Skip to content

.github/workflows: Update actions #131

.github/workflows: Update actions

.github/workflows: Update actions #131

Workflow file for this run

name: CI
on:
push:
branches:
- master
- feature/ci
tags:
- v[0-9]+.*
- testing-ci.*
pull_request:
jobs:
lint:
name: Clippy
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install rust
run: |
rustup update stable && rustup default stable
rustup component add clippy
- name: Install dependencies
run: sudo apt-get install libdbus-1-dev
- name: Run clippy
run: cargo clippy --all --all-features -- -Dwarnings
test:
name: Test
runs-on: ubuntu-latest
strategy:
matrix:
toolchain: [stable, nightly]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install rust
run: rustup update ${{ matrix.toolchain }} && rustup default ${{ matrix.toolchain }}
- name: Install dependencies
run: sudo apt-get install libdbus-1-dev
- name: Build
run: cargo build --all
- name: Test
run: cargo test --all
build-bin:
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/')
name: Build binary package
runs-on: ubuntu-20.04
needs: [lint, test]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install rust
run: rustup update stable && rustup default stable
- name: Install dependencies
run: sudo apt-get install libdbus-1-dev
- name: Build package
run: ./pkg/bin/makebin
- name: Prepare release
run: mkdir release && mv pkg/bin/*.tar.xz release
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: binary-latest
path: release
build-deb:
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/')
name: Build deb package
runs-on: ubuntu-20.04
needs: [lint, test]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install rust
run: rustup update stable && rustup default stable
- name: Install dependencies
run: sudo apt-get install debhelper fakeroot dpkg-sig libdbus-1-dev
- name: Build package
run: ./pkg/deb/makedeb
- name: Sign package
env:
GPG_KEY_ID: 56C464BAAC421453
GPG_KEY: ${{ secrets.LINUX_SURFACE_GPG_KEY }}
run: |
# import GPG key
echo "$GPG_KEY" | base64 -d | gpg --import --no-tty --batch --yes
export GPG_TTY=$(tty)
# sign package
cd pkg/deb && dpkg-sig -g "--batch --no-tty" --sign builder -k $GPG_KEY_ID ./*.deb
- name: Prepare release
run: mkdir release && mv pkg/deb/*.deb release
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: debian-latest
path: release
build-f39:
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/')
name: Build Fedora 39 package
runs-on: ubuntu-latest
needs: [lint, test]
container:
image: registry.fedoraproject.org/fedora:39
options: --security-opt seccomp=unconfined
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install build dependencies
run: |
dnf distro-sync -y
dnf install -y rpmdevtools rpm-sign 'dnf-command(builddep)'
dnf builddep -y pkg/fedora/surface-dtx-daemon.spec
- name: Build package
run: |
cd pkg/fedora
# Build the .rpm packages
./makerpm
- name: Sign packages
env:
GPG_KEY_ID: 56C464BAAC421453
GPG_KEY: ${{ secrets.LINUX_SURFACE_GPG_KEY }}
run: |
cd pkg/fedora/out/x86_64
# import GPG key
echo "$GPG_KEY" | base64 -d | gpg --import --no-tty --batch --yes
# sign package
rpm --resign *.rpm --define "_gpg_name $GPG_KEY_ID"
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: fedora-39-latest
path: pkg/fedora/out/x86_64
build-f40:
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/')
name: Build Fedora 40 package
runs-on: ubuntu-latest
needs: [lint, test]
container:
image: registry.fedoraproject.org/fedora:40
options: --security-opt seccomp=unconfined
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install build dependencies
run: |
dnf distro-sync -y
dnf install -y rpmdevtools rpm-sign 'dnf-command(builddep)'
dnf builddep -y pkg/fedora/surface-dtx-daemon.spec
- name: Build package
run: |
cd pkg/fedora
# Build the .rpm packages
./makerpm
- name: Sign packages
env:
GPG_KEY_ID: 56C464BAAC421453
GPG_KEY: ${{ secrets.LINUX_SURFACE_GPG_KEY }}
run: |
cd pkg/fedora/out/x86_64
# import GPG key
echo "$GPG_KEY" | base64 -d | gpg --import --no-tty --batch --yes
# sign package
rpm --resign *.rpm --define "_gpg_name $GPG_KEY_ID"
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: fedora-40-latest
path: pkg/fedora/out/x86_64
build-f41:
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/')
name: Build Fedora 41 package
runs-on: ubuntu-latest
needs: [lint, test]
container:
image: registry.fedoraproject.org/fedora:41
options: --security-opt seccomp=unconfined
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install build dependencies
run: |
dnf distro-sync -y
dnf install -y rpmdevtools rpm-sign 'dnf-command(builddep)'
dnf builddep -y pkg/fedora/surface-dtx-daemon.spec
- name: Build package
run: |
cd pkg/fedora
# Build the .rpm packages
./makerpm
- name: Sign packages
env:
GPG_KEY_ID: 56C464BAAC421453
GPG_KEY: ${{ secrets.LINUX_SURFACE_GPG_KEY }}
run: |
cd pkg/fedora/out/x86_64
# import GPG key
echo "$GPG_KEY" | base64 -d | gpg --import --no-tty --batch --yes
# sign package
rpm --resign *.rpm --define "_gpg_name $GPG_KEY_ID"
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: fedora-41-latest
path: pkg/fedora/out/x86_64
release:
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/')
name: Publish release
needs: [build-bin, build-deb, build-f39, build-f40, build-f41]
runs-on: ubuntu-latest
steps:
- name: Download binary artifacts
uses: actions/download-artifact@v4
with:
name: binary-latest
path: binary-latest
- name: Download Debian artifacts
uses: actions/download-artifact@v4
with:
name: debian-latest
path: debian-latest
- name: Download Fedora 39 artifacts
uses: actions/download-artifact@v4
with:
name: fedora-39-latest
path: fedora-39-latest
- name: Download Fedora 40 artifacts
uses: actions/download-artifact@v4
with:
name: fedora-40-latest
path: fedora-40-latest
- name: Download Fedora 41 artifacts
uses: actions/download-artifact@v4
with:
name: fedora-41-latest
path: fedora-41-latest
- name: Upload assets
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ./*-latest/*
tag: ${{ github.ref }}
overwrite: true
file_glob: true
repo-deb:
name: Update Debian package repository
needs: [release]
runs-on: ubuntu-latest
container: debian:sid
steps:
- name: Install dependencies
run: |
apt-get update
apt-get install -y git
- name: Download artifacts
uses: actions/download-artifact@v4
with:
name: debian-latest
path: debian-latest
- name: Update repository
env:
SURFACEBOT_TOKEN: ${{ secrets.LINUX_SURFACE_BOT_TOKEN }}
BRANCH_STAGING: u/staging
GIT_REF: ${{ github.ref }}
run: |
repo="https://surfacebot:${SURFACEBOT_TOKEN}@github.com/linux-surface/repo.git"
# clone package repository
git clone -b "${BRANCH_STAGING}" "${repo}" repo
# copy packages
cp debian-latest/* repo/debian/
cd repo/debian
# parse git tag from ref
GIT_TAG=$(echo $GIT_REF | sed 's|^refs/tags/||g')
# convert packages into references
for pkg in $(find . -name '*.deb'); do
echo "surface-dtx-daemon:$GIT_TAG/$(basename $pkg)" > $pkg.blob
rm $pkg
done
# set git identity
git config --global user.email "[email protected]"
git config --global user.name "surfacebot"
# commit and push
update_branch="${BRANCH_STAGING}-$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
git switch -c "${update_branch}"
git add .
git commit -m "Update Debian DTX daemon"
git push --set-upstream origin "${update_branch}"
repo-f39:
name: Update Fedora 39 package repository
needs: [release]
runs-on: ubuntu-latest
container:
image: registry.fedoraproject.org/fedora:39
options: --security-opt seccomp=unconfined
steps:
- name: Install dependencies
run: |
dnf install -y git findutils
- name: Download artifacts
uses: actions/download-artifact@v4
with:
name: fedora-39-latest
path: fedora-39-latest
- name: Update repository
env:
SURFACEBOT_TOKEN: ${{ secrets.LINUX_SURFACE_BOT_TOKEN }}
BRANCH_STAGING: u/staging
GIT_REF: ${{ github.ref }}
run: |
repo="https://surfacebot:${SURFACEBOT_TOKEN}@github.com/linux-surface/repo.git"
# clone package repository
git clone -b "${BRANCH_STAGING}" "${repo}" repo
# copy packages
cp fedora-39-latest/* repo/fedora/f39
cd repo/fedora/f39
# parse git tag from ref
GIT_TAG=$(echo $GIT_REF | sed 's|^refs/tags/||g')
# convert packages into references
for pkg in $(find . -name '*.rpm'); do
echo "surface-dtx-daemon:$GIT_TAG/$(basename $pkg)" > $pkg.blob
rm $pkg
done
# set git identity
git config --global user.email "[email protected]"
git config --global user.name "surfacebot"
# commit and push
update_branch="${BRANCH_STAGING}-$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
git checkout -b "${update_branch}"
git add .
git commit -m "Update Fedora 39 DTX daemon"
git push --set-upstream origin "${update_branch}"
repo-f40:
name: Update Fedora 40 package repository
needs: [release]
runs-on: ubuntu-latest
container:
image: registry.fedoraproject.org/fedora:40
options: --security-opt seccomp=unconfined
steps:
- name: Install dependencies
run: |
dnf install -y git findutils
- name: Download artifacts
uses: actions/download-artifact@v4
with:
name: fedora-40-latest
path: fedora-40-latest
- name: Update repository
env:
SURFACEBOT_TOKEN: ${{ secrets.LINUX_SURFACE_BOT_TOKEN }}
BRANCH_STAGING: u/staging
GIT_REF: ${{ github.ref }}
run: |
repo="https://surfacebot:${SURFACEBOT_TOKEN}@github.com/linux-surface/repo.git"
# clone package repository
git clone -b "${BRANCH_STAGING}" "${repo}" repo
# copy packages
cp fedora-40-latest/* repo/fedora/f40
cd repo/fedora/f40
# parse git tag from ref
GIT_TAG=$(echo $GIT_REF | sed 's|^refs/tags/||g')
# convert packages into references
for pkg in $(find . -name '*.rpm'); do
echo "surface-dtx-daemon:$GIT_TAG/$(basename $pkg)" > $pkg.blob
rm $pkg
done
# set git identity
git config --global user.email "[email protected]"
git config --global user.name "surfacebot"
# commit and push
update_branch="${BRANCH_STAGING}-$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
git checkout -b "${update_branch}"
git add .
git commit -m "Update Fedora 40 DTX daemon"
git push --set-upstream origin "${update_branch}"
repo-f41:
name: Update Fedora 41 package repository
needs: [release]
runs-on: ubuntu-latest
container:
image: registry.fedoraproject.org/fedora:41
options: --security-opt seccomp=unconfined
steps:
- name: Install dependencies
run: |
dnf install -y git findutils
- name: Download artifacts
uses: actions/download-artifact@v4
with:
name: fedora-41-latest
path: fedora-41-latest
- name: Update repository
env:
SURFACEBOT_TOKEN: ${{ secrets.LINUX_SURFACE_BOT_TOKEN }}
BRANCH_STAGING: u/staging
GIT_REF: ${{ github.ref }}
run: |
repo="https://surfacebot:${SURFACEBOT_TOKEN}@github.com/linux-surface/repo.git"
# clone package repository
git clone -b "${BRANCH_STAGING}" "${repo}" repo
# copy packages
cp fedora-41-latest/* repo/fedora/f41
cd repo/fedora/f41
# parse git tag from ref
GIT_TAG=$(echo $GIT_REF | sed 's|^refs/tags/||g')
# convert packages into references
for pkg in $(find . -name '*.rpm'); do
echo "surface-dtx-daemon:$GIT_TAG/$(basename $pkg)" > $pkg.blob
rm $pkg
done
# set git identity
git config --global user.email "[email protected]"
git config --global user.name "surfacebot"
# commit and push
update_branch="${BRANCH_STAGING}-$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
git checkout -b "${update_branch}"
git add .
git commit -m "Update Fedora 41 DTX daemon"
git push --set-upstream origin "${update_branch}"