---
name: Build release
on: # yamllint disable-line rule:truthy
push:
tags:
- '*'
workflow_dispatch:
jobs:
build:
name: Build release
runs-on: [ubuntu-latest]
strategy:
fail-fast: false
matrix:
version: ['slim', 'full']
steps:
- name: Setup PHP, with composer and extensions
id: setup-php
# https://github.com/shivammathur/setup-php
uses: shivammathur/setup-php@v2
with:
# Should match the minimum required version for SimpleSAMLphp
php-version: '8.1'
tools: composer:v2, phive
extensions: mbstring, xml
coverage: none
- name: Setup problem matchers for PHP
run: echo "::add-matcher::${{ runner.tool_cache }}/php.json"
- uses: actions/checkout@v4
# Store the version, stripping any v-prefix
- name: Write release version
run: |
{
echo "TAG=${{ github.ref_name }}"
echo "VERSION=${TAG#v}"
echo "COMPOSER_VERSION=$(composer config version)"
} >> "$GITHUB_ENV"
- name: Validate composer.json and composer.lock
run: composer validate
- name: Make sure a version is set in composer.json that matches the tag
if: "${{ env.COMPOSER_VERSION != env.TAG }}"
run: exit 1
- name: Install Composer dependencies
run: composer install --no-progress --no-dev --prefer-dist --optimize-autoloader
- name: Install SimpleSAMLphp modules
env:
FILE: ".github/build/${{ matrix.version }}.json"
run: |
for k in $(jq '.modules | keys | .[]' "$FILE"); do
module=$(jq -r ".modules[$k]" "$FILE");
if [ -n "$module" ];
then
repository=$(jq -r '.repository' <<< "$module");
v=$(jq -r '.version' <<< "$module");
composer require "$repository:$v" --update-no-dev --ignore-platform-reqs
fi
done
- name: Add composer.phar to the release
run: phive --no-progress install --trust-gpg-keys CBB3D576F2A0946F --copy --target ./bin composer
- name: Clean release
run: |
grep export-ignore .gitattributes | cut -d ' ' -f 1 | while IFS= read -r line
do
rm -rf "$line"
done
rm -rf .git
- name: Build tarball
run: |
cd ..
cp -R simplesamlphp "simplesamlphp-$VERSION"
TARGET="/tmp/simplesamlphp-$VERSION-${{ matrix.version }}.tar.gz"
# remove -slim from the filename for our minimalistic build
TARGET=${TARGET/-slim/}
echo "VERSION=$TARGET" >> "$GITHUB_ENV"
tar --owner 0 --group 0 -cvzf "$TARGET" "simplesamlphp-$VERSION"
rm -rf "simplesamlphp-$VERSION"
- name: Save tarball
uses: actions/upload-artifact@v4
with:
name: release-${{ matrix.version }}
path: "$TARGET"
retention-days: 1
- name: Calculate SHA checksum (${{ matrix.version }})
run: sha256sum "$TARGET"
- name: Run website build
if: |
startsWith(github.ref, 'refs/tags/v') &&
contains(github.ref, 'alpha') != true &&
contains(github.ref, 'beta') != true
uses: actions/github-script@v7
with:
# Token has to be generated on a user account that controls the docs-repository.
# The _only_ scope to select is "Access public repositories", nothing more.
github-token: ${{ secrets.PAT_TOKEN }}
script: |
await github.rest.actions.createWorkflowDispatch({
owner: 'simplesamlphp',
repo: 'simplesamlphp.github.io',
workflow_id: 'github-pages.yml',
ref: 'release'
})