Skip to content

Commit 28127cc

Browse files
committed
chore(NODE-6160): sign and upload to releases
1 parent 4292689 commit 28127cc

File tree

3 files changed

+107
-16
lines changed

3 files changed

+107
-16
lines changed

.github/actions/setup/action.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
name: Setup
2+
description: 'Installs node, driver dependencies, and builds source'
3+
4+
runs:
5+
using: composite
6+
steps:
7+
- uses: actions/setup-node@v4
8+
with:
9+
node-version: 'lts/*'
10+
cache: 'npm'
11+
registry-url: 'https://registry.npmjs.org'
12+
- run: npm install -g npm@latest
13+
shell: bash
14+
- run: npm clean-install
15+
shell: bash
Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
name: Sign and Upload Package
2+
description: 'Signs native modules with garasign'
3+
4+
inputs:
5+
aws_role_arn:
6+
description: 'AWS role input for drivers-github-tools/gpg-sign@v2'
7+
required: true
8+
aws_region_name:
9+
description: 'AWS region name input for drivers-github-tools/gpg-sign@v2'
10+
required: true
11+
aws_secret_id:
12+
description: 'AWS secret id input for drivers-github-tools/gpg-sign@v2'
13+
required: true
14+
npm_package_name:
15+
description: 'The name for the npm package this repository represents'
16+
required: true
17+
18+
runs:
19+
using: composite
20+
steps:
21+
- uses: actions/download-artifact@v4
22+
- name: Display structure of downloaded files
23+
shell: bash
24+
run: ls -R
25+
26+
- name: Set up drivers-github-tools
27+
uses: mongodb-labs/drivers-github-tools/setup@v2
28+
with:
29+
aws_region_name: ${{ inputs.aws_region_name }}
30+
aws_role_arn: ${{ inputs.aws_role_arn }}
31+
aws_secret_id: ${{ inputs.aws_secret_id }}
32+
33+
- name: Create detached signature
34+
uses: mongodb-labs/drivers-github-tools/gpg-sign@v2
35+
with:
36+
filenames: 'build-*/*.tar.gz'
37+
# env:
38+
# RELEASE_ASSETS: ${{ steps.get_vars.outputs.package_file }}.temp.sig
39+
40+
- name: Display structure of downloaded files
41+
shell: bash
42+
run: ls -R
43+
44+
# - name: Name release asset correctly
45+
# run: mv ${{ steps.get_vars.outputs.package_file }}.temp.sig ${{ steps.get_vars.outputs.package_file }}.sig
46+
# shell: bash
47+
48+
# - name: "Upload release artifacts"
49+
# run: gh release upload v${{ steps.get_vars.outputs.package_version }} ${{ steps.get_vars.outputs.package_file }}.sig --clobber
50+
# shell: bash
51+
# env:
52+
# GH_TOKEN: ${{ github.token }}

.github/workflows/build.yml

Lines changed: 40 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,11 @@ on:
55
branches: [main]
66
workflow_dispatch: {}
77

8+
permissions:
9+
contents: write
10+
pull-requests: write
11+
id-token: write
12+
813
name: build
914

1015
jobs:
@@ -61,21 +66,40 @@ jobs:
6166
retention-days: 1
6267
compression-level: 0
6368

64-
collect:
65-
needs: [host_builds, container_builds]
66-
runs-on: ubunutu-latest
67-
steps:
68-
- uses: actions/download-artifact@v4
69+
# collect:
70+
# needs: [host_builds, container_builds]
71+
# runs-on: ubunutu-latest
72+
# steps:
73+
# - uses: actions/download-artifact@v4
6974

70-
- name: Display structure of downloaded files
71-
run: ls -R
75+
# - name: Display structure of downloaded files
76+
# run: ls -R
7277

73-
- id: upload
74-
name: Upload all prebuilds
75-
uses: actions/upload-artifact@v4
76-
with:
77-
name: all-build
78-
path: '*.tar.gz'
79-
if-no-files-found: 'error'
80-
retention-days: 1
81-
compression-level: 0
78+
# - id: upload
79+
# name: Upload all prebuilds
80+
# uses: actions/upload-artifact@v4
81+
# with:
82+
# name: all-build
83+
# path: '*.tar.gz'
84+
# if-no-files-found: 'error'
85+
# retention-days: 1
86+
# compression-level: 0
87+
88+
sign_and_upload:
89+
needs: [host_builds, container_builds]
90+
runs-on: ubuntu-latest
91+
environment: release
92+
steps:
93+
- uses: actions/checkout@v4
94+
# - name: actions/setup
95+
# uses: ./.github/actions/setup
96+
- name: actions/sign_and_upload_package
97+
uses: ./.github/actions/sign_and_upload_package
98+
with:
99+
aws_role_arn: ${{ secrets.AWS_ROLE_ARN }}
100+
aws_region_name: 'us-east-1'
101+
aws_secret_id: ${{ secrets.AWS_SECRET_ID }}
102+
npm_package_name: 'mongodb'
103+
# - run: npm publish --provenance
104+
# env:
105+
# NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

0 commit comments

Comments
 (0)