Add GitHub workflow for building the OSTree repository
authorMartin Pitt <martin@piware.de>
Sat, 12 Dec 2020 18:41:13 +0000 (19:41 +0100)
committerMartin Pitt <martin@piware.de>
Sun, 13 Dec 2020 10:33:55 +0000 (11:33 +0100)
Also add a script to download and unpack the artifact on my server's
`public_html/`.

.github/workflows/build.yml [new file with mode: 0644]
github-fetch.sh [new file with mode: 0755]

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644 (file)
index 0000000..9fad8b3
--- /dev/null
@@ -0,0 +1,32 @@
+name: build
+on:
+  schedule:
+    - cron: 0 2 * * 6
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    container:
+      image: docker.io/fedora:latest
+      # Fix SELinux for the built OSTree: https://github.com/coreos/rpm-ostree/issues/1943
+      options: --privileged --security-opt label:disable
+    steps:
+      - name: Install dependencies
+        run: dnf install -y rpm-ostree selinux-policy selinux-policy-targeted policycoreutils
+
+      - name: Clone repository
+        uses: actions/checkout@v2
+
+      - name: Build OSTree
+        run: sudo ./compose.sh
+
+      # upload-artifact@v2 has trouble with tens of thousands of files
+      - name: Create repo tarball
+        run: tar -czf /var/tmp/repo.tar.gz -C /var/tmp/repo .
+
+      - name: Create repository artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: repository
+          path: /var/tmp/repo.tar.gz
+          retention-days: 14
diff --git a/github-fetch.sh b/github-fetch.sh
new file mode 100755 (executable)
index 0000000..ebf972e
--- /dev/null
@@ -0,0 +1,20 @@
+#!/bin/sh
+# Download built GitHub OSTree repository artifact and unpack it into a plain directory
+set -eux
+
+# download latest repo build
+REPO_FINAL="$(dirname $0)/pitti-workstation"
+REPO="${REPO_FINAL}.new"
+
+CURL="curl -u token:$(cat ~/.config/github-token) --show-error --fail"
+RESPONSE=$($CURL --silent https://api.github.com/repos/martinpitt/ostree-pitti-workstation/actions/artifacts)
+ZIP=$(echo "$RESPONSE" | jq --raw-output '.artifacts | map(select(.name == "repository"))[0].archive_download_url')
+echo "INFO: Downloading $ZIP ..."
+[ -e /tmp/repository.zip ] || $CURL -L -o /tmp/repository.zip "$ZIP"
+rm -rf "$REPO"
+mkdir -p "$REPO"
+unzip -p /tmp/repository.zip | tar -xzC "$REPO"
+rm /tmp/repository.zip
+[ ! -e "$REPO_FINAL" ] || mv "${REPO_FINAL}" "${REPO_FINAL}.old"
+mv "$REPO" "$REPO_FINAL"
+rm -rf "${REPO_FINAL}.old"