name: release on: push: tags: - 'v*' jobs: windows-exe: runs-on: ubuntu-latest container: image: node:20-bookworm-slim defaults: run: shell: bash steps: - name: Checkout uses: actions/checkout@v4 - name: Install toolchain run: | apt-get update apt-get install -y --no-install-recommends \ cmake make zip jq curl ca-certificates \ gcc libc6-dev gcc-mingw-w64-x86-64 - name: Configure run: cmake -S . -B build -DCMAKE_BUILD_TYPE=Release - name: Build Windows exe run: cmake --build build -j --target vmie-startup - name: Package env: TAG: ${{ github.ref_name }} run: | set -euo pipefail mkdir -p dist/vmie-startup cp build/vmie-startup.exe dist/vmie-startup/ [ -f LICENSE ] && cp LICENSE dist/vmie-startup/ || true (cd dist && zip -r "vmie-startup-${TAG}-win64.zip" vmie-startup) - name: Publish to release env: GITEA_TOKEN: ${{ secrets.PUBLISH_TOKEN }} SERVER: ${{ github.server_url }} REPO: ${{ github.repository }} TAG: ${{ github.ref_name }} run: | set -euo pipefail asset="vmie-startup-${TAG}-win64.zip" api="${SERVER}/api/v1/repos/${REPO}" auth="Authorization: token ${GITEA_TOKEN}" # find the release for this tag, or create it rid=$(curl -sSL -H "$auth" "${api}/releases/tags/${TAG}" | jq -r '.id // empty' || true) if [ -z "$rid" ]; then rid=$(curl -fsSL -X POST -H "$auth" -H "Content-Type: application/json" \ -d "{\"tag_name\":\"${TAG}\",\"name\":\"${TAG}\"}" \ "${api}/releases" | jq -r '.id') fi # drop a prior asset of the same name so re-runs are idempotent curl -fsSL -H "$auth" "${api}/releases/${rid}/assets" \ | jq -r ".[] | select(.name==\"${asset}\") | .id" \ | while read -r aid; do [ -n "$aid" ] && curl -fsSL -X DELETE -H "$auth" "${api}/releases/${rid}/assets/${aid}" done curl -fsSL -X POST -H "$auth" \ -F "attachment=@dist/${asset};type=application/zip" \ "${api}/releases/${rid}/assets?name=${asset}" deb: runs-on: ubuntu-latest container: image: node:20-bookworm-slim defaults: run: shell: bash steps: - name: Checkout uses: actions/checkout@v4 - name: Install toolchain run: | apt-get update apt-get install -y --no-install-recommends \ cmake make gcc libc6-dev dpkg-dev file \ gcc-mingw-w64-x86-64 ca-certificates curl - name: Configure env: TAG: ${{ github.ref_name }} run: cmake -S . -B build -DCMAKE_BUILD_TYPE=Release -DVMIE_VERSION=${TAG#v} - name: Build shared library run: cmake --build build -j --target vmie_shared - name: Package run: | set -euo pipefail (cd build && cpack -G DEB) ls -l build/*.deb - name: Publish to Debian registry env: TOKEN: ${{ secrets.PUBLISH_TOKEN }} # requires scope: package:write SERVER: ${{ github.server_url }} OWNER: ${{ github.repository_owner }} DISTRIBUTION: stable COMPONENT: main run: | set -euo pipefail url="${SERVER}/api/packages/${OWNER}/debian/pool/${DISTRIBUTION}/${COMPONENT}/upload" auth="Authorization: token ${TOKEN}" for deb in build/*.deb; do # 201 Created = uploaded; 409 Conflict = this version already present (re-run). # Both are success; anything else fails. Do not use curl -f (it would fail 409). code=$(curl -s -o /dev/null -w '%{http_code}' \ -X PUT -H "$auth" -T "$deb" "$url") echo "$deb -> HTTP $code" if [ "$code" != 201 ] && [ "$code" != 409 ]; then echo "upload failed: $deb (HTTP $code)" >&2 exit 1 fi done