name: "Release Alpine apk for ARM64v8 Edge" on: push: branches: - release jobs: compilation-arm64v8: runs-on: aarch-64-alpine-edge env: REPO_URL: "https://static.itmodulo.eu/dl/repo/alpine/edge/main/aarch64" REMOTE_SSH: "${{ secrets.SERVER_LOGIN_AND_ADDRESS }}" REMOTE_PORT: "${{ secrets.LOGIN_PORT }}" REMOTE_PATH: "${{ secrets.SERVER_REPO_PATH }}/edge/main/aarch64" steps: - name: Install base tools shell: sh run: | # faster mirror + essential build tools echo "https://alpine.sakamoto.pl/alpine/$(cat /etc/os-release | grep PRETT | cut -d ' ' -f 3 | cut -d '"' -f 1)/main" > /etc/apk/repositories echo "https://alpine.sakamoto.pl/alpine/$(cat /etc/os-release | grep PRETT | cut -d ' ' -f 3 | cut -d '"' -f 1)/community" >> /etc/apk/repositories echo "https://alpine.sakamoto.pl/alpine/$(cat /etc/os-release | grep PRETT | cut -d ' ' -f 3 | cut -d '"' -f 1)/testing" >> /etc/apk/repositories apk update && apk upgrade apk add bash git curl alpine-sdk abuild sudo shadow fuse sshfs nodejs wget - name: Set up environment and users run: | echo "user_allow_other" >> /etc/fuse.conf adduser runner -u 1003 -D -s /bin/bash -G wheel addgroup -g 1003 runner addgroup runner abuild addgroup runner runner chmod 660 /etc/sudoers echo "%wheel ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers chmod 440 /etc/sudoers mkdir -p /var/cache/distfiles chmod a+w /var/cache/distfiles chsh -s /bin/bash su - runner -c 'mkdir ~/.abuild' echo "setup done" - name: Set up keys run: | wget -q https://static.itmodulo.eu/dl/repo/public_keys/alpine/itmodulo%40disroot.org-65b4f779.rsa.pub -P /etc/apk/keys su - runner -c 'wget -q https://static.itmodulo.eu/dl/repo/public_keys/alpine/itmodulo%40disroot.org-65b4f779.rsa.pub -P ~/.abuild/' echo "${{ secrets.REPO_PRIVKEY }}" > /home/runner/.abuild/${{ secrets.REPO_PRIVKEY_FILENAME }} && chown runner:runner /home/runner/.abuild/${{ secrets.REPO_PRIVKEY_FILENAME }} su - runner -c "echo 'PACKAGER_PRIVKEY="/home/runner/.abuild/${{ secrets.REPO_PRIVKEY_FILENAME }}"' >> ~/.abuild/abuild.conf" echo "done" - name: Checkout sources uses: actions/checkout@v4 - name: Fetch remote index and parse existing pkgs id: get_remote shell: bash run: | mkdir -p remote_index curl -sfL "${REPO_URL}/APKINDEX.tar.gz" -o remote_index/APKINDEX.tar.gz tar -xzf remote_index/APKINDEX.tar.gz -C remote_index awk '/^P:/ { pkg=$2 } /^V:/ { ver=$2 } /^PR:/{ pr=$2; print pkg "-" ver "-" pr }' \ remote_index/APKINDEX > remote_index/list.txt - name: Build only missing packages shell: bash run: | EXISTING_LIST=remote_index/list.txt mkdir -p newpkgs for d in edge/*; do # skip non-directories [ -d "$d" ] || continue # as runner: source APKBUILD, set ident sudo -u runner bash -c " cd '$d' . APKBUILD echo \"Checking $PKGNAME-$PKGVER-$PKGREL\" if grep -F -x \"$PKGNAME-$PKGVER-$PKGREL\" ../../${EXISTING_LIST}; then echo \" → skip, already in repo\" else echo \" → building…\" abuild -r -c mv /home/runner/packages/srcpkgs/aarch64/${PKGNAME}-*.apk ../../newpkgs/ || true fi " done - name: Sync new pkgs, clean old versions, rebuild & sign index shell: bash run: | # prepare SSH key for sshfs echo "${{ secrets.REPO_LOGIN }}" > /home/runner/id_ecdsa chmod 600 /home/runner/id_ecdsa mkdir -p /home/runner/remote sshfs -p "${REMOTE_PORT}" -o StrictHostKeyChecking=accept-new \ -o IdentityFile=/home/runner/id_ecdsa \ "${REMOTE_SSH}:${REMOTE_PATH}" /home/runner/remote cd /home/runner/remote # Remove old iterations of each new pkg for apk in /home/runner/newpkgs/*.apk; do base=$(basename "$apk" | sed 's/-[0-9].*//') rm -f ${base}-*.apk || true done # Copy new ones in cp /home/runner/newpkgs/*.apk . # Rebuild index and sign apk index -o APKINDEX.tar.gz *.apk abuild-sign APKINDEX.tar.gz fusermount -u /home/runner/remote