eliaskohout/ax
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
aa5f124b5f613fbc884fe52e680264b81af8acc1
ax/.gitea/workflows/apk-publish.yml
Elias Kohout aa5f124b5f
Some checks failed
Build and Publish APK Package / build-apk (push) Failing after 17s
Details
Build and Push Docker Container / build-and-push (push) Has been cancelled
Details
Fix apk-publish workflow: run abuild as non-root user
2026-04-02 02:50:33 +02:00

67 lines
2.2 KiB
YAML
Raw Blame History

name: Build and Publish APK Package
on:
push:
tags:
- 'v*'
jobs:
build-apk:
runs-on:
- ubuntu-24.04
container:
image: alpine:latest
steps:
- name: Install build dependencies
run: |
apk add --no-cache git go abuild make nodejs curl openssl sudo
- name: Create build user
run: |
adduser -D -G abuild build
echo "build ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
chown -R build:abuild .
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup abuild for package signing
run: |
su build -c "mkdir -p ~/.abuild"
su build -c "openssl genrsa -out ~/.abuild/private_key.rsa 2048"
su build -c "openssl rsa -pubout -in ~/.abuild/private_key.rsa -out ~/.abuild/private_key.rsa.pub"
cp ~build/.abuild/private_key.rsa.pub /etc/apk/keys/
su build -c "abuild-keygen -a -n"
- name: Prepare source
run: |
cd packaging/alpine
pkgver=$(echo "${{ github.ref_name }}" | sed 's/^v//')
sed -i "s/pkgver=.*/pkgver=$pkgver/" APKBUILD
sed -i "s|source=.*|source=\"\$pkgname-\$pkgver.tar.gz::${{ github.server_url }}/${{ github.repository }}/archive/\$pkgver.tar.gz\"|" APKBUILD
chown -R build:abuild .
- name: Generate checksums
run: |
cd packaging/alpine
su build -c "abuild checksum"
- name: Build package
run: |
cd packaging/alpine
su build -c "abuild -r"
- name: Find built package
id: find_package
run: |
find ~build/packages -name "*.apk" -type f > packages.txt
echo "package_path=$(head -1 packages.txt)" >> $GITHUB_OUTPUT
- name: Publish to Gitea Registry
run: |
apk_file=$(find ~build/packages -name "*.apk" -type f | head -1)
branch=$(echo "${{ github.ref_name }}" | sed 's/^v//')
curl -X PUT \
-H "Authorization: token ${{ secrets.ACCESS_TOKEN }}" \
-T "$apk_file" \
"${{ github.api_url }}/packages/${{ github.repository_owner }}/apk/${{ github.repository }}/$branch"
Reference in New Issue View Git Blame Copy Permalink