Rebuild Mkosi images for nspawn.org #170
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Rebuild Mkosi images for nspawn.org | |
| # Controls when the workflow will run | |
| on: | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| # Also run on cron schedule | |
| schedule: | |
| - cron: 0 0 * * 0 | |
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
| jobs: | |
| # This workflow contains a single job called "build" | |
| build: | |
| # The type of runner that the job will run on | |
| runs-on: internal-builders | |
| # Steps represent a sequence of tasks that will be executed as part of the job | |
| steps: | |
| - name: Remove toolstree directory if exists | |
| run: sudo rm -rf ./hub-images/toolstree | |
| - name: Change ownership of files for checkout | |
| env: | |
| SERVER_WORKDIR: ${{ secrets.SERVER_WORKDIR }} | |
| run: sudo chown -R $USER:$USER $SERVER_WORKDIR || true | |
| - uses: actions/checkout@v2 | |
| # Check duplictaed outputs | |
| - name: Check for duplicated Output directives | |
| working-directory: hub-images | |
| run: | | |
| ./validate_directories.sh | |
| # Prepare our custom builder | |
| - name: Prepare our builder | |
| run: | | |
| sudo apt-get install --assume-yes --no-install-recommends debian-archive-keyring | |
| # Configure GPG | |
| - name: Configure the GPG Key | |
| env: | |
| GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }} | |
| run: | | |
| echo -n "$GPG_SIGNING_KEY" | base64 --decode | sudo gpg --import | |
| echo -n "$GPG_SIGNING_KEY" | base64 --decode | gpg --import | |
| # Setup mkosi | |
| - name: setup-mkosi | |
| uses: systemd/mkosi@main | |
| #- name: Debug | |
| # uses: mxschmitt/action-tmate@v3 | |
| - name: Change ownership of files for checkout | |
| env: | |
| SERVER_WORKDIR: ${{ secrets.SERVER_WORKDIR }} | |
| run: sudo chown -R $USER:$USER $SERVER_WORKDIR || true | |
| # Clean newly created directories to avoid the build.sh script tryting to iterate them | |
| - uses: actions/checkout@v2 | |
| #- name: Debug | |
| # uses: mxschmitt/action-tmate@v3 | |
| # Setup mkosi tools tree | |
| - name: Setup mkosi tools tree | |
| working-directory: ./hub-images | |
| run: | | |
| sudo mkosi --distribution fedora --include=mkosi-tools --output-dir=./toolstree | |
| # Runs a set of commands using the runners shell | |
| - name: Build the images | |
| working-directory: ./hub-images | |
| run: | | |
| sudo ./build.sh | |
| sudo ./clean-artifacts.sh | |
| #- name: Debug | |
| # uses: mxschmitt/action-tmate@v3 | |
| # Prepare everything for syncing | |
| - name: Install SSH Key | |
| env: | |
| SSH_PRIVATE_KEY: ${{ secrets.SSH_VM1_PRIVATE_KEY }} | |
| run: | | |
| [ -f ~/.ssh/nspawnvm1.key ] && exit 0 | |
| mkdir -p ~/.ssh/ | |
| echo "$SSH_PRIVATE_KEY" > ~/.ssh/nspawnvm1.key | |
| chmod 400 ~/.ssh/nspawnvm1.key | |
| - name: Adding Known Hosts | |
| run: | | |
| touch ~/.ssh/known_hosts | |
| ssh-keyscan -H ${{ secrets.SSH_VM1_HOST }} >> ~/.ssh/known_hosts | |
| chmod 600 ~/.ssh/known_hosts | |
| # Finally deploy the artifacts | |
| - name: Deploy with rsync | |
| working-directory: ./hub-images | |
| run: rsync -e "ssh -i ~/.ssh/nspawnvm1.key" -auvzP ./output/public/storage/ ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_VM1_HOST }}:/var/www/hub-nspawn/storage/ | |
| - uses: gautamkrishnar/keepalive-workflow@v1 |