-
Notifications
You must be signed in to change notification settings - Fork 431
188 lines (164 loc) · 6.37 KB
/
publish-cloudsmith.yml
File metadata and controls
188 lines (164 loc) · 6.37 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
name: Publish to Cloudsmith
on:
workflow_dispatch:
inputs:
version:
description: "Release version/tag (e.g., v1.9.123 or 1.9.123, or 'latest' for most recent)"
required: false
type: string
default: "latest"
dry-run:
description: "Dry run (don't actually publish)"
required: false
type: boolean
default: true
workflow_call:
inputs:
version:
description: "Release version/tag"
required: true
type: string
dry-run:
description: "Dry run (don't actually publish)"
required: false
type: boolean
default: false
secrets:
CLOUDSMITH_API_KEY:
required: true
jobs:
determine-version:
runs-on: ubuntu-latest
outputs:
tag_name: ${{ steps.resolve.outputs.tag_name }}
version: ${{ steps.resolve.outputs.version }}
is_prerelease: ${{ steps.resolve.outputs.is_prerelease }}
steps:
- uses: actions/checkout@v6
with:
sparse-checkout: |
.github
- name: Resolve version and tag
id: resolve
run: |
VERSION_INPUT="${{ inputs.version }}"
# If version is "latest" or empty, get the latest release
if [ "$VERSION_INPUT" == "latest" ] || [ -z "$VERSION_INPUT" ]; then
echo "Fetching latest release..."
TAG_NAME=$(gh release list --limit 1 --json tagName --jq '.[0].tagName')
IS_PRERELEASE=$(gh release view "$TAG_NAME" --json isPrerelease --jq '.isPrerelease')
else
# Ensure tag has 'v' prefix
if [[ "$VERSION_INPUT" == v* ]]; then
TAG_NAME="$VERSION_INPUT"
else
TAG_NAME="v$VERSION_INPUT"
fi
# Check if release exists and get prerelease status
if ! gh release view "$TAG_NAME" > /dev/null 2>&1; then
echo "::error::Release $TAG_NAME not found"
exit 1
fi
IS_PRERELEASE=$(gh release view "$TAG_NAME" --json isPrerelease --jq '.isPrerelease')
fi
# Extract version without 'v' prefix
VERSION="${TAG_NAME#v}"
echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "is_prerelease=$IS_PRERELEASE" >> $GITHUB_OUTPUT
echo "Resolved to: $TAG_NAME (version: $VERSION, prerelease: $IS_PRERELEASE)"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Check not prerelease
if: steps.resolve.outputs.is_prerelease == 'true'
run: |
echo "::error::Release ${{ steps.resolve.outputs.tag_name }} is a prerelease. Cloudsmith publishing is only for stable releases."
exit 1
validate-all-assets:
runs-on: ubuntu-latest
needs: [determine-version]
steps:
- name: Validate all packages exist in release
run: |
TAG_NAME="${{ needs.determine-version.outputs.tag_name }}"
VERSION="${{ needs.determine-version.outputs.version }}"
echo "Validating packages for release $TAG_NAME..."
# Get list of assets from release (API call, no download)
ASSETS=$(gh release view "$TAG_NAME" --json assets --jq '.assets[].name')
MISSING=0
REQUIRED_FILES=(
"quarto-${VERSION}-linux-amd64.deb"
"quarto-${VERSION}-linux-arm64.deb"
"quarto-${VERSION}-linux-x86_64.rpm"
"quarto-${VERSION}-linux-aarch64.rpm"
)
for FILE in "${REQUIRED_FILES[@]}"; do
if echo "$ASSETS" | grep -q "^${FILE}$"; then
echo "✓ Found: $FILE"
else
echo "::error::Missing: $FILE"
MISSING=$((MISSING + 1))
fi
done
if [ $MISSING -gt 0 ]; then
echo "::error::$MISSING package(s) missing from release. All 4 packages required for Cloudsmith publishing."
exit 1
fi
echo "All required packages present in release"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_REPO: quarto-dev/quarto-cli
publish-cloudsmith:
runs-on: ubuntu-latest
needs: [determine-version, validate-all-assets]
strategy:
matrix:
arch: [x86_64, aarch64]
format: [deb, rpm]
steps:
- name: Set package architecture name
id: pkg_arch
run: |
if [ "${{ matrix.format }}" == "deb" ]; then
if [ "${{ matrix.arch }}" == "x86_64" ]; then
echo "arch_name=amd64" >> $GITHUB_OUTPUT
else
echo "arch_name=arm64" >> $GITHUB_OUTPUT
fi
else
if [ "${{ matrix.arch }}" == "x86_64" ]; then
echo "arch_name=x86_64" >> $GITHUB_OUTPUT
else
echo "arch_name=aarch64" >> $GITHUB_OUTPUT
fi
fi
- name: Download and validate package from release
run: |
TAG_NAME="${{ needs.determine-version.outputs.tag_name }}"
VERSION="${{ needs.determine-version.outputs.version }}"
ARCH_NAME="${{ steps.pkg_arch.outputs.arch_name }}"
FILE_NAME="quarto-${VERSION}-linux-${ARCH_NAME}.${{ matrix.format }}"
echo "Downloading $FILE_NAME from release $TAG_NAME..."
if ! gh release download "$TAG_NAME" --pattern "$FILE_NAME"; then
echo "::error::Failed to download $FILE_NAME from release $TAG_NAME"
exit 1
fi
if [ ! -f "$FILE_NAME" ]; then
echo "::error::Package file $FILE_NAME not found in release"
exit 1
fi
echo "✓ Successfully downloaded and validated: $FILE_NAME"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_REPO: quarto-dev/quarto-cli
- name: Install and authenticate Cloudsmith CLI
uses: cloudsmith-io/[email protected]
with:
api-key: ${{ secrets.CLOUDSMITH_API_KEY }}
- name: Push ${{ matrix.format }} ${{ matrix.arch }} to Cloudsmith${{ inputs.dry-run && ' (DRY RUN)' || '' }}
run: |
cloudsmith push ${{ matrix.format }} \
posit/open/any-distro/any-version \
"quarto-${{ needs.determine-version.outputs.version }}-linux-${{ steps.pkg_arch.outputs.arch_name }}.${{ matrix.format }}" \
--republish \
${{ inputs.dry-run && '--dry-run' || '' }}