Skip to content

Commit 23d8c91

Browse files
committed
chore(NODE-4869): sign and upload to releases
1 parent 4292689 commit 23d8c91

File tree

3 files changed

+75
-0
lines changed

3 files changed

+75
-0
lines changed

.github/actions/setup/action.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
name: Setup
2+
description: 'Installs node, driver dependencies, and builds source'
3+
4+
runs:
5+
using: composite
6+
steps:
7+
- uses: actions/setup-node@v4
8+
with:
9+
node-version: 'lts/*'
10+
cache: 'npm'
11+
registry-url: 'https://registry.npmjs.org'
12+
- run: npm install -g npm@latest
13+
shell: bash
14+
- run: npm clean-install
15+
shell: bash
Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
name: Sign and Upload Package
2+
description: 'Signs and uploads the release artifacts'
3+
4+
inputs:
5+
garasign_username:
6+
description: 'Garasign username input for drivers-github-tools/garasign/gpg-sign'
7+
required: true
8+
garasign_password:
9+
description: 'Garasign password input for drivers-github-tools/garasign/gpg-sign'
10+
required: true
11+
artifactory_username:
12+
description: 'Artifactory username input for drivers-github-tools/garasign/gpg-sign'
13+
required: true
14+
artifactory_password:
15+
description: 'Artifactory password input for drivers-github-tools/garasign/gpg-sign'
16+
required: true
17+
18+
runs:
19+
using: composite
20+
steps:
21+
- run: npm pack
22+
shell: bash
23+
- uses: actions/download-artifact@v4
24+
- name: Display structure of downloaded files
25+
shell: bash
26+
run: ls -R
27+
- name: Get release version and release package file name
28+
id: vars
29+
shell: bash
30+
run: |
31+
package_version=$(jq --raw-output '.version' package.json)
32+
echo "package_version=${package_version}" >> "$GITHUB_OUTPUT"
33+
echo "package_file=bson-${package_version}.tgz" >> "$GITHUB_OUTPUT"
34+
- name: Create detached signature
35+
uses: mongodb-labs/drivers-github-tools/garasign/gpg-sign@v1
36+
with:
37+
filenames: ${{ steps.vars.package_file }}
38+
garasign_username: ${{ inputs.garasign_username }}
39+
garasign_password: ${{ inputs.garasign_password }}
40+
artifactory_username: ${{ inputs.artifactory_username }}
41+
artifactory_password: ${{ inputs.artifactory_password }}
42+
- name: "Upload release artifacts"
43+
run: gh release upload v${{ steps.vars.package_version }} ${{ steps.vars.package_file }}.sig
44+
shell: bash

.github/workflows/build.yml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -79,3 +79,19 @@ jobs:
7979
if-no-files-found: 'error'
8080
retention-days: 1
8181
compression-level: 0
82+
83+
sign_and_upload:
84+
needs: [host_builds, container_builds]
85+
runs-on: ubuntu-latest
86+
steps:
87+
- uses: actions/checkout@v4
88+
- name: actions/sign_and_upload_package
89+
uses: ./.github/actions/sign_and_upload_package
90+
with:
91+
garasign_username: ${{ secrets.GRS_CONFIG_USER1_USERNAME }}
92+
garasign_password: ${{ secrets.GRS_CONFIG_USER1_PASSWORD }}
93+
artifactory_username: ${{ secrets.ARTIFACTORY_USER }}
94+
artifactory_password: ${{ secrets.ARTIFACTORY_PASSWORD }}
95+
# - run: npm publish --provenance
96+
# env:
97+
# NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

0 commit comments

Comments
 (0)