name: release on: release: types: [released] env: registry: docker.io GRADLE_OPTS: "-Dorg.gradle.parallel=true -Dorg.gradle.caching=true" jobs: preprocess_release: runs-on: ubuntu-22.04 steps: - name: Pre-process Release Name id: pre_process_release_name run: | RELEASE_NAME="${{ github.event.release.name }}" # strip all whitespace RELEASE_NAME="${RELEASE_NAME//[[:space:]]/}" if [[ ! "$RELEASE_NAME" =~ ^[0-9]+\.[0-9]+(\.[0-9]+)?(-.*)?$ ]]; then echo "Release name does not conform to a valid besu release format YY.M.v[-suffix], e.g. 24.8.0-RC1." exit 1 fi echo "release_name=$RELEASE_NAME" >> $GITHUB_OUTPUT # Set as output using the new syntax outputs: release_name: ${{ steps.pre_process_release_name.outputs.release_name }} artifacts: runs-on: ubuntu-22.04 needs: preprocess_release env: RELEASE_NAME: ${{ needs.preprocess_release.outputs.release_name }} # Use the output from the pre_process_release job permissions: contents: write outputs: tarSha: ${{steps.hashes.outputs.tarSha}} zipSha: ${{steps.hashes.outputs.zipSha}} steps: - name: checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Set up Java uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 with: distribution: temurin java-version: 21 - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 with: cache-disabled: true - name: assemble release run: ./gradlew -Prelease.releaseVersion=${{env.RELEASE_NAME}} -Pversion=${{env.RELEASE_NAME}} assemble - name: hashes id: hashes run: | cd build/distributions echo "zipSha=$(shasum -a 256 besu*.zip)" echo "tarSha=$(shasum -a 256 besu*.tar.gz)" echo "zipSha=$(shasum -a 256 besu*.zip)" >> $GITHUB_OUTPUT echo "tarSha=$(shasum -a 256 besu*.tar.gz)" >> $GITHUB_OUTPUT - name: upload tarball uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 with: path: 'build/distributions/besu*.tar.gz' name: besu-${{ env.RELEASE_NAME }}.tar.gz compression-level: 0 - name: upload zipfile uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 with: path: 'build/distributions/besu*.zip' name: besu-${{ env.RELEASE_NAME }}.zip compression-level: 0 testWindows: runs-on: windows-2022 needs: artifacts timeout-minutes: 10 steps: - name: Set up Java uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 with: distribution: temurin java-version: 21 - name: Download zip uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe with: pattern: besu-*.zip merge-multiple: true - name: test Besu run: | dir unzip besu-*.zip -d besu-tmp cd besu-tmp mv besu-* ../besu cd .. besu\bin\besu.bat --help besu\bin\besu.bat --version publish: runs-on: ubuntu-22.04 needs: [preprocess_release, testWindows, artifacts] env: RELEASE_NAME: ${{ needs.preprocess_release.outputs.release_name }} # Use the output from the pre_process_release job permissions: contents: write steps: - name: Download archives uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe with: pattern: besu-* merge-multiple: true path: 'build/distributions' - name: Upload Release assets uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 with: append_body: true files: | build/distributions/besu*.tar.gz build/distributions/besu*.zip body: | ${{needs.artifacts.outputs.tarSha}} ${{needs.artifacts.outputs.zipSha}} artifactoryPublish: runs-on: ubuntu-22.04 needs: [preprocess_release, artifacts] env: RELEASE_NAME: ${{ needs.preprocess_release.outputs.release_name }} # Use the output from the pre_process_release job steps: - name: checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Set up Java uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 with: distribution: temurin java-version: 21 - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 with: cache-disabled: true - name: Artifactory Publish env: ARTIFACTORY_USER: ${{ secrets.BESU_ARTIFACTORY_USER }} ARTIFACTORY_KEY: ${{ secrets.BESU_ARTIFACTORY_TOKEN }} run: ./gradlew -Prelease.releaseVersion=${{ env.RELEASE_NAME }} -Pversion=${{env.RELEASE_NAME}} artifactoryPublish hadolint: runs-on: ubuntu-22.04 steps: - name: Checkout Repo uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Set up Java uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 with: distribution: temurin java-version: 21 - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 with: cache-disabled: true - name: hadoLint run: docker run --rm -i hadolint/hadolint < docker/Dockerfile buildDocker: needs: [preprocess_release, hadolint] env: RELEASE_NAME: ${{ needs.preprocess_release.outputs.release_name }} # Use the output from the pre_process_release job permissions: contents: read packages: write strategy: fail-fast: false matrix: platform: - ubuntu-22.04 - besu-arm64 runs-on: ${{ matrix.platform }} steps: - name: Prepare id: prep run: | platform=${{ matrix.platform }} if [ "$platform" = 'ubuntu-22.04' ]; then echo "PLATFORM_PAIR=linux-amd64" >> $GITHUB_OUTPUT echo "ARCH=amd64" >> $GITHUB_OUTPUT else echo "PLATFORM_PAIR=linux-arm64" >> $GITHUB_OUTPUT echo "ARCH=arm64" >> $GITHUB_OUTPUT fi - name: Checkout Repo uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: short sha id: shortSha run: echo "sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - name: Set up Java uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 with: distribution: temurin java-version: 21 - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 with: cache-disabled: true - name: install goss run: | mkdir -p docker/reports curl -L https://github.com/aelsabbahy/goss/releases/download/v0.4.4/goss-${{ steps.prep.outputs.PLATFORM_PAIR }} -o ./docker/tests/goss-${{ steps.prep.outputs.PLATFORM_PAIR }} - name: login to ${{ env.registry }} uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d with: registry: ${{ env.registry }} username: ${{ secrets.DOCKER_USER_RW }} password: ${{ secrets.DOCKER_PASSWORD_RW }} - name: build and test docker uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 env: architecture: ${{ steps.prep.outputs.ARCH }} with: cache-disabled: true arguments: testDocker -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{env.RELEASE_NAME}} -Prelease.releaseVersion=${{ env.RELEASE_NAME }} - name: publish env: architecture: ${{ steps.prep.outputs.ARCH }} run: ./gradlew --no-daemon dockerUpload -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{env.RELEASE_NAME}} -Prelease.releaseVersion=${{ env.RELEASE_NAME }} multiArch: needs: [preprocess_release, buildDocker] env: RELEASE_NAME: ${{ needs.preprocess_release.outputs.release_name }} # Use the output from the pre_process_release job runs-on: ubuntu-22.04 permissions: contents: read packages: write steps: - name: Checkout Repo uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Set up Java uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 with: distribution: temurin java-version: 21 - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 with: cache-disabled: true - name: login to ${{ env.registry }} uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d with: registry: ${{ env.registry }} username: ${{ secrets.DOCKER_USER_RW }} password: ${{ secrets.DOCKER_PASSWORD_RW }} - name: multi-arch docker run: ./gradlew manifestDocker -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{env.RELEASE_NAME}} -Prelease.releaseVersion=${{ env.RELEASE_NAME }} amendNotes: needs: [preprocess_release, multiArch] env: RELEASE_NAME: ${{ needs.preprocess_release.outputs.release_name }} # Use the output from the pre_process_release job runs-on: ubuntu-22.04 permissions: contents: write steps: - name: add pull command to release notes uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 with: append_body: true body: | `docker pull ${{env.registry}}/${{secrets.DOCKER_ORG}}/besu:${{env.RELEASE_NAME}}` dockerPromoteX64: needs: [preprocess_release, multiArch] env: RELEASE_NAME: ${{ needs.preprocess_release.outputs.release_name }} # Use the output from the pre_process_release job runs-on: ubuntu-22.04 steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 with: distribution: temurin java-version: 21 cache: gradle - name: login to ${{ env.registry }} uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d with: registry: ${{ env.registry }} username: ${{ secrets.DOCKER_USER_RW }} password: ${{ secrets.DOCKER_PASSWORD_RW }} - name: Setup Gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 with: cache-disabled: true - name: Docker upload run: ./gradlew "-Prelease.releaseVersion=${{ env.RELEASE_NAME }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" dockerUploadRelease - name: Docker manifest run: ./gradlew "-Prelease.releaseVersion=${{ env.RELEASE_NAME }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" manifestDockerRelease verifyContainer: needs: [preprocess_release, dockerPromoteX64] env: RELEASE_NAME: ${{ needs.preprocess_release.outputs.release_name }} # Use the output from the pre_process_release job runs-on: ubuntu-22.04 permissions: contents: read actions: write steps: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Trigger container verify run: echo '{"version":"${{ env.RELEASE_NAME }}","verify-latest-version":"true"}' | gh workflow run container-verify.yml --json env: GH_TOKEN: ${{ github.token }}