--- name: Build bootupd with systemd-boot on: push: branches: [main] pull_request: branches: [main] env: CARGO_TERM_COLOR: always RUST_BACKTRACE: 1 jobs: build: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup apt-cacher-ng run: | echo "Setting up apt-cacher-ng for faster builds..." # Try apt-cacher-ng first, fallback to standard mirrors echo "Checking for apt-cacher-ng availability..." # Quick check with timeout to avoid hanging if timeout 10 curl -s --connect-timeout 5 \ http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then echo "✅ apt-cacher-ng is available, configuring Docker proxy..." # Create Docker daemon configuration for apt-cacher-ng sudo mkdir -p /etc/docker echo '{ "proxies": { "default": { "httpProxy": "http://192.168.1.101:3142", "httpsProxy": "http://192.168.1.101:3142", "noProxy": "localhost,127.0.0.1" } } }' | sudo tee /etc/docker/daemon.json # Restart Docker to apply proxy settings sudo systemctl restart docker echo "Using apt-cacher-ng proxy for faster Docker builds" else echo "⚠️ apt-cacher-ng not available, using standard mirrors..." echo "Using standard Debian mirrors for Docker builds" fi - name: Build Docker image run: | docker build --build-arg release-name=unstable -f Dockerfile \ -t bootupd-sdboot:latest . - name: Build bootupd inside container run: | docker run --rm -v $(pwd):/workspace bootupd-sdboot:latest bash -c " # Setup apt-cacher-ng inside container if available if timeout 5 curl -s --connect-timeout 3 \ http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then echo '✅ Using apt-cacher-ng for package downloads...' echo "deb http://192.168.1.101:3142/ftp.debian.org/debian unstable main contrib non-free" > /etc/apt/sources.list echo "deb-src http://192.168.1.101:3142/ftp.debian.org/debian unstable main contrib non-free" >> /etc/apt/sources.list else echo '⚠️ Using standard Debian mirrors...' echo "deb http://deb.debian.org/debian unstable main contrib non-free" > /etc/apt/sources.list echo "deb-src http://deb.debian.org/debian unstable main contrib non-free" >> /etc/apt/sources.list fi # Update package lists apt update -y # Clone and build bootupd git clone https://github.com/p5/coreos-bootupd.git bootupd && \ cd bootupd && \ git fetch --all && \ git switch origin/sdboot-support -d && \ /root/.cargo/bin/cargo build --release --bins --features systemd-boot && \ install -Dpm0755 -t /usr/bin ./target/release/bootupd && \ ln -s ./bootupd /usr/bin/bootupctl && \ cp /usr/bin/bootupd /workspace/ && \ cp /usr/bin/bootupctl /workspace/ " - name: Create Debian packaging structure run: | echo "Creating Debian packaging structure..." # Create debian directory structure mkdir -p debian touch debian/changelog touch debian/control touch debian/copyright touch debian/bootupd.dirs # Get build information BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}" COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown") SHORT_COMMIT=$(echo "$COMMIT_HASH" | cut -c1-10) # Create changelog printf 'bootupd (0.1.0+%s+%s) unstable; urgency=medium\n\n' \ "$BUILD_NUMBER" "$SHORT_COMMIT" > debian/changelog printf ' * CI build %s\n * Commit: %s\n' \ "$BUILD_NUMBER" "$SHORT_COMMIT" >> debian/changelog printf ' * Built with systemd-boot support\n\n' >> debian/changelog printf " -- CI Build %s\n" \ "$(date -R)" >> debian/changelog # Create control file printf "Source: bootupd\nSection: admin\nPriority: optional\n" \ > debian/control printf 'Maintainer: CI Build \n' >> debian/control printf "Build-Depends: debhelper (>= 13), cargo, rustc\n" >> debian/control printf 'Standards-Version: 4.6.2\n' >> debian/control printf 'Homepage: https://github.com/p5/coreos-bootupd\n\n' >> debian/control printf 'Package: bootupd\nArchitecture: amd64\n' >> debian/control printf 'Depends: libc6 (>= 2.39), libgcc-s1 (>= 3.0), ' >> debian/control printf 'libssl3t64 (>= 3.0.0), systemd (>= 250)\n' >> debian/control printf 'Description: Distribution-independent bootloader update tool ' >> debian/control printf 'with systemd-boot support\n' >> debian/control printf ' Bootupd is a distribution-independent tool for managing ' >> debian/control printf 'bootloader updates.\n' >> debian/control printf ' This package includes systemd-boot support.\n .\n' >> debian/control printf ' Features:\n - systemd-boot support\n' >> debian/control printf ' - Distribution-independent\n - Safe bootloader updates\n' >> debian/control # Create copyright file printf 'Format: https://www.debian.org/doc/packaging-manuals/' > debian/copyright printf 'copyright-format/1.0/\n' >> debian/copyright printf 'Upstream-Name: bootupd\n' >> debian/copyright printf 'Upstream-Contact: https://github.com/p5/coreos-bootupd\n' >> debian/copyright printf 'Source: https://github.com/p5/coreos-bootupd\n\n' >> debian/copyright printf 'Files: *\nCopyright: 2024 CI Build\nLicense: Apache-2.0\n' >> debian/copyright printf ' Permission is hereby granted, free of charge, to any person ' >> debian/copyright printf 'obtaining a copy\n' >> debian/copyright printf ' of this software and associated documentation files (the "Software"), ' >> debian/copyright printf 'to deal\n' >> debian/copyright printf ' in the Software without restriction, including without limitation ' >> debian/copyright printf 'the rights\n' >> debian/copyright printf ' to use, copy, modify, merge, publish, distribute, sublicense, ' >> debian/copyright printf 'and/or sell\n' >> debian/copyright printf ' copies of the Software, and to permit persons to whom the Software is\n' >> debian/copyright printf ' furnished to do so, subject to the following conditions:\n .\n' >> debian/copyright printf ' The above copyright notice and this permission notice shall be ' >> debian/copyright printf 'included in all\n' >> debian/copyright printf ' copies or substantial portions of the Software.\n .\n' >> debian/copyright printf ' THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ' >> debian/copyright printf 'EXPRESS OR\n' >> debian/copyright printf ' IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ' >> debian/copyright printf 'MERCHANTABILITY,\n' >> debian/copyright printf ' FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT ' >> debian/copyright printf 'SHALL THE\n' >> debian/copyright printf ' AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n' >> debian/copyright printf ' LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ' >> debian/copyright printf 'ARISING FROM,\n' >> debian/copyright printf ' OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER ' >> debian/copyright printf 'DEALINGS IN THE\n' >> debian/copyright printf ' SOFTWARE.\n' >> debian/copyright # Create dirs file echo "usr/bin" > debian/bootupd.dirs echo "✅ Debian packaging structure created" - name: Create Debian package run: | echo "Creating Debian package for bootupd..." # Get build information BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}" COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown") SHORT_COMMIT=$(echo "$COMMIT_HASH" | cut -c1-10) # Create package directory structure mkdir -p bootupd-package/usr/bin mkdir -p bootupd-package/DEBIAN # Copy binaries cp bootupd bootupd-package/usr/bin/ cp bootupctl bootupd-package/usr/bin/ chmod +x bootupd-package/usr/bin/bootupd chmod +x bootupd-package/usr/bin/bootupctl # Create control file printf 'Package: bootupd\nVersion: 0.1.0+%s+%s\nSection: admin\n' \ "$BUILD_NUMBER" "$SHORT_COMMIT" > bootupd-package/DEBIAN/control printf 'Priority: optional\nArchitecture: amd64\n' >> bootupd-package/DEBIAN/control printf 'Maintainer: CI Build \n' >> bootupd-package/DEBIAN/control printf 'Depends: libc6 (>= 2.39), libgcc-s1 (>= 3.0), ' >> bootupd-package/DEBIAN/control printf 'libssl3t64 (>= 3.0.0), systemd (>= 250)\n' >> bootupd-package/DEBIAN/control printf 'Description: Distribution-independent bootloader update tool ' >> bootupd-package/DEBIAN/control printf 'with systemd-boot support\n' >> bootupd-package/DEBIAN/control printf ' Bootupd is a distribution-independent tool for managing ' >> bootupd-package/DEBIAN/control printf 'bootloader updates.\n' >> bootupd-package/DEBIAN/control printf ' This package includes systemd-boot support.\n .\n' >> bootupd-package/DEBIAN/control printf ' Features:\n - systemd-boot support\n' >> bootupd-package/DEBIAN/control printf ' - Distribution-independent\n - Safe bootloader updates\n' >> bootupd-package/DEBIAN/control # Build Debian package dpkg-deb --build bootupd-package \ bootupd_0.1.0+${BUILD_NUMBER}+${SHORT_COMMIT}_amd64.deb echo "✅ Debian package created: bootupd_0.1.0+${BUILD_NUMBER}+${SHORT_COMMIT}_amd64.deb" - name: Upload to Forgejo Debian Registry run: | echo "Uploading to Forgejo Debian Registry..." # Set Forgejo configuration FORGEJO_OWNER="particle-os" FORGEJO_DISTRIBUTION="trixie" FORGEJO_COMPONENT="main" # Find the .deb file DEB_FILE=$(ls bootupd_*.deb | head -1) if [ -z "$DEB_FILE" ]; then echo "❌ No .deb file found for upload" exit 1 fi echo "📦 Uploading package: $DEB_FILE" # Extract package info PKG_NAME=$(dpkg-deb -f "$DEB_FILE" Package 2>/dev/null || echo "bootupd") PKG_VERSION=$(dpkg-deb -f "$DEB_FILE" Version 2>/dev/null || echo "unknown") PKG_ARCH=$(dpkg-deb -f "$DEB_FILE" Architecture 2>/dev/null || echo "amd64") echo " Package: $PKG_NAME" echo " Version: $PKG_VERSION" echo " Architecture: $PKG_ARCH" # Forgejo Debian Registry upload URL UPLOAD_URL="https://git.raines.xyz/api/packages/${FORGEJO_OWNER}/debian/pool/${FORGEJO_DISTRIBUTION}/${FORGEJO_COMPONENT}/upload" echo " Upload URL: $UPLOAD_URL" # Upload to Forgejo Debian Registry if [ -n "${{ secrets.ACCESS_TOKEN }}" ]; then echo " 🔐 Using authentication token..." UPLOAD_RESULT=$(curl -s -w "%{http_code}" \ --user "${FORGEJO_OWNER}:${{ secrets.ACCESS_TOKEN }}" \ --upload-file "$DEB_FILE" \ "$UPLOAD_URL" 2>/dev/null) # Extract HTTP status code (last 3 characters) HTTP_CODE=$(echo "$UPLOAD_RESULT" | tail -c 4) # Extract response body (everything except last 3 characters) RESPONSE_BODY=$(echo "$UPLOAD_RESULT" | head -c -4) case $HTTP_CODE in 201) echo " ✅ Successfully published to Forgejo Debian Registry!" echo " 📥 Install with: apt install $PKG_NAME" ;; 409) echo " ⚠️ Package already exists (version conflict)" echo " 💡 Consider deleting old version first" ;; 400) echo " ❌ Bad request - package validation failed" ;; *) echo " ❌ Upload failed with HTTP $HTTP_CODE" echo " Response: $RESPONSE_BODY" ;; esac else echo " ⚠️ No ACCESS_TOKEN secret available - skipping upload" echo " 💡 Set ACCESS_TOKEN secret in repository settings to enable automatic publishing" echo " 📋 Manual upload command:" echo " curl --user your_username:your_token \\" echo " --upload-file $DEB_FILE \\" echo " $UPLOAD_URL" fi echo "" echo "🎯 Debian package publishing complete!" echo "📦 Package is now available in Forgejo Debian Registry" echo "🔧 To install: apt install bootupd" - name: Upload artifacts uses: actions/upload-artifact@v4 with: name: bootupd-binaries path: | bootupd bootupctl bootupd_*.deb