toch is packaging for Debian #109
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build_debian_package | |
run-name: ${{ github.actor }} is packaging for Debian | |
on: [push] | |
env: | |
REPO_NAME: openhexa | |
CODENAME: bookworm | |
COMPONENTS: main | |
ARCHITECTURES: amd64 | |
jobs: | |
package: | |
name: Build Debian package | |
runs-on: ubuntu-latest | |
container: | |
image: debian:bookworm | |
steps: | |
- name: Update APT database | |
run: apt update | |
- name: Obtain Latest Git ONLY within container for checkout | |
run: apt install -y --no-install-recommends git ca-certificates | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Make the working directory safe for Git if run in GitHub runner container | |
run: git config --system --add safe.directory "$PWD" | |
- name: Hack container for local development | |
if: ${{ env.ACT }} | |
run: | | |
apt install -y --no-install-recommends curl | |
curl -fsSL https://deb.nodesource.com/setup_18.x | su -p -c bash - | |
apt install -y nodejs | |
- name: Install devscripts | |
run: apt install -y --no-install-recommends devscripts debhelper build-essential | |
- name: Build package | |
run: | | |
./script/build.sh | |
cp ../openhexa_*_amd64.deb . | |
- name: Keep package | |
uses: actions/upload-artifact@v4 | |
with: | |
name: debian_package_amd64 | |
path: openhexa_*_amd64.deb | |
install: | |
name: Install Debian package | |
needs: | |
- package | |
runs-on: ubuntu-latest | |
# Unfortunately, the postgresql running in the job container can't bind | |
# the docker0 interface as it is not mounted inside the job container. | |
# container: | |
# image: debian:bookworm | |
# options: '--privileged' | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Update APT database | |
run: sudo apt update | |
- name: Install curl and CA certificates | |
run: sudo apt install -y --no-install-recommends curl ca-certificates | |
# this is for job container | |
# - name: Hack container for local development | |
# if: ${{ env.ACT }} | |
# run: | | |
# curl -fsSL https://deb.nodesource.com/setup_18.x | sudo su -p -c bash - | |
# sudo apt install -y nodejs npm | |
# curl -fsSL https://get.docker.com -o /tmp/get-docker.sh | |
# sudo sh /tmp/get-docker.sh | |
- name: Retrieve package | |
uses: actions/download-artifact@v4 | |
with: | |
name: debian_package_amd64 | |
# on Debian bookworkm we can simply install postgresql-postgis, but | |
# because it triggers a restart of another package, we need to be more | |
# specific | |
- name: Install OpenHexa dependencies | |
run: | | |
sudo apt install -y --no-install-recommends gettext-base openssl postgresql postgresql-postgis | |
curl -fsSL https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -o /tmp/yq &&\ | |
sudo mv /tmp/yq /usr/bin/yq &&\ | |
sudo chmod +x /usr/bin/yq | |
- name: Start PostgreSQL if run locally | |
if: ${{ env.ACT }} | |
run: | | |
sudo /etc/init.d/postgresql restart | |
- name: Start PostgreSQL if run on GitHub runner | |
if: ${{ ! env.ACT }} | |
run: | | |
sudo systemctl restart postgresql | |
- name: Install OpenHexa | |
run: | | |
sudo dpkg -i openhexa_*_amd64.deb | |
/usr/share/openhexa/setup.sh -g check | |
- name: Start OpenHexa if run locally | |
if: ${{ env.ACT }} | |
run: /usr/share/openhexa/openhexa.sh -g start | |
- name: Get OpenHexa status | |
run: /usr/share/openhexa/openhexa.sh -g status | |
- name: Install smoke tests dependencies | |
working-directory: ./smoke-tests | |
run: | | |
npm install | |
npm ci | |
- name: Build smoke tests image | |
working-directory: ./smoke-tests | |
run: docker build -t openhexa/smoke-tests . | |
- name: Run smoke tests | |
run: docker run -t --net=host -v "$(pwd)/test-results:/code/test-results" openhexa/smoke-tests http://localhost:3000/ root@openhexa.org root | |
- name: Keep test results | |
uses: actions/upload-artifact@v4 | |
with: | |
name: Smoke tests results | |
path: smoke-test-results/ | |
- name: Stop OpenHexa | |
run: /usr/share/openhexa/openhexa.sh -g stop | |
- name: Remove and purge package | |
run: sudo apt purge -y openhexa | |
create_apt_repo: | |
name: Create APT repo | |
needs: install | |
runs-on: ubuntu-latest | |
outputs: | |
artifact_id: ${{ steps.upload-artifact.outputs.artifact-id }} | |
keyring: ${{ steps.create-apt-repo.outputs.keyring }} | |
steps: | |
- name: Retrieve package | |
uses: actions/download-artifact@v4 | |
with: | |
name: debian_package_amd64 | |
- uses: morph027/apt-repo-action@main | |
id: create-apt-repo | |
with: | |
repo-name: ${{ env.REPO_NAME }} | |
signing-key: ${{ secrets.GPG_OPENHEXA_PRIVATE_KEY }} | |
codename: ${{ env.CODENAME }} | |
components: ${{ env.COMPONENTS }} | |
architectures: ${{ env.ARCHITECTURES }} | |
- name: Upload Pages artifact | |
uses: actions/upload-pages-artifact@v3 | |
with: | |
name: github-pages | |
path: ${{ steps.create-apt-repo.outputs.dir }} | |
deploy_apt_repo: | |
name: Publish apt repo with GitHub Pages | |
permissions: | |
id-token: write | |
pages: write | |
if: github.ref_name == 'main' | |
environment: | |
name: github-pages | |
url: ${{ steps.deployment.outputs.page_url }} | |
runs-on: ubuntu-latest | |
needs: create_apt_repo | |
steps: | |
- name: Deploy to GitHub Pages | |
id: deployment | |
uses: actions/deploy-pages@v4 | |
- name: Adding summary | |
run: | | |
echo ':rocket:' >> $GITHUB_STEP_SUMMARY | |
echo '' >> $GITHUB_STEP_SUMMARY | |
echo '```bash' >> $GITHUB_STEP_SUMMARY | |
echo 'curl -sfLo /etc/apt.trusted.gpg.d/${{ needs.build.outputs.keyring }}.asc ${{ steps.deploy-pages.outputs.page_url }}gpg.key' >> $GITHUB_STEP_SUMMARY | |
echo 'echo "deb ${{ steps.deploy-pages.outputs.page_url }} ${{ env.CODENAME }} ${{ env.COMPONENTS }}" >/etc/apt/sources.list.d/${{ env.REPO_NAME }}.list' >> $GITHUB_STEP_SUMMARY | |
echo '```' >> $GITHUB_STEP_SUMMARY |