Optimize git action to build packages
This commit is contained in:
parent
fd73847066
commit
bb63a5c9ba
203
.github/workflows/build_packages.yml
vendored
203
.github/workflows/build_packages.yml
vendored
@ -3,32 +3,38 @@ name: Build packages
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- release/*
|
||||
- develop
|
||||
- hotfix/*
|
||||
- release/*
|
||||
- develop
|
||||
- hotfix/*
|
||||
paths:
|
||||
- build/install/deb**
|
||||
- build/install/rpm**
|
||||
- build/install/common**
|
||||
- build/install/deb**
|
||||
- build/install/rpm**
|
||||
- build/install/common**
|
||||
workflow_dispatch:
|
||||
|
||||
concurrency:
|
||||
group: ${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
env:
|
||||
BRANCH_NAME: $(echo ${GITHUB_REF#refs/heads/})
|
||||
PRODUCT_LOW: $(echo "${{ github.event.repository.name }}" | tr '[:upper:]' '[:lower:]' )
|
||||
PRODUCT: "${{ github.event.repository.name }}"
|
||||
BUILD_NUMBER: "${{ github.run_number }}"
|
||||
|
||||
env:
|
||||
PRODUCT: ${{ github.event.repository.name }}
|
||||
PRODUCT_LOW: echo ${{ github.event.repository.name }} | tr '[:upper:]' '[:lower:]'
|
||||
PRODUCT_VERSION: echo ${{ github.ref }} | grep -oP '\d+\.\d+\.\d+' || echo '1.1.3'
|
||||
BUILD_NUMBER: ${{ github.run_number }}
|
||||
BRANCH_NAME: echo ${GITHUB_REF#refs/heads/}
|
||||
PACKAGE_DIRECTORY: "/home/runner/work/${{ github.event.repository.name }}/${{ github.event.repository.name }}/build/install"
|
||||
|
||||
jobs:
|
||||
build_deb:
|
||||
name: DEB packages
|
||||
build:
|
||||
name: Build Packages
|
||||
runs-on: ubuntu-20.04
|
||||
permissions:
|
||||
contents: write
|
||||
|
||||
|
||||
strategy:
|
||||
matrix:
|
||||
packageType: [deb, rpm]
|
||||
|
||||
steps:
|
||||
- name: Free Disk Space
|
||||
uses: jlumbroso/free-disk-space@main
|
||||
@ -39,21 +45,20 @@ jobs:
|
||||
large-packages: true
|
||||
docker-images: true
|
||||
swap-storage: true
|
||||
|
||||
- name: Import GPG
|
||||
|
||||
- name: Import GPG
|
||||
uses: crazy-max/ghaction-import-gpg@v5
|
||||
id: gpg_step
|
||||
with:
|
||||
with:
|
||||
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
|
||||
passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASS }}
|
||||
|
||||
|
||||
- name: Get files from repository
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
submodules: 'recursive'
|
||||
|
||||
|
||||
- name: Prepare build
|
||||
id: get_vars
|
||||
run: |
|
||||
wget -O - https://dl.yarnpkg.com/debian/pubkey.gpg | \
|
||||
sudo gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/yarnkey.gpg --import
|
||||
@ -71,101 +76,36 @@ jobs:
|
||||
sudo apt-get -y update
|
||||
sudo apt install -y dotnet-sdk-7.0 yarn nodejs dh-make rename dpkg-sig lintian
|
||||
sudo npm install -g json
|
||||
echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_OUTPUT
|
||||
echo "VERSION=$(echo "${{ github.ref }}" | grep -oP '\d+\.\d+\.\d+' || echo "1.1.0")" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Build
|
||||
shell: bash
|
||||
[ "${{ matrix.packageType }}" == "rpm" ] && sudo pip install rpmlint || true
|
||||
|
||||
- name: Build DEB Packages
|
||||
if: matrix.packageType == 'deb'
|
||||
run: |
|
||||
cd build/install/deb/
|
||||
rename -f -v "s/product([^\/]*)$/${{ env.PRODUCT_LOW }}\$1/g" debian/* ../common/* ../common/logrotate/*
|
||||
find ../ -type f -exec sed -i "s/{{product}}/${{ env.PRODUCT_LOW }}/g" {} ';'
|
||||
sed -i "s/{{package_header_tag_version}}/${{ steps.get_vars.outputs.VERSION }}.$BUILD_NUMBER/g" \
|
||||
debian/changelog debian/control
|
||||
cd build/install/deb/
|
||||
rename -f -v "s/product([^\/]*)$/$(${{ env.PRODUCT_LOW }})\$1/g" debian/* ../common/* ../common/logrotate/*
|
||||
find ../ -type f -exec sed -i "s/{{product}}/$(${{ env.PRODUCT_LOW }})/g" {} ';'
|
||||
sed -i "s/{{package_header_tag_version}}/$(${{ env.PRODUCT_VERSION }}).${{ env.BUILD_NUMBER }}/g" debian/changelog debian/control
|
||||
dpkg-buildpackage -uc -k${{ steps.gpg_step.outputs.fingerprint }}
|
||||
|
||||
- name: Upload to Nexus
|
||||
run: |
|
||||
for file in /home/runner/work/${{ env.PRODUCT }}/${{ env.PRODUCT }}/build/install/*.deb; do
|
||||
echo $file
|
||||
curl --verbose --user ${{ secrets.REPO_LOGIN }}:${{ secrets.REPO_PASS }} -H "Content-Type: multipart/form-data" \
|
||||
--data-binary "@$file" ${{ secrets.REPO_URL_4TESTING_DEB }}
|
||||
done
|
||||
|
||||
- name: Lint
|
||||
run: |
|
||||
lintian --suppress-tags=mismatched-override --profile debian /home/runner/work/${{ env.PRODUCT }}/${{ env.PRODUCT }}/build/install/*.deb \
|
||||
| tee -a file
|
||||
if grep -qE '^(W:|E:)' file; then echo \
|
||||
"::warning Noticedeb=lintian::$(cat file | awk '/^W:/ { ws += 1 } /^E:/ { es += 1 } END { print "Warnings:", ws, "Errors:", es }')"; fi
|
||||
|
||||
build_rpm:
|
||||
name: RPM packages
|
||||
runs-on: ubuntu-20.04
|
||||
permissions:
|
||||
contents: write
|
||||
|
||||
steps:
|
||||
- name: Free Disk Space
|
||||
uses: jlumbroso/free-disk-space@main
|
||||
with:
|
||||
tool-cache: true
|
||||
android: true
|
||||
haskell: true
|
||||
large-packages: true
|
||||
docker-images: true
|
||||
swap-storage: true
|
||||
|
||||
- name: Import GPG
|
||||
uses: crazy-max/ghaction-import-gpg@v5
|
||||
with:
|
||||
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
|
||||
passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASS }}
|
||||
|
||||
- name: Get files from repository
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
submodules: 'recursive'
|
||||
|
||||
- name: Prepare build
|
||||
id: get_vars
|
||||
run: |
|
||||
wget -O - https://dl.yarnpkg.com/debian/pubkey.gpg | sudo gpg --no-default-keyring --keyring \
|
||||
gnupg-ring:/usr/share/keyrings/yarnkey.gpg --import
|
||||
sudo chmod 644 /usr/share/keyrings/yarnkey.gpg
|
||||
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian/ stable main" | \
|
||||
sudo tee /etc/apt/sources.list.d/yarn.list
|
||||
wget https://packages.microsoft.com/config/$(lsb_release -is | \
|
||||
tr [:upper:] [:lower:])/$(lsb_release -rs)/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
|
||||
sudo dpkg -i packages-microsoft-prod.deb
|
||||
echo "deb [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" | \
|
||||
sudo tee /etc/apt/sources.list.d/nodesource.list
|
||||
wget -O - https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | \
|
||||
sudo gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/nodesource.gpg --import
|
||||
sudo chmod 644 /usr/share/keyrings/nodesource.gpg
|
||||
sudo apt-get -y update
|
||||
sudo apt install -y dotnet-sdk-7.0 yarn nodejs dh-make rename python3-pip python3-rpm
|
||||
sudo npm install -g json
|
||||
sudo pip install rpmlint
|
||||
echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_OUTPUT
|
||||
echo "VERSION=$(echo "${ GITHUB_REF##*/ }" | grep -oP '\d+\.\d+\.\d+' || echo "1.1.0")" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Build
|
||||
- name: Build RPM Packages
|
||||
if: matrix.packageType == 'rpm'
|
||||
run: |
|
||||
cd build/install/rpm/SPECS
|
||||
mv ./SOURCES/product.rpmlintrc ./SOURCES/${{ env.PRODUCT_LOW }}.rpmlintrc
|
||||
wget https://github.com/ONLYOFFICE/${{ env.PRODUCT }}/archive/${{ env.BRANCH_NAME }}.tar.gz \
|
||||
-O ./SOURCES/${{ env.PRODUCT }}-$(echo ${{ env.BRANCH_NAME }} | tr '/' '-').tar.gz
|
||||
mv ./SOURCES/product.rpmlintrc ./SOURCES/$(${{ env.PRODUCT_LOW }}).rpmlintrc
|
||||
wget https://github.com/ONLYOFFICE/${{ env.PRODUCT }}/archive/$(${{ env.BRANCH_NAME }}).tar.gz \
|
||||
-O ./SOURCES/${{ env.PRODUCT }}-$(${{ env.BRANCH_NAME }} | tr '/' '-').tar.gz
|
||||
wget https://github.com/ONLYOFFICE/document-templates/archive/main/community-server.tar.gz \
|
||||
-O ./SOURCES/document-templates-main-community-server.tar.gz
|
||||
-O ./SOURCES/document-templates-main-community-server.tar.gz
|
||||
wget https://github.com/ONLYOFFICE/dictionaries/archive/master.tar.gz \
|
||||
-O ./SOURCES/dictionaries-master.tar.gz
|
||||
-O ./SOURCES/dictionaries-master.tar.gz
|
||||
sed -i -e '/BuildRequires/d' product.spec
|
||||
rpmbuild -D "packager Ascensio System SIA <support@onlyoffice.com>" -D "GIT_BRANCH $(echo ${{ env.BRANCH_NAME }} \
|
||||
| tr '/' '-')" -D "_topdir $(pwd)" -D "version ${{ steps.get_vars.outputs.VERSION }}" \
|
||||
-D "release ${{ env.BUILD_NUMBER }}" -ba product.spec
|
||||
rpmbuild -D "packager Ascensio System SIA <support@onlyoffice.com>" \
|
||||
-D "GIT_BRANCH $(${{ env.BRANCH_NAME }}| tr '/' '-')" -D "_topdir $(pwd)" \
|
||||
-D "version $(${{ env.PRODUCT_VERSION }})" \
|
||||
-D "release ${{ env.BUILD_NUMBER }}" -ba product.spec
|
||||
|
||||
- name: Sign
|
||||
- name: Sign RPM Packages
|
||||
if: matrix.packageType == 'rpm'
|
||||
run: |
|
||||
cat << EOF >> $HOME/.rpmmacros
|
||||
%_signature gpg
|
||||
@ -175,21 +115,42 @@ jobs:
|
||||
EOF
|
||||
gpg --export --armor --output onlyoffice-gpgkey.pub
|
||||
rpm --import onlyoffice-gpgkey.pub
|
||||
rpm --addsign /home/runner/work/${{ env.PRODUCT }}/${{ env.PRODUCT }}/build/install/rpm/SPECS/RPMS/noarch/*.rpm
|
||||
|
||||
- name: Upload
|
||||
rpm --addsign ${{ env.PACKAGE_DIRECTORY }}/rpm/SPECS/RPMS/noarch/*.rpm
|
||||
|
||||
- name: Upload DEB Packages
|
||||
if: matrix.packageType == 'deb'
|
||||
run: |
|
||||
for file in /home/runner/work/${{ env.PRODUCT }}/${{ env.PRODUCT }}/build/install/rpm/SPECS/RPMS/noarch/*.rpm; do
|
||||
curl --verbose --user ${{ secrets.REPO_LOGIN }}:${{ secrets.REPO_PASS }} \
|
||||
--upload-file "$file" ${{ secrets.REPO_URL_4TESTING_RPM }}
|
||||
for deb_package in ${{ env.PACKAGE_DIRECTORY }}/*.deb; do
|
||||
echo $deb_package
|
||||
curl --verbose \
|
||||
--user ${{ secrets.REPO_LOGIN }}:${{ secrets.REPO_PASS }} \
|
||||
-H "Content-Type: multipart/form-data" \
|
||||
--data-binary "@$deb_package" ${{ secrets.REPO_URL_4TESTING_DEB }}
|
||||
done
|
||||
|
||||
- name: Rpmlint
|
||||
run: |
|
||||
for package in /home/runner/work/${{ env.PRODUCT }}/${{ env.PRODUCT }}/build/install/rpm/SPECS/RPMS/noarch/*.rpm
|
||||
do rpmlint --ignore-unused-rpmlintrc --rpmlintrc \
|
||||
/home/runner/work/${{ env.PRODUCT }}/${{ env.PRODUCT }}/build/install/rpm/SPECS/SOURCES/${{ env.PRODUCT_LOW }}.rpmlintrc $package \
|
||||
| tee -a file2
|
||||
- name: Upload RPM Packages
|
||||
if: matrix.packageType == 'rpm'
|
||||
run: |
|
||||
for rpm_package in ${{ env.PACKAGE_DIRECTORY }}/rpm/SPECS/RPMS/noarch/*.rpm; do
|
||||
curl --verbose \
|
||||
--user ${{ secrets.REPO_LOGIN }}:${{ secrets.REPO_PASS }} \
|
||||
--upload-file "$rpm_package" ${{ secrets.REPO_URL_4TESTING_RPM }}
|
||||
done
|
||||
if grep -qE '^(W:|E:)' file2; then echo \
|
||||
"::warning NoticeRpm=rpmLint::$(cat file2 | awk '/W:/ { ws += 1 } /E:/ { es += 1 } END { print "Warnings:", ws, "Errors:", es }')" ; fi
|
||||
|
||||
- name: Checking the DEB package for errors
|
||||
if: matrix.packageType == 'deb'
|
||||
run: |
|
||||
lintian --suppress-tags=mismatched-override --profile debian ${{ env.PACKAGE_DIRECTORY }}/*.deb | tee -a LINTIAN
|
||||
if grep -qE '^(W:|E:)' LINTIAN; then
|
||||
echo "::warning Noticedeb=lintian::$(cat LINTIAN | awk '/^W:/ { ws += 1 } /^E:/ { es += 1 } END { print "Warnings:", ws, "Errors:", es }')"
|
||||
fi
|
||||
|
||||
- name: Checking the RPM package for errors
|
||||
if: matrix.packageType == 'rpm'
|
||||
run: |
|
||||
for rpm_package in ${{ env.PACKAGE_DIRECTORY }}/rpm/SPECS/RPMS/noarch/*.rpm; do
|
||||
rpmlint --ignore-unused-rpmlintrc --rpmlintrc ${{ env.PACKAGE_DIRECTORY }}/rpm/SPECS/SOURCES/$(${{ env.PRODUCT_LOW }}).rpmlintrc $rpm_package | tee -a RPM_LINT
|
||||
done
|
||||
if grep -qE '^(W:|E:)' RPM_LINT; then
|
||||
echo "::warning Noticerpm=rpmlint::$(cat RPM_LINT | awk '/W:/ { ws += 1 } /E:/ { es += 1 } END { print "Warnings:", ws, "Errors:", es }')"
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user