debug: final version #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Archlinux aarch64 Raspberry Pi Image Builder | |
| on: [push] | |
| permissions: | |
| contents: write | |
| jobs: | |
| build-image: | |
| name: Build Archlinux aarch64 Raspberry Pi Image | |
| env: | |
| INSTALL_REQUIREMENTS: false | |
| LOOP_IMAGE_SIZE: 4G | |
| IMAGE_NAME_PREFIX: sz-arch | |
| DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }} | |
| TRANSFERSH_URL: ${{ secrets.TRANSFERSH_URL }} | |
| RPI_MODEL: 5 | |
| ARM_VERSION: aarch64 | |
| DEFAULT_LOCALE: en_US.UTF-8 | |
| TIMEZONE: Europe/Paris | |
| KEYMAP: us-acentos | |
| SSH_PUB_KEY: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKMidTQ6KGfZtonNKd1HtNPPDiPtzEmlg5yOduvmZzTA valerius laptop | |
| PACKAGES: arp-scan base-devel dosfstools git mkinitcpio-utils neovim nftables openssh python qrencode rsync sudo tailscale uboot-tools unzip zerotier-one zsh | |
| runs-on: self-hosted | |
| environment: main | |
| # container: archlinux:latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Generate Dynamic Variables | |
| run: | | |
| echo "RPI_HOSTNAME=sz-$(git rev-parse --short HEAD)-rpi${{ env.RPI_MODEL }}" >> $GITHUB_ENV | |
| echo "WORKDIR_BASE=${{ github.workspace }}/run-${{ github.run_id }}" >> $GITHUB_ENV | |
| echo "IMAGE_NAME=${{ env.IMAGE_NAME_PREFIX }}-${{ env.ARM_VERSION }}-rpi${{ env.RPI_MODEL }}_v$(git rev-parse --short HEAD).img" >> $GITHUB_ENV | |
| echo "LOOP_IMAGE_PATH=${{ github.workspace }}/run-${{ github.run_id }}/${{ env.IMAGE_NAME_PREFIX }}-${{ env.ARM_VERSION }}-rpi${{ env.RPI_MODEL }}-v$(git rev-parse --short HEAD).img" >> $GITHUB_ENV | |
| echo "DISTRO=$(cat /etc/*-release | grep ^ID= | cut -d'=' -f2)" >> $GITHUB_ENV | |
| echo "ARCH_AARCH64_IMG_URL=http://os.archlinuxarm.org/os/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz" >> $GITHUB_ENV | |
| echo "ARCH_AARCH64_IMG_URL_MD5=http://os.archlinuxarm.org/os/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz.md5" >> $GITHUB_ENV | |
| echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV | |
| echo "ROOT_PASSWORD=$(pwgen -s 17 1)" >> $GITHUB_ENV | |
| - name: Update system and install dependencies for Arch Linux | |
| if: env.INSTALL_REQUIREMENTS == 'true' && env.DISTRO == 'arch' | |
| run: | | |
| sudo pacman -Syu --noconfirm | |
| sudo pacman -S --noconfirm qemu-user-static-binfmt qemu-user-static dosfstools wget libarchive sudo arch-install-scripts pwgen | |
| - name: Update system and install dependencies for Ubuntu | |
| if: env.INSTALL_REQUIREMENTS == 'true' && env.DISTRO == 'ubuntu' | |
| run: | | |
| sudo apt update | |
| sudo apt-get install -y arch-install-scripts qemu-user-static binfmt-support dosfstools wget libarchive-tools sudo | |
| - name: Create Work Folder and apply permissions | |
| run: | | |
| sudo mkdir -p $WORKDIR_BASE | |
| sudo chown -R $USER:$USER $WORKDIR_BASE | |
| echo "Created $WORKDIR_BASE and applied permissions" | |
| - name: Create Image File | |
| run: | | |
| fallocate -l $LOOP_IMAGE_SIZE $LOOP_IMAGE_PATH | |
| - name: Download Archlinux aarch64 Image | |
| run: | | |
| cd $WORKDIR_BASE | |
| wget -q $ARCH_AARCH64_IMG_URL -O $WORKDIR_BASE/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz | |
| wget -q $ARCH_AARCH64_IMG_URL_MD5 -O $WORKDIR_BASE/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz.md5 | |
| md5sum -c $WORKDIR_BASE/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz.md5 | |
| - name: Setup Loop Device | |
| run: | | |
| sudo losetup -fP $LOOP_IMAGE_PATH | |
| LOOP_DEVICE=$(sudo losetup -j $LOOP_IMAGE_PATH | cut -d: -f1) | |
| echo "Loop device is $LOOP_DEVICE" | |
| echo "LOOP_DEVICE=$LOOP_DEVICE" >> $GITHUB_ENV | |
| - name: Create Partitions | |
| run: | | |
| sudo parted --script $LOOP_DEVICE mklabel msdos | |
| sudo parted --script $LOOP_DEVICE mkpart primary fat32 1MiB 257MiB | |
| sudo parted --script $LOOP_DEVICE mkpart primary ext4 257MiB 100% | |
| sudo parted --script $LOOP_DEVICE set 1 boot on | |
| sudo parted --script $LOOP_DEVICE print | |
| - name: Format Partitions | |
| run: | | |
| sudo mkfs.vfat -F32 ${LOOP_DEVICE}p1 -n PI-BOOT | |
| sudo mkfs.ext4 -q -E lazy_itable_init=0,lazy_journal_init=0 -F ${LOOP_DEVICE}p2 -L PI-ROOT | |
| - name: Mount Partitions | |
| run: | | |
| sudo mkdir -p $WORKDIR_BASE/root | |
| sudo mount ${LOOP_DEVICE}p2 $WORKDIR_BASE/root | |
| sudo mkdir -p $WORKDIR_BASE/root/boot | |
| sudo mount ${LOOP_DEVICE}p1 $WORKDIR_BASE/root/boot | |
| - name: Extract Archlinux aarch64 Image | |
| run: | | |
| sudo bsdtar -xpf $WORKDIR_BASE/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz -C $WORKDIR_BASE/root | |
| sudo sync | |
| - name: Check if systemd-binfmt is started | |
| run: | | |
| sudo systemctl start systemd-binfmt | |
| - name: Run Build Script | |
| run: | | |
| sudo chmod +x ./build_archlinux_rpi_aarch64_img.sh | |
| sudo --preserve-env ./build_archlinux_rpi_aarch64_img.sh | |
| - name: Upload Image and Get URL | |
| if: success() | |
| run: | | |
| ISO_URL=$(curl --silent --show-error --progress-bar --upload-file $LOOP_IMAGE_PATH $TRANSFERSH_URL) | |
| echo "ISO_URL=$ISO_URL" >> $GITHUB_ENV | |
| echo "Uploaded $LOOP_IMAGE_PATH to $ISO_URL" | |
| - name: Save Root Password to File | |
| run: | | |
| echo "$ROOT_PASSWORD" > root_password.txt | |
| - name: Upload Root Password as Artifact | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: root-password | |
| path: root_password.txt | |
| # create a release | |
| - name: Create Release | |
| if: success() | |
| id: create_release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ env.SHORT_SHA }} | |
| release_name: Release ${{ env.SHORT_SHA }} | |
| body: | | |
| Release of Archlinux ${{ env.ARM_VERSION }} Raspberry Pi Image for model ${{ env.RPI_MODEL }}. | |
| **Changelog:** | |
| - Custom Archlinux build for Raspberry Pi `${{ env.RPI_MODEL }}` | |
| - Architecture: `${{ env.ARM_VERSION }}` | |
| - Locale: `${{ env.DEFAULT_LOCALE }}` | |
| - Timezone: `${{ env.TIMEZONE }}` | |
| - Packages included: ${{ env.PACKAGES }} | |
| The image is available for download: [Download Image](${{ env.ISO_URL }}) | |
| draft: false | |
| prerelease: false | |
| - name: Notify Success | |
| if: success() | |
| run: | | |
| SUCCESS_MESSAGE="🎉 Awesome! The Raspberry Pi image build succeeded 🚀\n\ | |
| Release of Archlinux ${{ env.ARM_VERSION }} Raspberry Pi Image for model ${{ env.RPI_MODEL }}.\n\ | |
| Author: ${{ github.actor }}\nBranch: ${{ github.ref }}\n\ | |
| 🗝 Root Password is available as an artifact.\n\ | |
| Commit Message: ${{ github.event.head_commit.message }}\n\ | |
| [View Last Commit](https://github.com/${{ github.repository }}/commit/${{ github.sha }}) 📜\n\ | |
| The image is available for download:\n[Download Image]($ISO_URL) 📦\n\ | |
| Filename: ${{ env.IMAGE_NAME }}\n" | |
| curl -X POST -H "Content-Type: application/json" -d "{\"content\": \"$SUCCESS_MESSAGE\"}" $DISCORD_WEBHOOK_URL | |
| - name: Notify Failure | |
| if: failure() | |
| run: | | |
| FAILURE_MESSAGE="😞 Oops! The pipeline for **${{ github.repository }}** has failed.\n[Check the logs and troubleshoot here.](https://github.com/${{ github.repository }}/commit/${{ github.sha }}) 🛠️" | |
| curl -X POST -H "Content-Type: application/json" -d "{\"content\": \"$FAILURE_MESSAGE\"}" $DISCORD_WEBHOOK_URL | |
| - name: Umount Loop Device | |
| if: always() | |
| run: | | |
| sudo umount -R -fl ${WORKDIR_BASE}/root/boot | |
| sudo umount -R -fl ${WORKDIR_BASE}/root | |
| echo "Unmounted $WORKDIR_BASE" | |
| sync | |
| - name: Delete Work Folder | |
| if: always() | |
| run: | | |
| sudo rm -rf $WORKDIR_BASE | |
| echo "Work folder deleted" | |
| - name: Release Loop Device | |
| if: always() | |
| run: | | |
| if [ -n "$LOOP_DEVICE" ]; then | |
| sudo losetup -d $LOOP_DEVICE | |
| echo "Loop device $LOOP_DEVICE released" | |
| fi |