builder, run, ci: setup fixed and rolling repos

The release version has the following format: 8-<owrt_release>-ns.<nethsecurity_release>[-<commit_since_last_tag>]-g<commit_hash>] Each release has 2 repositories: - a fixed repository which contains packages and images from the build, this repository does not change and it's not used by the running images - a rolling repository which is used by the running images, it contains all updates compatibile within the same major OpenWRT release Dev example: 23.05.2-ns.0.0.1-217-g8786a2b Fixed repository: dev/23.05.2-ns.0.0.1-217-g8786a2b Rolling repository: dev/23.05.2 Stable example: 23.05.2-ns.0.0.1 Fixed repository: stable/23.05.2-ns.0.0.1 Rolling repository: stable/23.05.2
NethServer · Jan 23, 2024 · e951459 · e951459
1 parent 8786a2b
commit e951459
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 13 deletions.
diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml
@@ -35,7 +35,7 @@ jobs:
         name: Build the image
         run: |
           # Build the image
-          # The run script will set VERSION and CHANNEL env variable
+          # The run script will set VERSION, REPO_CHANNEL, and OWRT_VERSION env variables
           ./run
       - id: release
         name: Update latest_release file
@@ -48,7 +48,29 @@ jobs:
           name: x86_64-image
           path: bin/targets/x86/64/nethsecurity-*-x86-64-generic-*-combined-efi.img.gz
       - uses: BetaHuhn/do-spaces-action@v2
-        name: Publish packages inside the repository
+        name: Publish packages inside the rolling repository
+        if: ${{ github.ref == 'refs/heads/main' }}
+        with:
+          access_key: ${{ secrets.DO_SPACE_ACCESS_KEY }}
+          secret_key: ${{ secrets.DO_SPACE_SECRET_KEY }}
+          space_name: ${{ env.DO_SPACE_NAME }}
+          space_region: ${{ env.DO_SPACE_REGION }}
+          cdn_domain: ${{ env.CDN_DOMAIN }}
+          source: bin/packages
+          out_dir: ${{ env.CHANNEL }}/${{ env.OWRT_VERSION }}/packages
+      - uses: BetaHuhn/do-spaces-action@v2
+        name: Publish images insde the rolling repository
+        if: ${{ github.ref == 'refs/heads/main' }}
+        with:
+          access_key: ${{ secrets.DO_SPACE_ACCESS_KEY }}
+          secret_key: ${{ secrets.DO_SPACE_SECRET_KEY }}
+          space_name: ${{ env.DO_SPACE_NAME }}
+          space_region: ${{ env.DO_SPACE_REGION }}
+          cdn_domain: ${{ env.CDN_DOMAIN }}
+          source: bin/targets
+          out_dir: ${{ env.CHANNEL }}/${{ env.OWRT_VERSION }}/packages
+      - uses: BetaHuhn/do-spaces-action@v2
+        name: Publish packages inside the fixed repository
         if: ${{ github.ref == 'refs/heads/main' }}
         with:
           access_key: ${{ secrets.DO_SPACE_ACCESS_KEY }}
@@ -59,7 +81,7 @@ jobs:
           source: bin/packages
           out_dir: ${{ env.CHANNEL }}/${{ env.VERSION }}/packages
       - uses: BetaHuhn/do-spaces-action@v2
-        name: Publish images insde the repository
+        name: Publish images insde the fixed repository
         if: ${{ github.ref == 'refs/heads/main' }}
         with:
           access_key: ${{ secrets.DO_SPACE_ACCESS_KEY }}

diff --git a/builder/entrypoint.sh b/builder/entrypoint.sh
@@ -46,15 +46,21 @@ sudo chown -R build:build /config-tmp /home/build/openwrt/{files,nspackages,patc
 # Setup branding and version
 # Required env variables:
 # - VERSION
-# - CHANNEL
+# - REPO_CHANNEL
+# - OWRT_VERSION
 
 if [ -z "$VERSION" ]; then
     echo "VERSION env variable not set"
     exit 1
 fi
 
-if [ -z "$CHANNEL" ]; then
-    echo "CHANNEL env variable not set"
+if [ -z "$REPO_CHANNEL" ]; then
+    echo "REPO_CHANNEL env variable not set"
+    exit 1
+fi
+
+if [ -z "$OWRT_VERSION" ]; then
+    echo "OWRT_VERSION env variable not set"
     exit 1
 fi
 
@@ -65,7 +71,7 @@ fi
 : "${CONFIG_VERSION_MANUFACTURER:=Nethesis}"
 : "${CONFIG_VERSION_MANUFACTURER_URL:=https://www.nethesis.it}"
 : "${CONFIG_VERSION_PRODUCT:=NethSecurity}"
-: "${CONFIG_VERSION_REPO:=https://updates.nethsecurity.nethserver.org/${CHANNEL}/${VERSION}}"
+: "${CONFIG_VERSION_REPO:=https://updates.nethsecurity.nethserver.org/${REPO_CHANNEL}/${OWRT_VERSION}}"
 : "${CONFIG_VERSION_SUPPORT_URL:=https://community.nethserver.org}"
 
 echo "CONFIG_GRUB_TITLE=\"${CONFIG_GRUB_TITLE}\"" >> /config-tmp/branding.conf

diff --git a/run b/run
@@ -64,30 +64,34 @@ if [[ -n "${CI}" ]]; then
 fi
 
 VERSION=$(git describe)
+OWRT_VERSION=$(echo $VERSION | cut -d'-' -f1)
 IS_STABLE=$(git describe --exact-match --tags HEAD 2>/dev/null)
 if [ "$IS_STABLE" != "" ]; then
-    CHANNEL="stable"
+    REPO_CHANNEL="stable"
 else
-    CHANNEL="dev"
+    REPO_CHANNEL="dev"
 fi
-export CHANNEL
+export REPO_CHANNEL
+export OWRT_VERSION
 export VERSION
 
 # Setup CI when pushing to Github.
 if [[ -n "${CI}" ]]; then
     # Set output value for Github Actions
     echo "VERSION=$VERSION" >> "${GITHUB_ENV}"
     echo "::notice title=VERSION::$VERSION"
-    echo "CHANNEL=$CHANNEL" >> "${GITHUB_ENV}"
-    echo "::notice title=CHANNEL::$CHANNEL"
+    echo "REPO_CHANNEL=$REPO_CHANNEL" >> "${GITHUB_ENV}"
+    echo "::debug title=FIXED_REPOSITORY::$REPO_CHANNEL/$VERSION"
+    echo "OWRT_VERSION=$OWRT_VERSION" >> "${GITHUB_ENV}"
+    echo "::debug title=ROLLING_REPOSITORY::$REPO_CHANNEL/$OWRT_VERSION"
 fi
 
 # Run podman with local mounted dirs
 podman run -ti --name nethsec-builder \
     --security-opt label=disable \
     --env=USIGN_PUB_KEY --env=USIGN_PRIV_KEY \
     --env=NETIFYD_ACCESS_TOKEN \
-    --env=VERSION --env=CHANNEL \
+    --env=VERSION --env=REPO_CHANNEL --env=OWRT_VERSION\
     -v ./config:/config:z -v ./files:/files:z -v ./packages:/nspackages:z -v ./patches:/patches:z \
     $opts $image "$@"
 # When executed inside CI, do not execute next setps on error