From b9f3b4e71d066251edd06999a6cfb28592da85f3 Mon Sep 17 00:00:00 2001 From: sharpenedblade Date: Sat, 8 Jul 2023 13:45:47 +0530 Subject: [PATCH] ci: Fix package signing workflow --- .github/workflows/build.yml | 9 +++++---- .github/workflows/deploy.yml | 13 ++++++------- generate-dnf-repo.sh | 3 ++- sign-packages.sh | 1 + 4 files changed, 14 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 773ae22..78b1a6a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,11 +24,9 @@ jobs: mkdir -p _output docker run -t --privileged \ -v "$PWD":/repo \ - -e RPM_SIGNING_PRIVATE_KEY_B64 \ -e PACKAGE \ fedora:38 /bin/bash -c "/repo/build-packages.sh" env: - RPM_SIGNING_PRIVATE_KEY_B64: ${{ secrets.RPM_SIGNING_PRIVATE_KEY_B64 }} PACKAGE: ${{ matrix.package }} - name: "Check Build Artifacts" @@ -63,10 +61,13 @@ jobs: run: | docker run -t \ -v $PWD:/repo \ + -e RPM_SIGNING_PRIVATE_KEY_B64 \ fedora:38 /bin/bash -c "/repo/sign-packages.sh" - + env: + RPM_SIGNING_PRIVATE_KEY_B64: ${{ secrets.RPM_SIGNING_PRIVATE_KEY_B64 }} + - name: "Upload Unified Artifact" uses: actions/upload-artifact@v3 with: name: packages - path: _output/*.rpm \ No newline at end of file + path: _output/*.rpm diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index c82b29b..d2438bb 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -6,19 +6,18 @@ jobs: build-repo: runs-on: ubuntu-latest steps: + - name: "Checkout" + uses: actions/checkout@v3 + - name: "Download Artifacts" uses: actions/download-artifact@v3 with: name: packages path: _output - - name: "Checkout" - uses: actions/checkout@v3 - - name: "Build DNF Repo" run: | docker run -t \ - -v rpm-repo:/rpm-repo \ -v $PWD:/repo \ fedora:38 /bin/bash -c "/repo/generate-dnf-repo.sh" @@ -26,7 +25,7 @@ jobs: uses: actions/upload-artifact@v3 with: name: dnf-repo - path: rpm-repo + path: dnf-repo deploy: needs: ["build-repo"] @@ -37,11 +36,11 @@ jobs: uses: actions/download-artifact@v3 with: name: dnf-repo - path: rpm-repo + path: dnf-repo - name: "Deploy To Repo" uses: netlify/actions/cli@master env: NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }} with: - args: deploy --dir=rpm-repo --prod + args: deploy --dir=dnf-repo --prod diff --git a/generate-dnf-repo.sh b/generate-dnf-repo.sh index 9eea351..31d8b6f 100755 --- a/generate-dnf-repo.sh +++ b/generate-dnf-repo.sh @@ -1,5 +1,6 @@ dnf install -y --quiet createrepo -cd /rpm-repo +cd /repo +mkdir ./dnf-repo && cd ./dnf-repo cp /repo/_output/*.rpm . rm *.src.rpm createrepo . diff --git a/sign-packages.sh b/sign-packages.sh index 7f3eb83..485718a 100755 --- a/sign-packages.sh +++ b/sign-packages.sh @@ -1,5 +1,6 @@ #!/usr/bin/bash source /repo/util.sh +dnf install --quiet -y rpm-sign rpmdevtools cd /repo/_output sign_packages $RPM_SIGNING_PRIVATE_KEY_B64 "T2Linux Fedora"