CI #372
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
# Controls when the workflow will run | |
on: | |
schedule: | |
- cron: '0 0 * * WED' | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
jobs: | |
# This workflow contains a single job called "build" | |
init: | |
runs-on: ubuntu-latest | |
container: ghcr.io/kreatolinux/builder | |
outputs: | |
matrix: ${{ steps.set-matrix.outputs.matrix }} | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- uses: actions/checkout@v4 | |
- name: Initialize chkupd | |
id: set-matrix | |
run: | | |
rm -rf src | |
git clone https://github.com/kreatolinux/src | |
cd src | |
sed -i s/stable/master/g Makefile | |
nimble install cligen fuzzy nimcrypto -y | |
./build.sh -d -p "chkupd" | |
mv out/chkupd /tmp/ | |
cd .. | |
rm -rf src | |
cd /tmp/ | |
./chkupd generateJson --limit 250 --repo="$GITHUB_WORKSPACE" --output="/tmp/out1.json" | |
echo "matrix=$(cat /tmp/out1.json)" >> $GITHUB_OUTPUT | |
- uses: actions/upload-artifact@master | |
with: | |
name: chkupd-bin | |
path: /tmp/chkupd | |
#- name: | |
#- name: Check all packages against Arch Repositories | |
#run: | | |
#export DOCKER_DEFAULT_PLATFORM=linux/amd64 | |
#cd /tmp/ | |
#./chkupd checkAll --jsonPath=/tmp/chkupd.json --backend="arch" --repo="$GITHUB_WORKSPACE" | |
#echo "# Arch check results" >> /tmp/chkupd.md | |
#./out/chkupd jsonToMd /tmp/chkupd.json >> /tmp/chkupd.md | |
#rm -rf chkupd | |
#- name: Create Pull Request | |
#uses: peter-evans/create-pull-request@v5.0.2 | |
#with: | |
#commit-message: "[CI] Automated update by chkupd" | |
build: | |
needs: init | |
runs-on: ubuntu-latest | |
container: | |
image: ghcr.io/kreatolinux/builder-repo #-gnu # builder-gnu doesn't work yet, see TODO in kpkg/modules/isolation | |
options: --privileged -v /:/opt/host | |
strategy: | |
fail-fast: false | |
matrix: ${{fromJson(needs.init.outputs.matrix)}} | |
permissions: | |
contents: write | |
steps: | |
- name: Remove useless directories | |
run: | | |
for i in /opt/host/$AGENT_TOOLSDIRECTORY /opt/host/opt/google/chrome /opt/host/opt/microsoft/msedge /opt/host/opt/microsoft/powershell /opt/host/opt/pipx /opt/host/usr/lib/mono /opt/host/usr/local/julia* /opt/host/usr/local/lib/android /opt/host/usr/local/lib/node_modules /opt/host/usr/local/share/chromium /opt/host/usr/local/share/powershell /opt/host/usr/share/dotnet /opt/host/usr/share/swift; do | |
rm -rf $i || true | |
done | |
env: | |
AGENT_TOOLSDIRECTORY: ${{ runner.tool_cache }} | |
- uses: actions/download-artifact@v4 | |
with: | |
name: kpkg-amd64-linux-debug | |
path: /tmp/kpkg-bin | |
github-token: ${{ secrets.GH_PAT }} # token with actions:read permissions on target repo | |
repository: kreatolinux/src | |
run-id: 11897398646 # TODO: Automatically update to latest nightly | |
- uses: actions/download-artifact@v4 | |
with: | |
name: chkupd-bin | |
path: /tmp/chkupd | |
- uses: actions/checkout@v4 | |
- name: Build packages | |
run: | | |
. /etc/profile | |
chmod +x /tmp/chkupd/chkupd | |
chmod +x /tmp/kpkg-bin/kpkg | |
mkdir -p /etc/kpkg/repos/main | |
mount --bind "$GITHUB_WORKSPACE" /etc/kpkg/repos/main | |
for package in ${{ matrix.packages }}; do | |
grep "NO_CHKUPD=" "$GITHUB_WORKSPACE/$package/run" > /tmp/sourced_chkupd || NO_CHKUPD=false | |
. /tmp/sourced_chkupd | |
case $NO_CHKUPD in | |
"y" | "yes" | "true" | "1" | "on") | |
echo "no_chkupd enabled on $package" | |
echo "skipping autoupdate" | |
;; | |
*) | |
/tmp/chkupd/chkupd repologyCheck --package="$package" --repo="$GITHUB_WORKSPACE" --autoUpdate=true | |
;; | |
esac | |
unset NO_CHKUPD | |
rm -f /tmp/sourced_chkupd | |
done | |
#kpkg upgrade --yes || true | |
/tmp/kpkg-bin/kpkg clean --binaries=true --environment=true | |
IS_USELESS="true" | |
for package in ${{ matrix.packages }}; do | |
/tmp/kpkg-bin/kpkg install "$package" -y --downloadOnly || IS_USELESS="false" | |
done | |
git config --system --add safe.directory '*' | |
if [ "$IS_USELESS" = "true" ]; then | |
mkdir -p /var/cache/kpkg/archives | |
touch /var/cache/kpkg/archives/IS_USELESS | |
exit 0 | |
fi | |
/tmp/kpkg-bin/kpkg build ${{ matrix.packages }} --yes --ignorePostInstall --forceInstallAll=true | |
#echo RANDOM_ID=$(cat /dev/urandom | tr -dc '[:alpha:]' | fold -w ${1:-20} | head -n 1) >> $GITHUB_ENV | |
cd "$GITHUB_WORKSPACE" | |
git pull | |
git status | |
- name: Install Tailscale | |
uses: tailscale/github-action@v2 | |
with: | |
oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }} | |
oauth-secret: ${{ secrets.TS_OAUTH_SECRET }} | |
tags: tag:ci | |
version: 1.76.0 | |
- name: Upload to server through rsync | |
env: | |
SSH_URL: ${{ secrets.SSH_URL }} | |
SSH_USER: ${{ secrets.SSH_USER }} | |
RSYNC_RSH: "ssh -o StrictHostKeychecking=no" | |
run: | | |
if [ -f "/var/cache/kpkg/archives/IS_USELESS" ]; then | |
exit 0 | |
fi | |
ping -c 4 "$SSH_URL" | |
rsync -avc /var/cache/kpkg/archives/ $SSH_USER@$SSH_URL:/var/cache/kpkg/archives/ | |
rsync -avc /var/cache/kpkg/sources/ $SSH_USER@$SSH_URL:/var/cache/kpkg/sources/ | |
#- uses: actions/upload-artifact@v4 | |
# with: | |
# name: packages-${{ env.RANDOM_ID }} | |
# path: /var/cache/kpkg/archives/arch | |
# retention-days: 2 | |
- uses: stefanzweifel/git-auto-commit-action@v5 | |
with: | |
commit_message: Apply auto-update through chkupd |