Update repositories #54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update repositories | |
| on: | |
| workflow_run: | |
| workflows: [Build packages] | |
| types: [completed] | |
| jobs: | |
| deb-repo: | |
| name: Update deb repository | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| if: github.event.workflow_run.conclusion == 'success' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| - name: Download artifacts | |
| uses: dawidd6/action-download-artifact@v6 | |
| with: | |
| workflow: ${{ github.event.workflow.id }} | |
| run_id: ${{ github.event.workflow_run.id }} | |
| path: artifacts | |
| - name: Get build tag | |
| run: echo "TAG=$(find artifacts -name 'TAG' | head -n 1 | xargs cat)" >> $GITHUB_ENV | |
| - name: Copy packages | |
| run: | | |
| mkdir -p deb/pool/${{ env.TAG }} | |
| find artifacts -name '*.deb' -exec cp {} deb/pool/${{ env.TAG }} \; | |
| - name: Build the Docker image | |
| run: docker build . --tag deb --file build/deb.Dockerfile | |
| - name: Set up private key | |
| run: echo -n '${{ secrets.PRIVATE_KEY }}' | base64 --decode > key-private.asc | |
| - name: Set up Git | |
| run: | | |
| git config --local user.name "github-actions[bot]" | |
| git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| - name: Update repository | |
| run: | | |
| docker run --tty \ | |
| -v ${PWD}:/root/deb \ | |
| -e GPG_PASSPHRASE='${{ secrets.GPG_PASSPHRASE }}' \ | |
| deb /bin/bash -c "./build/deb-repo.sh" | |
| - name: Remove private key | |
| run: rm -f key-private.asc | |
| - name: Commit changes | |
| run: | | |
| git pull | |
| git add deb/* | |
| git commit -m "Bump deb repo to ${{ env.TAG }}" || echo "No changes to commit" | |
| git push | |
| - name: Sync repo with R2 | |
| env: | |
| R2_ENDPOINT: https://a1220fd38ad4771f7b7b38f5f3c2b00d.r2.cloudflarestorage.com | |
| AWS_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: auto | |
| AWS_DEFAULT_OUTPUT: json | |
| run: | | |
| aws s3 cp key.gpg s3://relay-repos/ \ | |
| --no-progress \ | |
| --acl public-read \ | |
| --endpoint-url ${{ env.R2_ENDPOINT }} | |
| aws s3 sync deb s3://relay-repos/deb \ | |
| --delete \ | |
| --no-progress \ | |
| --acl public-read \ | |
| --endpoint-url ${{ env.R2_ENDPOINT }} | |
| aws s3 sync deb/dists s3://relay-repos/deb/dists/ \ | |
| --no-progress \ | |
| --acl public-read \ | |
| --endpoint-url ${{ env.R2_ENDPOINT }} | |
| rpm-repo: | |
| name: Update rpm repository | |
| runs-on: ubuntu-latest | |
| needs: deb-repo | |
| timeout-minutes: 10 | |
| if: github.event.workflow_run.conclusion == 'success' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| - name: Download artifacts | |
| uses: dawidd6/action-download-artifact@v6 | |
| with: | |
| workflow: ${{ github.event.workflow.id }} | |
| run_id: ${{ github.event.workflow_run.id }} | |
| path: artifacts | |
| - name: Get build tag | |
| run: echo "TAG=$(find artifacts -name 'TAG' | head -n 1 | xargs cat)" >> $GITHUB_ENV | |
| - name: Copy packages | |
| run: | | |
| mkdir -p rpm/el7/${{ env.TAG }} | |
| find artifacts -name '*el7*.rpm' -exec cp {} rpm/el7/${{ env.TAG }} \; | |
| mkdir -p rpm/el8/${{ env.TAG }} | |
| find artifacts -name '*el8*.rpm' -exec cp {} rpm/el8/${{ env.TAG }} \; | |
| mkdir -p rpm/el9/${{ env.TAG }} | |
| find artifacts -name '*el9*.rpm' -exec cp {} rpm/el9/${{ env.TAG }} \; | |
| - name: Build the Docker image | |
| run: docker build . --tag rpm --file build/rpm.Dockerfile | |
| - name: Set up private key | |
| run: echo -n '${{ secrets.PRIVATE_KEY }}' | base64 --decode > key-private.asc | |
| - name: Set up Git | |
| run: | | |
| git config --local user.name "github-actions[bot]" | |
| git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| - name: Update repository | |
| run: | | |
| docker run --tty \ | |
| -v ${PWD}:/root/rpm \ | |
| -e GPG_PASSPHRASE='${{ secrets.GPG_PASSPHRASE }}' \ | |
| rpm /bin/bash -c "./build/rpm-repo.sh" | |
| - name: Remove private key | |
| run: rm -f key-private.asc | |
| - name: Commit changes | |
| run: | | |
| git pull | |
| git add rpm/* | |
| git commit -m "Bump rpm repos to ${{ env.TAG }}" || echo "No changes to commit" | |
| git push | |
| - name: Sync repo with R2 | |
| env: | |
| R2_ENDPOINT: https://a1220fd38ad4771f7b7b38f5f3c2b00d.r2.cloudflarestorage.com | |
| AWS_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: auto | |
| AWS_DEFAULT_OUTPUT: json | |
| run: | | |
| aws s3 cp key.gpg s3://relay-repos/ \ | |
| --no-progress \ | |
| --acl public-read \ | |
| --endpoint-url ${{ env.R2_ENDPOINT }} | |
| aws s3 sync rpm s3://relay-repos/rpm \ | |
| --delete \ | |
| --no-progress \ | |
| --acl public-read \ | |
| --endpoint-url ${{ env.R2_ENDPOINT }} | |
| aws s3 sync rpm/el7/repodata s3://relay-repos/rpm/el7/repodata/ \ | |
| --no-progress \ | |
| --acl public-read \ | |
| --endpoint-url ${{ env.R2_ENDPOINT }} | |
| aws s3 sync rpm/el8/repodata s3://relay-repos/rpm/el8/repodata/ \ | |
| --no-progress \ | |
| --acl public-read \ | |
| --endpoint-url ${{ env.R2_ENDPOINT }} | |
| aws s3 sync rpm/el9/repodata s3://relay-repos/rpm/el9/repodata/ \ | |
| --no-progress \ | |
| --acl public-read \ | |
| --endpoint-url ${{ env.R2_ENDPOINT }} |