Skip to content

Commit

Permalink
github CI: nightly builds for multiple distributions
Browse files Browse the repository at this point in the history 
    Since the pipeline changed to use ucuntu22.04 runners, the nighty debian packages do not work on debian buster anymore.
    This change updates the pipeline to build for Ubuntu 20.04 and 22.04 as well as for
    Debian 10, 11 and 12.

    The distribution specific apt sources are as follows:

      "deb http://repo.aptly.info/nightly-bookworm bookworm main"

    (replace bookworm with focal, buster, bullseye. Install aptly repo key with: curl -fsS https://www.aptly.info/pubkey.txt | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/aptly.gpg)

    The builds on focal will also release to the legacy nightly apt repo: https://github.com/aptly-dev/aptly/actions/runs/8723898496/job/23933824692#step:7:24

    This only affects nightly builds, for now.
    Pipeline example: [](https://github.com/aptly-dev/aptly/actions/runs/8723898496)
  • Loading branch information
@neolynx
neolynx committed Apr 17, 2024
1 parent 940538e commit f233a21
Show file tree
Hide file tree
Showing 2 changed files with 114 additions and 31 deletions.
61 changes: 48 additions & 13 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,19 +89,61 @@ jobs:
files: coverage.txt

release:
name: release
needs: build
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
name: [Ubuntu-20, Ubuntu-22, Debian-10, Debian-11, Debian-12]
include:
- name: Ubuntu-20
image: "ubuntu:20.04"
suite: focal
GOVER: '1.21'
install: "make ca-certificates git curl"
- name: Ubuntu-22
image: "ubuntu:22.04"
suite: jammy
install: "make ca-certificates git curl golang"
- name: Debian-10
image: "debian:buster"
suite: buster
GOVER: '1.21'
install: "make ca-certificates git curl"
- name: Debian-11
image: "debian:bullseye"
suite: bullseye
GOVER: '1.21'
install: "make ca-certificates git curl"
- name: Debian-12
image: "debian:bookworm"
suite: bookworm
install: "make ca-certificates git curl golang"
container:
image: ${{ matrix.image }}
env:
APT_LISTCHANGES_FRONTEND: none
DEBIAN_FRONTEND: noninteractive
steps:
- name: Install O/S packages
run: |
apt-get update
apt-get install -y --no-install-recommends ${{ matrix.install }}
git config --global --add safe.directory "$GITHUB_WORKSPACE"
echo GOVER: ${{ env.GOVER }}
- name: Checkout repository
uses: actions/checkout@v3
with:
# fetch the whole repot for `git describe` to
# fetch the whole repo for `git describe` to
# work and get the nightly verion
fetch-depth: 0

- name: Setup Go
uses: actions/setup-go@v4
if: ${{ matrix.GOVER != '' }}
uses: actions/setup-go@v3
with:
go-version: ${{ matrix.GOVER }}

- name: Make Release
env:
Expand All @@ -115,19 +157,12 @@ jobs:
APTLY_USER: ${{ secrets.APTLY_USER }}
APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }}
run: |
./upload-artifacts.sh nightly
./upload-artifacts.sh nightly ${{ matrix.suite }}
- name: Publish release to aptly
if: startsWith(github.event.ref, 'refs/tags')
env:
APTLY_USER: ${{ secrets.APTLY_USER }}
APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }}
run: |
./upload-artifacts.sh release
- name: Upload artifacts to GitHub Release
if: startsWith(github.event.ref, 'refs/tags')
uses: softprops/action-gh-release@v1
with:
body: Release ${{ github.ref }} generated by the CI.
files: build/*
./upload-artifacts.sh release ${{ matrix.suite }}
84 changes: 66 additions & 18 deletions upload-artifacts.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,50 +10,100 @@ aptly_password="$APTLY_PASSWORD"
aptly_api="https://aptly-ops.aptly.info"
version=`make version`

echo "Publishing version '$version' to $1..."
action=$1
dist=$2

for file in $packages; do
echo "Uploading $file..."
curl -fsS -X POST -F "file=@$file" -u $aptly_user:$aptly_password ${aptly_api}/api/files/$folder
usage() {
echo "Usage: $0 nighly jammy|focal|bookworm" >&2
echo " $0 release" >&2
}

if [ -z "$action" ]; then
usage
exit 1
fi

if [ "action" = "nightly" ] && [ -z "$dist" ]; then
usage
exit 1
fi

echo "Publishing version '$version' to $action for $dist...\n"

upload()
{
echo "\nUploading files:"
for file in $packages; do
echo " - $file"
curl -fsS -X POST -F "file=@$file" -u $aptly_user:$aptly_password ${aptly_api}/api/files/$folder
done
echo
done
}
cleanup() {
echo "\nCleanup..."
curl -fsS -X DELETE -u $aptly_user:$aptly_password ${aptly_api}/api/files/$folder
echo
}
trap cleanup EXIT

if [ "$1" = "nightly" ]; then
if [ "$action" = "nightly" ]; then
if echo "$version" | grep -vq "+"; then
# skip nightly when on release tag
exit 0
fi

aptly_repository=aptly-nightly
aptly_published=s3:repo.aptly.info:./nightly
aptly_repository=aptly-nightly-$dist
aptly_published=s3:repo.aptly.info:nightly-$dist

upload

echo "Adding packages to $aptly_repository..."
echo "\nAdding packages to $aptly_repository ..."
curl -fsS -X POST -u $aptly_user:$aptly_password ${aptly_api}/api/repos/$aptly_repository/file/$folder
echo

echo "Updating published repo..."
echo "\nUpdating published repo $aptly_published ..."
curl -fsS -X PUT -H 'Content-Type: application/json' --data \
'{"AcquireByHash": true, "Signing": {"Batch": true, "Keyring": "aptly.repo/aptly.pub",
"secretKeyring": "aptly.repo/aptly.sec", "PassphraseFile": "aptly.repo/passphrase"}}' \
-u $aptly_user:$aptly_password ${aptly_api}/api/publish/$aptly_published
'{"AcquireByHash": true,
"Signing": {"Batch": true, "Keyring": "aptly.repo/aptly.pub", "secretKeyring": "aptly.repo/aptly.sec", "PassphraseFile": "aptly.repo/passphrase"}}' \
-u $aptly_user:$aptly_password ${aptly_api}/api/publish/$aptly_published/$dist
echo

if [ $dist = "focal" ]; then
echo "\nUpdating legacy nightly repo..."

aptly_repository=aptly-nightly
aptly_published=s3:repo.aptly.info:./nightly

upload

echo "\nAdding packages to $aptly_repository ..."
curl -fsS -X POST -u $aptly_user:$aptly_password ${aptly_api}/api/repos/$aptly_repository/file/$folder
echo

echo "\nUpdating published repo $aptly_published ..."
curl -fsS -X PUT -H 'Content-Type: application/json' --data \
'{"AcquireByHash": true, "Signing": {"Batch": true, "Keyring": "aptly.repo/aptly.pub",
"secretKeyring": "aptly.repo/aptly.sec", "PassphraseFile": "aptly.repo/passphrase"}}' \
-u $aptly_user:$aptly_password ${aptly_api}/api/publish/$aptly_published
echo
fi
fi

if [ "$1" = "release" ]; then
aptly_repository=aptly-release
aptly_snapshot=aptly-$version
aptly_published=s3:repo.aptly.info:./squeeze

echo "Adding packages to $aptly_repository..."
echo "\nAdding packages to $aptly_repository..."
curl -fsS -X POST -u $aptly_user:$aptly_password ${aptly_api}/api/repos/$aptly_repository/file/$folder
echo

echo "Creating snapshot $aptly_snapshot from repo $aptly_repository..."
echo "\nCreating snapshot $aptly_snapshot from repo $aptly_repository..."
curl -fsS -X POST -u $aptly_user:$aptly_password -H 'Content-Type: application/json' --data \
"{\"Name\":\"$aptly_snapshot\"}" ${aptly_api}/api/repos/$aptly_repository/snapshots
echo

echo "Switching published repo to use snapshot $aptly_snapshot..."
echo "\nSwitching published repo $aptly_published to use snapshot $aptly_snapshot..."
curl -fsS -X PUT -H 'Content-Type: application/json' --data \
"{\"AcquireByHash\": true, \"Snapshots\": [{\"Component\": \"main\", \"Name\": \"$aptly_snapshot\"}],
\"Signing\": {\"Batch\": true, \"Keyring\": \"aptly.repo/aptly.pub\",
Expand All @@ -62,5 +112,3 @@ if [ "$1" = "release" ]; then
echo
fi

curl -fsS -X DELETE -u $aptly_user:$aptly_password ${aptly_api}/api/files/$folder
echo

0 comments on commit f233a21

Please sign in to comment.