-
Notifications
You must be signed in to change notification settings - Fork 7
146 lines (144 loc) · 5.99 KB
/
develop.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
---
name: CI on push develop tag
on:
push:
tags:
- 'v*-rc*'
jobs:
build:
name: Build system image
runs-on:
labels: dts-builder
steps:
- name: Checkout meta-dts repo
uses: actions/checkout@v2
with:
path: "meta-dts"
- name: Build DTS image
shell: bash
id: build_image
run: |
for attempt in {1..5}; do
if kas-container build meta-dts/kas.yml; then
echo "Build command succeeded on attempt $attempt"
break
else
echo "Build command failed on attempt $attempt"
if [ $attempt -lt 5 ]; then
sleep 5
fi
fi
done
continue-on-error: true
- name: Report build command
run: |
if [ ${{ steps.build_image.outcome }} == 'failure' ]; then
echo "All build attempts failed."
exit 1
else
echo "At least one build attempt succeeded."
fi
deploy-images:
name: Deploy DTS artifacts on boot.dasharo.com
if: ${{ always() && contains(join(needs.*.result, ','), 'success') }}
needs: build
runs-on:
labels: dts-builder
steps:
- name: Prepare SSH key
shell: bash
env:
SSH_KEY: ${{secrets.SSH_KEY}}
SSH_KEY_CI_CD: ${{secrets.SSH_KEY_CI_CD}}
run: |
echo -e ${SSH_KEY} > ~/.ssh/dts-ci-key
chmod 600 ~/.ssh/dts-ci-key
echo -e ${SSH_KEY_CI_CD} > ~/.ssh/gitea_dts_release_cicd
chmod 600 ~/.ssh/gitea_dts_release_cicd
echo -e "\n
Host git.3mdeb.com\n
HostName git.3mdeb.com\n
IdentityFile ~/.ssh/gitea_dts_release_cicd\n
IdentitiesOnly yes" > ~/.ssh/config_deploy
- name: Get DTS version
id: dts-ver
shell: bash
run: |
# Extract tag version from GITHUB_REF
TAG=${GITHUB_REF#refs/tags/}
DTS_VER=${TAG}
echo "DTS_VER=${DTS_VER}" >> $GITHUB_ENV
- name: Validate DTS_VER
if: ${{ success() }}
shell: bash
run: |
# Retrieve DTS_VER from previous step
DTS_VER_EXPECTED="${{ env.DTS_VER }}"
DTS_VER_ACTUAL="v$(cat meta-dts/meta-dts-distro/conf/distro/dts-distro.conf | grep DISTRO_VERSION | tr -d "\" [A-Z]_=")"
if [ "${DTS_VER_EXPECTED}" != "${DTS_VER_ACTUAL}" ]; then
echo "Tag (${DTS_VER_EXPECTED}) does not match version (${DTS_VER_ACTUAL}) in `meta-dts/meta-dts-distro/conf/distro/dts-distro.conf`"
exit 1
fi
- name: Deploy DTS on boot.dasharo.com
shell: bash
run: |
DTS_VER="${{ env.DTS_VER }}"
ssh -i ~/.ssh/dts-ci-key builder@10.1.40.2 "mkdir -p boot/dts/${DTS_VER}"
cd build/tmp/deploy/images/genericx86-64/
cp bzImage bzImage-${DTS_VER}
cp dts-base-image-genericx86-64.cpio.gz dts-base-image-${DTS_VER}.cpio.gz
cp dts-base-image-genericx86-64.wic.gz dts-base-image-${DTS_VER}.wic.gz
cp dts-base-image-genericx86-64.wic.bmap dts-base-image-${DTS_VER}.wic.bmap
cp dts-base-image-genericx86-64.iso dts-base-image-${DTS_VER}.iso
scp -i ~/.ssh/dts-ci-key bzImage-${DTS_VER} builder@10.1.40.2:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.cpio.gz builder@10.1.40.2:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.gz builder@10.1.40.2:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.bmap builder@10.1.40.2:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.iso builder@10.1.40.2:boot/dts/${DTS_VER}/
- name: Deploy sha256 on boot.dasharo.com
shell: bash
run: |
DTS_VER="${{ env.DTS_VER }}"
cd build/tmp/deploy/images/genericx86-64/
sha256sum bzImage-${DTS_VER} > bzImage-${DTS_VER}.sha256
sha256sum dts-base-image-${DTS_VER}.cpio.gz > dts-base-image-${DTS_VER}.cpio.gz.sha256
sha256sum dts-base-image-${DTS_VER}.wic.gz > dts-base-image-${DTS_VER}.wic.gz.sha256
sha256sum dts-base-image-${DTS_VER}.wic.bmap > dts-base-image-${DTS_VER}.wic.bmap.sha256
sha256sum dts-base-image-${DTS_VER}.iso > dts-base-image-${DTS_VER}.iso.sha256
scp -i ~/.ssh/dts-ci-key bzImage-${DTS_VER}.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.cpio.gz.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.gz.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.wic.bmap.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
scp -i ~/.ssh/dts-ci-key dts-base-image-${DTS_VER}.iso.sha256 builder@10.1.40.2:boot/dts/${DTS_VER}/
- name: Update iPXE menu
shell: bash
run: |
./meta-dts/scripts/generate-ipxe-menu.sh DTS_VER="${{ env.DTS_VER }}"
scp -i ~/.ssh/dts-ci-key dts-rc.ipxe builder@10.1.40.2:boot/dts/
- name: Trigger signing
shell: bash
run: |
DTS_VER="${{ env.DTS_VER }}"
GIT_SSH_COMMAND='ssh -F ~/.ssh/config_deploy' git clone ssh://git@git.3mdeb.com:2222/3mdeb/dts-release-cicd-pipeline.git
cd dts-release-cicd-pipeline
echo ${DTS_VER} > LATEST_RELEASE
git add LATEST_RELEASE
git commit -m "Signing release ${DTS_VER}"
GIT_SSH_COMMAND='ssh -F ~/.ssh/config_deploy' git push origin main
git tag ${DTS_VER}
GIT_SSH_COMMAND='ssh -F ~/.ssh/config_deploy' git push origin ${DTS_VER}
cd -
cleanup:
name: Cleanup
if: always()
needs: deploy-images
runs-on:
labels: dts-builder
steps:
- name: Cleanup after deployment
shell: bash
run: |
rm -rf ~/.ssh/dts-ci-key
rm -rf dts-release-cicd-pipeline
rm -f ~/.ssh/gitea_dts_release_cicd
rm -rf build