# This workflow builds and releases ORLY binaries for Gitea # # NOTE: All builds use CGO_ENABLED=0 since p8k library uses purego (not CGO) # The library dynamically loads libsecp256k1 at runtime via purego # # Release Process: # 1. Update the version in the pkg/version/version file (e.g. v1.2.3) # 2. Create and push a tag matching the version: # git tag v1.2.3 # git push origin v1.2.3 # 3. The workflow will automatically: # - Build all binaries for Linux AMD64 and ARM64 # - Build the launcher admin web UI # - Run tests # - Create a Gitea release with all binaries # - Generate checksums name: Go on: push: tags: - "v[0-9]+.[0-9]+.[0-9]+" jobs: build-and-release: runs-on: ubuntu-latest steps: - name: Checkout code run: | set -e echo "Cloning repository..." echo "GITHUB_REF_NAME=${GITHUB_REF_NAME}" git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git ${GITHUB_WORKSPACE} cd ${GITHUB_WORKSPACE} echo "Cloned successfully. Last commit:" git log -1 - name: Install dependencies run: | set -e echo "Installing jq..." sudo apt-get update && sudo apt-get install -y jq - name: Set up Go run: | set -e echo "Setting up Go 1.25.3..." cd /tmp wget -q https://go.dev/dl/go1.25.3.linux-amd64.tar.gz sudo rm -rf /usr/local/go sudo tar -C /usr/local -xzf go1.25.3.linux-amd64.tar.gz export PATH=/usr/local/go/bin:$PATH go version - name: Set up Bun run: | set -e echo "Installing Bun..." curl -fsSL https://bun.sh/install | bash export BUN_INSTALL="$HOME/.bun" export PATH="$BUN_INSTALL/bin:$PATH" bun --version - name: Build Main Web UI run: | set -e export BUN_INSTALL="$HOME/.bun" export PATH="$BUN_INSTALL/bin:$PATH" cd ${GITHUB_WORKSPACE}/app/web echo "Installing frontend dependencies..." bun install echo "Building web app..." bun run build ls -lah dist/ echo "Main web UI build complete" - name: Build Launcher Admin Web UI run: | set -e export BUN_INSTALL="$HOME/.bun" export PATH="$BUN_INSTALL/bin:$PATH" cd ${GITHUB_WORKSPACE}/cmd/orly-launcher/web echo "Installing launcher admin dependencies..." bun install echo "Building launcher admin UI..." bun run build ls -lah dist/ echo "Launcher admin UI build complete" - name: Build All Packages run: | set -e export PATH=/usr/local/go/bin:$PATH cd ${GITHUB_WORKSPACE} echo "Building all packages..." CGO_ENABLED=0 go build -v ./... - name: Test run: | set -e export PATH=/usr/local/go/bin:$PATH cd ${GITHUB_WORKSPACE} echo "Running tests..." chmod +x libsecp256k1.so export LD_LIBRARY_PATH=${GITHUB_WORKSPACE}:${LD_LIBRARY_PATH} CGO_ENABLED=0 go test -v $(go list ./... | grep -v '/cmd/benchmark/external/' | xargs -n1 sh -c 'ls $0/*_test.go 1>/dev/null 2>&1 && echo $0' | grep .) || echo "Some tests failed, continuing..." - name: Build Release Binaries run: | set -e export PATH=/usr/local/go/bin:$PATH cd ${GITHUB_WORKSPACE} VERSION=${GITHUB_REF_NAME#v} echo "Building release binaries for version $VERSION" mkdir -p release-binaries # List of binaries to build BINARIES=( "orly:." "orly-db-badger:./cmd/orly-db-badger" "orly-db-neo4j:./cmd/orly-db-neo4j" "orly-acl-follows:./cmd/orly-acl-follows" "orly-acl-managed:./cmd/orly-acl-managed" "orly-acl-curation:./cmd/orly-acl-curation" "orly-launcher:./cmd/orly-launcher" "orly-sync-negentropy:./cmd/orly-sync-negentropy" ) # Build for AMD64 echo "Building for Linux AMD64..." for entry in "${BINARIES[@]}"; do name="${entry%%:*}" path="${entry##*:}" echo " Building ${name}..." GOEXPERIMENT=greenteagc,jsonv2 GOOS=linux GOARCH=amd64 CGO_ENABLED=0 \ go build -ldflags "-s -w" -o "release-binaries/${name}-${VERSION}-linux-amd64" "${path}" done # Build for ARM64 echo "Building for Linux ARM64..." for entry in "${BINARIES[@]}"; do name="${entry%%:*}" path="${entry##*:}" echo " Building ${name}..." GOEXPERIMENT=greenteagc,jsonv2 GOOS=linux GOARCH=arm64 CGO_ENABLED=0 \ go build -ldflags "-s -w" -o "release-binaries/${name}-${VERSION}-linux-arm64" "${path}" done # Copy libsecp256k1.so for AMD64 cp libsecp256k1.so release-binaries/libsecp256k1-linux-amd64.so chmod +x release-binaries/libsecp256k1-linux-amd64.so # Note: ARM64 libsecp256k1 must be built separately and added to repo if [ -f libsecp256k1-arm64.so ]; then cp libsecp256k1-arm64.so release-binaries/libsecp256k1-linux-arm64.so chmod +x release-binaries/libsecp256k1-linux-arm64.so fi # Create checksums cd release-binaries sha256sum * > SHA256SUMS.txt cat SHA256SUMS.txt cd .. echo "Release binaries built successfully:" ls -lh release-binaries/ - name: Create Gitea Release env: GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} run: | set -e cd ${GITHUB_WORKSPACE} if [ -z "${GITEA_TOKEN}" ]; then echo "ERROR: GITEA_TOKEN secret is not set!" exit 1 fi VERSION=${GITHUB_REF_NAME} VERSION_NUM=${GITHUB_REF_NAME#v} REPO_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d'/' -f1) REPO_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d'/' -f2) echo "Creating release for ${REPO_OWNER}/${REPO_NAME} version ${VERSION}" API_URL="${GITHUB_SERVER_URL}/api/v1" # Create the release RELEASE_BODY="## ORLY Release ${VERSION} ### Binaries Included - **orly** - Main relay binary - **orly-db-badger** - Badger database server - **orly-db-neo4j** - Neo4j database server - **orly-acl-follows** - Follows ACL server - **orly-acl-managed** - Managed ACL server - **orly-acl-curation** - Curation ACL server - **orly-launcher** - Process supervisor with admin UI - **orly-sync-negentropy** - Negentropy sync service - **libsecp256k1** - Required shared library ### Architectures - Linux AMD64 (x86_64) - Linux ARM64 (aarch64) ### Installation 1. Download the appropriate binaries for your architecture 2. Make them executable: \`chmod +x orly-*\` 3. Place libsecp256k1 in \`/usr/local/lib/\` or set \`LD_LIBRARY_PATH\` 4. Run with: \`./orly-launcher\` (for split mode) or \`./orly\` (standalone) " RELEASE_RESPONSE=$(curl -s -X POST \ -H "Authorization: token ${GITEA_TOKEN}" \ -H "Content-Type: application/json" \ -d "{\"tag_name\": \"${VERSION}\", \"name\": \"Release ${VERSION}\", \"body\": $(echo "$RELEASE_BODY" | jq -Rs .)}" \ "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases") echo "Release response: ${RELEASE_RESPONSE}" RELEASE_ID=$(echo "${RELEASE_RESPONSE}" | grep -o '"id":[0-9]*' | head -1 | cut -d: -f2) if [ -z "${RELEASE_ID}" ]; then echo "ERROR: Failed to create release" exit 1 fi echo "Release created with ID: ${RELEASE_ID}" # Upload all assets for ASSET in release-binaries/*; do FILENAME=$(basename "${ASSET}") echo "Uploading ${FILENAME}..." curl -s -X POST \ -H "Authorization: token ${GITEA_TOKEN}" \ -F "attachment=@${ASSET}" \ "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/${RELEASE_ID}/assets?name=${FILENAME}" done echo "Release ${VERSION} created successfully!" # Verify curl -s -H "Authorization: token ${GITEA_TOKEN}" \ "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/tags/${VERSION}" | head -c 500