Update Flatpak Repository #69
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Update Flatpak Repository | |
on: | |
workflow_run: | |
workflows: ["Flatpak Tagged Release", "Flatpak Build and Release"] | |
types: | |
- completed | |
# Add concurrency to prevent multiple runs from interfering with each other | |
concurrency: | |
group: "flatpak-repo-${{ github.ref }}" | |
cancel-in-progress: true | |
permissions: | |
contents: write | |
pages: write | |
id-token: write | |
actions: read | |
jobs: | |
update-repo: | |
permissions: | |
pages: write | |
id-token: write | |
contents: write | |
actions: read | |
environment: | |
name: github-pages | |
url: ${{ steps.deployment.outputs.page_url }} | |
runs-on: ubuntu-latest | |
if: ${{ github.event.workflow_run.conclusion == 'success' }} | |
steps: | |
- name: Checkout main repo | |
uses: actions/checkout@v4 | |
with: | |
repository: futrnostr/futr | |
path: futr | |
- name: Checkout flatpak repo | |
uses: actions/checkout@v4 | |
with: | |
repository: futrnostr/futr-flatpak | |
ref: gh-pages | |
token: ${{ secrets.TOKEN }} | |
fetch-depth: 0 | |
path: flatpak-repo | |
- name: Configure Git | |
run: | | |
git config --global user.name "GitHub Actions" | |
git config --global user.email "actions@github.com" | |
- name: Import GPG key | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
git_user_signingkey: true | |
git_commit_gpgsign: true | |
workdir: flatpak-repo | |
- name: Setup Flatpak and ostree | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y flatpak flatpak-builder ostree | |
- name: Download Flatpak Bundle | |
uses: dawidd6/action-download-artifact@v7 | |
with: | |
name: flatpak-bundle | |
path: . | |
workflow: ${{ github.event.workflow_run.workflow_id }} | |
run_id: ${{ github.event.workflow_run.id }} | |
- name: Create/Update Repository | |
env: | |
WORKFLOW_NAME: ${{ github.event.workflow_run.name }} | |
GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} | |
run: | | |
cd flatpak-repo | |
TARGET_REPO="" | |
if [[ "$WORKFLOW_NAME" == "Flatpak Tagged Release" ]]; then | |
TARGET_REPO="repo-stable" | |
else | |
TARGET_REPO="repo-continuous" | |
fi | |
# Remove existing repo if it exists | |
rm -rf "$TARGET_REPO" | |
# Initialize fresh repository | |
ostree init --mode=archive-z2 --repo=$TARGET_REPO | |
# Trust the key in the repository | |
echo "Setting up repository GPG trust..." | |
if [[ "$WORKFLOW_NAME" == "Flatpak Tagged Release" ]]; then | |
ostree --repo="$TARGET_REPO" remote add futr-stable https://flatpak.futrnostr.com/repo-stable | |
ostree --repo="$TARGET_REPO" remote gpg-import --stdin futr-stable < <(gpg --export $GPG_KEY_ID) | |
else | |
ostree --repo="$TARGET_REPO" remote add futr-continuous https://flatpak.futrnostr.com/repo-continuous | |
ostree --repo="$TARGET_REPO" remote gpg-import --stdin futr-continuous < <(gpg --export $GPG_KEY_ID) | |
fi | |
if [ -f "../futr.flatpak" ]; then | |
# Import the Flatpak bundle | |
echo "Importing bundle to $TARGET_REPO..." | |
flatpak build-import-bundle \ | |
--no-update-summary \ | |
--gpg-sign="$GPG_KEY_ID" \ | |
"$TARGET_REPO" ../futr.flatpak || exit 1 | |
# Update the repository properly | |
echo "Updating repository..." | |
flatpak build-update-repo "$TARGET_REPO" \ | |
--gpg-sign="$GPG_KEY_ID" \ | |
--generate-static-deltas \ | |
--prune \ | |
--prune-depth=20 \ | |
--static-delta-jobs=4 || exit 1 | |
# Debug: Check if commits are signed | |
echo "Checking repository signatures..." | |
ostree show --repo="$TARGET_REPO" app/com.futrnostr.futr/x86_64/master | |
# Verify repository contents | |
echo "Verifying repository structure..." | |
ostree summary --view --repo="$TARGET_REPO" | |
ls -la "$TARGET_REPO" | |
fi | |
- name: Create .flatpakrepo files | |
run: | | |
cd flatpak-repo | |
# Get public key in raw base64 format (no ASCII armor) | |
GPG_KEY=$(gpg --export --no-armor ${{ secrets.GPG_KEY_ID }} | base64 -w 0) | |
# Copy and update the repo files | |
for TYPE in continuous stable; do | |
cp "../futr/flatpak/futr-${TYPE}.flatpakrepo.template" "futr-${TYPE}.flatpakrepo" | |
sed -i "s|GPGKEY_PLACEHOLDER|${GPG_KEY}|g" "futr-${TYPE}.flatpakrepo" | |
done | |
- name: Commit Repository Updates | |
run: | | |
cd flatpak-repo | |
git add repo-stable repo-continuous *.flatpakrepo | |
if ! git commit -m "Update Flatpak repositories"; then | |
echo "::warning::No changes to commit" | |
fi | |
if ! git push origin gh-pages; then | |
echo "::error::Failed to push to gh-pages branch" | |
exit 1 | |
fi | |
- name: Setup Pages | |
uses: actions/configure-pages@v5 | |
with: | |
enablement: true | |
token: ${{ secrets.TOKEN }} | |
- name: Upload Repository | |
uses: actions/upload-pages-artifact@v3 | |
with: | |
path: '.' | |
- name: Deploy to GitHub Pages | |
id: deployment | |
uses: actions/deploy-pages@v4 | |
with: | |
token: ${{ secrets.TOKEN }} | |
- name: Create index.html | |
run: | | |
cd flatpak-repo | |
cat > index.html << EOF | |
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>Futr Flatpak Repository</title> | |
</head> | |
<body> | |
<h1>Futr Flatpak Repository</h1> | |
<h2>Stable Repository</h2> | |
<p>To add the stable repository:</p> | |
<pre>flatpak remote-add --if-not-exists futr-stable https://flatpak.futrnostr.com/futr-stable.flatpakrepo</pre> | |
<p>Or download the <a href="futr-stable.flatpakrepo">repository file</a>.</p> | |
<h2>Development Repository</h2> | |
<p>To add the development repository:</p> | |
<pre>flatpak remote-add --if-not-exists futr-continuous https://flatpak.futrnostr.com/futr-continuous.flatpakrepo</pre> | |
<p>Or download the <a href="futr-continuous.flatpakrepo">repository file</a>.</p> | |
</body> | |
</html> | |
EOF | |
git add index.html | |
- name: Commit index.html | |
run: | | |
cd flatpak-repo | |
if ! git commit -m "Update index.html"; then | |
echo "::warning::No changes to index.html" | |
fi | |
if ! git push origin gh-pages; then | |
echo "::error::Failed to push index.html to gh-pages branch" | |
exit 1 | |
fi | |
- name: Download appdata.xml | |
uses: dawidd6/action-download-artifact@v7 | |
with: | |
name: appdata-xml | |
workflow: ${{ github.event.workflow_run.workflow_id }} | |
run_id: ${{ github.event.workflow_run.id }} | |
path: temp | |
- name: Update Repository appdata.xml | |
run: | | |
cd flatpak-repo | |
REPO_TYPE="${{ github.event.workflow_run.name == 'Flatpak Tagged Release' && 'stable' || 'continuous' }}" | |
APPDATA="repo-${REPO_TYPE}/appstream/x86_64/appdata.xml" | |
# Create directory if it doesn't exist | |
mkdir -p "repo-${REPO_TYPE}/appstream/x86_64" | |
# Copy template if appdata.xml doesn't exist | |
if [ ! -f "$APPDATA" ]; then | |
cp "../futr/flatpak/com.futrnostr.futr.appdata.xml.template" "$APPDATA" | |
fi | |
# Get new release info from the artifact | |
NEW_RELEASE=$(grep -A 4 '<release' temp/flatpak/com.futrnostr.futr.appdata.xml | head -n 5) | |
# Create temporary file | |
TEMP_FILE=$(mktemp) | |
# Insert new release at the top of the releases section | |
awk -v new="$NEW_RELEASE" ' | |
/<releases>/ { | |
print $0 | |
print new | |
next | |
} | |
{print} | |
' "$APPDATA" > "$TEMP_FILE" | |
# Replace original file | |
mv "$TEMP_FILE" "$APPDATA" | |
# Add to git | |
git add "$APPDATA" | |
- name: Commit appdata changes | |
run: | | |
cd flatpak-repo | |
if ! git commit -m "Update appdata.xml"; then | |
echo "::warning::No changes to appdata.xml" | |
fi | |
if ! git push origin gh-pages; then | |
echo "::error::Failed to push appdata.xml to gh-pages branch" | |
exit 1 | |
fi |