innernet-debian/.github/workflows/main.yml

134 lines
4.0 KiB
YAML

name: Update Repository
# Controls when the workflow will run
on:
#push:
# If the configuration has changed, this ensures we apply updates.
#branches: [ main ]
schedule:
# Upstream releases around once per month, so twice a week should be fine.
- cron: '23 14 * * mon,thu'
workflow_dispatch:
jobs:
build-deb:
name: Build DEB Packages
runs-on: ubuntu-latest
steps:
- name: Install Distro Dependencies
run: sudo env DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --yes dpkg-dev jq liblzma-dev
- name: Download Latest Release
id: download-release
run: |
wget -O- \
-H'Accept: application/json' \
"https://api.github.com/repos/tonarino/innernet/releases/latest" \
| jq -r '(.name + " " + .tarball_url)' \
| (
read release tarball_url
echo "innernet_release=$release" >>"$GITHUB_OUTPUT"
wget -O- "$tarball_url" | tar xz
mv tonarino-innernet-*/* .
rm -fr tonarino-innernet-*
)
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
toolchain: stable
profile: minimal
override: true
- name: Install cargo-deb
run: |
type -p cargo-deb || cargo install cargo-deb
- name: Set Up Rust Cache
uses: Swatinem/rust-cache@v1
- name: Build Client DEB
uses: actions-rs/cargo@v1
with:
command: deb
args: -p client
- name: Build Server DEB
uses: actions-rs/cargo@v1
with:
command: deb
args: -p server
- name: Upload DEBs
uses: actions/upload-artifact@v2
with:
name: deb-ubuntu-latest
path: target/debian/*.deb
release:
runs-on: ubuntu-latest
needs: [build-deb]
steps:
- name: Install Distro Dependencies
run: sudo env DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --yes git gpg reprepro
- name: Set Up GPG Keys
run: |
mkdir -p -m 0700 "$HOME/.gnupg"
echo 'pinentry-mode loopback' >>"$HOME/.gnupg/gpg.conf"
echo 'allow-loopback-pinentry' >>"$HOME/.gnupg/gpg-agent.conf"
echo 'allow-preset-passphrase' >>"$HOME/.gnupg/gpg-agent.conf"
gpgconf --reload gpg-agent
echo "${{ secrets.GPG_SIGNING_KEY }}" | gpg --quiet --batch --yes --import
echo '${{ secrets.GPG_SIGNING_PASSPHRASE }}' | /usr/lib/gnupg/gpg-preset-passphrase --preset 57F0E65446A301CC19914FD61167922350A2D8B2
- name: Checkout
uses: actions/checkout@v2
with:
# See https://github.com/marketplace/actions/github-push
persist-credentials: false
fetch-depth: 0
- name: Get Artifacts
uses: actions/download-artifact@v2
with:
name: deb-ubuntu-latest
path: ./artifacts
- name: Import Artifacts
run: |
cd artifacts
for name in *.deb; do
reprepro --export=silent-never -b ../debian includedeb unstable "$name"
done
- name: Update Repository
run: |
has_changes() {
git status --porcelain "$@" | grep -q .
}
if has_changes debian/pool; then
reprepro -b debian export unstable
fi
if has_changes debian/{db,dists,pool}; then
git add debian/{db,dists,pool}
git \
-c 'user.email=41898282+github-actions[bot]@users.noreply.github.com' \
-c 'user.name=github-actions[bot]' \
commit -m "Included release $release_repo@$(cat "$tmpd/latest.json" | jq -r '.name | ltrimstr("v")')."
else
echo 'No updates to commit.'
fi
- name: Push changes
uses: ad-m/github-push-action@v0.6.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branch: ${{ github.ref }}