GitCaddy/GitCaddy Vault
Limited
2
0
Fork 0
Code Issues Releases 9

refactor(ci): split release workflow from build workflow
Some checks failed
Build and Release / Tests (push) Has been cancelled
Details
Build and Release / Lint (push) Has been cancelled
Details
Build and Release / Create Release (push) Has been cancelled
Details

Browse Source 
Moves release-specific jobs (keygen build and server trigger) from build.yml to new release-with-server.yml workflow. The build workflow now focuses on CI tasks (lint/test) and runs on push/PR, while release workflow handles manual releases via workflow_dispatch. This separation improves clarity and allows independent execution of build checks vs release processes.
This commit is contained in:
David H. Friedel Jr.
2026-01-22 11:47:31 -05:00
parent 627020eacb
commit d5beb9fc73
2 changed files with 148 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
.gitea/workflows/build.yml
View File

@@ -9,6 +9,7 @@ on:
pull_request:
branches:
- main
workflow_dispatch:
env:
GOPROXY: https://proxy.golang.org,direct
@@ -116,108 +117,3 @@ jobs:
exit 1
fi
# Build keygen utility for license management
build-keygen:
name: Build Keygen Utility
runs-on: linux-latest
needs: [lint, test, create-release]
if: startsWith(github.ref, 'refs/tags/v') && needs.lint.result == 'success' && needs.create-release.result == 'success'
strategy:
matrix:
include:
- goos: linux
goarch: amd64
- goos: linux
goarch: arm64
- goos: darwin
goarch: amd64
- goos: darwin
goarch: arm64
- goos: windows
goarch: amd64
steps:
- name: Get latest server version
id: server
run: |
VERSION=$(curl -sf "https://direct.git.marketally.com/api/v1/repos/gitcaddy/gitcaddy-server/releases/latest" | grep -o '"tag_name":"[^"]*"' | cut -d'"' -f4)
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Update replace directive for gitcaddy-server
run: |
SERVER_VERSION="${{ steps.server.outputs.version }}"
sed -i "s|replace code.gitcaddy.com/server/v3 => ../gitcaddy-server|replace code.gitcaddy.com/server/v3 => git.marketally.com/gitcaddy/gitcaddy-server/v3 $SERVER_VERSION|" go.mod
go mod tidy
- name: Build keygen
env:
GOOS: ${{ matrix.goos }}
GOARCH: ${{ matrix.goarch }}
CGO_ENABLED: 0
run: |
VERSION=$(git describe --tags --always 2>/dev/null || echo "dev")
EXT=""
if [ "$GOOS" = "windows" ]; then
EXT=".exe"
fi
OUTPUT="vault-keygen-${VERSION}-${GOOS}-${GOARCH}${EXT}"
mkdir -p dist
go build -trimpath -ldflags "-s -w" -o "dist/${OUTPUT}" ./cmd/keygen
cd dist && sha256sum "${OUTPUT}" > "${OUTPUT}.sha256"
- name: Upload to release
env:
RELEASE_ID: ${{ needs.create-release.outputs.release_id }}
run: |
for file in dist/*; do
if [ -f "$file" ]; then
filename=$(basename "$file")
echo "Uploading $filename..."
curl -sf -X POST \
-H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
-F "attachment=@$file" \
"https://direct.git.marketally.com/api/v1/repos/${{ github.repository }}/releases/$RELEASE_ID/assets?name=$filename" || true
fi
done
# Trigger server rebuild after vault release is complete
trigger-server:
name: Trigger Server Rebuild
runs-on: linux-latest
needs: [lint, test, create-release, build-keygen]
if: startsWith(github.ref, 'refs/tags/v') && needs.lint.result == 'success' && needs.test.result == 'success' && needs.create-release.result == 'success'
steps:
- name: Get latest server version
id: server
run: |
VERSION=$(curl -sf "https://direct.git.marketally.com/api/v1/repos/gitcaddy/gitcaddy-server/releases/latest" | grep -o '"tag_name":"[^"]*"' | cut -d'"' -f4)
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "Latest server version: $VERSION"
- name: Trigger server rebuild
run: |
VAULT_TAG="${{ github.ref_name }}"
SERVER_TAG="${{ steps.server.outputs.version }}"
echo "Vault $VAULT_TAG complete - triggering server rebuild"
echo "Server will rebuild at $SERVER_TAG with new vault $VAULT_TAG"
# Trigger server workflow via repository dispatch
curl -sf -X POST \
-H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"ref":"main","inputs":{"vault_tag":"'"$VAULT_TAG"'"}}' \
"https://direct.git.marketally.com/api/v1/repos/gitcaddy/gitcaddy-server/actions/workflows/vault-update.yml/dispatches" || {
echo "Note: Server vault-update workflow may not exist yet"
echo "Manual server rebuild may be required"
}

147
.gitea/workflows/release-with-server.yml Normal file
View File

@@ -0,0 +1,147 @@
name: Release and Trigger Server
on:
workflow_dispatch:
inputs:
tag:
description: 'Tag to release (e.g., v1.0.0)'
required: true
type: string
env:
GOPROXY: https://proxy.golang.org,direct
GO_VERSION: "1.25"
jobs:
lint:
name: Lint
runs-on: linux-latest
steps:
- name: Get latest server version
id: server
run: |
VERSION=$(curl -sf "https://direct.git.marketally.com/api/v1/repos/gitcaddy/gitcaddy-server/releases/latest" | grep -o '"tag_name":"[^"]*"' | cut -d'"' -f4)
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ inputs.tag }}
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Update replace directive for gitcaddy-server
run: |
SERVER_VERSION="${{ steps.server.outputs.version }}"
sed -i "s|replace code.gitcaddy.com/server/v3 => ../gitcaddy-server|replace code.gitcaddy.com/server/v3 => git.marketally.com/gitcaddy/gitcaddy-server/v3 $SERVER_VERSION|" go.mod
cat go.mod | grep -A2 "^replace"
go mod tidy
- name: Run linter
run: go run github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.7.2 run --timeout=10m
test:
name: Tests
runs-on: linux-latest
steps:
- name: Get latest server version
id: server
run: |
VERSION=$(curl -sf "https://direct.git.marketally.com/api/v1/repos/gitcaddy/gitcaddy-server/releases/latest" | grep -o '"tag_name":"[^"]*"' | cut -d'"' -f4)
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ inputs.tag }}
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Update replace directive for gitcaddy-server
run: |
SERVER_VERSION="${{ steps.server.outputs.version }}"
sed -i "s|replace code.gitcaddy.com/server/v3 => ../gitcaddy-server|replace code.gitcaddy.com/server/v3 => git.marketally.com/gitcaddy/gitcaddy-server/v3 $SERVER_VERSION|" go.mod
go mod tidy
- name: Run tests
run: go test -race -v ./...
create-release:
name: Create Release
runs-on: linux-latest
needs: [lint, test]
outputs:
release_id: ${{ steps.create.outputs.release_id }}
steps:
- name: Create or get release
id: create
run: |
TAG="${{ inputs.tag }}"
echo "Creating/getting release for tag: $TAG"
# Try to get existing release first
EXISTING=$(curl -sf \
-H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
"https://direct.git.marketally.com/api/v1/repos/${{ github.repository }}/releases/tags/$TAG" 2>/dev/null || echo "")
if echo "$EXISTING" | grep -q '"id":[0-9]'; then
RELEASE_ID=$(echo "$EXISTING" | grep -o '"id":[0-9]*' | head -1 | cut -d: -f2)
echo "Found existing release: $RELEASE_ID"
echo "release_id=$RELEASE_ID" >> "$GITHUB_OUTPUT"
exit 0
fi
# Create new release
echo "Creating new release..."
RESPONSE=$(curl -sf -X POST \
-H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"tag_name":"'"$TAG"'","name":"GitCaddy Vault '"$TAG"'","body":"GitCaddy Vault '"$TAG"'\n\nThis release is automatically compiled into GitCaddy Server. No separate installation required.\n\nSee the [GitCaddy Server releases](https://git.marketally.com/gitcaddy/gitcaddy-server/releases) for download.","draft":false,"prerelease":false}' \
"https://direct.git.marketally.com/api/v1/repos/${{ github.repository }}/releases" 2>&1)
if echo "$RESPONSE" | grep -q '"id":[0-9]'; then
RELEASE_ID=$(echo "$RESPONSE" | grep -o '"id":[0-9]*' | head -1 | cut -d: -f2)
echo "Created release: $RELEASE_ID"
echo "release_id=$RELEASE_ID" >> "$GITHUB_OUTPUT"
else
echo "ERROR: Failed to create release: $RESPONSE"
exit 1
fi
trigger-server:
name: Trigger Server Rebuild
runs-on: linux-latest
needs: [lint, test, create-release]
steps:
- name: Get latest server version
id: server
run: |
VERSION=$(curl -sf "https://direct.git.marketally.com/api/v1/repos/gitcaddy/gitcaddy-server/releases/latest" | grep -o '"tag_name":"[^"]*"' | cut -d'"' -f4)
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "Latest server version: $VERSION"
- name: Trigger server rebuild
run: |
VAULT_TAG="${{ inputs.tag }}"
SERVER_TAG="${{ steps.server.outputs.version }}"
echo "Vault $VAULT_TAG complete - triggering server rebuild"
echo "Server will rebuild at $SERVER_TAG with new vault $VAULT_TAG"
# Trigger server workflow via repository dispatch
curl -sf -X POST \
-H "Authorization: token ${{ secrets.RELEASE_TOKEN }}" \
-H "Content-Type: application/json" \
-d '{"ref":"main","inputs":{"vault_tag":"'"$VAULT_TAG"'"}}' \
"https://direct.git.marketally.com/api/v1/repos/gitcaddy/gitcaddy-server/actions/workflows/vault-update.yml/dispatches" || {
echo "Note: Server vault-update workflow may not exist yet"
echo "Manual server rebuild may be required"
}