Deploy CKAN + NetKAN #795

Workflow file for this run

	name: Deploy CKAN + NetKAN

	on:
	push:
	branches:
	- master
	workflow_dispatch:
	repository_dispatch:
	types:
	- deploy

	concurrency: deploy

	env:
	AWS_S3_BUCKET: ksp-ckan

	jobs:
	sign-assets:
	uses: ./.github/workflows/sign.yml
	secrets: inherit

	check-dev-build:
	runs-on: ubuntu-latest
	outputs:
	dev-build: ${{ steps.check-version.outputs.dev-build }}
	if: github.event_name != 'repository_dispatch'
	steps:
	- uses: actions/checkout@v4
	- name: Treat as dev build if final piece of version is odd
	id: check-version
	shell: bash
	run: \|
	VERSION=$(egrep '^\s\#\#\s+v.$' CHANGELOG.md \| head -1 \| sed -e 's/^\s\#\#\s\+v//' -e 's/-.$//')
	if [[ $VERSION =~ [13579]$ ]]
	then
	echo 'dev-build=true' >> $GITHUB_OUTPUT
	fi

	upload-release-s3:
	needs:
	- sign-assets
	if: github.event_name != 'repository_dispatch'
	runs-on: ubuntu-latest
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	steps:
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
	aws-region: us-east-1
	- uses: actions/checkout@v4
	- name: Download repack artifact to get netkan.exe
	uses: actions/download-artifact@v4
	with:
	name: Release-repack-unsigned
	path: _build/repack
	- name: Download signed artifact
	uses: actions/download-artifact@v4
	with:
	name: signed
	path: _build/signed
	- name: Put signed exes into repack path
	run: \|
	mkdir -p _build/repack/Release
	cp _build/signed/*.exe _build/repack/Release
	- uses: actions/setup-python@v5
	with:
	python-version: 3.11
	- name: Create a version.json file for dev builds on S3
	shell: bash
	run: \|
	export PIP_ROOT_USER_ACTION=ignore
	pip install gitpython
	git config --global --add safe.directory '*'
	python bin/version_info.py > _build/repack/Release/version.json
	- name: Push ckan.exe, AutoUpdater.exe, netkan.exe, and version.json to S3
	run: aws s3 sync _build/repack/Release s3://${AWS_S3_BUCKET} --follow-symlinks

	upload-dmg:
	needs:
	- check-dev-build
	- sign-assets
	runs-on: ubuntu-latest
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	if: github.event_name != 'repository_dispatch' && needs.check-dev-build.outputs.dev-build
	steps:
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
	aws-region: us-east-1
	- name: Install OSX build dependencies
	run: sudo apt-get install -y libplist-utils xorriso
	- uses: actions/checkout@v4
	- name: Download repack artifact
	uses: actions/download-artifact@v4
	with:
	name: Release-repack-unsigned
	path: _build/repack/
	- name: Build dmg
	run: ./build osx --configuration=Release --exclusive
	- name: Push dmg to S3
	run: aws s3 cp _build/osx/CKAN.dmg s3://${AWS_S3_BUCKET} --follow-symlinks

	upload-deb:
	needs:
	- check-dev-build
	- sign-assets
	runs-on: ubuntu-latest
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	if: github.event_name != 'repository_dispatch' && needs.check-dev-build.outputs.dev-build
	steps:
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
	aws-region: us-east-1
	- uses: actions/checkout@v4
	- name: Download signed artifact
	uses: actions/download-artifact@v4
	with:
	name: signed
	path: _build/signed
	- name: Put signed exe into repack path
	run: \|
	mkdir -p _build/repack/Release
	cp _build/signed/ckan.exe _build/repack/Release
	- name: Build deb
	env:
	CODENAME: nightly
	run: ./build deb --configuration=Release --exclusive
	- name: Import GPG key
	env:
	DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }}
	run: \|
	echo "$DEBIAN_PRIVATE_KEY" \| base64 --decode \| gpg --batch --import
	gpg --list-secret-keys --keyid-format LONG
	if: ${{ env.DEBIAN_PRIVATE_KEY }}
	- name: Sign deb release
	env:
	CODENAME: nightly
	DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }}
	run: ./build deb-sign --configuration=Release --exclusive
	if: ${{ env.DEBIAN_PRIVATE_KEY }}
	- name: Push deb to S3
	run: aws s3 sync _build/deb/apt-repo-root s3://${AWS_S3_BUCKET}/deb --follow-symlinks
	- name: Push nightly APT repo to S3
	run: aws s3 sync _build/deb/apt-repo-dist s3://${AWS_S3_BUCKET}/deb/dists/nightly --follow-symlinks
	- name: CKAN-ModInstaller repo dispatch
	env:
	REPO_ACCESS_TOKEN: ${{ secrets.REPO_ACCESS_TOKEN }}
	if: env.REPO_ACCESS_TOKEN
	uses: peter-evans/repository-dispatch@v3
	with:
	repository: KSP-CKAN/CKAN-ModInstaller
	event-type: deploy
	token: ${{ secrets.REPO_ACCESS_TOKEN }}

	upload-rpm:
	needs:
	- check-dev-build
	- sign-assets
	runs-on: ubuntu-latest
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	if: github.event_name != 'repository_dispatch' && needs.check-dev-build.outputs.dev-build
	steps:
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: us-east-1
	- uses: actions/checkout@v4
	- name: Install rpm build dependencies
	run: sudo apt-get install -y createrepo-c
	- name: Download signed artifact
	uses: actions/download-artifact@v4
	with:
	name: signed
	path: _build/signed
	- name: Put signed exe into repack path
	run: \|
	mkdir -p _build/repack/Release
	cp _build/signed/ckan.exe _build/repack/Release
	- name: Build rpm
	run: ./build rpm --configuration=Release --exclusive
	- name: Import GPG key
	env:
	DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }}
	run: \|
	echo "$DEBIAN_PRIVATE_KEY" \| base64 --decode \| gpg --batch --import
	gpg --list-secret-keys --keyid-format LONG
	if: ${{ env.DEBIAN_PRIVATE_KEY }}
	- name: Build nightly RPM repo
	env:
	CODENAME: nightly
	DEBIAN_PRIVATE_KEY: ${{ secrets.DEBIAN_PRIVATE_KEY }}
	run: ./build rpm-repo --configuration=Release --exclusive
	if: ${{ env.DEBIAN_PRIVATE_KEY }}
	- name: Push nightly PRM repo to S3
	run: aws s3 sync _build/rpm/repo s3://${AWS_S3_BUCKET}/rpm/nightly --follow-symlinks

	upload-inflator:
	needs:
	- sign-assets
	if: github.event_name != 'repository_dispatch'
	runs-on: ubuntu-latest
	steps:
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Download Inflator image artifact
	uses: actions/download-artifact@v4
	with:
	name: inflator-image
	path: /tmp
	- name: Load Inflator image
	run: docker load --input /tmp/inflator-image.tar
	- name: Log in to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PASSWORD }}
	- name: Push Inflator image to Docker Hub
	run: docker push kspckan/inflator:latest
	- name: Redeploy Inflator containers
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: us-west-2
	shell: bash
	run: \|
	docker image pull -q kspckan/netkan
	for CONTAINER in InflatorKsp InflatorKsp2
	do
	docker run -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_DEFAULT_REGION kspckan/netkan redeploy-service --cluster NetKANCluster --service-name $CONTAINER &
	done
	wait

	upload-metadata-tester:
	needs:
	- sign-assets
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Download repack artifact
	uses: actions/download-artifact@v4
	with:
	name: Release-repack-unsigned
	path: _build/repack/
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Log in to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_PASSWORD }}
	- name: Generate metadata tester Docker image and publish to Hub
	uses: docker/build-push-action@v5
	with:
	file: Dockerfile.metadata
	context: _build/repack/Release
	tags: kspckan/metadata
	push: true

	notify-discord:
	needs:
	- sign-assets
	- upload-release-s3
	- upload-dmg
	- upload-deb
	- upload-rpm
	- upload-inflator
	- upload-metadata-tester
	if: always()
	uses: ./.github/workflows/notify.yml
	with:
	name: ${{ github.workflow }}
	success: ${{ !contains(needs.*.result, 'failure') }}
	secrets: inherit

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deploy CKAN + NetKAN #795

Workflow file

Deploy CKAN + NetKAN #795

Jobs

Run details

Workflow file for this run