Compare commits
9 Commits
main
...
backup-bef
| Author | SHA1 | Date | |
|---|---|---|---|
| baca4b7761 | |||
| 5d4321cb36 | |||
| 3481b914b1 | |||
| 63c713dab0 | |||
| 2be3632ac7 | |||
| 14debc4d35 | |||
| a3526d3eb4 | |||
| af15bb9036 | |||
| dc74e53e77 |
165
.github/workflows/build-linux-amd64.yml
vendored
165
.github/workflows/build-linux-amd64.yml
vendored
@@ -6,6 +6,8 @@ on:
|
||||
description: Package version (defaults to tag name or short SHA)
|
||||
required: false
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
tags:
|
||||
- 'v*'
|
||||
|
||||
@@ -16,6 +18,33 @@ jobs:
|
||||
EXTENSION_NAME: ui
|
||||
DUCKDB_PLATFORM: linux_amd64
|
||||
steps:
|
||||
- name: Checkout repository (manual)
|
||||
env:
|
||||
TOKEN: ${{ secrets.RELEASE_TOKEN }}
|
||||
run: |
|
||||
set -euo pipefail
|
||||
if [ -d .git ]; then
|
||||
echo "Repository already present"
|
||||
else
|
||||
server="${GITHUB_SERVER_URL:-${{ github.server_url }}}"
|
||||
repo_full="${GITHUB_REPOSITORY:-${{ github.repository }}}"
|
||||
sha="${GITHUB_SHA:-${{ github.sha }}}"
|
||||
host="$(echo "$server" | sed -E 's#^https?://([^/]+).*#\1#')"
|
||||
if [ -n "${TOKEN:-}" ]; then
|
||||
umask 077
|
||||
printf "machine %s\n login token\n password %s\n" "$host" "$TOKEN" > "$HOME/.netrc"
|
||||
fi
|
||||
git init .
|
||||
git config --global --add safe.directory "$(pwd)"
|
||||
git remote add origin "$server/$repo_full.git"
|
||||
git -c http.https://$host/.extraheader="" fetch --depth=1 origin "$sha"
|
||||
git checkout -q FETCH_HEAD
|
||||
fi
|
||||
|
||||
- name: Show workspace status
|
||||
run: |
|
||||
set -e
|
||||
git --no-pager status | cat
|
||||
- name: Install build dependencies
|
||||
run: |
|
||||
set -e
|
||||
@@ -24,9 +53,139 @@ jobs:
|
||||
apt-get install -y --no-install-recommends \
|
||||
build-essential cmake ninja-build python3 python3-venv pkg-config \
|
||||
libssl-dev curl git ca-certificates
|
||||
# ... submodule init, build release, find artifact ...
|
||||
- name: Preflight Gitea upload (fast-fail)
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.RELEASE_TOKEN }}
|
||||
ACTOR: ${{ github.actor }}
|
||||
run: |
|
||||
set -euo pipefail
|
||||
: "${GITEA_TOKEN:?GITEA_TOKEN secret is required}"
|
||||
server="${GITHUB_SERVER_URL:-${{ github.server_url }}}"
|
||||
owner="${GITHUB_REPOSITORY_OWNER:-${{ github.repository_owner }}}"
|
||||
repo_full="${GITHUB_REPOSITORY:-${{ github.repository }}}"
|
||||
pkg="${repo_full##*/}-preflight"
|
||||
version="preflight-${GITHUB_RUN_ID:-0}-${GITHUB_RUN_ATTEMPT:-0}-$(date +%s)"
|
||||
name="check.bin"
|
||||
tmpfile="$(mktemp)"
|
||||
printf "auth check %s\n" "$(date -u +%FT%TZ)" > "$tmpfile"
|
||||
# Normalize server to effective scheme+host (handles http->https redirects)
|
||||
base_no_trail="$(echo "$server" | sed 's#/*$##')"
|
||||
# Use GET (not HEAD) to avoid servers that don't support HEAD on this endpoint
|
||||
effective_version_url=$(curl -sS -L -o /dev/null -w '%{url_effective}' "$base_no_trail/api/v1/version" || echo "")
|
||||
normalized_server=$(echo "$effective_version_url" | sed -E 's#^(https?://[^/]+).*$#\1#')
|
||||
if [ -n "$normalized_server" ]; then
|
||||
server="$normalized_server"
|
||||
fi
|
||||
url="$server/api/packages/$owner/generic/$pkg/$version/$name?replace=1"
|
||||
auth_user="${ACTOR:-$owner}"
|
||||
echo "Preflight: server=$server owner=$owner package=$pkg version=$version"
|
||||
# Perform preflight upload using Basic auth directly
|
||||
if curl -fS -L -X PUT \
|
||||
-u "$auth_user:${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/octet-stream" \
|
||||
--upload-file "$tmpfile" "$url" >/dev/null; then
|
||||
echo "Preflight upload succeeded, cleaning up"
|
||||
else
|
||||
echo "Preflight upload failed" >&2
|
||||
exit 1
|
||||
fi
|
||||
# Cleanup the uploaded dummy package version (best effort)
|
||||
curl -sS -L -o /dev/null -w " delete -> HTTP %{http_code}\n" \
|
||||
-u "$auth_user:${GITEA_TOKEN}" -X DELETE \
|
||||
"$server/api/packages/$owner/generic/$pkg/$version" || true
|
||||
- name: Initialize submodules
|
||||
run: |
|
||||
set -e
|
||||
git submodule update --init --recursive
|
||||
|
||||
- name: Build release (linux_amd64)
|
||||
env:
|
||||
GEN: ""
|
||||
run: |
|
||||
set -e
|
||||
make -j"$(nproc)" release
|
||||
|
||||
- name: Find extension artifact
|
||||
id: artifact
|
||||
run: |
|
||||
set -euo pipefail
|
||||
path="$(ls -1 build/release/extension/${EXTENSION_NAME}/${EXTENSION_NAME}.duckdb_extension 2>/dev/null || true)"
|
||||
if [ -z "$path" ]; then
|
||||
path="$(find build/release -type f -name '*.duckdb_extension' | head -n 1 || true)"
|
||||
fi
|
||||
if [ -z "$path" ]; then
|
||||
echo "Extension artifact not found" >&2
|
||||
exit 1
|
||||
fi
|
||||
echo "file=$path" >> "$GITHUB_OUTPUT"
|
||||
echo "Found: $path"
|
||||
|
||||
- name: Compute package version
|
||||
id: ver
|
||||
run: |
|
||||
set -euo pipefail
|
||||
version='${{ inputs.version }}'
|
||||
if [ -z "$version" ]; then
|
||||
if [ "${{ github.ref_type }}" = "tag" ]; then
|
||||
version='${{ github.ref_name }}'
|
||||
else
|
||||
version="dev-${GITHUB_SHA::8}"
|
||||
fi
|
||||
fi
|
||||
echo "version=$version" >> "$GITHUB_OUTPUT"
|
||||
echo "Using version: $version"
|
||||
- name: Upload to Gitea Packages (generic)
|
||||
env:
|
||||
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
|
||||
GITEA_TOKEN: ${{ secrets.RELEASE_TOKEN }}
|
||||
ACTOR: ${{ github.actor }}
|
||||
run: |
|
||||
curl -fsSL -X PUT -H "Authorization: token ${GITEA_TOKEN}" -H "Content-Type: application/octet-stream" --upload-file "$file" "$server/api/packages/$owner/generic/$pkg/$version/$name?replace=1"
|
||||
set -euo pipefail
|
||||
: "${GITEA_TOKEN:?GITEA_TOKEN secret is required}"
|
||||
# Derive server/owner/pkg from env if not provided
|
||||
server="${GITHUB_SERVER_URL:-${{ github.server_url }}}"
|
||||
owner="${GITHUB_REPOSITORY_OWNER:-${{ github.repository_owner }}}"
|
||||
repo_full="${GITHUB_REPOSITORY:-${{ github.repository }}}"
|
||||
pkg="${repo_full##*/}"
|
||||
# Use previously computed version & artifact if available
|
||||
version='${{ steps.ver.outputs.version }}'
|
||||
file='${{ steps.artifact.outputs.file }}'
|
||||
# Fallbacks if steps were skipped
|
||||
if [ -z "${version}" ]; then
|
||||
if [ -n "${GITHUB_REF_TYPE:-}" ] && [ "${GITHUB_REF_TYPE}" = "tag" ]; then
|
||||
version="${GITHUB_REF_NAME:-dev-${GITHUB_SHA::8}}"
|
||||
else
|
||||
version="dev-${GITHUB_SHA::8}"
|
||||
fi
|
||||
fi
|
||||
if [ -z "${file}" ]; then
|
||||
file="$(ls -1 build/release/extension/${EXTENSION_NAME}/${EXTENSION_NAME}.duckdb_extension 2>/dev/null || true)"
|
||||
if [ -z "$file" ]; then
|
||||
file="$(find build/release -type f -name '*.duckdb_extension' | head -n 1 || true)"
|
||||
fi
|
||||
fi
|
||||
[ -n "$server" ] || { echo "server not set" >&2; exit 1; }
|
||||
[ -n "$owner" ] || { echo "owner not set" >&2; exit 1; }
|
||||
[ -n "$pkg" ] || { echo "pkg not set" >&2; exit 1; }
|
||||
[ -n "$version" ] || { echo "version not set" >&2; exit 1; }
|
||||
[ -n "$file" ] || { echo "file not set" >&2; exit 1; }
|
||||
# Normalize server using effective URL of /api/v1/version (handles http->https)
|
||||
base_no_trail="$(echo "$server" | sed 's#/*$##')"
|
||||
effective_version_url=$(curl -sS -L -o /dev/null -w '%{url_effective}' "$base_no_trail/api/v1/version" || echo "")
|
||||
normalized_server=$(echo "$effective_version_url" | sed -E 's#^(https?://[^/]+).*$#\1#')
|
||||
if [ -n "$normalized_server" ]; then
|
||||
server="$normalized_server"
|
||||
fi
|
||||
# Use the GitHub actor as basic auth username by default
|
||||
auth_user="${ACTOR:-$owner}"
|
||||
name="$(basename "$file")"
|
||||
url="$server/api/packages/$owner/generic/$pkg/$version/$name?replace=1"
|
||||
echo "Uploading $file to $url"
|
||||
echo " auth user=$auth_user"
|
||||
|
||||
# Use Basic auth directly (works with package registry)
|
||||
curl -fS -L -X PUT \
|
||||
-u "$auth_user:${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/octet-stream" \
|
||||
--retry 2 --retry-delay 2 --max-time 300 \
|
||||
--upload-file "$file" "$url"
|
||||
echo "Upload complete."
|
||||
Reference in New Issue
Block a user