JDM170/build
1
0
Fork 0
mirror of https://github.com/armbian/build synced 2025-09-24 19:47:06 +07:00
Code Issues Packages Projects Releases Wiki Activity

Enable advanced CI (#2885)

Browse Source 
* Enable advanced CI
* Disable cron for now# Please enter the commit message for your changes. Lines starting
* Don't delete current CI yet
* Update name
* Bufix
* Check ownership
* Update secrets
This commit is contained in:
Igor Pečovnik
2021-06-09 11:35:26 +02:00
committed by GitHub
parent b6cf5ab6e8
commit e017b28cef
3 changed files with 497 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
.github/workflows/README.md vendored Normal file
View File

@@ -0,0 +1,25 @@
# Runners setup
Common tags:
- self-hosted
- Linux
- X64
- ARM64
- local (local network)
- cache (mounted cache)
- big (16+ cores and 64Gb+ memory)
- small (< 16 cores and 64Gb+ memory)
# Preparing GPG
use gpg1 otherwise signing fails
# Preparing Runner
- make sure to choose proper architecture
- create startup
sudo ./svc.sh install # install
sudo ./svc.sh start # start
sudo ./svc.sh status # check

472
.github/workflows/ci.yml vendored Normal file
View File

@@ -0,0 +1,472 @@
name: Armbian CI
on:
# schedule:
# - cron: '*/15 * * * *'
workflow_dispatch:
# push:
# branches: master
# schedule:
# - cron: '0 */3 * * *'
jobs:
cache:
name: Create rootfs cache
runs-on: [self-hosted, Linux, x64, cache]
if: ${{ github.repository_owner == 'Armbian' }}
steps:
- name: Fix permissions
run: |
sudo chown -R $USER:$USER .
- name: Checkout Armbian build script
uses: actions/checkout@v2
with:
fetch-depth: 0
repository: armbian/build
path: build
ref: nightly
clean: false
- name: Checkout Armbian support scripts
uses: actions/checkout@v2
with:
fetch-depth: 0
repository: armbian/scripts
token: ${{ secrets.PAT }}
path: scripts
clean: true
- name: Build rootfs cache
run: |
echo "BLTPATH=\"$(pwd)/build/\"" | tee scripts/cacherebuild.conf scripts/betarepository.conf >/dev/null
cd build
rm -rf output/images/*
sudo mkdir -p userpatches
sudo cp ../scripts/configs/* userpatches/
[[ ! -f .ignore_changes ]] && sudo touch .ignore_changes
./compile.sh KERNEL_ONLY="yes" BOARD="bananapi" BRANCH="current" KERNEL_CONFIGURE="no" \
USE_TORRENT="yes" REPOSITORY_INSTALL="kernel" 'prepare_host'
sudo rm -f userpatches/targets.conf
cd ../scripts
run-one ./cacherebuild.sh
- name: Import GPG key
if: ${{ success() }}
uses: crazy-max/ghaction-import-gpg@v3
with:
gpg-private-key: ${{ secrets.GPG_KEY1 }}
passphrase: ${{ secrets.GPG_PASSPHRASE1 }}
- name: Sign commit and push changes
if: ${{ success() }}
env:
PASSPHRASE: ${{ secrets.GPG_PASSPHRASE1 }}
run: |
sudo apt-get -y -qq install parallel
cd build/cache/rootfs
(for file in $(ls | cut -d. -f1-4 | sort -u); do
if [ $(ls $file* | wc -l) -lt 3 ]; then
echo "$file"
fi
done) | parallel --jobs 32 'echo '${PASSPHRASE}' | sudo gpg --passphrase-fd 0 --armor --detach-sign --pinentry-mode loopback --batch --yes {}'
# - name: Install SSH key for storage
#
# uses: shimataro/ssh-key-action@v2
# with:
# key: ${{ secrets.KEY_TORRENTS }}
# known_hosts: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
# if_key_exists: replace
#
# - name: Upload artefacts
# if: ${{ success() }}
# run: |
# sudo apt-get -y -qq install lftp
# sudo chown -R $USER:$USER $(pwd)/build/cache/rootfs/
# lftp -u upload, -e "set net:timeout 4;set net:max-retries 6;mirror -R --delete --no-empty-dirs --parallel=8 --no-perms $(pwd)/build/cache/rootfs/ rootfs/ ;bye" sftp://users.armbian.com
docker:
name: Docker image on x86
runs-on: [self-hosted, Linux, x64]
if: ${{ github.repository_owner == 'Armbian' }}
steps:
- name: Fix permissions
run: |
sudo chown -R $USER:$USER .
- name: Checkout Armbian build script
uses: actions/checkout@v2
with:
fetch-depth: 0
repository: armbian/build
path: build
ref: nightly
clean: false
- name: Build Docker image
run: |
cd build
sed -i "s/-it --rm/-i --rm/" config/templates/config-docker.conf
touch .ignore_changes
./compile.sh dockerpurge KERNEL_ONLY="yes" BOARD="bananapi" BRANCH="current" KERNEL_CONFIGURE="no" \
USE_TORRENT="yes" REPOSITORY_INSTALL="kernel" 'prepare_host'
sed -i "s/-it --rm/-i --rm/" userpatches/config-docker.conf
docker-arm64:
name: Docker image on arm64
runs-on: [self-hosted, Linux, ARM64]
if: ${{ github.repository_owner == 'Armbian' }}
steps:
- name: Fix permissions
run: |
sudo chown -R $USER:$USER .
- name: Checkout Armbian build script
uses: actions/checkout@v2
with:
fetch-depth: 0
repository: armbian/build
path: build
ref: nightly
clean: false
- name: Build Docker image
run: |
cd build
sed -i "s/-it --rm/-i --rm/" config/templates/config-docker.conf
[[ ! -f .ignore_changes ]] && sudo touch .ignore_changes
./compile.sh dockerpurge KERNEL_ONLY="yes" BOARD="bananapi" BRANCH="current" KERNEL_CONFIGURE="no" \
USE_TORRENT="yes" REPOSITORY_INSTALL="kernel" 'prepare_host'
sed -i "s/-it --rm/-i --rm/" userpatches/config-docker.conf
beta-kernels:
#
# Whenever kernel sources, patches or config are changed, we rebuild kernels + BSP and push
# them to https://beta.armbian.com repository.
#
name: Changed beta kernels
runs-on: [self-hosted, Linux, x64, big]
if: ${{ github.repository_owner == 'Armbian' }}
steps:
- name: Fix permissions
run: |
sudo chown -R $USER:$USER .
- name: Checkout Armbian build script
uses: actions/checkout@v2
with:
fetch-depth: 0
repository: armbian/build
path: build
token: ${{ secrets.TEST }}
ref: nightly
clean: false
- name: Checkout Armbian support scripts
uses: actions/checkout@v2
with:
fetch-depth: 0
repository: armbian/scripts
token: ${{ secrets.PAT }}
path: scripts
clean: true
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v3
with:
gpg-private-key: ${{ secrets.GPG_KEY2 }}
passphrase: ${{ secrets.GPG_PASSPHRASE2 }}
workdir: scripts
git-user-signingkey: true
git-commit-gpgsign: true
- name: Build all changed kernels
run: |
cd build
rm -rf output/debs-beta/*
[[ ! -f .ignore_changes ]] && sudo touch .ignore_changes
./compile.sh KERNEL_ONLY="yes" BOARD="bananapi" BRANCH="current" KERNEL_CONFIGURE="no" \
REPOSITORY_INSTALL="u-boot,kernel" 'prepare_host'
mkdir -p cache/hash-beta
sudo rsync -ar --delete ../scripts/hash-beta/. cache/hash-beta/
sudo cp ../scripts/configs/* userpatches/
sudo rm -f userpatches/targets.conf
./compile.sh all-new-beta-kernels
cd ../scripts
sudo git clean -ffdx && git reset --hard HEAD
cd ../build
sudo rsync -ar --delete cache/hash-beta/. ../scripts/hash-beta/
if [[ $(cat .tmp/n 2> /dev/null) -ne 0 ]]; then
cd ../scripts/
sudo chown -R $USER:$USER .
if git status --porcelain | grep .; then
git pull
git add .
git commit -m "Update hashes for beta repository"
git push
fi
fi
- name: Make BSP packages
if: ${{ success() }}
run: |
cd build
sudo rm -f .tmp/bump
if [[ $(cat .tmp/n 2> /dev/null) -ne 0 ]]; then
./compile.sh all-new-beta-bsp
sudo touch .tmp/bump
fi
- name: Bump version
if: ${{ success() }}
run: |
cd build
if [[ "$(git symbolic-ref --short -q HEAD)" == nightly && -f .tmp/bump ]]; then
sudo rm -f .tmp/bump
CURRENT_VERSION=$(cat VERSION)
NEW_VERSION="${CURRENT_VERSION%%-trunk}"
if [[ $CURRENT_VERSION == *trunk* ]]; then
NEW_VERSION=$(echo "${CURRENT_VERSION}" | cut -d. -f1-3)"."$((${NEW_VERSION##*.} + 1))
else
NEW_VERSION=$(echo "${CURRENT_VERSION}" | cut -d. -f1-2)"."$((${NEW_VERSION##*.} + 1))
fi
sudo git checkout -f
sudo chown -R $USER:$USER .
git pull
echo "${NEW_VERSION}" > VERSION
git config --global user.email "info@armbian.com"
git config --global user.name "Armbianworker"
git add VERSION
git commit -m "Bumping to new version" -m "" -m "Adding following kernels:" -m "$(find output/debs-beta/ -type f -name "linux-image*${CURRENT_VERSION}*.deb" -printf "%f\n" | sort)"
git push
fi
- name: Install SSH key for repository
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.KEY_TORRENTS }}
known_hosts: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
if_key_exists: replace
- name: Deploy to server
if: ${{ success() }}
run: |
sudo apt-get -y -qq install lftp
sudo chown -R $USER:$USER $(pwd)/build/output/debs-beta/
lftp -u upload, -e "set net:timeout 4;set net:max-retries 6;mirror --Remove-source-files -R --no-empty-dirs --parallel=8 --no-perms $(pwd)/build/output/debs-beta/ debs-beta/ ;bye" sftp://users.armbian.com
edge-stable:
#
# Whenever edge kernel sources, patches or config are changed, we rebuild kernels + BSP and push
# them to https://beta.armbian.com repository.
#
# EDGE kernel sources are most recent mainline based
#
name: Changed stable edge kernels
runs-on: [self-hosted, Linux, x64, big]
if: ${{ github.repository_owner == 'Armbian' }}
steps:
- name: Fix permissions
run: |
sudo chown -R $USER:$USER .
- name: Checkout Armbian build script
uses: actions/checkout@v2
with:
fetch-depth: 0
repository: armbian/build
path: build
ref: nightly
clean: false
- name: Checkout Armbian support scripts
uses: actions/checkout@v2
with:
fetch-depth: 0
repository: armbian/scripts
token: ${{ secrets.PAT }}
path: scripts
clean: true
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v3
with:
gpg-private-key: ${{ secrets.GPG_KEY2 }}
passphrase: ${{ secrets.GPG_PASSPHRASE2 }}
workdir: scripts
git-user-signingkey: true
git-commit-gpgsign: true
- name: Build all edge changed kernels for stable repository
run: |
cd build
rm -rf output/debs/*
[[ ! -f .ignore_changes ]] && sudo touch .ignore_changes
./compile.sh KERNEL_ONLY="yes" BOARD="bananapi" BRANCH="current" KERNEL_CONFIGURE="no" \
REPOSITORY_INSTALL="kernel" 'prepare_host'
mkdir -p cache/hash/
sudo rsync -ar --delete ../scripts/hash/. cache/hash/
sudo cp ../scripts/configs/* userpatches/
cat config/targets.conf | grep edge | grep cli | grep hirsute | sudo tee userpatches/targets.conf 1>/dev/null
sudo sed -i "s/-it --rm/-i --rm/" userpatches/config-docker.conf
./compile.sh all-new-stable-kernels
# upgrade only kernel packages
rm -f output/debs/armbian-* 2> /dev/null
rm -f output/debs/linux-libc-* 2> /dev/null
find output/debs -mindepth 1 -maxdepth 1 -type d -print0 | xargs -0 sudo rm -R 2> /dev/null
sudo rsync -ar --delete cache/hash/. ../scripts/hash/
if [[ $(cat .tmp/n 2> /dev/null) -ne 0 ]]; then
cd ../scripts/hash
if git status --porcelain | grep .; then
git pull
git add .
git commit -m "Update hashes for stable repository"
git push
fi
fi
- name: Install SSH key for storage
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.KEY_TORRENTS }}
known_hosts: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
if_key_exists: replace
- name: Deploy to server
if: ${{ success() }}
run: |
sudo apt-get -y -qq install lftp
sudo chown -R $USER:$USER $(pwd)/build/output/debs-beta/
lftp -u upload, -e "set net:timeout 4;set net:max-retries 6;mirror --Remove-source-files -R --no-empty-dirs --parallel=8 --no-perms $(pwd)/build/output/debs/ debs/ ;bye" sftp://users.armbian.com
repository:
#
# Rebuild package repository
#
name: Update package repository
needs: [beta-kernels, edge-stable]
runs-on: [self-hosted, Linux, local]
if: ${{ github.repository_owner == 'Armbian' }}
steps:
- name: Install SSH key for repository
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.KEY_REPOSITORY }}
name: id_repository # optional
known_hosts: ${{ secrets.KNOWN_HOSTS_REPOSITORY }}
if_key_exists: replace
- name: Update repository
run: ssh -T -i ~/.ssh/id_repository ${{ secrets.USER_REPOSITORY }}@${{ secrets.HOST_REPOSITORY }}
torrents:
#
# Rebuilt torrent files for rootfs cache
#
name: Update download infrastructure
needs: [cache]
runs-on: [self-hosted, Linux, local]
if: ${{ github.repository_owner == 'Armbian' }}
steps:
- name: Install SSH key for torrent
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.KEY_TORRENTS }}
name: id_torrent # optional
known_hosts: ${{ secrets.KNOWN_HOSTS_TORRENTS }}
if_key_exists: replace
- name: Create torrents
run: ssh -T -i ~/.ssh/id_torrent ${{ secrets.USER_TORRENTS }}@${{ secrets.HOST_TORRENTS }}
finish:
name: Finish
needs: [repository, edge-stable, torrents]
runs-on: [self-hosted, Linux]
if: ${{ github.repository_owner == 'Armbian' }}
steps:
- name: Run script
run: |
echo "Finish"

0
.github/workflows/build-and-upload-docker-image-to-hub.yml → .github/workflows/docker.hub.yml vendored
View File