go.yml raw
1 # This workflow builds and releases ORLY binaries for Gitea
2 #
3 # NOTE: All builds use CGO_ENABLED=0. The secp256k1 crypto is provided by
4 # p256k1.mleku.dev which is pure Go with optional BMI2 assembly acceleration.
5 #
6 # Release Process:
7 # 1. Update the version in the pkg/version/version file (e.g. v1.2.3)
8 # 2. Create and push a tag matching the version:
9 # git tag v1.2.3
10 # git push origin v1.2.3
11 # 3. The workflow will automatically:
12 # - Build all binaries for Linux AMD64 and ARM64
13 # - Build the launcher admin web UI
14 # - Run tests
15 # - Create a Gitea release with all binaries
16 # - Generate checksums
17
18 name: Go
19
20 on:
21 push:
22 tags:
23 - "v[0-9]+.[0-9]+.[0-9]+"
24
25 jobs:
26 build-and-release:
27 runs-on: ubuntu-latest
28 steps:
29 - name: Checkout code
30 run: |
31 set -e
32 echo "Cloning repository..."
33 echo "GITHUB_REF_NAME=${GITHUB_REF_NAME}"
34 git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git ${GITHUB_WORKSPACE}
35 cd ${GITHUB_WORKSPACE}
36 echo "Cloned successfully. Last commit:"
37 git log -1
38
39 - name: Install dependencies
40 run: |
41 set -e
42 echo "Installing jq..."
43 sudo apt-get update && sudo apt-get install -y jq
44
45 - name: Set up Go
46 run: |
47 set -e
48 echo "Setting up Go 1.25.3..."
49 cd /tmp
50 wget -q https://go.dev/dl/go1.25.3.linux-amd64.tar.gz
51 sudo rm -rf /usr/local/go
52 sudo tar -C /usr/local -xzf go1.25.3.linux-amd64.tar.gz
53 export PATH=/usr/local/go/bin:$PATH
54 go version
55
56 - name: Set up Bun
57 run: |
58 set -e
59 echo "Installing Bun..."
60 curl -fsSL https://bun.sh/install | bash
61 export BUN_INSTALL="$HOME/.bun"
62 export PATH="$BUN_INSTALL/bin:$PATH"
63 bun --version
64
65 - name: Build Main Web UI
66 run: |
67 set -e
68 export BUN_INSTALL="$HOME/.bun"
69 export PATH="$BUN_INSTALL/bin:$PATH"
70 cd ${GITHUB_WORKSPACE}/app/web
71 echo "Installing frontend dependencies..."
72 bun install
73 echo "Building web app..."
74 bun run build
75 ls -lah dist/
76 echo "Main web UI build complete"
77
78 - name: Build Smesh UI
79 run: |
80 set -e
81 export BUN_INSTALL="$HOME/.bun"
82 export PATH="$BUN_INSTALL/bin:$PATH"
83 cd ${GITHUB_WORKSPACE}/app/smesh
84 echo "Installing smesh dependencies..."
85 bun install
86 echo "Building smesh app..."
87 bun run build
88 ls -lah dist/
89 echo "Smesh UI build complete"
90
91 - name: Build Launcher Admin Web UI
92 run: |
93 set -e
94 export BUN_INSTALL="$HOME/.bun"
95 export PATH="$BUN_INSTALL/bin:$PATH"
96 cd ${GITHUB_WORKSPACE}/cmd/orly-launcher/web
97 echo "Installing launcher admin dependencies..."
98 bun install
99 echo "Building launcher admin UI..."
100 bun run build
101 ls -lah dist/
102 echo "Launcher admin UI build complete"
103
104 - name: Build All Packages
105 run: |
106 set -e
107 export PATH=/usr/local/go/bin:$PATH
108 cd ${GITHUB_WORKSPACE}
109 echo "Building all packages..."
110 CGO_ENABLED=0 go build -v ./...
111
112 - name: Test
113 run: |
114 set -e
115 export PATH=/usr/local/go/bin:$PATH
116 cd ${GITHUB_WORKSPACE}
117 echo "Running tests..."
118 CGO_ENABLED=0 go test -v $(go list ./... | grep -v '/cmd/benchmark/external/' | xargs -n1 sh -c 'ls $0/*_test.go 1>/dev/null 2>&1 && echo $0' | grep .) || echo "Some tests failed, continuing..."
119
120 - name: Build Release Binaries
121 run: |
122 set -e
123 export PATH=/usr/local/go/bin:$PATH
124 cd ${GITHUB_WORKSPACE}
125
126 VERSION=${GITHUB_REF_NAME#v}
127 echo "Building release binaries for version $VERSION"
128
129 mkdir -p release-binaries
130
131 # List of binaries to build
132 BINARIES=(
133 "orly:."
134 "orly-db-badger:./cmd/orly-db-badger"
135 "orly-db-neo4j:./cmd/orly-db-neo4j"
136 "orly-acl-follows:./cmd/orly-acl-follows"
137 "orly-acl-managed:./cmd/orly-acl-managed"
138 "orly-acl-curation:./cmd/orly-acl-curation"
139 "orly-launcher:./cmd/orly-launcher"
140 "orly-sync-negentropy:./cmd/orly-sync-negentropy"
141 "orly-certs:./cmd/orly-certs"
142 )
143
144 # Build for AMD64
145 echo "Building for Linux AMD64..."
146 for entry in "${BINARIES[@]}"; do
147 name="${entry%%:*}"
148 path="${entry##*:}"
149 echo " Building ${name}..."
150 GOEXPERIMENT=greenteagc,jsonv2 GOOS=linux GOARCH=amd64 CGO_ENABLED=0 \
151 go build -ldflags "-s -w" -o "release-binaries/${name}-${VERSION}-linux-amd64" "${path}"
152 done
153
154 # Build for ARM64
155 echo "Building for Linux ARM64..."
156 for entry in "${BINARIES[@]}"; do
157 name="${entry%%:*}"
158 path="${entry##*:}"
159 echo " Building ${name}..."
160 GOEXPERIMENT=greenteagc,jsonv2 GOOS=linux GOARCH=arm64 CGO_ENABLED=0 \
161 go build -ldflags "-s -w" -o "release-binaries/${name}-${VERSION}-linux-arm64" "${path}"
162 done
163
164 # Create checksums
165 cd release-binaries
166 sha256sum * > SHA256SUMS.txt
167 cat SHA256SUMS.txt
168 cd ..
169
170 echo "Release binaries built successfully:"
171 ls -lh release-binaries/
172
173 - name: Create Gitea Release
174 env:
175 GITEA_TOKEN: ${{ secrets.GITEATOKEN }}
176 run: |
177 set -e
178 cd ${GITHUB_WORKSPACE}
179
180 if [ -z "${GITEA_TOKEN}" ]; then
181 echo "ERROR: GITEA_TOKEN secret is not set!"
182 exit 1
183 fi
184
185 VERSION=${GITHUB_REF_NAME}
186 VERSION_NUM=${GITHUB_REF_NAME#v}
187 REPO_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d'/' -f1)
188 REPO_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d'/' -f2)
189
190 echo "Creating release for ${REPO_OWNER}/${REPO_NAME} version ${VERSION}"
191
192 API_URL="${GITHUB_SERVER_URL}/api/v1"
193
194 # Check if release already exists and delete it
195 echo "Checking for existing release..."
196 EXISTING_RELEASE=$(curl -s -H "Authorization: token ${GITEA_TOKEN}" \
197 "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/tags/${VERSION}")
198
199 EXISTING_ID=$(echo "${EXISTING_RELEASE}" | jq -r '.id // empty' 2>/dev/null)
200 if [ -n "${EXISTING_ID}" ]; then
201 echo "Deleting existing release ${EXISTING_ID}..."
202 curl -s -X DELETE \
203 -H "Authorization: token ${GITEA_TOKEN}" \
204 "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/${EXISTING_ID}"
205 sleep 2
206 fi
207
208 # Ensure tag exists by fetching it
209 git fetch origin "refs/tags/${VERSION}:refs/tags/${VERSION}" --force 2>/dev/null || true
210
211 # Create the release body
212 RELEASE_BODY=$(cat <<RELEASEBODY
213 ## ORLY Release ${VERSION}
214
215 ### Binaries Included
216 * orly - Main relay binary
217 * orly-db-badger - Badger database server
218 * orly-db-neo4j - Neo4j database server
219 * orly-acl-follows - Follows ACL server
220 * orly-acl-managed - Managed ACL server
221 * orly-acl-curation - Curation ACL server
222 * orly-launcher - Process supervisor with admin UI
223 * orly-sync-negentropy - Negentropy sync service
224 * orly-certs - DNS-01 wildcard certificate manager
225
226 ### Architectures
227 * Linux AMD64 (x86_64)
228 * Linux ARM64 (aarch64)
229
230 ### Installation
231 1. Download the appropriate binaries for your architecture
232 2. Make them executable: chmod +x orly-*
233 3. Run with: ./orly-launcher (for split mode) or ./orly (standalone)
234 RELEASEBODY
235 )
236
237 # Create release JSON payload
238 RELEASE_JSON=$(jq -n \
239 --arg tag "${VERSION}" \
240 --arg name "Release ${VERSION}" \
241 --arg body "${RELEASE_BODY}" \
242 '{tag_name: $tag, name: $name, body: $body}')
243
244 echo "Creating release..."
245 RELEASE_RESPONSE=$(curl -s -X POST \
246 -H "Authorization: token ${GITEA_TOKEN}" \
247 -H "Content-Type: application/json" \
248 -d "${RELEASE_JSON}" \
249 "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases")
250
251 echo "Release response: ${RELEASE_RESPONSE}"
252
253 RELEASE_ID=$(echo "${RELEASE_RESPONSE}" | jq -r '.id // empty')
254
255 if [ -z "${RELEASE_ID}" ]; then
256 echo "ERROR: Failed to create release"
257 echo "Response: ${RELEASE_RESPONSE}"
258 exit 1
259 fi
260
261 echo "Release created with ID: ${RELEASE_ID}"
262
263 # Upload all assets
264 for ASSET in release-binaries/*; do
265 FILENAME=$(basename "${ASSET}")
266 echo "Uploading ${FILENAME}..."
267
268 curl -s -X POST \
269 -H "Authorization: token ${GITEA_TOKEN}" \
270 -F "attachment=@${ASSET}" \
271 "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/${RELEASE_ID}/assets?name=${FILENAME}"
272 done
273
274 echo "Release ${VERSION} created successfully!"
275
276 # Verify
277 curl -s -H "Authorization: token ${GITEA_TOKEN}" \
278 "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/tags/${VERSION}" | jq '.'
279