github-personal/Biohazard
1
0
Fork 0
mirror of https://github.com/outbackdingo/Biohazard.git synced 2026-01-28 02:18:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
Biohazard/.github/workflows/ostree-build.yaml
tinfoild[bot] 8d71c77a9d feat(oci/library/fedora)!: Update 43 ➼ 44 (#3415)
2025-11-24 17:15:49 +00:00

58 lines
2.0 KiB
YAML
Raw Permalink Blame History

---
name: OSTree Build
on:
workflow_dispatch:
schedule:
- cron: 0 13 * * 5 # Friday 9pm in SGT/GMT+8, Friday 1pm in UTC
push:
branches: ["main"]
paths:
- "ostree/**"
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
timeout-minutes: 40
container:
image: public.ecr.aws/docker/library/fedora:44@sha256:8a396124f358d2922f1b1c40aee2e7f1dd016b26b3d525d4338e7da12c1cd9a5
# Fix SELinux for the built OSTree: https://github.com/coreos/rpm-ostree/issues/1943
options: --privileged --security-opt label:disable
strategy:
matrix:
build: ["router"]
steps:
- name: Lowercase repository owner
shell: bash
run: |
echo "LOWERCASN_REPO_OWNER=${GITHUB_REPOSITORY_OWNER,,}" >> $GITHUB_ENV
- name: Install dependencies
run: dnf install -y rpm-ostree selinux-policy selinux-policy-targeted policycoreutils podman
- name: "Generate Short Lived OAuth App Token (ghs_*)"
uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
id: oauth-token
with:
app-id: "${{ secrets.BOT_APP_ID }}" # $BOT_APP_ID is found in GitHub App main settings page
private-key: "${{ secrets.BOT_JWT_PRIVATE_KEY }}" # $BOT_JWT_PRIVATE_KEY is generated in GitHub App main settings page, uses the X.509 private key format
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
with:
token: "${{ steps.oauth-token.outputs.token }}"
- name: Log into container registry
run: podman login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io
- name: Download RPM repo files from upstream
run: "./ostree/repos.sh"
- name: Build OSTree and push it to registry
env:
USER: "${{ env.LOWERCASN_REPO_OWNER }}"
BUILD: "${{ matrix.build }}"
run: "cd ./ostree && ./build.sh registry"
# TODO: add secrets and push to private R2/Wasabi/etc
Reference in New Issue View Git Blame Copy Permalink