name: Release on: push: tags: - 'v*' jobs: linux: name: Linux AppImage runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 # need tag history for release notes - name: Setup PHP uses: shivammathur/setup-php@v2 with: php-version: '8.4' extensions: curl, json, mbstring tools: composer:v2 coverage: none - name: Install bundle dependencies working-directory: framework/php run: composer install --no-interaction --prefer-dist - name: Setup Python (for install-qt-action's aqtinstall) uses: actions/setup-python@v5 with: python-version: '3.12' - name: Setup Qt 6 uses: jurplel/install-qt-action@v4 with: version: '6.5.*' modules: 'qtquickcontrols2' dir: ${{ github.workspace }}/qt cache: true setup-python: false - name: Install FrankenPHP run: | curl -fsSL -o /usr/local/bin/frankenphp \ https://github.com/php/frankenphp/releases/download/v1.12.2/frankenphp-linux-x86_64 chmod +x /usr/local/bin/frankenphp - name: Build the todo example working-directory: examples/todo run: | make install make build - name: Build AppImage (with embedded update-info) working-directory: examples/todo env: APPIMAGE_EXTRACT_AND_RUN: '1' FRANKENPHP: /usr/local/bin/frankenphp # AppImageUpdate sidecar will fetch this .zsync URL; it must # point at the asset we're about to upload to this Release. APPIMAGE_UPDATE_INFO: | zsync|${{ github.server_url }}/${{ github.repository }}/releases/download/${{ github.ref_name }}/Todo-x86_64.AppImage.zsync run: make appimage - name: Install zsync + Xvfb run: | sudo apt-get update -qq sudo apt-get install -y zsync xvfb - name: Performance smoke (PLAN.md ยง11 budgets) working-directory: examples/todo # Cold-start on a shared CI runner is harder than on bare metal; # bump the cold-start budget to 4s here and the deadline to 8s. # The bundle-size and idle-memory budgets stay strict. env: PERF_COLD_START_MS: '4000' PERF_HEALTHZ_DEADLINE_MS: '8000' run: ./tests/perfsmoke.sh build/Todo-x86_64.AppImage - name: Generate zsync metadata working-directory: examples/todo/build run: zsyncmake Todo-x86_64.AppImage -u Todo-x86_64.AppImage - name: Generate latest.json appcast working-directory: examples/todo/build env: TAG: ${{ github.ref_name }} run: | SIZE=$(stat -c %s Todo-x86_64.AppImage) SHA=$(sha256sum Todo-x86_64.AppImage | awk '{print $1}') URL_BASE="${{ github.server_url }}/${{ github.repository }}/releases/download/${TAG}" jq -n \ --arg version "$TAG" \ --arg url "$URL_BASE/Todo-x86_64.AppImage" \ --arg sha256 "$SHA" \ --arg zsync "$URL_BASE/Todo-x86_64.AppImage.zsync" \ --argjson size "$SIZE" \ --arg released "$(date -u +%Y-%m-%dT%H:%M:%SZ)" \ '{version:$version, released_at:$released, appimage:{url:$url, sha256:$sha256, size:$size, zsync:$zsync}}' \ > latest.json cat latest.json - name: Compute SHA256SUMS working-directory: examples/todo/build run: | sha256sum Todo-x86_64.AppImage Todo-x86_64.AppImage.zsync latest.json \ > SHA256SUMS cat SHA256SUMS - name: Import GPG signing key if: ${{ env.GPG_KEY != '' }} env: GPG_KEY: ${{ secrets.GPG_KEY }} GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} run: | echo "$GPG_KEY" | gpg --batch --import # Default key id from the imported keyring (first secret key). KEYID=$(gpg --list-secret-keys --with-colons | awk -F: '/^sec/ {print $5; exit}') echo "GPG_KEYID=$KEYID" >> "$GITHUB_ENV" - name: Sign SHA256SUMS if: ${{ env.GPG_KEYID != '' }} working-directory: examples/todo/build env: GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} run: | gpg --batch --pinentry-mode loopback \ --passphrase "$GPG_PASSPHRASE" \ --local-user "$GPG_KEYID" \ --detach-sign --armor \ -o SHA256SUMS.asc \ SHA256SUMS - name: Create Gitea Release and upload artefacts env: GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} REPO: ${{ github.repository }} TAG: ${{ github.ref_name }} working-directory: examples/todo/build run: | set -euo pipefail api="${GITHUB_SERVER_URL}/api/v1" # Create the release (or get the existing one for this tag) release_json=$(curl -fsSL -X POST "$api/repos/$REPO/releases" \ -H "Authorization: token $GITEA_TOKEN" \ -H 'Content-Type: application/json' \ -d "$(jq -n --arg tag "$TAG" --arg name "$TAG" \ '{tag_name:$tag,name:$name,draft:false,prerelease:false}')" \ || curl -fsSL "$api/repos/$REPO/releases/tags/$TAG" \ -H "Authorization: token $GITEA_TOKEN") rid=$(echo "$release_json" | jq -r .id) echo "Release id: $rid" upload() { local f="$1" echo " uploading $f" curl -fsSL -X POST \ "$api/repos/$REPO/releases/$rid/assets?name=$(basename "$f")" \ -H "Authorization: token $GITEA_TOKEN" \ -H 'Content-Type: application/octet-stream' \ --data-binary "@$f" } upload Todo-x86_64.AppImage upload Todo-x86_64.AppImage.zsync upload latest.json upload SHA256SUMS [ -f SHA256SUMS.asc ] && upload SHA256SUMS.asc || true