11name : " Upload Debian to Artifactory"
22description : " Uploads Debian artifacts from a .changes file to Artifactory"
3+
34inputs :
45 server_url :
56 description : " Artifactory server URL"
67 required : false
78 default : " https://qartifactory.pe.jfrog.io"
9+
810 target_base_repo :
911 description : " Target repo name (e.g. deb-local or deb-remote)"
10- required : true
12+ required : false
13+ default : " qsc-debian-local"
14+
1115 changes_path :
1216 description : " Path to .changes file"
1317 required : true
18+
1419 provenance_info :
1520 description : " Extra artifactory properties"
1621 required : false
1722 default : " {}"
23+
1824 access_token :
1925 description : " Artifactory access token (mutually exclusive with qsc_api_key)"
2026 required : false
27+
2128 qsc_api_key :
2229 description : " QSC API key - used to generate a temporary access token (mutually exclusive with access_token)"
2330 required : false
31+
32+ access_token_data :
33+ description : " Access token data for generating access token - used in conjunction with qsc_api_key"
34+ required : false
35+ default : " {\" softwareName\" :\" LU.QCLINUX\" ,\" softwareType\" :\" SoftwareImage\" ,\" releaseTag\" :\" 2.0\" }"
36+
2437 component :
2538 description : " Component name"
2639 required : false
2740 default : " main"
2841
42+ debug :
43+ description : " Enable debug output directory in target repo (appends {{github.run_id}} to target path)"
44+ required : false
45+ default : false
46+
2947runs :
3048 using : " composite"
3149 steps :
32- - name : Install prerequisites
33- shell : bash
34- run : |
35- SUDO=sudo
36- if [ "$(id -u)" = 0 ]; then
37- SUDO=""
38- fi
39- $SUDO apt update
40- $SUDO apt install -y devscripts dctrl-tools jq curl
4150
42- name : Generate token if qsc_api_key is provided
43- env :
44- QSC_API_KEY : ${{ inputs.qsc_api_key }}
45- ARTIFACTORY_ACCESS_TOKEN : ${{ inputs.access_token }}
46- id : gen_token
51+ # This step checks for the presence of required Debian packaging tools and installs them if they are missing.
52+ # The user is encouraged to install these dependencies in their environment beforehand to speed up the workflow,
53+ # but this step ensures that the action can run successfully even if they are not pre-installed.
54+ - name : Install dependencies if needed
4755 shell : bash
4856 run : |
4957 set -euo pipefail
5058
51- if [ -n "$QSC_API_KEY" ] && [ -n "$ARTIFACTORY_ACCESS_TOKEN" ]; then
52- echo "ERROR: Both qsc_api_key and access_token were provided. These are not compatible."
53- exit 1
54- fi
55-
56- if [ -n "$QSC_API_KEY" ]; then
57- echo "Generating access token using qsc_api_key..."
58- response=$(curl -s -X POST 'https://apigwx-aws.qualcomm.com/saga/api/qsc/v1/chipSoftware/component/artifactory/release/artifact/debian/public/create/token' \
59- -H 'Content-Type: application/json' \
60- -H 'X-QCOM-TokenType: apikey' \
61- -H "Authorization: $QSC_API_KEY" \
62- -d '{"softwareName":"LE.TEST.1.0","softwareType":"SoftwareImage","releaseTag":"1234"}')
59+ # Sudo if needed
60+ SUDO=sudo
61+ if [ "$(id -u)" = 0 ]; then SUDO=""; fi
6362
64- token=$(echo "$response" | jq -r '.token')
63+ # List the debian package names you require
64+ required=(devscripts dctrl-tools jq curl)
6565
66- if [ -z "$token" ] || [ "$token" = "null" ]; then
67- echo "ERROR: Failed to generate access token from qsc_api_key."
68- echo "Response was: $response"
69- exit 1
66+ # Collect missing packages
67+ missing=()
68+ for pkg in "${required[@]}"; do
69+ if ! dpkg -s "$pkg" >/dev/null 2>&1; then
70+ missing+=("$pkg")
7071 fi
72+ done
7173
72- echo "access_token=$token" >> $GITHUB_OUTPUT
73- elif [ -n "$ARTIFACTORY_ACCESS_TOKEN" ]; then
74- echo "Using provided access_token..."
75- echo "access_token=$ARTIFACTORY_ACCESS_TOKEN" >> $GITHUB_OUTPUT
74+ # Install only if something is missing
75+ if ((${#missing[@]})); then
76+ echo "Installing missing packages: ${missing[*]}"
77+ # Noninteractive + lean + quiet
78+ export DEBIAN_FRONTEND=noninteractive
79+ $SUDO apt-get update -y -qq
80+ $SUDO apt-get install -y -qq --no-install-recommends "${missing[@]}"
7681 else
77- echo "ERROR: Neither qsc_api_key nor access_token provided."
78- exit 1
82+ echo "All prerequisites already installed."
7983 fi
8084
81- name : Setup JFrog CLI
82- uses : jfrog/setup-jfrog-cli@v4
83- with :
84- version : latest
85-
86- - name : Configure JFrog server
87- shell : bash
88- env :
89- TOKEN : " ${{ steps.gen_token.outputs.access_token }}"
90- SERVER_URL : ${{ inputs.server_url }}
91- run : |
92- jf c add artifactory-server \
93- --url "$SERVER_URL" \
94- --access-token "$TOKEN" \
95- --interactive=false
96-
97- name : Parse .changes and provenance
85+ name : Validate and parse .changes file
86+ id : changes_file
9887 shell : bash
9988 env :
100- CHANGES_PATH : ${{ inputs.changes_path }}
89+ CHANGES_FILE : ${{ inputs.changes_path }}
10190 COMPONENT : ${{ inputs.component }}
10291 PROVENANCE_INFO : ${{ inputs.provenance_info }}
10392 run : |
10493 set -euo pipefail
105- CHANGES_DIR="$(dirname "$CHANGES_PATH")"
106- CHANGES_FILE="$(basename "$CHANGES_PATH")"
107- cd "$CHANGES_DIR"
94+
95+ # verify existence and correct type
96+ if [ ! -e "$CHANGES_FILE" ]; then
97+ echo "ERROR: changes_path '$CHANGES_FILE' does not exist" >&2
98+ exit 1
99+ fi
100+ if [ ! -f "$CHANGES_FILE" ]; then
101+ echo "ERROR: changes_path '$CHANGES_FILE' is not a regular file" >&2
102+ exit 1
103+ fi
104+ if [[ "$CHANGES_FILE" != *.changes ]]; then
105+ echo "ERROR: changes_path '$CHANGES_FILE' does not have a .changes extension" >&2
106+ exit 1
107+ fi
108+
109+ dir=$(dirname "$CHANGES_FILE")
110+ echo "changes_file_dir=$dir" >> $GITHUB_OUTPUT
108111
109112 SUITE="$(grep-dctrl -ns Distribution . "$CHANGES_FILE")"
110113 SOURCE_PKG="$(grep-dctrl -ns Source . "$CHANGES_FILE")"
@@ -118,22 +121,119 @@ runs:
118121
119122 echo "ALL_FILES=$ALL_FILES" >> $GITHUB_ENV
120123 echo "SOURCE_PKG=$SOURCE_PKG" >> $GITHUB_ENV
124+ echo "SUITE=$SUITE" >> $GITHUB_ENV
121125 echo "PROPS=$PROPS" >> $GITHUB_ENV
122126
123- name : Upload all artifacts with architecture detection
127+ echo "Parsed .changes file:"
128+ echo " Distribution: $SUITE"
129+ echo " Source Package: $SOURCE_PKG"
130+ echo " All Files: $ALL_FILES"
131+ echo " JFrog Properties: $PROPS"
132+
133+
134+ name : Setup JFrog CLI
135+ uses : jfrog/setup-jfrog-cli@v4
136+ with :
137+ version : latest
138+
139+ - name : Generate access token if qsc_api_key is provided, otherwise use provided access_token
140+ id : gen_token
141+ shell : bash
142+ env :
143+ ACCESS_TOKEN_URL : " https://apigwx-aws.qualcomm.com/saga/api/qsc/v1/chipSoftware/component/artifactory/release/artifact/debian/public/create/token"
144+ QSC_API_KEY : ${{ inputs.qsc_api_key }}
145+ ACCESS_TOKEN : ${{ inputs.access_token }}
146+ ACCESS_TOKEN_DATA : ${{ inputs.access_token_data }}
147+ run : |
148+ set -euo pipefail
149+
150+ if [ -z "$QSC_API_KEY" ] && [ -z "$ACCESS_TOKEN" ]; then
151+ echo "ERROR: Neither qsc_api_key nor access_token provided."
152+ exit 1
153+ fi
154+
155+ if [ -n "$QSC_API_KEY" ] && [ -n "$ACCESS_TOKEN" ]; then
156+ echo "ERROR: Both qsc_api_key and access_token were provided. These are not compatible."
157+ exit 1
158+ fi
159+
160+ if [ -n "$ACCESS_TOKEN" ]; then
161+ echo "Using provided access_token..."
162+ echo "access_token=$ACCESS_TOKEN" >> $GITHUB_OUTPUT
163+ exit 0
164+ fi
165+
166+ echo "Generating access token using qsc_api_key..."
167+
168+ response=$(curl -s \
169+ -X POST "$ACCESS_TOKEN_URL" \
170+ -H 'Content-Type: application/json' \
171+ -H 'X-QCOM-TokenType: apikey' \
172+ -H "Authorization: $QSC_API_KEY" \
173+ -d "$ACCESS_TOKEN_DATA")
174+
175+ token=$(echo "$response" | jq -r '.token')
176+
177+ if [ -z "$token" ] || [ "$token" = "null" ]; then
178+ echo "ERROR: Failed to generate access token from qsc_api_key."
179+ echo "Response was: $response"
180+ exit 1
181+ fi
182+
183+ echo "access_token=$token" >> $GITHUB_OUTPUT
184+ echo "Access token generated successfully."
185+
186+ name : Configure JFrog server
187+ shell : bash
188+ env :
189+ SERVER_ID : " artifactory-server"
190+ SERVER_URL : ${{ inputs.server_url }}
191+ ACCESS_TOKEN : ${{ steps.gen_token.outputs.access_token }}
192+ run : |
193+ jf c add "$SERVER_ID" \
194+ --url "$SERVER_URL" \
195+ --access-token "$ACCESS_TOKEN" \
196+ --interactive=false
197+
198+ echo "JFrog CLI configured with server ID: $SERVER_ID"
199+ echo "Server URL: $SERVER_URL"
200+ jf c show
201+
202+ name : Upload all artifacts with architecture detection
203+ working-directory : ${{ steps.changes_file.outputs.changes_file_dir }}
124204 shell : bash
125205 env :
206+ SERVER_ID : " artifactory-server"
126207 TARGET_BASE_REPO : ${{ inputs.target_base_repo }}
208+ DEBUG_MODE : ${{ inputs.debug }}
209+ RUN_ID : ${{ github.run_id }}
127210 run : |
128- TARGET_DIR="$TARGET_BASE_REPO/pool/$SOURCE_PKG/"
211+ TARGET_DIR="$TARGET_BASE_REPO/pool/$SOURCE_PKG/$SUITE/"
212+
213+ if [ "$DEBUG_MODE" = "true" ]; then
214+ echo "Debug mode enabled - appending run_id to target directory"
215+ echo "Original TARGET_DIR: $TARGET_DIR"
216+ TARGET_DIR="$TARGET_DIR/$RUN_ID/"
217+ echo "Modified TARGET_DIR: $TARGET_DIR"
218+ fi
219+
129220 for f in $ALL_FILES; do
221+
130222 if [[ "$f" =~ _arm64\.deb$ || "$f" =~ _arm64\.ddeb$ ]]; then
131223 PROPS="${PROPS};deb.architecture=arm64"
132224 elif [[ "$f" =~ _amd64\.deb$ || "$f" =~ _amd64\.ddeb$ ]]; then
133225 PROPS="${PROPS};deb.architecture=amd64"
134226 fi
135- echo "Uploading $f with props: $PROPS"
136- jf rt upload --server-id=artifactory-server \
227+
228+ echo "Uploading $f"
229+ echo server_id: "$SERVER_ID"
230+ echo "props: $PROPS"
231+ echo "target: $TARGET_DIR"
232+
233+ jf rt upload \
234+ --server-id="$SERVER_ID" \
137235 --target-props "${PROPS}" \
138- "$f" "$TARGET_DIR"
236+ "$f" \
237+ "$TARGET_DIR"
238+
139239 done
0 commit comments