golang
/
nebula
réplica de https://github.com/slackhq/nebula


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353
							on:
  push:
    tags:
    - 'v[0-9]+.[0-9]+.[0-9]*'

name: Create release and upload binaries

jobs:
  build-linux:
    name: Build Linux All
    runs-on: ubuntu-latest
    steps:
      - name: Set up Go 1.19
        uses: actions/setup-go@v2
        with:
          go-version: 1.19

      - name: Checkout code
        uses: actions/checkout@v2

      - name: Build
        run: |
          make BUILD_NUMBER="${GITHUB_REF#refs/tags/v}" release-linux release-freebsd
          mkdir release
          mv build/*.tar.gz release

      - name: Upload artifacts
        uses: actions/upload-artifact@v2
        with:
          name: linux-latest
          path: release

  build-windows:
    name: Build Windows
    runs-on: windows-latest
    steps:
      - name: Set up Go 1.19
        uses: actions/setup-go@v2
        with:
          go-version: 1.19

      - name: Checkout code
        uses: actions/checkout@v2

      - name: Build
        run: |
          echo $Env:GITHUB_REF.Substring(11)
          mkdir build\windows-amd64
          $Env:GOARCH = "amd64"
          go build -trimpath -ldflags "-X main.Build=$($Env:GITHUB_REF.Substring(11))" -o build\windows-amd64\nebula.exe ./cmd/nebula-service
          go build -trimpath -ldflags "-X main.Build=$($Env:GITHUB_REF.Substring(11))" -o build\windows-amd64\nebula-cert.exe ./cmd/nebula-cert
          mkdir build\windows-arm64
          $Env:GOARCH = "arm64"
          go build -trimpath -ldflags "-X main.Build=$($Env:GITHUB_REF.Substring(11))" -o build\windows-arm64\nebula.exe ./cmd/nebula-service
          go build -trimpath -ldflags "-X main.Build=$($Env:GITHUB_REF.Substring(11))" -o build\windows-arm64\nebula-cert.exe ./cmd/nebula-cert
          mkdir build\dist\windows
          mv dist\windows\wintun build\dist\windows\

      - name: Upload artifacts
        uses: actions/upload-artifact@v2
        with:
          name: windows-latest
          path: build

  build-darwin:
    name: Build Universal Darwin
    env:
      HAS_SIGNING_CREDS: ${{ secrets.AC_USERNAME != '' }}
    runs-on: macos-11
    steps:
      - name: Set up Go 1.19
        uses: actions/setup-go@v2
        with:
          go-version: 1.19

      - name: Checkout code
        uses: actions/checkout@v2

      - name: Import certificates
        if: env.HAS_SIGNING_CREDS == 'true'
        uses: Apple-Actions/import-codesign-certs@v1
        with:
          p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
          p12-password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }}

      - name: Build, sign, and notarize
        env:
          AC_USERNAME: ${{ secrets.AC_USERNAME }}
          AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
        run: |
          rm -rf release
          mkdir release
          make BUILD_NUMBER="${GITHUB_REF#refs/tags/v}" service build/darwin-amd64/nebula build/darwin-amd64/nebula-cert
          make BUILD_NUMBER="${GITHUB_REF#refs/tags/v}" service build/darwin-arm64/nebula build/darwin-arm64/nebula-cert
          lipo -create -output ./release/nebula ./build/darwin-amd64/nebula ./build/darwin-arm64/nebula
          lipo -create -output ./release/nebula-cert ./build/darwin-amd64/nebula-cert ./build/darwin-arm64/nebula-cert

          if [ -n "$AC_USERNAME" ]; then
            codesign -s "10BC1FDDEB6CE753550156C0669109FAC49E4D1E" -f -v --timestamp --options=runtime -i "net.defined.nebula" ./release/nebula
            codesign -s "10BC1FDDEB6CE753550156C0669109FAC49E4D1E" -f -v --timestamp --options=runtime -i "net.defined.nebula-cert" ./release/nebula-cert
          fi

          zip -j release/nebula-darwin.zip release/nebula-cert release/nebula

          if [ -n "$AC_USERNAME" ]; then
            xcrun notarytool submit ./release/nebula-darwin.zip --team-id "576H3XS7FP" --apple-id "$AC_USERNAME" --password "$AC_PASSWORD" --wait
          fi

      - name: Upload artifacts
        uses: actions/upload-artifact@v2
        with:
          name: darwin-latest
          path: ./release/*

  release:
    name: Create and Upload Release
    needs: [build-linux, build-darwin, build-windows]
    runs-on: ubuntu-latest
    steps:
      - name: Download artifacts
        uses: actions/download-artifact@v2

      - name: Zip Windows
        run: |
          cd windows-latest
          cp windows-amd64/* .
          zip -r nebula-windows-amd64.zip nebula.exe nebula-cert.exe dist
          cp windows-arm64/* .
          zip -r nebula-windows-arm64.zip nebula.exe nebula-cert.exe dist

      - name: Create sha256sum
        run: |
          for dir in linux-latest darwin-latest windows-latest
          do
            (
              cd $dir
              if [ "$dir" = windows-latest ]
              then
                sha256sum <windows-amd64/nebula.exe | sed 's=-$=nebula-windows-amd64.zip/nebula.exe='
                sha256sum <windows-amd64/nebula-cert.exe | sed 's=-$=nebula-windows-amd64.zip/nebula-cert.exe='
                sha256sum <windows-arm64/nebula.exe | sed 's=-$=nebula-windows-arm64.zip/nebula.exe='
                sha256sum <windows-arm64/nebula-cert.exe | sed 's=-$=nebula-windows-arm64.zip/nebula-cert.exe='
                sha256sum nebula-windows-amd64.zip
                sha256sum nebula-windows-arm64.zip
              elif [ "$dir" = darwin-latest ]
              then
                sha256sum <nebula-darwin.zip | sed 's=-$=nebula-darwin.zip='
                sha256sum <nebula | sed 's=-$=nebula-darwin.zip/nebula='
                sha256sum <nebula-cert | sed 's=-$=nebula-darwin.zip/nebula-cert='
              else
                for v in *.tar.gz
                do
                  sha256sum $v
                  tar zxf $v --to-command='sh -c "sha256sum | sed s=-$='$v'/$TAR_FILENAME="'
                done
              fi
            )
          done | sort -k 2 >SHASUM256.txt

      - name: Create Release
        id: create_release
        uses: actions/create-release@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tag_name: ${{ github.ref }}
          release_name: Release ${{ github.ref }}
          draft: false
          prerelease: false

      ##
      ## Upload assets (I wish we could just upload the whole folder at once...
      ##

      - name: Upload SHASUM256.txt
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./SHASUM256.txt
          asset_name: SHASUM256.txt
          asset_content_type: text/plain

      - name: Upload darwin zip
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./darwin-latest/nebula-darwin.zip
          asset_name: nebula-darwin.zip
          asset_content_type: application/zip

      - name: Upload windows-amd64
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./windows-latest/nebula-windows-amd64.zip
          asset_name: nebula-windows-amd64.zip
          asset_content_type: application/zip

      - name: Upload windows-arm64
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./windows-latest/nebula-windows-arm64.zip
          asset_name: nebula-windows-arm64.zip
          asset_content_type: application/zip

      - name: Upload linux-amd64
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-amd64.tar.gz
          asset_name: nebula-linux-amd64.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-386
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-386.tar.gz
          asset_name: nebula-linux-386.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-ppc64le
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-ppc64le.tar.gz
          asset_name: nebula-linux-ppc64le.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-arm-5
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-arm-5.tar.gz
          asset_name: nebula-linux-arm-5.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-arm-6
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-arm-6.tar.gz
          asset_name: nebula-linux-arm-6.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-arm-7
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-arm-7.tar.gz
          asset_name: nebula-linux-arm-7.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-arm64
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-arm64.tar.gz
          asset_name: nebula-linux-arm64.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-mips
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-mips.tar.gz
          asset_name: nebula-linux-mips.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-mipsle
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-mipsle.tar.gz
          asset_name: nebula-linux-mipsle.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-mips64
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-mips64.tar.gz
          asset_name: nebula-linux-mips64.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-mips64le
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-mips64le.tar.gz
          asset_name: nebula-linux-mips64le.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-mips-softfloat
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-mips-softfloat.tar.gz
          asset_name: nebula-linux-mips-softfloat.tar.gz
          asset_content_type: application/gzip

      - name: Upload linux-riscv64
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-linux-riscv64.tar.gz
          asset_name: nebula-linux-riscv64.tar.gz
          asset_content_type: application/gzip

      - name: Upload freebsd-amd64
        uses: actions/[email protected]
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./linux-latest/nebula-freebsd-amd64.tar.gz
          asset_name: nebula-freebsd-amd64.tar.gz
          asset_content_type: application/gzip