Skip to content

qgerome is packaging for Debian #116

qgerome is packaging for Debian

qgerome is packaging for Debian #116

name: build_debian_package
run-name: ${{ github.actor }} is packaging for Debian
on: [push]
env:
REPO_NAME: openhexa
CODENAME: bookworm
COMPONENTS: main
ARCHITECTURES: amd64
jobs:
package:
name: Build Debian package
runs-on: ubuntu-latest
container:
image: debian:bookworm
steps:
- name: Update APT database
run: apt update
- name: Obtain Latest Git ONLY within container for checkout
run: apt install -y --no-install-recommends git ca-certificates
- name: Checkout code
uses: actions/checkout@v4
- name: Make the working directory safe for Git if run in GitHub runner container
run: git config --system --add safe.directory "$PWD"
- name: Hack container for local development
if: ${{ env.ACT }}
run: |
apt install -y --no-install-recommends curl
curl -fsSL https://deb.nodesource.com/setup_18.x | su -p -c bash -
apt install -y nodejs
- name: Install devscripts
run: apt install -y --no-install-recommends devscripts debhelper build-essential
- name: Build package
run: |
./script/build.sh
cp ../openhexa_*_amd64.deb .
- name: Keep package
uses: actions/upload-artifact@v4
with:
name: debian_package_amd64
path: openhexa_*_amd64.deb
install:
name: Install Debian package
needs:
- package
runs-on: ubuntu-latest
# Unfortunately, the postgresql running in the job container can't bind
# the docker0 interface as it is not mounted inside the job container.
# container:
# image: debian:bookworm
# options: '--privileged'
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Update APT database
run: sudo apt update
- name: Install curl and CA certificates
run: sudo apt install -y --no-install-recommends curl ca-certificates
# this is for job container
# - name: Hack container for local development
# if: ${{ env.ACT }}
# run: |
# curl -fsSL https://deb.nodesource.com/setup_18.x | sudo su -p -c bash -
# sudo apt install -y nodejs npm
# curl -fsSL https://get.docker.com -o /tmp/get-docker.sh
# sudo sh /tmp/get-docker.sh
- name: Retrieve package
uses: actions/download-artifact@v4
with:
name: debian_package_amd64
# on Debian bookworkm we can simply install postgresql-postgis, but
# because it triggers a restart of another package, we need to be more
# specific
- name: Install OpenHexa dependencies
run: |
sudo apt install -y --no-install-recommends gettext-base openssl postgresql postgresql-postgis
curl -fsSL https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -o /tmp/yq &&\
sudo mv /tmp/yq /usr/bin/yq &&\
sudo chmod +x /usr/bin/yq
- name: Start PostgreSQL if run locally
if: ${{ env.ACT }}
run: |
sudo /etc/init.d/postgresql restart
- name: Start PostgreSQL if run on GitHub runner
if: ${{ ! env.ACT }}
run: |
sudo systemctl restart postgresql
- name: Install OpenHexa
run: |
sudo dpkg -i openhexa_*_amd64.deb
/usr/share/openhexa/setup.sh -g check
- name: Setup OpenHexa if run locally
if: ${{ env.ACT }}
run: |
set -x
sed -i -e "s%^.*WORKSPACE_STORAGE_LOCATION=.*$%WORKSPACE_STORAGE_LOCATION=\"${GITHUB_WORKSPACE}/workspaces\"%" /etc/openhexa/env.conf
set +x
- name: Start OpenHexa if run locally
if: ${{ env.ACT }}
run: /usr/share/openhexa/openhexa.sh -g start
- name: Get OpenHexa status
run: /usr/share/openhexa/openhexa.sh -g status
- name: Install smoke tests dependencies
working-directory: ./smoke-tests
run: |
npm ci
- name: Build smoke tests image
working-directory: ./smoke-tests
run: docker build -t openhexa/smoke-tests .
- name: Run smoke tests
run: docker run -t --net=host -v "$(pwd)/test-results:/code/test-results" openhexa/smoke-tests http://localhost:3000/ [email protected] root
- name: Keep test results
uses: actions/upload-artifact@v4
with:
name: Smoke tests results
path: smoke-test-results/
- name: Stop OpenHexa
run: /usr/share/openhexa/openhexa.sh -g stop
- name: Remove and purge package
run: sudo apt purge -y openhexa
create_apt_repo:
name: Create APT repo
needs: install
runs-on: ubuntu-latest
outputs:
artifact_id: ${{ steps.upload-artifact.outputs.artifact-id }}
keyring: ${{ steps.create-apt-repo.outputs.keyring }}
steps:
- name: Retrieve package
if: ${{ ! env.ACT }}
uses: actions/download-artifact@v4
with:
name: debian_package_amd64
- uses: morph027/apt-repo-action@main
if: ${{ ! env.ACT }}
id: create-apt-repo
with:
repo-name: ${{ env.REPO_NAME }}
signing-key: ${{ secrets.GPG_OPENHEXA_PRIVATE_KEY }}
codename: ${{ env.CODENAME }}
components: ${{ env.COMPONENTS }}
architectures: ${{ env.ARCHITECTURES }}
- name: Upload Pages artifact
if: ${{ ! env.ACT }}
uses: actions/upload-pages-artifact@v3
with:
name: github-pages
path: ${{ steps.create-apt-repo.outputs.dir }}
deploy_apt_repo:
name: Publish apt repo with GitHub Pages
permissions:
id-token: write
pages: write
if: github.ref_name == 'main'
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
needs: create_apt_repo
steps:
- name: Deploy to GitHub Pages
if: ${{ ! env.ACT }}
id: deployment
uses: actions/deploy-pages@v4
- name: Adding summary
if: ${{ ! env.ACT }}
run: |
echo ':rocket:' >> $GITHUB_STEP_SUMMARY
echo '' >> $GITHUB_STEP_SUMMARY
echo '```bash' >> $GITHUB_STEP_SUMMARY
echo 'curl -sfLo /etc/apt.trusted.gpg.d/${{ needs.build.outputs.keyring }}.asc ${{ steps.deploy-pages.outputs.page_url }}gpg.key' >> $GITHUB_STEP_SUMMARY
echo 'echo "deb ${{ steps.deploy-pages.outputs.page_url }} ${{ env.CODENAME }} ${{ env.COMPONENTS }}" >/etc/apt/sources.list.d/${{ env.REPO_NAME }}.list' >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY