name: Build run-name: Standard build, creates docker image and deploys on success on: [push] env: ACTIONS_RUNTIME_TOKEN: ${{ secrets.GITHUB_TOKEN }} ACTIONS_RUNTIME_URL: https://git.lerch.org/api/actions_pipeline/ ZIG_URL: https://ziglang.org/download/0.11.0/zig-linux-x86_64-0.11.0.tar.xz BUILD_TARGET: x86_64-linux-gnu # Needs to be gnu since we're using dlopen BUILD_OPTIMIZATION: ReleaseSafe # Safety is usually a good thing jobs: build: runs-on: ubuntu-latest steps: - run: echo "Triggered by ${{ github.event_name }} event" - name: Check out repository code uses: actions/checkout@v3 - name: Install zig run: | curl -s "$ZIG_URL" |tar -xJ -C /usr/local \ && ln -s /usr/local/zig*/zig /usr/local/bin \ && true - name: Test run: zig build test -Dtarget="$BUILD_TARGET" - name: Build run: zig build -Dtarget="$BUILD_TARGET" -Doptimize="$BUILD_OPTIMIZATION" - name: Upload uses: actions/upload-artifact@v3 with: name: flexilib path: 'zig-out/bin/flexilib' - name: Notify uses: https://git.lerch.org/lobo/action-notify-ntfy@v2 if: always() with: host: ${{ secrets.NTFY_HOST }} topic: ${{ secrets.NTFY_TOPIC }} user: ${{ secrets.NTFY_USER }} password: ${{ secrets.NTFY_PASSWORD }} sign: runs-on: ubuntu-latest needs: build steps: - name: Download Artifact uses: actions/download-artifact@v3 with: name: flexilib - name: "Make executable actually executable" run: "chmod 755 flexilib" - name: Sign id: sign uses: https://git.lerch.org/lobo/action-hsm-sign@v1 with: pin: ${{ secrets.HSM_USER_PIN }} files: flexilib public_key: 'https://emil.lerch.org/serverpublic.pem' - name: Output signature URL run: echo "Signature URL is ${{ steps.sign.outputs.URL_0 }}" - name: Upload Artifact uses: actions/upload-artifact@v3 with: name: signature path: ${{ steps.sign.outputs.SIG_0 }} - name: Notify uses: https://git.lerch.org/lobo/action-notify-ntfy@v2 if: always() with: host: ${{ secrets.NTFY_HOST }} topic: ${{ secrets.NTFY_TOPIC }} user: ${{ secrets.NTFY_USER }} password: ${{ secrets.NTFY_PASSWORD }} deploy: runs-on: ubuntu-latest container: image: ghcr.io/catthehacker/ubuntu:act-22.04 needs: build steps: - name: Check out repository code uses: actions/checkout@v3 - name: Download Artifact uses: actions/download-artifact@v3 with: name: flexilib - name: "Make executable actually executable" run: "chmod 755 flexilib && mv flexilib docker" - name: Get short ref id: vars run: echo "shortsha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - name: Login to Gitea uses: docker/login-action@v2 with: registry: git.lerch.org username: ${{ github.actor }} password: ${{ secrets.PACKAGE_PUSH }} - name: Build and push uses: docker/build-push-action@v4 with: context: docker push: true tags: git.lerch.org/${{ github.actor }}/flexilib:${{ steps.vars.outputs.shortsha }} # Not sure what's up with the shortsha yet #tags: git.lerch.org/${{ github.actor }}/flexilib:latest - name: Notify uses: https://git.lerch.org/lobo/action-notify-ntfy@v2 if: always() with: host: ${{ secrets.NTFY_HOST }} topic: ${{ secrets.NTFY_TOPIC }} user: ${{ secrets.NTFY_USER }} password: ${{ secrets.NTFY_PASSWORD }}