-
Notifications
You must be signed in to change notification settings - Fork 46
72 lines (68 loc) · 2.13 KB
/
nightlies.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
name: Nightlies
on:
schedule:
- cron: "0 6 * * *"
push:
branches:
- main
# Only allow one job to run at a time because we're pushing to git repos;
# the string value doesn't matter, just that it's a fixed string.
concurrency:
group: "just-one-please"
defaults:
run:
shell: bash
jobs:
build-rpm:
runs-on: ubuntu-latest
container:
image: registry.fedoraproject.org/fedora:37
steps:
- run: dnf install -y make git
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install dependencies
run: make build-deps
- name: Build RPM
run: |
git config --global --add safe.directory '*'
# Version format is "${VERSION}-0.YYYYMMDDHHMMSS.fXX", which sorts lower than "${VERSION}-1"
rpmdev-bumpspec --new="$(cat VERSION)-0.$(date +%Y%m%d%H%M%S)%{?dist}" rpm-build/SPECS/*.spec
make build-rpm
- uses: actions/upload-artifact@v4
id: upload
with:
name: rpm-build
path: rpm-build/RPMS/noarch/*.rpm
if-no-files-found: error
commit-and-push:
runs-on: ubuntu-latest
container: debian:bookworm
needs:
- build-rpm
steps:
- name: Install dependencies
run: |
apt-get update && apt-get install --yes git git-lfs
- uses: actions/download-artifact@v4
with:
pattern: "*"
- uses: actions/checkout@v4
with:
repository: "freedomofpress/securedrop-yum-test"
path: "securedrop-yum-test"
lfs: true
token: ${{ secrets.PUSH_TOKEN }}
# We need to store credentials here
persist-credentials: true
- name: Commit and push
run: |
git config --global user.email "[email protected]"
git config --global user.name "sdcibot"
cd securedrop-yum-test
mkdir -p workstation/dom0/f37-nightlies
cp -v ../rpm-build/*.rpm workstation/dom0/f37-nightlies/
git add .
git diff-index --quiet HEAD || git commit -m "Automated SecureDrop workstation build"
git push origin main