Development Build #11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Development Build | |
| on: | |
| workflow_run: | |
| workflows: ['CI'] | |
| types: | |
| - completed | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| jobs: | |
| check-trigger: | |
| name: Check if triggered by Release Please | |
| runs-on: ubuntu-latest | |
| outputs: | |
| should_build: ${{ steps.check.outputs.should_build }} | |
| dev_version: ${{ steps.version.outputs.dev_version }} | |
| steps: | |
| - name: Check CI workflow result | |
| run: | | |
| if [ "${{ github.event.workflow_run.conclusion }}" != "success" ]; then | |
| echo "CI workflow failed - skipping development build" | |
| echo "should_build=false" >> $GITHUB_OUTPUT | |
| exit 0 | |
| fi | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 2 | |
| - name: Check if triggered by Release Please | |
| id: check | |
| run: | | |
| # Get the commit message and author | |
| COMMIT_MESSAGE=$(git log -1 --pretty=format:"%s") | |
| COMMIT_AUTHOR=$(git log -1 --pretty=format:"%an") | |
| echo "Commit message: $COMMIT_MESSAGE" | |
| echo "Commit author: $COMMIT_AUTHOR" | |
| # Skip if this is a release-please commit | |
| if [[ "$COMMIT_MESSAGE" =~ ^chore\(main\): ]] || [[ "$COMMIT_AUTHOR" == "github-actions[bot]" ]]; then | |
| echo "Skipping development build - triggered by Release Please" | |
| echo "should_build=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "Proceeding with development build" | |
| echo "should_build=true" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Calculate development version | |
| id: version | |
| if: steps.check.outputs.should_build == 'true' | |
| run: | | |
| # Get current version from package.json | |
| CURRENT_VERSION=$(node -p "require('./package.json').version") | |
| # Split version into parts | |
| IFS='.' read -ra VERSION_PARTS <<< "$CURRENT_VERSION" | |
| MAJOR=${VERSION_PARTS[0]} | |
| MINOR=${VERSION_PARTS[1]} | |
| PATCH=${VERSION_PARTS[2]} | |
| # Increment patch version for development (no -dev suffix in version) | |
| NEW_PATCH=$((PATCH + 1)) | |
| DEV_VERSION="${MAJOR}.${MINOR}.${NEW_PATCH}" | |
| echo "Current version: $CURRENT_VERSION" | |
| echo "Development version: $DEV_VERSION" | |
| echo "dev_version=$DEV_VERSION" >> $GITHUB_OUTPUT | |
| build-development-packages: | |
| name: Build Development Packages | |
| needs: check-trigger | |
| if: needs.check-trigger.outputs.should_build == 'true' | |
| runs-on: self-hosted | |
| env: | |
| VERSION: ${{ needs.check-trigger.outputs.dev_version }} | |
| PACKAGE_NAME: armor-dev | |
| ARCH: amd64 | |
| steps: | |
| # Debian Build Steps | |
| - name: Checkout for Debian build | |
| uses: actions/checkout@v5 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '22' | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm run cinstall:all | |
| - name: Build frontend | |
| run: npm run build | |
| - name: Remove dev dependencies for packaging | |
| run: | | |
| # Remove dev dependencies after building but before packaging | |
| rm -rf node_modules | |
| npm run cinstall:backend:nodev | |
| cd web && rm -rf node_modules && npm run cinstall:nodev | |
| - name: Create Debian package structure | |
| run: | | |
| mkdir -p "${PACKAGE_NAME}_${VERSION}_${ARCH}"/{opt/armor/web,opt/armor,etc/systemd/system,var/lib/armor,var/log/armor,usr/share/man/man8,usr/share/man/man5,DEBIAN} | |
| - name: Copy application files to Debian package | |
| run: | | |
| cp -r models routes middleware config utils services packaging app.js package.json "${PACKAGE_NAME}_${VERSION}_${ARCH}/opt/armor/" | |
| cp -r node_modules "${PACKAGE_NAME}_${VERSION}_${ARCH}/opt/armor/" | |
| cp -r web/dist "${PACKAGE_NAME}_${VERSION}_${ARCH}/opt/armor/web/dist" | |
| # Keep public assets for Swagger theming | |
| cp -r web/public "${PACKAGE_NAME}_${VERSION}_${ARCH}/opt/armor/web/public" | |
| - name: Copy configuration files to Debian package | |
| run: | | |
| cp packaging/DEBIAN/systemd/armor.service "${PACKAGE_NAME}_${VERSION}_${ARCH}/etc/systemd/system/" | |
| cp packaging/DEBIAN/postinst packaging/DEBIAN/prerm packaging/DEBIAN/postrm "${PACKAGE_NAME}_${VERSION}_${ARCH}/DEBIAN/" | |
| - name: Install man pages | |
| run: | | |
| # Copy and compress man pages following Debian Policy | |
| gzip -9 -c packaging/DEBIAN/man/armor.8 > "${PACKAGE_NAME}_${VERSION}_${ARCH}/usr/share/man/man8/armor.8.gz" | |
| gzip -9 -c packaging/DEBIAN/man/armor.yaml.5 > "${PACKAGE_NAME}_${VERSION}_${ARCH}/usr/share/man/man5/armor.yaml.5.gz" | |
| - name: Create Debian control file | |
| run: | | |
| cat > "${PACKAGE_NAME}_${VERSION}_${ARCH}/DEBIAN/control" << EOF | |
| Package: armor-dev | |
| Version: ${VERSION} | |
| Section: misc | |
| Priority: optional | |
| Architecture: ${ARCH} | |
| Maintainer: MarkProminic <MarkProminic@users.noreply.github.com> | |
| Depends: nodejs (>= 22.0.0), sqlite3, openssl | |
| Conflicts: armor | |
| Description: Armor (Development) - Armor Reliably Manages Online Resources | |
| A secure Node.js file server that provides directory listings with SHA256 checksums and authenticated file upload capabilities over HTTPS. | |
| This is a development version. | |
| Homepage: https://github.com/STARTcloud/armor_private | |
| EOF | |
| - name: Set Debian package permissions | |
| run: | | |
| find "${PACKAGE_NAME}_${VERSION}_${ARCH}" -type d -exec chmod 755 {} \; | |
| find "${PACKAGE_NAME}_${VERSION}_${ARCH}" -type f -exec chmod 644 {} \; | |
| chmod 755 "${PACKAGE_NAME}_${VERSION}_${ARCH}/DEBIAN"/{postinst,prerm,postrm} | |
| - name: Build Debian package | |
| run: | | |
| dpkg-deb --build "${PACKAGE_NAME}_${VERSION}_${ARCH}" "${PACKAGE_NAME}_${VERSION}_${ARCH}.deb" | |
| # OmniOS Build Steps | |
| - name: Fresh checkout for OmniOS build | |
| uses: actions/checkout@v5 | |
| with: | |
| path: omnios-source | |
| clean: true | |
| - name: Clean OmniOS build directory | |
| run: | | |
| ssh ghrunner@omnios.packages.startcloud.com "rm -rf /local/builds/armor-dev/* /local/builds/armor-dev/.*" || true | |
| - name: Sync source code to OmniOS | |
| run: | | |
| rsync -av \ | |
| --exclude='.git' \ | |
| --exclude='node_modules' \ | |
| --exclude='web/node_modules' \ | |
| --exclude='web/dist' \ | |
| --exclude='*.deb' \ | |
| omnios-source/ ghrunner@omnios.packages.startcloud.com:/local/builds/armor-dev/ | |
| - name: Build package on OmniOS | |
| run: | | |
| ssh ghrunner@omnios.packages.startcloud.com " | |
| cd /local/builds/armor-dev && | |
| export PATH=/opt/ooce/bin:/opt/ooce/node-22/bin:\$PATH && | |
| export MAKE=gmake && | |
| export DEV_VERSION=${VERSION} && | |
| chmod +x packaging/omnios/build.sh && | |
| ./packaging/omnios/build.sh | |
| " | |
| - name: Transfer OmniOS package back | |
| run: | | |
| rsync -av ghrunner@omnios.packages.startcloud.com:/local/builds/armor-dev/*.p5p ./ || echo "No .p5p files found" | |
| - name: Upload Debian package to repository server | |
| run: | | |
| rsync -av ${PACKAGE_NAME}_*.deb startcloud@172.17.204.177:/tmp/ | |
| - name: Add package to repository pool | |
| run: | | |
| ssh startcloud@172.17.204.177 " | |
| mkdir -p /local/public/debian/pool/main/z/armor-dev | |
| cp /tmp/${PACKAGE_NAME}_*.deb /local/public/debian/pool/main/z/armor-dev/ | |
| " | |
| - name: Update repository Packages files for all suites | |
| run: | | |
| ssh startcloud@172.17.204.177 " | |
| cd /local/public/debian | |
| # Generate Packages files for each suite | |
| for suite in bookworm trixie; do | |
| dpkg-scanpackages --arch amd64 pool/ > dists/\$suite/main/binary-amd64/Packages | |
| gzip -c dists/\$suite/main/binary-amd64/Packages > dists/\$suite/main/binary-amd64/Packages.gz | |
| done | |
| " | |
| - name: Generate Release files for all suites | |
| run: | | |
| ssh startcloud@172.17.204.177 " | |
| cd /local/public/debian | |
| # Generate Release files for each suite | |
| for suite in bookworm trixie; do | |
| cd dists/\$suite | |
| /local/generate-release.sh \$suite > Release | |
| cd ../.. | |
| done | |
| " | |
| - name: Create stable distribution with proper Release file | |
| run: | | |
| ssh startcloud@172.17.204.177 " | |
| cd /local/public/debian/dists | |
| rm -rf stable 2>/dev/null || true | |
| cp -r trixie stable | |
| cd stable | |
| /local/generate-release.sh stable > Release | |
| " | |
| - name: Sign repository for all suites including stable | |
| run: | | |
| ssh startcloud@172.17.204.177 " | |
| cd /local/public/debian | |
| # Sign each suite including stable | |
| for suite in bookworm trixie stable; do | |
| cd dists/\$suite | |
| export GNUPGHOME=\$(mktemp -d /local/pgp/pgpkeys-XXXXXX) | |
| cat /local/pgp/pgp-key.private | gpg --import | |
| cat Release | gpg --default-key startcloud -abs > Release.gpg | |
| cat Release | gpg --default-key startcloud -abs --clearsign > InRelease | |
| rm -rf \$GNUPGHOME | |
| cd ../.. | |
| done | |
| " | |
| - name: Publish OmniOS package to repository | |
| run: | | |
| ssh ghrunner@omnios.packages.startcloud.com " | |
| cd /local/builds/armor-dev && | |
| pfexec pkgsend publish -d proto -s file:///local/public/r151054/pkg armor.p5m.final && | |
| pfexec pkgrepo refresh -s /local/public/r151054/pkg && | |
| pfexec svcadm restart pkg/server:r151054_STARTcloud | |
| " | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: 'development-packages' | |
| path: | | |
| *.deb | |
| *.p5p | |
| retention-days: 30 | |
| - name: Clean up | |
| run: | | |
| ssh ghrunner@omnios.packages.startcloud.com "rm -rf /local/builds/armor-dev/*" | |
| ssh startcloud@172.17.204.177 "rm -f /tmp/${PACKAGE_NAME}_*.deb" | |
| - name: Summary | |
| run: | | |
| echo "Development packages built and published:" | |
| echo "- Version: ${VERSION}" | |
| echo "- Debian package: ${PACKAGE_NAME}_${VERSION}_${ARCH}.deb" | |
| echo "- Packages published to repositories" |