Files
local-ci-cd-system/.gitea/workflows/build-nsInnoUnp.yml
T
Simone d6031a5e32 refactor(ci): drop upload/download-artifact (remove github.com dependency)
actions/upload-artifact and download-artifact run code fetched from
github.com (and v4 is GHES-incompatible, v3 deprecated). The runner
host is single with a shared filesystem, so the orchestrator's
host-side collect dir is the artifact handoff:

- action.yml: replace the two upload-artifact steps with
  host-path report steps; artifacts stay under F:\CI\Artifacts and
  are aged by Invoke-RetentionPolicy.ps1.
- build-nsInnoUnp.yml: release job reads
  F:\CI\Artifacts\{run_id}-{run_attempt}-{target} directly instead of
  download-artifact; existing Gitea REST release-asset upload unchanged.

Tradeoff (accepted): artifacts are no longer downloadable from the
Gitea Actions run page for non-tag builds — only on host disk, and as
release assets for tagged builds.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-17 16:42:36 +02:00

100 lines
4.3 KiB
YAML

# Build (Local CI) — pipeline per nsis-plugin-nsinnounp
#
# Cross-platform matrix build: runs in parallel on both windows-build (WinRM)
# and linux-build (SSH) runners using the reusable composite action.
# Uses: Simone/local-ci-cd-system/.gitea/actions/local-ci-build@main
#
# Trigger: push su tag v*, oppure run manuale
name: Build (Local CI)
on:
push:
tags:
- 'v*'
workflow_dispatch:
jobs:
build:
strategy:
matrix:
target: [windows, linux]
fail-fast: false
# Runner label must match config.yaml labels: windows-build or linux-build
runs-on: ${{ matrix.target }}-build
steps:
- uses: Simone/local-ci-cd-system/.gitea/actions/local-ci-build@main
with:
build-command: 'python build_plugin.py --final --dist-dir dist'
artifact-source: 'dist'
submodules: 'true'
guest-os: ${{ matrix.target == 'linux' && 'Linux' || 'Windows' }}
# SSH URL alias configured in host ~/.ssh/config — same for both runners
repo-url: 'ssh://gitea-ci/Simone/nsis-plugin-nsinnounp.git'
# Suffix disambiguates artifact dirs: F:\CI\Artifacts\{run_id}-{attempt}-windows
job-id-suffix: '${{ matrix.target }}'
artifact-name: 'nsis-plugin-nsinnounp-${{ matrix.target }}-${{ github.ref_name }}'
# ── Publish Gitea release with build artifacts ────────────────────────────
# Runs only on tag pushes, after both matrix legs succeed.
# Requires a GITEA_TOKEN secret with repo write permissions.
release:
needs: build
if: github.ref_type == 'tag'
runs-on: windows-build
steps:
# No actions/download-artifact (its code is fetched from github.com).
# The runner host is single and shared; the build matrix legs left
# their outputs at F:\CI\Artifacts\{run_id}-{run_attempt}-{target}
# (job-id-suffix = matrix.target). Read them directly from disk.
- name: Create Gitea release and upload assets
shell: powershell
env:
GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
GITEA_URL: ${{ github.server_url }}
REPO: ${{ github.repository }}
TAG: ${{ github.ref_name }}
RUN_ID: ${{ github.run_id }}
RUN_ATTEMPT: ${{ github.run_attempt }}
run: |
#Requires -Version 5.1
Set-StrictMode -Version Latest
$ErrorActionPreference = 'Stop'
$authHeader = @{ Authorization = "token $env:GITEA_TOKEN" }
$apiBase = "$env:GITEA_URL/api/v1/repos/$env:REPO"
# Create the release (non-draft, non-prerelease)
$releaseBody = @{
tag_name = $env:TAG
name = $env:TAG
draft = $false
prerelease = $false
} | ConvertTo-Json
$jsonHeaders = $authHeader + @{ 'Content-Type' = 'application/json' }
$release = Invoke-RestMethod -Method Post -Uri "$apiBase/releases" `
-Headers $jsonHeaders -Body $releaseBody
$releaseId = $release.id
Write-Host "Release created: id=$releaseId name=$($release.name)"
# Compress each host-side artifact directory and upload as a
# release asset. The build legs collected to
# F:\CI\Artifacts\{run_id}-{run_attempt}-{target}.
foreach ($target in @('windows', 'linux')) {
$srcDir = "F:\CI\Artifacts\$env:RUN_ID-$env:RUN_ATTEMPT-$target"
if (-not (Test-Path -LiteralPath $srcDir) -or
-not (Get-ChildItem -Force -LiteralPath $srcDir)) {
throw "artifact dir missing or empty: $srcDir"
}
$zipName = "nsis-plugin-nsinnounp-$target-$env:TAG.zip"
Compress-Archive -Path "$srcDir\*" -DestinationPath $zipName -Force
$uploadUrl = "$apiBase/releases/$releaseId/assets?name=$zipName"
$uploadHeaders = $authHeader + @{ 'Content-Type' = 'application/zip' }
$zipBytes = [System.IO.File]::ReadAllBytes(
(Resolve-Path $zipName).ProviderPath)
Invoke-RestMethod -Method Post -Uri $uploadUrl `
-Headers $uploadHeaders -Body $zipBytes | Out-Null