-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathaction.yml
81 lines (74 loc) · 3.11 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
name: 'upload-debian-pkg'
description: 'upload debian packages to s3'
inputs:
pkgs:
description: 'deb pkgs filenames to upload'
required: true
pkgs_to_remove:
description: 'pkgs names to remove before upload'
required: false
gpg_private_key:
description: 'GPG private key exported as an ASCII armored version or its base64 encoding'
required: true
gpg_passphrase:
description: 'Passphrase of the GPG private key'
required: true
s3_bucket:
desciption: 'deb-s3 --bucket'
default: 'debian'
required: false
s3_prefix:
desciption: 'deb-s3 --prefix'
default: '1.13'
required: false
s3_codename:
desciption: 'deb-s3 --codename'
default: 'bookworm'
required: false
s3_component:
desciption: 'deb-s3 --component'
default: 'main'
required: false
s3_sign:
description: 'deb-s3 --sign'
default: 'B104E10C35895CFAC0F91473C8D3BC80B6F22179'
required: false
s3_access_key_id:
decription: "deb-s3 env AWS_ACCESS_KEY_ID"
required: true
s3_secret_access_key:
decription: "deb-s3 env AWS_SECRET_ACCESS_KEY"
required: true
s3_endpoint_url:
decription: "deb-s3 env AWS_ENDPOINT_URL"
required: true
runs:
using: 'composite'
steps:
- name: Install deps
shell: bash
run: apt -y --no-install-recommends install ruby gnupg
- name: Setup deb-s3
shell: bash
run: gem install deb-s3
- name: Import GPG key
shell: bash
run: gpg --batch --import <(echo "${{ inputs.gpg_private_key }}")
- name: Cleanup packages in S3
shell: bash
if: inputs.pkgs_to_remove
continue-on-error: true
run: |
deb-s3 delete --lock --arch=amd64 --bucket=${{inputs.s3_bucket}} --prefix=${{inputs.s3_prefix}} --codename=${{inputs.s3_codename}} --component=${{inputs.s3_component}} --visibility=nil --force-path-style --sign=${{inputs.s3_sign}} --gpg-options="\-\-pinentry-mode=loopback \-\-no-tty \-\-batch \-\-yes \-\-passphrase ${{ inputs.gpg_passphrase }}" ${{inputs.pkgs_to_remove}}
deb-s3 clean --lock --bucket=${{inputs.s3_bucket}} --prefix=${{inputs.s3_prefix}} --codename=${{inputs.s3_codename}} --component=${{inputs.s3_component}} --visibility=nil --force-path-style --sign=${{inputs.s3_sign}} --gpg-options "\-\-pinentry-mode=loopback \-\-no-tty \-\-batch \-\-yes \-\-passphrase ${{ inputs.gpg_passphrase }}"
env:
AWS_ACCESS_KEY_ID: ${{inputs.s3_access_key_id}}
AWS_SECRET_ACCESS_KEY: ${{inputs.s3_secret_access_key}}
AWS_ENDPOINT_URL: ${{inputs.s3_endpoint_url}}
- name: Upload packages to S3
shell: bash
run: deb-s3 upload --lock --bucket=${{inputs.s3_bucket}} --prefix=${{inputs.s3_prefix}} --codename=${{inputs.s3_codename}} --component=${{inputs.s3_component}} --visibility=nil --force-path-style --sign=${{inputs.s3_sign}} --gpg-options "\-\-pinentry-mode=loopback \-\-no-tty \-\-batch \-\-yes \-\-passphrase ${{ inputs.gpg_passphrase }}" ${{inputs.pkgs}}
env:
AWS_ACCESS_KEY_ID: ${{inputs.s3_access_key_id}}
AWS_SECRET_ACCESS_KEY: ${{inputs.s3_secret_access_key}}
AWS_ENDPOINT_URL: ${{inputs.s3_endpoint_url}}