-
Notifications
You must be signed in to change notification settings - Fork 2
206 lines (177 loc) · 8.2 KB
/
rpi_aarch64_image_builder.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
name: Archlinux aarch64 Raspberry Pi Image Builder
on: [push]
permissions:
contents: write
jobs:
build-image:
name: Build Archlinux aarch64 Raspberry Pi Image
env:
INSTALL_REQUIREMENTS: false
LOOP_IMAGE_SIZE: 4G
DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }}
TRANSFERSH_URL: ${{ secrets.TRANSFERSH_URL }}
ARM_VERSION: aarch64
# IMAGE_NAME_PREFIX: sz-arch
# RPI_MODEL: 5
# DEFAULT_LOCALE: en_US.UTF-8
# TIMEZONE: Europe/Paris
# KEYMAP: us-acentos
SSH_PUB_KEY: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKMidTQ6KGfZtonNKd1HtNPPDiPtzEmlg5yOduvmZzTA valerius laptop
# PACKAGES: arp-scan base-devel dosfstools git mkinitcpio-utils neovim nftables openssh python qrencode rsync sudo tailscale uboot-tools unzip zerotier-one zsh
runs-on: self-hosted
environment: main
# container: archlinux:latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Load Environment Variables
run: |
set -a
source build_config.env
set +a
while IFS= read -r line; do
if [[ "$line" =~ ^[[:alnum:]_]+=.+ ]]; then
echo "$line" >> $GITHUB_ENV
fi
done < build_config.env
- name: Generate Dynamic Variables
run: |
echo "RPI_HOSTNAME=sz-$(git rev-parse --short HEAD)-rpi${{ env.RPI_MODEL }}" >> $GITHUB_ENV
echo "WORKDIR_BASE=${{ github.workspace }}/run-${{ github.run_id }}" >> $GITHUB_ENV
echo "IMAGE_NAME=${{ env.IMAGE_NAME_PREFIX }}-${{ env.ARM_VERSION }}-rpi${{ env.RPI_MODEL }}_v$(git rev-parse --short HEAD).img" >> $GITHUB_ENV
echo "LOOP_IMAGE_PATH=${{ github.workspace }}/run-${{ github.run_id }}/${{ env.IMAGE_NAME_PREFIX }}-${{ env.ARM_VERSION }}-rpi${{ env.RPI_MODEL }}-v$(git rev-parse --short HEAD).img" >> $GITHUB_ENV
echo "DISTRO=$(cat /etc/*-release | grep ^ID= | cut -d'=' -f2)" >> $GITHUB_ENV
echo "ARCH_AARCH64_IMG_URL=http://os.archlinuxarm.org/os/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz" >> $GITHUB_ENV
echo "ARCH_AARCH64_IMG_URL_MD5=http://os.archlinuxarm.org/os/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz.md5" >> $GITHUB_ENV
echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
echo "ROOT_PASSWORD=$(pwgen -s 17 1)" >> $GITHUB_ENV
echo "SSH_PUB_KEY=$SSH_PUB_KEY" >> $GITHUB_ENV
- name: Update system and install dependencies for Arch Linux
if: env.INSTALL_REQUIREMENTS == 'true' && env.DISTRO == 'arch'
run: |
sudo pacman -Syu --noconfirm
sudo pacman -S --noconfirm qemu-user-static-binfmt qemu-user-static dosfstools wget libarchive sudo arch-install-scripts pwgen
- name: Update system and install dependencies for Ubuntu
if: env.INSTALL_REQUIREMENTS == 'true' && env.DISTRO == 'ubuntu'
run: |
sudo apt update
sudo apt-get install -y arch-install-scripts qemu-user-static binfmt-support dosfstools wget libarchive-tools sudo
- name: Create Work Folder and apply permissions
run: |
sudo mkdir -p $WORKDIR_BASE
sudo chown -R $USER:$USER $WORKDIR_BASE
echo "Created $WORKDIR_BASE and applied permissions"
- name: Create Image File
run: |
fallocate -l $LOOP_IMAGE_SIZE $LOOP_IMAGE_PATH
- name: Download Archlinux aarch64 Image
run: |
cd $WORKDIR_BASE
wget -q $ARCH_AARCH64_IMG_URL -O $WORKDIR_BASE/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz
wget -q $ARCH_AARCH64_IMG_URL_MD5 -O $WORKDIR_BASE/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz.md5
md5sum -c $WORKDIR_BASE/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz.md5
- name: Setup Loop Device
run: |
sudo losetup -fP $LOOP_IMAGE_PATH
LOOP_DEVICE=$(sudo losetup -j $LOOP_IMAGE_PATH | cut -d: -f1)
echo "Loop device is $LOOP_DEVICE"
echo "LOOP_DEVICE=$LOOP_DEVICE" >> $GITHUB_ENV
- name: Create Partitions
run: |
sudo parted --script $LOOP_DEVICE mklabel msdos
sudo parted --script $LOOP_DEVICE mkpart primary fat32 1MiB 257MiB
sudo parted --script $LOOP_DEVICE mkpart primary ext4 257MiB 100%
sudo parted --script $LOOP_DEVICE set 1 boot on
sudo parted --script $LOOP_DEVICE print
- name: Format Partitions
run: |
sudo mkfs.vfat -F32 ${LOOP_DEVICE}p1 -n PI-BOOT
sudo mkfs.ext4 -q -E lazy_itable_init=0,lazy_journal_init=0 -F ${LOOP_DEVICE}p2 -L PI-ROOT
- name: Mount Partitions
run: |
sudo mkdir -p $WORKDIR_BASE/root
sudo mount ${LOOP_DEVICE}p2 $WORKDIR_BASE/root
sudo mkdir -p $WORKDIR_BASE/root/boot
sudo mount ${LOOP_DEVICE}p1 $WORKDIR_BASE/root/boot
- name: Extract Archlinux aarch64 Image
run: |
sudo bsdtar -xpf $WORKDIR_BASE/ArchLinuxARM-rpi-${{ env.ARM_VERSION }}-latest.tar.gz -C $WORKDIR_BASE/root
sudo sync
- name: Check if systemd-binfmt is started
run: |
sudo systemctl start systemd-binfmt
- name: Run Build Script
run: |
sudo chmod +x ./build_archlinux_rpi_aarch64_img.sh
sudo --preserve-env ./build_archlinux_rpi_aarch64_img.sh
- name: Upload Image and Get URL
if: success()
run: |
ISO_URL=$(curl --silent --show-error --progress-bar --upload-file $LOOP_IMAGE_PATH $TRANSFERSH_URL)
echo "ISO_URL=$ISO_URL" >> $GITHUB_ENV
echo "Uploaded $LOOP_IMAGE_PATH to $ISO_URL"
- name: Save Root Password to File
run: |
echo "$ROOT_PASSWORD" > root_password.txt
- name: Upload Root Password as Artifact
uses: actions/upload-artifact@v2
with:
name: root-password
path: root_password.txt
# create a release
- name: Create Release
if: success()
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ env.SHORT_SHA }}
release_name: Release ${{ env.SHORT_SHA }}
body: |
Release of Archlinux ${{ env.ARM_VERSION }} Raspberry Pi Image for model ${{ env.RPI_MODEL }}.
**Changelog:**
- Custom Archlinux build for Raspberry Pi `${{ env.RPI_MODEL }}`
- Architecture: `${{ env.ARM_VERSION }}`
- Locale: `${{ env.DEFAULT_LOCALE }}`
- Timezone: `${{ env.TIMEZONE }}`
- Packages included: ${{ env.PACKAGES }}
The image is available for download: [Download Image](${{ env.ISO_URL }})
draft: false
prerelease: false
- name: Notify Success
if: success()
run: |
SUCCESS_MESSAGE="🎉 Awesome! The Raspberry Pi image build succeeded 🚀\n\
Release of Archlinux ${{ env.ARM_VERSION }} Raspberry Pi Image for model ${{ env.RPI_MODEL }}.\n\
Author: ${{ github.actor }}\nBranch: ${{ github.ref }}\n\
🗝 Root Password is available as an artifact.\n\
Commit Message: ${{ github.event.head_commit.message }}\n\
[View Last Commit](https://github.com/${{ github.repository }}/commit/${{ github.sha }}) 📜\n\
The image is available for download:\n[Download Image]($ISO_URL) 📦\n\
Filename: ${{ env.IMAGE_NAME }}\n"
curl -X POST -H "Content-Type: application/json" -d "{\"content\": \"$SUCCESS_MESSAGE\"}" $DISCORD_WEBHOOK_URL
- name: Notify Failure
if: failure()
run: |
FAILURE_MESSAGE="😞 Oops! The pipeline for **${{ github.repository }}** has failed.\n[Check the logs and troubleshoot here.](https://github.com/${{ github.repository }}/commit/${{ github.sha }}) 🛠️"
curl -X POST -H "Content-Type: application/json" -d "{\"content\": \"$FAILURE_MESSAGE\"}" $DISCORD_WEBHOOK_URL
- name: Umount Loop Device
if: always()
run: |
sudo umount -R -fl ${WORKDIR_BASE}/root/boot
sudo umount -R -fl ${WORKDIR_BASE}/root
echo "Unmounted $WORKDIR_BASE"
sync
- name: Delete Work Folder
if: always()
run: |
sudo rm -rf $WORKDIR_BASE
echo "Work folder deleted"
- name: Release Loop Device
if: always()
run: |
if [ -n "$LOOP_DEVICE" ]; then
sudo losetup -d $LOOP_DEVICE
echo "Loop device $LOOP_DEVICE released"
fi