Skip to content

Commit

Permalink
Merge pull request #5462 from AenBleidd/vko_build_linux_packages_for_…
Browse files Browse the repository at this point in the history 
…pr_and_on_master_without_publishing

[CI] Build linux packages for PRs and on master branch without publishing, publishing is available for schedules builds from master (nightly) and builds on client_release tag created
  • Loading branch information
@AenBleidd
AenBleidd authored Dec 18, 2023
2 parents 62275b1 + 1a64935 commit e71e301
Showing 1 changed file with 69 additions and 56 deletions.
125 changes: 69 additions & 56 deletions .github/workflows/linux-package.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,10 @@
name: Linux Package
on:
push:
branches: [ 'master' ]
tags: [ 'client_release/**' ]
pull_request:
branches: [ master ]
schedule:
- cron: '0 0 * * *'

Expand All @@ -29,6 +32,8 @@ concurrency:
env:
AWS_ACCESS_KEY_ID: ${{ secrets.S3_ACCESS_KEY }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.S3_SECRET_KEY }}
REPO_PRIV_KEY: ${{ secrets.REPO_PRIV_KEY }}
REPO_KEY: ${{ secrets.REPO_KEY }}
AWS_DEFAULT_REGION: us-west-2
PUBKEY: boinc.gpg # keep extension
MANTAINER: Vitalii Koshura <lestat.de.lionkur@gmail.com>
Expand Down Expand Up @@ -67,14 +72,20 @@ jobs:
- name: Install dependencies
run: |
apt-get -qq update
apt-get install -y autopoint make build-essential m4 pkg-config autoconf libtool git python3 python3-distutils curl zip unzip tar bison p7zip-full libx11-dev libxft-dev libxext-dev libdbus-1-dev libxi-dev libxtst-dev libxrandr-dev libnotify-dev
apt-get install -y autopoint make build-essential m4 pkg-config autoconf libtool git python3 python3-distutils python3-pip curl zip unzip tar bison p7zip-full libx11-dev libxft-dev libxext-dev libdbus-1-dev libxi-dev libxtst-dev libxrandr-dev libnotify-dev
- name: Install aws cli tool
run: |
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
./aws/install
- name: Update Python packages to build Manager
if: success() && matrix.type == 'manager'
run: |
pip3 install -U --user pip
pip3 install --user jinja2
- name: Automake
if: success()
run: ./_autosetup
Expand Down Expand Up @@ -115,7 +126,6 @@ jobs:

build-deb-package:
name: Build DEB Package
if: github.repository == 'BOINC/boinc'
runs-on: ubuntu-latest
needs: prepare-binaries
strategy:
Expand All @@ -126,23 +136,13 @@ jobs:
env:
ARCH: amd64
steps:
- name: Check if build is running from origin repo
if: ${{ success() && env.AWS_ACCESS_KEY_ID != 0 && env.AWS_SECRET_ACCESS_KEY != 0 }}
run: |
echo "SKIP_RUN=0" >> $GITHUB_ENV
- name: Check if build is running from fork
if: ${{ success() && (env.AWS_ACCESS_KEY_ID == 0 || env.AWS_SECRET_ACCESS_KEY == 0) }}
run: |
echo "SKIP_RUN=1" >> $GITHUB_ENV
- uses: actions/checkout@v3
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
with:
fetch-depth: 2

- name: Packages info preparation
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
run: |
PKG_VERSION=$(cat version.h | grep BOINC_VERSION_STRING | sed -e 's|#define BOINC_VERSION_STRING||' | jq -r .)
if [[ "x${PKG_VERSION}" == "x" ]]; then
Expand All @@ -166,21 +166,21 @@ jobs:
echo "Key file: ${{ env.PUBKEY }}"
- name: Download
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
uses: actions/download-artifact@v3
with:
name: linux-package_${{ matrix.type }}_${{ github.event.pull_request.head.sha }}
path: pkgs/

- name: Prepare package
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
run: |
ls -l pkgs/
mkdir ${PKG_FULL}
${{ github.workspace }}/.github/workflows/debrepo/package_prepare.sh "${PKG_FULL}" "linux_${{ matrix.type }}"
- name: Prepare package definition
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
run: |
# Derive the package dependencies for the selected package / os / release combination selected
cd ${{ github.workspace }}/.github/workflows/debrepo/
Expand All @@ -204,35 +204,34 @@ jobs:
echo "------------------------"
- name: Create Ubuntu Package
if: ${{ success() && env.SKIP_RUN == 0 && ( matrix.os == 'jammy' || matrix.os == 'focal') }}
if: ${{ success() && ( matrix.os == 'jammy' || matrix.os == 'focal') }}
run: |
cd ${{ github.workspace }}/
# Build the actual package for Ubuntu with XZ compression
dpkg-deb -Zxz --build "${{ github.workspace }}/${PKG_FULL}"
- name: Create Debian Package
if: ${{ success() && env.SKIP_RUN == 0 && ( matrix.os == 'bullseye' || matrix.os == 'buster') }}
if: ${{ success() && ( matrix.os == 'bullseye' || matrix.os == 'buster') }}
run: |
cd ${{ github.workspace }}/
# Build the actual package for Debian with GZIP compression
dpkg-deb -Zgzip --build "${{ github.workspace }}/${PKG_FULL}"
- name: Get info from generated package
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
run: |
# Get info from the generated package
dpkg-deb --info "${{ github.workspace }}/${PKG_FULL}.deb"
- name: Upload artifacts
uses: actions/upload-artifact@v3
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
with:
name: linux-package_${{ matrix.type }}_${{ matrix.os }}_${{ github.event.pull_request.head.sha }}
path: ${{ github.workspace }}/${{ env.PKG_FULL }}.deb

build-rpm-package:
name: Build RPM Package
if: github.repository == 'BOINC/boinc'
runs-on: ubuntu-latest
container:
image: fedora:38
Expand All @@ -244,31 +243,23 @@ jobs:
fail-fast: false
env:
ARCH: x86_64
PUBKEY_HASH: D4460B4F0EEDE2C0662092F640254C9B29853EA6
steps:
- name: Check if build is running from origin repo
if: ${{ success() && env.AWS_ACCESS_KEY_ID != 0 && env.AWS_SECRET_ACCESS_KEY != 0 }}
run: |
echo "SKIP_RUN=0" >> $GITHUB_ENV
- name: Check if build is running from fork
if: ${{ success() && (env.AWS_ACCESS_KEY_ID == 0 || env.AWS_SECRET_ACCESS_KEY == 0) }}
run: |
echo "SKIP_RUN=1" >> $GITHUB_ENV
- uses: actions/checkout@v3
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
with:
fetch-depth: 2

- name: DNF Preparation
id: dnf-prep
if: success()
run: |
sudo echo "max_parallel_downloads=10" >> /etc/dnf/dnf.conf
sudo echo "fastestmirror=True" >> /etc/dnf/dnf.conf
sudo dnf install -y wget rpm rpm-build rpm-sign expect createrepo_c dnf-utils jq p7zip-plugins
- name: Packages info preparation
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
run: |
PKG_VERSION=$(cat version.h | grep BOINC_VERSION_STRING | sed -e 's|#define BOINC_VERSION_STRING||' | jq -r .)
if [[ "x${PKG_VERSION}" == "x" ]]; then
Expand All @@ -292,27 +283,50 @@ jobs:
echo "Key file: ${{ env.PUBKEY }}"
- name: Download
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
uses: actions/download-artifact@v3
with:
name: linux-package_${{ matrix.type }}_${{ github.event.pull_request.head.sha }}
path: pkgs/

- name: Create RPM folder
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
run: |
mkdir ${PKG_FULL}
.github/workflows/rpmrepo/package_prepare.sh "${PKG_FULL}" "linux_${{ matrix.type }}"
- name: Setup gpg keys
if: ${{ success() && env.SKIP_RUN == 0 }}
if: ${{ success() && env.REPO_PRIV_KEY != 0 && env.REPO_KEY != 0 }}
run: |
echo "${{ secrets.REPO_PRIV_KEY }}" > boinc.priv.key
echo "${{ secrets.REPO_KEY }}" > boinc.pub.key
echo "${{ env.REPO_PRIV_KEY }}" > boinc.priv.key
echo "${{ env.REPO_KEY }}" > boinc.pub.key
cp "boinc.pub.key" "${{ env.PUBKEY }}"
- name: Setup test gpg keys
if: ${{ success() && (env.REPO_PRIV_KEY == 0 || env.REPO_KEY == 0) }}
run: |
gpg --batch --gen-key <<EOF
Key-Type: RSA
Key-Length: 2048
Subkey-Type: RSA
Subkey-Length: 2048
Name-Real: BOINC Test
Name-Comment: BOINC Test
Name-Email: boinc@test.com
Expire-Date: 0
%no-ask-passphrase
%no-protection
EOF
echo "List keys"
gpg --list-keys
echo "Export keys"
gpg --export --armor > boinc.pub.key
gpg --export-secret-keys --armor > boinc.priv.key
echo "PUBKEY_HASH=$(gpg --list-keys | grep -Eo '([0-9A-F]{40})')" >> $GITHUB_ENV
cp "boinc.pub.key" "${{ env.PUBKEY }}"
- name: Create RPM Definition
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
run: |
# Derive the package dependencies for the selected package / os / release combination selected
PKG_DEPS=$(bash .github/workflows/rpmrepo/package_depends.sh ${{ matrix.os }} linux_${{ matrix.type }})
Expand Down Expand Up @@ -353,7 +367,7 @@ jobs:
echo "------------------------"
- name: Build RPM Package
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
run: |
export GPG_TTY=$(tty) # fixes gpg signing
Expand Down Expand Up @@ -390,7 +404,7 @@ jobs:
- name: Upload artifacts
uses: actions/upload-artifact@v3
if: ${{ success() && env.SKIP_RUN == 0 }}
if: success()
with:
name: linux-package_${{ matrix.type }}_${{ matrix.os }}_${{ github.event.pull_request.head.sha }}
path: rpmbuild/RPMS/${{ env.ARCH }}/${{ env.PKG_FULL }}.rpm
Expand All @@ -406,12 +420,12 @@ jobs:
fail-fast: false
steps:
- name: Check if build is running from origin repo
if: ${{ success() && env.AWS_ACCESS_KEY_ID != 0 && env.AWS_SECRET_ACCESS_KEY != 0 }}
if: ${{ success() && env.REPO_PRIV_KEY != 0 && env.REPO_KEY != 0 }}
run: |
echo "SKIP_RUN=0" >> $GITHUB_ENV
- name: Check if build is running from fork
if: ${{ success() && (env.AWS_ACCESS_KEY_ID == 0 || env.AWS_SECRET_ACCESS_KEY == 0) }}
if: ${{ success() && (env.REPO_PRIV_KEY == 0 || env.REPO_KEY == 0) }}
run: |
echo "SKIP_RUN=1" >> $GITHUB_ENV
Expand All @@ -433,8 +447,8 @@ jobs:
- name: Setup GPG keys
if: ${{ success() && env.SKIP_RUN == 0 }}
run: |
echo "${{ secrets.REPO_PRIV_KEY }}" > ${{ github.workspace }}/boinc.priv.key
echo "${{ secrets.REPO_KEY }}" > ${{ github.workspace }}/boinc.pub.key
echo "${{ env.REPO_PRIV_KEY }}" > ${{ github.workspace }}/boinc.priv.key
echo "${{ env.REPO_KEY }}" > ${{ github.workspace }}/boinc.pub.key
cp "${{ github.workspace }}/boinc.pub.key" "${{ github.workspace }}/${{ env.PUBKEY }}"
- name: Download client
Expand All @@ -456,16 +470,15 @@ jobs:
echo "RELEASE_TYPE=${RELEASE_TYPE}" >> $GITHUB_ENV
- name: Check if Release type is nightly
if: ${{ success() && env.SKIP_RUN == 0 && github.ref == 'refs/heads/master' }}
if: ${{ success() && env.SKIP_RUN == 0 && github.ref == 'refs/heads/master' && github.event_name == 'schedule' }}
run: |
RELEASE_TYPE=nightly
echo "RELEASE_TYPE=${RELEASE_TYPE}" >> $GITHUB_ENV
- name: Check if Release type is not set
if: ${{ success() && env.SKIP_RUN == 0 && env.RELEASE_TYPE == 0 }}
run: |
RELEASE_TYPE=nightly
echo "RELEASE_TYPE=${RELEASE_TYPE}" >> $GITHUB_ENV
echo "SKIP_RUN=1" >> $GITHUB_ENV
- name: Update or create the repository using aptly
if: ${{ success() && env.SKIP_RUN == 0 }}
Expand Down Expand Up @@ -503,12 +516,12 @@ jobs:
PUBKEY_HASH: D4460B4F0EEDE2C0662092F640254C9B29853EA6
steps:
- name: Check if build is running from origin repo
if: ${{ success() && env.AWS_ACCESS_KEY_ID != 0 && env.AWS_SECRET_ACCESS_KEY != 0 }}
if: ${{ success() && env.REPO_PRIV_KEY != 0 && env.REPO_KEY != 0 }}
run: |
echo "SKIP_RUN=0" >> $GITHUB_ENV
- name: Check if build is running from fork
if: ${{ success() && (env.AWS_ACCESS_KEY_ID == 0 || env.AWS_SECRET_ACCESS_KEY == 0) }}
if: ${{ success() && (env.REPO_PRIV_KEY == 0 || env.REPO_KEY == 0) }}
run: |
echo "SKIP_RUN=1" >> $GITHUB_ENV
Expand All @@ -519,6 +532,7 @@ jobs:

- name: DNF Preparation
id: dnf-prep
if: ${{ success() && env.SKIP_RUN == 0 }}
run: |
sudo echo "max_parallel_downloads=10" >> /etc/dnf/dnf.conf
sudo echo "fastestmirror=True" >> /etc/dnf/dnf.conf
Expand All @@ -527,8 +541,8 @@ jobs:
- name: Setup GPG keys
if: ${{ success() && env.SKIP_RUN == 0 }}
run: |
echo "${{ secrets.REPO_PRIV_KEY }}" > boinc.priv.key
echo "${{ secrets.REPO_KEY }}" > boinc.pub.key
echo "${{ env.REPO_PRIV_KEY }}" > boinc.priv.key
echo "${{ env.REPO_KEY }}" > boinc.pub.key
cp "boinc.pub.key" "${{ env.PUBKEY }}"
# keyring prepare
gpg --import "boinc.pub.key"
Expand All @@ -555,16 +569,15 @@ jobs:
echo "RELEASE_TYPE=${RELEASE_TYPE}" >> $GITHUB_ENV
- name: Check if Release type is nightly
if: ${{ success() && env.SKIP_RUN == 0 && github.ref == 'refs/heads/master' }}
if: ${{ success() && env.SKIP_RUN == 0 && github.ref == 'refs/heads/master' && github.event_name == 'schedule' }}
run: |
RELEASE_TYPE=nightly
echo "RELEASE_TYPE=${RELEASE_TYPE}" >> $GITHUB_ENV
- name: Check if Release type is not set
if: ${{ success() && env.SKIP_RUN == 0 && env.RELEASE_TYPE == 0 }}
run: |
RELEASE_TYPE=nightly
echo "RELEASE_TYPE=${RELEASE_TYPE}" >> $GITHUB_ENV
echo "SKIP_RUN=1" >> $GITHUB_ENV
- name: Update or create the repository
if: ${{ success() && env.SKIP_RUN == 0 }}
Expand Down

0 comments on commit e71e301

Please sign in to comment.