121 lines
4.0 KiB
YAML
121 lines
4.0 KiB
YAML
---
|
|
name: "Arch Build"
|
|
description: "Build and push package to MinIO"
|
|
author: Yi-Ting Shih <ytshih@it.cs.nycu.edu.tw>
|
|
|
|
inputs:
|
|
context:
|
|
description: "The context of the build environment"
|
|
required: false
|
|
default: .
|
|
gpg-password:
|
|
description: "Password of the gpg secret key to sign the package"
|
|
required: false
|
|
default: 'none'
|
|
gpg-keygrip:
|
|
description: "KeyGrip of the gpg secret key to sign the package"
|
|
required: false
|
|
default: 'none'
|
|
repo-name:
|
|
description: "The repo name to be pushed to"
|
|
required: false
|
|
default: custom
|
|
minio-endpoint:
|
|
description: "MinIO endpoint"
|
|
required: false
|
|
default: http://minio.konchin.com
|
|
minio-bucket:
|
|
description: "MinIO bucket"
|
|
required: false
|
|
default: archrepo
|
|
minio-accesskey:
|
|
description: "MinIO access key"
|
|
required: true
|
|
minio-secretkey:
|
|
description: "MinIO secret key"
|
|
required: true
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4.2.2
|
|
|
|
- name: Update packages
|
|
run: |
|
|
sudo pacman -Syu --needed --noconfirm
|
|
sudo paccache -r -k 0
|
|
|
|
- name: Build package
|
|
run: |
|
|
cd "${{ inputs.context }}"
|
|
|
|
PATH="$PATH:/usr/bin/site_perl:/usr/bin/vendor_perl:/usr/bin/core_perl"
|
|
if [[ "${{ inputs.gpg-password }}" != 'none' ]]; then
|
|
eval $(gpg-agent --daemon) && \
|
|
echo "${{ inputs.gpg-password }}" | \
|
|
/usr/lib/gnupg/gpg-preset-passphrase --preset "${{ inputs.gpg-keygrip }}" && \
|
|
makepkg -sc --needed --noconfirm --sign
|
|
|
|
killall -u "$(id -un)" gpg-agent || true
|
|
else
|
|
makepkg -sc --needed --noconfirm
|
|
fi
|
|
|
|
- name: Setup MinIO
|
|
run: |
|
|
mcli alias set m "${{ inputs.minio-endpoint }}" \
|
|
"${{ inputs.minio-accesskey }}" "${{ inputs.minio-secretkey }}"
|
|
echo "Set endpoint to ${{ inputs.minio-endpoint }}"
|
|
|
|
- name: Copy repo db from MinIO
|
|
run: |
|
|
mkdir repo
|
|
|
|
mcli cp "m/${{ inputs.minio-bucket }}/${{ inputs.repo-name }}.db" \
|
|
"repo/${{ inputs.repo-name }}.db.tar.zst"
|
|
mcli cp "m/${{ inputs.minio-bucket }}/${{ inputs.repo-name }}.files" \
|
|
"repo/${{ inputs.repo-name }}.files.tar.zst"
|
|
|
|
echo "Copy ${{ inputs.repo-name }}.db and ${{ inputs.repo-name }}.files from MinIO"
|
|
|
|
- name: Add pkgs to repo db
|
|
run: |
|
|
if [[ "${{ inputs.gpg-password }}" != 'none' ]]; then
|
|
eval $(gpg-agent --daemon) && \
|
|
echo "${{ inputs.gpg-password }}" | \
|
|
/usr/lib/gnupg/gpg-preset-passphrase --preset "${{ inputs.gpg-keygrip }}" && \
|
|
repo-add --verify --sign \
|
|
"repo/${{ inputs.repo-name }}.db.tar.zst" *.pkg.tar.zst && \
|
|
mv *.pkg.tar.zst *.pkg.tar.zst.sig repo
|
|
|
|
killall -u "$(id -un)" gpg-agent || true
|
|
else
|
|
repo-add "repo/${{ inputs.repo-name }}.db.tar.zst" *.pkg.tar.zst
|
|
mv *.pkg.tar.zst repo
|
|
fi
|
|
echo "Add $(ls *.pkg.tar.zst) to repo"
|
|
|
|
- name: Update repo to MinIO
|
|
run: |
|
|
mcli mv "repo/${{ inputs.repo-name }}.db.tar.zst" \
|
|
"m/${{ inputs.minio-bucket }}/${{ inputs.repo-name }}.db"
|
|
if [[ -e "repo/${{ inputs.repo-name }}.db.tar.zst.sig" ]]; then
|
|
mcli mv "repo/${{ inputs.repo-name }}.db.tar.zst.sig" \
|
|
"m/${{ inputs.minio-bucket }}/${{ inputs.repo-name }}.db.sig"
|
|
fi
|
|
|
|
mcli mv "repo/${{ inputs.repo-name }}.files.tar.zst" \
|
|
"m/${{ inputs.minio-bucket }}/${{ inputs.repo-name }}.files"
|
|
if [[ -e "repo/${{ inputs.repo-name }}.files.tar.zst.sig" ]]; then
|
|
mcli mv "repo/${{ inputs.repo-name }}.files.tar.zst.sig" \
|
|
"m/${{ inputs.minio-bucket }}/${{ inputs.repo-name }}.files.sig"
|
|
fi
|
|
|
|
find repo -name '*.pkg.tar.zst' | xargs -I% \
|
|
mcli mv % "m/${{ inputs.minio-bucket }}"
|
|
find repo -name '*.pkg.tar.zst.sig' | xargs -I% \
|
|
mcli mv % "m/${{ inputs.minio-bucket }}"
|
|
|
|
echo "Update ${{ inputs.repo-name }}.db and ${{ inputs.repo-name }}.files to MinIO"
|