name: Release on: push: tags: - "v*" jobs: build: runs-on: ubuntu-latest steps: - name: Ensure git is available run: | if command -v git >/dev/null 2>&1; then git --version exit 0 fi if command -v apt-get >/dev/null 2>&1; then apt-get update apt-get install -y git elif command -v dnf >/dev/null 2>&1; then dnf install -y git elif command -v yum >/dev/null 2>&1; then yum install -y git else echo "No supported package manager found to install git." exit 1 fi - name: Checkout source (native git) env: CI_GIT_TOKEN: ${{ secrets.CI_GIT_TOKEN }} run: | if [ -z "${CI_GIT_TOKEN:-}" ]; then echo "Missing secret CI_GIT_TOKEN. Add it in repository Actions secrets." exit 1 fi auth_server="${GITHUB_SERVER_URL#https://}" auth_server="${auth_server#http://}" remote_url="https://oauth2:${CI_GIT_TOKEN}@${auth_server}/${GITHUB_REPOSITORY}.git" if [ -n "${GITHUB_WORKSPACE:-}" ]; then cd "$GITHUB_WORKSPACE" fi if [ ! -d .git ]; then git init fi git remote remove origin >/dev/null 2>&1 || true git remote add origin "$remote_url" # Fetch the tag by SHA so we get the exact tagged commit git fetch --depth 1 origin "$GITHUB_SHA" git checkout --force FETCH_HEAD - name: Ensure Python and build dependencies are available run: | if command -v apt-get >/dev/null 2>&1; then apt-get update apt-get install -y python3.12 python3.12-venv python3-pip patchelf ccache || \ apt-get install -y python3 python3-pip python3-venv patchelf ccache elif command -v dnf >/dev/null 2>&1; then dnf install -y python3 python3-pip python3-devel patchelf ccache elif command -v yum >/dev/null 2>&1; then yum install -y python3 python3-pip python3-devel patchelf ccache else echo "No supported package manager found to install Python/build deps." exit 1 fi python3.12 --version || python3 --version - name: Set up venv and install package + build deps run: | python3.12 -m venv .venv 2>/dev/null || python3 -m venv .venv . .venv/bin/activate python -m pip install --upgrade pip python -m pip install -e ".[build]" - name: Derive version from tag id: version run: | tag="${GITHUB_REF_NAME}" deb_version="${tag#v}" # Remove leading 'v' if present echo "tag=${tag}" >> "$GITHUB_OUTPUT" echo "deb_version=${deb_version}" >> "$GITHUB_OUTPUT" - name: Build standalone binary with Nuitka run: | . .venv/bin/activate python -m nuitka \ --standalone \ --onefile \ --output-filename=tai \ --output-dir=dist \ --assume-yes-for-downloads \ --include-package=tai \ src/tai/cli.py - name: Smoke-test the binary run: dist/tai --help - name: Build .deb package run: | pkg_root="pkgroot" pkg_name="tai" deb_version="${{ steps.version.outputs.deb_version }}" arch="amd64" out_dir="dist" deb_dir="${pkg_root}/${pkg_name}_${deb_version}_${arch}" rm -rf "${pkg_root}" mkdir -p "${deb_dir}/DEBIAN" mkdir -p "${deb_dir}/usr/bin" install -m 0755 dist/tai "${deb_dir}/usr/bin/tai" cat > "${deb_dir}/DEBIAN/control" < Description: tai Linux troubleshooting assistant EOF dpkg-deb --build "${deb_dir}" "${out_dir}/${pkg_name}_${deb_version}_${arch}.deb" - name: Create release zip with binary and deb run: | cd dist deb_version="${{ steps.version.outputs.deb_version }}" zip_name="tai-${deb_version}-linux-amd64.zip" zip "${zip_name}" \ tai \ "tai_${deb_version}_amd64.deb" cd .. - name: Upload binary artifact uses: actions/upload-artifact@v3 with: name: tai-linux-amd64-${{ steps.version.outputs.tag }} path: dist/tai if-no-files-found: error retention-days: 90 - name: Upload deb artifact uses: actions/upload-artifact@v3 with: name: tai-deb-amd64-${{ steps.version.outputs.tag }} path: dist/tai_${{ steps.version.outputs.deb_version }}_amd64.deb if-no-files-found: error retention-days: 90 - name: Upload combined release zip uses: actions/upload-artifact@v3 with: name: tai-release-${{ steps.version.outputs.tag }} path: dist/tai-${{ steps.version.outputs.deb_version }}-linux-amd64.zip if-no-files-found: error retention-days: 90