forked from aunali1/linux-mbp-arch
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.drone.yml
105 lines (100 loc) · 3.54 KB
/
.drone.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
kind: pipeline
name: arch-kernel-package
steps:
- name: build
image: archlinux
pull: always
volumes:
- name: arch-bootstrap
path: /tmp/bootstrap
- name: build-products
path: /tmp/products
commands:
- curl --output /tmp/bootstrap/pacman-static https://pkgbuild.com/~eschwartz/repo/x86_64-extracted/pacman-static # Workaround https://bugs.archlinux.org/task/69563
- chmod +x /tmp/bootstrap/pacman-static
- /tmp/bootstrap/pacman-static --noconfirm -Syy
- curl --output /tmp/bootstrap/glibc-linux4-2.33-5-x86_64.pkg.tar.zst https://dl.t2linux.org/ci/glibc-linux4-2.33-5-x86_64.pkg.tar.zst
- curl --output /tmp/bootstrap/lib32-glibc-linux4-2.33-5-x86_64.pkg.tar.zst https://dl.t2linux.org/ci/lib32-glibc-linux4-2.33-5-x86_64.pkg.tar.zst
- printf 'y\ny\n' | /tmp/bootstrap/pacman-static -U /tmp/bootstrap/glibc-linux4-2.33-5-x86_64.pkg.tar.zst /tmp/bootstrap/lib32-glibc-linux4-2.33-5-x86_64.pkg.tar.zst
- pacman --noconfirm -Syu
- pacman --noconfirm --needed -S base-devel sudo
- useradd builduser -m
- passwd -d builduser
- echo "PKGEXT='.pkg.tar.zst'" | tee -a /etc/makepkg.conf
- echo "COMPRESSZST=(zstd -c -T0 -20 --ultra -)" | tee -a /etc/makepkg.conf
- printf 'builduser ALL=(ALL) ALL\n' | tee -a /etc/sudoers # passwordless sudo
- chown -R builduser:builduser ./
- sudo -u builduser gpg2 --locate-keys [email protected] [email protected]
- sudo -u builduser bash -c 'export MAKEFLAGS=-j32 && makepkg -s --noconfirm'
- ls -lah *.pkg.tar.zst
- mv *.pkg.tar.zst /tmp/products
- name: sign
image: plugins/gpgsign
volumes:
- name: build-products
path: /tmp/products
settings:
key:
from_secret: signing_key
passphrase:
from_secret: signing_key_password
files:
- /tmp/products/*
armor: false
detach_sign: true
when:
event: tag
- name: publish-github
image: plugins/github-release
volumes:
- name: build-products
path: /tmp/products
settings:
api_key:
from_secret: github_token
files: /tmp/products/*
prerelease: yes
when:
event: tag
- name: publish-repo
image: archlinux
pull: always
volumes:
- name: arch-bootstrap
path: /tmp/bootstrap
- name: build-products
path: /tmp/products
- name: temp-repo
path: /tmp/repo
environment:
S3_ACCESS_ID:
from_secret: s3_access_id
S3_SECRET:
from_secret: s3_secret
S3_REGION:
from_secret: s3_region
S3_HOST:
from_secret: s3_host
S3_BUCKET_HOST:
from_secret: s3_bucket_host
S3_BUCKET:
from_secret: s3_bucket
commands:
- /tmp/bootstrap/pacman-static --noconfirm -Syy
- printf 'y\ny\n' | /tmp/bootstrap/pacman-static -U /tmp/bootstrap/glibc-linux4-2.33-5-x86_64.pkg.tar.zst /tmp/bootstrap/lib32-glibc-linux4-2.33-5-x86_64.pkg.tar.zst
- pacman --noconfirm -Syyu
- pacman --noconfirm --needed -S base s3cmd
- s3cmd -s --region=$S3_REGION --host=$S3_HOST --host-bucket="$S3_BUCKET_HOST" --access_key=$S3_ACCESS_ID --secret_key=$S3_SECRET sync --follow-symlinks s3://$S3_BUCKET/archlinux/mbp/x86_64/ /tmp/repo/
- mv /tmp/products/* /tmp/repo/
- cd /tmp/repo/
- repo-add -n -R -p $PWD/mbp.db.tar.gz *.pkg.tar.zst
- s3cmd -s --region=$S3_REGION --host=$S3_HOST --host-bucket="$S3_BUCKET_HOST" --access_key=$S3_ACCESS_ID --secret_key=$S3_SECRET sync --follow-symlinks --delete-removed /tmp/repo/ s3://$S3_BUCKET/archlinux/mbp/x86_64/
when:
event: tag
volumes:
- name: arch-bootstrap
temp: {}
- name: build-products
temp: {}
- name: temp-repo
temp: {}