name: Update Repository # Controls when the workflow will run on: #push: # If the configuration has changed, this ensures we apply updates. #branches: [ main ] schedule: # Upstream releases around once per month, so twice a week should be fine. - cron: '23 14 * * mon,thu' workflow_dispatch: jobs: build-deb: name: Build DEB Packages runs-on: ubuntu-latest outputs: innernet_release: ${{ steps.download-release.outputs.innernet_release }} steps: - name: Install Distro Dependencies run: sudo env DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --yes dpkg-dev jq liblzma-dev - name: Download Latest Release id: download-release run: | wget -O- \ -H'Accept: application/json' \ "https://api.github.com/repos/tonarino/innernet/releases/latest" \ | jq -r '(.name + " " + .tarball_url)' \ | ( read release tarball_url echo "innernet_release=$release" >>"$GITHUB_OUTPUT" wget -O- "$tarball_url" | tar xz mv tonarino-innernet-*/* . rm -fr tonarino-innernet-* ) - name: Install Rust uses: actions-rs/toolchain@v1 with: toolchain: stable profile: minimal override: true - name: Install cargo-deb run: | type -p cargo-deb || cargo install cargo-deb - name: Set Up Rust Cache uses: Swatinem/rust-cache@v1 - name: Build Client DEB uses: actions-rs/cargo@v1 with: command: deb args: -p client - name: Build Server DEB uses: actions-rs/cargo@v1 with: command: deb args: -p server - name: Upload DEBs uses: actions/upload-artifact@v2 with: name: deb-ubuntu-latest path: target/debian/*.deb release: runs-on: ubuntu-latest needs: [build-deb] steps: - name: Install Distro Dependencies run: sudo env DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --yes git gpg reprepro - name: Set Up GPG Keys run: | mkdir -p -m 0700 "$HOME/.gnupg" echo 'pinentry-mode loopback' >>"$HOME/.gnupg/gpg.conf" echo 'allow-loopback-pinentry' >>"$HOME/.gnupg/gpg-agent.conf" echo 'allow-preset-passphrase' >>"$HOME/.gnupg/gpg-agent.conf" gpgconf --reload gpg-agent echo "${{ secrets.GPG_SIGNING_KEY }}" | gpg --quiet --batch --yes --import echo '${{ secrets.GPG_SIGNING_PASSPHRASE }}' | /usr/lib/gnupg/gpg-preset-passphrase --preset 57F0E65446A301CC19914FD61167922350A2D8B2 - name: Checkout uses: actions/checkout@v2 with: # See https://github.com/marketplace/actions/github-push persist-credentials: false fetch-depth: 0 - name: Get Artifacts uses: actions/download-artifact@v2 with: name: deb-ubuntu-latest path: ./artifacts - name: Import Artifacts run: | cd artifacts for name in *.deb; do reprepro --export=silent-never -b ../debian includedeb unstable "$name" done - name: Update Repository run: | has_changes() { git status --porcelain "$@" | grep -q . } if has_changes debian/pool; then reprepro -b debian export unstable fi if has_changes debian/{db,dists,pool}; then git add debian/{db,dists,pool} git \ -c 'user.email=41898282+github-actions[bot]@users.noreply.github.com' \ -c 'user.name=github-actions[bot]' \ commit -m "Included release tonarino/innernet@${{ needs.build-deb.outputs.innernet_release }}." else echo 'No updates to commit.' fi - name: Push changes uses: ad-m/github-push-action@v0.6.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} branch: ${{ github.ref }}