Build Binaries and Deploy #47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build Binaries and Deploy | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: "Version number" | |
required: true | |
type: string | |
defaults: | |
run: | |
working-directory: ./backend | |
jobs: | |
build-and-deploy: | |
runs-on: ubuntu-latest | |
container: "debian:buster" | |
strategy: | |
matrix: | |
arch: [x64, arm64] | |
os: [linux] | |
include: | |
- os: linux | |
target: node18-linux | |
arm_prefix: aarch64-linux-gnu | |
x86_prefix: x86_64-linux-gnu | |
npm_arch: arm64 | |
apt_arch: arm64 | |
# - os: win | |
# target: node18-win | |
env: | |
AR: ${{ matrix.arch == 'arm64' && format('{0}-ar', matrix.arm_prefix) || format('{0}-ar', matrix.x86_prefix) }} | |
AS: ${{ matrix.arch == 'arm64' && format('{0}-as', matrix.arm_prefix) || format('{0}-as', matrix.x86_prefix) }} | |
CC: ${{ matrix.arch == 'arm64' && format('{0}-gcc', matrix.arm_prefix) || format('{0}-gcc', matrix.x86_prefix) }} | |
CPP: ${{ matrix.arch == 'arm64' && format('{0}-cpp', matrix.arm_prefix) || format('{0}-cpp', matrix.x86_prefix) }} | |
CXX: ${{ matrix.arch == 'arm64' && format('{0}-g++', matrix.arm_prefix) || format('{0}-g++', matrix.x86_prefix) }} | |
FC: ${{ matrix.arch == 'arm64' && format('{0}-gfortran', matrix.arm_prefix) || format('{0}-gfortran', matrix.x86_prefix) }} | |
LD: ${{ matrix.arch == 'arm64' && format('{0}-ld', matrix.arm_prefix) || format('{0}-ld', matrix.x86_prefix) }} | |
STRIP: ${{ matrix.arch == 'arm64' && format('{0}-strip', matrix.arm_prefix) || format('{0}-strip', matrix.x86_prefix) }} | |
PKG_CONFIG_PATH: ${{ matrix.arch == 'arm64' && format('/usr/lib/{0}/pkgconfig', matrix.arm_prefix) || format('/usr/lib/{0}/pkgconfig', matrix.x86_prefix) }} | |
TARGET_ARCH: ${{ matrix.apt_arch }} | |
npm_config_arch: ${{ matrix.arch == 'arm64' && 'arm64' || 'x64' }} | |
NODE_VERSION: v18.15.0 | |
# Not building from source results in an x86_64 argon2, as if | |
# npm_config_arch is being ignored. | |
npm_config_build_from_source: true | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: Install cross-compiler and system dependencies | |
if: matrix.arch == 'arm64' | |
run: | | |
dpkg --add-architecture $TARGET_ARCH | |
apt-get update && apt-get install -y --no-install-recommends \ | |
crossbuild-essential-$TARGET_ARCH \ | |
libx11-dev:$TARGET_ARCH \ | |
libx11-xcb-dev:$TARGET_ARCH \ | |
libxkbfile-dev:$TARGET_ARCH \ | |
libsecret-1-dev:$TARGET_ARCH \ | |
libkrb5-dev:$TARGET_ARCH \ | |
ca-certificates \ | |
curl wget rsync gettext-base | |
- name: Install pkg | |
run: npm install -g @yao-pkg/pkg | |
- name: Install dependencies (backend) | |
run: npm install | |
- name: Install dependencies (frontend) | |
run: npm install --prefix ../frontend | |
- name: Prerequisites for pkg | |
run: npm run binary:build | |
- name: Package into node binary | |
run: | | |
if [ "${{ matrix.os }}" != "linux" ]; then | |
pkg --no-bytecode --public-packages "*" --public --target ${{ matrix.target }}-${{ matrix.arch }} --output ./binary/infisical-core-${{ matrix.os }}-${{ matrix.arch }} . | |
else | |
pkg --no-bytecode --public-packages "*" --public --target ${{ matrix.target }}-${{ matrix.arch }} --output ./binary/infisical-core . | |
fi | |
# Set up .deb package structure (Debian/Ubuntu only) | |
- name: Set up .deb package structure | |
if: matrix.os == 'linux' | |
run: | | |
mkdir -p infisical-core/DEBIAN | |
mkdir -p infisical-core/usr/local/bin | |
cp ./binary/infisical-core infisical-core/usr/local/bin/ | |
chmod +x infisical-core/usr/local/bin/infisical-core | |
- name: Create control file | |
if: matrix.os == 'linux' | |
run: | | |
cat <<EOF > infisical-core/DEBIAN/control | |
Package: infisical-core | |
Version: ${{ github.event.inputs.version }} | |
Section: base | |
Priority: optional | |
Architecture: ${{ matrix.arch == 'x64' && 'amd64' || matrix.arch }} | |
Maintainer: Infisical <daniel@infisical.com> | |
Description: Infisical Core standalone executable (app.infisical.com) | |
EOF | |
# Build .deb file (Debian/Ubunutu only) | |
- name: Build .deb package | |
if: matrix.os == 'linux' | |
run: | | |
dpkg-deb --build infisical-core | |
mv infisical-core.deb ./binary/infisical-core-${{matrix.arch}}.deb | |
- uses: actions/setup-python@v4 | |
- run: pip install --upgrade cloudsmith-cli | |
- uses: actions/upload-artifact@v4 | |
if: matrix.arch == 'arm64' | |
with: | |
name: test-binary | |
path: ./binary/infisical-core-${{ matrix.arch }}.deb | |
# Publish .deb file to Cloudsmith (Debian/Ubuntu only) | |
# - name: Publish to Cloudsmith (Debian/Ubuntu) | |
# if: matrix.os == 'linux' | |
# working-directory: ./backend | |
# run: cloudsmith push deb --republish --no-wait-for-sync --api-key=${{ secrets.CLOUDSMITH_API_KEY }} infisical/infisical-core/any-distro/any-version ./binary/infisical-core-${{ matrix.arch }}.deb | |
# # Publish .exe file to Cloudsmith (Windows only) | |
# - name: Publish to Cloudsmith (Windows) | |
# if: matrix.os == 'win' | |
# working-directory: ./backend | |
# run: cloudsmith push raw infisical/infisical-core ./binary/infisical-core-${{ matrix.os }}-${{ matrix.arch }}.exe --republish --no-wait-for-sync --version ${{ github.event.inputs.version }} --api-key ${{ secrets.CLOUDSMITH_API_KEY }} |