cleanup #251
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a basic workflow to help you get started with Actions | |
| name: Weimarnetz Package Build | |
| # Controls when the action will run. Triggers the workflow on push or pull request | |
| # events but only for the master branch | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: [ brauhaus-19.07 ] | |
| paths: | |
| - 'assemble/**' | |
| - 'build/**' | |
| - 'net/**' | |
| - 'utils/**' | |
| pull_request: | |
| branches: [ brauhaus-19.07 ] | |
| paths: | |
| - 'assemble/**' | |
| - 'build/**' | |
| - 'net/**' | |
| - 'utils/**' | |
| permissions: | |
| contents: read | |
| actions: write # Für repository_dispatch | |
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
| jobs: | |
| # New job for collecting build information | |
| collect_build_info: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
| - uses: actions/checkout@v4 | |
| - run: | | |
| git fetch --prune --unshallow | |
| # Collect build information | |
| - name: Collect build information | |
| id: buildinfo | |
| run: | | |
| # Get branch and version info | |
| BRANCH_NAME=$(git branch --show-current) | |
| if [ -z "$BRANCH_NAME" ]; then | |
| BRANCH_NAME=$(echo ${{ github.ref }} | sed 's|refs/heads/||') | |
| fi | |
| GIT_VERSION=$(git describe --always --dirty --tags) | |
| TIMESTAMP=$(date -u +"%Y-%m-%d %H:%M:%S UTC") | |
| # Create build info JSON | |
| mkdir -p build_info | |
| cat > build_info/package_build.json << EOF | |
| { | |
| "branch": "${BRANCH_NAME}", | |
| "version": "${GIT_VERSION}", | |
| "trigger_event": "${{ github.event_name }}", | |
| "build_timestamp": "${TIMESTAMP}", | |
| "builder": "${{ github.actor }}" | |
| } | |
| EOF | |
| # Store as outputs for other jobs | |
| echo "branch=${BRANCH_NAME}" >> $GITHUB_OUTPUT | |
| echo "version=${GIT_VERSION}" >> $GITHUB_OUTPUT | |
| # Display the created file | |
| cat build_info/package_build.json | |
| # Upload build info as an artifact for other jobs | |
| - name: Upload build info artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: build-info-base | |
| path: build_info/package_build.json | |
| retention-days: 1 | |
| # Main job for compiling packages | |
| compile_packages: | |
| needs: collect_build_info | |
| strategy: | |
| matrix: | |
| target: [ath79_generic, mediatek_filogic, mpc85xx_p1010, ramips_mt7620, ramips_mt7621, ramips_mt76x8, x86_generic, x86_64, ipq40xx_generic] | |
| include: | |
| - openwrt: 24.10.0 | |
| fail-fast: false | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
| - uses: actions/checkout@v4 | |
| - run: | | |
| git fetch --prune --unshallow | |
| # Download build info artifact from previous job | |
| - name: Download build info base | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: build-info-base | |
| path: build_info_base | |
| # Update build info with target-specific details | |
| - name: Update build info with target details | |
| id: updateinfo | |
| run: | | |
| # Read the base build info | |
| cp build_info_base/package_build.json build_info_base/base.json | |
| # Update with target-specific info | |
| mkdir -p build_info | |
| jq --arg target "${{ matrix.target }}" \ | |
| --arg openwrt "${{ matrix.openwrt }}" \ | |
| '. + {target: $target, openwrt: $openwrt}' \ | |
| build_info_base/base.json > build_info/package_build.json | |
| # Display the updated file | |
| cat build_info/package_build.json | |
| - name: Initialization environment | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| run: | | |
| sudo rm -rf /etc/apt/sources.list.d/* /usr/share/dotnet /usr/local/lib/android /opt/ghc | |
| sudo -E add-apt-repository -y universe | |
| # TODO: default apt config doesn't load repositories. Check later if that's still a problem | |
| sudo tee /etc/apt/sources.list <<EOF | |
| deb http://archive.ubuntu.com/ubuntu noble main universe restricted multiverse | |
| deb http://archive.ubuntu.com/ubuntu noble-updates main universe restricted multiverse | |
| deb http://archive.ubuntu.com/ubuntu noble-security main universe restricted multiverse | |
| EOF | |
| sudo -E apt-get -qq update | |
| sudo -E apt-get -qq install build-essential clang flex bison g++ gawk gcc-multilib g++-multilib gettext git libncurses5-dev libssl-dev python3-setuptools rsync swig unzip zlib1g-dev file wget | |
| sudo -E apt-get -qq autoremove --purge | |
| sudo -E apt-get -qq clean | |
| - name: Build po2lmo | |
| run: | | |
| git clone https://github.com/weimarnetz/po2lmo | |
| cd po2lmo | |
| make | |
| sudo make install | |
| - name: compile packages for target ${{ matrix.target }} | |
| env: | |
| PACKAGE_SIGNING_KEY: ${{ secrets.PACKAGE_SIGNING_PRIVATE_KEY }} | |
| run: | | |
| cd assemble | |
| echo "$PACKAGE_SIGNING_KEY" > keys/key-build | |
| ./compile_packages.sh -t ${{ matrix.target }} -o ${{ matrix.openwrt }} | |
| - name: upload packages directory | |
| if: github.event_name == 'push' | |
| env: | |
| SSH_KEY: ${{ secrets.BUILDBOT_PRIVATE_KEY }} | |
| run: | | |
| eval "$(ssh-agent -s)" | |
| ssh-add - <<< "${SSH_KEY}" | |
| cd assemble | |
| target="$(echo ${{ matrix.target }})" | |
| # Process packages directory (unified feed structure) | |
| for feed_dir in packages/* ; do | |
| if [ -d "$feed_dir" ]; then | |
| feed_name=$(basename "$feed_dir") | |
| # Create local structure that mirrors the target structure | |
| mkdir -p "upload_temp/brauhaus/packages/$target/$feed_name" | |
| # Copy the build info JSON | |
| cp ../build_info/package_build.json "upload_temp/brauhaus/packages/$target/$feed_name/" | |
| # Copy package files | |
| find "./$feed_dir" -maxdepth 1 -type f -exec cp {} "upload_temp/brauhaus/packages/$target/$feed_name/" \; | |
| fi | |
| done | |
| # Upload all packages at once | |
| echo "Uploading packages to /brauhaus/packages/" | |
| rsync -avz --delete '-e ssh -o StrictHostKeyChecking=no -p22223' upload_temp/brauhaus/packages/./$target [email protected]:/brauhaus/packages/ | |
| # Separate job that runs after all matrix jobs are completed | |
| trigger_firmware_build: | |
| needs: [collect_build_info, compile_packages] | |
| if: github.event_name == 'push' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install jq | |
| run: sudo apt-get update && sudo apt-get install -y jq | |
| - name: Download build info | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: build-info-base | |
| path: build_info | |
| - name: Read build info | |
| id: info | |
| run: | | |
| # Extract values using jq | |
| BRANCH=$(jq -r '.branch' build_info/package_build.json) | |
| VERSION=$(jq -r '.version' build_info/package_build.json) | |
| # Set as outputs | |
| echo "branch=$BRANCH" >> $GITHUB_OUTPUT | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| # Display info | |
| echo "Using build info:" | |
| jq . build_info/package_build.json | |
| - name: Generate GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.GH_APP_ID }} | |
| private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} | |
| owner: weimarnetz | |
| repositories: | | |
| imagebuilder | |
| packages | |
| - name: Trigger firmware build | |
| run: | | |
| HTTP_RESPONSE=$(curl -s -o response.txt -w "%{http_code}" \ | |
| -X POST \ | |
| -H "Authorization: token ${{ steps.app-token.outputs.token }}" \ | |
| -H "Accept: application/vnd.github.v3+json" \ | |
| https://api.github.com/repos/weimarnetz/imagebuilder/dispatches \ | |
| -d '{ | |
| "event_type": "package_update", | |
| "client_payload": { | |
| "ref": "${{ github.ref }}", | |
| "sha": "${{ github.sha }}", | |
| "branch": "${{ steps.info.outputs.branch }}", | |
| "version": "${{ steps.info.outputs.version }}" | |
| } | |
| }') | |
| echo "HTTP status code: $HTTP_RESPONSE" | |
| if [ "$HTTP_RESPONSE" != "204" ]; then | |
| echo "Error response:" | |
| cat response.txt | |
| exit 1 # Fail the workflow if the HTTP status is not 204 (success) | |
| else | |
| echo "Successfully triggered imagebuilder repository" | |
| fi |