Use the official Capstonev5 Debian package #693
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Publish Docker Container and Pypanda Docs # Only for main panda-re repo, not forks | |
| on: | |
| push: | |
| branches: | |
| - dev | |
| - stable | |
| env: | |
| PANDA_CONTAINER_UBUNTU_VERSION: '20.04' | |
| jobs: | |
| get_version: | |
| if: github.repository == 'panda-re/panda' && github.ref == 'refs/heads/dev' | |
| runs-on: panda-arc | |
| outputs: | |
| v-version: ${{ steps.version.outputs.v-version }} | |
| steps: | |
| - name: Install git | |
| run: sudo apt-get -qq update -y && sudo apt-get -qq install git curl jq -y | |
| - name: Get next version | |
| uses: reecetech/version-increment@2023.10.2 | |
| id: version | |
| with: | |
| release_branch: dev | |
| use_api: true | |
| build_docker: | |
| needs: get_version | |
| runs-on: panda-arc | |
| if: github.repository == 'panda-re/panda' && github.ref == 'refs/heads/dev' | |
| steps: | |
| - name: 'Login to Docker Registry' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: pandare | |
| password: ${{secrets.pandare_dockerhub}} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: | | |
| image=moby/buildkit:master | |
| network=host | |
| buildkitd-config-inline: | | |
| [registry."${{ secrets.PANDA_ARC_REGISTRY }}"] | |
| insecure = true | |
| http = true | |
| - name: Trust Harbor's self-signed certificate | |
| run: | | |
| echo "Fetching certificate from registry" | |
| openssl s_client -showcerts -connect ${{ secrets.PANDA_ARC_REGISTRY }}:443 < /dev/null 2>/dev/null | openssl x509 -outform PEM | sudo tee /usr/local/share/ca-certificates/harbor.crt > /dev/null | |
| sudo update-ca-certificates | |
| - name: Log in to Rehosting Arc Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.PANDA_ARC_REGISTRY }} | |
| username: ${{ secrets.PANDA_ARC_REGISTRY_USER }} | |
| password: ${{ secrets.PANDA_ARC_REGISTRY_PASSWORD }} | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Build panda:latest | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| context: ${{ github.workspace }} | |
| tags: | | |
| pandare/panda:${{ github.sha }} | |
| pandare/panda:${{ needs.get_version.outputs.v-version }} | |
| pandare/panda:latest | |
| cache-from: | | |
| type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:cache,mode=max | |
| type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:packagecache,mode=max | |
| cache-to: | | |
| type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:packagecache,mode=max | |
| target: panda | |
| build-args: | | |
| REGISTRY=${{ secrets.PANDA_ARC_REGISTRY }}/proxy | |
| - name: Build pandadev:latest | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| context: ${{ github.workspace }} | |
| tags: | | |
| pandare/pandadev:${{ github.sha }} | |
| pandare/pandadev:${{ needs.get_version.outputs.v-version }} | |
| pandare/pandadev:latest | |
| cache-from: | | |
| type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:cache,mode=max | |
| type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:packagecache,mode=max | |
| cache-to: | | |
| type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:packagecache,mode=max | |
| target: developer | |
| build-args: | | |
| REGISTRY=${{ secrets.PANDA_ARC_REGISTRY }}/proxy | |
| build_release_assets: | |
| if: github.repository == 'panda-re/panda' && github.ref == 'refs/heads/dev' | |
| needs: get_version | |
| runs-on: panda-arc | |
| strategy: | |
| matrix: | |
| ubuntu_version: | |
| - 20.04 | |
| - 22.04 | |
| steps: | |
| - name: Install git | |
| run: sudo apt-get -qq update -y && sudo apt-get -qq install git curl jq -y | |
| - name: Check out | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: | | |
| image=moby/buildkit:master | |
| network=host | |
| buildkitd-config-inline: | | |
| [registry."${{ secrets.PANDA_ARC_REGISTRY }}"] | |
| insecure = true | |
| http = true | |
| - name: Trust Harbor's self-signed certificate | |
| run: | | |
| echo "Fetching certificate from registry" | |
| openssl s_client -showcerts -connect ${{ secrets.PANDA_ARC_REGISTRY }}:443 < /dev/null 2>/dev/null | openssl x509 -outform PEM | sudo tee /usr/local/share/ca-certificates/harbor.crt > /dev/null | |
| sudo update-ca-certificates | |
| - name: Log in to Rehosting Arc Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.PANDA_ARC_REGISTRY }} | |
| username: ${{ secrets.PANDA_ARC_REGISTRY_USER }} | |
| password: ${{ secrets.PANDA_ARC_REGISTRY_PASSWORD }} | |
| - name: Build panda packager | |
| uses: docker/build-push-action@v6.18.0 | |
| with: | |
| push: false | |
| load: true | |
| target: whlpackager | |
| context: ${{ github.workspace }} | |
| tags: | | |
| packager | |
| cache-from: | | |
| type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:cache,mode=max | |
| type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:packagecache,mode=max | |
| cache-to: | | |
| type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:packagecache,mode=max | |
| build-args: | | |
| REGISTRY=${{ secrets.PANDA_ARC_REGISTRY }}/proxy | |
| - name: Build package | |
| working-directory: panda/debian | |
| run: | | |
| docker run --rm -v $(pwd):/out packager bash -c "cp /*.whl /pandare.deb /out" | |
| mv pandare.deb pandare_${{ matrix.ubuntu_version }}.deb | |
| - name: Upload deb packages as artifacts | |
| if: ${{ matrix.ubuntu_version != env.PANDA_CONTAINER_UBUNTU_VERSION }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: pandare_${{ matrix.ubuntu_version }} | |
| path: panda/debian/pandare*.deb | |
| if-no-files-found: error | |
| - name: Upload whl package as artifact | |
| if: ${{ matrix.ubuntu_version != env.PANDA_CONTAINER_UBUNTU_VERSION }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: pypanda | |
| path: panda/debian/pandare*.whl | |
| if-no-files-found: error | |
| publish-to-pypi-and-release: | |
| name: Publish Python 🐍 distribution 📦 to PyPI and Make Release | |
| if: github.repository == 'panda-re/panda' && github.ref == 'refs/heads/dev' | |
| needs: | |
| - get_version | |
| - build_release_assets | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/p/pandare # Replace <package-name> with your PyPI project name | |
| permissions: | |
| id-token: write # IMPORTANT: mandatory for trusted publishing | |
| contents: write # IMPORTANT: mandatory for creating releases | |
| steps: | |
| - name: Download all the artifacts | |
| uses: actions/download-artifact@v5 | |
| with: | |
| pattern: pandare_* | |
| path: debs/ | |
| - name: Download all the artifacts | |
| uses: actions/download-artifact@v5 | |
| with: | |
| name: pypanda | |
| path: dist/ | |
| - name: Publish distribution 📦 to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| verbose: true | |
| - name: Upload wheel package to release | |
| uses: softprops/action-gh-release@v2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ needs.get_version.outputs.v-version }} | |
| draft: false | |
| generate_release_notes: true | |
| prerelease: false | |
| name: ${{ needs.get_version.outputs.v-version }} @ ${{ github.ref }} | |
| files: | | |
| dist/* | |
| debs/* |