Skip to content
.github/workflows/release.yml

feat(release) add debug steps to verify vaultctl installation and che… #63

Sign in to view logs

feat(release) add debug steps to verify vaultctl installation and che…

feat(release) add debug steps to verify vaultctl installation and che… #63

Workflow file for this run

.github/workflows/release.yml at dcd1663
# ─────────────────────────────────────────────────────────────────────────────
# vaultctl - Build and Release Workflow
# vaultctl - 빌드 및 릴리스 워크플로
#
# Triggers / 트리거:
# - Push tag matching 'v*' (e.g., v0.1.0)
# - Manual workflow dispatch with version input
#
# Jobs / 작업:
# 1. build: Build deb package / deb 패키지 빌드
# 2. release: Create GitHub release (tags only) / GitHub 릴리스 생성 (태그만)
# 3. pages: Update APT repository on GitHub Pages / GitHub Pages APT 저장소 업데이트
# ─────────────────────────────────────────────────────────────────────────────
name: Build and Release
on:
push:
tags:
- 'v*'
workflow_dispatch:
inputs:
version:
description: 'Version to build (e.g., 0.1.0) / 빌드할 버전'
required: true
env:
PACKAGE_NAME: vaultctl
jobs:
# ═══════════════════════════════════════════════════════════════════════════
# Build Job - Compile binary and create deb package
# 빌드 작업 - 바이너리 컴파일 및 deb 패키지 생성
# ═══════════════════════════════════════════════════════════════════════════
build:
runs-on: ubuntu-22.04
outputs:
version: ${{ steps.version.outputs.version }}
deb_name: ${{ steps.version.outputs.deb_name }}
steps:
- name: Checkout
uses: actions/checkout@v6
- name: Set up Python
uses: actions/setup-python@v6
with:
python-version: '3.11'
- name: Install Poetry
uses: snok/install-poetry@v1
with:
version: 1.7.1
virtualenvs-create: true
virtualenvs-in-project: true
- name: Install Ruby and fpm
run: |
sudo apt-get update
sudo apt-get install -y ruby ruby-dev build-essential
sudo gem install fpm
- name: Install dependencies
run: poetry install --with dev
# Install vaultctl package properly (not editable) for PyInstaller
# PyInstaller가 모듈을 제대로 찾을 수 있도록 .venv에 실제 설치
- name: Build and install package
run: |
poetry build
poetry run pip install dist/*.whl --force-reinstall
# Debug: verify vaultctl installation
- name: Verify vaultctl installation
run: |
echo "=== Installed vaultctl location ==="
poetry run python -c "import vaultctl; print(vaultctl.__file__)"
echo "=== Installed vaultctl.commands ==="
poetry run python -c "import vaultctl.commands; print(vaultctl.commands.__file__)"
echo "=== Installed vaultctl.commands.admin ==="
poetry run python -c "import vaultctl.commands.admin; print(vaultctl.commands.admin.__file__)"
echo "=== List site-packages/vaultctl ==="
ls -la $(poetry run python -c "import vaultctl; import os; print(os.path.dirname(vaultctl.__file__))")
echo "=== List site-packages/vaultctl/commands ==="
ls -la $(poetry run python -c "import vaultctl; import os; print(os.path.dirname(vaultctl.__file__))")/commands/
# Determine version from tag or manual input
# 태그 또는 수동 입력에서 버전 결정
- name: Get version
id: version
run: |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
VERSION="${{ github.event.inputs.version }}"
else
VERSION="${GITHUB_REF#refs/tags/v}"
fi
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "deb_name=${PACKAGE_NAME}_${VERSION}_amd64.deb" >> $GITHUB_OUTPUT
# Update version in source files
# 소스 파일의 버전 업데이트
- name: Update version
run: |
sed -i "s/^version = .*/version = \"${{ steps.version.outputs.version }}\"/" pyproject.toml
sed -i "s/__version__ = .*/__version__ = \"${{ steps.version.outputs.version }}\"/" src/vaultctl/__init__.py
# Build standalone binary with PyInstaller using spec file
# spec 파일을 사용하여 PyInstaller로 독립 실행 바이너리 빌드
- name: Build binary
run: poetry run pyinstaller --clean --noconfirm vaultctl.spec
# Debug: check PYZ contents
- name: Check PYZ contents
run: |
echo "=== Checking vaultctl modules in PYZ archive ==="
poetry run python -c "
import zipfile

Check failure on line 117 in .github/workflows/release.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/release.yml

Invalid workflow file 

You have an error in your yaml syntax on line 117
import os
# Find PYZ file
pyz_path = 'build/vaultctl/PYZ-00.pyz'
if os.path.exists(pyz_path):
print(f'PYZ file found: {pyz_path}')
with zipfile.ZipFile(pyz_path, 'r') as z:
vaultctl_modules = [n for n in z.namelist() if 'vaultctl' in n]
print(f'vaultctl modules in PYZ ({len(vaultctl_modules)}):')
for m in sorted(vaultctl_modules):
print(f' {m}')
else:
print('PYZ file not found')
print('Available files in build/vaultctl:')
for f in os.listdir('build/vaultctl'):
print(f' {f}')
"
echo "=== Checking compiled pyc files ==="
find build/vaultctl -name "*.pyc" | grep -i vaultctl | head -20 || echo "No pyc files found"
echo "=== Testing binary ==="
./dist/vaultctl --help || echo "Binary test failed"
# Create package directory structure
# 패키지 디렉토리 구조 생성
- name: Create package structure
run: |
mkdir -p pkg-root/usr/bin
mkdir -p pkg-root/etc/vaultctl
mkdir -p pkg-root/lib/systemd/system
mkdir -p pkg-root/usr/share/doc/vaultctl
# Binary / 바이너리
cp dist/vaultctl pkg-root/usr/bin/
chmod +x pkg-root/usr/bin/vaultctl
# Config example from template / 템플릿에서 설정 예제 복사
cp packaging/etc/config.example pkg-root/etc/vaultctl/
# systemd unit files / systemd 유닛 파일
cp packaging/systemd/vaultctl-renew.service pkg-root/lib/systemd/system/
cp packaging/systemd/vaultctl-renew.timer pkg-root/lib/systemd/system/
# Documentation / 문서
cp README.md pkg-root/usr/share/doc/vaultctl/
# Copy maintainer scripts from templates
# 템플릿에서 maintainer 스크립트 복사
- name: Prepare maintainer scripts
run: |
mkdir -p scripts
cp packaging/scripts/preinst scripts/
cp packaging/scripts/postinst scripts/
cp packaging/scripts/prerm scripts/
cp packaging/scripts/postrm scripts/
chmod +x scripts/*
# Build deb package with fpm
# fpm으로 deb 패키지 빌드
- name: Build deb package
run: |
fpm \
--input-type dir \
--output-type deb \
--name ${{ env.PACKAGE_NAME }} \
--version ${{ steps.version.outputs.version }} \
--architecture amd64 \
--maintainer "vaultctl maintainers" \
--description "HashiCorp Vault CLI with AppRole authentication" \
--url "https://github.com/${{ github.repository }}" \
--license "MIT" \
--depends "ca-certificates" \
--config-files /etc/vaultctl/config.example \
--before-install scripts/preinst \
--after-install scripts/postinst \
--before-remove scripts/prerm \
--after-remove scripts/postrm \
--package ${{ steps.version.outputs.deb_name }} \
--chdir pkg-root \
.
# Upload artifact for other jobs
# 다른 작업용 아티팩트 업로드
- name: Upload artifact
uses: actions/upload-artifact@v6
with:
name: deb-package
path: ${{ steps.version.outputs.deb_name }}
retention-days: 30
# ═══════════════════════════════════════════════════════════════════════════
# Release Job - Create GitHub Release (only on tag push)
# 릴리스 작업 - GitHub 릴리스 생성 (태그 푸시 시에만)
# ═══════════════════════════════════════════════════════════════════════════
release:
needs: build
runs-on: ubuntu-22.04
if: startsWith(github.ref, 'refs/tags/')
permissions:
contents: write
steps:
- name: Checkout (for install script)
uses: actions/checkout@v6
with:
sparse-checkout: |
scripts/install.sh
sparse-checkout-cone-mode: false
- name: Download artifact
uses: actions/download-artifact@v7
with:
name: deb-package
- name: Create Release
uses: softprops/action-gh-release@v2
with:
files: |
${{ needs.build.outputs.deb_name }}
scripts/install.sh
generate_release_notes: true
body: |
## Installation / 설치
### Quick install (recommended) / 빠른 설치 (권장)
```bash
curl -fsSL https://raw.githubusercontent.com/${{ github.repository }}/main/scripts/install.sh | sudo bash
```
### Manual install / 수동 설치
```bash
wget https://github.com/${{ github.repository }}/releases/download/v${{ needs.build.outputs.version }}/${{ needs.build.outputs.deb_name }}
sudo apt install ./${{ needs.build.outputs.deb_name }}
```
### From private APT server / 개인 APT 서버에서
```bash
# Setup client (one-time)
sudo vaultctl setup apt-client https://apt.example.com -u USER -p PASS
# Install
sudo apt update && sudo apt install vaultctl
```
## Post-installation / 설치 후 설정
```bash
sudo vaultctl setup init
```