Skip to content

Build Binaries and Deploy #47

Build Binaries and Deploy

Build Binaries and Deploy #47

name: Build Binaries and Deploy
on:
workflow_dispatch:
inputs:
version:
description: "Version number"
required: true
type: string
defaults:
run:
working-directory: ./backend
jobs:
build-and-deploy:
runs-on: ubuntu-latest
container: "debian:buster"
strategy:
matrix:
arch: [x64, arm64]
os: [linux]
include:
- os: linux
target: node18-linux
arm_prefix: aarch64-linux-gnu
x86_prefix: x86_64-linux-gnu
npm_arch: arm64
apt_arch: arm64
# - os: win
# target: node18-win
env:
AR: ${{ matrix.arch == 'arm64' && format('{0}-ar', matrix.arm_prefix) || format('{0}-ar', matrix.x86_prefix) }}
AS: ${{ matrix.arch == 'arm64' && format('{0}-as', matrix.arm_prefix) || format('{0}-as', matrix.x86_prefix) }}
CC: ${{ matrix.arch == 'arm64' && format('{0}-gcc', matrix.arm_prefix) || format('{0}-gcc', matrix.x86_prefix) }}
CPP: ${{ matrix.arch == 'arm64' && format('{0}-cpp', matrix.arm_prefix) || format('{0}-cpp', matrix.x86_prefix) }}
CXX: ${{ matrix.arch == 'arm64' && format('{0}-g++', matrix.arm_prefix) || format('{0}-g++', matrix.x86_prefix) }}
FC: ${{ matrix.arch == 'arm64' && format('{0}-gfortran', matrix.arm_prefix) || format('{0}-gfortran', matrix.x86_prefix) }}
LD: ${{ matrix.arch == 'arm64' && format('{0}-ld', matrix.arm_prefix) || format('{0}-ld', matrix.x86_prefix) }}
STRIP: ${{ matrix.arch == 'arm64' && format('{0}-strip', matrix.arm_prefix) || format('{0}-strip', matrix.x86_prefix) }}
PKG_CONFIG_PATH: ${{ matrix.arch == 'arm64' && format('/usr/lib/{0}/pkgconfig', matrix.arm_prefix) || format('/usr/lib/{0}/pkgconfig', matrix.x86_prefix) }}
TARGET_ARCH: ${{ matrix.apt_arch }}
npm_config_arch: ${{ matrix.arch == 'arm64' && 'arm64' || 'x64' }}
NODE_VERSION: v18.15.0
# Not building from source results in an x86_64 argon2, as if
# npm_config_arch is being ignored.
npm_config_build_from_source: true
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: 18
- name: Install cross-compiler and system dependencies
if: matrix.arch == 'arm64'
run: |
dpkg --add-architecture $TARGET_ARCH
apt-get update && apt-get install -y --no-install-recommends \
crossbuild-essential-$TARGET_ARCH \
libx11-dev:$TARGET_ARCH \
libx11-xcb-dev:$TARGET_ARCH \
libxkbfile-dev:$TARGET_ARCH \
libsecret-1-dev:$TARGET_ARCH \
libkrb5-dev:$TARGET_ARCH \
ca-certificates \
curl wget rsync gettext-base
- name: Install pkg
run: npm install -g @yao-pkg/pkg
- name: Install dependencies (backend)
run: npm install
- name: Install dependencies (frontend)
run: npm install --prefix ../frontend
- name: Prerequisites for pkg
run: npm run binary:build
- name: Package into node binary
run: |
if [ "${{ matrix.os }}" != "linux" ]; then
pkg --no-bytecode --public-packages "*" --public --target ${{ matrix.target }}-${{ matrix.arch }} --output ./binary/infisical-core-${{ matrix.os }}-${{ matrix.arch }} .
else
pkg --no-bytecode --public-packages "*" --public --target ${{ matrix.target }}-${{ matrix.arch }} --output ./binary/infisical-core .
fi
# Set up .deb package structure (Debian/Ubuntu only)
- name: Set up .deb package structure
if: matrix.os == 'linux'
run: |
mkdir -p infisical-core/DEBIAN
mkdir -p infisical-core/usr/local/bin
cp ./binary/infisical-core infisical-core/usr/local/bin/
chmod +x infisical-core/usr/local/bin/infisical-core
- name: Create control file
if: matrix.os == 'linux'
run: |
cat <<EOF > infisical-core/DEBIAN/control
Package: infisical-core
Version: ${{ github.event.inputs.version }}
Section: base
Priority: optional
Architecture: ${{ matrix.arch == 'x64' && 'amd64' || matrix.arch }}
Maintainer: Infisical <daniel@infisical.com>
Description: Infisical Core standalone executable (app.infisical.com)
EOF
# Build .deb file (Debian/Ubunutu only)
- name: Build .deb package
if: matrix.os == 'linux'
run: |
dpkg-deb --build infisical-core
mv infisical-core.deb ./binary/infisical-core-${{matrix.arch}}.deb
- uses: actions/setup-python@v4
- run: pip install --upgrade cloudsmith-cli
- uses: actions/upload-artifact@v4
if: matrix.arch == 'arm64'
with:
name: test-binary
path: ./binary/infisical-core-${{ matrix.arch }}.deb
# Publish .deb file to Cloudsmith (Debian/Ubuntu only)
# - name: Publish to Cloudsmith (Debian/Ubuntu)
# if: matrix.os == 'linux'
# working-directory: ./backend
# run: cloudsmith push deb --republish --no-wait-for-sync --api-key=${{ secrets.CLOUDSMITH_API_KEY }} infisical/infisical-core/any-distro/any-version ./binary/infisical-core-${{ matrix.arch }}.deb
# # Publish .exe file to Cloudsmith (Windows only)
# - name: Publish to Cloudsmith (Windows)
# if: matrix.os == 'win'
# working-directory: ./backend
# run: cloudsmith push raw infisical/infisical-core ./binary/infisical-core-${{ matrix.os }}-${{ matrix.arch }}.exe --republish --no-wait-for-sync --version ${{ github.event.inputs.version }} --api-key ${{ secrets.CLOUDSMITH_API_KEY }}