4ad111b3dd
* address lint reports * add diff-oss-ci and test-ui jobs to ci GHA workflow * Add actions linter workflow * Fix actions linter errors * pin 3rd party components with SHA hash and limit actionlint workflow to pull requests touching paths under .github directory * Fix actionlint runner * pin SHA hash of 3rd party components use .go-version file to provide go version to setup-go action remove unncessary ref parameter in checkout action --------- Co-authored-by: Brian Shore <bshore@hashicorp.com>
110 lines
3.4 KiB
YAML
110 lines
3.4 KiB
YAML
---
|
|
name: build_vault
|
|
|
|
# This workflow is intended to be called by the build workflow for each Vault
|
|
# binary that needs to be built and packaged. The ci make targets that are
|
|
# utilized automatically determine build metadata and handle building and
|
|
# packing vault.
|
|
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
bundle-path:
|
|
required: false
|
|
type: string
|
|
cgo-enabled:
|
|
type: string
|
|
default: 0
|
|
create-packages:
|
|
type: boolean
|
|
default: true
|
|
goos:
|
|
required: true
|
|
type: string
|
|
goarch:
|
|
required: true
|
|
type: string
|
|
go-tags:
|
|
type: string
|
|
go-version:
|
|
type: string
|
|
package-name:
|
|
type: string
|
|
default: vault
|
|
vault-version:
|
|
type: string
|
|
required: true
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
name: Vault ${{ inputs.goos }} ${{ inputs.goarch }} v${{ inputs.vault-version }}
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- uses: actions/setup-go@v3
|
|
with:
|
|
go-version: ${{ inputs.go-version }}
|
|
- name: Set up node and yarn
|
|
uses: actions/setup-node@v3
|
|
with:
|
|
node-version: 14
|
|
cache: yarn
|
|
cache-dependency-path: ui/yarn.lock
|
|
- name: Build UI
|
|
run: make ci-build-ui
|
|
- name: Build Vault
|
|
env:
|
|
CGO_ENABLED: ${{ inputs.cgo-enabled }}
|
|
GOARCH: ${{ inputs.goarch }}
|
|
GOOS: ${{ inputs.goos }}
|
|
GO_TAGS: ${{ inputs.go-tags }}
|
|
run: make ci-build
|
|
- name: Determine artifact basename
|
|
env:
|
|
GOARCH: ${{ inputs.goarch }}
|
|
GOOS: ${{ inputs.goos }}
|
|
run: echo "ARTIFACT_BASENAME=$(make ci-get-artifact-basename)" >> "$GITHUB_ENV"
|
|
- name: Bundle Vault
|
|
env:
|
|
BUNDLE_PATH: out/${{ env.ARTIFACT_BASENAME }}.zip
|
|
run: make ci-bundle
|
|
- uses: actions/upload-artifact@v3
|
|
with:
|
|
name: ${{ env.ARTIFACT_BASENAME }}.zip
|
|
path: out/${{ env.ARTIFACT_BASENAME }}.zip
|
|
if-no-files-found: error
|
|
- if: ${{ inputs.create-packages }}
|
|
uses: hashicorp/actions-packaging-linux@v1
|
|
with:
|
|
name: ${{ github.event.repository.name }}
|
|
description: Vault is a tool for secrets management, encryption as a service, and privileged access management.
|
|
arch: ${{ inputs.goarch }}
|
|
version: ${{ inputs.vault-version }}
|
|
maintainer: HashiCorp
|
|
homepage: https://github.com/hashicorp/vault
|
|
license: MPL-2.0
|
|
binary: dist/${{ inputs.package-name }}
|
|
deb_depends: openssl
|
|
rpm_depends: openssl
|
|
config_dir: .release/linux/package/
|
|
preinstall: .release/linux/preinst
|
|
postinstall: .release/linux/postinst
|
|
postremove: .release/linux/postrm
|
|
- if: ${{ inputs.create-packages }}
|
|
name: Determine package file names
|
|
run: |
|
|
echo "RPM_PACKAGE=$(basename out/*.rpm)" >> "$GITHUB_ENV"
|
|
echo "DEB_PACKAGE=$(basename out/*.deb)" >> "$GITHUB_ENV"
|
|
- if: ${{ inputs.create-packages }}
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: ${{ env.RPM_PACKAGE }}
|
|
path: out/${{ env.RPM_PACKAGE }}
|
|
if-no-files-found: error
|
|
- if: ${{ inputs.create-packages }}
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: ${{ env.DEB_PACKAGE }}
|
|
path: out/${{ env.DEB_PACKAGE }}
|
|
if-no-files-found: error
|