GitHub Actions: post releases

This so far just works on push and hopefullt pull requests, not for tags
and therefore actual releases.

In order not to conflict with the binaries from Travis, I changed the
name to "ci-release" instead of "continuous".

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>

.github/actions/release/Dockerfile

@@ -0,0 +1,11 @@
+FROM alpine:latest
+
+RUN	apk add --no-cache \
+  bash \
+  ca-certificates \
+  curl \
+  jq
+
+COPY upload /usr/bin/upload
+
+ENTRYPOINT ["/usr/bin/upload"]

.github/actions/release/action.yml

@@ -0,0 +1,4 @@
+name: upload to release
+runs:
+  using: docker
+  image: Dockerfile

.github/actions/release/upload

@@ -0,0 +1,92 @@
+#!/bin/bash
+# SPDX
+
+if [[ -z "$GITHUB_TOKEN" ]]; then
+	echo "missing GITHUB_TOKEN"
+	exit 1
+fi
+
+if [[ -z "$GITHUB_REPO" ]] ; then
+	echo "missing GITHUB_REPO"
+	exit 1
+fi
+
+if [[ -z "$REF" ]] ; then
+	echo "missing REF"
+	exit 1
+fi
+
+if [[ -z "$COMMIT" ]] ; then
+	echo "missing COMMIT"
+	exit 1
+fi
+
+TAG="ci-release"
+
+echo $REF
+if [[ $REF = /refs/heads/* ]] ; then
+	branch="-$(cat $REF | cut -d/ -f 3)"
+	echo "it's /refs/heads with an added $branch"
+	if [[ $REF != /refs/heads/master ]] ; then
+		TAG=$TAG+$branch
+	fi
+fi
+
+# check if there is a tag of that name
+# if it is starts with ci (so this is a continous integration tag) and it's on a different SHA, delete it
+tag_url="https://api.github.com/repos/$GITHUB_REPO/git/refs/tags/$TAG"
+release_url="https://api.github.com/repos/$GITHUB_REPO/releases/tags/$TAG"
+
+tag_infos=$(curl -XGET --header "Authorization: token ${GITHUB_TOKEN}" "${tag_url}")
+echo "information received for tag $TAG"
+echo $tag_infos
+existing_tag_sha=$(echo $tag_infos | jq --raw-output .object.sha)
+
+if [[ "$existing_tag_sha" != "" ]] ; then
+	echo "existing tag on SHA $existing_tag_sha"
+	existing_release=$(curl -XGET --header "Authorization: token ${GITHUB_TOKEN}" "${release_url}")
+	release_id=$(echo $existing_release | jq --raw-output .id )
+	echo "information received for the release with release ID \"$release_id\""
+	echo $existing_release
+
+	if [[ "$existing_tag_sha" != "$COMMIT" ]] ; then
+		echo "tag was on different SHA, delete it and the corresponding release (if it exists)"
+		echo "deleting tag $TAG"
+		curl -XDELETE --header "Authorization: token ${GITHUB_TOKEN}" "${tag_url}"
+		if [[ "$release_id" != "" ]] ; then
+			echo "Delete the release $release_id"
+			delete_url="https://api.github.com/repos/$GITHUB_REPO/releases/$release_id"
+			curl -XDELETE --header "Authorization: token ${GITHUB_TOKEN}" "${delete_url}"
+		fi
+		echo "create a new release and implicitly a new tag"
+		release=$(curl -H "Authorization: token ${GITHUB_TOKEN}" --data '{"tag_name": "'"$TAG"'","target_commitish": "'"$COMMIT"'","name": "'"$TAG"'","body": "testing tag creation","draft": false,"prerelease": true}' "https://api.github.com/repos/$GITHUB_REPO/releases")
+		echo "response to release creation"
+		echo "$release"
+	fi
+else
+	echo "this is a new tag"
+fi
+
+# get the upload URL
+release_info=$(curl -XGET --header "Authorization: token ${GITHUB_TOKEN}" "${release_url}")
+echo "release info for $TAG"
+echo $release_info
+upload_url=$(echo $release_info | jq --raw-output .upload_url | cut -d '{' -f 1)
+
+# accept up to 9 binaries via environment variables
+for FILENAME in $BIN1 $BIN2 $BIN3 $BIN4 $BIN5 $BIN6 $BIN7 $BIN8 $BIN9
+do
+	if [[ -z "$FILENAME" ]] ; then
+		break
+	fi
+	if [[ ! -f $FILENAME ]] ; then
+		echo "Cannot find binary $FILENAME"
+		continue
+	fi
+	echo "upload $FILENAME to release"
+	BASENAME="$(basename $FILENAME)"
+	echo "curl -H \"Authorization: token xxxxx\" -H \"Accept: application/vnd.github.manifold-preview\" -H \"Content-Type: application/octet-stream\" --data-binary @$FILENAME \"$upload_url?name=$BASENAME\""
+	curl -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github.manifold-preview" -H "Content-Type: application/octet-stream" --data-binary @$FILENAME "$upload_url?name=$BASENAME"
+done
+
+# vim: tw=0

.github/workflows/in-container-build.sh

@@ -11,15 +11,24 @@ export CMAKE_PREFIX_PATH=$QT_ROOT/lib/cmake
 export Grantlee5_ROOT=/__w/subsurface/subsurface/install-root
 
 # the container currently has things under / that need to be under /__w/subsurface/subsurface instead
-cp -a /appdir /__w/subsurface/subsurface/
+cp -a /appdir /__w/subsurface/
-cp -a /install-root /__w/subsurface/subsurface/
+cp -a /install-root /__w/subsurface/
+
+echo "--------------------------------------------------------------"
+echo "building mobile"
 
 # first make sure that no one broke Subsurface-mobile
 bash -e -x subsurface/scripts/build.sh -mobile -quick
 
+echo "--------------------------------------------------------------"
+echo "building desktop"
+
 # now build our AppImage
 bash -e -x subsurface/scripts/build.sh -desktop -create-appdir -build-with-webkit -quick
 
+echo "--------------------------------------------------------------"
+echo "assembling AppImage"
+
 export QT_PLUGIN_PATH=$QT_ROOT/plugins
 export QT_QPA_PLATFORM_PLUGIN_PATH=$QT_ROOT/plugins
 export QT_DEBUG_PLUGINS=1

.github/workflows/linux-trusty-5.12.yml

@@ -9,19 +9,18 @@ jobs:
 
     steps:
     - name: checkout sources
-      run: |
+      uses: actions/checkout@v1
-        echo $pwd
-        git clone git://github.com/${GITHUB_REPOSITORY}
-        cd subsurface
-        git checkout ${GITHUB_SHA}
 
     - name: run build
       run: |
-        echo $pwd
+        cd ..
         bash -x subsurface/.github/workflows/in-container-build.sh
 
-    - name: publish result
+    - name: create CI release
-      uses: actions/upload-artifact@v1
+      uses: ./.github/actions/release
-      with:
+      env:
-        name: Subsurface-${{github.sha}}.AppImage
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        path: ./Subsurface.AppImage  # /${GITHUB_WORKSPACE}/ in the container is '.' here
+        GITHUB_REPO: ${{ github.repository }}
+        REF: ${{ github.ref }}
+        COMMIT: ${{ github.sha }}
+        BIN1: ./Subsurface.AppImage

.github/workflows/mac.yml

@@ -76,9 +76,30 @@ jobs:
                 ln -s ${GRANTLEE_VERSION}/$(basename $i) .
                 popd
         done
-
+        zip Subsurface.app.zip Subsurface.app
-    - name: publish result
+    - name: store artifact
-      uses: actions/upload-artifact@v1
+      uses: actions/upload-artifact@master
       with:
-        name: Subsurface-GitHub-Build.app
+        name: Subsurface.app.zip
-        path: build/Subsurface.app
+        path: build/Subsurface.app.zip
+
+  publishRelease:
+    needs: desktopBuild
+    runs-on: ubuntu-latest
+    steps:
+    - name: checkout sources
+      uses: actions/checkout@v1
+      with:
+        fetch-depth: 1
+    - name: retrieve artifact
+      uses: actions/download-artifact@master
+      with:
+        name: Subsurface.app.zip
+    - name: create CI release
+      uses: ./.github/actions/release
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        GITHUB_REPO: ${{ github.repository }}
+        REF: ${{ github.ref }}
+        COMMIT: ${{ github.sha }}
+        BIN1: Subsurface.app.zip

.github/workflows/windows.yml

@@ -9,18 +9,18 @@ jobs:
 
     steps:
     - name: checkout sources
-      run: |
+      uses: actions/checkout@v1
-        cd /win
-        git clone git://github.com/${GITHUB_REPOSITORY}
-        cd subsurface
-        git checkout ${GITHUB_SHA}
-        git submodule init
-        git submodule update
 
     - name: get other dependencies
       run: |
+        echo "creating the link from /win/subsurface"
         cd /win
+        ln -s /__w/subsurface/subsurface .
+        ls -l
+        ls -l subsurface/scripts
+        echo "installing missing container components"
         apt-get install -y ca-certificates libtool
+        echo "downloading sources for fresh build"
         bash subsurface/scripts/get-dep-lib.sh single . libzip
         bash subsurface/scripts/get-dep-lib.sh single . hidapi
         bash subsurface/scripts/get-dep-lib.sh single . googlemaps
@@ -33,32 +33,16 @@ jobs:
         bash -x subsurface/.github/workflows/windows-in-container-build.sh 2>&1 | tee build.log
         grep "Built target installer" build.log
 
-    - name: publish Subsurface installer
+    - name: create CI release
-      uses: actions/upload-artifact@v1
+      uses: ./.github/actions/release
-      with:
+      env:
-        name: subsurface-${{github.sha}}-installer.exe
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        path: ./subsurface-installer.exe  # /${GITHUB_WORKSPACE}/ in the container is '.' here
+        GITHUB_REPO: ${{ github.repository }}
+        REF: ${{ github.ref }}
+        COMMIT: ${{ github.sha }}
+        BIN1: ./subsurface-installer.exe
+        BIN2: ./subsurface.exe
+        BIN3: ./subsurface.exe.debug
+        BIN4: ./smtk2ssrf-installer.exe
+        BIN5: ./smtk2ssrf.exe
 
-    - name: publish Subsurface binary
-      uses: actions/upload-artifact@v1
-      with:
-        name: subsurface-${{github.sha}}.exe
-        path: ./subsurface.exe  # /${GITHUB_WORKSPACE}/ in the container is '.' here
-
-    - name: publish Subsurface debug binary
-      uses: actions/upload-artifact@v1
-      with:
-        name: subsurface-${{github.sha}}.exe.debug
-        path: ./subsurface.exe.debug  # /${GITHUB_WORKSPACE}/ in the container is '.' here
-
-    - name: publish smtk2ssrf installer
-      uses: actions/upload-artifact@v1
-      with:
-        name: smtk2ssrf-${{github.sha}}-installer.exe
-        path: ./smtk2ssrf-installer.exe  # /${GITHUB_WORKSPACE}/ in the container is '.' here
-
-    - name: publish Subsurface installer
-      uses: actions/upload-artifact@v1
-      with:
-        name: smtk2ssrf-${{github.sha}}.exe
-        path: ./subsurface.exe  # /${GITHUB_WORKSPACE}/ in the container is '.' here