Build Node-Packages #74

Workflow file for this run

.github/workflows/build-node-packages.yml at 104256b

	name: Build Node-Packages

	on:
	workflow_dispatch:
	workflow_run:
	workflows: ["Build Node (Standard)"]
	types:
	- completed
	branches:
	- v22.21.1

	jobs:
	build-packages:
	if: ${{ github.event_name == 'workflow_dispatch' \|\| github.event.workflow_run.conclusion == 'success' }}
	permissions:
	id-token: write
	contents: write
	strategy:
	matrix:
	include:
	- platform: linux
	arch: x64
	bazel_arch: amd64
	runs_on: ubuntu-22.04
	- platform: linux
	arch: arm64
	bazel_arch: arm64
	runs_on: ubuntu-22.04-arm
	runs-on: ${{ matrix.runs_on }}

	env:
	NODE_VERSION: v22.21.1

	steps:
	- name: Checkout repository
	uses: actions/checkout@v3

	- name: Debug Matrix Values
	run: \|
	echo "Matrix platform: ${{ matrix.platform }}"
	echo "Matrix arch: ${{ matrix.arch }}"

	- name: Download Node archive
	run: \|
	gh release download node-${{ env.NODE_VERSION }}-release \
	--repo asana/node \
	--pattern "node-${{ env.NODE_VERSION }}-${{ matrix.platform }}-${{ matrix.arch }}-LATEST.tar.xz"
	mv node-${{ env.NODE_VERSION }}-${{ matrix.platform }}-${{ matrix.arch }}-LATEST.tar.xz node.tar.xz
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Execute the Dockerfile
	run: \|
	pwd
	docker build -t node22_packages_build -f Dockerfile.Packages .

	- name: Extract resources
	run: \|
	docker create --name temp_node_packages_extract node22_packages_build
	docker cp temp_node_packages_extract:/usr/src/node/node_modules $GITHUB_WORKSPACE/node_modules
	docker rm temp_node_packages_extract

	- name: Tar node-packages
	run: \|
	mkdir -p ./bcrypt@5.1.0/node_modules
	mkdir -p ./cld@2.9.1/node_modules
	mkdir -p ./unix-dgram@2.0.6/node_modules
	mkdir -p "./@datadog+pprof@5.8.0/node_modules/@datadog"
	mv node_modules/bcrypt ./bcrypt@5.1.0/node_modules/
	mv node_modules/cld ./cld@2.9.1/node_modules/
	mv node_modules/unix-dgram ./unix-dgram@2.0.6/node_modules/
	mv "node_modules/@datadog/pprof" "./@datadog+pprof@5.8.0/node_modules/@datadog/"
	tar --hard-dereference -cvzf packages_${{matrix.arch}}.tar.gz bcrypt@5.1.0 cld@2.9.1 unix-dgram@2.0.6 "@datadog+pprof@5.8.0"

	- name: Upload archive to release
	uses: softprops/action-gh-release@v1
	with:
	name: node-${{ env.NODE_VERSION }}-LATEST
	tag_name: node-${{ env.NODE_VERSION }}-release
	files: packages_${{matrix.arch}}.tar.gz
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	# S3 upload is restricted to the protected main branch only. The IAM role
	# (push_node_gyp_packages) trusts only refs/heads/main via OIDC. To upload
	# packages to S3 after a Node upgrade, trigger workflow_dispatch from main.
	- name: Configure AWS credentials
	if: github.ref == 'refs/heads/main'
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-region: us-east-1
	role-to-assume: arn:aws:iam::403483446840:role/autogen_github_actions_beta_push_node_gyp_packages

	- name: Upload packages to S3
	if: github.ref == 'refs/heads/main'
	run: \|
	NODE_MAJOR=$(echo "${{ env.NODE_VERSION }}" \| sed 's/^v//' \| cut -d. -f1)
	SHA256=$(sha256sum "packages_${{ matrix.arch }}.tar.gz" \| awk '{print $1}')
	SHORT_HASH=${SHA256:0:8}
	S3_KEY="node-gyp/packages_${{ matrix.bazel_arch }}_node${NODE_MAJOR}-${SHORT_HASH}.tar.gz"
	echo "Uploading packages_${{ matrix.arch }}.tar.gz to s3://asana-oss-cache/${S3_KEY}"
	aws s3 cp "packages_${{ matrix.arch }}.tar.gz" "s3://asana-oss-cache/${S3_KEY}" --acl public-read
	echo ""
	echo "=== Update tools_repositories.bzl in codez ==="
	echo " name = \"node_gyp_packages_${{ matrix.bazel_arch }}_node${NODE_MAJOR}\","
	echo " urls = [\"https://asana-oss-cache.s3.us-east-1.amazonaws.com/${S3_KEY}\"],"
	echo " sha256 = \"${SHA256}\","

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build Node-Packages #74

Workflow file

Build Node-Packages #74

Uh oh!

Workflow file for this run