From ead4bdff368b31934cd380e1dc0a28c8c98c2da5 Mon Sep 17 00:00:00 2001 From: Krystian Hebel Date: Sun, 8 Oct 2023 11:38:30 +0200 Subject: [PATCH] test builderv2 Signed-off-by: Krystian Hebel --- .github/workflows/qubes-dom0-packagev2.yml | 112 +++++++++++++++++++++ 1 file changed, 112 insertions(+) create mode 100644 .github/workflows/qubes-dom0-packagev2.yml diff --git a/.github/workflows/qubes-dom0-packagev2.yml b/.github/workflows/qubes-dom0-packagev2.yml new file mode 100644 index 0000000..5ef0852 --- /dev/null +++ b/.github/workflows/qubes-dom0-packagev2.yml @@ -0,0 +1,112 @@ +name: Test build and package QubesOS RPMs + +on: + workflow_call: + inputs: + qubes-component: + description: > + Name of QubesOS component as recognized by its build system. + required: true + type: string + +jobs: + build-and-package: + runs-on: ubuntu-latest + name: Compile and package as QubesOS RPM + permissions: + # for publishing releases + contents: write + + steps: + - name: Install dependencies of builder script + # README also specified: python3-yaml rpm tree gpg openssl python3-setuptools + run: | + sudo apt install python3-packaging createrepo-c devscripts \ + docker python3-docker reprepro python3-pathspec \ + mktorrent python3-lxml python3-dateutil + + - uses: actions/checkout@v3 + with: + repository: QubesOS/qubes-builderv2 + + - name: Cache Docker image and dom0 stuff + uses: actions/cache@v3 + id: docker-cache + with: + path: | + /tmp/qubes-builder-fedora.tar + /tmp/cache/dom0.tar + key: | + ${{ hashFiles('tools/*') }}-docker-container + + - name: Load Docker image + if: steps.docker-cache.outputs.cache-hit == 'true' + run: | + docker load --input /tmp/qubes-builder-fedora.tar + + - name: Build Docker image (optional) + if: steps.docker-cache.outputs.cache-hit != 'true' + run: | + sed -i "s/RUN useradd -m user$/RUN useradd -m user -u $UID/" dockerfiles/fedora.Dockerfile + tools/generate-container-image.sh docker + + - name: Export Docker image (optional) + if: steps.docker-cache.outputs.cache-hit != 'true' + run: | + docker save --output /tmp/qubes-builder-fedora.tar \ + qubes-builder-fedora:latest + + - name: Prepare dom0 cache storage (optional) + if: steps.docker-cache.outputs.cache-hit != 'true' + run: | + mkdir --mode=777 /tmp/cache + + - name: Prepare configuration + # FIXME: head_ref probably doesn't work on tag pushes + env: + URL: ${{ github.repositoryUrl }} + BRANCH: ${{ fromJSON('{"tag": "${{ github.ref_name }}", "branch": "${{ github.head_ref }}"}')[github.ref_type] }} + run: | + cp example-configs/builder-devel.yml builder.yml + sed -i "s#^ prefix: fepitre/qubes-# prefix: QubesOS/qubes-#" builder.yml + sed -i "s#^ branch: builderv2# branch: main#" builder.yml + sed -i "s#^artifacts-dir: .*#artifacts-dir: $PWD/artifacts#" builder.yml + sed -i "1,/^ - ${{ inputs.qubes-component }}/s#^ - ${{ inputs.qubes-component }}#&:#" builder.yml + sed -i "/^ - ${{ inputs.qubes-component }}:/a\ verification-mode: insecure-skip-checking" builder.yml + sed -i "/^ - ${{ inputs.qubes-component }}:/a\ branch: ${BRANCH}" builder.yml + sed -i "/^ - ${{ inputs.qubes-component }}:/a\ url: ${URL/git:/https:}" builder.yml + cat builder.yml + + - name: Build and package + run: | + ./qb --debug --verbose -c ${{ inputs.qubes-component }} package fetch prep build + + - name: Save built packages + uses: actions/upload-artifact@v3 + with: + if-no-files-found: error + name: qubesos.dom0.fc37-${{ inputs.qubes-component }}-${{ github.sha }} + path: | + artifacts/components/${{ inputs.qubes-component }}/**/build/rpm/*.rpm + artifacts/components/${{ inputs.qubes-component }}/**/build/rpm/*.buildinfo + + - name: Construct release's description + if: github.event_name == 'push' && github.ref_type == 'tag' + run: | + for artifact in *.rpm; do + echo "### $artifact" >> release-body.md + echo '```' >> release-body.md + echo "wget --quiet '${{ github.server_url }}/${{ github.repository }}/releases/download/${{ github.ref_name }}/$artifact'" >> release-body.md + echo '```' >> release-body.md + echo '```' >> release-body.md + echo "curl --remote-name '${{ github.server_url }}/${{ github.repository }}/releases/download/${{ github.ref_name }}/$artifact'" >> release-body.md + echo '```' >> release-body.md + done + + - name: Create release for a new tag + if: github.event_name == 'push' && github.ref_type == 'tag' + uses: ncipollo/release-action@v1.13.0 + with: + artifacts: '*.rpm' + artifactErrorsFailBuild: true + bodyFile: "release-body.md"