Update build_deb_package.yml #100
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Package OVIS-LDMS SlingShot Switch Sampler for Debian ARM64 | |
on: | |
push: | |
branches: [ "debian", "tidy" ] | |
pull_request: | |
branches: [ "debian" ] | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
inputs: | |
logLevel: | |
description: 'Log level' | |
required: true | |
default: 'warning' | |
type: choice | |
options: | |
- info | |
- warning | |
- debug | |
print_tags: | |
description: 'True to print to STDOUT' | |
required: true | |
type: boolean | |
tags: | |
description: 'Test scenario tags' | |
required: true | |
type: string | |
environment: | |
description: 'Environment to run tests against' | |
type: environment | |
required: true | |
jobs: | |
build: | |
runs-on: ubuntu-20.04 | |
env: | |
DOCKER_REGISTRY: docker.io | |
DOCKER_IMAGE: jkgreen76/ldms-slingshot-sampler | |
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
GPG_USERNAME: ${{ secrets.GPG_USERNAME }} | |
GPG_EMAIL: ${{ secrets.GPG_EMAIL }} | |
GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} | |
GPG_PUBLIC_KEY: ${{ secrets.GPG_PUBLIC_KEY }} | |
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
DOCKER_TARGET_PLATFORM: 'linux/arm64' | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
with: | |
platforms: 'linux/arm64' | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
version: latest | |
- name: Prepare | |
if: success() | |
id: prepare | |
run: | | |
echo "docker_image=${DOCKER_REGISTRY}/${DOCKER_IMAGE}" >> "$GITHUB_OUTPUT" | |
echo "buildx_version=${GITHUB_RUN_NUMBER}" >> "$GITHUB_OUTPUT" | |
echo "docker_platform=${DOCKER_TARGET_PLATFORM}" >> "$GITHUB_OUTPUT" | |
echo ":white_check_mark: Prepare Step Successful" >> $GITHUB_STEP_SUMMARY | |
- name: Docker Login | |
if: success() | |
run: | | |
echo "${DOCKER_PASSWORD}" | docker login ${DOCKER_REGISTRY} --username "${DOCKER_USERNAME}" --password-stdin | |
echo ":white_check_mark: Docker Login Successful" >> $GITHUB_STEP_SUMMARY | |
- name: Build Debian Package | |
if: success() | |
run: | | |
docker buildx build \ | |
--platform ${{ steps.prepare.outputs.docker_platform }} \ | |
--tag ${{ steps.prepare.outputs.docker_image }} \ | |
--provenance false \ | |
--sbom false \ | |
--file ./Dockerfile \ | |
--output "type=image,push=true" . | |
echo ":white_check_mark: ovis-ldms_4.4.3-1_arm.deb created!" >> $GITHUB_STEP_SUMMARY | |
- name: Stage artifacts to bindmount | |
if: success() | |
run: | | |
mkdir -p ldms-slingshot-sampler | |
sudo chmod -R 777 $(pwd)/ldms-slingshot-sampler | |
docker run -i \ | |
-v $(pwd)/ldms-slingshot-sampler:/ldms-slingshot-sampler:rw ${DOCKER_IMAGE} \ | |
cp -Rf /ovis-ldms-debian-package/ovis-ldms_4.4.3-1_arm64.deb /ldms-slingshot-sampler/. | |
echo ":white_check_mark: Artifacts staged to bindmount" >> $GITHUB_STEP_SUMMARY | |
- name: list directory contents of ldms-slingshot-sampler | |
if: success() | |
run: | | |
ls -al ldms-slingshot-sampler | |
- name: 🔍 Check for dependencies | |
run: | | |
command -v apt-ftparchive || sudo apt install apt-utils | |
sudo apt-get install --reinstall ca-certificates | |
sudo apt-get install --reinstall dpkg-sig | |
- name: Create APT repo | |
if: success() | |
run: | | |
set -e | |
do_hash() { | |
HASH_NAME=$1 | |
HASH_CMD=$2 | |
echo "${HASH_NAME}:" | |
for f in $(find -type f); do | |
f=$(echo $f | cut -c3-) # remove ./ prefix | |
if [ "$f" = "Release" ]; then | |
continue | |
fi | |
echo " $(${HASH_CMD} ${f} | cut -d" " -f1) $(wc -c $f)" | |
done | |
} | |
mkdir -p ovis-ldms/apt-repo/dists/stable/main/binary-arm64 | |
mkdir -p ovis-ldms/apt-repo/pool/main | |
[ -f $(pwd)/ldms-slingshot-sampler/ovis-ldms_4.4.3-1_arm64.deb ] | |
deb_pkg_dir=$(dirname $(readlink -f $(pwd)/ldms-slingshot-sampler/ovis-ldms_4.4.3-1_arm64.deb)) | |
cp $(pwd)/ldms-slingshot-sampler/ovis-ldms_4.4.3-1_arm64.deb ovis-ldms/apt-repo/pool/main/. | |
cd ovis-ldms/apt-repo | |
dpkg-scanpackages --arch arm64 pool/ > dists/stable/main/binary-arm64/Packages | |
cat dists/stable/main/binary-arm64/Packages | gzip -9 > dists/stable/main/binary-arm64/Packages.gz | |
cd dists/stable | |
cat << EOF > Release | |
Architectures: arm64 | |
Components: main | |
Date: $(date -Ru) | |
Version: 4.4.3-1 | |
Suite: stable | |
EOF | |
do_hash "MD5Sum" "md5sum" >> Release | |
do_hash "SHA1" "sha1sum" >> Release | |
do_hash "SHA256" "sha256sum" >> Release | |
cat Release | |
echo ":white_check_mark: APT Repo Creation Successful" >> $GITHUB_STEP_SUMMARY | |
set -x | |
mkdir -p ~/.gnupg | |
chmod 0700 ~/.gnupg | |
echo "${GPG_PASSWORD}" > ~/.gnupg/gpg_pwd.txt | |
chmod 0600 ~/.gnupg/gpg_pwd.txt | |
echo "${GPG_PUBLIC_KEY}" > ~/.gnupg/public.key | |
echo "${GPG_PRIVATE_KEY}" > ~/.gnupg/private.key | |
chmod 0700 ~/.gnupg | |
chmod 0600 ~/.gnupg/*.key | |
sudo gpg -v --batch --import ~/.gnupg/public.key | |
sudo gpg -v --batch --import ~/.gnupg/private.key | |
echo ":white_check_mark: ### Private and Public GPG Keys imported" >> $GITHUB_STEP_SUMMARY | |
GPG_KEY=( $(sudo gpg --list-keys --keyid-format=long | grep "^pub"| awk '{print $2}' | awk -F'/' '{print $2}') ) | |
sudo echo -e "$GPG_USERNAME\n$GPG_EMAIL\nNo Comment\no\n" | gpg --batch --command-fd 0 --expert --edit-key ${GPG_KEY[1]} adduid | tee -a $GITHUB_STEP_SUMMARY | |
sudo echo -e "5\ny\n" | gpg --batch --command-fd 0 --expert --edit-key ${GPG_KEY[1]} trust | tee -a $GITHUB_STEP_SUMMARY | |
echo ":white_check_mark: ### GPG key edit adduid and trust complete" >> $GITHUB_STEP_SUMMARY | |
sudo gpg --list-keys ${GPG_USERNAME} | tee -a $GITHUB_STEP_SUMMARY | |
cd ${deb_pkg_dir} && file ovis-ldms_4.4.3-1_arm64.deb | |
sudo cat << EOF >~/.gnupg/gpg-passwd.txt | |
${GPG_PASSWORD} | |
EOF | |
sudo cat << EOF >~/.gnupg/gpg.conf | |
use-agent | |
pinentry-mode loopback | |
EOF | |
sudo cat << EOF >~/.gnupg/gpg-agent.conf | |
allow-loopback-pinentry | |
EOF | |
sudo cp -Rf ~runner/.gnupg /root/. | |
sudo echo RELOADAGENT | gpg-connect-agent | |
sudo export GPG_TTY=$(tty) | |
ls -al ovis-ldms_4.4.3-1_arm64.deb && echo ":white_check_mark: $(pwd)/ovis-ldms_4.4.3-1_arm64.deb is $(file ovis-ldms_4.4.3-1_arm64.deb)" | tee -a $GITHUB_STEP_SUMMARY | |
echo "Signing with dpkg-sig" | tee -a $GITHUB_STEP_SUMMARY | |
sudo dpkg-sig -k ${GPG_KEY[1]} --gpg-options '--passphrase-file ~/.gnupg/gpg-passwd.txt' --sign builder ovis-ldms_4.4.3-1_arm64.deb | |
echo ":white_check_mark: ### Apt-repo signed" >> $GITHUB_STEP_SUMMARY | |
- name: Build Test Server | |
if: success() | |
run: | | |
docker buildx build \ | |
--platform ${{ steps.prepare.outputs.docker_platform }} \ | |
--tag arm64-ubuntu-apt-webserver \ | |
--provenance false \ | |
--sbom false \ | |
--file ./test-apt-server/Dockerfile \ | |
--output "type=image,push=true" . | |
echo ":white_check_mark: ### ubuntu-arm64-apt-webserver created!" >> $GITHUB_STEP_SUMMARY | |
# - name: Start Webserver | |
# if: success() | |
# users: hoverkraft-tech/compose-action@v2.0.1 | |
# command -v python3 || apt-get update && apt-get install -y python3 | |
# mkdir /www | |
# cp -Rf /ovis-ldms/apt-repo /www/apt-repo | |
# python3 -m "http.server" | |
# - name: Test APT repo | |
- name: Upload artifact | |
if: success() | |
uses: actions/upload-pages-artifact@v3.0.1 | |
with: | |
name: ldms-slingshot-sampler | |
path: ldms-slingshot-sampler | |
- name: Artifact Upload | |
if: success() | |
run: | | |
echo "### ovis-ldms_4.4.3-1_arm.deb artifact uploaded! :rocket:" >> $GITHUB_STEP_SUMMARY |