-
Notifications
You must be signed in to change notification settings - Fork 0
139 lines (120 loc) · 5.73 KB
/
signer.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: Release
on:
workflow_dispatch:
inputs:
rootUrls:
description: The root urls to use to generate the signed artifact
required: true
default: https://grafana-beta.staging.fusionreactor.io/g/,https://app.fusionreactor.io/g/,https://grafusion-admin.fusionreactor.io/,https://app.staging.fusionreactor.io/g/,https://grafusion-admin.staging.fusionreactor.io/,http://localhost:3000/,https://app.staging.streamhippo.io/g/,https://grafusion-admin.staging.streamhippo.io/g/,https://app.production.streamhippo.io/g/,https://grafusion-admin.production.streamhippo.io/g/
type: string
repository:
description: The repository to use to sign a plugin
required: true
type: string
default: intergral/grafana-deep-panel
ref:
description: The repository ref to use to sign a plugin
required: true
type: string
jobs:
release:
runs-on: ubuntu-latest
env:
GRAFANA_API_KEY: ${{ secrets.GRAFANA_API_KEY }} # Requires a Grafana API key from Grafana.com.
ROOT_URLS: ${{ inputs.rootUrls }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ inputs.ref }}
repository: ${{ inputs.repository }}
- name: Setup Node.js environment
uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'yarn'
- name: Setup Go environment
uses: actions/setup-go@v4
with:
go-version: '1.22'
- name: Install dependencies
run: yarn install --immutable --prefer-offline
- name: Build and test frontend
run: yarn build
- name: Check for backend
id: check-for-backend
run: |
if [ -f "Magefile.go" ]
then
echo "has-backend=true" >> $GITHUB_OUTPUT
fi
- name: Test backend
if: steps.check-for-backend.outputs.has-backend == 'true'
uses: magefile/mage-action@v3
with:
version: latest
args: coverage
- name: Build backend
if: steps.check-for-backend.outputs.has-backend == 'true'
uses: magefile/mage-action@v3
with:
version: latest
args: buildAll
- name: Warn missing Grafana API key
run: |
echo Please generate a Grafana API key: https://grafana.com/docs/grafana/latest/developers/plugins/sign-a-plugin/#generate-an-api-key
echo Once done please follow the instructions found here: https://github.com/${{github.repository}}/blob/main/README.md#using-github-actions-release-workflow
if: ${{ env.GRAFANA_API_KEY == '' }}
- name: Sign plugin
run: npx --yes @grafana/sign-plugin@latest --rootUrls=${{ inputs.rootUrls }}
if: ${{ env.GRAFANA_API_KEY != '' }}
- name: Get plugin metadata
id: metadata
run: |
sudo apt-get install jq
export GRAFANA_PLUGIN_ID=$(cat dist/plugin.json | jq -r .id)
export GRAFANA_PLUGIN_VERSION=$(cat dist/plugin.json | jq -r .info.version)
export GRAFANA_PLUGIN_TYPE=$(cat dist/plugin.json | jq -r .type)
export GRAFANA_PLUGIN_ARTIFACT=${GRAFANA_PLUGIN_ID}-${GRAFANA_PLUGIN_VERSION}.zip
export GRAFANA_PLUGIN_ARTIFACT_UNSIGNED=${GRAFANA_PLUGIN_ID}-${GRAFANA_PLUGIN_VERSION}-unsigned.zip
export GRAFANA_PLUGIN_ARTIFACT_CHECKSUM=${GRAFANA_PLUGIN_ARTIFACT}.md5
echo "plugin-id=${GRAFANA_PLUGIN_ID}" >> $GITHUB_OUTPUT
echo "plugin-version=${GRAFANA_PLUGIN_VERSION}" >> $GITHUB_OUTPUT
echo "plugin-type=${GRAFANA_PLUGIN_TYPE}" >> $GITHUB_OUTPUT
echo "archive=${GRAFANA_PLUGIN_ARTIFACT}" >> $GITHUB_OUTPUT
echo "archive-unsigned=${GRAFANA_PLUGIN_ARTIFACT_UNSIGNED}" >> $GITHUB_OUTPUT
echo "archive-checksum=${GRAFANA_PLUGIN_ARTIFACT_CHECKSUM}" >> $GITHUB_OUTPUT
- name: Read changelog
id: changelog
run: |
awk '/^## / {s++} s == 1 {print}' CHANGELOG.md > release_notes.md
echo "path=release_notes.md" >> $GITHUB_OUTPUT
- name: Check package version
run: if [ "v${{ steps.metadata.outputs.plugin-version }}" != "${{ inputs.ref }}" ]; then printf "\033[0;31mPlugin version doesn't match tag name\033[0m\n"; exit 1; fi
- name: Package plugin
id: package-plugin
run: |
mv dist ${{ steps.metadata.outputs.plugin-id }}
zip ${{ steps.metadata.outputs.archive }} ${{ steps.metadata.outputs.plugin-id }} -r
zip ${{ steps.metadata.outputs.archive-unsigned }} ${{ steps.metadata.outputs.plugin-id }} -r -x ${{ steps.metadata.outputs.plugin-id }}/MANIFEST.txt
md5sum ${{ steps.metadata.outputs.archive }} > ${{ steps.metadata.outputs.archive-checksum }}
echo "checksum=$(cat ./${{ steps.metadata.outputs.archive-checksum }} | cut -d' ' -f1)" >> $GITHUB_OUTPUT
- name: Validate plugin
run: |
git clone https://github.com/grafana/plugin-validator
pushd ./plugin-validator/pkg/cmd/plugincheck2
go install
popd
plugincheck2 -config ./plugin-validator/config/default.yaml ${{ steps.metadata.outputs.archive }}
- name: Create Github release
uses: softprops/action-gh-release@v2
with:
name: ${{ inputs.repository }}.${{ inputs.ref }}
tag_name: ${{ inputs.repository }}.${{ inputs.ref }}
draft: false
generate_release_notes: true
files: |
./${{ steps.metadata.outputs.archive }}
./${{ steps.metadata.outputs.archive-unsigned }}
./${{ steps.metadata.outputs.archive-checksum }}
body: |
This is a clone of ${{ inputs.repository }} at ref ${{ inputs.ref }}. This version has been signed with the root urls: ${{ inputs.rootUrls }}.