Skip to content

Commit 952f1b3

Browse files
jfantinhardestyjfantinhardesty
committed
Fix rpm apt release
1 parent b301bfb commit 952f1b3

File tree

1 file changed

+14
-6
lines changed

1 file changed

+14
-6
lines changed

.github/workflows/publish-release.yml

Lines changed: 14 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -191,8 +191,8 @@ jobs:
191191
TAG: ${{ github.ref_name }}
192192
run: |
193193
mkdir ./packages
194-
gh release download $TAG --dir ./packages -p "*.deb"
195-
gh release download $TAG --dir ./packages -p "*.rpm"
194+
gh release download "$TAG" --repo "${{ github.repository }}" --dir ./packages -p "*.deb"
195+
gh release download "$TAG" --repo "${{ github.repository }}" --dir ./packages -p "*.rpm"
196196
197197
- name: Import GPG key
198198
id: import_gpg
@@ -204,6 +204,7 @@ jobs:
204204
- name: Update APT repository
205205
working-directory: ./gh-pages
206206
run: |
207+
set -euo pipefail
207208
# Move new .deb files into the repository
208209
find ../packages -name "*_amd64.deb" -exec mv {} dists/stable/main/binary-amd64/ \;
209210
find ../packages -name "*_arm64.deb" -exec mv {} dists/stable/main/binary-arm64/ \;
@@ -212,7 +213,7 @@ jobs:
212213
gzip -k -f dists/stable/main/binary-amd64/Packages
213214
apt-ftparchive packages dists/stable/main/binary-arm64 > dists/stable/main/binary-arm64/Packages
214215
gzip -k -f dists/stable/main/binary-arm64/Packages
215-
# Generate and sign the Release file
216+
# Generate Release file
216217
apt-ftparchive \
217218
-o APT::FTPArchive::Release::Origin="Seagate Technology" \
218219
-o APT::FTPArchive::Release::Label="cloudfuse" \
@@ -222,21 +223,28 @@ jobs:
222223
-o APT::FTPArchive::Release::Components="main" \
223224
-o APT::FTPArchive::Release::Description="APT repository for cloudfuse" \
224225
release dists/stable > dists/stable/Release
225-
gpg --clearsign -u "${STEPS_IMPORT_GPG_OUTPUTS_FINGERPRINT}" --batch --pinentry-mode loopback --passphrase "${SECRET_GPG_PASSPHRASE}" -o dists/stable/InRelease dists/stable/Release
226-
gpg -u "${STEPS_IMPORT_GPG_OUTPUTS_FINGERPRINT}" --batch --pinentry-mode loopback --passphrase "${SECRET_GPG_PASSPHRASE}" -abs -o dists/stable/Release.gpg dists/stable/Release
226+
# Remove old signatures to avoid "File exists"
227+
rm -f dists/stable/InRelease dists/stable/Release.gpg
228+
# Sign the Release file
229+
gpg --yes --clearsign -u "${STEPS_IMPORT_GPG_OUTPUTS_FINGERPRINT}" --batch --pinentry-mode loopback --passphrase "${SECRET_GPG_PASSPHRASE}" -o dists/stable/InRelease dists/stable/Release
230+
gpg --yes -u "${STEPS_IMPORT_GPG_OUTPUTS_FINGERPRINT}" --batch --pinentry-mode loopback --passphrase "${SECRET_GPG_PASSPHRASE}" -abs -o dists/stable/Release.gpg dists/stable/Release
227231
env:
228232
STEPS_IMPORT_GPG_OUTPUTS_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
229233
SECRET_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
230234

231235
- name: Update RPM repository
232236
working-directory: ./gh-pages
233237
run: |
238+
set -euo pipefail
234239
# Move new .rpm files
235240
find ../packages -name "*.rpm" -exec mv {} rpm-repo/ \;
236241
# Create/update repository metadata
237242
createrepo_c --database rpm-repo/
243+
# Remove old signatures to avoid "File exists"
244+
rm -f rpm-repo/repodata/repomd.xml.asc rpm-repo/repodata/repomd.xml.gpg
238245
# Sign the repository metadata
239-
gpg --detach-sign --armor -u "${STEPS_IMPORT_GPG_OUTPUTS_FINGERPRINT}" --batch --pinentry-mode loopback --passphrase "${SECRET_GPG_PASSPHRASE}" rpm/repodata/repomd.xml
246+
gpg --yes --detach-sign --armor -u "${STEPS_IMPORT_GPG_OUTPUTS_FINGERPRINT}" --batch --pinentry-mode loopback --passphrase "${SECRET_GPG_PASSPHRASE}" -o rpm-repo/repodata/repomd.xml.asc \
247+
rpm-repo/repodata/repomd.xml
240248
env:
241249
STEPS_IMPORT_GPG_OUTPUTS_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
242250
SECRET_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

0 commit comments

Comments
 (0)