-
Notifications
You must be signed in to change notification settings - Fork 7
143 lines (141 loc) · 5.27 KB
/
build-image.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
name: "Build NethSecurity image"
on:
workflow_dispatch:
inputs:
target:
description: "Target architecture"
required: true
default: 'x86_64'
type: choice
options:
- x86_64
- lamobo
push:
branches:
- 'main'
paths:
- 'config/**'
- 'files/**'
- 'packages/**'
- 'patches/**'
tags:
- '*'
pull_request:
paths:
- 'config/**'
- 'files/**'
- 'packages/**'
- 'patches/**'
jobs:
publish_images:
name: 'Build NethSecurity image'
runs-on: self-hosted
env:
DO_SPACE_NAME: 'nethsecurity'
DO_SPACE_REGION: 'ams3'
CDN_NAME: 'updates.nethsecurity.nethserver.org'
USIGN_PUB_KEY: ${{ secrets.USIGN_PUB_KEY }}
USIGN_PRIV_KEY: ${{ secrets.USIGN_PRIV_KEY }}
NETIFYD_ACCESS_TOKEN: ${{ secrets.NETIFYD_ACCESS_TOKEN }}
TARGET: ${{ github.event.inputs.target }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GH_REPO: ${{ github.repository }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 500
- name: Fetch tag annotations
run: |
# Fetch tag manually because fetch-tags option for checkout@v4 does not work
git fetch --force --tags --depth 500
- id: read_tag
name: Set VERSION env variable
if: ${{ startsWith(github.ref, 'refs/tags') }}
run: |
# Set tag from GitHub: using git describe for tags inside the run script
# seems not working
echo "VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- id: build
name: Build the image
run: |
# Build the image
# The run script will set VERSION, REPO_CHANNEL, and OWRT_VERSION env variables
./run
- id: release
name: Update latest_release file
run: |
# Create release file pointing to 8-VERSION
echo 8-${{ env.VERSION }} > latest_release
- uses: actions/upload-artifact@v4
name: Publish image as temporary artifact
with:
name: image
compression-level: 0
path: |
bin/targets/**/nethsecurity-*.img.gz
!bin/targets/**/nethsecurity-*rootfs.img.gz
- uses: BetaHuhn/do-spaces-action@v2
name: Publish packages inside the rolling repository
if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags') }}
with:
access_key: ${{ secrets.DO_SPACE_ACCESS_KEY }}
secret_key: ${{ secrets.DO_SPACE_SECRET_KEY }}
space_name: ${{ env.DO_SPACE_NAME }}
space_region: ${{ env.DO_SPACE_REGION }}
cdn_domain: ${{ env.CDN_DOMAIN }}
source: bin/packages
out_dir: ${{ env.REPO_CHANNEL }}/${{ env.OWRT_VERSION }}/packages
- uses: BetaHuhn/do-spaces-action@v2
name: Publish images inside the rolling repository
if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags') }}
with:
access_key: ${{ secrets.DO_SPACE_ACCESS_KEY }}
secret_key: ${{ secrets.DO_SPACE_SECRET_KEY }}
space_name: ${{ env.DO_SPACE_NAME }}
space_region: ${{ env.DO_SPACE_REGION }}
cdn_domain: ${{ env.CDN_DOMAIN }}
source: bin/targets
out_dir: ${{ env.REPO_CHANNEL }}/${{ env.OWRT_VERSION }}/targets
- uses: BetaHuhn/do-spaces-action@v2
name: Publish packages inside the fixed repository
if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags') }}
with:
access_key: ${{ secrets.DO_SPACE_ACCESS_KEY }}
secret_key: ${{ secrets.DO_SPACE_SECRET_KEY }}
space_name: ${{ env.DO_SPACE_NAME }}
space_region: ${{ env.DO_SPACE_REGION }}
cdn_domain: ${{ env.CDN_DOMAIN }}
source: bin/packages
out_dir: ${{ env.REPO_CHANNEL }}/8-${{ env.VERSION }}/packages
- uses: BetaHuhn/do-spaces-action@v2
name: Publish images inside the fixed repository
if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags') }}
with:
access_key: ${{ secrets.DO_SPACE_ACCESS_KEY }}
secret_key: ${{ secrets.DO_SPACE_SECRET_KEY }}
space_name: ${{ env.DO_SPACE_NAME }}
space_region: ${{ env.DO_SPACE_REGION }}
cdn_domain: ${{ env.CDN_DOMAIN }}
source: bin/targets
out_dir: ${{ env.REPO_CHANNEL }}/8-${{ env.VERSION }}/targets
- uses: BetaHuhn/do-spaces-action@v2
name: Publish latest_release inside the repository
if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags') }}
with:
access_key: ${{ secrets.DO_SPACE_ACCESS_KEY }}
secret_key: ${{ secrets.DO_SPACE_SECRET_KEY }}
space_name: ${{ env.DO_SPACE_NAME }}
space_region: ${{ env.DO_SPACE_REGION }}
cdn_domain: ${{ env.CDN_DOMAIN }}
source: latest_release
out_dir: ${{ env.REPO_CHANNEL }}/
- id: issue_comment
name: Add comment for issue ready to be tested
if: ${{ github.ref == 'refs/heads/main' }}
run: |
tools/issue-comment
- id: bumper
name: Bump ns-packages
if: ${{ github.ref == 'refs/heads/main' }}
run: |
tools/package-bumper