paths:
- "**"
workflow_dispatch:
+ inputs:
+ freeswitch_ref:
+ description: 'FreeSWITCH repository ref'
+ required: true
+ default: master
+ type: string
+ release:
+ description: 'FreeSWITCH release type'
+ type: choice
+ required: true
+ default: unstable
+ options:
+ - release
+ - unstable
+ publish:
+ description: 'Publish build data'
+ required: true
+ default: false
+ type: boolean
concurrency:
group: ${{ github.head_ref || github.ref }}
jobs:
preconfig:
+ name: 'Preconfig'
runs-on: ubuntu-latest
outputs:
deb: ${{ steps.deb.outputs.excludes }}
elif [[ '${{ github.base_ref }}' == 'v1.10' ]]; then
echo 'release=release' | tee -a $GITHUB_OUTPUT
fi
+ elif [[ '${{ github.event_name }}' == 'workflow_dispatch' ]]; then
+ echo 'release=${{ inputs.release }}' | tee -a $GITHUB_OUTPUT
elif [[ '${{ github.ref }}' == 'refs/heads/master' ]]; then
echo 'release=unstable' | tee -a $GITHUB_OUTPUT
elif [[ '${{ github.ref }}' == 'refs/heads/v1.10' ]]; then
exit 1
fi
+ get-nonce:
+ name: 'Get Nonce for token'
+ runs-on: freeswitch-repo-auth-client
+ outputs:
+ nonce: ${{ steps.get-nonce.outputs.nonce }}
+ steps:
+ - name: Get Nonce
+ id: get-nonce
+ uses: signalwire/actions-template/.github/actions/repo-auth-client@main
+ with:
+ mode: nonce
+
+ issue-token:
+ name: 'Issue temporary token'
+ runs-on: ubuntu-latest
+ needs: get-nonce
+ outputs:
+ token: ${{ steps.issue-token.outputs.token }}
+ steps:
+ - name: Issue Token
+ id: issue-token
+ uses: signalwire/actions-template/.github/actions/repo-auth-client@main
+ env:
+ NONCE: ${{ needs.get-nonce.outputs.nonce }}
+ with:
+ mode: issue
+
deb-public:
name: 'DEB-PUBLIC'
permissions:
contents: read
needs:
- preconfig
+ - issue-token
uses: signalwire/actions-template/.github/workflows/cicd-docker-build-and-distribute.yml@main
strategy:
# max-parallel: 1
exclude: ${{ fromJson(needs.preconfig.outputs.deb) }}
with:
RUNNER: ${{ matrix.platform.runner }}
+ REF: ${{ inputs.freeswitch_ref }}
ARTIFACTS_PATTERN: '.*\.(deb|dsc|changes|tar.bz2|tar.gz|tar.lzma|tar.xz)$'
DOCKERFILE: .github/docker/${{ matrix.os }}/${{ matrix.version }}/${{ matrix.platform.name }}/public.${{ matrix.release }}.Dockerfile
MAINTAINER: 'Andrey Volk <andrey@signalwire.com>'
PLATFORM: ${{ matrix.platform.name }}
REPO_DOMAIN: 'freeswitch.signalwire.com'
TARGET_ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-public-${{ matrix.release }}-artifact
- UPLOAD_BUILD_ARTIFACTS: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }}
+ UPLOAD_BUILD_ARTIFACTS: >-
+ ${{
+ (github.event.pull_request.head.repo.full_name == github.repository) &&
+ (
+ (
+ github.event_name != 'pull_request' &&
+ github.event_name != 'workflow_dispatch'
+ ) ||
+ (github.event_name == 'workflow_dispatch' && inputs.publish)
+ )
+ }}
secrets:
GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }}
HOSTNAME: ${{ secrets.HOSTNAME }}
USERNAME: ${{ secrets.USERNAME }}
TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }}
REPO_USERNAME: 'SWUSERNAME'
- REPO_PASSWORD: ${{ secrets.REPOTOKEN }}
+ REPO_PASSWORD: ${{ needs.issue-token.outputs.token }}
+
+ revoke-token:
+ name: 'Revoke temporary token'
+ runs-on: ubuntu-latest
+ # if: always()
+ needs:
+ - issue-token
+ - deb-public
+ steps:
+ - name: Revoke Token
+ id: revoke-token
+ uses: signalwire/actions-template/.github/actions/repo-auth-client@main
+ env:
+ TOKEN: ${{ needs.issue-token.outputs.token }}
+ with:
+ mode: revoke
meta:
name: 'Publish build data to meta-repo'
- if: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }}
+ if: >-
+ ${{
+ (github.event.pull_request.head.repo.full_name == github.repository) &&
+ (
+ (
+ github.event_name != 'pull_request' &&
+ github.event_name != 'workflow_dispatch'
+ ) ||
+ (github.event_name == 'workflow_dispatch' && inputs.publish)
+ )
+ }}
needs:
- deb-public
permissions:
projects / thirdparty / freeswitch.git / commitdiff
