open-vault/.github/workflows/build-vault-oss.yml
Marc Boudreau 4ad111b3dd
Migrating CircleCI Jobs to GHA Workflow (#19662)
* address lint reports

* add diff-oss-ci and test-ui jobs to ci GHA workflow

* Add actions linter workflow

* Fix actions linter errors

* pin 3rd party components with SHA hash and limit actionlint workflow to pull requests touching paths under .github directory

* Fix actionlint runner

* pin SHA hash of 3rd party components
use .go-version file to provide go version to setup-go action
remove unncessary ref parameter in checkout action

---------

Co-authored-by: Brian Shore <bshore@hashicorp.com>
2023-03-22 15:02:06 -04:00

110 lines
3.4 KiB
YAML

---
name: build_vault
# This workflow is intended to be called by the build workflow for each Vault
# binary that needs to be built and packaged. The ci make targets that are
# utilized automatically determine build metadata and handle building and
# packing vault.
on:
workflow_call:
inputs:
bundle-path:
required: false
type: string
cgo-enabled:
type: string
default: 0
create-packages:
type: boolean
default: true
goos:
required: true
type: string
goarch:
required: true
type: string
go-tags:
type: string
go-version:
type: string
package-name:
type: string
default: vault
vault-version:
type: string
required: true
jobs:
build:
runs-on: ubuntu-latest
name: Vault ${{ inputs.goos }} ${{ inputs.goarch }} v${{ inputs.vault-version }}
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: ${{ inputs.go-version }}
- name: Set up node and yarn
uses: actions/setup-node@v3
with:
node-version: 14
cache: yarn
cache-dependency-path: ui/yarn.lock
- name: Build UI
run: make ci-build-ui
- name: Build Vault
env:
CGO_ENABLED: ${{ inputs.cgo-enabled }}
GOARCH: ${{ inputs.goarch }}
GOOS: ${{ inputs.goos }}
GO_TAGS: ${{ inputs.go-tags }}
run: make ci-build
- name: Determine artifact basename
env:
GOARCH: ${{ inputs.goarch }}
GOOS: ${{ inputs.goos }}
run: echo "ARTIFACT_BASENAME=$(make ci-get-artifact-basename)" >> "$GITHUB_ENV"
- name: Bundle Vault
env:
BUNDLE_PATH: out/${{ env.ARTIFACT_BASENAME }}.zip
run: make ci-bundle
- uses: actions/upload-artifact@v3
with:
name: ${{ env.ARTIFACT_BASENAME }}.zip
path: out/${{ env.ARTIFACT_BASENAME }}.zip
if-no-files-found: error
- if: ${{ inputs.create-packages }}
uses: hashicorp/actions-packaging-linux@v1
with:
name: ${{ github.event.repository.name }}
description: Vault is a tool for secrets management, encryption as a service, and privileged access management.
arch: ${{ inputs.goarch }}
version: ${{ inputs.vault-version }}
maintainer: HashiCorp
homepage: https://github.com/hashicorp/vault
license: MPL-2.0
binary: dist/${{ inputs.package-name }}
deb_depends: openssl
rpm_depends: openssl
config_dir: .release/linux/package/
preinstall: .release/linux/preinst
postinstall: .release/linux/postinst
postremove: .release/linux/postrm
- if: ${{ inputs.create-packages }}
name: Determine package file names
run: |
echo "RPM_PACKAGE=$(basename out/*.rpm)" >> "$GITHUB_ENV"
echo "DEB_PACKAGE=$(basename out/*.deb)" >> "$GITHUB_ENV"
- if: ${{ inputs.create-packages }}
uses: actions/upload-artifact@v3
with:
name: ${{ env.RPM_PACKAGE }}
path: out/${{ env.RPM_PACKAGE }}
if-no-files-found: error
- if: ${{ inputs.create-packages }}
uses: actions/upload-artifact@v3
with:
name: ${{ env.DEB_PACKAGE }}
path: out/${{ env.DEB_PACKAGE }}
if-no-files-found: error