-
Notifications
You must be signed in to change notification settings - Fork 4
117 lines (112 loc) · 4.3 KB
/
build-and-push.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
name: Yocto build and OSTree push
on:
workflow_dispatch:
inputs:
machine:
description: "Hardware machine"
required: true
type: choice
options:
- apalis-imx6
- apalis-imx8
- beaglebone-yocto
- beagleplay
- colibri-imx6
- colibri-imx6ull-emmc
- colibri-imx7-emmc
- colibri-imx8x
- genericx86-64
- intel-corei7-64
- nezha-allwinner-d1
- qemuarm64
- qemux86-64
- raspberrypi0-2w-64
- raspberrypi0-wifi
- raspberrypi3-64
- raspberrypi4-64
- verdin-am62
- verdin-imx8mm
- verdin-imx8mp
branch:
description: "Manifest repo branch to use"
required: true
type: choice
options:
- kirkstone
- master
- nanbield
manifest:
description: "Manifest file to use"
required: true
type: choice
options:
- common.xml
- default.xml
- integration.xml
- next.xml
env:
BUCKET_NAME: "s3://commontorizon.dev/ostree-repo/"
AWS_REGION: "eu-central-1"
MACHINE: "${{ inputs.machine }}"
BRANCH: "${{ inputs.branch }}"
MANIFEST: "${{ inputs.manifest }}"
MASTER_REPO: "/ostree"
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
build-yocto:
runs-on: [self-hosted, linux, x64, yocto]
steps:
- name: Build Yocto image
working-directory: /workdir
run: |
rm -rf * .repo
repo init -u https://github.com/commontorizon/commontorizon-manifest.git -b ${{ env.BRANCH }} -m torizoncore/${{ env.MANIFEST }}
repo sync
MACHINE=${{ env.MACHINE }} EULA=1 source setup-environment
grep -qxF 'TDX_PURPOSE = "Release"' conf/local.conf || echo 'TDX_PURPOSE = "Release"' >> conf/local.conf
bitbake torizon-core-common-docker
- name: Create tar archive of artifacts
run: |
tar -cvf ${{ env.MACHINE }}-artifacts.tar -C /workdir/build-*/deploy/images/${{ env.MACHINE }}/ .
- name: Upload Yocto artifacts
uses: actions/upload-artifact@v4
with:
name: ${{ env.MACHINE }}-artifacts
path: ${{ env.MACHINE }}-artifacts.tar
ostree-push:
runs-on: [self-hosted, linux, x64, yocto]
needs: build-yocto
steps:
- name: Cleanup workspace
run: |
rm -rf ${{ github.workspace }}/*
- name: Download Yocto artifacts
uses: actions/download-artifact@v4
with:
name: ${{ env.MACHINE }}-artifacts
- name: Unpack artifacts
run: |
tar xf ${{ env.MACHINE }}-artifacts.tar
- name: Evaluate OSTree ref
run: |
echo "REF=$(ostree refs --repo ostree_repo)" >> "$GITHUB_ENV"
- name: Evaluate OSTree commit
run: |
echo "COMMIT=$(ostree rev-parse $REF --repo ostree_repo)" >> "$GITHUB_ENV"
- name: Promote OSTree
run: |
ostree-repo-promotion.py --srcRepo ostree_repo --targetRepo ${{ env.MASTER_REPO }} --ref $REF --commit $COMMIT
- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::590183833123:role/CommonTorizonOstreePushToS3
role-session-name: CommonTorizonOSTreePushSession
aws-region: ${{ env.AWS_REGION }}
- name: Sync Master OSTree to S3
run: |
ostree summary -u --repo ${{ env.MASTER_REPO}}
aws s3 sync ${{ env.MASTER_REPO }} ${{ env.BUCKET_NAME }} --exclude='*' --include='objects/*' --include='deltas/*' --size-only
aws s3 sync ${{ env.MASTER_REPO }} ${{ env.BUCKET_NAME }} --exclude='*' --include='refs/*' --include='summar*' --include 'config*' --delete
aws s3 sync ${{ env.MASTER_REPO }} ${{ env.BUCKET_NAME }} --exclude='*' --include='objects/*' --include='deltas/*' --size-only --delete