silberengel
/
next.orly.dev
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
604 Commits
4 Branches
314 Tags
32 MiB
 
 
 
 
 
 
Tree: 36a216574d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '36a216574d'
${ noResults }
next.orly.dev/.gitea/workflows/go.yml

277 lines
9.7 KiB
Raw Blame History

# This workflow builds and releases ORLY binaries for Gitea
#
# NOTE: All builds use CGO_ENABLED=0 since p8k library uses purego (not CGO)
# The library dynamically loads libsecp256k1 at runtime via purego
#
# Release Process:
# 1. Update the version in the pkg/version/version file (e.g. v1.2.3)
# 2. Create and push a tag matching the version:
# git tag v1.2.3
# git push origin v1.2.3
# 3. The workflow will automatically:
# - Build all binaries for Linux AMD64 and ARM64
# - Build the launcher admin web UI
# - Run tests
# - Create a Gitea release with all binaries
# - Generate checksums
name: Go
on:
push:
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
jobs:
build-and-release:
runs-on: ubuntu-latest
steps:
- name: Checkout code
run: |
set -e
echo "Cloning repository..."
echo "GITHUB_REF_NAME=${GITHUB_REF_NAME}"
git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git ${GITHUB_WORKSPACE}
cd ${GITHUB_WORKSPACE}
echo "Cloned successfully. Last commit:"
git log -1
- name: Install dependencies
run: |
set -e
echo "Installing jq..."
sudo apt-get update && sudo apt-get install -y jq
- name: Set up Go
run: |
set -e
echo "Setting up Go 1.25.3..."
cd /tmp
wget -q https://go.dev/dl/go1.25.3.linux-amd64.tar.gz
sudo rm -rf /usr/local/go
sudo tar -C /usr/local -xzf go1.25.3.linux-amd64.tar.gz
export PATH=/usr/local/go/bin:$PATH
go version
- name: Set up Bun
run: |
set -e
echo "Installing Bun..."
curl -fsSL https://bun.sh/install | bash
export BUN_INSTALL="$HOME/.bun"
export PATH="$BUN_INSTALL/bin:$PATH"
bun --version
- name: Build Main Web UI
run: |
set -e
export BUN_INSTALL="$HOME/.bun"
export PATH="$BUN_INSTALL/bin:$PATH"
cd ${GITHUB_WORKSPACE}/app/web
echo "Installing frontend dependencies..."
bun install
echo "Building web app..."
bun run build
ls -lah dist/
echo "Main web UI build complete"
- name: Build Launcher Admin Web UI
run: |
set -e
export BUN_INSTALL="$HOME/.bun"
export PATH="$BUN_INSTALL/bin:$PATH"
cd ${GITHUB_WORKSPACE}/cmd/orly-launcher/web
echo "Installing launcher admin dependencies..."
bun install
echo "Building launcher admin UI..."
bun run build
ls -lah dist/
echo "Launcher admin UI build complete"
- name: Build All Packages
run: |
set -e
export PATH=/usr/local/go/bin:$PATH
cd ${GITHUB_WORKSPACE}
echo "Building all packages..."
CGO_ENABLED=0 go build -v ./...
- name: Test
run: |
set -e
export PATH=/usr/local/go/bin:$PATH
cd ${GITHUB_WORKSPACE}
echo "Running tests..."
# Note: libsecp256k1.so is loaded at runtime via purego, not needed for tests
CGO_ENABLED=0 go test -v $(go list ./... | grep -v '/cmd/benchmark/external/' | xargs -n1 sh -c 'ls $0/*_test.go 1>/dev/null 2>&1 && echo $0' | grep .) || echo "Some tests failed, continuing..."
- name: Build Release Binaries
run: |
set -e
export PATH=/usr/local/go/bin:$PATH
cd ${GITHUB_WORKSPACE}
VERSION=${GITHUB_REF_NAME#v}
echo "Building release binaries for version $VERSION"
mkdir -p release-binaries
# List of binaries to build
BINARIES=(
"orly:."
"orly-db-badger:./cmd/orly-db-badger"
"orly-db-neo4j:./cmd/orly-db-neo4j"
"orly-acl-follows:./cmd/orly-acl-follows"
"orly-acl-managed:./cmd/orly-acl-managed"
"orly-acl-curation:./cmd/orly-acl-curation"
"orly-launcher:./cmd/orly-launcher"
"orly-sync-negentropy:./cmd/orly-sync-negentropy"
"orly-certs:./cmd/orly-certs"
)
# Build for AMD64
echo "Building for Linux AMD64..."
for entry in "${BINARIES[@]}"; do
name="${entry%%:*}"
path="${entry##*:}"
echo " Building ${name}..."
GOEXPERIMENT=greenteagc,jsonv2 GOOS=linux GOARCH=amd64 CGO_ENABLED=0 \
go build -ldflags "-s -w" -o "release-binaries/${name}-${VERSION}-linux-amd64" "${path}"
done
# Build for ARM64
echo "Building for Linux ARM64..."
for entry in "${BINARIES[@]}"; do
name="${entry%%:*}"
path="${entry##*:}"
echo " Building ${name}..."
GOEXPERIMENT=greenteagc,jsonv2 GOOS=linux GOARCH=arm64 CGO_ENABLED=0 \
go build -ldflags "-s -w" -o "release-binaries/${name}-${VERSION}-linux-arm64" "${path}"
done
# Copy libsecp256k1.so from nostr module (has schnorr/musig2)
NOSTR_MOD=$(go list -m -f '{{.Dir}}' git.mleku.dev/mleku/nostr)
if [ -f "${NOSTR_MOD}/crypto/p8k/libsecp256k1.so" ]; then
cp "${NOSTR_MOD}/crypto/p8k/libsecp256k1.so" release-binaries/libsecp256k1-linux-amd64.so
chmod +x release-binaries/libsecp256k1-linux-amd64.so
echo "Copied libsecp256k1.so for AMD64"
fi
# Note: ARM64 users need to build libsecp256k1 from source
# Create checksums
cd release-binaries
sha256sum * > SHA256SUMS.txt
cat SHA256SUMS.txt
cd ..
echo "Release binaries built successfully:"
ls -lh release-binaries/
- name: Create Gitea Release
env:
GITEA_TOKEN: ${{ secrets.GITEATOKEN }}
run: |
set -e
cd ${GITHUB_WORKSPACE}
if [ -z "${GITEA_TOKEN}" ]; then
echo "ERROR: GITEA_TOKEN secret is not set!"
exit 1
fi
VERSION=${GITHUB_REF_NAME}
VERSION_NUM=${GITHUB_REF_NAME#v}
REPO_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d'/' -f1)
REPO_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d'/' -f2)
echo "Creating release for ${REPO_OWNER}/${REPO_NAME} version ${VERSION}"
API_URL="${GITHUB_SERVER_URL}/api/v1"
# Check if release already exists and delete it
echo "Checking for existing release..."
EXISTING_RELEASE=$(curl -s -H "Authorization: token ${GITEA_TOKEN}" \
"${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/tags/${VERSION}")
EXISTING_ID=$(echo "${EXISTING_RELEASE}" | jq -r '.id // empty' 2>/dev/null)
if [ -n "${EXISTING_ID}" ]; then
echo "Deleting existing release ${EXISTING_ID}..."
curl -s -X DELETE \
-H "Authorization: token ${GITEA_TOKEN}" \
"${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/${EXISTING_ID}"
sleep 2
fi
# Ensure tag exists by fetching it
git fetch origin "refs/tags/${VERSION}:refs/tags/${VERSION}" --force 2>/dev/null || true
# Create the release body
RELEASE_BODY=$(cat <<RELEASEBODY
## ORLY Release ${VERSION}
### Binaries Included
* orly - Main relay binary
* orly-db-badger - Badger database server
* orly-db-neo4j - Neo4j database server
* orly-acl-follows - Follows ACL server
* orly-acl-managed - Managed ACL server
* orly-acl-curation - Curation ACL server
* orly-launcher - Process supervisor with admin UI
* orly-sync-negentropy - Negentropy sync service
* orly-certs - DNS-01 wildcard certificate manager
* libsecp256k1 - AMD64 only, with schnorr/musig2 support
### Architectures
* Linux AMD64 (x86_64)
* Linux ARM64 (aarch64)
### Installation
1. Download the appropriate binaries for your architecture
2. Make them executable: chmod +x orly-*
3. Copy libsecp256k1 to /usr/local/lib/ and run ldconfig
4. Run with: ./orly-launcher (for split mode) or ./orly (standalone)
RELEASEBODY
)
# Create release JSON payload
RELEASE_JSON=$(jq -n \
--arg tag "${VERSION}" \
--arg name "Release ${VERSION}" \
--arg body "${RELEASE_BODY}" \
'{tag_name: $tag, name: $name, body: $body}')
echo "Creating release..."
RELEASE_RESPONSE=$(curl -s -X POST \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d "${RELEASE_JSON}" \
"${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases")
echo "Release response: ${RELEASE_RESPONSE}"
RELEASE_ID=$(echo "${RELEASE_RESPONSE}" | jq -r '.id // empty')
if [ -z "${RELEASE_ID}" ]; then
echo "ERROR: Failed to create release"
echo "Response: ${RELEASE_RESPONSE}"
exit 1
fi
echo "Release created with ID: ${RELEASE_ID}"
# Upload all assets
for ASSET in release-binaries/*; do
FILENAME=$(basename "${ASSET}")
echo "Uploading ${FILENAME}..."
curl -s -X POST \
-H "Authorization: token ${GITEA_TOKEN}" \
-F "attachment=@${ASSET}" \
"${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/${RELEASE_ID}/assets?name=${FILENAME}"
done
echo "Release ${VERSION} created successfully!"
# Verify
curl -s -H "Authorization: token ${GITEA_TOKEN}" \
"${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/tags/${VERSION}" | jq '.'