envoyproxy · mattklein123 · Mar 14, 2018 · Feb 16, 2018 · Feb 16, 2018 · Feb 16, 2018
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -12,9 +12,12 @@ jobs:
      steps:
        - checkout
        - run: ci/do_circle_ci.sh bazel.release
+       - run: ci/do_circle_ci.sh github_release
        - setup_remote_docker
        - run: ci/docker_push.sh
        - run: ci/docker_tag.sh
+       - store_artifacts:
+          path: /tmp/envoy-dist
    asan:
      docker:
        - image: *envoy-build-image

diff --git a/ci/do_ci.sh b/ci/do_ci.sh
@@ -20,9 +20,11 @@ function bazel_release_binary_build() {
   # TODO(mattklein123): Replace this with caching and a different job which creates images.
   echo "Copying release binary for image build..."
   mkdir -p "${ENVOY_SRCDIR}"/build_release
+  mkdir -p /tmp/envoy-dist
   cp -f "${ENVOY_DELIVERY_DIR}"/envoy "${ENVOY_SRCDIR}"/build_release
   mkdir -p "${ENVOY_SRCDIR}"/build_release_stripped
   strip "${ENVOY_DELIVERY_DIR}"/envoy -o "${ENVOY_SRCDIR}"/build_release_stripped/envoy
+  cp "${ENVOY_SRCDIR}"/build_release_stripped/envoy /tmp/envoy-dist/envoy
 }
 
 function bazel_debug_binary_build() {
@@ -167,6 +169,8 @@ elif [[ "$1" == "check_format" ]]; then
 elif [[ "$1" == "docs" ]]; then
   docs/publish.sh
   exit 0
+elif [[ "$1" == "github_release" ]]; then
+  ./ci/publish_github_release.sh
 else
   echo "Invalid do_ci.sh target, see ci/README.md for valid targets."
   exit 1

diff --git a/ci/do_circle_ci.sh b/ci/do_circle_ci.sh
@@ -2,9 +2,11 @@
 
 set -e
 
-# bazel uses jgit internally and the default circle-ci .gitconfig says to
-# convert https://github.com to ssh://git@github.com, which jgit does not support.
-mv ~/.gitconfig ~/.gitconfig_save
+if [[ -f ~/.gitconfig ]]; then
+  # bazel uses jgit internally and the default circle-ci .gitconfig says to
+  # convert https://github.com to ssh://git@github.com, which jgit does not support.
+  mv ~/.gitconfig ~/.gitconfig_save
+fi
 
 export ENVOY_SRCDIR="$(pwd)"
 

diff --git a/ci/publish_github_release.sh b/ci/publish_github_release.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# NOTE: please do not set trace mode (-x)
+# as it will leak credentials in the logs.
+set -e
+
+if [[ -z "${CIRCLE_TAG:-}" ]]; then
+    echo "skipping non tag events"
+    exit 0
+fi
+
+if [[ ! -f "${ENVOY_SRCDIR}/build_release_stripped/envoy" ]]; then
+    echo "could not locate envoy binary at path: ${ENVOY_SRCDIR}/build_release_stripped/envoy"
+    exit 1
+fi
+
+if [[ -z "${GITHUB_TOKEN:-}" ]]; then
+    echo "environment variable GITHUB_TOKEN unset; cannot continue with publishing."
+    exit 1
+fi
+
+if [[ -z "${GITHUB_USER:-}" ]]; then
+    echo "environment variable GITHUB_USER unset; cannot continue with publishing."
+    exit 1
+fi
+
+if [[ -z "${GITHUB_REPO:-}" ]]; then
+    echo "environment variable GITHUB_REPO unset; cannot continue with publishing."
+    exit 1
+fi
+
+wget https://github.com/aktau/github-release/releases/download/v0.7.2/linux-amd64-github-release.tar.bz2 -O /tmp/ghrelease.tar.bz2
+tar -xvjpf /tmp/ghrelease.tar.bz2 -C /tmp
+cp /tmp/bin/linux/amd64/github-release /usr/local/bin/ghrelease
+chmod +x /usr/local/bin/ghrelease
+
+ghrelease upload --tag "${CIRCLE_TAG:-}" --name "envoy-linux-amd64" --file "${ENVOY_SRCDIR}/build_release_stripped/envoy"