.github/workflows/build-docker-image-and-binaries.yaml

name: Upload Binaries and Docker Image

on:
  workflow_dispatch:
    inputs:
      tag:
        description: Github tag to release binaries for (reusing an existing tag will make the pipeline fail)
        required: true
        default: latest
jobs:

  release-binaries:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [macos-latest]
        # arch: [amd64, arm64]
        arch: [amd64]
        exclude:
          - {os: "ubuntu-latest", arch: "arm64"}

    permissions:
      contents: write
      packages: write
      id-token: write

    steps:

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: us-east-2

      # - name: Validate tag for binaries build
      #   env:
      #     SEMVER: ${{ github.event.inputs.tag }}
      #   run: |
      #     if [[ $SEMVER =~ v[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} ]]; then echo "Tag is okay" && exit 0; else echo "invalid tag" && exit 1; fi
      #     aws s3 ls s3://axelar-releases/tofnd/"$SEMVER" && echo "tag already exists, use a new one" && exit 1

      - name: Checkout code
        uses: actions/checkout@v2
        with:
          fetch-depth: '0'
          ref: ${{ github.event.inputs.tag }}
          submodules: recursive

      - name: Install Rust
        run: |
          curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y

      - name: build binaries
        env:
          SEMVER: ${{ github.event.inputs.tag }}
        run: |
          if [ "$RUNNER_OS" == "Linux" ]
          then
              OS="linux"
              TOFND_PATH="/home/runner/work/tofnd/tofnd/target/release"
          else
              OS="darwin"
              TOFND_PATH="/Users/runner/work/tofnd/tofnd/target/release"
          fi

      - name: build darwin binaries
        env:
          SEMVER: ${{ github.event.inputs.tag }}
        if: matrix.os == 'macos-latest'
        run: |
          OS="darwin"
          ARCH="${{ matrix.arch }}"
          if [ "$ARCH" == "arm64" ]
          then
            export LIBRARY_PATH=/opt/homebrew/lib:$LIBRARY_PATH
            export LD_LIBRARY_PATH=/opt/homebrew/lib:$LD_LIBRARY_PATH
            export HOMEBREW_NO_INSTALL_CLEANUP=TRUE
            brew uninstall --ignore-dependencies gmp
            ARM_DEPENDENCY=$(brew fetch --force --bottle-tag=arm64_sonoma gmp | grep Downloaded | awk '{print $3}')
            brew install "$ARM_DEPENDENCY"
            rustup target add aarch64-apple-darwin
            cargo build --release --target aarch64-apple-darwin
            mkdir -p tofndbin
            mv /Users/runner/work/tofnd/tofnd/target/aarch64-apple-darwin/release/tofnd "./tofndbin/tofnd-$OS-$ARCH-$SEMVER"
          else
            echo "********"
            ls -l /opt/homebrew/Cellar/gmp/6.3.0/lib
            file /opt/homebrew/Cellar/gmp/6.3.0/lib/libgmp.10.dylib
            echo "********"
            export RUSTFLAGS="-L/opt/homebrew/lib"
            export LIBRARY_PATH=/opt/homebrew/lib:$LIBRARY_PATH
            export LD_LIBRARY_PATH=/opt/homebrew/lib:$LD_LIBRARY_PATH
            export C_INCLUDE_PATH=/opt/homebrew/include:$C_INCLUDE_PATH
            export CPLUS_INCLUDE_PATH=/opt/homebrew/include:$CPLUS_INCLUDE_PATH
            export HOMEBREW_NO_INSTALL_CLEANUP=TRUE
            brew uninstall --ignore-dependencies gmp
            ARM_DEPENDENCY=$(brew fetch --force --bottle-tag=x86_64_sonoma gmp | grep Downloaded | awk '{print $3}')
            brew install "$ARM_DEPENDENCY"
            cargo install --locked --path .
            mkdir -p tofndbin
            mv "/Users/runner/work/tofnd/tofnd/target/release/tofnd" "./tofndbin/tofnd-$OS-$ARCH-$SEMVER"
          fi
      - name: build linux binaries
        env:
          SEMVER: ${{ github.event.inputs.tag }}
        if: matrix.os == 'ubuntu-latest'
        run: |
          OS="linux"
          ARCH="${{ matrix.arch }}"
          cargo install --locked --path .
          mkdir -p tofndbin
          mv "/home/runner/.cargo/bin/tofnd" "./tofndbin/tofnd-$OS-$ARCH-$SEMVER"

      # - name: Test tofnd version
      #   working-directory: ./tofndbin
      #   run: |
      #     ./tofnd-* --version

      # - name: Import GPG key
      #   id: import_gpg
      #   uses: crazy-max/ghaction-import-gpg@v4
      #   with:
      #     gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
      #     passphrase: ${{ secrets.GPG_PASSPHRASE }}

      # - name: Sign binaries
      #   working-directory: ./tofndbin
      #   env:
      #     SEMVER: ${{ github.event.inputs.tag }}
      #   run: |
      #     if [ "$RUNNER_OS" == "Linux" ]
      #     then
      #         OS="linux"
      #     else
      #         OS="darwin"
      #     fi
      #     ARCH="${{ matrix.arch }}"
      #     gpg --armor --detach-sign  tofnd-"$OS"-"$ARCH"-"$SEMVER"

      # - name: Create zip and sha256 files
      #   working-directory: ./tofndbin
      #   run: |
      #     for i in `ls | grep -v .asc`
      #     do
      #       shasum -a 256 $i | awk '{print $1}' > $i.sha256
      #       zip $i.zip $i
      #       shasum -a 256 $i.zip | awk '{print $1}' > $i.zip.sha256
      #     done

      # - name: Upload binaries to release
      #   uses: svenstaro/upload-release-action@v2
      #   with:
      #     repo_token: ${{ secrets.GITHUB_TOKEN }}
      #     file: ./tofndbin/*
      #     tag: ${{ github.event.inputs.tag }}
      #     overwrite: true
      #     file_glob: true

      # - name: Upload binaries to S3
      #   env:
      #     S3_PATH: s3://axelar-releases/tofnd/${{ github.event.inputs.tag }}
      #   run: |
      #     aws s3 cp ./tofndbin ${S3_PATH}/ --recursive

  # release-docker:

  #   runs-on: ${{ matrix.os }}
  #   strategy:
  #     matrix:
  #       os: [ubuntu-latest]

  #   permissions:
  #     contents: write
  #     packages: write
  #     id-token: write

  #   steps:

  #     - name: Checkout code for docker image build
  #       uses: actions/checkout@v2
  #       with:
  #         fetch-depth: '0'
  #         ref: ${{ github.event.inputs.tag }}
  #         submodules: recursive

  #     - name: Install Cosign
  #       if: matrix.os == 'ubuntu-latest'
  #       uses: sigstore/cosign-installer@v3.3.0
  #       with:
  #         cosign-release: 'v2.2.2'

  #     - name: Install SSH key
  #       if: matrix.os == 'ubuntu-latest'
  #       uses: webfactory/ssh-agent@v0.4.1
  #       with:
  #         ssh-private-key: ${{ secrets.CICD_RSA_KEY }}

  #     - name: Build docker image
  #       if: matrix.os == 'ubuntu-latest'
  #       run: |
  #         make docker-image

  #     - name: Login to DockerHub
  #       if: matrix.os == 'ubuntu-latest'
  #       uses: docker/login-action@v1
  #       with:
  #         username: ${{ secrets.DOCKER_HUB_USERNAME }}
  #         password: ${{ secrets.DOCKER_HUB_TOKEN }}

  #     - name: Push to DockerHub (release)
  #       if: matrix.os == 'ubuntu-latest'
  #       run: |
  #         docker tag axelar/tofnd:latest axelarnet/tofnd:${{ github.event.inputs.tag }}
  #         docker push axelarnet/tofnd:${{ github.event.inputs.tag }}

  #     - name: Sign the images with GitHub OIDC
  #       if: matrix.os == 'ubuntu-latest'
  #       run: cosign sign -y --oidc-issuer https://token.actions.githubusercontent.com ${TAGS}
  #       env:
  #         TAGS: axelarnet/tofnd:${{ github.event.inputs.tag }}
  #         COSIGN_EXPERIMENTAL: 1