Fix step name #5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "virtualmin.dev: virtualmin/jailkit" | |
| on: | |
| push: | |
| branches: | |
| - main | |
| release: | |
| types: | |
| - prereleased | |
| - released | |
| env: | |
| TZ: Europe/Nicosia | |
| JK_SHA256: "aa27dc1b2dbbbfcec2b970731f44ced7079afc973dc066757cea1beb4e8ce59c" | |
| PKG_RELEASE: ${{ github.run_attempt }} | |
| IS_RELEASE: ${{ github.event_name == 'release' }} | |
| IS_PRERELEASE: ${{ github.event.release.prerelease || false }} | |
| BUILD_BOOTSTRAP: "https://raw.githubusercontent.com/webmin/webmin-ci-cd/main/build/bootstrap.bash" | |
| BUILD_DEPS: "git tar curl gzip coreutils openssh-client gnupg" | |
| jobs: | |
| build-x86_64: | |
| name: Build (x86_64) | |
| runs-on: ubuntu-latest | |
| container: | |
| image: rockylinux:8 | |
| if: ${{ !contains(github.event.head_commit.message, '[no-build]') }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install build deps | |
| run: | | |
| dnf -y install rpm-build make gcc autoconf automake \ | |
| glibc-devel libcap-devel python3 \ | |
| curl tar bzip2 patch findutils | |
| ln -sf /usr/bin/python3 /usr/bin/python || true | |
| ln -snf /usr/share/zoneinfo/$TZ /etc/localtime || true | |
| - name: Compute build number | |
| run: | | |
| if [ "${{ env.IS_RELEASE }}" = "false" ]; then | |
| echo "BUILD_NUMBER=.$(date +%Y%m%d%H%M)" >> "$GITHUB_ENV" | |
| else | |
| echo "BUILD_NUMBER=" >> "$GITHUB_ENV" | |
| fi | |
| grep '^BUILD_NUMBER=' "$GITHUB_ENV" || true | |
| - name: Read upstream version from spec | |
| run: | | |
| UPSTREAM_VER="$(rpmspec -q --qf '%{VERSION}\n' SPECS/jailkit.spec | head -n1)" | |
| echo "UPSTREAM_VER=$UPSTREAM_VER" >> "$GITHUB_ENV" | |
| grep '^UPSTREAM_VER=' "$GITHUB_ENV" || true | |
| - name: Prepare rpmbuild tree | |
| run: | | |
| mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} | |
| cp -v SPECS/jailkit.spec rpmbuild/SPECS/ | |
| cp -v SOURCES/* rpmbuild/SOURCES/ 2>/dev/null || true | |
| - name: Fetch upstream tarball + verify sha256 | |
| run: | | |
| UPSTREAM_VER="$(rpmspec -q --qf '%{VERSION}\n' SPECS/jailkit.spec | head -n1)" | |
| curl -fsSL -o rpmbuild/SOURCES/jailkit-${UPSTREAM_VER}.tar.bz2 \ | |
| "https://olivier.sessink.nl/jailkit/jailkit-${UPSTREAM_VER}.tar.bz2" | |
| echo "${JK_SHA256} rpmbuild/SOURCES/jailkit-${UPSTREAM_VER}.tar.bz2" | sha256sum -c - | |
| - name: Build | |
| run: | | |
| rpmbuild \ | |
| --define "_topdir $PWD/rpmbuild" \ | |
| --define "dist %{nil}" \ | |
| --define "build_number ${BUILD_NUMBER}" \ | |
| --define "pkgrel ${PKG_RELEASE}" \ | |
| -ba rpmbuild/SPECS/jailkit.spec | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: jailkit-rpm-x86_64 | |
| path: | | |
| rpmbuild/RPMS/**/*.rpm | |
| rpmbuild/SRPMS/*.src.rpm | |
| build-aarch64: | |
| name: Build (aarch64) | |
| runs-on: ubuntu-24.04-arm | |
| container: | |
| image: rockylinux:8 | |
| if: ${{ !contains(github.event.head_commit.message, '[no-build]') }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install build deps | |
| run: | | |
| dnf -y install rpm-build make gcc autoconf automake \ | |
| glibc-devel libcap-devel python3 \ | |
| curl tar bzip2 patch findutils | |
| ln -sf /usr/bin/python3 /usr/bin/python || true | |
| ln -snf /usr/share/zoneinfo/$TZ /etc/localtime || true | |
| - name: Compute build number | |
| run: | | |
| if [ "${{ env.IS_RELEASE }}" = "false" ]; then | |
| echo "BUILD_NUMBER=.$(date +%Y%m%d%H%M)" >> "$GITHUB_ENV" | |
| else | |
| echo "BUILD_NUMBER=" >> "$GITHUB_ENV" | |
| fi | |
| grep '^BUILD_NUMBER=' "$GITHUB_ENV" || true | |
| - name: Read upstream version from spec | |
| run: | | |
| UPSTREAM_VER="$(rpmspec -q --qf '%{VERSION}\n' SPECS/jailkit.spec | head -n1)" | |
| echo "UPSTREAM_VER=$UPSTREAM_VER" >> "$GITHUB_ENV" | |
| grep '^UPSTREAM_VER=' "$GITHUB_ENV" || true | |
| - name: Prepare rpmbuild tree | |
| run: | | |
| mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} | |
| cp -v SPECS/jailkit.spec rpmbuild/SPECS/ | |
| cp -v SOURCES/* rpmbuild/SOURCES/ 2>/dev/null || true | |
| - name: Fetch upstream tarball + verify sha256 | |
| run: | | |
| UPSTREAM_VER="$(rpmspec -q --qf '%{VERSION}\n' SPECS/jailkit.spec | head -n1)" | |
| curl -fsSL -o rpmbuild/SOURCES/jailkit-${UPSTREAM_VER}.tar.bz2 \ | |
| "https://olivier.sessink.nl/jailkit/jailkit-${UPSTREAM_VER}.tar.bz2" | |
| echo "${JK_SHA256} rpmbuild/SOURCES/jailkit-${UPSTREAM_VER}.tar.bz2" | sha256sum -c - | |
| - name: Build | |
| run: | | |
| rpmbuild \ | |
| --define "_topdir $PWD/rpmbuild" \ | |
| --define "dist %{nil}" \ | |
| --define "build_number ${BUILD_NUMBER}" \ | |
| --define "pkgrel ${PKG_RELEASE}" \ | |
| -ba rpmbuild/SPECS/jailkit.spec | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: jailkit-rpm-aarch64 | |
| path: | | |
| rpmbuild/RPMS/**/*.rpm | |
| rpmbuild/SRPMS/*.src.rpm | |
| collect: | |
| name: Collect | |
| needs: [build-x86_64, build-aarch64] | |
| runs-on: ubuntu-latest | |
| if: ${{ !contains(github.event.head_commit.message, '[no-build]') }} | |
| steps: | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| path: packages | |
| merge-multiple: true | |
| - run: find packages -type f -name "jailkit-[0-9]*.*.rpm" | sort | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: jailkit-packages | |
| path: packages | |
| retention-days: 30 | |
| publish: | |
| name: Publish using Webmin CI/CD | |
| needs: [collect] | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name != 'pull_request' && !contains(github.event.head_commit.message, '[no-build]') }} | |
| steps: | |
| - name: Install deps | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y ${{ env.BUILD_DEPS }} | |
| sudo timedatectl set-timezone ${{ env.TZ }} | |
| - name: Download packages | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: jailkit-packages | |
| path: packages | |
| - name: Fetch bootstrap | |
| run: curl -fsSLO ${{ env.BUILD_BOOTSTRAP }} | |
| - name: Upload only main packages + sign + rebuild repos | |
| env: | |
| CLOUD__IP_ADDR: ${{ secrets.DEV_IP_ADDR }} | |
| CLOUD__IP_KNOWN_HOSTS: ${{ secrets.DEV_IP_KNOWN_HOSTS }} | |
| CLOUD__UPLOAD_SSH_USER: ${{ secrets.DEV_UPLOAD_SSH_USER }} | |
| CLOUD__UPLOAD_SSH_DIR: ${{ env.IS_RELEASE == 'true' && secrets.PRERELEASE_UPLOAD_SSH_DIR || secrets.DEV_UPLOAD_SSH_DIR }} | |
| CLOUD__SSH_PRV_KEY: ${{ secrets.DEV_SSH_PRV_KEY }} | |
| CLOUD__GPG_PH2: ${{ secrets.ALL_GPG_PH2 }} | |
| CLOUD__GH_TOKEN: ${{ github.token }} | |
| run: |- | |
| source bootstrap.bash \ | |
| $([[ "${{ env.IS_RELEASE }}" == "true" ]] && echo "--release" || echo "--testing") \ | |
| $([[ "${{ env.IS_PRERELEASE }}" == "true" ]] && echo "--prerelease") | |
| mkdir -p "$ROOT_REPOS" | |
| find packages -type f -name 'jailkit-[0-9]*.x86_64.rpm' -exec cp -v {} "$ROOT_REPOS/" \; | |
| find packages -type f -name 'jailkit-[0-9]*.*.x86_64.rpm' -exec cp -v {} "$ROOT_REPOS/" \; | |
| find packages -type f -name 'jailkit-[0-9]*.aarch64.rpm' -exec cp -v {} "$ROOT_REPOS/" \; | |
| find packages -type f -name 'jailkit-[0-9]*.*.aarch64.rpm' -exec cp -v {} "$ROOT_REPOS/" \; | |
| upload_list=("$ROOT_REPOS/"*) | |
| cloud_upload upload_list | |
| cloud_sign_and_build_repos_auto virtualmin.dev |