Skip to content

ci/repo: Add deb fetcher #199

ci/repo: Add deb fetcher

ci/repo: Add deb fetcher #199

Workflow file for this run

name: Envoy
permissions:
contents: read
on:
pull_request:
push:
branches:
- main
concurrency:
group: >-
${{ github.event.inputs.head_ref || github.run_id }}
jobs:
envoy:
permissions:
actions: write
runs-on: ubuntu-24.04
if: github.repository_owner == 'envoyproxy'
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- run: |
bazel run --config=ci //tools/fetch -- -h
- run: |
bazel build --config=ci //:envoy_versions
cat bazel-bin/envoy_versions.json | jq '.'
- run: |
gpg --import envoy-maintainers-public.key
- id: versions
run: |
bazel build --config=ci //debs:minor_versions
VERSION_HASH="$(cat bazel-bin/debs/minor_versions.txt | sha256sum | cut -d' ' -f1)"
echo "hash=${VERSION_HASH}" >> "$GITHUB_OUTPUT"
- uses: actions/cache/restore@v4
id: cache
with:
key: ${{ steps.versions.outputs.hash }}
path: /tmp/repository
- id: repository
run: |
mkdir -p /tmp/repository
rm -rf /tmp/repository/v1.28.3
ls /tmp/repository | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+' | sort -u > debs/custom-excludes.txt
DIR_SHA=$(cat debs/custom-excludes.txt | sha256sum | cut -d' ' -f1)
echo "cached=${DIR_SHA}" >> $GITHUB_OUTPUT
- run: |
echo $GITHUB_TOKEN > debs/token.txt
bazel run \
--config=debs-ci \
//tools/tarball:unpack \
/tmp/repository
# rm -rf /tmp/repository/v1.28.3
- run: |
find /tmp/repository
- run: |
UPDATED=$(ls /tmp/repository | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+' | sort -u | sha256sum | cut -d' ' -f1)
if [[ "${{ steps.repository.outputs.cached }}" != "$UPDATED" ]]; then
echo "changed=1" >> $GITHUB_OUTPUT
fi
id: update
if: ${{ github.event_name == 'push' && steps.cache.outputs.cache-hit && steps.update.outputs.changed }}
- uses: actions/upload-artifact@v4
if: false
with:
path: /tmp/repository
name: debs
# if we are on main and the files have changed, then cache - PRs always just use the main cache
- if: ${{ github.event_name == 'push' && steps.cache.outputs.cache-hit && steps.update.outputs.changed }}
run: |
gh extension install actions/gh-actions-cache
gh actions-cache delete --confirm ${{ steps.versions.outputs.hash }}
env:
GH_TOKEN: ${{ github.token }}
- uses: actions/cache/save@v4
if: ${{ github.event_name == 'push' && steps.update.outputs.changed }}
with:
key: ${{ steps.versions.outputs.hash }}
path: /tmp/repository