Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GHA Migration #71

Merged
merged 5 commits into from
Jul 8, 2024
Merged

GHA Migration #71

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
2e10ba8
Remove drone
galal-hussein Jul 3, 2024
1763319
Add GHA for centos7
galal-hussein Jul 3, 2024
be89d77
Add the rest of distros
galal-hussein Jul 3, 2024
e01c8d8
More fixes
galal-hussein Jul 5, 2024
746db69
Use vault's secrets
galal-hussein Jul 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
450 changes: 0 additions & 450 deletions .drone.yml
View file
Open in desktop

This file was deleted.

55 changes: 55 additions & 0 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
on:
push:
branches:
- master
pull_request:

name: Build
permissions:
contents: read
jobs:
build-rpm-el7:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: build-rpm
run: |
make build-centos7
build-rpm-el8:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: build-rpm
run: |
make build-centos8
build-rpm-el9:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: build-rpm
run: |
make build-centos9
build-rpm-slemicro:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: build-rpm
run: |
make build-slemicro
build-rpm-microos:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: build-rpm
run: |
make build-microos
262 changes: 262 additions & 0 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,262 @@
on:
push:
tags:
- "v*"

env:
GH_TOKEN: ${{ github.token }}

name: Release RPMs
permissions:
contents: write
id-token: write
jobs:
release-rpm-el7:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: "Read secrets"
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/private_key | PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/private_key_passphrase | PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/testing_private_key | TESTING_PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/testing_private_key_passphrase | TESTING_PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/aws_s3_bucket | AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/aws_access_key_id | AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/aws_secret_access_key | AWS_SECRET_ACCESS_KEY ;
secret/data/github/repo/${{ github.repository }}/testing_aws_s3_bucket | TESTING_AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/testing_aws_access_key_id | TESTING_AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/testing_aws_secret_access_key | TESTING_AWS_SECRET_ACCESS_KEY ;

- name: build-rpm-el7
run: |
make build-centos7

- name: sign-rpm-el7
run: |
make sign-centos7
env:
PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}

- name: upload-repo-el7
run: |
make upload-centos7
env:
COMBARCH: x86_64-amd64
AWS_S3_BUCKET: ${{ env.AWS_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}

- name: github-rpm-release-el7
run: |
gh release upload ${{ github.ref_name }} dist/centos7/noarch/* dist/centos7/source/*
release-rpm-el8:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: "Read secrets"
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/private_key | PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/private_key_passphrase | PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/testing_private_key | TESTING_PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/testing_private_key_passphrase | TESTING_PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/aws_s3_bucket | AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/aws_access_key_id | AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/aws_secret_access_key | AWS_SECRET_ACCESS_KEY ;
secret/data/github/repo/${{ github.repository }}/testing_aws_s3_bucket | TESTING_AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/testing_aws_access_key_id | TESTING_AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/testing_aws_secret_access_key | TESTING_AWS_SECRET_ACCESS_KEY ;

- name: build-rpm-el8
run: |
make build-centos8

- name: sign-rpm-el8
run: |
make sign-centos8
env:
PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}

- name: upload-repo-el8
run: |
make upload-centos8
env:
COMBARCH: x86_64-amd64
AWS_S3_BUCKET: ${{ env.AWS_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}

- name: github-rpm-release-el8
run: |
gh release upload ${{ github.ref_name }} dist/centos8/noarch/* dist/centos8/source/*
release-rpm-el9:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: "Read secrets"
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/private_key | PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/private_key_passphrase | PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/testing_private_key | TESTING_PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/testing_private_key_passphrase | TESTING_PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/aws_s3_bucket | AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/aws_access_key_id | AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/aws_secret_access_key | AWS_SECRET_ACCESS_KEY ;
secret/data/github/repo/${{ github.repository }}/testing_aws_s3_bucket | TESTING_AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/testing_aws_access_key_id | TESTING_AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/testing_aws_secret_access_key | TESTING_AWS_SECRET_ACCESS_KEY ;

- name: build-rpm-el9
run: |
make build-centos9

- name: sign-rpm-el9
run: |
make sign-centos9
env:
PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}

- name: upload-repo-el9
run: |
make upload-centos9
env:
COMBARCH: x86_64-amd64
AWS_S3_BUCKET: ${{ env.AWS_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}

- name: github-rpm-release-el9
run: |
gh release upload ${{ github.ref_name }} dist/centos9/noarch/* dist/centos9/source/*
release-rpm-microos:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: "Read secrets"
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/private_key | PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/private_key_passphrase | PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/testing_private_key | TESTING_PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/testing_private_key_passphrase | TESTING_PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/aws_s3_bucket | AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/aws_access_key_id | AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/aws_secret_access_key | AWS_SECRET_ACCESS_KEY ;
secret/data/github/repo/${{ github.repository }}/testing_aws_s3_bucket | TESTING_AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/testing_aws_access_key_id | TESTING_AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/testing_aws_secret_access_key | TESTING_AWS_SECRET_ACCESS_KEY ;

- name: build-rpm-microos
run: |
make build-microos

- name: sign-rpm-microos
run: |
make sign-microos
env:
PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}

- name: upload-repo-microos
run: |
make upload-microos
env:
COMBARCH: x86_64-amd64
AWS_S3_BUCKET: ${{ env.AWS_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}

- name: github-rpm-release-microos
run: |
gh release upload ${{ github.ref_name }} dist/microos/noarch/* dist/microos/source/*
release-rpm-slemicro:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: "Read secrets"
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/private_key | PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/private_key_passphrase | PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/testing_private_key | TESTING_PRIVATE_KEY ;
secret/data/github/repo/${{ github.repository }}/testing_private_key_passphrase | TESTING_PRIVATE_KEY_PASS_PHRASE ;
secret/data/github/repo/${{ github.repository }}/aws_s3_bucket | AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/aws_access_key_id | AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/aws_secret_access_key | AWS_SECRET_ACCESS_KEY ;
secret/data/github/repo/${{ github.repository }}/testing_aws_s3_bucket | TESTING_AWS_S3_BUCKET ;
secret/data/github/repo/${{ github.repository }}/testing_aws_access_key_id | TESTING_AWS_ACCESS_KEY_ID ;
secret/data/github/repo/${{ github.repository }}/testing_aws_secret_access_key | TESTING_AWS_SECRET_ACCESS_KEY ;

- name: build-rpm-slemicro
run: |
make build-slemicro

- name: sign-rpm-slemicro
run: |
make sign-slemicro
env:
PRIVATE_KEY: ${{ env.PRIVATE_KEY }}
PRIVATE_KEY_PASS_PHRASE: ${{ env.PRIVATE_KEY_PASS_PHRASE }}
TESTING_PRIVATE_KEY: ${{ env.TESTING_PRIVATE_KEY }}
TESTING_PRIVATE_KEY_PASS_PHRASE: ${{ env.TESTING_PRIVATE_KEY_PASS_PHRASE }}

- name: upload-repo-slemicro
run: |
make upload-slemicro
env:
COMBARCH: x86_64-amd64
AWS_S3_BUCKET: ${{ env.AWS_S3_BUCKET }}
AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
TESTING_AWS_S3_BUCKET: ${{ env.TESTING_AWS_S3_BUCKET }}
TESTING_AWS_ACCESS_KEY_ID: ${{ env.TESTING_AWS_ACCESS_KEY_ID }}
TESTING_AWS_SECRET_ACCESS_KEY: ${{ env.TESTING_AWS_SECRET_ACCESS_KEY }}

- name: github-rpm-release-slemicro
run: |
gh release upload ${{ github.ref_name }} dist/slemicro/noarch/* dist/slemicro/source/*




5 changes: 4 additions & 1 deletion Dockerfile.centos7.dapper
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
FROM centos:7

RUN sed -i -e "s/mirrorlist.*//g" /etc/yum.repos.d/*
RUN sed -i -e "s/#baseurl=http:\/\/mirror.centos.org/baseurl=http:\/\/linuxsoft.cern.ch\/centos-vault\//g" /etc/yum.repos.d/*

RUN yum install -y epel-release \
&& yum -y install container-selinux git rpm-build selinux-policy-devel yum-utils

ENV DAPPER_SOURCE /source
ENV DAPPER_OUTPUT ./dist
ENV DAPPER_ENV COMBARCH DRONE_TAG TAG
ENV DAPPER_ENV COMBARCH CHECKSUM_DIR CHECKSUM_FILE TAG PRIVATE_KEY PRIVATE_KEY_PASS_PHRASE TESTING_PRIVATE_KEY TESTING_PRIVATE_KEY_PASS_PHRASE AWS_S3_BUCKET AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY TESTING_AWS_S3_BUCKET TESTING_AWS_ACCESS_KEY_ID TESTING_AWS_SECRET_ACCESS_KEY
ENV HOME ${DAPPER_SOURCE}
WORKDIR ${DAPPER_SOURCE}

Expand Down
4 changes: 2 additions & 2 deletions Dockerfile.centos8.dapper
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
FROM rockylinux:8

RUN yum install -y epel-release \
&& yum -y install container-selinux git rpm-build selinux-policy-devel yum-utils
&& yum install -y container-selinux git rpm-build selinux-policy-devel yum-utils pinentry python2-pip ca-certificates

ENV DAPPER_SOURCE /source
ENV DAPPER_OUTPUT ./dist
ENV DAPPER_ENV COMBARCH DRONE_TAG TAG
ENV DAPPER_ENV COMBARCH CHECKSUM_DIR CHECKSUM_FILE TAG PRIVATE_KEY PRIVATE_KEY_PASS_PHRASE TESTING_PRIVATE_KEY TESTING_PRIVATE_KEY_PASS_PHRASE AWS_S3_BUCKET AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY TESTING_AWS_S3_BUCKET TESTING_AWS_ACCESS_KEY_ID TESTING_AWS_SECRET_ACCESS_KEY
ENV HOME ${DAPPER_SOURCE}
WORKDIR ${DAPPER_SOURCE}

Expand Down
4 changes: 2 additions & 2 deletions Dockerfile.centos9.dapper
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
FROM quay.io/centos/centos:stream9

RUN yum install -y epel-release \
&& yum -y install container-selinux git rpm-build selinux-policy-devel yum-utils
&& yum -y install container-selinux git rpm-build selinux-policy-devel yum-utils pinentry python-pip ca-certificates

ENV DAPPER_SOURCE /source
ENV DAPPER_OUTPUT ./dist
ENV DAPPER_ENV COMBARCH DRONE_TAG TAG
ENV DAPPER_ENV COMBARCH CHECKSUM_DIR CHECKSUM_FILE TAG PRIVATE_KEY PRIVATE_KEY_PASS_PHRASE TESTING_PRIVATE_KEY TESTING_PRIVATE_KEY_PASS_PHRASE AWS_S3_BUCKET AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY TESTING_AWS_S3_BUCKET TESTING_AWS_ACCESS_KEY_ID TESTING_AWS_SECRET_ACCESS_KEY
ENV HOME ${DAPPER_SOURCE}
WORKDIR ${DAPPER_SOURCE}

Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.microos.dapper
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ RUN zypper install -y container-selinux git rpm-build selinux-policy-devel

ENV DAPPER_SOURCE /source
ENV DAPPER_OUTPUT ./dist
ENV DAPPER_ENV COMBARCH DRONE_TAG TAG
ENV DAPPER_ENV COMBARCH CHECKSUM_DIR CHECKSUM_FILE TAG PRIVATE_KEY PRIVATE_KEY_PASS_PHRASE TESTING_PRIVATE_KEY TESTING_PRIVATE_KEY_PASS_PHRASE AWS_S3_BUCKET AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY TESTING_AWS_S3_BUCKET TESTING_AWS_ACCESS_KEY_ID TESTING_AWS_SECRET_ACCESS_KEY
ENV HOME ${DAPPER_SOURCE}
WORKDIR ${DAPPER_SOURCE}

Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.slemicro.dapper
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ RUN zypper in -y -n --force-resolution container-selinux git rpm-build selinux-p

ENV DAPPER_SOURCE /source
ENV DAPPER_OUTPUT ./dist
ENV DAPPER_ENV COMBARCH DRONE_TAG TAG
ENV DAPPER_ENV COMBARCH CHECKSUM_DIR CHECKSUM_FILE TAG PRIVATE_KEY PRIVATE_KEY_PASS_PHRASE TESTING_PRIVATE_KEY TESTING_PRIVATE_KEY_PASS_PHRASE AWS_S3_BUCKET AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY TESTING_AWS_S3_BUCKET TESTING_AWS_ACCESS_KEY_ID TESTING_AWS_SECRET_ACCESS_KEY
ENV HOME ${DAPPER_SOURCE}
WORKDIR ${DAPPER_SOURCE}

Expand Down
Loading