Skip to content
Generate F-Droid repo

Generate F-Droid repo #92

Sign in to view logs

Generate F-Droid repo

Generate F-Droid repo #92

Workflow file for this run

.github/workflows/fdroid.yml at 5b07a5a
---
name: Generate F-Droid repo
on:
workflow_dispatch:
inputs:
dry-run:
description: "Skips pushing changes when enabled. Optional. Defaults to false."
type: boolean
default: false
required: false
schedule:
- cron: "45 2 * * *"
jobs:
apps:
name: "Generate repo from apps listing"
runs-on: ubuntu-22.04
env:
COMMIT_MSG_FILE: "${{ github.workspace }}/commit_message.tmp"
steps:
- name: Checkout repo
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Create basic directory structure
run: mkdir -p fdroid/repo
- name: Restore correct mtime
run: |
sudo apt install git-restore-mtime
git restore-mtime
- name: Login to Azure - CI Subscription
uses: Azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: "bitwarden-ci"
secrets: "github-gpg-private-key,
github-gpg-private-key-passphrase,
github-pat-bitwarden-devops-bot-repo-scope"
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
with:
gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }}
passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }}
git_user_signingkey: true
git_commit_gpgsign: true
- name: Set up Git
run: |
git config --local user.email "[email protected]"
git config --local user.name "bitwarden-devops-bot"
- name: Download secrets
env:
ACCOUNT_NAME: bitwardenci
CONTAINER_NAME: mobile
run: |
az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \
--name fdroid_repo_keystore.jks --file fdroid/keystore.p12 --output none
az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \
--name fdroid-config.yml --file fdroid/config.yml --output none
- name: Validate secrets
run: |
if [ -f "fdroid/config.yml" ]; then
echo "config found. setting permission to 0600"
chmod 0600 fdroid/config.yml
else
echo "config not found!"
exit 1
fi
if [ -f "fdroid/keystore.p12" ]; then
echo "keystore found"
else
echo "keystore not found!"
exit 1
fi
- name: Install F-Droid server software
run: |
sudo add-apt-repository ppa:fdroid/fdroidserver
sudo apt-get update
sudo apt-get install fdroidserver
- name: Set up Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: '^1.17.0'
- name: Run metascoop
id: run-metascoop
env:
GH_ACCESS_TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
run: |
bash run_metascoop.sh ${{ env.COMMIT_MSG_FILE }}
if [ $? -eq 0 ]; then
echo "Changes detected"
echo "has_changes=true" >> $GITHUB_OUTPUT
elif [ $? -eq 2 ]; then
echo "No changes detected"
echo "has_changes=false" >> $GITHUB_OUTPUT
else
echo "Unexpected exit code: $?"
echo "has_changes=false" >> $GITHUB_OUTPUT
fi
continue-on-error: true
- name: Update repo
env:
GH_TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
run: |
if [ "${{ inputs.dry-run }}" = "true" ]; then
echo "Dry run. Changes are not being saved."
elif [ "${{ steps.run-metascoop.outputs.has_changes }}" != "true" ]; then
echo "No changes to save."
else
bash update_repo.sh ${{ env.COMMIT_MSG_FILE }}
fi