-
Notifications
You must be signed in to change notification settings - Fork 1
146 lines (134 loc) · 5.49 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# SPDX-FileCopyrightText: 2023-2024 TII (SSRC) and the Ghaf contributors
#
# SPDX-License-Identifier: Apache-2.0
name: build
on:
push:
branches:
- gh_updates
tags:
- "v[0-9]+.[0-9]+.[0-9]*"
workflow_dispatch:
permissions:
contents: read
jobs:
build_target:
runs-on: ubuntu-latest
timeout-minutes: 360
name: Build FMO-OS
steps:
# To use this repository's private action,
# you must check out the repository
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha || github.ref }}
fetch-depth: 0
- name: Generate FMO build version
id: fmo-build-version
shell: bash
run: |
SHA="${{ github.sha }}"
SHORT_SHA="${SHA:0:7}"
REF="${{ github.ref }}"
REF_TYPE="${{ github.ref_type }}"
REF_NAME="${{ github.ref_name }}"
# Set default to "git-<short-sha>"
FMO_BUILD_VERSION="git-$SHORT_SHA"
if [[ "$REF_TYPE" == "tag" ]]; then
FMO_BUILD_VERSION="$REF_NAME"
elif [[ "$REF_TYPE" == "branch" ]]; then
# Check if there's a reachable tag on the branch
if git name-rev --name-only --tags --no-undefined "$REF" 2>/dev/null; then
# Format: <tag-name>-<#-of-commits-since-tag>-<abbrev-hash>
FMO_BUILD_VERSION="$(git describe --tags --abbrev=7 "$REF")"
else
# No reachable parent tag on branch
FMO_BUILD_VERSION="$REF_NAME-g$SHORT_SHA"
fi
fi
echo "SHA: $SHA"
echo "SHORT_SHA: $SHORT_SHA"
echo "REF: $REF"
echo "REF_TYPE: $REF_TYPE"
echo "REF_NAME: $REF_NAME"
echo "FMO_BUILD_VERSION: $FMO_BUILD_VERSION"
echo "FMO_BUILD_VERSION=$FMO_BUILD_VERSION" >> "$GITHUB_ENV"
echo "FMO_BUILD_VERSION=$FMO_BUILD_VERSION" >> "$GITHUB_OUTPUT"
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@main
with:
# this might remove tools that are actually needed,
# if set to "true" but frees about 6 GB
tool-cache: false
# all of these default to true, but feel free to set to
# "false" if necessary for your workflow
android: true
dotnet: true
haskell: true
large-packages: true
docker-images: true
swap-storage: true
- name: Install Nix
uses: cachix/install-nix-action@v30
with:
nix_path: nixpkgs=channel:nixos-unstable
extra_nix_config: |
substitute = true
always-allow-substitutes = true
substituters = https://cache.nixos.org https://nixpkgs.cachix.org https://nixpkgs-unfree.cachix.org https://nix-community.cachix.org
trusted-substituters = https://cache.nixos.org https://nixpkgs.cachix.org https://nixpkgs-unfree.cachix.org https://nix-community.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixpkgs.cachix.org-1:q91R6hxbwFvDqTSDKwDAV4T5PxqXGxswD8vhONFMeOE= nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
- name: Setup Cachix
uses: cachix/cachix-action@v15
with:
name: fmo-os
authToken: '${{ secrets.CACHIX_TOKEN }}'
- name: Prepare build environment
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
run: |
SSH_DIR=$HOME/.ssh
echo "Create SSH directory"
mkdir -p $SSH_DIR
chmod 0700 $SSH_DIR
echo "Add GitHub to known hosts"
ssh-keyscan -t ed25519 -H github.com > $SSH_DIR/known_hosts
chmod 600 $SSH_DIR/known_hosts
echo "Install RA deployment token"
echo "${{ secrets.RA_TOKEN }}" > $SSH_DIR/id_rsa
chmod 600 $SSH_DIR/id_rsa
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add $SSH_DIR/id_rsa
git config --global user.email "[email protected]"
git config --global user.name "GitHub Actions"
- name: Build
run: |
nix flake show
cachix watch-exec fmo-os -- nix build -L --accept-flake-config .#fmo-os-installer-debug
ls -la
#- name: Build
# id: build
# uses: ./.github/actions/build-action
# env:
# FMO_BUILD_VERSION: "${{ steps.fmo-build-version.outputs.BUILD_VERSION }}"
# with:
# BUILD_TARGET: "fmo-os-installer-debug"
# CACHIX_TOKEN: ${{ secrets.CACHIX_TOKEN }}
# RA_TOKEN: ${{ secrets.RA_TOKEN }}
#- name: Push to JFrog artifactory
# uses: ./.github/actions/upload-action-jfrog
# with:
# JFROG_UNAME: ${{ secrets.JFROG_UNAME }}
# JFROG_TOKEN: ${{ secrets.JFROG_TOKEN }}
# JFROG_URL: ${{ secrets.JFROG_URL }}
# input-paths: |
# ${{ steps.build.outputs.outimg }}:tii-fmo-os/releases/FMO-OS_inst_${{ steps.fmo-build-version.outputs.BUILD_VERSION }}.iso
#- name: Push to Harbor artifactory
# uses: ./.github/actions/upload-action-harbor
# with:
# HARBOR_UNAME: ${{ secrets.HARBOR_UNAME }}
# HARBOR_TOKEN: ${{ secrets.HARBOR_TOKEN }}
# HARBOR_URL: ${{ secrets.HARBOR_URL }}
# input-paths: |
# ${{ steps.build.outputs.outimg }}:fmo/pmc-installer:${{ steps.fmo-build-version.outputs.BUILD_VERSION }}