add: ci: build-packages

silime · silime · commit 1beac2a019f3 · 2025-02-23T13:11:45.000Z
diff --git a/.github/workflows/build-PKGBUILDs-aarch64-test.yml b/.github/workflows/build-PKGBUILDs-aarch64-test.yml
@@ -0,0 +1,129 @@
+name: Build Arch Repository
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [ main ]
+
+env:
+  REPO_NAME: qcom
+  BUILD_DIR: ${{ github.workspace }}/build
+  REPO_DIR: ${{ github.workspace }}/repo
+
+jobs:
+  build-packages:
+    name: Build Package (${{ matrix.package }})
+    runs-on: ubuntu-22.04-arm
+    container: danhunsaker/archlinuxarm
+    strategy:
+      matrix:
+        package: [
+            'q6voiced',
+            'soc-qcom-sdm845',
+            'persistent-mac',
+            'linux-firmware',
+            'qbootctl',
+            'bootmac',
+            'alsa-ucm-oneplus',
+            'device-oneplus-fajita',
+            'device-lenovo-q706f',
+            'mkbootimg',
+            'linux-firmware-lenovo-sm8250',
+            'linux-sdm845',
+            'linux-sm8250',
+            'sensors/iio-sensor-proxy',
+            'sensors/hexagonrpcd',
+            'sensors/libssc'
+        ]
+    
+    steps:
+
+    - name: Install dependencies
+      run: | 
+        curl -L -o /etc/pacman.conf https://github.com/silime/ArchlinuxARM-qcom-aarch64/raw/main/pacman.conf
+        pacman-key --init && pacman-key --populate archlinuxarm
+        pacman-key --recv-keys F60FD4C6D426DAB6
+        pacman-key --lsign F60FD4C6D426DAB6
+        pacman -Syyu --noconfirm  --ask=4 arch-install-scripts cloud-guest-utils sudo binutils fakeroot base-devel git
+        useradd -m alarm
+        passwd -d alarm
+        usermod -aG wheel alarm
+        echo 'alarm ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
+
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Build package
+      working-directory: ${{ github.workspace }}/${{ matrix.package }}
+      run: |
+        # 构建参数配置
+        export MAKEPKG_CONF="/etc/makepkg.conf"
+        echo 'BUILDENV=(!distcc color !ccache check !sign)' | sudo tee -a $MAKEPKG_CONF
+        # 清理并构建
+        sudo chown alarm:alarm ./
+        sudo -u alarm -E makepkg --cleanbuild --syncdeps --noconfirm
+
+    - name: Sign package
+      env:
+        GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+      working-directory: ${{ github.workspace }}/${{ matrix.package }}
+      run: |
+        # Import the GPG private key
+        ${{ env.BUILD_ALARM_SH }} 'echo "${{ secrets.GPG_PRIVATE_KEY }}" > private_key.asc'
+        ${{ env.BUILD_ALARM_SH }} 'gpg --import private_key.asc --passphrase "${{ secrets.GPG_PASSPHRASE }}" --pinentry-mode loopback'
+        ${{ env.BUILD_ALARM_SH }} 'rm private_key.asc'
+        # Configure the GPG agent to use the passphrase
+        ${{ env.BUILD_ALARM_SH }} 'echo "default-cache-ttl 18000" > ~/.gnupg/gpg-agent.conf'
+        ${{ env.BUILD_ALARM_SH }} 'echo "max-cache-ttl 18000" >> ~/.gnupg/gpg-agent.conf'
+        ${{ env.BUILD_ALARM_SH }} 'gpgconf --reload gpg-agent'
+        for pkg in *.pkg.tar.*; do
+          [[ -f "$pkg" ]] || continue
+          echo "Signing $pkg ..."
+          gpg --batch --yes --pinentry-mode loopback \
+            --passphrase "$GPG_PASSPHRASE" \
+            --detach-sign --no-armor "$pkg"
+        done
+
+    - name: Upload artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: ${{ matrix.package }}-pkg
+        path: |
+          ${{ github.workspace }}/${{ matrix.package }}/*.pkg.tar.*
+          ${{ github.workspace }}/${{ matrix.package }}/*.sig
+
+  create-repository:
+    name: Create Repository
+    runs-on: ubuntu-22.04-arm
+    needs: build-packages
+    steps:
+    - name: Download all artifacts
+      uses: actions/download-artifact@v4
+      with:
+        path: ${{ env.BUILD_DIR }}
+
+    - name: Setup repository directory
+      run: |
+        mkdir -p ${{ env.REPO_DIR }}
+        find ${{ env.BUILD_DIR }} -name '*.pkg.tar.*' -exec cp {} ${{ env.REPO_DIR }} \;
+        find ${{ env.BUILD_DIR }} -name '*.sig' -exec cp {} ${{ env.REPO_DIR }} \;
+
+    - name: Generate repository database
+      working-directory: ${{ env.REPO_DIR }}
+      run: |
+        repo-add -s -v ${{ env.REPO_NAME }}.db.tar.gz *.pkg.tar.zst
+        ln -s ${{ env.REPO_NAME }}.db.tar.gz ${{ env.REPO_NAME }}.db
+        ln -s ${{ env.REPO_NAME }}.files.tar.gz ${{ env.REPO_NAME }}.files
+
+    - name: Upload repository
+      uses: actions/upload-artifact@v4
+      with:
+        name: ${{ env.REPO_NAME }}
+        path: ${{ env.REPO_DIR }}/*
+
+    # - name: Deploy to GitHub Pages
+    #   if: github.ref == 'refs/heads/main'
+    #   uses: peaceiris/actions-gh-pages@v3
+    #   with:
+    #     github_token: ${{ secrets.GITHUB_TOKEN }}
+    #     publish_dir: ${{ env.REPO_DIR }}
