-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
archzfs: add package and GitHub workflows
- Loading branch information
1 parent
383e136
commit 3127125
Showing
5 changed files
with
298 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
--- | ||
version: 2 | ||
updates: | ||
|
||
# Maintain dependencies for GitHub Actions | ||
- package-ecosystem: "github-actions" | ||
directory: "/" | ||
schedule: | ||
interval: "monthly" | ||
assignees: | ||
- "Doridian" | ||
- "kerberizer" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,204 @@ | ||
--- | ||
name: CI | ||
|
||
on: # yamllint disable-line rule:truthy | ||
push: | ||
branches: | ||
- master | ||
paths: | ||
- .github/workflows/** | ||
- Makefile | ||
- keyring/** | ||
- keyringctl | ||
- libkeyringctl/** | ||
- package/** | ||
- tests/** | ||
pull_request: | ||
branches: | ||
- master | ||
paths: | ||
- .github/workflows/** | ||
- Makefile | ||
- keyring/** | ||
- keyringctl | ||
- libkeyringctl/** | ||
- package/** | ||
- tests/** | ||
|
||
jobs: | ||
|
||
lint: | ||
|
||
runs-on: ubuntu-latest | ||
container: archlinux:latest | ||
|
||
steps: | ||
|
||
- name: Install dependencies | ||
env: | ||
packages: > | ||
flake8 | ||
git | ||
make | ||
mypy | ||
python-black | ||
python-isort | ||
run: | | ||
pacman-key --init | ||
pacman -Syu --needed --noconfirm ${packages} | ||
- name: Checkout the repository | ||
uses: actions/checkout@v4.2.1 | ||
|
||
- name: Run lint | ||
run: make lint | ||
|
||
test: | ||
|
||
runs-on: ubuntu-latest | ||
container: | ||
image: archlinux:latest | ||
volumes: | ||
- /tmp | ||
|
||
steps: | ||
|
||
- name: Install dependencies | ||
env: | ||
packages: > | ||
git | ||
make | ||
python | ||
python-coverage | ||
python-pytest | ||
python-tomli | ||
sequoia-sq | ||
run: | | ||
pacman-key --init | ||
pacman -Syu --needed --noconfirm ${packages} | ||
- name: Checkout the repository | ||
uses: actions/checkout@v4.2.1 | ||
|
||
- name: Run tests | ||
run: make test | ||
|
||
- name: Store the coverage report | ||
uses: actions/upload-artifact@v4.4.3 | ||
with: | ||
name: coverage-report | ||
path: build/coverage.xml | ||
|
||
coverage: | ||
|
||
runs-on: ubuntu-latest | ||
needs: test | ||
permissions: | ||
pull-requests: write | ||
contents: write | ||
|
||
steps: | ||
|
||
- name: Checkout the repository | ||
uses: actions/checkout@v4.2.1 | ||
|
||
- name: Retrieve the coverage reports | ||
id: download | ||
uses: actions/download-artifact@v4.1.8 | ||
with: | ||
pattern: coverage-report | ||
|
||
- name: Process the coverage reports | ||
id: coverage_processing | ||
uses: py-cov-action/python-coverage-comment-action@v3.29 | ||
with: | ||
COVERAGE_DATA_BRANCH: 'COVERAGE-REPORT' | ||
GITHUB_TOKEN: ${{ github.token }} | ||
|
||
- name: Store the pull request coverage comment for later posting | ||
if: steps.coverage_processing.outputs.COMMENT_FILE_WRITTEN == 'true' | ||
uses: actions/upload-artifact@v4.4.3 | ||
with: | ||
name: python-coverage-comment-action | ||
path: python-coverage-comment-action.txt | ||
|
||
build: | ||
|
||
runs-on: ubuntu-latest | ||
container: archlinux:latest | ||
|
||
steps: | ||
|
||
- name: Install dependencies | ||
env: | ||
packages: > | ||
git | ||
make | ||
pkgconf | ||
python | ||
sequoia-sq | ||
systemd | ||
run: | | ||
pacman-key --init | ||
pacman -Syu --needed --noconfirm ${packages} | ||
- name: Checkout repository | ||
uses: actions/checkout@v4.2.1 | ||
|
||
- name: Build and install | ||
run: | | ||
make | ||
make install PREFIX=/usr | ||
keyring_check: | ||
|
||
runs-on: ubuntu-latest | ||
container: archlinux:latest | ||
|
||
steps: | ||
|
||
- name: Install dependencies | ||
env: | ||
packages: > | ||
git | ||
make | ||
python | ||
sequoia-sq | ||
run: | | ||
pacman-key --init | ||
pacman -Syu --needed --noconfirm ${packages} | ||
- name: Checkout repository | ||
uses: actions/checkout@v4.2.1 | ||
|
||
- name: Check keyring | ||
run: | | ||
ls -al | ||
./keyringctl check | ||
./keyringctl ci | ||
package: | ||
|
||
runs-on: ubuntu-latest | ||
container: archlinux:base-devel | ||
|
||
steps: | ||
|
||
- name: Install dependencies | ||
run: | | ||
pacman-key --init | ||
pacman -Syu --needed --noconfirm git | ||
- name: Checkout repository | ||
uses: actions/checkout@v4.2.1 | ||
|
||
- name: Set up build user | ||
run: | | ||
groupadd -r packager | ||
useradd -g packager -mr packager | ||
echo "packager ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers | ||
- name: Build package | ||
run: | | ||
chown -R packager:packager . | ||
sudo -u packager makepkg --dir package --noconfirm --skipinteg --syncdeps |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
--- | ||
name: Post a coverage report comment on pull requests | ||
|
||
on: # yamllint disable-line rule:truthy | ||
workflow_run: | ||
workflows: | ||
- 'CI' | ||
types: | ||
- 'completed' | ||
|
||
jobs: | ||
|
||
comment: | ||
|
||
runs-on: ubuntu-latest | ||
if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' | ||
permissions: | ||
pull-requests: write | ||
contents: write | ||
actions: read | ||
|
||
steps: | ||
|
||
- name: Post the stored pull request coverage comment | ||
uses: py-cov-action/python-coverage-comment-action@v3.29 | ||
with: | ||
COVERAGE_DATA_BRANCH: 'COVERAGE-REPORT' | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
pkgname=archzfs-keyring | ||
pkgver=20241022 | ||
pkgrel=1 | ||
pkgdesc='ArchZFS PGP keyring' | ||
arch=('any') | ||
url='https://github.com/archzfs/archzfs-keyring' | ||
license=('GPL-3.0-or-later') | ||
install=$pkgname.install | ||
depends=('pacman') | ||
makedepends=('git' 'python' 'sequoia-sq' 'pkgconf' 'systemd') | ||
checkdepends=('python-coverage' 'python-pytest') | ||
source=("archzfs-keyring::git+file://$(pwd)/..") | ||
|
||
build() { | ||
cd "${pkgname}" | ||
make build | ||
} | ||
|
||
check() { | ||
cd "${pkgname}" | ||
make check | ||
} | ||
|
||
package() { | ||
cd "${pkgname}" | ||
make PREFIX='/usr' DESTDIR="${pkgdir}" install | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
#!/usr/bin/env sh | ||
|
||
populate_archzfs() { | ||
if usr/bin/pacman-key -l >/dev/null 2>&1; then | ||
usr/bin/pacman-key --populate archzfs | ||
fi | ||
} | ||
|
||
post_upgrade() { | ||
# Older versions of pacman (before 6.1.0) disabled locking by default: | ||
# https://gitlab.archlinux.org/pacman/pacman/-/commit/1d1bb6fa1a8247242fbdd226f50265a278a12ac8 | ||
# | ||
# This still causes lots of problems, so force to remove that option. | ||
if grep -qx 'lock-never' etc/pacman.d/gnupg/gpg.conf 2>/dev/null; then | ||
sed -i '/^lock-never$/d' etc/pacman.d/gnupg/gpg.conf | ||
fi | ||
|
||
populate_archzfs | ||
} | ||
|
||
post_install() { | ||
if [ -x usr/bin/pacman-key ]; then | ||
populate_archzfs | ||
fi | ||
} |