Build packages #539
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build packages | |
on: | |
workflow_dispatch: | |
inputs: | |
branch-buildtools: | |
description: 'Branch for buildtools repository' | |
required: true | |
default: 'develop' | |
branch-client: | |
description: 'Branch for client repository' | |
required: true | |
default: 'develop' | |
branch-server: | |
description: 'Branch for server repository' | |
required: true | |
default: 'develop' | |
concurrency: | |
group: ${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
PRODUCT: ${{ github.event.repository.name }} | |
PRODUCT_LOW: echo ${{ github.event.repository.name }} | tr '[:upper:]' '[:lower:]' | |
PRODUCT_VERSION: echo ${{ github.ref }} | grep -oP '\d+\.\d+\.\d+' || echo '2.5.0' | |
BUILD_NUMBER: ${{ github.run_number }} | |
PACKAGE_DIRECTORY: "/home/runner/work/${{ github.event.repository.name }}/${{ github.event.repository.name }}" | |
BRANCH_BUILDTOOLS: ${{ github.event.inputs.branch-buildtools }} | |
BRANCH_CLIENT: ${{ github.event.inputs.branch-client }} | |
BRANCH_SERVER: ${{ github.event.inputs.branch-server }} | |
jobs: | |
build: | |
name: Build Packages | |
runs-on: ubuntu-20.04 | |
permissions: | |
contents: write | |
strategy: | |
matrix: | |
packageType: [deb, rpm] | |
steps: | |
# To avoid mistake "System.IO.IOException: No space left on device" | |
- name: Free Disk Space | |
run: | | |
sudo rm -rf /usr/local/lib/android /opt/ghc | |
sudo docker image prune --all --force | |
- name: Import GPG | |
uses: crazy-max/ghaction-import-gpg@v5 | |
id: gpg_step | |
with: | |
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASS }} | |
- name: Checkout ${{ env.PRODUCT }}-buildtools | |
uses: actions/checkout@v4 | |
with: | |
repository: ONLYOFFICE/${{ env.PRODUCT }}-buildtools | |
ref: ${{ env.BRANCH_BUILDTOOLS }} | |
submodules: 'recursive' | |
- name: Prepare build | |
run: | | |
wget -O - https://dl.yarnpkg.com/debian/pubkey.gpg | \ | |
sudo gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/yarnkey.gpg --import | |
sudo chmod 644 /usr/share/keyrings/yarnkey.gpg | |
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian/ stable main" | \ | |
sudo tee /etc/apt/sources.list.d/yarn.list | |
wget https://packages.microsoft.com/config/$(lsb_release -is | \ | |
tr [:upper:] [:lower:])/$(lsb_release -rs)/packages-microsoft-prod.deb -O packages-microsoft-prod.deb | |
sudo dpkg -i packages-microsoft-prod.deb | |
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo bash - | |
sudo apt install -y dotnet-sdk-8.0 yarn nodejs rename | |
sudo npm install -g json | |
if [[ "${{ matrix.packageType }}" == "rpm" ]]; then | |
sudo apt install -y python3-rpm python3-pip | |
sudo pip install rpmlint | |
else | |
sudo apt install -y dpkg-sig lintian dh-make | |
fi | |
- name: Build DEB Packages | |
if: matrix.packageType == 'deb' | |
run: | | |
cd install/deb/ | |
wget -q -O ./debian/source/buildtools.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-buildtools/archive/${BRANCH_BUILDTOOLS}.tar.gz" | |
wget -q -O ./debian/source/client.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-client/archive/${BRANCH_CLIENT}.tar.gz" | |
wget -q -O ./debian/source/server.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-server/archive/${BRANCH_SERVER}.tar.gz" | |
wget -q -O ./debian/source/dictionaries.tar.gz "https://github.com/ONLYOFFICE/dictionaries/archive/master.tar.gz" | |
wget -q -O ./debian/source/DocStore.tar.gz "https://github.com/ONLYOFFICE/document-templates/archive/main/community-server.tar.gz" | |
wget -q -O ./debian/source/campaigns.tar.gz "https://github.com/ONLYOFFICE/ASC.Web.Campaigns/archive/master.tar.gz" | |
rename -f -v "s/product([^\/]*)$/$(${{ env.PRODUCT_LOW }})\$1/g" debian/* | |
find debian/ -type f -exec sed -i "s/{{product}}/$(${{ env.PRODUCT_LOW }})/g" {} ';' | |
sed -i "s/{{package_header_tag_version}}/$(${{ env.PRODUCT_VERSION }}).${{ env.BUILD_NUMBER }}/g" debian/changelog debian/control | |
dpkg-buildpackage -uc -k${{ steps.gpg_step.outputs.fingerprint }} | |
- name: Build RPM Packages | |
if: matrix.packageType == 'rpm' | |
run: | | |
cd install/rpm/SPECS | |
wget -q -O ./SOURCES/buildtools.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-buildtools/archive/${BRANCH_BUILDTOOLS}.tar.gz" | |
wget -q -O ./SOURCES/client.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-client/archive/${BRANCH_CLIENT}.tar.gz" | |
wget -q -O ./SOURCES/server.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-server/archive/${BRANCH_SERVER}.tar.gz" | |
wget -q -O ./SOURCES/dictionaries.tar.gz "https://github.com/ONLYOFFICE/dictionaries/archive/master.tar.gz" | |
wget -q -O ./SOURCES/DocStore.tar.gz "https://github.com/ONLYOFFICE/document-templates/archive/main/community-server.tar.gz" | |
wget -q -O ./SOURCES/campaigns.tar.gz "https://github.com/ONLYOFFICE/ASC.Web.Campaigns/archive/master.tar.gz" | |
mv ./SOURCES/product.rpmlintrc ./SOURCES/$(${{ env.PRODUCT_LOW }}).rpmlintrc | |
sed -i -e '/BuildRequires/d' product.spec | |
rpmbuild -D "packager Ascensio System SIA <[email protected]>" \ | |
-D "_topdir $(pwd)" \ | |
-D "version $(${{ env.PRODUCT_VERSION }})" \ | |
-D "release ${{ env.BUILD_NUMBER }}" -ba product.spec | |
- name: Sign RPM Packages | |
if: matrix.packageType == 'rpm' | |
run: | | |
cat << EOF >> $HOME/.rpmmacros | |
%_signature gpg | |
%_gpg_name ${{ secrets.GPG_KEY_NAME }} | |
%_gpg_path $HOME/.gnupg | |
%__gpg /usr/bin/gpg | |
EOF | |
gpg --export --armor --output onlyoffice-gpgkey.pub | |
rpm --import onlyoffice-gpgkey.pub | |
rpm --addsign ${{ env.PACKAGE_DIRECTORY }}/install/rpm/SPECS/RPMS/noarch/*.rpm | |
- name: Upload DEB Packages | |
if: matrix.packageType == 'deb' | |
run: | | |
for deb_package in ${{ env.PACKAGE_DIRECTORY }}/install/*.deb; do | |
echo $deb_package | |
curl --verbose \ | |
--user ${{ secrets.REPO_LOGIN }}:${{ secrets.REPO_PASS }} \ | |
-H "Content-Type: multipart/form-data" \ | |
--data-binary "@$deb_package" ${{ secrets.REPO_URL_4TESTING_DEB }} | |
done | |
- name: Upload RPM Packages | |
if: matrix.packageType == 'rpm' | |
run: | | |
for rpm_package in ${{ env.PACKAGE_DIRECTORY }}/install/rpm/SPECS/RPMS/noarch/*.rpm; do | |
curl --verbose \ | |
--user ${{ secrets.REPO_LOGIN }}:${{ secrets.REPO_PASS }} \ | |
--upload-file "$rpm_package" ${{ secrets.REPO_URL_4TESTING_RPM }} | |
done | |
- name: Checking the DEB package for errors | |
if: matrix.packageType == 'deb' | |
run: | | |
lintian --profile debian ${{ env.PACKAGE_DIRECTORY }}/install/*.deb | tee -a LINTIAN | |
if grep -qE '^(W:|E:)' LINTIAN; then | |
echo "::warning Noticedeb=lintian::$(cat LINTIAN | awk '/^W:/ { ws += 1 } /^E:/ { es += 1 } END { print "Warnings:", ws, "Errors:", es }')" | |
fi | |
- name: Checking the RPM package for errors | |
if: matrix.packageType == 'rpm' | |
run: | | |
for rpm_package in ${{ env.PACKAGE_DIRECTORY }}/install/rpm/SPECS/RPMS/noarch/*.rpm; do | |
rpmlint --ignore-unused-rpmlintrc --rpmlintrc ${{ env.PACKAGE_DIRECTORY }}/install/rpm/SPECS/SOURCES/$(${{ env.PRODUCT_LOW }}).rpmlintrc $rpm_package | tee -a RPM_LINT | |
done | |
if grep -qE '(W:|E:)' RPM_LINT; then | |
echo "::warning Noticerpm=rpmlint::$(cat RPM_LINT | awk '/W:/ { ws += 1 } /E:/ { es += 1 } END { print "Warnings:", ws, "Errors:", es }')" | |
fi |