Build Release #8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: 'Build Tag' | |
| required: true | |
| default: '' | |
| version: | |
| description: 'Release Version' | |
| required: true | |
| default: '' | |
| latest: | |
| description: 'Latest Release' | |
| type: boolean | |
| required: true | |
| default: false | |
| env: | |
| tag: ${{ github.event.inputs.tag }} | |
| version: ${{ github.event.inputs.version }} | |
| image_tag: ${{ github.event.inputs.version }}-ce | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get Version | |
| run: | | |
| echo "Current Version: ${version}" | |
| - name: Checkout Code | |
| uses: actions/checkout@v5 | |
| - name: Create Tag | |
| run: | | |
| # sed -i "s@VERSION=.*@VERSION=${{ env.version }}-ce@g" README.md | |
| # sed -i "s@VERSION=.*@VERSION=${{ env.version }}-ce@g" README_EN.md | |
| # sed -i "s@VERSION=.*@VERSION=${{ env.version }}-ce@g" config_example.conf | |
| git config --global user.name 'github-actions[bot]' | |
| git config --global user.email 'github-actions[bot]@users.noreply.github.com' | |
| git add . | |
| git commit -m "feat: Release ${{ env.version }}" || echo "No changes" | |
| git tag ${{ env.version }} || echo "Tag already exists" | |
| git push origin HEAD ${{ env.version }} || echo "Tag already pushed" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check Release | |
| run: | | |
| if [ "${{ github.event.inputs.latest }}" == "true" ]; then | |
| gh release create ${{ env.version }} -t ${{ env.version }} -n "Release ${{ env.version }}" -R ${{ github.repository }} || echo "Release already exists" | |
| else | |
| gh release create ${{ env.version }} -t ${{ env.version }} -n "Release ${{ env.version }}" -R ${{ github.repository }} --latest=false || echo "Release already exists" | |
| fi | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: check | |
| strategy: | |
| matrix: | |
| java_version: [ '17' ] | |
| node_version: [ '20' ] | |
| python_version: [ '3.11' ] | |
| component: [ core, koko, lion, chen, lina, luna, web ] | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.m2 | |
| ~/.npm | |
| ~/.cache | |
| key: ${{ runner.os }}-${{ matrix.component }}-${{ github.sha }} | |
| restore-keys: ${{ runner.os }}-${{ matrix.component }} | |
| - name: Get Version | |
| run: | | |
| echo "Current Version: ${version}" | |
| - uses: actions/setup-java@v4 | |
| if: matrix.component == 'chen' | |
| with: | |
| distribution: 'oracle' | |
| java-version: ${{ matrix.java_version }} | |
| - uses: actions/setup-node@v4 | |
| if: contains(fromJson('["koko", "lion", "chen", "lina", "luna"]'), matrix.component) | |
| with: | |
| node-version: ${{ matrix.node_version }} | |
| - uses: actions/setup-python@v5 | |
| if: matrix.component == 'core' | |
| with: | |
| python-version: ${{ matrix.python_version }} | |
| - name: Install Dependencies for Python | |
| if: matrix.component == 'core' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get -y install --no-install-recommends gettext g++ make pkg-config default-libmysqlclient-dev freetds-dev gettext libkrb5-dev libldap2-dev libsasl2-dev | |
| pip install uv | |
| - name: Create Workspace | |
| run: mkdir -p dist | |
| - name: Checkout Code for Core | |
| if: matrix.component == 'core' | |
| uses: actions/checkout@v5 | |
| with: | |
| repository: jumpserver/jumpserver | |
| ref: ${{ env.tag }} | |
| path: ${{ matrix.component }} | |
| - name: Checkout Code for Custom | |
| if: contains(fromJson('["koko", "lion", "chen", "lina", "luna"]'), matrix.component) | |
| uses: actions/checkout@v5 | |
| with: | |
| repository: jumpserver/${{ matrix.component }} | |
| ref: ${{ env.tag }} | |
| path: ${{ matrix.component }} | |
| - name: Prepare Source Code | |
| if: contains(fromJson('["koko", "lion", "web"]'), matrix.component) | |
| run: | | |
| case ${{ matrix.component }} in | |
| koko|lion) | |
| GHSHA=$(git rev-parse HEAD) | |
| cd ${{ matrix.component }} | |
| sed -i "s@VERSION ?=.*@VERSION := ${{ env.version }}@g" Makefile | |
| sed -i "s@COMMIT := .*@COMMIT := ${GHSHA}@g" Makefile | |
| sed -i 's/@cd $(UIDIR)/# @cd $(UIDIR)/g' Makefile | |
| cd .. | |
| cp -R ${{ matrix.component }} ${{ matrix.component }}-${{ env.version }} | |
| rm -rf ${{ matrix.component }}-${{ env.version }}/.git ${{ matrix.component }}-${{ env.version }}/.github | |
| ;; | |
| web) | |
| cp dockerfile/${{ matrix.component }}/prepare.sh . | |
| ./prepare.sh | |
| cd opt | |
| tar -czf ../dist/web-${{ env.version }}.tar.gz download | |
| esac | |
| - name: Build Core | |
| if: matrix.component == 'core' | |
| run: | | |
| uv venv /tmp/py3 | |
| . /tmp/py3/bin/activate | |
| uv pip install -r pyproject.toml | |
| sed -i "s@VERSION = .*@VERSION = '${{ env.version }}'@g" apps/jumpserver/const.py | |
| wget -qO apps/common/utils/ip/geoip/GeoLite2-City.mmdb https://jms-pkg.oss-cn-beijing.aliyuncs.com/ip/GeoLite2-City.mmdb | |
| wget -qO apps/common/utils/ip/ipip/ipipfree.ipdb https://jms-pkg.oss-cn-beijing.aliyuncs.com/ip/ipipfree.ipdb | |
| echo > config.yml | |
| export SECRET_KEY=$(head -c100 < /dev/urandom | base64 | tr -dc A-Za-z0-9 | head -c 48) | |
| python apps/manage.py compilemessages | |
| rm -f config.yml | |
| rm -rf .git .github | |
| cd .. | |
| cp -R core core-${{ env.version }} | |
| tar -zcf dist/core-${{ env.version }}.tar.gz core-${{ env.version }} | |
| working-directory: ./${{ matrix.component }} | |
| - name: Build Web | |
| if: contains(fromJson('["koko", "lion", "chen", "lina", "luna"]'), matrix.component) | |
| run: | | |
| case ${{ matrix.component }} in | |
| koko|lion) | |
| cd ui | |
| yarn install | |
| yarn build | |
| cp -R dist ../../${{ matrix.component }}-${{ env.version }}/ui | |
| cd ../../ | |
| tar -zcvf dist/${{ matrix.component }}-${{ env.version }}.tar.gz ${{ matrix.component }}-${{ env.version }} | |
| sed -i 's/@cd $(UIDIR)/# @cd $(UIDIR)/g' ${{ matrix.component }}-${{ env.version }}/Makefile | |
| ;; | |
| chen) | |
| cd frontend | |
| rm -f package-lock.json yarn.lock | |
| yarn config set ignore-engines true | |
| yarn install | |
| yarn build | |
| ;; | |
| lina) | |
| sed -i "s@version-dev@${{ env.version }}@g" src/layout/components/NavHeader/About.vue | |
| yarn install | |
| yarn build | |
| mv lina lina-${{ env.version }} | |
| tar -zcvf ../dist/lina-${{ env.version }}.tar.gz lina-${{ env.version }} | |
| ;; | |
| luna) | |
| sed -i "s@version =.*;@version = '${{ env.version }}';@g" src/environments/environment.prod.ts | |
| yarn install | |
| yarn build | |
| cp -R src/assets/i18n luna/ | |
| mv luna luna-${{ env.version }} | |
| tar -zcvf ../dist/luna-${{ env.version }}.tar.gz luna-${{ env.version }} | |
| ;; | |
| esac | |
| working-directory: ./${{ matrix.component }} | |
| - name: Build Binaries | |
| if: matrix.component == 'chen' | |
| run: | | |
| mvn clean package -DskipTests | |
| mkdir -p dist chen-${{ env.version }} | |
| rm -f config/application-dev.yml | |
| mv backend/web/target/web-*.jar chen-${{ env.version }}/chen.jar | |
| mv entrypoint.sh chen-${{ env.version }}/entrypoint.sh | |
| mv drivers chen-${{ env.version }}/drivers | |
| mv config chen-${{ env.version }}/config | |
| tar -zcvf ../dist/chen-${{ env.version }}.tar.gz chen-${{ env.version }} | |
| working-directory: ./${{ matrix.component }} | |
| - name: Upload Binaries | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ matrix.component }}-binaries | |
| path: dist/*.tar.gz | |
| - name: Upload Binaries to GitHub Releases | |
| run: | | |
| gh release upload ${{ env.version }} dist/*.tar.gz -R ${{ github.repository }} --clobber | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| docker: | |
| runs-on: ubuntu-latest | |
| needs: release | |
| strategy: | |
| matrix: | |
| component: [ core, koko, lion, chen, web ] | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: actions/cache@v4 | |
| if: matrix.component != 'web' | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: docker-${{ matrix.component }}-${{ github.sha }} | |
| restore-keys: docker-${{ matrix.component }} | |
| - name: Download Binaries | |
| uses: actions/download-artifact@v5 | |
| with: | |
| path: dist | |
| merge-multiple: true | |
| - name: Get Version | |
| run: | | |
| mkdir -p /tmp/.buildx-cache | |
| echo "Current Version: ${version}" | |
| ls -al dist | |
| echo "image_name=ghcr.io/${GITHUB_REPOSITORY_OWNER,,}/jumpserver/${{ matrix.component }}" >> $GITHUB_ENV | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and Push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| provenance: false | |
| file: dockerfile/${{ matrix.component }}/Dockerfile | |
| platforms: linux/loong64 | |
| push: true | |
| build-args: | | |
| VERSION=${{ env.version }} | |
| tags: | | |
| ${{ env.image_name }}:${{ env.image_tag }} | |
| outputs: type=image,oci-mediatypes=true,compression=zstd,compression-level=3,force-compression=true | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max | |
| - name: Move cache | |
| run: | | |
| rm -rf /tmp/.buildx-cache | |
| mv /tmp/.buildx-cache-new /tmp/.buildx-cache |