enoch/armbian-build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
07d7d1a077
armbian-build/.github/workflows/update-cache.yml
Igor Pečovnik 07d7d1a077
Remove deprecated functionality (#4034) 
* Remove deprecated functionality

Since we are storing version number outside, we don't neet to deal with month cache rebuild here. Removing the code

* Change cron to more appropriate date

We tend to make releases by the end of the month, so cache rebuild in the middle is better then at the start of the month
2022-07-31 11:28:44 +02:00

425 lines
14 KiB
YAML
Raw Blame History

name: Build Rootfs Cache
#
# Generates rootfs cache and uploads it to:
#
# https://github.com/armbian/mirror/releases/tag/rootfs
# https://cache.armbian.com/rootfs/
#
on:
schedule:
- cron: "30 0 15 * *" # Runs at 00:30 UTC on the 15st of every month.
push:
branches:
- 'master'
paths:
- 'config/distributions/**'
- 'config/cli/**'
- 'config/desktop/**'
workflow_dispatch:
inputs:
monthoffset:
description: Forced month offset
required: true
default: 0
jobs:
release-start:
permissions:
contents: none
name: Release start
runs-on: [X64]
outputs:
rootfscache_version: ${{ steps.env-vars.outputs.rootfscache_version }}
if: ${{ github.repository_owner == 'Armbian' }}
steps:
# Synyching procedure expects this value
- run: |
echo "not empty" > changes
- uses: actions/upload-artifact@v3
with:
path: changes
name: changes
if-no-files-found: ignore
- name: Checkout repository
uses: actions/checkout@v3
with:
repository: armbian/build
path: build
clean: false
- name: Remove current status
run: |
sudo mountpoint -q build/cache/rootfs.upload && sudo fusermount -u build/cache/rootfs.upload || true
sudo apt-get -y -qq install sshfs
sudo mkdir -p build/cache/rootfs.upload || true
# locally mount via NFS
if [[ $(curl -s http://ifconfig.me) == "93.103.15.56" ]]; then
sudo mount nas:/tank/armbian/users.armbian.com/upload/rootfs build/cache/rootfs.upload
else
sudo sshfs upload@users.armbian.com:/rootfs build/cache/rootfs.upload -o IdentityFile=~/.ssh/id_rsa -o reconnect -o allow_other || true
fi
# remove true in sshfs when all runners are on jammy
sudo rm build/cache/rootfs.upload/* || true
sudo mountpoint -q build/cache/rootfs.upload && sudo fusermount -u build/cache/rootfs.upload || true
- id: env-vars
name: Read current version
run: |
ROOTFSCACHE_VERSION=$(wget --tries=10 -O - -o /dev/null https://github.com/armbian/mirror/releases/download/rootfs/rootfscache.version || true)
ROOTFSCACHE_VERSION=$(( ${ROOTFSCACHE_VERSION:-"0"} + 1 ))
echo "${ROOTFSCACHE_VERSION}"
echo "$ROOTFSCACHE_VERSION" | sudo tee rootfscache.version
echo ::set-output name=rootfscache_version::$(echo ${ROOTFSCACHE_VERSION}) || true
- uses: dev-drprasad/delete-tag-and-release@v0.2.0
if: ${{ github.repository_owner == 'Armbian' }}
with:
delete_release: true
repo: 'armbian/mirror'
tag_name: "rootfs"
env:
GITHUB_TOKEN: ${{ secrets.CR_PAT }}
- name: Updating releases
uses: ncipollo/release-action@v1.10.0
with:
artifacts: "rootfscache.version"
repo: "mirror"
tag: "rootfs"
name: "Build in progress"
bodyFile: "build/.github/Releases-wip.md"
allowUpdates: true
removeArtifacts: true
token: ${{ secrets.CR_PAT }}
x86-min:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'minimal:uefi-x86'
monthoffset: ${{ inputs.monthoffset }}
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
x86-srv:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'server:uefi-x86'
monthoffset: ${{ inputs.monthoffset }}
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
x86-x:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'desktop:uefi-x86'
monthoffset: ${{ inputs.monthoffset }}
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
armhf-min:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'minimal:tinkerboard'
monthoffset: ${{ inputs.monthoffset }}
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
armhf-srv:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'server:tinkerboard'
monthoffset: ${{ inputs.monthoffset }}
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
armhf-x:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'desktop:tinkerboard'
monthoffset: ${{ inputs.monthoffset }}
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
arm64-min:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'minimal:uefi-arm64'
monthoffset: ${{ inputs.monthoffset }}
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
arm64-srv:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'server:uefi-arm64'
monthoffset: ${{ inputs.monthoffset }}
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
arm64-x:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'desktop:uefi-arm64'
monthoffset: ${{ inputs.monthoffset }}
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
jobsend:
permissions:
contents: none
name: Release finish
needs: [x86-min,x86-srv,x86-x,armhf-min,armhf-srv,armhf-x,arm64-min,arm64-srv,arm64-x]
runs-on: [fast]
if: ${{ github.repository_owner == 'Armbian' }}
steps:
- name: Runner cleanup
uses: igorpecovnik/freespace@main
- name: Checkout repository
uses: actions/checkout@v3
with:
repository: armbian/build
path: build
clean: false
- name: Checkout tracker lists
uses: actions/checkout@v3
with:
fetch-depth: '1'
repository: ngosang/trackerslist
path: trackerslist
clean: false
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v5
with:
gpg_private_key: ${{ secrets.GPG_KEY1 }}
passphrase: ${{ secrets.GPG_PASSPHRASE1 }}
workdir: build
git_user_signingkey: true
- name: Install SSH key for storage
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.KEY_TORRENTS }}
known_hosts: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
if_key_exists: replace
- name: Mount upload folders
run: |
sudo mountpoint -q build/cache/rootfs.upload && sudo fusermount -u build/cache/rootfs.upload || true
sudo apt-get -y -qq install sshfs
sudo mkdir -p build/cache/rootfs.upload || true
if [[ $(curl -s http://ifconfig.me) == "93.103.15.56" ]]; then
sudo mount nas:/tank/armbian/users.armbian.com/upload/rootfs build/cache/rootfs.upload
else
sudo sshfs upload@users.armbian.com:/rootfs build/cache/rootfs.upload -o IdentityFile=~/.ssh/id_rsa -o reconnect -o allow_other || true
fi
# remove true in sshfs when all runners are on jammy
sudo df
- name: Signing
run: |
sudo apt-get -y -qq install parallel buildtorrent
ANNOUNCE=$(cat trackerslist/trackers_best_ip.txt | head -1)ANNOUNCE=$(cat trackerslist/trackers_best_ip.txt | sed '/^$/d' | shuf -n 1)
TRACKERS=$(cat trackerslist/trackers_all.txt | sed '/^\s*$/d' | while read line; do printf ",""${line}"; done | cut -c 2-)
WEBSEEDS="--webseeds="https://github.com/armbian/mirror/releases/download/rootfs/\$FILE,"$(curl -s https://cache.armbian.com/mirrors | jq -r '.'default' | .[] | values' | sed -e 's/$/rootfs\/$FILE/' | tr '\n' , | sed 's/.$//')"
cd build/cache/rootfs.upload
FILES=$(ls -1 *.lz4)
for FILE in ${FILES[@]}
do
if [[ ! -f $FILE.asc ]]; then
echo "$FILE"
fi
done | sudo --preserve-env parallel --jobs 18 '
echo "Signing {} "; echo ${{ secrets.GPG_PASSPHRASE1 }} | gpg --quiet --armor --batch --yes --passphrase-fd 0 --detach-sign --pinentry-mode loopback {};
echo "Generating {}.torrent "; buildtorrent -q -s -m '$WEBSEEDS' --announce="'$ANNOUNCE'" --announcelist="'$TRACKERS'" {} -c "Armbian rootfs cache" {}.torrent >/dev/null
'
# Update version
echo "${{ needs.release-start.outputs.rootfscache_version }}" | sudo tee rootfscache.version
- name: Upload
uses: ncipollo/release-action@v1
if: ${{ github.repository_owner == 'Armbian' }}
with:
repo: "mirror"
artifacts: "build/cache/rootfs.upload/*.torrent,build/cache/rootfs.upload/*.asc"
tag: "rootfs"
bodyFile: "build/.github/Releases.md"
name: "Rootfs cache"
allowUpdates: true
token: ${{ secrets.CR_PAT }}
- name: Delete obsolete
run: |
BRISI=($(diff <(find build/cache/rootfs.upload -name "*.lz4.current" | sed "s/.current//" | sort) <(find build/cache/rootfs.upload -name "*.lz4" | sort) | grep ">" | sed "s/> //"))
for brisi in "${BRISI[@]}"; do
sudo rm $brisi.*
done
- name: Unmount folders
run: |
sudo mountpoint -q build/cache/rootfs && sudo fusermount -u build/cache/rootfs || true
sudo mountpoint -q build/cache/rootfs.upload && sudo fusermount -u build/cache/rootfs.upload || true
final-sync:
permissions:
contents: none
name: "Sync servers"
needs: [jobsend]
if: ${{ success() && github.repository_owner == 'Armbian' }}
uses: armbian/scripts/.github/workflows/sync-servers.yml@master
with:
KEY_ID: 'upload'
secrets:
KEY_UPLOAD: ${{ secrets.KEY_UPLOAD }}
USER_REPOSITORY: ${{ secrets.USER_REPOSITORY }}
HOST_REPOSITORY: ${{ secrets.HOST_REPOSITORY }}
KNOWN_HOSTS_REPOSITORY: ${{ secrets.KNOWN_HOSTS_REPOSITORY }}
Reference in New Issue View Git Blame Copy Permalink