test #169
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: 2023-2024 TII (SSRC) and the Ghaf contributors | |
| # | |
| # SPDX-License-Identifier: Apache-2.0 | |
| name: build | |
| on: | |
| push: | |
| branches: | |
| - gh_updates | |
| tags: | |
| - "v[0-9]+.[0-9]+.[0-9]*" | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| jobs: | |
| build_target: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 360 | |
| name: Build FMO-OS | |
| steps: | |
| # To use this repository's private action, | |
| # you must check out the repository | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
| fetch-depth: 0 | |
| - name: Generate FMO build version | |
| id: fmo-build-version | |
| shell: bash | |
| run: | | |
| SHA="${{ github.sha }}" | |
| SHORT_SHA="${SHA:0:7}" | |
| REF="${{ github.ref }}" | |
| REF_TYPE="${{ github.ref_type }}" | |
| REF_NAME="${{ github.ref_name }}" | |
| # Set default to "git-<short-sha>" | |
| FMO_BUILD_VERSION="git-$SHORT_SHA" | |
| if [[ "$REF_TYPE" == "tag" ]]; then | |
| FMO_BUILD_VERSION="$REF_NAME" | |
| elif [[ "$REF_TYPE" == "branch" ]]; then | |
| # Check if there's a reachable tag on the branch | |
| if git name-rev --name-only --tags --no-undefined "$REF" 2>/dev/null; then | |
| # Format: <tag-name>-<#-of-commits-since-tag>-<abbrev-hash> | |
| FMO_BUILD_VERSION="$(git describe --tags --abbrev=7 "$REF")" | |
| else | |
| # No reachable parent tag on branch | |
| FMO_BUILD_VERSION="$REF_NAME-g$SHORT_SHA" | |
| fi | |
| fi | |
| echo "SHA: $SHA" | |
| echo "SHORT_SHA: $SHORT_SHA" | |
| echo "REF: $REF" | |
| echo "REF_TYPE: $REF_TYPE" | |
| echo "REF_NAME: $REF_NAME" | |
| echo "FMO_BUILD_VERSION: $FMO_BUILD_VERSION" | |
| #echo "FMO_BUILD_VERSION=$FMO_BUILD_VERSION" >> "$GITHUB_ENV" | |
| echo "FMO_BUILD_VERSION=$FMO_BUILD_VERSION" >> "$GITHUB_OUTPUT" | |
| - name: Free Disk Space (Ubuntu) | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| # this might remove tools that are actually needed, | |
| # if set to "true" but frees about 6 GB | |
| tool-cache: true | |
| # all of these default to true, but feel free to set to | |
| # "false" if necessary for your workflow | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: true | |
| docker-images: true | |
| swap-storage: true | |
| - name: Install Nix | |
| id: install-nix | |
| uses: cachix/install-nix-action@v30 | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable | |
| extra_nix_config: | | |
| substitute = true | |
| always-allow-substitutes = true | |
| substituters = https://cache.nixos.org https://nixpkgs.cachix.org https://nixpkgs-unfree.cachix.org https://nix-community.cachix.org | |
| trusted-substituters = https://cache.nixos.org https://nixpkgs.cachix.org https://nixpkgs-unfree.cachix.org https://nix-community.cachix.org | |
| trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixpkgs.cachix.org-1:q91R6hxbwFvDqTSDKwDAV4T5PxqXGxswD8vhONFMeOE= nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= | |
| - name: Setup Cachix | |
| id: setup-cachix | |
| uses: cachix/cachix-action@v15 | |
| with: | |
| name: fmo-os | |
| authToken: '${{ secrets.CACHIX_TOKEN }}' | |
| - name: Prepare build environment | |
| id: prepare-build | |
| env: | |
| SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| run: | | |
| SSH_DIR=$HOME/.ssh | |
| mkdir -p $SSH_DIR | |
| chmod 0700 $SSH_DIR | |
| ssh-keyscan -t ed25519 -H github.com > $SSH_DIR/known_hosts | |
| chmod 600 $SSH_DIR/known_hosts | |
| echo "${{ secrets.RA_TOKEN }}" > $SSH_DIR/id_rsa | |
| chmod 600 $SSH_DIR/id_rsa | |
| ssh-agent -a $SSH_AUTH_SOCK > /dev/null | |
| ssh-add $SSH_DIR/id_rsa | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "GitHub Actions" | |
| - name: Build | |
| id: build | |
| env: | |
| FMO_BUILD_VERSION: "${{ steps.fmo-build-version.outputs.FMO_BUILD_VERSION }}" | |
| run: | | |
| nix flake show | |
| cachix watch-exec fmo-os -- nix build -L --accept-flake-config .#fmo-os-installer-debug | |
| if ! [[ -f ./result/iso/nixos.iso ]]; then | |
| echo "No output image found, build failed!" >&2 | |
| exit 1 | |
| fi | |
| output="$(readlink -f ./result/iso/nixos.iso)" | |
| echo "Output image: $output" | |
| echo "OUTPUT_IMAGE=$output" >> "$GITHUB_OUTPUT" | |
| #- name: Push to JFrog artifactory | |
| # uses: ./.github/actions/upload-action-jfrog | |
| # with: | |
| # JFROG_UNAME: ${{ secrets.JFROG_UNAME }} | |
| # JFROG_TOKEN: ${{ secrets.JFROG_TOKEN }} | |
| # JFROG_URL: ${{ secrets.JFROG_URL }} | |
| # input-paths: | | |
| # ${{ steps.build.outputs.outimg }}:tii-fmo-os/releases/FMO-OS_inst_${{ steps.fmo-build-version.outputs.BUILD_VERSION }}.iso | |
| #- name: Push to Harbor artifactory | |
| # uses: ./.github/actions/upload-action-harbor | |
| # with: | |
| # HARBOR_UNAME: ${{ secrets.HARBOR_UNAME }} | |
| # HARBOR_TOKEN: ${{ secrets.HARBOR_TOKEN }} | |
| # HARBOR_URL: ${{ secrets.HARBOR_URL }} | |
| # input-paths: | | |
| # ${{ steps.build.outputs.outimg }}:fmo/pmc-installer:${{ steps.fmo-build-version.outputs.BUILD_VERSION }} |