Skip to content

Better clipping request validation #3499

Better clipping request validation

Better clipping request validation #3499

Workflow file for this run

name: Build binaries
on:
pull_request:
push:
branches:
- main
tags:
- "v*"
jobs:
build:
strategy:
matrix:
platform:
- name: linux
os: ubuntu-20.04
- name: darwin
os: macos-latest
arch:
- arm64
- amd64
name: Build binaries for ${{ matrix.platform.name }}-${{ matrix.arch }}
runs-on: ${{ matrix.platform.os }}
steps:
- name: Check out code
uses: actions/checkout@v4
with:
fetch-depth: 0
# Check https://github.com/livepeer/go-livepeer/pull/1891
# for ref value discussion
ref: ${{ github.event.pull_request.head.sha }}
- name: Set up go
id: go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: true
cache-dependency-path: go.sum
- name: Export OS and platform env
run: |
echo "GOOS=${{ matrix.platform.name }}" >> $GITHUB_ENV
echo "GOARCH=${{ matrix.arch }}" >> $GITHUB_ENV
- name: Download dependencies
if: steps.go.outputs.cache-hit != 'true'
run: go mod download
- name: Build
run: |
mkdir -p build/ releases/
make build GO_BUILD_DIR="build/"
cd build/
mv catalyst-api livepeer-catalyst-api
- uses: actions-ecosystem/action-regex-match@v2
id: match-tag
with:
text: ${{ github.ref_name }}
regex: '^(master|main|v[0-9]+\.\d+\.\d+)$'
- name: Codesign and notarize binaries
if: ${{ matrix.platform.name == 'darwin' && steps.match-tag.outputs.match != '' }}
uses: livepeer/action-gh-codesign-apple@latest
with:
developer-certificate-id: ${{ secrets.CI_MACOS_CERTIFICATE_ID }}
developer-certificate-base64: ${{ secrets.CI_MACOS_CERTIFICATE_BASE64 }}
developer-certificate-password: ${{ secrets.CI_MACOS_CERTIFICATE_PASSWORD }}
app-notarization-email: ${{ secrets.CI_MACOS_NOTARIZATION_USER }}
app-notarization-password: ${{ secrets.CI_MACOS_NOTARIZATION_PASSWORD }}
app-notarization-team-id: ${{ secrets.CI_MACOS_NOTARIZATION_TEAM_ID }}
binary-path: build/livepeer-catalyst-api
- name: Archive binaries for windows
if: matrix.platform.name == 'windows'
run: |
cd build/
for file in $(find . -type f -perm -a+x)
do
f_name="$(basename $file)"
mv "${f_name}" "livepeer-${f_name}"
zip -9q "../releases/livepeer-${f_name/.exe/}-${GOOS}-${GOARCH}.zip" "livepeer-${f_name}"
done
- name: Archive binaries
if: matrix.platform.name != 'windows'
run: |
cd build/
tar -czvf "../releases/livepeer-catalyst-api-${GOOS}-${GOARCH}.tar.gz" .
- name: Upload artifacts for cutting release
uses: actions/upload-artifact@v3
with:
name: release-artifacts
path: releases/
upload:
name: Upload artifacts to google bucket
if: ${{ github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
permissions:
contents: "read"
id-token: "write"
runs-on: ubuntu-latest
needs:
- build
steps:
- name: Download artifacts
uses: actions/download-artifact@v3
with:
name: release-artifacts
path: releases/
- name: Generate sha256 checksum and gpg signatures for release artifacts
uses: livepeer/action-gh-checksum-and-gpg-sign@latest
with:
artifacts-dir: releases
release-name: ${{ github.ref_type == 'tag' && github.ref_name || github.event.pull_request.head.sha || github.sha }}
gpg-key: ${{ secrets.CI_GPG_SIGNING_KEY }}
gpg-key-passphrase: ${{ secrets.CI_GPG_SIGNING_PASSPHRASE }}
- name: Generate branch manifest
id: branch-manifest
uses: livepeer/branch-manifest-action@latest
with:
project-name: ${{ github.event.repository.name }}
platform: linux, darwin
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v2
with:
workload_identity_provider: ${{ secrets.CI_GOOGLE_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ secrets.CI_GOOGLE_SERVICE_ACCOUNT }}
- name: Upload release archives to Google Cloud
id: upload-archives
uses: google-github-actions/upload-cloud-storage@v1
with:
path: "releases"
destination: "build.livepeer.live/${{ github.event.repository.name }}/${{ (github.ref_type == 'tag' && github.ref_name) || github.event.pull_request.head.sha || github.sha }}"
parent: false
- name: Upload branch manifest file
id: upload-manifest
uses: google-github-actions/upload-cloud-storage@v1
with:
path: ${{ steps.branch-manifest.outputs.manifest-file }}
destination: "build.livepeer.live/${{ github.event.repository.name }}/"
parent: false
- name: Notify new build upload
run: curl -X POST https://holy-bread-207a.livepeer.workers.dev