.github/workflows: Build DTS from kas-uefi-sb.yml #113

Workflow file for this run

.github/workflows/develop.yml at 2ab6b0c

	---
Check failure on line 1 in .github/workflows/develop.yml View workflow run for this annotation GitHub Actions / .github/workflows/develop.yml Invalid workflow file No steps defined in `steps` and no workflow called in `uses` for the following jobs: move-build-artifacts
	name: CI on push develop tag
	on:
	push:
	tags:
	- 'v-rc'

	concurrency:
	group: ${{ github.workflow }}

	jobs:
	build-uefi-sb:
	uses: ./.github/workflows/build.yml
	with:
	cacheless: false
	kas-path: meta-dts/kas-uefi-sb.yml
	move-build-artifacts:
	needs: build-uefi-sb
	runs-on:
	labels: dts-builder
	steps: Move UEFI SB build artifacts
	shell: bash
	run: \|
	mv build build-sb
	build:
	uses: ./.github/workflows/build.yml
	with:
	cacheless: false
	kas-path: meta-dts/kas.yml
	deploy-images:
	name: Deploy DTS artifacts on boot.dasharo.com
	needs: build
	runs-on:
	labels: dts-builder
	steps:
	- name: Prepare SSH key
	shell: bash
	env:
	SSH_KEY: ${{secrets.SSH_KEY}}
	SSH_KEY_CI_CD: ${{secrets.SSH_KEY_CI_CD}}
	run: \|
	echo -e ${SSH_KEY} > ~/.ssh/dts-ci-key
	chmod 600 ~/.ssh/dts-ci-key
	echo -e ${SSH_KEY_CI_CD} > ~/.ssh/gitea_dts_release_cicd
	chmod 600 ~/.ssh/gitea_dts_release_cicd
	echo -e "\n
	Host git.3mdeb.com\n
	HostName git.3mdeb.com\n
	IdentityFile ~/.ssh/gitea_dts_release_cicd\n
	IdentitiesOnly yes" > ~/.ssh/config_deploy
	- name: Get DTS version
	id: dts-ver
	shell: bash
	run: \|
	# Extract tag version from GITHUB_REF
	TAG=${GITHUB_REF#refs/tags/}
	DTS_VER=${TAG}
	echo "DTS_VER=${DTS_VER}" >> $GITHUB_ENV
	- name: Validate DTS_VER
	if: ${{ success() }}
	shell: bash
	run: \|
	# Retrieve DTS_VER from previous step
	DTS_VER_EXPECTED="${{ env.DTS_VER }}"
	DTS_VER_ACTUAL="v$(cat meta-dts/meta-dts-distro/conf/distro/dts-distro.conf \| grep DISTRO_VERSION \| tr -d "\" [A-Z]_=")"

	if [ "${DTS_VER_EXPECTED}" != "${DTS_VER_ACTUAL}" ]; then
	echo "Tag (${DTS_VER_EXPECTED}) does not match version (${DTS_VER_ACTUAL}) in `meta-dts/meta-dts-distro/conf/distro/dts-distro.conf`"
	exit 1
	fi
	- name: Deploy DTS on boot.dasharo.com
	shell: bash
	run: \|
	DTS_VER="${{ env.DTS_VER }}"
	ssh -i ~/.ssh/dts-ci-key builder@10.1.40.2 "mkdir -p boot/dts/${DTS_VER}"
	cd build/tmp/deploy/images/genericx86-64/
	cp bzImage bzImage-${DTS_VER}
	cp dts-base-image-genericx86-64.cpio.gz dts-base-image-${DTS_VER}.cpio.gz
	cp dts-base-image-genericx86-64.wic.gz dts-base-image-${DTS_VER}.wic.gz
	cp dts-base-image-genericx86-64.wic.bmap dts-base-image-${DTS_VER}.wic.bmap
	cp dts-base-image-genericx86-64.iso dts-base-image-${DTS_VER}.iso
	scp -i ~/.ssh/dts-ci-key bzImage-${DTS_VER} builder@10.1.40.2:boot/dts/${DTS_VER}/
	scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.cpio.gz builder@10.1.40.2:boot/dts/${DTS_VER}/
	scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.gz builder@10.1.40.2:boot/dts/${DTS_VER}/
	scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.bmap builder@10.1.40.2:boot/dts/${DTS_VER}/
	scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.iso builder@10.1.40.2:boot/dts/${DTS_VER}/
	- name: Deploy manifest on boot.dasharo.com
	shell: bash
	run: \|
	DTS_VER="${{ env.DTS_VER }}"
	cd build/tmp/deploy/images/genericx86-64/
	cp dts-base-image-genericx86-64.manifest dts-base-image-${DTS_VER}.manifest
	scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.manifest builder@10.1.40.2:boot/dts/${DTS_VER}/
	- name: Deploy sha256 on boot.dasharo.com
	shell: bash
	run: \|
	DTS_VER="${{ env.DTS_VER }}"
	cd build/tmp/deploy/images/genericx86-64/
	sha256sum bzImage-${DTS_VER} > bzImage-${DTS_VER}.sha256
	sha256sum dts-base-image-${DTS_VER}.cpio.gz > dts-base-image-${DTS_VER}.cpio.gz.sha256
	sha256sum dts-base-image-${DTS_VER}.wic.gz > dts-base-image-${DTS_VER}.wic.gz.sha256
	sha256sum dts-base-image-${DTS_VER}.wic.bmap > dts-base-image-${DTS_VER}.wic.bmap.sha256
	sha256sum dts-base-image-${DTS_VER}.iso > dts-base-image-${DTS_VER}.iso.sha256
	sha256sum dts-base-image-${DTS_VER}.manifest > dts-base-image-${DTS_VER}.manifest.sha256
	scp -i ~/.ssh/dts-ci-key bzImage-${DTS_VER}.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
	scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.cpio.gz.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
	scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.gz.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
	scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.bmap.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
	scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.iso.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
	scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.manifest.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
	- name: Update iPXE menu
	shell: bash
	run: \|
	./meta-dts/scripts/generate-ipxe-menu.sh DTS_VER="${{ env.DTS_VER }}"
	scp -i ~/.ssh/dts-ci-key dts-rc.ipxe builder@10.1.40.2:boot/dts/
	- name: Trigger signing
	shell: bash
	run: \|
	DTS_VER="${{ env.DTS_VER }}"
	GIT_SSH_COMMAND='ssh -F ~/.ssh/config_deploy' git clone ssh://git@git.3mdeb.com:2222/3mdeb/dts-release-cicd-pipeline.git
	cd dts-release-cicd-pipeline
	echo ${DTS_VER} > LATEST_RELEASE
	git add LATEST_RELEASE
	git commit -m "Signing release ${DTS_VER}"
	GIT_SSH_COMMAND='ssh -F ~/.ssh/config_deploy' git push origin main
	git tag ${DTS_VER}
	GIT_SSH_COMMAND='ssh -F ~/.ssh/config_deploy' git push origin ${DTS_VER}
	cd -
	cleanup:
	name: Cleanup
	if: always()
	needs: deploy-images
	runs-on:
	labels: dts-builder
	steps:
	- name: Cleanup after deployment
	shell: bash
	run: \|
	rm -rf ~/.ssh/dts-ci-key
	rm -rf dts-release-cicd-pipeline
	rm -f ~/.ssh/gitea_dts_release_cicd
	rm -rf build build-sb meta-dts

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.github/workflows: Build DTS from kas-uefi-sb.yml #113

Workflow file

.github/workflows: Build DTS from kas-uefi-sb.yml #113

Jobs

Run details

Workflow file for this run

GitHub Actions / .github/workflows/develop.yml