-
Notifications
You must be signed in to change notification settings - Fork 7
137 lines (134 loc) · 6.25 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
---
name: CI on push release tag
on:
push:
tags:
- 'v*'
- '!v*-rc*'
concurrency:
group: run-only-one-workflow
jobs:
build:
uses: ./.github/workflows/build.yml
with:
cacheless: false
deploy-images:
name: Deploy DTS artifacts on boot.dasharo.com and GitHub Release
needs: build
runs-on:
labels: dts-builder
steps:
- name: Prepare SSH key
shell: bash
env:
SSH_KEY: ${{secrets.SSH_KEY}}
SSH_KEY_CI_CD: ${{secrets.SSH_KEY_CI_CD}}
run: |
echo -e ${SSH_KEY} > ~/.ssh/dts-ci-key
chmod 600 ~/.ssh/dts-ci-key
echo -e ${SSH_KEY_CI_CD} > ~/.ssh/gitea_dts_release_cicd
chmod 600 ~/.ssh/gitea_dts_release_cicd
echo -e "\n
Host git.3mdeb.com\n
HostName git.3mdeb.com\n
IdentityFile ~/.ssh/gitea_dts_release_cicd\n
IdentitiesOnly yes" > ~/.ssh/config_deploy
- name: Get DTS version
id: dts-ver
shell: bash
run: |
# Extract tag version from GITHUB_REF
TAG=${GITHUB_REF#refs/tags/}
DTS_VER=${TAG}
echo "DTS_VER=${DTS_VER}" >> $GITHUB_ENV
- name: Validate DTS_VER
if: ${{ success() }}
shell: bash
run: |
# Retrieve DTS_VER from previous step
DTS_VER_EXPECTED="${{ env.DTS_VER }}"
DTS_VER_ACTUAL="v$(cat meta-dts/meta-dts-distro/conf/distro/dts-distro.conf | grep DISTRO_VERSION | tr -d "\" [A-Z]_=")"
if [ "${DTS_VER_EXPECTED}" != "${DTS_VER_ACTUAL}" ]; then
echo "Tag (${DTS_VER_EXPECTED}) does not match version (${DTS_VER_ACTUAL}) in 'meta-dts/meta-dts-distro/conf/distro/dts-distro.conf'"
exit 1
fi
- name: Deploy DTS on boot.dasharo.com
shell: bash
run: |
DTS_VER="${{ env.DTS_VER }}"
ssh -i ~/.ssh/dts-ci-key [email protected] "mkdir -p boot/dts/${DTS_VER}"
cd build/tmp/deploy/images/genericx86-64/
cp bzImage bzImage-${DTS_VER}
cp dts-base-image-genericx86-64.cpio.gz dts-base-image-${DTS_VER}.cpio.gz
cp dts-base-image-genericx86-64.wic.gz dts-base-image-${DTS_VER}.wic.gz
cp dts-base-image-genericx86-64.wic.bmap dts-base-image-${DTS_VER}.wic.bmap
# do not release iso image until issue is fixed
# see: https://github.com/dasharo/dasharo-issues/issues/288
# cp dts-base-image-genericx86-64.iso dts-base-image-${DTS_VER}.iso
scp -i ~/.ssh/dts-ci-key bzImage-${DTS_VER} [email protected]:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.cpio.gz [email protected]:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.gz [email protected]:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.bmap [email protected]:boot/dts/${DTS_VER}/
# do not release iso image until issue is fixed
# see: https://github.com/dasharo/dasharo-issues/issues/288
# scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.iso [email protected]:boot/dts/${DTS_VER}/
- name: Deploy manifest on boot.dasharo.com
shell: bash
run: |
DTS_VER="${{ env.DTS_VER }}"
cd build/tmp/deploy/images/genericx86-64/
cp dts-base-image-genericx86-64.manifest dts-base-image-${DTS_VER}.manifest
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.manifest [email protected]:boot/dts/${DTS_VER}/
- name: Deploy sha256 on boot.dasharo.com
shell: bash
run: |
DTS_VER="${{ env.DTS_VER }}"
cd build/tmp/deploy/images/genericx86-64/
sha256sum bzImage-${DTS_VER} > bzImage-${DTS_VER}.sha256
sha256sum dts-base-image-${DTS_VER}.cpio.gz > dts-base-image-${DTS_VER}.cpio.gz.sha256
sha256sum dts-base-image-${DTS_VER}.wic.gz > dts-base-image-${DTS_VER}.wic.gz.sha256
sha256sum dts-base-image-${DTS_VER}.wic.bmap > dts-base-image-${DTS_VER}.wic.bmap.sha256
sha256sum dts-base-image-${DTS_VER}.manifest > dts-base-image-${DTS_VER}.manifest.sha256
# do not release iso image until issue is fixed
# see: https://github.com/dasharo/dasharo-issues/issues/288
# sha256sum dts-base-image-${DTS_VER}.iso > dts-base-image-${DTS_VER}.iso.sha256
scp -i ~/.ssh/dts-ci-key bzImage-${DTS_VER}.sha256 [email protected]:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.cpio.gz.sha256 [email protected]:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.gz.sha256 [email protected]:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.bmap.sha256 [email protected]:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.manifest.sha256 [email protected]:boot/dts/${DTS_VER}/
# do not release iso image until issue is fixed
# see: https://github.com/dasharo/dasharo-issues/issues/288
# scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.iso.sha256 [email protected]:boot/dts/${DTS_VER}/
- name: Update iPXE menu
shell: bash
run: |
./meta-dts/scripts/generate-ipxe-menu.sh ${{ env.DTS_VER }}
scp -i ~/.ssh/dts-ci-key dts.ipxe [email protected]:boot/dts/
- name: Trigger signing and deploy to GitHub Release tab
shell: bash
run: |
DTS_VER="${{ env.DTS_VER }}"
GIT_SSH_COMMAND='ssh -F ~/.ssh/config_deploy' git clone ssh://[email protected]:2222/3mdeb/dts-release-cicd-pipeline.git
cd dts-release-cicd-pipeline
echo ${DTS_VER} > LATEST_RELEASE
git add LATEST_RELEASE
git commit -m "Signing release ${DTS_VER}"
GIT_SSH_COMMAND='ssh -F ~/.ssh/config_deploy' git push origin main
git tag ${DTS_VER}
GIT_SSH_COMMAND='ssh -F ~/.ssh/config_deploy' git push origin ${DTS_VER}
cd -
cleanup:
name: Cleanup
if: always()
needs: deploy-images
runs-on:
labels: dts-builder
steps:
- name: Cleanup after deployment
shell: bash
run: |
rm -rf ~/.ssh/dts-ci-key
rm -rf dts-release-cicd-pipeline
rm -f ~/.ssh/gitea_dts_release_cicd
rm -rf build meta-dts