Merge pull request #1244 from openziti/build-linux-packages

Build and publish linux package ziti-cli
openziti · Sep 5, 2023 · 13a6749 · 13a6749
2 parents cedf4a2 + b1eca77
commit 13a6749
Show file tree

Hide file tree

Showing 6 changed files with 183 additions and 10 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -381,3 +381,19 @@ jobs:
     secrets: inherit
     with:
       ziti-version: ${{ needs.publish.outputs.ZITI_VERSION }}
+
+  # call on release-next and main branches to publish linux packages to
+  # "testing" and "release" package repos in Artifactory
+  call-publish-linux-packages:
+    # always() re-enables evaluating conditionals in forks even if Windows or
+    # macOS builds were skipped
+    if: |
+      always()
+      && needs.publish.result == 'success'
+      && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/release-next')
+    name: Publish Linux Packages
+    needs: publish
+    uses: ./.github/workflows/publish-linux-packages.yml
+    secrets: inherit
+    with:
+      ziti-version: ${{ needs.publish.outputs.ZITI_VERSION }}
diff --git a/.github/workflows/publish-linux-packages.yml b/.github/workflows/publish-linux-packages.yml
@@ -0,0 +1,121 @@
+name: Publish Linux Packages
+
+on:
+  workflow_call:
+    inputs:
+      ziti-version:
+        description: generated by 'ziti-ci get-current-version'
+        type: string
+        required: true
+
+jobs:
+  publish-linux-packages:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        package_name:
+          - ziti-cli
+        arch:
+          - goreleaser: amd64
+            gox: amd64
+            deb: amd64
+            rpm: x86_64
+          - goreleaser: arm64
+            gox: arm64
+            deb: arm64
+            rpm: aarch64
+          - goreleaser: armv7
+            gox: arm
+            deb: armv7
+            rpm: armv7
+        nfpm_packager:
+          - rpm
+          - deb
+          # - archlinux #  (pacman)
+          # - apk
+    env:
+      ZITI_VERSION: ${{ inputs.ziti-version || github.event.inputs.ziti-version }}
+      ZITI_MAINTAINER: "OpenZiti Maintainers <[email protected]>"
+      ZITI_HOMEPAGE: "https://openziti.io"
+      ZITI_VENDOR: "NetFoundry"
+      GOARCH: ${{ matrix.arch.goreleaser }}
+    steps:
+      - name: Checkout Workspace
+        uses: actions/checkout@v3
+
+      - name: Download Linux Release Artifacts
+        uses: actions/download-artifact@v3
+        with:
+          name: linux-release-${{ github.run_id }}
+          path: release/
+
+      - name: Move Release Artifact for Architecture to Predictable Location for nfpm
+        run: |
+          mv -v ./release/${{ matrix.arch.gox }}/linux/ziti \
+                ./release/ziti
+
+      - name: Build Package
+        id: nfpm
+        uses: burningalchemist/action-gh-nfpm@v1
+        # uses: netfoundry/action-gh-nfpm@main
+        with:
+          nfpm_version: "2.32.0"
+          packager: ${{ matrix.nfpm_packager }}
+          config: build/dist-packages/linux/nfpm-${{ matrix.package_name }}.yaml
+          target: release/
+
+      - name: get the package name from the output
+        run: echo ${{ steps.nfpm.outputs.package }}
+        shell: bash
+
+      - run: ls -lh release/
+
+      - name: upload package artifact to build summary page
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ matrix.package_name }}-${{ matrix.arch.goreleaser }}-${{ matrix.nfpm_packager }}
+          path: ./release/${{ matrix.package_name }}*.${{ matrix.nfpm_packager }}
+          if-no-files-found: error
+
+      - name: Configure jFrog CLI
+        uses: jfrog/setup-jfrog-cli@v3
+        env:
+          JF_ENV_1: ${{ secrets.ZITI_ARTIFACTORY_CLI_CONFIG_PACKAGE_UPLOAD }}
+
+      - name: Upload RPM to Artifactory testing repo
+        if: ${{ !github.event.release.published && matrix.nfpm_packager == 'rpm' }}
+        run: >
+          jf rt upload
+          ./release/${{ matrix.package_name }}*.${{ matrix.nfpm_packager }}
+          /zitipax-openziti-rpm-stable/testing/${{ matrix.arch.rpm }}/
+          --recursive=false
+          --flat=true 
+
+      - name: Upload RPM to Artifactory release repo
+        if: ${{ github.event.release.published && matrix.nfpm_packager == 'rpm' }}
+        run: >
+          jf rt upload
+          ./release/${{ matrix.package_name }}*.${{ matrix.nfpm_packager }}
+          /zitipax-openziti-rpm-stable/release/${{ matrix.arch.rpm }}/
+          --recursive=false
+          --flat=true 
+
+      - name: Upload DEB to Artifactory testing repo
+        if: ${{ !github.event.release.published && matrix.nfpm_packager == 'deb' }}
+        run: >
+          jf rt upload
+          ./release/${{ matrix.package_name }}*.${{ matrix.nfpm_packager }}
+          /zitipax-openziti-deb-stable/pool/${{ matrix.package_name }}/testing/${{ matrix.arch.deb }}/
+          --deb=testing/main/${{ matrix.arch.deb }}
+          --recursive=false
+          --flat=true 
+
+      - name: Upload DEB to Artifactory release repo
+        if: ${{ github.event.release.published && matrix.nfpm_packager == 'deb' }}
+        run: >
+          jf rt upload
+          ./release/${{ matrix.package_name }}*.${{ matrix.nfpm_packager }}
+          /zitipax-openziti-deb-stable/pool/${{ matrix.package_name }}/release/${{ matrix.arch.deb }}/
+          --deb=release/main/${{ matrix.arch.deb }}
+          --recursive=false
+          --flat=true 
diff --git a/BUILD.md b/BUILD.md
@@ -5,4 +5,4 @@ Please refer to [the local development README](./doc/002-local-dev.md) for build
 
 ## Crossbuilds
 
-When you push to your repo fork then GitHub Actions will automatically crossbuild for several OSs and CPU architectures. You'll then be able to download the built artifacts from the GitHub UI. The easiest way to crossbuild the Linux exectuables locally is to build and run the crossbuild container. Please refer to [the crossbuild container README](../Dockerfile.linux-build.README) for those steps. For hints on crossbuilding for MacOS and Windows see [the main GitHub Actions workflow](../.github/workflows/main.yml) which defines the steps that are run when you push to GitHub.
+When you push to your repo fork then GitHub Actions will automatically crossbuild for several OSs and CPU architectures. You'll then be able to download the built artifacts from the GitHub UI. The easiest way to crossbuild the Linux exectuables locally is to build and run the crossbuild container. Please refer to [the crossbuild container README](./docker-images/cross-build/README.md) for those steps. For hints on crossbuilding for MacOS and Windows see [the main GitHub Actions workflow](../.github/workflows/main.yml) which defines the steps that are run when you push to GitHub.
diff --git a/build/dist-packages/README.md b/build/dist-packages/README.md
@@ -0,0 +1,6 @@
+
+# nfpm-configs
+
+These are `nfpm` configuration files. `nfpm` generates Linux packages, e.g.,
+RPM. These files reference environment variables set in GitHub Actions workflow
+`.github/workflows/publish-linux-install-packages.yml`.
diff --git a/build/dist-packages/linux/nfpm-ziti-cli.yaml b/build/dist-packages/linux/nfpm-ziti-cli.yaml
@@ -0,0 +1,30 @@
+# nfpm configuration file
+#
+# check https://nfpm.goreleaser.com/configuration for detailed usage
+#
+name: ziti-cli
+arch: ${GOARCH}
+platform: linux
+version: ${ZITI_VERSION}
+maintainer: ${ZITI_MAINTAINER}
+description: >
+  The ziti-cli package provides the ziti executable binary as a command line
+  interface for Ziti.
+vendor: ${ZITI_VENDOR}
+homepage: ${ZITI_HOMEPAGE}
+license: Apache-2.0
+contents:
+  - src: ./release/ziti
+    dst: /opt/openziti/bin/ziti
+    file_info:
+      mode: 0755
+  - src: /opt/openziti/bin/ziti
+    dst: /usr/bin/ziti
+    type: symlink
+
+# packager-neutral scripts may be overriden by packager-specific scripts
+# scripts:
+  # preinstall: ./scripts/preinstall.sh
+  # postinstall: ./scripts/postinstall.sh
+  # preremove: ./scripts/preremove.sh
+  # postremove: ./scripts/postremove.sh
diff --git a/docker-images/cross-build/README.md b/docker-images/cross-build/README.md
@@ -12,9 +12,9 @@ This article supports local development by providing a local containerized metho
 You only need to build the container image once unless you change the Dockerfile or `./linux-build.sh` (the container's entrypoint).
 
 ```bash
-# build a container image named "zitibuilder" with the same version of Go that's declared in go.mod
+# build a container image named "ziti-go-builder" with the same version of Go that's declared in go.mod
 docker buildx build \
-    --tag=zitibuilder \
+    --tag=ziti-go-builder \
     --build-arg uid=$UID \
     --build-arg gid=$GID \
     --build-arg golang_version=$(grep -Po '^go\s+\K\d+\.\d+(\.\d+)?$' go.mod) \
@@ -34,16 +34,16 @@ Executing the following `docker run` command will:
 # build for all three architectures: amd64 arm arm64
 docker run \
     --rm \
-    --name=zitibuilder \
+    --name=ziti-go-builder \
     --volume=$PWD:/mnt \
-    zitibuilder
+    ziti-go-builder
 
 # build only amd64 
 docker run \
     --rm \
-    --name=zitibuilder \
+    --name=ziti-go-builder \
     --volume=$PWD:/mnt \
-    zitibuilder \
+    ziti-go-builder \
         amd64
 ```
 
@@ -53,7 +53,7 @@ You will find the built artifacts in `./release`.
 
 ```bash
  ❯ docker buildx build \
-    --tag=zitibuilder \
+    --tag=ziti-go-builder \
     --build-arg uid=$UID \
     --build-arg gid=$GID \
     --build-arg golang_version="$(/bin/grep -Po '^go\s+\K\d+\.\d+(\.\d+)?$' go.mod)" \
@@ -89,9 +89,9 @@ You will find the built artifacts in `./release`.
 
  ❯ docker run \                                        
     --rm \
-    --name=zitibuilder \
+    --name=ziti-go-builder \
     --volume=$PWD:/mnt \
-    zitibuilder           
+    ziti-go-builder           
 Number of parallel builds: 4
 
 -->       linux/arm: github.com/openziti/ziti/ziti