enoch/armbian-build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
efc249205f
armbian-build/.github/workflows/update-cache.yml
Igor Pečovnik be8b2dcf01
Cache creation cleanup (#4036) 
* Cache creation cleanup

Closing https://github.com/armbian/build/issues/3531

* Remove monthoffset parameter from action script

* - address displaying which variant is needed
- remove not needed text
- change ROOT_FS_CREATE_ONLY to yes / no
2022-07-31 16:48:25 +02:00

411 lines
14 KiB
YAML
Raw Blame History

name: Build Rootfs Cache
#
# Generates rootfs cache and uploads it to:
#
# https://github.com/armbian/mirror/releases/tag/rootfs
# https://cache.armbian.com/rootfs/
#
on:
schedule:
- cron: "30 0 15 * *" # Runs at 00:30 UTC on the 15st of every month.
push:
branches:
- 'master'
paths:
- 'config/distributions/**'
- 'config/cli/**'
- 'config/desktop/**'
workflow_dispatch:
jobs:
release-start:
permissions:
contents: none
name: Release start
runs-on: [X64]
outputs:
rootfscache_version: ${{ steps.env-vars.outputs.rootfscache_version }}
if: ${{ github.repository_owner == 'Armbian' }}
steps:
# Synyching procedure expects this value
- run: |
echo "not empty" > changes
- uses: actions/upload-artifact@v3
with:
path: changes
name: changes
if-no-files-found: ignore
- name: Checkout repository
uses: actions/checkout@v3
with:
repository: armbian/build
path: build
clean: false
- name: Remove current status
run: |
sudo mountpoint -q build/cache/rootfs.upload && sudo fusermount -u build/cache/rootfs.upload || true
sudo apt-get -y -qq install sshfs
sudo mkdir -p build/cache/rootfs.upload || true
# locally mount via NFS
if [[ $(curl -s http://ifconfig.me) == "93.103.15.56" ]]; then
sudo mount nas:/tank/armbian/users.armbian.com/upload/rootfs build/cache/rootfs.upload
else
sudo sshfs upload@users.armbian.com:/rootfs build/cache/rootfs.upload -o IdentityFile=~/.ssh/id_rsa -o reconnect -o allow_other || true
fi
# remove true in sshfs when all runners are on jammy
sudo rm build/cache/rootfs.upload/* || true
sudo mountpoint -q build/cache/rootfs.upload && sudo fusermount -u build/cache/rootfs.upload || true
- id: env-vars
name: Read current version
run: |
ROOTFSCACHE_VERSION=$(wget --tries=10 -O - -o /dev/null https://github.com/armbian/mirror/releases/download/rootfs/rootfscache.version || true)
ROOTFSCACHE_VERSION=$(( ${ROOTFSCACHE_VERSION:-"0"} + 1 ))
echo "${ROOTFSCACHE_VERSION}"
echo "$ROOTFSCACHE_VERSION" | sudo tee rootfscache.version
echo ::set-output name=rootfscache_version::$(echo ${ROOTFSCACHE_VERSION}) || true
- uses: dev-drprasad/delete-tag-and-release@v0.2.0
if: ${{ github.repository_owner == 'Armbian' }}
with:
delete_release: true
repo: 'armbian/mirror'
tag_name: "rootfs"
env:
GITHUB_TOKEN: ${{ secrets.CR_PAT }}
- name: Updating releases
uses: ncipollo/release-action@v1.10.0
with:
artifacts: "rootfscache.version"
repo: "mirror"
tag: "rootfs"
name: "Build in progress"
bodyFile: "build/.github/Releases-wip.md"
allowUpdates: true
removeArtifacts: true
token: ${{ secrets.CR_PAT }}
x86-min:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'minimal:uefi-x86'
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
x86-srv:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'server:uefi-x86'
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
x86-x:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'desktop:uefi-x86'
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
armhf-min:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'minimal:tinkerboard'
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
armhf-srv:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'server:tinkerboard'
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
armhf-x:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'desktop:tinkerboard'
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
arm64-min:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'minimal:uefi-arm64'
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
arm64-srv:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'server:uefi-arm64'
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
arm64-x:
needs: [release-start]
permissions:
contents: none
uses: armbian/scripts/.github/workflows/build-cache-v2.yml@master
with:
variant: 'desktop:uefi-arm64'
rootfscache_version: ${{ needs.release-start.outputs.rootfscache_version }}
secrets:
PAT1: ${{ secrets.CR_PAT }}
GPG_KEY1: ${{ secrets.GPG_KEY1 }}
GPG_PASSPHRASE1: ${{ secrets.GPG_PASSPHRASE1 }}
GPG_KEY2: ${{ secrets.GPG_KEY2 }}
GPG_PASSPHRASE2: ${{ secrets.GPG_PASSPHRASE2 }}
SCRIPTS_ACCESS_TOKEN: ${{ secrets.SCRIPTS_ACCESS_TOKEN }}
SSH_KEY_TORRENTS: ${{ secrets.KEY_TORRENTS }}
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
jobsend:
permissions:
contents: none
name: Release finish
needs: [x86-min,x86-srv,x86-x,armhf-min,armhf-srv,armhf-x,arm64-min,arm64-srv,arm64-x]
runs-on: [fast]
if: ${{ github.repository_owner == 'Armbian' }}
steps:
- name: Runner cleanup
uses: igorpecovnik/freespace@main
- name: Checkout repository
uses: actions/checkout@v3
with:
repository: armbian/build
path: build
clean: false
- name: Checkout tracker lists
uses: actions/checkout@v3
with:
fetch-depth: '1'
repository: ngosang/trackerslist
path: trackerslist
clean: false
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v5
with:
gpg_private_key: ${{ secrets.GPG_KEY1 }}
passphrase: ${{ secrets.GPG_PASSPHRASE1 }}
workdir: build
git_user_signingkey: true
- name: Install SSH key for storage
uses: shimataro/ssh-key-action@v2
with:
key: ${{ secrets.KEY_TORRENTS }}
known_hosts: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
if_key_exists: replace
- name: Mount upload folders
run: |
sudo mountpoint -q build/cache/rootfs.upload && sudo fusermount -u build/cache/rootfs.upload || true
sudo apt-get -y -qq install sshfs
sudo mkdir -p build/cache/rootfs.upload || true
if [[ $(curl -s http://ifconfig.me) == "93.103.15.56" ]]; then
sudo mount nas:/tank/armbian/users.armbian.com/upload/rootfs build/cache/rootfs.upload
else
sudo sshfs upload@users.armbian.com:/rootfs build/cache/rootfs.upload -o IdentityFile=~/.ssh/id_rsa -o reconnect -o allow_other || true
fi
# remove true in sshfs when all runners are on jammy
sudo df
- name: Signing
run: |
sudo apt-get -y -qq install parallel buildtorrent
ANNOUNCE=$(cat trackerslist/trackers_best_ip.txt | head -1)ANNOUNCE=$(cat trackerslist/trackers_best_ip.txt | sed '/^$/d' | shuf -n 1)
TRACKERS=$(cat trackerslist/trackers_all.txt | sed '/^\s*$/d' | while read line; do printf ",""${line}"; done | cut -c 2-)
WEBSEEDS="--webseeds="https://github.com/armbian/mirror/releases/download/rootfs/\$FILE,"$(curl -s https://cache.armbian.com/mirrors | jq -r '.'default' | .[] | values' | sed -e 's/$/rootfs\/$FILE/' | tr '\n' , | sed 's/.$//')"
cd build/cache/rootfs.upload
FILES=$(ls -1 *.lz4)
for FILE in ${FILES[@]}
do
if [[ ! -f $FILE.asc ]]; then
echo "$FILE"
fi
done | sudo --preserve-env parallel --jobs 18 '
echo "Signing {} "; echo ${{ secrets.GPG_PASSPHRASE1 }} | gpg --quiet --armor --batch --yes --passphrase-fd 0 --detach-sign --pinentry-mode loopback {};
echo "Generating {}.torrent "; buildtorrent -q -s -m '$WEBSEEDS' --announce="'$ANNOUNCE'" --announcelist="'$TRACKERS'" {} -c "Armbian rootfs cache" {}.torrent >/dev/null
'
# Update version
echo "${{ needs.release-start.outputs.rootfscache_version }}" | sudo tee rootfscache.version
- name: Upload
uses: ncipollo/release-action@v1
if: ${{ github.repository_owner == 'Armbian' }}
with:
repo: "mirror"
artifacts: "build/cache/rootfs.upload/*.torrent,build/cache/rootfs.upload/*.asc"
tag: "rootfs"
bodyFile: "build/.github/Releases.md"
name: "Rootfs cache"
allowUpdates: true
token: ${{ secrets.CR_PAT }}
- name: Delete obsolete
run: |
BRISI=($(diff <(find build/cache/rootfs.upload -name "*.lz4.current" | sed "s/.current//" | sort) <(find build/cache/rootfs.upload -name "*.lz4" | sort) | grep ">" | sed "s/> //"))
for brisi in "${BRISI[@]}"; do
sudo rm $brisi.*
done
- name: Unmount folders
run: |
sudo mountpoint -q build/cache/rootfs && sudo fusermount -u build/cache/rootfs || true
sudo mountpoint -q build/cache/rootfs.upload && sudo fusermount -u build/cache/rootfs.upload || true
final-sync:
permissions:
contents: none
name: "Sync servers"
needs: [jobsend]
if: ${{ success() && github.repository_owner == 'Armbian' }}
uses: armbian/scripts/.github/workflows/sync-servers.yml@master
with:
KEY_ID: 'upload'
secrets:
KEY_UPLOAD: ${{ secrets.KEY_UPLOAD }}
USER_REPOSITORY: ${{ secrets.USER_REPOSITORY }}
HOST_REPOSITORY: ${{ secrets.HOST_REPOSITORY }}
KNOWN_HOSTS_REPOSITORY: ${{ secrets.KNOWN_HOSTS_REPOSITORY }}
Reference in New Issue View Git Blame Copy Permalink