josh/Vetting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5aa245cd857725d4f308fb4eff3bb05c659cb3ac
Vetting/.gitea/workflows/release.yml
T
josh d6cdb7caa9
CI / Lint + build + test (push) Successful in 1m35s
Details
Release / release (push) Failing after 1m38s
Details
ci: install kmod for mkosi depmod 
After installing the kernel package into the live image, mkosi runs
depmod on the host against the image's module tree. depmod ships in
the kmod package, which isn't in the runner container by default.
2026-04-18 03:05:55 -04:00

79 lines
2.7 KiB
YAML
Raw Blame History

name: Release
# Builds the full release tarball (orchestrator + agent + live image +
# deploy scripts) and publishes it to the Gitea generic package
# registry under two versions:
# - sha-<short-sha> immutable, per-commit pin
# - latest rolling alias (DELETE+PUT on each run)
#
# The LXC installer (deploy/proxmox-install.sh) curls the "latest"
# version by default; operators can pin via VETTING_VERSION=sha-abc1234.
on:
push:
branches: [main]
permissions:
contents: read
jobs:
release:
runs-on: ubuntu-latest
timeout-minutes: 45
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: "1.26.x"
cache: false
- name: Install live-image build dependencies
run: |
sudo apt-get update
sudo apt-get install -y --no-install-recommends \
mkosi debootstrap squashfs-tools dosfstools \
systemd-ukify systemd-boot kmod \
debian-archive-keyring
- name: Install templ
run: go install github.com/a-h/templ/cmd/templ@v0.3.1001
- name: Build release bundle
run: make release
- name: Resolve bundle path + short sha
id: meta
run: |
short_sha=$(git rev-parse --short HEAD)
echo "short_sha=${short_sha}" >> "$GITHUB_OUTPUT"
echo "bundle=bin/vetting-bundle-${short_sha}.tar.gz" >> "$GITHUB_OUTPUT"
- name: Publish sha-pinned bundle
env:
REGISTRY_URL: ${{ vars.REGISTRY_URL }}
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
OWNER: ${{ gitea.repository_owner }}
SHORT_SHA: ${{ steps.meta.outputs.short_sha }}
BUNDLE: ${{ steps.meta.outputs.bundle }}
run: |
curl -fsSL -H "Authorization: token ${REGISTRY_TOKEN}" \
--upload-file "${BUNDLE}" \
"${REGISTRY_URL}/api/packages/${OWNER}/generic/vetting/sha-${SHORT_SHA}/vetting-bundle.tar.gz"
- name: Replace latest alias
env:
REGISTRY_URL: ${{ vars.REGISTRY_URL }}
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
OWNER: ${{ gitea.repository_owner }}
BUNDLE: ${{ steps.meta.outputs.bundle }}
run: |
curl -fsSL -H "Authorization: token ${REGISTRY_TOKEN}" \
-X DELETE \
"${REGISTRY_URL}/api/packages/${OWNER}/generic/vetting/latest/vetting-bundle.tar.gz" \
|| true
curl -fsSL -H "Authorization: token ${REGISTRY_TOKEN}" \
--upload-file "${BUNDLE}" \
"${REGISTRY_URL}/api/packages/${OWNER}/generic/vetting/latest/vetting-bundle.tar.gz"
Reference in New Issue View Git Blame Copy Permalink