/support-target-commitish
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: v${{ steps.parse_pr.outputs.version_number }}
+          commitish: ${{ steps.parse_pr.outputs.commit }}
+          release_name: v${{ steps.parse_pr.outputs.version_number }}
+          draft: true
+          body: |
+            <!--
+              @@release.build_number=${{ steps.parse_pr.outputs.build_number }}@@
+              @@release.version_number=${{ steps.parse_pr.outputs.version_number }}@@
+              @@release.pr=${{ steps.parse_pr.outputs.pr }}@@
+              @@release.trigger_deploy@@
+            -->
+            ${{ fromJSON(steps.parse_pr.outputs.release_notes).text }}
+
+            Linked pull request: [#${{ steps.parse_pr.outputs.pr }}](https://github.com/${{ github.repository }}/pull/${{ steps.parse_pr.outputs.pr }})  
+            Build number: ${{ steps.parse_pr.outputs.build_number }}  
+
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ steps.parse_pr.outputs.commit }}
+
+      - name: Setup JDK 8
+        uses: actions/setup-java@v1
+        with:
+          java-version: 8
+
+      - id: build
+        name: Build
+        shell: bash
+        run: |
+          export AI_BUILD_NUMBER=${{ steps.parse_pr.outputs.build_number }}
+          export AI_VERSION_NUMBER=${{ steps.parse_pr.outputs.version_number }}
+          gradle
+          gradle test
+          asset_path=$(echo build/libs/*.jar)
+          echo "Build output is at $asset_path"
+          echo "::set-output name=asset_path::$asset_path"
+          echo "::set-output name=asset_name::$(basename "$asset_path")"
+
+      - name: Upload assets to GitHub Releases
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ${{ steps.build.outputs.asset_path }}
+          asset_name: ${{ steps.build.outputs.asset_name }}
+          asset_content_type: "application/java-archive"
+
--- a/.github/workflows/deploy_release.yml
+++ b/.github/workflows/deploy_release.yml
@ -0,0 +1,88 @@
+name: deploy_release
+on:
+  release:
+    types: [published]
+jobs:
+  deploy_release:
+    if: contains(github.event.release.body, '@@release.trigger_deploy@@')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install deploy key
+        uses: shimataro/ssh-key-action@v2
+        with:
+          key: ${{ secrets.SSH_KEY }}
+          known_hosts: ${{ secrets.KNOWN_HOSTS }}
+
+      - name: Restore yushijinhun/authlib-injector.yushi.moe:master cache
+        uses: actions/cache@v1
+        with:
+          path: ~/deploy
+          key: cache-deploy
+
+      - name: Pull yushijinhun/authlib-injector.yushi.moe:master
+        shell: bash
+        run: |
+          if [ -d ~/deploy ]; then
+            cd ~/deploy
+            git fetch origin
+            git add --all
+            git reset --hard origin/master
+          else
+            git clone --single-branch --branch master "git@github.com:yushijinhun/authlib-injector.yushi.moe" ~/deploy
+          fi
+
+      - name: Deploy
+        shell: bash
+        run: |
+          release_body='${{ github.event.release.body }}'
+          build_number=$(grep -Pom1 '@@release\.build_number=\K.*(?=@@)' <<< $release_body)
+          version_number=$(grep -Pom1 '@@release\.version_number=\K.*(?=@@)' <<< $release_body)
+          asset_name='${{ github.event.release.assets[0].name }}'
+
+          cd ~/deploy
+          git config --local user.name "authlib-injector Deploy Bot"
+          git config --local user.email "authlib-injector-deploy-bot@yushi.moe"
+
+          mkdir -p "artifact/$build_number"
+          wget -O "artifact/$build_number/$asset_name" '${{ github.event.release.assets[0].browser_download_url }}'
+          sha256=$(sha256sum "artifact/$build_number/$asset_name" | grep -P -o '^[0-9a-f]+')
+          jq -n \
+            --arg build_number "$build_number" \
+            --arg version "$version_number" \
+            --arg download_url "https://authlib-injector.yushi.moe/artifact/$build_number/$asset_name" \
+            --arg sha256 "$sha256" \
+            '
+              {
+                "build_number": $build_number|tonumber,
+                "version": $version,
+                "download_url": $download_url,
+                "checksums": {
+                  "sha256": $sha256
+                }
+              }
+            ' > "artifact/$build_number.json"
+
+          for file in artifact/*; do
+            if basename -- "$file" | grep -q -P '^\d+\.json$'; then
+              jq '
+                {
+                  "build_number": .build_number,
+                  "version": .version
+                }' < "$file"
+            fi
+          done | jq -s '
+            {
+              "latest_build_number": max_by(.build_number).build_number,
+              "artifacts": .
+            }' > artifacts.json
+          latest_build_number=$(jq ".latest_build_number" < artifacts.json)
+          rm -f artifact/latest.json
+          ln -s "$latest_build_number.json" "artifact/latest.json"
+
+          git add --all
+          git commit -m "Deploy release $version_number ($build_number)
+
+          GitHub Action: https://github.com/${{ github.repository }}/actions/runs/$GITHUB_RUN_ID
+          "
+          git push "git@github.com:yushijinhun/authlib-injector.yushi.moe" master:master
+
--- a/.github/workflows/retry_submit_release.yml
+++ b/.github/workflows/retry_submit_release.yml
@ -0,0 +1,38 @@
+name: retry_submit_release
+on:
+  issue_comment:
+    types: [created]
+jobs:
+  retry_submit_release:
+    if:
+      github.event.issue.pull_request != null &&
+      contains(github.event.issue.labels.*.name, 'release') &&
+      contains(github.event.comment.body, '@@release_proposal.retry@@')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checks write permission
+        uses: yushijinhun/repo-permission-check-action@feature/specify-user
+        with:
+          permission: write
+          user: ${{ github.actor }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Checks pull request
+        shell: bash
+        run: |
+          echo '${{ toJson(github) }}'
+          pr=$(curl -Ss "${{ github.event.issue.pull_request.url }}")
+          if [[ "$(jq '.merged' <<< $pr)" != "true" ]]; then
+            echo "::error ::pull request is not merged."
+            exit 1
+          elif [[ "$(jq --raw-output '.base.ref' <<< $pr)" != "master" ]]; then
+            echo "::error ::pull request isn't merged into master."
+            exit 1
+          fi
+      - name: Dispatch release event
+        uses: peter-evans/repository-dispatch@v1
+        with:
+          token: ${{ secrets.REPO_ACCESS_TOKEN }}
+          event-type: release_proposal_submit
+          client-payload: '{"pull":"${{ github.event.issue.pull_request.url }}"}'
+
--- a/.github/workflows/submit_release.yml
+++ b/.github/workflows/submit_release.yml
@ -0,0 +1,19 @@
+name: submit_release
+on:
+  pull_request:
+    types: [closed]
+    branches: [master]
+jobs:
+  submit_release:
+    if:
+      github.event.pull_request.merged == true &&
+      contains(github.event.pull_request.labels.*.name, 'release')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Dispatch release event
+        uses: peter-evans/repository-dispatch@v1
+        with:
+          token: ${{ secrets.REPO_ACCESS_TOKEN }}
+          event-type: release_proposal_submit
+          client-payload: '{"pull":"${{ github.event.pull_request.url }}"}'
+
--- a/build.gradle
+++ b/build.gradle
@ -17,7 +17,7 @@ sourceCompatibility = 8

 def buildNumber = System.getenv('AI_BUILD_NUMBER')
 def gitInfo = versionDetails()
-version = '1.1.' + (buildNumber?:'0-SNAPSHOT') + '-' + gitInfo.gitHashFull[0..6]
+version = System.getenv('AI_VERSION_NUMBER') ?: 'snapshot';
 if (!gitInfo.isCleanTag) version += '.dirty'

 jar {