# This workflow will build a golang project for Gitea Actions # Using inline commands to avoid external action dependencies # # NOTE: All builds use CGO_ENABLED=0 since p8k library uses purego (not CGO) # The library dynamically loads libsecp256k1 at runtime via purego # # Release Process: # 1. Update the version in the pkg/version/version file (e.g. v1.2.3) # 2. Create and push a tag matching the version: # git tag v1.2.3 # git push origin v1.2.3 # 3. The workflow will automatically: # - Build binaries for Linux AMD64 # - Run tests # - Create a Gitea release with the binaries # - Generate checksums name: Go on: push: tags: - "v[0-9]+.[0-9]+.[0-9]+" jobs: build-and-release: runs-on: ubuntu-latest steps: - name: Checkout code run: | set -e echo "Cloning repository..." echo "GITHUB_REF_NAME=${GITHUB_REF_NAME}" echo "GITHUB_SERVER_URL=${GITHUB_SERVER_URL}" echo "GITHUB_REPOSITORY=${GITHUB_REPOSITORY}" echo "GITHUB_WORKSPACE=${GITHUB_WORKSPACE}" git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git ${GITHUB_WORKSPACE} cd ${GITHUB_WORKSPACE} echo "Cloned successfully. Last commit:" git log -1 ls -la - name: Set up Go run: | set -e echo "Setting up Go 1.25.3..." cd /tmp wget -q https://go.dev/dl/go1.25.3.linux-amd64.tar.gz sudo rm -rf /usr/local/go sudo tar -C /usr/local -xzf go1.25.3.linux-amd64.tar.gz export PATH=/usr/local/go/bin:$PATH go version - name: Set up Bun run: | set -e echo "Installing Bun..." curl -fsSL https://bun.sh/install | bash export BUN_INSTALL="$HOME/.bun" export PATH="$BUN_INSTALL/bin:$PATH" bun --version - name: Build Web UI run: | set -e export BUN_INSTALL="$HOME/.bun" export PATH="$BUN_INSTALL/bin:$PATH" cd ${GITHUB_WORKSPACE}/app/web echo "Installing frontend dependencies..." bun install echo "Building web app..." bun run build echo "Verifying dist directory was created..." ls -lah dist/ echo "Web UI build complete" - name: Build (Pure Go + purego) run: | set -e export PATH=/usr/local/go/bin:$PATH cd ${GITHUB_WORKSPACE} echo "Building with CGO_ENABLED=0..." CGO_ENABLED=0 go build -v ./... - name: Test (Pure Go + purego) run: | set -e export PATH=/usr/local/go/bin:$PATH cd ${GITHUB_WORKSPACE} echo "Running tests..." # libsecp256k1.so is included in the repository chmod +x libsecp256k1.so # Set LD_LIBRARY_PATH so tests can find the library export LD_LIBRARY_PATH=${GITHUB_WORKSPACE}:${LD_LIBRARY_PATH} # Run tests but don't fail the build on test failures (some tests may need specific env) CGO_ENABLED=0 go test -v $(go list ./... | grep -v '/cmd/benchmark/external/' | xargs -n1 sh -c 'ls $0/*_test.go 1>/dev/null 2>&1 && echo $0' | grep .) || echo "Some tests failed, continuing..." - name: Build Release Binaries (Pure Go + purego) run: | set -e export PATH=/usr/local/go/bin:$PATH cd ${GITHUB_WORKSPACE} # Extract version from tag (e.g., v1.2.3 -> 1.2.3) VERSION=${GITHUB_REF_NAME#v} echo "Building release binaries for version $VERSION (pure Go + purego)" # Create directory for binaries mkdir -p release-binaries # Copy libsecp256k1.so from repository to release binaries cp libsecp256k1.so release-binaries/libsecp256k1-linux-amd64.so chmod +x release-binaries/libsecp256k1-linux-amd64.so # Build for Linux AMD64 (pure Go + purego dynamic loading) echo "Building Linux AMD64 (pure Go + purego dynamic loading)..." GOEXPERIMENT=greenteagc,jsonv2 GOOS=linux GOARCH=amd64 CGO_ENABLED=0 \ go build -ldflags "-s -w" -o release-binaries/orly-${VERSION}-linux-amd64 . # Create checksums cd release-binaries sha256sum * > SHA256SUMS.txt cat SHA256SUMS.txt cd .. echo "Release binaries built successfully:" ls -lh release-binaries/ - name: Create Gitea Release env: GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} run: | set -e # Exit on any error export PATH=/usr/local/go/bin:$PATH cd ${GITHUB_WORKSPACE} # Validate GITEA_TOKEN is set if [ -z "${GITEA_TOKEN}" ]; then echo "ERROR: GITEA_TOKEN secret is not set!" echo "Please configure the GITEA_TOKEN secret in repository settings." exit 1 fi VERSION=${GITHUB_REF_NAME} REPO_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d'/' -f1) REPO_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d'/' -f2) echo "Creating release for ${REPO_OWNER}/${REPO_NAME} version ${VERSION}" # Verify release binaries exist if [ ! -f "release-binaries/orly-${VERSION#v}-linux-amd64" ]; then echo "ERROR: Release binary not found!" ls -la release-binaries/ || echo "release-binaries directory does not exist" exit 1 fi # Use Gitea API directly (more reliable than tea CLI) cd ${GITHUB_WORKSPACE} API_URL="${GITHUB_SERVER_URL}/api/v1" echo "Creating release via Gitea API..." echo "API URL: ${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases" # Create the release RELEASE_RESPONSE=$(curl -s -X POST \ -H "Authorization: token ${GITEA_TOKEN}" \ -H "Content-Type: application/json" \ -d "{\"tag_name\": \"${VERSION}\", \"name\": \"Release ${VERSION}\", \"body\": \"Automated release ${VERSION}\"}" \ "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases") echo "Release response: ${RELEASE_RESPONSE}" # Extract release ID RELEASE_ID=$(echo "${RELEASE_RESPONSE}" | grep -o '"id":[0-9]*' | head -1 | cut -d: -f2) if [ -z "${RELEASE_ID}" ]; then echo "ERROR: Failed to create release or extract release ID" echo "Full response: ${RELEASE_RESPONSE}" exit 1 fi echo "Release created with ID: ${RELEASE_ID}" # Upload assets for ASSET in release-binaries/orly-${VERSION#v}-linux-amd64 release-binaries/libsecp256k1-linux-amd64.so release-binaries/SHA256SUMS.txt; do FILENAME=$(basename "${ASSET}") echo "Uploading ${FILENAME}..." UPLOAD_RESPONSE=$(curl -s -X POST \ -H "Authorization: token ${GITEA_TOKEN}" \ -F "attachment=@${ASSET}" \ "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/${RELEASE_ID}/assets?name=${FILENAME}") echo "Upload response for ${FILENAME}: ${UPLOAD_RESPONSE}" done echo "Release ${VERSION} created successfully with all assets!" # Verify release exists VERIFY=$(curl -s -H "Authorization: token ${GITEA_TOKEN}" \ "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/tags/${VERSION}") echo "Verification: ${VERIFY}" | head -c 500