Skip to content

Create Repo for RustDesk latest and nightly #159

Create Repo for RustDesk latest and nightly

Create Repo for RustDesk latest and nightly #159

Workflow file for this run

name: Create Repo for RustDesk latest and nightly
on:
schedule:
# Every 3AM UTC
- cron: "0 3 * * *"
pull_request:
branches:
- main
paths-ignore:
- '**.md'
push:
branches:
- main
paths-ignore:
- '**.md'
workflow_dispatch:
permissions:
contents: read
pages: write
id-token: write
jobs:
verify:
name: Verify container
runs-on: ubuntu-latest
steps:
- name: Install Cosign
uses: sigstore/[email protected]
- name: Verify
run: |
cosign verify --rekor-url=https://rekor.sigstore.dev \
--certificate-identity-regexp "https://github.com/xlionjuan/.*" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
ghcr.io/xlionjuan/fedora-createrepo-image:latest
build:
name: Build
needs: verify
runs-on: ubuntu-latest
container: ghcr.io/xlionjuan/fedora-createrepo-image:latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Pages
uses: actions/configure-pages@v5
- name: Import GPG Key
if: github.event_name != 'pull_request' || github.actor == 'renovate[bot]'
run: |
echo "$GPG_PRIVATE_KEY" | gpg --batch --yes --import
GPG_PUBLIC_KEY=$(gpg --list-keys --with-colons | grep fpr | head -n1 | cut -d: -f10)
echo "%_signature gpg
%_gpg_name $GPG_PUBLIC_KEY" > ~/.rpmmacros
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
- name: Build SELinux config for RustDesk
if: false
run: |
set -oue pipefail
./rustdesk_selinux/rustdesk.sh
cp rustdesk_selinux/noarch/rustdesk_selinux*.rpm "wwwroot/latest" &\
cp rustdesk_selinux/noarch/rustdesk_selinux*.rpm "wwwroot/nightly" &\
cp rustdesk_selinux/noarch/rustdesk_selinux*.rpm "wwwroot/latest-suse" &\
cp rustdesk_selinux/noarch/rustdesk_selinux*.rpm "wwwroot/nightly-suse"
- name: Download RustDesk latest and nightly
run: bash rustdesk_latest.sh & bash rustdesk_nightly.sh
- name: Reversion nightly version number with date
run: |
bash rustdesk_nightly_reversion.sh wwwroot/nightly/ori &\
bash rustdesk_nightly_reversion.sh wwwroot/nightly-suse/ori
echo "Run tree"
tree
- name: Sign RPMs
if: github.event_name != 'pull_request' || github.actor == 'renovate[bot]' || github.ref == 'refs/heads/main'
run: bash createrepo/1_sign_rpm.sh
- name: Create repo
run: bash createrepo/2_createrepo.sh
- name: Sign repo
if: github.event_name != 'pull_request' || github.actor == 'renovate[bot]' || github.ref == 'refs/heads/main'
run: bash createrepo/3_sign_repo.sh
- name: Sleep 0.5 sec
run: sleep 0.5
- name: Clean up GPG Key
run: rm -rf ~/.gnupg
- name: Upload Pages artifact
uses: actions/upload-pages-artifact@v3
with:
name: github-pages
path: wwwroot
- name: Publish Artifacts
uses: actions/upload-artifact@v4
with:
name: cf_r2
path: wwwroot
if-no-files-found: error
deploy:
name: Deploy to GitHub Pages
if: github.event_name != 'pull_request'
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
needs: build
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
push-to-cf-r2:
name: Push to Cloudflare R2
if: github.event_name != 'pull_request'
runs-on: ubuntu-latest
needs: build
steps:
- name: Download artifact
uses: actions/download-artifact@v4
with:
pattern: cf_r2
path: wwwroot
merge-multiple: true
- name: Upload to Cloudflare R2
uses: ryand56/r2-upload-action@latest
with:
r2-account-id: ${{ secrets.R2_ACCOUNT_ID }}
r2-access-key-id: ${{ secrets.R2_ACCESS_KEY_ID }}
r2-secret-access-key: ${{ secrets.R2_SECRET_ACCESS_KEY }}
r2-bucket: ${{ secrets.R2_BUCKET }}
keep-file-fresh: true
source-dir: wwwroot
destination-dir: ./