particle-os/bootupd-sdboot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
bootupd-sdboot/.forgejo/workflows/ci.yml
Workflow config file is invalid. Please check your config file: yaml: line 88: could not find expected ':'
robojerk c52f2c9a69 Fix shell escaping in apt sources configuration 
- Revert to ftp.us.debian.org (valid Debian mirror)
- Use single quotes to prevent shell interpretation of URLs
- Fixes syntax error: unexpected end of file
- Both apt-cacher-ng and standard mirrors now properly quoted
2025-09-05 10:30:58 -07:00

307 lines
14 KiB
YAML
Raw Blame History

---
name: Build bootupd with systemd-boot
on:
push:
branches: [main]
pull_request:
branches: [main]
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout code
run: |
echo "Cloning repository..."
git clone https://git.raines.xyz/particle-os/bootupd-sdboot.git /tmp/bootupd-sdboot
cd /tmp/bootupd-sdboot
git fetch --all
git checkout ${{ github.sha || gitea.sha || 'main' }}
- name: Setup apt-cacher-ng
run: |
echo "Setting up apt-cacher-ng for faster builds..."
# Try apt-cacher-ng first, fallback to standard mirrors
echo "Checking for apt-cacher-ng availability..."
# Quick check with timeout to avoid hanging
if timeout 10 curl -s --connect-timeout 5 \
http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then
echo "✅ apt-cacher-ng is available, configuring Docker proxy..."
# Create Docker daemon configuration for apt-cacher-ng
sudo mkdir -p /etc/docker
echo '{
"proxies": {
"default": {
"httpProxy": "http://192.168.1.101:3142",
"httpsProxy": "http://192.168.1.101:3142",
"noProxy": "localhost,127.0.0.1"
}
}
}' | sudo tee /etc/docker/daemon.json
# Note: Docker daemon restart requires systemd, which isn't available in CI
# The proxy configuration will be used by Docker builds
echo "Docker proxy configuration created (restart not possible in CI)"
else
echo "⚠️ apt-cacher-ng not available, using standard mirrors..."
echo "Using standard Debian mirrors for Docker builds"
fi
- name: Build Docker image
run: |
cd /tmp/bootupd-sdboot
docker build --build-arg release_name=unstable -f Dockerfile \
-t bootupd-sdboot:latest .
- name: Build bootupd inside container
run: |
cd /tmp/bootupd-sdboot
docker run --rm -v $(pwd):/workspace bootupd-sdboot:latest bash -c "
# Setup apt-cacher-ng inside container if available
if timeout 5 curl -s --connect-timeout 3 \
http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then
echo '✅ Using apt-cacher-ng for package downloads...'
echo 'deb http://192.168.1.101:3142/ftp.us.debian.org/debian unstable main' > /etc/apt/sources.list
echo 'deb-src http://192.168.1.101:3142/ftp.us.debian.org/debian unstable main' >> /etc/apt/sources.list
else
echo '⚠️ Using standard Debian mirrors...'
echo 'deb http://deb.debian.org/debian unstable main' > /etc/apt/sources.list
echo 'deb-src http://deb.debian.org/debian unstable main' >> /etc/apt/sources.list
fi
# Update package lists
apt update -y
# Clone and build bootupd
git clone https://github.com/p5/coreos-bootupd.git bootupd && \
cd bootupd && \
git fetch --all && \
git switch origin/sdboot-support -d && \
/root/.cargo/bin/cargo build --release --bins --features systemd-boot && \
install -Dpm0755 -t /usr/bin ./target/release/bootupd && \
ln -s ./bootupd /usr/bin/bootupctl && \
cp /usr/bin/bootupd /workspace/ && \
cp /usr/bin/bootupctl /workspace/
"
- name: Create Debian packaging structure
run: |
cd /tmp/bootupd-sdboot
echo "Creating Debian packaging structure..."
# Create debian directory structure
mkdir -p debian
touch debian/changelog
touch debian/control
touch debian/copyright
touch debian/bootupd.dirs
# Get build information
BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}"
COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown")
SHORT_COMMIT=$(echo "$COMMIT_HASH" | cut -c1-10)
# Create changelog
printf 'bootupd (0.1.0+%s+%s) unstable; urgency=medium\n\n' \
"$BUILD_NUMBER" "$SHORT_COMMIT" > debian/changelog
printf ' * CI build %s\n * Commit: %s\n' \
"$BUILD_NUMBER" "$SHORT_COMMIT" >> debian/changelog
printf ' * Built with systemd-boot support\n\n' >> debian/changelog
printf " -- CI Build <ci@example.com> %s\n" \
"$(date -R)" >> debian/changelog
# Create control file
printf "Source: bootupd\nSection: admin\nPriority: optional\n" \
> debian/control
printf 'Maintainer: CI Build <ci@example.com>\n' >> debian/control
printf "Build-Depends: debhelper (>= 13), cargo, rustc\n" >> debian/control
printf 'Standards-Version: 4.6.2\n' >> debian/control
printf 'Homepage: https://github.com/p5/coreos-bootupd\n\n' >> debian/control
printf 'Package: bootupd\nArchitecture: amd64\n' >> debian/control
printf 'Depends: libc6 (>= 2.39), libgcc-s1 (>= 3.0), ' >> debian/control
printf 'libssl3t64 (>= 3.0.0), systemd (>= 250)\n' >> debian/control
printf 'Description: Distribution-independent bootloader update tool ' >> debian/control
printf 'with systemd-boot support\n' >> debian/control
printf ' Bootupd is a distribution-independent tool for managing ' >> debian/control
printf 'bootloader updates.\n' >> debian/control
printf ' This package includes systemd-boot support.\n .\n' >> debian/control
printf ' Features:\n - systemd-boot support\n' >> debian/control
printf ' - Distribution-independent\n - Safe bootloader updates\n' >> debian/control
# Create copyright file
printf 'Format: https://www.debian.org/doc/packaging-manuals/' > debian/copyright
printf 'copyright-format/1.0/\n' >> debian/copyright
printf 'Upstream-Name: bootupd\n' >> debian/copyright
printf 'Upstream-Contact: https://github.com/p5/coreos-bootupd\n' >> debian/copyright
printf 'Source: https://github.com/p5/coreos-bootupd\n\n' >> debian/copyright
printf 'Files: *\nCopyright: 2024 CI Build\nLicense: Apache-2.0\n' >> debian/copyright
printf ' Permission is hereby granted, free of charge, to any person ' >> debian/copyright
printf 'obtaining a copy\n' >> debian/copyright
printf ' of this software and associated documentation files (the "Software"), ' >> debian/copyright
printf 'to deal\n' >> debian/copyright
printf ' in the Software without restriction, including without limitation ' >> debian/copyright
printf 'the rights\n' >> debian/copyright
printf ' to use, copy, modify, merge, publish, distribute, sublicense, ' >> debian/copyright
printf 'and/or sell\n' >> debian/copyright
printf ' copies of the Software, and to permit persons to whom the Software is\n' >> debian/copyright
printf ' furnished to do so, subject to the following conditions:\n .\n' >> debian/copyright
printf ' The above copyright notice and this permission notice shall be ' >> debian/copyright
printf 'included in all\n' >> debian/copyright
printf ' copies or substantial portions of the Software.\n .\n' >> debian/copyright
printf ' THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ' >> debian/copyright
printf 'EXPRESS OR\n' >> debian/copyright
printf ' IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ' >> debian/copyright
printf 'MERCHANTABILITY,\n' >> debian/copyright
printf ' FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT ' >> debian/copyright
printf 'SHALL THE\n' >> debian/copyright
printf ' AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n' >> debian/copyright
printf ' LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ' >> debian/copyright
printf 'ARISING FROM,\n' >> debian/copyright
printf ' OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER ' >> debian/copyright
printf 'DEALINGS IN THE\n' >> debian/copyright
printf ' SOFTWARE.\n' >> debian/copyright
# Create dirs file
echo "usr/bin" > debian/bootupd.dirs
echo "✅ Debian packaging structure created"
- name: Create Debian package
run: |
cd /tmp/bootupd-sdboot
echo "Creating Debian package for bootupd..."
# Get build information
BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}"
COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown")
SHORT_COMMIT=$(echo "$COMMIT_HASH" | cut -c1-10)
# Create package directory structure
mkdir -p bootupd-package/usr/bin
mkdir -p bootupd-package/DEBIAN
# Copy binaries
cp bootupd bootupd-package/usr/bin/
cp bootupctl bootupd-package/usr/bin/
chmod +x bootupd-package/usr/bin/bootupd
chmod +x bootupd-package/usr/bin/bootupctl
# Create control file
printf 'Package: bootupd\nVersion: 0.1.0+%s+%s\nSection: admin\n' \
"$BUILD_NUMBER" "$SHORT_COMMIT" > bootupd-package/DEBIAN/control
printf 'Priority: optional\nArchitecture: amd64\n' >> bootupd-package/DEBIAN/control
printf 'Maintainer: CI Build <ci@example.com>\n' >> bootupd-package/DEBIAN/control
printf 'Depends: libc6 (>= 2.39), libgcc-s1 (>= 3.0), ' >> bootupd-package/DEBIAN/control
printf 'libssl3t64 (>= 3.0.0), systemd (>= 250)\n' >> bootupd-package/DEBIAN/control
printf 'Description: Distribution-independent bootloader update tool ' >> bootupd-package/DEBIAN/control
printf 'with systemd-boot support\n' >> bootupd-package/DEBIAN/control
printf ' Bootupd is a distribution-independent tool for managing ' >> bootupd-package/DEBIAN/control
printf 'bootloader updates.\n' >> bootupd-package/DEBIAN/control
printf ' This package includes systemd-boot support.\n .\n' >> bootupd-package/DEBIAN/control
printf ' Features:\n - systemd-boot support\n' >> bootupd-package/DEBIAN/control
printf ' - Distribution-independent\n - Safe bootloader updates\n' >> bootupd-package/DEBIAN/control
# Build Debian package
dpkg-deb --build bootupd-package \
bootupd_0.1.0+${BUILD_NUMBER}+${SHORT_COMMIT}_amd64.deb
echo "✅ Debian package created: bootupd_0.1.0+${BUILD_NUMBER}+${SHORT_COMMIT}_amd64.deb"
- name: Upload to Forgejo Debian Registry
run: |
cd /tmp/bootupd-sdboot
echo "Uploading to Forgejo Debian Registry..."
# Set Forgejo configuration
FORGEJO_OWNER="particle-os"
FORGEJO_DISTRIBUTION="trixie"
FORGEJO_COMPONENT="main"
# Find the .deb file
DEB_FILE=$(ls bootupd_*.deb | head -1)
if [ -z "$DEB_FILE" ]; then
echo "❌ No .deb file found for upload"
exit 1
fi
echo "📦 Uploading package: $DEB_FILE"
# Extract package info
PKG_NAME=$(dpkg-deb -f "$DEB_FILE" Package 2>/dev/null || echo "bootupd")
PKG_VERSION=$(dpkg-deb -f "$DEB_FILE" Version 2>/dev/null || echo "unknown")
PKG_ARCH=$(dpkg-deb -f "$DEB_FILE" Architecture 2>/dev/null || echo "amd64")
echo " Package: $PKG_NAME"
echo " Version: $PKG_VERSION"
echo " Architecture: $PKG_ARCH"
# Forgejo Debian Registry upload URL
UPLOAD_URL="https://git.raines.xyz/api/packages/${FORGEJO_OWNER}/debian/pool/${FORGEJO_DISTRIBUTION}/${FORGEJO_COMPONENT}/upload"
echo " Upload URL: $UPLOAD_URL"
# Upload to Forgejo Debian Registry
if [ -n "${{ secrets.ACCESS_TOKEN }}" ]; then
echo " 🔐 Using authentication token..."
UPLOAD_RESULT=$(curl -s -w "%{http_code}" \
--user "${FORGEJO_OWNER}:${{ secrets.ACCESS_TOKEN }}" \
--upload-file "$DEB_FILE" \
"$UPLOAD_URL" 2>/dev/null)
# Extract HTTP status code (last 3 characters)
HTTP_CODE=$(echo "$UPLOAD_RESULT" | tail -c 4)
# Extract response body (everything except last 3 characters)
RESPONSE_BODY=$(echo "$UPLOAD_RESULT" | head -c -4)
case $HTTP_CODE in
201)
echo " ✅ Successfully published to Forgejo Debian Registry!"
echo " 📥 Install with: apt install $PKG_NAME"
;;
409)
echo " ⚠️ Package already exists (version conflict)"
echo " 💡 Consider deleting old version first"
;;
400)
echo " ❌ Bad request - package validation failed"
;;
*)
echo " ❌ Upload failed with HTTP $HTTP_CODE"
echo " Response: $RESPONSE_BODY"
;;
esac
else
echo " ⚠️ No ACCESS_TOKEN secret available - skipping upload"
echo " 💡 Set ACCESS_TOKEN secret in repository settings to enable automatic publishing"
echo " 📋 Manual upload command:"
echo " curl --user your_username:your_token \\"
echo " --upload-file $DEB_FILE \\"
echo " $UPLOAD_URL"
fi
echo ""
echo "🎯 Debian package publishing complete!"
echo "📦 Package is now available in Forgejo Debian Registry"
echo "🔧 To install: apt install bootupd"
- name: Upload artifacts
run: |
cd /tmp/bootupd-sdboot
echo "Creating artifact directory..."
mkdir -p /tmp/artifacts
cp bootupd bootupctl bootupd_*.deb /tmp/artifacts/ 2>/dev/null || true
echo "Artifacts created in /tmp/artifacts/"
ls -la /tmp/artifacts/
Reference in a new issue View git blame Copy permalink