From a4d2a36c173bc3175ea3697a129484475edbcda8 Mon Sep 17 00:00:00 2001 From: s3rj1k Date: Thu, 11 Apr 2024 22:24:38 +0200 Subject: [PATCH] [GHA] Use `cicd-docker-build-and-distribute.yml`. --- .github/docker/centos/7/amd64/Dockerfile | 102 +++++++ .../docker/debian/bookworm/amd64/Dockerfile | 67 +++++ .../docker/debian/bookworm/arm32v7/Dockerfile | 67 +++++ .../docker/debian/bullseye/amd64/Dockerfile | 67 +++++ .../docker/debian/bullseye/arm32v7/Dockerfile | 67 +++++ .github/docker/debian/buster/amd64/Dockerfile | 67 +++++ .../docker/debian/buster/arm32v7/Dockerfile | 67 +++++ .github/workflows/build.yml | 248 ------------------ .github/workflows/cicd.yml | 112 ++++++++ 9 files changed, 616 insertions(+), 248 deletions(-) create mode 100644 .github/docker/centos/7/amd64/Dockerfile create mode 100644 .github/docker/debian/bookworm/amd64/Dockerfile create mode 100644 .github/docker/debian/bookworm/arm32v7/Dockerfile create mode 100644 .github/docker/debian/bullseye/amd64/Dockerfile create mode 100644 .github/docker/debian/bullseye/arm32v7/Dockerfile create mode 100644 .github/docker/debian/buster/amd64/Dockerfile create mode 100644 .github/docker/debian/buster/arm32v7/Dockerfile delete mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/cicd.yml diff --git a/.github/docker/centos/7/amd64/Dockerfile b/.github/docker/centos/7/amd64/Dockerfile new file mode 100644 index 0000000..43eef99 --- /dev/null +++ b/.github/docker/centos/7/amd64/Dockerfile @@ -0,0 +1,102 @@ +ARG BUILDER_IMAGE=centos:7.2.1511 + +FROM ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER="Andrey Volk " +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +MAINTAINER ${MAINTAINER} +ENV MAINTAINER=${MAINTAINER} + +RUN yum -y update && \ + yum install -y \ + audiofile-devel \ + autoconf \ + automake \ + bind-license \ + centos-release-scl \ + cyrus-sasl-lib \ + dbus \ + dbus-libs \ + devtoolset-9-gcc* \ + dos2unix \ + doxygen \ + dpkg-dev \ + dracut \ + epel-release \ + expat \ + gcc \ + gcc-c++ \ + git \ + glib2 \ + glib2-devel \ + gnupg2 \ + gzip \ + krb5-dxevel \ + libatomic \ + libcurl-devel \ + libtool \ + libuuid-devel \ + libxml2 \ + lksctp-tools-devel \ + lsb_release \ + make \ + multilib-rpm-config \ + openssl-devel \ + pkg-config \ + procps-ng \ + python \ + python-libs \ + rpm-build \ + rpmdevtools \ + scl-utils \ + sqlite \ + swig \ + unzip \ + uuid-devel \ + vim-minimal \ + wget \ + which \ + xz \ + xz-libs \ + yum-plugin-fastestmirror \ + yum-plugin-ovl \ + yum-utils \ + zlib-devel && \ + yum -y clean all + +ENV DATA_DIR=/data +WORKDIR ${DATA_DIR} + +COPY . ${DATA_DIR}/src/ +RUN cd ${DATA_DIR}/src/ && \ + git reset --hard HEAD && git clean -xfd && \ + cd ${DATA_DIR} + +ARG SPEC_FILE=broadvoice + +# Bootstrap and Build +RUN cat < ~/.rpmmacros +%packager ${MAINTAINER} +%_topdir ${DATA_DIR}/rpmbuild +EOF +RUN rpmdev-setuptree + +RUN echo "export VERSION=$(rpm -q --qf '%{VERSION}\n' --specfile ${DATA_DIR}/src/${SPEC_FILE}.spec 2>/dev/null | head -1)" \ + | tee ~/.env && \ + chmod +x ~/.env + +RUN . ~/.env && \ + mv -v ${DATA_DIR}/src/ ${DATA_DIR}/${SPEC_FILE}-${VERSION}/ && \ + tar cvzf ${DATA_DIR}/rpmbuild/SOURCES/${SPEC_FILE}-${VERSION}.tar.gz --exclude .git -C ${DATA_DIR} ${SPEC_FILE}-${VERSION}/ && \ + cp -v ${DATA_DIR}/${SPEC_FILE}-${VERSION}/${SPEC_FILE}.spec ${DATA_DIR}/rpmbuild/SPECS/ && \ + sed -i "s/\(Release:\)\([[:space:]]*\)1%{?dist}/\1\2${BUILD_NUMBER}.${GIT_SHA}/" ${DATA_DIR}/rpmbuild/SPECS/${SPEC_FILE}.spec + +RUN rpmbuild -bs ${DATA_DIR}/rpmbuild/SPECS/${SPEC_FILE}.spec +RUN find ${DATA_DIR}/rpmbuild/SRPMS/ -type f | xargs -rI{} yum-builddep -y {} +RUN rpmbuild -ba ${DATA_DIR}/rpmbuild/SPECS/${SPEC_FILE}.spec + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/rpmbuild/ / diff --git a/.github/docker/debian/bookworm/amd64/Dockerfile b/.github/docker/debian/bookworm/amd64/Dockerfile new file mode 100644 index 0000000..6330fb8 --- /dev/null +++ b/.github/docker/debian/bookworm/amd64/Dockerfile @@ -0,0 +1,67 @@ +ARG BUILDER_IMAGE=debian:bookworm +ARG MAINTAINER="Andrey Volk " + +FROM ${BUILDER_IMAGE} AS builder + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +MAINTAINER ${MAINTAINER} + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +ENV DATA_DIR=/data +WORKDIR ${DATA_DIR} + +COPY . ${DATA_DIR} +RUN git reset --hard HEAD && git clean -xfd + +RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ + chmod +x ~/.env + +RUN git config --global --add safe.directory '*' + +# Bootstrap and Build +RUN echo "export VERSION=$(dpkg-parsechangelog --show-field Version | cut -f1 -d'-')" | tee -a ~/.env +RUN . ~/.env && dch \ + --controlmaint \ + --distribution "${CODENAME}" \ + --force-bad-version \ + --force-distribution \ + --newversion "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + "Nightly build, ${GIT_SHA}" + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN debuild -b -us -uc && mkdir OUT && mv -v ../*.deb OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/bookworm/arm32v7/Dockerfile b/.github/docker/debian/bookworm/arm32v7/Dockerfile new file mode 100644 index 0000000..65c4f7d --- /dev/null +++ b/.github/docker/debian/bookworm/arm32v7/Dockerfile @@ -0,0 +1,67 @@ +ARG BUILDER_IMAGE=arm32v7/debian:bookworm +ARG MAINTAINER="Andrey Volk " + +FROM ${BUILDER_IMAGE} AS builder + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +MAINTAINER ${MAINTAINER} + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +ENV DATA_DIR=/data +WORKDIR ${DATA_DIR} + +COPY . ${DATA_DIR} +RUN git reset --hard HEAD && git clean -xfd + +RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ + chmod +x ~/.env + +RUN git config --global --add safe.directory '*' + +# Bootstrap and Build +RUN echo "export VERSION=$(dpkg-parsechangelog --show-field Version | cut -f1 -d'-')" | tee -a ~/.env +RUN . ~/.env && dch \ + --controlmaint \ + --distribution "${CODENAME}" \ + --force-bad-version \ + --force-distribution \ + --newversion "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + "Nightly build, ${GIT_SHA}" + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN debuild -b -us -uc && mkdir OUT && mv -v ../*.deb OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/bullseye/amd64/Dockerfile b/.github/docker/debian/bullseye/amd64/Dockerfile new file mode 100644 index 0000000..d011b44 --- /dev/null +++ b/.github/docker/debian/bullseye/amd64/Dockerfile @@ -0,0 +1,67 @@ +ARG BUILDER_IMAGE=debian:bullseye +ARG MAINTAINER="Andrey Volk " + +FROM ${BUILDER_IMAGE} AS builder + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +MAINTAINER ${MAINTAINER} + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +ENV DATA_DIR=/data +WORKDIR ${DATA_DIR} + +COPY . ${DATA_DIR} +RUN git reset --hard HEAD && git clean -xfd + +RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ + chmod +x ~/.env + +RUN git config --global --add safe.directory '*' + +# Bootstrap and Build +RUN echo "export VERSION=$(dpkg-parsechangelog --show-field Version | cut -f1 -d'-')" | tee -a ~/.env +RUN . ~/.env && dch \ + --controlmaint \ + --distribution "${CODENAME}" \ + --force-bad-version \ + --force-distribution \ + --newversion "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + "Nightly build, ${GIT_SHA}" + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN debuild -b -us -uc && mkdir OUT && mv -v ../*.deb OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/bullseye/arm32v7/Dockerfile b/.github/docker/debian/bullseye/arm32v7/Dockerfile new file mode 100644 index 0000000..2d96b53 --- /dev/null +++ b/.github/docker/debian/bullseye/arm32v7/Dockerfile @@ -0,0 +1,67 @@ +ARG BUILDER_IMAGE=arm32v7/debian:bullseye +ARG MAINTAINER="Andrey Volk " + +FROM ${BUILDER_IMAGE} AS builder + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +MAINTAINER ${MAINTAINER} + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +ENV DATA_DIR=/data +WORKDIR ${DATA_DIR} + +COPY . ${DATA_DIR} +RUN git reset --hard HEAD && git clean -xfd + +RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ + chmod +x ~/.env + +RUN git config --global --add safe.directory '*' + +# Bootstrap and Build +RUN echo "export VERSION=$(dpkg-parsechangelog --show-field Version | cut -f1 -d'-')" | tee -a ~/.env +RUN . ~/.env && dch \ + --controlmaint \ + --distribution "${CODENAME}" \ + --force-bad-version \ + --force-distribution \ + --newversion "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + "Nightly build, ${GIT_SHA}" + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN debuild -b -us -uc && mkdir OUT && mv -v ../*.deb OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/buster/amd64/Dockerfile b/.github/docker/debian/buster/amd64/Dockerfile new file mode 100644 index 0000000..bd2a115 --- /dev/null +++ b/.github/docker/debian/buster/amd64/Dockerfile @@ -0,0 +1,67 @@ +ARG BUILDER_IMAGE=debian:buster +ARG MAINTAINER="Andrey Volk " + +FROM ${BUILDER_IMAGE} AS builder + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +MAINTAINER ${MAINTAINER} + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +ENV DATA_DIR=/data +WORKDIR ${DATA_DIR} + +COPY . ${DATA_DIR} +RUN git reset --hard HEAD && git clean -xfd + +RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ + chmod +x ~/.env + +RUN git config --global --add safe.directory '*' + +# Bootstrap and Build +RUN echo "export VERSION=$(dpkg-parsechangelog --show-field Version | cut -f1 -d'-')" | tee -a ~/.env +RUN . ~/.env && dch \ + --controlmaint \ + --distribution "${CODENAME}" \ + --force-bad-version \ + --force-distribution \ + --newversion "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + "Nightly build, ${GIT_SHA}" + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN debuild -b -us -uc && mkdir OUT && mv -v ../*.deb OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/buster/arm32v7/Dockerfile b/.github/docker/debian/buster/arm32v7/Dockerfile new file mode 100644 index 0000000..ec51549 --- /dev/null +++ b/.github/docker/debian/buster/arm32v7/Dockerfile @@ -0,0 +1,67 @@ +ARG BUILDER_IMAGE=arm32v7/debian:buster +ARG MAINTAINER="Andrey Volk " + +FROM ${BUILDER_IMAGE} AS builder + +ARG BUILD_NUMBER=42 +ARG GIT_SHA=0000000000 + +MAINTAINER ${MAINTAINER} + +SHELL ["/bin/bash", "-c"] + +RUN apt-get -q update && \ + DEBIAN_FRONTEND=noninteractive apt-get -yq install \ + apt-transport-https \ + build-essential \ + ca-certificates \ + cmake \ + curl \ + debhelper \ + devscripts \ + dh-autoreconf \ + dos2unix \ + doxygen \ + git \ + graphviz \ + libglib2.0-dev \ + libssl-dev \ + lsb-release \ + pkg-config \ + wget + +RUN update-ca-certificates --fresh + +ENV DATA_DIR=/data +WORKDIR ${DATA_DIR} + +COPY . ${DATA_DIR} +RUN git reset --hard HEAD && git clean -xfd + +RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ + chmod +x ~/.env + +RUN git config --global --add safe.directory '*' + +# Bootstrap and Build +RUN echo "export VERSION=$(dpkg-parsechangelog --show-field Version | cut -f1 -d'-')" | tee -a ~/.env +RUN . ~/.env && dch \ + --controlmaint \ + --distribution "${CODENAME}" \ + --force-bad-version \ + --force-distribution \ + --newversion "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + "Nightly build, ${GIT_SHA}" + +RUN apt-get -q update && \ + mk-build-deps --install --remove debian/control --tool "apt-get -y --no-install-recommends" && \ + apt-get -y -f install + +ENV DEB_BUILD_OPTIONS="parallel=1" +RUN . ~/.env && dch -b -M -v "${VERSION}-${BUILD_NUMBER}-${GIT_SHA}~${CODENAME}" \ + --force-distribution -D "${CODENAME}" "Nightly build, ${GIT_SHA}" +RUN debuild -b -us -uc && mkdir OUT && mv -v ../*.deb OUT/. + +# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) +FROM scratch +COPY --from=builder /data/OUT/ / diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index 1bb7912..0000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,248 +0,0 @@ -name: Build and Distribute - -on: - pull_request: - push: - branches: - - release - - master - paths: - - "**" - - "!debian/changelog" - workflow_dispatch: - -concurrency: - group: ${{ github.head_ref || github.ref }} - -jobs: - build_rpm: - name: 'Build RPM' - uses: signalwire/actions-template/.github/workflows/ci-rpm-packages.yml@main - with: - PROJECT_NAME: broadvoice # this is khown issue (no `lib` prefix) - RUNNER: ubuntu-latest - PACKAGER: 'packager Andrey Volk ' - PLATFORM: amd64 - secrets: inherit - - build_deb: - name: 'Build DEB' - uses: signalwire/actions-template/.github/workflows/ci-deb-packages-v2.yml@main - strategy: - fail-fast: false - matrix: - codename: - - bookworm - - bullseye - - buster - - stretch - platform: - - amd64 - - armhf - with: - PROJECT_NAME: libbroadvoice - RUNNER: ubuntu-latest - BASE_IMAGE: signalwire/build-deb-action - DISTRO_CODENAME: ${{ matrix.codename }} - PLATFORM: ${{ matrix.platform }} - - generate_meta_rpm: - if: (github.ref_type == 'branch' && github.base_ref == '') - name: 'Meta RPM' - needs: [ build_rpm ] - strategy: - matrix: - os: - - rpm - platform: - - amd64 - uses: signalwire/actions-template/.github/workflows/ci-libs-metadata-v2.yml@main - with: - ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.platform }}-artifact - OS_PLATFORM: ${{ matrix.os }}-${{ matrix.platform }} - RUNNER: ubuntu-latest - FILE_PATH_PREFIX: /var/www/libbroadvoice-${{ github.ref_name }}-${{ matrix.os }}-${{ matrix.platform }}/${{ github.run_id }}-${{ github.run_number }} - - generate_meta_deb: - if: (github.ref_type == 'branch' && github.base_ref == '') - name: 'Meta DEB' - needs: [ build_deb ] - strategy: - matrix: - os: - - deb - codename: - - bookworm - - bullseye - - buster - - stretch - platform: - - amd64 - - armhf - uses: signalwire/actions-template/.github/workflows/ci-libs-metadata-v2.yml@main - with: - ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.codename }}-${{ matrix.platform }}-artifact - OS_PLATFORM: ${{ matrix.os }}-${{ matrix.codename }}-${{ matrix.platform }} - RUNNER: ubuntu-latest - FILE_PATH_PREFIX: /var/www/libbroadvoice-${{ github.ref_name }}-${{ matrix.os }}-${{ matrix.platform }}/${{ github.run_id }}-${{ github.run_number }} - - distribute_matrix_rpm: - if: (github.ref_type == 'branch' && github.base_ref == '') - permissions: write-all - name: 'Copy to remote RPM' - needs: [ build_rpm ] - strategy: - matrix: - os: - - rpm - platform: - - amd64 - uses: signalwire/actions-template/.github/workflows/cd-scp.yml@main - with: - ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.platform }}-artifact - TARGET_FOLDER: /var/www/libbroadvoice-${{ github.ref_name }}-${{ matrix.os }}-${{ matrix.platform }}/${{ github.run_id }}-${{ github.run_number }} - RUNNER: ubuntu-latest - FILES: '*.tar.gz' - CREATE_DESTINATION_FOLDERS: true - secrets: - # Explicit define secrets for better understanding but it could be just inherit - PROXY_URL: ${{ secrets.PROXY_URL }} - USERNAME: ${{ secrets.USERNAME }} - HOSTNAME: ${{ secrets.HOSTNAME }} - TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} - - distribute_matrix_deb: - if: (github.ref_type == 'branch' && github.base_ref == '') - permissions: write-all - name: 'Copy to remote DEB' - needs: [ build_deb ] - strategy: - matrix: - os: - - deb - codename: - - bookworm - - bullseye - - buster - - stretch - platform: - - amd64 - - armhf - uses: signalwire/actions-template/.github/workflows/cd-scp.yml@main - with: - ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.codename }}-${{ matrix.platform }}-artifact - TARGET_FOLDER: /var/www/libbroadvoice-${{ github.ref_name }}-${{ matrix.os }}-${{ matrix.platform }}/${{ github.run_id }}-${{ github.run_number }} - RUNNER: ubuntu-latest - FILES: '*.tar.gz' - CREATE_DESTINATION_FOLDERS: true - secrets: - # Explicit define secrets for better understanding but it could be just inherit - PROXY_URL: ${{ secrets.PROXY_URL }} - USERNAME: ${{ secrets.USERNAME }} - HOSTNAME: ${{ secrets.HOSTNAME }} - TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} - - distribute_meta_rpm: - if: (github.ref_type == 'branch' && github.base_ref == '') - permissions: write-all - name: 'Copy meta to remote RPM' - needs: [ generate_meta_rpm ] - strategy: - max-parallel: 1 - matrix: - os: - - rpm - platform: - - amd64 - uses: signalwire/actions-template/.github/workflows/cd-libs-metadata.yml@main - with: - ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.platform }}-meta - LIB_NAME: libbroadvoice - SOURCE_BRANCH: ${{ github.ref_name }} - TARGET_OS: ${{ matrix.os }} - TARGET_PLATFORM: ${{ matrix.platform }} - RUNNER: ubuntu-latest - TARGET_REPO: signalwire/bamboo_gha_trigger - secrets: - GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }} - concurrency: - group: libbroadvoice-${{ matrix.os }}-${{ matrix.platform }} - cancel-in-progress: false - - distribute_meta_deb: - if: (github.ref_type == 'branch' && github.base_ref == '') - permissions: write-all - name: 'Copy meta to remote DEB' - needs: [ generate_meta_deb ] - strategy: - max-parallel: 1 - matrix: - os: - - deb - codename: - - bookworm - - bullseye - - buster - - stretch - platform: - - amd64 - - armhf - uses: signalwire/actions-template/.github/workflows/cd-libs-metadata.yml@main - with: - ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.codename }}-${{ matrix.platform }}-meta - LIB_NAME: libbroadvoice - SOURCE_BRANCH: ${{ github.ref_name }} - TARGET_OS: ${{ matrix.os }} - TARGET_PLATFORM: ${{ matrix.platform }} - RUNNER: ubuntu-latest - TARGET_REPO: signalwire/bamboo_gha_trigger - secrets: - GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }} - concurrency: - group: libbroadvoice-${{ matrix.os }}-${{ matrix.platform }} - cancel-in-progress: true - - distribute_hash_rpm: - if: (github.ref_type == 'branch' && github.base_ref == '') - permissions: write-all - name: 'Copy hash to remote RPM' - needs: [ distribute_meta_rpm ] - uses: signalwire/actions-template/.github/workflows/cd-scp.yml@main - strategy: - matrix: - os: - - rpm - platform: - - amd64 - with: - RUNNER: ubuntu-latest - CREATE_DESTINATION_FOLDERS: false - EXEC_COMMANDS: 'echo "${{ github.sha }}" > /var/www/libbroadvoice-${{ github.ref_name }}-${{ matrix.os }}-${{ matrix.platform }}/${{ github.run_id }}-${{ github.run_number }}/hash.txt' - secrets: - PROXY_URL: ${{ secrets.PROXY_URL }} - USERNAME: ${{ secrets.USERNAME }} - HOSTNAME: ${{ secrets.HOSTNAME }} - TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} - - distribute_hash_deb: - if: (github.ref_type == 'branch' && github.base_ref == '') - permissions: write-all - name: 'Copy hash to remote DEB' - needs: [ distribute_meta_deb ] - uses: signalwire/actions-template/.github/workflows/cd-scp.yml@main - strategy: - matrix: - os: - - deb - platform: - - amd64 - - armhf - with: - RUNNER: ubuntu-latest - CREATE_DESTINATION_FOLDERS: false - EXEC_COMMANDS: 'echo "${{ github.sha }}" > /var/www/libbroadvoice-${{ github.ref_name }}-${{ matrix.os }}-${{ matrix.platform }}/${{ github.run_id }}-${{ github.run_number }}/hash.txt' - secrets: - PROXY_URL: ${{ secrets.PROXY_URL }} - USERNAME: ${{ secrets.USERNAME }} - HOSTNAME: ${{ secrets.HOSTNAME }} - TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml new file mode 100644 index 0000000..3f0cc99 --- /dev/null +++ b/.github/workflows/cicd.yml @@ -0,0 +1,112 @@ +name: Build and Distribute + +on: + pull_request: + push: + branches: + - release + - master + paths: + - "**" + workflow_dispatch: + +concurrency: + group: ${{ github.head_ref || github.ref }} + +jobs: + deb: + name: 'DEB' + permissions: + id-token: write + contents: read + uses: signalwire/actions-template/.github/workflows/cicd-docker-build-and-distribute.yml@main + strategy: + # max-parallel: 1 + fail-fast: false + matrix: + os: + - debian + version: + - bookworm + - bullseye + - buster + platform: + - name: amd64 + runner: ubuntu-latest + - name: arm32v7 + runner: ubuntu-latest + # exclude: + # - version: bookworm + # platform: + # name: arm32v7 + with: + RUNNER: ${{ matrix.platform.runner }} + ARTIFACTS_PATTERN: '.*\.(deb)$' + DOCKERFILE: .github/docker/${{ matrix.os }}/${{ matrix.version }}/${{ matrix.platform.name }}/Dockerfile + MAINTAINER: 'Andrey Volk ' + META_FILE_PATH_PREFIX: /var/www/libbroadvoice/${{ github.ref_name }}/${{ matrix.os }}-${{ matrix.platform.name }}/${{ github.run_id }}-${{ github.run_number }} + PLATFORM: ${{ matrix.platform.name }} + # REPO_DOMAIN: freeswitch.signalwire.com + TARGET_ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-artifact + UPLOAD_BUILD_ARTIFACTS: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }} + secrets: + GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }} + HOSTNAME: ${{ secrets.HOSTNAME }} + PROXY_URL: ${{ secrets.PROXY_URL }} + USERNAME: ${{ secrets.USERNAME }} + TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} + # REPO_USERNAME: 'signalwire' + # REPO_PASSWORD: ${{ secrets.REPOTOKEN }} + + rpm: + name: 'RPM' + permissions: + id-token: write + contents: read + uses: signalwire/actions-template/.github/workflows/cicd-docker-build-and-distribute.yml@main + strategy: + # max-parallel: 1 + fail-fast: false + matrix: + os: + - centos + version: + - 7 + platform: + - name: amd64 + runner: ubuntu-latest + with: + RUNNER: ${{ matrix.platform.runner }} + ARTIFACTS_PATTERN: '.*\.(rpm)$' + DOCKERFILE: .github/docker/${{ matrix.os }}/${{ matrix.version }}/${{ matrix.platform.name }}/Dockerfile + MAINTAINER: 'Andrey Volk ' + META_FILE_PATH_PREFIX: /var/www/libbroadvoice/${{ github.ref_name }}/${{ matrix.os }}-${{ matrix.platform.name }}/${{ github.run_id }}-${{ github.run_number }} + PLATFORM: ${{ matrix.platform.name }} + # REPO_DOMAIN: freeswitch.signalwire.com + TARGET_ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-artifact + UPLOAD_BUILD_ARTIFACTS: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }} + secrets: + GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }} + HOSTNAME: ${{ secrets.HOSTNAME }} + PROXY_URL: ${{ secrets.PROXY_URL }} + USERNAME: ${{ secrets.USERNAME }} + TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} + # REPO_USERNAME: ${{ secrets.FSAUSER }} + # REPO_PASSWORD: ${{ secrets.FSAPASS }} + + meta: + name: 'Publish build data to meta-repo' + if: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }} + needs: + - deb + - rpm + permissions: + id-token: write + contents: read + uses: signalwire/actions-template/.github/workflows/meta-repo-content.yml@main + with: + META_CONTENT: '/var/www/libbroadvoice/${{ github.ref_name }}/*/${{ github.run_id }}-${{ github.run_number }}' + META_REPO: signalwire/bamboo_gha_trigger + META_REPO_BRANCH: trigger/libbroadvoice/${{ github.ref_name }} + secrets: + GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }}