From 9e1981644abfa1daa52d6c0dfa5c2e29781a84e9 Mon Sep 17 00:00:00 2001
From: Stefan Schubert <22217677+malaupa@users.noreply.github.com>
Date: Thu, 22 Jun 2023 12:34:08 +0200
Subject: [PATCH] add build pipeline

---
 .github/workflows/ci.yml      | 43 ++++++++++++++++++++++++
 .github/workflows/release.yml | 63 +++++++++++++++++++++++++++++++++++
 .gitignore                    |  6 ++++
 Dockerfile                    | 14 ++++++++
 docker.sh                     | 12 +++++++
 5 files changed, 138 insertions(+)
 create mode 100644 .github/workflows/ci.yml
 create mode 100644 .github/workflows/release.yml
 create mode 100644 .gitignore
 create mode 100644 Dockerfile
 create mode 100755 docker.sh

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..a763455
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,43 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+permissions:
+  contents: write
+
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          submodules: recursive
+
+      - name: Install build tools
+        run: sudo apt-get update && sudo apt-get install debhelper build-essential devscripts gcc-multilib binutils-dev pkg-config uuid-dev help2man gnu-efi -y
+        env:
+          DEBIAN_FRONTEND: noninteractive
+
+      - name: Build package
+        run: |+
+          debuild -i -uc -us -b
+          cd ..
+          echo "Result: $(ls *.deb)"
+          sha512sum *.deb > checksums.txt
+          cp *.deb checksums.txt ${{ github.workspace }}/
+        env:
+          GH_TOKEN: ${{ github.token }}
+      - name: Store package
+        uses: actions/upload-artifact@v3
+        with:
+          name: deb-package
+          path: |
+            *.deb
+            checksums.txt
+          retention-days: 10
+# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/github-workflow.json
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..7c26ff5
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,63 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - "*"
+
+permissions:
+  contents: write
+
+jobs:
+  release:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # to get commit messages
+          submodules: recursive
+
+      - name: Fetch Tags
+        run: git fetch --force --tags
+
+      - name: Install build tools
+        run: sudo apt-get update && sudo apt-get install debhelper build-essential devscripts gcc-multilib binutils-dev pkg-config uuid-dev help2man gnu-efi -y
+        env:
+          DEBIAN_FRONTEND: noninteractive
+
+      - name: Build package
+        run: |+
+          debuild -i -uc -us -b
+          cd ..
+          echo "Result: $(ls *.deb)"
+          sha512sum *.deb > checksums.txt
+          cp *.deb checksums.txt ${{ github.workspace }}/
+          gh release delete $TAG || true
+          gh release create $TAG --generate-notes ../*.deb ../checksums.txt
+        env:
+          GH_TOKEN: ${{ github.token }}
+
+  deploy:
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        version: [jammy] # add others, if same package should be available in many versions
+    steps:
+      - name: Deploy
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.PULL_TOKEN }}
+          script: |+
+            github.rest.actions.createWorkflowDispatch({
+              owner: 'telekom-mms',
+              repo: 'linux-apt',
+              workflow_id: 'do_pull.yml',
+              ref: 'main',
+              inputs: {
+                repo: 'tpmsbsigntool',
+                version: '${{ matrix.version }}',
+                tag: '${{ github.ref_name }}'
+              }
+            });
+# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/github-workflow.json
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..aeb0bf8
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,6 @@
+build/
+*.build
+*.buildinfo
+*.changes
+*.deb
+*.ddeb
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..9ca620a
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,14 @@
+FROM ghcr.io/malaupa/ubuntu-deb-builder:latest
+ARG USER_ID
+
+RUN useradd user -u ${USER_ID}
+RUN set -eu ; \
+  export DEBIAN_FRONTEND=noninteractive ; \
+  apt-get update -y && \
+  apt-get install --no-install-recommends -y \
+  gcc-multilib \
+  binutils-dev \
+  pkg-config \
+  uuid-dev \
+  help2man \
+  gnu-efi
\ No newline at end of file
diff --git a/docker.sh b/docker.sh
new file mode 100755
index 0000000..96d01cc
--- /dev/null
+++ b/docker.sh
@@ -0,0 +1,12 @@
+#!/usr/bin/bash
+[[ -d "build" ]] && rm -rf build
+mkdir build
+shopt -s extglob
+cp -R !(build) build
+docker build --rm -t tpmsbsigntool-builder --build-arg="USER_ID=$UID" .
+docker run --user=$UID --rm -v ./:/work tpmsbsigntool-builder /usr/bin/bash -c "cd /work/build && debuild -i -uc -us -b"
+rm -rf build
+rm *.build
+rm *.buildinfo
+rm *.changes
+rm *.ddeb
\ No newline at end of file