Linuxfabrik: Build Linux (aarch64) #15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Linuxfabrik: Build Linux (aarch64)' | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| target-distros: | |
| description: 'Space-separated list of operating systems to compile on and build packages for. Supported: `debian11 debian12 rocky8 rocky9 ubuntu2004 ubuntu2204 ubuntu2404`. Cannot be empty.' | |
| required: true | |
| default: 'debian11 debian12 rocky8 rocky9 ubuntu2004 ubuntu2204 ubuntu2404' | |
| version: | |
| description: 'Package Version' | |
| required: true | |
| package-iteration: | |
| description: 'The iteration number for the package (usually "1").' | |
| required: true | |
| default: '1' | |
| # modify the default permissions granted to the GITHUB_TOKEN | |
| permissions: | |
| contents: 'read' | |
| jobs: | |
| prepare-matrix: | |
| runs-on: | |
| - 'ubuntu-24.04-arm' | |
| outputs: | |
| distro_list: '${{ steps.set-matrix.outputs.distro_list }}' | |
| steps: | |
| # Transform the space‐separated string into a valid JSON array using shell commands (with sed), | |
| # then pass that result as an output to be used in the matrix of a subsequent job. | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 | |
| with: | |
| egress-policy: audit | |
| - id: set-matrix | |
| run: | | |
| # Grab the space-separated input value | |
| input="${{ github.event.inputs.target-distros }}" | |
| # Replace spaces with '","' using sed | |
| json_array=$(echo "$input" | sed 's/ /","/g') | |
| # Wrap the result in a JSON array | |
| json_array='["'"$json_array"'"]' | |
| echo "Computed JSON array: $json_array" | |
| echo "distro_list=$json_array" >> $GITHUB_OUTPUT | |
| build-linux-aarch64: | |
| needs: 'prepare-matrix' | |
| runs-on: | |
| - 'ubuntu-24.04-arm' | |
| strategy: | |
| matrix: | |
| # Parse the JSON array output from the prepare-matrix job. | |
| distro: '${{ fromJson(needs.prepare-matrix.outputs.distro_list) }}' | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 | |
| with: | |
| egress-policy: audit | |
| - name: 'Set environment variables for the build scripts' | |
| run: | | |
| echo "LFMP_ARCH=aarch64" >> $GITHUB_ENV | |
| echo "LFMP_VERSION=${{ github.event.inputs.version }}" >> $GITHUB_ENV | |
| echo "LFMP_PACKAGE_ITERATION=${{ github.event.inputs.package-iteration }}" >> $GITHUB_ENV | |
| # Each matrix job gets one distro value here (to parallelize job runs and avoiding Github's 6h timeout). | |
| echo "LFMP_TARGET_DISTROS=${{ matrix.distro }}" >> $GITHUB_ENV | |
| echo "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> $GITHUB_ENV | |
| echo "LFMP_DIR_REPOS=$GITHUB_WORKSPACE/repos" >> $GITHUB_ENV | |
| echo "LFMP_DIR_REPO_MP=$GITHUB_WORKSPACE/repos/monitoring-plugins" >> $GITHUB_ENV | |
| echo "LFMP_DIR_PACKAGED=$RUNNER_TEMP/lfmp/packaged" >> $GITHUB_ENV | |
| - name: 'Create working directories' | |
| run: | | |
| mkdir -p $LFMP_DIR_REPOS | |
| mkdir -p $LFMP_DIR_PACKAGED | |
| - name: 'git clone https://github.com/Linuxfabrik/THIS-REPO' | |
| uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4.2.2 | |
| with: | |
| path: '${{ env.LFMP_DIR_REPO_MP }}' | |
| - name: 'Debug' | |
| run: > | |
| /bin/bash | |
| $LFMP_DIR_REPO_MP/build/debug.sh | |
| - name: 'Install podman' | |
| run: > | |
| /bin/bash | |
| $LFMP_DIR_REPO_MP/build/install-podman.sh | |
| - name: 'For each distro create package' | |
| run: > | |
| /bin/bash $LFMP_DIR_REPO_MP/build/matrix-package.sh | |
| - name: 'Upload the packages (rpm, deb)' | |
| uses: 'actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02' # v4.6.2 | |
| with: | |
| compression-level: 8 | |
| path: '${{ env.LFMP_DIR_PACKAGED }}/*' | |
| name: "lfmp-${{ env.LFMP_VERSION }}-${{ env.LFMP_PACKAGE_ITERATION }}.packaged.${{ env.LFMP_ARCH }}.${{ env.LFMP_TARGET_DISTROS }}" |