MasterDnsWeb/.github/workflows/release.yml at 97f84c689ad7de934975a6de7be956353dcc5eaf · abolix/MasterDnsWeb · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
name: Build & Release

on:
  push:
    tags:
      - 'v*'

permissions:
  contents: write
  packages: write

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

jobs:
  # ── Job 1: Build standalone Linux binary ───────────────────
  # Build inside Ubuntu 20.04 container so the binary links against glibc 2.31
  # and runs on Ubuntu 20.04+ servers.
  build-binary:
    runs-on: ubuntu-latest
    container:
      image: ubuntu:20.04
    env:
      DEBIAN_FRONTEND: noninteractive
    steps:
      - uses: actions/checkout@v4

      - name: Install build dependencies
        run: |
          apt-get update
          apt-get install -y --no-install-recommends \
            curl ca-certificates build-essential zlib1g-dev libssl-dev \
            libffi-dev libbz2-dev libreadline-dev libsqlite3-dev \
            liblzma-dev tk-dev uuid-dev libncurses5-dev
          # Install Node.js 22
          curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
          apt-get install -y nodejs
          # Install Python 3.12 from source (20.04 ships 3.8)
          curl -fsSL https://www.python.org/ftp/python/3.12.8/Python-3.12.8.tgz | tar xz
          cd Python-3.12.8
          ./configure --enable-optimizations --enable-shared --prefix=/usr/local \
            LDFLAGS="-Wl,-rpath,/usr/local/lib"
          make -j"$(nproc)"
          make install
          ln -sf /usr/local/bin/python3.12 /usr/local/bin/python3
          ln -sf /usr/local/bin/pip3.12 /usr/local/bin/pip3
          python3 --version
          node --version

      - name: Build release archive
        run: |
          chmod +x scripts/build-linux.sh
          bash scripts/build-linux.sh

      - name: Upload release artifact
        uses: actions/upload-artifact@v4
        with:
          name: MasterDnsWeb-linux-amd64
          path: dist/MasterDnsWeb-linux-amd64.tar.gz

  # ── Job 2: Test binary on Ubuntu 22.04 ─────────────────────
  test-binary:
    needs: [build-binary]
    runs-on: ubuntu-latest
    container:
      image: ubuntu:22.04
    steps:
      - name: Download binary artifact
        uses: actions/download-artifact@v4
        with:
          name: MasterDnsWeb-linux-amd64

      - name: Extract and smoke-test the binary
        run: |
          tar -xzf MasterDnsWeb-linux-amd64.tar.gz
          cd MasterDnsWeb
          chmod +x MasterDnsWeb

          # Verify it's a real ELF binary
          file MasterDnsWeb
          file MasterDnsWeb | grep -q "ELF 64-bit"

          # Check glibc version requirement
          ldd --version || true

          # Start the server in the background with test credentials
          export SECRET_KEY=ci-test-key-do-not-use
          export ADMIN_USERNAME=testadmin
          export ADMIN_PASSWORD=testpass123
          ./MasterDnsWeb &
          SERVER_PID=$!

          # Wait for it to be ready
          for i in $(seq 1 15); do
            if curl -sf http://localhost:8000/api/health >/dev/null 2>&1; then
              echo "✅ Server is up after ${i}s"
              break
            fi
            sleep 1
          done

          # Verify health endpoint
          curl -sf http://localhost:8000/api/health | tee /dev/stderr | grep -q '"status"'
          echo ""
          echo "✅ Health check passed"

          # Verify login works
          RESPONSE=$(curl -sf -X POST http://localhost:8000/login \
            -H "Content-Type: application/json" \
            -d '{"username":"testadmin","password":"testpass123"}')
          echo "$RESPONSE" | grep -q "access_token"
          echo "✅ Login test passed"

          # Clean up
          kill $SERVER_PID 2>/dev/null || true
          echo "✅ All smoke tests passed"

  # ── Job 3: Build & push Docker image ──────────────────────
  build-docker:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Log in to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Extract metadata
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
          tags: |
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=sha

      - name: Build and push Docker image
        uses: docker/build-push-action@v6
        with:
          context: .
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max

  # ── Job 4: Create GitHub Release ──────────────────────────
  release:
    needs: [build-binary, test-binary, build-docker]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Download binary artifact
        uses: actions/download-artifact@v4
        with:
          name: MasterDnsWeb-linux-amd64

      - name: Create GitHub Release
        uses: softprops/action-gh-release@v2
        with:
          generate_release_notes: true
          files: MasterDnsWeb-linux-amd64.tar.gz