Skip to content

Commit 1150d9c

Browse files
committed
chore(NODE-4869): sign and upload to releases
1 parent 4292689 commit 1150d9c

File tree

3 files changed

+93
-0
lines changed

3 files changed

+93
-0
lines changed
Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
name: Sign and Upload Native
2+
description: 'Signs and uploads the native release artifacts'
3+
4+
inputs:
5+
garasign_username:
6+
description: 'Garasign username input for drivers-github-tools/garasign/gpg-sign'
7+
required: true
8+
garasign_password:
9+
description: 'Garasign password input for drivers-github-tools/garasign/gpg-sign'
10+
required: true
11+
artifactory_username:
12+
description: 'Artifactory username input for drivers-github-tools/garasign/gpg-sign'
13+
required: true
14+
artifactory_password:
15+
description: 'Artifactory password input for drivers-github-tools/garasign/gpg-sign'
16+
required: true
17+
18+
runs:
19+
using: composite
20+
steps:
21+
- uses: actions/download-artifact@v4
22+
23+
- name: Display structure of downloaded files
24+
run: ls -R
25+
26+
- name: Get release version and release package file name
27+
id: vars
28+
shell: bash
29+
run: |
30+
package_version=$(jq --raw-output '.version' package.json)
31+
echo "package_version=${package_version}" >> "$GITHUB_OUTPUT"
32+
echo "package_file=bson-${package_version}.tgz" >> "$GITHUB_OUTPUT"
Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
name: Sign and Upload Package
2+
description: 'Signs and uploads the release artifacts'
3+
4+
inputs:
5+
garasign_username:
6+
description: 'Garasign username input for drivers-github-tools/garasign/gpg-sign'
7+
required: true
8+
garasign_password:
9+
description: 'Garasign password input for drivers-github-tools/garasign/gpg-sign'
10+
required: true
11+
artifactory_username:
12+
description: 'Artifactory username input for drivers-github-tools/garasign/gpg-sign'
13+
required: true
14+
artifactory_password:
15+
description: 'Artifactory password input for drivers-github-tools/garasign/gpg-sign'
16+
required: true
17+
18+
runs:
19+
using: composite
20+
steps:
21+
- run: npm pack
22+
shell: bash
23+
24+
- name: Get release version and release package file name
25+
id: vars
26+
shell: bash
27+
run: |
28+
package_version=$(jq --raw-output '.version' package.json)
29+
echo "package_version=${package_version}" >> "$GITHUB_OUTPUT"
30+
echo "package_file=bson-${package_version}.tgz" >> "$GITHUB_OUTPUT"
31+
32+
- name: Create detached signature
33+
uses: mongodb-labs/drivers-github-tools/garasign/gpg-sign@v1
34+
with:
35+
filenames: ${{ steps.vars.package_file }}
36+
garasign_username: ${{ inputs.garasign_username }}
37+
garasign_password: ${{ inputs.garasign_password }}
38+
artifactory_username: ${{ inputs.artifactory_username }}
39+
artifactory_password: ${{ inputs.artifactory_password }}
40+
41+
- name: "Upload release artifacts"
42+
run: gh release upload v${{ steps.vars.package_version }} ${{ steps.vars.package_file }}.sig
43+
shell: bash

.github/workflows/build.yml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -79,3 +79,21 @@ jobs:
7979
if-no-files-found: 'error'
8080
retention-days: 1
8181
compression-level: 0
82+
83+
sign_and_upload:
84+
needs: [host_builds, container_builds]
85+
runs-on: ubuntu-latest
86+
steps:
87+
- uses: actions/checkout@v4
88+
- name: actions/setup
89+
uses: ./.github/actions/setup
90+
- name: actions/sign_and_upload_package
91+
uses: ./.github/actions/sign_and_upload_package
92+
with:
93+
garasign_username: ${{ secrets.GRS_CONFIG_USER1_USERNAME }}
94+
garasign_password: ${{ secrets.GRS_CONFIG_USER1_PASSWORD }}
95+
artifactory_username: ${{ secrets.ARTIFACTORY_USER }}
96+
artifactory_password: ${{ secrets.ARTIFACTORY_PASSWORD }}
97+
# - run: npm publish --provenance
98+
# env:
99+
# NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

0 commit comments

Comments
 (0)