From 405471329720641626abd5e77980fe08eedeed2c Mon Sep 17 00:00:00 2001 From: hiento09 <136591877+hiento09@users.noreply.github.com> Date: Tue, 20 Aug 2024 17:55:39 +0700 Subject: [PATCH] Chore use aws s3 for nightly channel (#3416) * Replace deprecated steps github action * Migrate from cloudflare r2 to aws s3 --------- Co-authored-by: Hien To --- .../workflows/jan-electron-build-nightly.yml | 18 ++++++++--------- .../workflows/template-build-linux-x64.yml | 20 +++++++++---------- .../workflows/template-build-macos-arm64.yml | 20 +++++++++---------- .../workflows/template-build-macos-x64.yml | 20 +++++++++---------- .../workflows/template-build-windows-x64.yml | 20 +++++++++---------- 5 files changed, 45 insertions(+), 53 deletions(-) diff --git a/.github/workflows/jan-electron-build-nightly.yml b/.github/workflows/jan-electron-build-nightly.yml index 26bbcc672..d666bdc56 100644 --- a/.github/workflows/jan-electron-build-nightly.yml +++ b/.github/workflows/jan-electron-build-nightly.yml @@ -10,7 +10,7 @@ on: description: 'Public Provider' options: - none - - cloudflare-r2 + - aws-s3 default: none jobs: @@ -28,10 +28,10 @@ jobs: echo "::set-output name=ref::${{ github.ref }}" else if [ "${{ github.event_name }}" == "schedule" ]; then - echo "::set-output name=public_provider::cloudflare-r2" + echo "::set-output name=public_provider::aws-s3" echo "::set-output name=ref::refs/heads/dev" elif [ "${{ github.event_name }}" == "push" ]; then - echo "::set-output name=public_provider::cloudflare-r2" + echo "::set-output name=public_provider::aws-s3" echo "::set-output name=ref::${{ github.ref }}" else echo "::set-output name=public_provider::none" @@ -112,13 +112,13 @@ jobs: cat ./latest-mac.yml - name: Upload latest-mac.yml - if: ${{ needs.set-public-provider.outputs.public_provider == 'cloudflare-r2' }} + if: ${{ needs.set-public-provider.outputs.public_provider == 'aws-s3' }} run: | - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-mac.yml" --body "./latest-mac.yml" + aws s3 cp ./latest-mac.yml "s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/latest/latest-mac.yml" env: - AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: auto + AWS_ACCESS_KEY_ID: ${{ secrets.DELTA_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.DELTA_AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: ${{ secrets.DELTA_AWS_REGION }} AWS_EC2_METADATA_DISABLED: "true" @@ -147,7 +147,7 @@ jobs: noti-discord-manual-and-update-url-readme: needs: [build-macos-x64, build-macos-arm64, build-windows-x64, build-linux-x64, get-update-version, set-public-provider, combine-latest-mac-yml] secrets: inherit - if: github.event_name == 'workflow_dispatch' && github.event.inputs.public_provider == 'cloudflare-r2' + if: github.event_name == 'workflow_dispatch' && github.event.inputs.public_provider == 'aws-s3' uses: ./.github/workflows/template-noti-discord-and-update-url-readme.yml with: ref: refs/heads/dev diff --git a/.github/workflows/template-build-linux-x64.yml b/.github/workflows/template-build-linux-x64.yml index c3df9be96..b1adcef89 100644 --- a/.github/workflows/template-build-linux-x64.yml +++ b/.github/workflows/template-build-linux-x64.yml @@ -10,23 +10,21 @@ on: required: true type: string default: none - description: 'none: build only, github: build and publish to github, cloudflare: build and publish to cloudflare' + description: 'none: build only, github: build and publish to github, aws s3: build and publish to aws s3' new_version: required: true type: string default: '' - cloudflare_r2_path: + aws_s3_prefix: required: false type: string default: '/latest/' secrets: - CLOUDFLARE_R2_BUCKET_NAME: + DELTA_AWS_S3_BUCKET_NAME: required: false - CLOUDFLARE_R2_ACCESS_KEY_ID: + DELTA_AWS_ACCESS_KEY_ID: required: false - CLOUDFLARE_R2_SECRET_ACCESS_KEY: - required: false - CLOUDFLARE_ACCOUNT_ID: + DELTA_AWS_SECRET_ACCESS_KEY: required: false jobs: @@ -58,7 +56,7 @@ jobs: mv /tmp/package.json electron/package.json jq --arg version "${{ inputs.new_version }}" '.version = $version' web/package.json > /tmp/package.json mv /tmp/package.json web/package.json - jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}, {"provider": "s3", "bucket": "${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }}", "region": "auto", "endpoint": "https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com", "path": "${{ inputs.cloudflare_r2_path }}", "channel": "latest"}]' electron/package.json > /tmp/package.json + jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.DELTA_PUBLIC_ENDPOINT }}", "channel": "latest"}, {"provider": "s3", "acl": null, "bucket": "${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}", "region": "${{ secrets.DELTA_AWS_REGION}}", "path": "${{ inputs.aws_s3_prefix }}", "channel": "latest"}]' electron/package.json > /tmp/package.json mv /tmp/package.json electron/package.json cat electron/package.json @@ -76,7 +74,7 @@ jobs: env: VERSION_TAG: ${{ inputs.new_version }} - - name: Build and publish app to cloudflare r2 or github artifactory + - name: Build and publish app to aws s3 r2 or github artifactory if: inputs.public_provider != 'github' run: | # check public_provider is true or not @@ -88,8 +86,8 @@ jobs: fi env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{ secrets.DELTA_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.DELTA_AWS_SECRET_ACCESS_KEY }} AWS_EC2_METADATA_DISABLED: "true" AWS_MAX_ATTEMPTS: "5" diff --git a/.github/workflows/template-build-macos-arm64.yml b/.github/workflows/template-build-macos-arm64.yml index 821f88a4b..14c3dc4d9 100644 --- a/.github/workflows/template-build-macos-arm64.yml +++ b/.github/workflows/template-build-macos-arm64.yml @@ -10,23 +10,21 @@ on: required: true type: string default: none - description: 'none: build only, github: build and publish to github, cloudflare: build and publish to cloudflare' + description: 'none: build only, github: build and publish to github, aws s3: build and publish to aws s3' new_version: required: true type: string default: '' - cloudflare_r2_path: + aws_s3_prefix: required: false type: string default: '/latest/' secrets: - CLOUDFLARE_R2_BUCKET_NAME: + DELTA_AWS_S3_BUCKET_NAME: required: false - CLOUDFLARE_R2_ACCESS_KEY_ID: + DELTA_AWS_ACCESS_KEY_ID: required: false - CLOUDFLARE_R2_SECRET_ACCESS_KEY: - required: false - CLOUDFLARE_ACCOUNT_ID: + DELTA_AWS_SECRET_ACCESS_KEY: required: false CODE_SIGN_P12_BASE64: required: false @@ -70,7 +68,7 @@ jobs: jq --arg version "${{ inputs.new_version }}" '.version = $version' web/package.json > /tmp/package.json mv /tmp/package.json web/package.json - jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}, {"provider": "s3", "bucket": "${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }}", "region": "auto", "endpoint": "https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com", "path": "${{ inputs.cloudflare_r2_path }}", "channel": "latest"}]' electron/package.json > /tmp/package.json + jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.DELTA_PUBLIC_ENDPOINT }}", "channel": "latest"}, {"provider": "s3", "acl": null, "bucket": "${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}", "region": "${{ secrets.DELTA_AWS_REGION}}", "path": "${{ inputs.aws_s3_prefix }}", "channel": "latest"}]' electron/package.json > /tmp/package.json mv /tmp/package.json electron/package.json jq --arg teamid "${{ secrets.APPLE_TEAM_ID }}" '.build.mac.notarize.teamId = $teamid' electron/package.json > /tmp/package.json @@ -107,7 +105,7 @@ jobs: p12-file-base64: ${{ secrets.CODE_SIGN_P12_BASE64 }} p12-password: ${{ secrets.CODE_SIGN_P12_PASSWORD }} - - name: Build and publish app to cloudflare r2 or github artifactory + - name: Build and publish app to aws s3 r2 or github artifactory if: inputs.public_provider != 'github' run: | # check public_provider is true or not @@ -126,8 +124,8 @@ jobs: APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} APP_PATH: "." DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }} - AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{ secrets.DELTA_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.DELTA_AWS_SECRET_ACCESS_KEY }} AWS_DEFAULT_REGION: auto AWS_EC2_METADATA_DISABLED: "true" AWS_MAX_ATTEMPTS: "5" diff --git a/.github/workflows/template-build-macos-x64.yml b/.github/workflows/template-build-macos-x64.yml index 135f5e5f0..3609ae1d5 100644 --- a/.github/workflows/template-build-macos-x64.yml +++ b/.github/workflows/template-build-macos-x64.yml @@ -10,23 +10,21 @@ on: required: true type: string default: none - description: 'none: build only, github: build and publish to github, cloudflare: build and publish to cloudflare' + description: 'none: build only, github: build and publish to github, aws s3: build and publish to aws s3' new_version: required: true type: string default: '' - cloudflare_r2_path: + aws_s3_prefix: required: false type: string default: '/latest/' secrets: - CLOUDFLARE_R2_BUCKET_NAME: + DELTA_AWS_S3_BUCKET_NAME: required: false - CLOUDFLARE_R2_ACCESS_KEY_ID: + DELTA_AWS_ACCESS_KEY_ID: required: false - CLOUDFLARE_R2_SECRET_ACCESS_KEY: - required: false - CLOUDFLARE_ACCOUNT_ID: + DELTA_AWS_SECRET_ACCESS_KEY: required: false CODE_SIGN_P12_BASE64: required: false @@ -70,7 +68,7 @@ jobs: jq --arg version "${{ inputs.new_version }}" '.version = $version' web/package.json > /tmp/package.json mv /tmp/package.json web/package.json - jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}, {"provider": "s3", "bucket": "${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }}", "region": "auto", "endpoint": "https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com", "path": "${{ inputs.cloudflare_r2_path }}", "channel": "latest"}]' electron/package.json > /tmp/package.json + jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.DELTA_PUBLIC_ENDPOINT }}", "channel": "latest"}, {"provider": "s3", "acl": null, "bucket": "${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}", "region": "${{ secrets.DELTA_AWS_REGION}}", "path": "${{ inputs.aws_s3_prefix }}", "channel": "latest"}]' electron/package.json > /tmp/package.json mv /tmp/package.json electron/package.json jq --arg teamid "${{ secrets.APPLE_TEAM_ID }}" '.build.mac.notarize.teamId = $teamid' electron/package.json > /tmp/package.json @@ -107,7 +105,7 @@ jobs: p12-file-base64: ${{ secrets.CODE_SIGN_P12_BASE64 }} p12-password: ${{ secrets.CODE_SIGN_P12_PASSWORD }} - - name: Build and publish app to cloudflare r2 or github artifactory + - name: Build and publish app to aws s3 r2 or github artifactory if: inputs.public_provider != 'github' run: | # check public_provider is true or not @@ -126,8 +124,8 @@ jobs: APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} APP_PATH: "." DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }} - AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{ secrets.DELTA_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.DELTA_AWS_SECRET_ACCESS_KEY }} AWS_DEFAULT_REGION: auto AWS_EC2_METADATA_DISABLED: "true" AWS_MAX_ATTEMPTS: "5" diff --git a/.github/workflows/template-build-windows-x64.yml b/.github/workflows/template-build-windows-x64.yml index 7fef1810a..5f37cc9c5 100644 --- a/.github/workflows/template-build-windows-x64.yml +++ b/.github/workflows/template-build-windows-x64.yml @@ -10,23 +10,21 @@ on: required: true type: string default: none - description: 'none: build only, github: build and publish to github, cloudflare: build and publish to cloudflare' + description: 'none: build only, github: build and publish to github, aws s3: build and publish to aws s3' new_version: required: true type: string default: '' - cloudflare_r2_path: + aws_s3_prefix: required: false type: string default: '/latest/' secrets: - CLOUDFLARE_R2_BUCKET_NAME: + DELTA_AWS_S3_BUCKET_NAME: required: false - CLOUDFLARE_R2_ACCESS_KEY_ID: + DELTA_AWS_ACCESS_KEY_ID: required: false - CLOUDFLARE_R2_SECRET_ACCESS_KEY: - required: false - CLOUDFLARE_ACCOUNT_ID: + DELTA_AWS_SECRET_ACCESS_KEY: required: false AZURE_KEY_VAULT_URI: required: false @@ -71,7 +69,7 @@ jobs: jq --arg version "${{ inputs.new_version }}" '.version = $version' web/package.json > /tmp/package.json mv /tmp/package.json web/package.json - jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}, {"provider": "s3", "bucket": "${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }}", "region": "auto", "endpoint": "https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com", "path": "${{ inputs.cloudflare_r2_path }}", "channel": "latest"}]' electron/package.json > /tmp/package.json + jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.DELTA_PUBLIC_ENDPOINT }}", "channel": "latest"}, {"provider": "s3", "acl": null, "bucket": "${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}", "region": "${{ secrets.DELTA_AWS_REGION}}", "path": "${{ inputs.aws_s3_prefix }}", "channel": "latest"}]' electron/package.json > /tmp/package.json mv /tmp/package.json electron/package.json jq '.build.win.sign = "./sign.js"' electron/package.json > /tmp/package.json @@ -99,7 +97,7 @@ jobs: run: | dotnet tool install --global AzureSignTool - - name: Build and publish app to cloudflare r2 or github artifactory + - name: Build and publish app to aws s3 r2 or github artifactory shell: bash if: inputs.public_provider != 'github' run: | @@ -116,8 +114,8 @@ jobs: AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }} - AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} + AWS_ACCESS_KEY_ID: ${{ secrets.DELTA_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.DELTA_AWS_SECRET_ACCESS_KEY }} AWS_DEFAULT_REGION: auto AWS_EC2_METADATA_DISABLED: "true" AWS_MAX_ATTEMPTS: "5"