Merge pull request #42 from oasisprotocol/kostko/feature/prepare-3.0.… #26
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # NOTE: This name appears in GitHub's Checks API and in workflow's status badge. | |
| name: release | |
| # Trigger the workflow when: | |
| on: | |
| # A push occurs to one of the matched tags. | |
| push: | |
| tags: | |
| # Pattern that roughly matches Cipher ParaTime's version tags. | |
| # For more details on GitHub Actions' pattern match syntax, see: | |
| # https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#patterns-to-match-branches-and-tags. | |
| - 'v[0-9]+.[0-9]+*' | |
| jobs: | |
| prepare-release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "1.21.x" | |
| - name: Build tagged release, elf, debug | |
| id: build-debug-elf | |
| uses: oasisprotocol/oasis-sdk/.github/actions/hash-rust@main | |
| with: | |
| image: oasisprotocol/runtime-builder:main | |
| pkg-dirs: runtime | |
| binaries: cipher-paratime | |
| clean: no | |
| setup: | | |
| export OASIS_UNSAFE_SKIP_AVR_VERIFY=1 OASIS_UNSAFE_SKIP_KM_POLICY=1 OASIS_UNSAFE_ALLOW_DEBUG_ENCLAVES=1 | |
| - name: Create the debug Oasis Runtime Container | |
| run: | | |
| go install github.com/oasisprotocol/oasis-sdk/tools/orc@latest | |
| pushd runtime | |
| orc init ${RUNTIME_EXECUTABLE} --output ../insecure-debug-cipher-paratime.orc | |
| popd | |
| env: | |
| RUNTIME_EXECUTABLE: ${{ github.workspace }}/${{ steps.build-debug-elf.outputs.build-path }}/cipher-paratime | |
| - name: Build tagged release, elf | |
| id: build-elf | |
| uses: oasisprotocol/oasis-sdk/.github/actions/hash-rust@main | |
| with: | |
| image: oasisprotocol/runtime-builder:main | |
| pkg-dirs: runtime | |
| binaries: cipher-paratime | |
| clean: no | |
| - name: Build tagged release, sgxs | |
| id: build-sgxs | |
| uses: oasisprotocol/oasis-sdk/.github/actions/hash-rust@main | |
| with: | |
| image: oasisprotocol/runtime-builder:main | |
| pkg-dirs: runtime | |
| binaries: cipher-paratime.sgxs | |
| clean: no | |
| sgx: yes | |
| - name: Create the Oasis Runtime Container | |
| run: | | |
| go install github.com/oasisprotocol/oasis-sdk/tools/orc@latest | |
| pushd runtime | |
| orc init ${RUNTIME_EXECUTABLE} --sgx-executable ${RUNTIME_SGXS} --output ../cipher-paratime.orc | |
| popd | |
| env: | |
| RUNTIME_EXECUTABLE: ${{ github.workspace }}/${{ steps.build-elf.outputs.build-path }}/cipher-paratime | |
| RUNTIME_SGXS: ${{ github.workspace }}/${{ steps.build-sgxs.outputs.build-path }}/cipher-paratime.sgxs | |
| - name: Publish the release | |
| uses: ncipollo/release-action@v1 | |
| with: | |
| # Create a draft since the release requires an offline signing process. | |
| draft: true | |
| artifacts: cipher-paratime.orc,insecure-debug-cipher-paratime.orc | |
| token: ${{ secrets.GITHUB_TOKEN }} |