Skip to content

Test refactoring common scripts #163

Test refactoring common scripts

Test refactoring common scripts #163

name: Build packages
on:
push:
branches:
- 'release/**'
- 'hotfix/**'
- 'develop'
- 'feature/fix-common-scripts'
# paths:
# - '.github/workflows/build_packages.yml'
workflow_dispatch:
inputs:
branch-buildtools:
description: 'Branch for buildtools repository'
required: true
default: 'develop'
branch-client:
description: 'Branch for client repository'
required: true
default: 'develop'
branch-server:
description: 'Branch for server repository'
required: true
default: 'develop'
deb_build:
description: 'Trigger DEB build'
required: false
default: 'true'
rpm_build:
description: 'Trigger RPM build'
required: false
default: 'false'
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
env:
PRODUCT: "DocSpace"
PRODUCT_LOW: "docspace"
BUILD_NUMBER: ${{ github.run_number }}
PACKAGE_DIRECTORY: "/home/runner/work/${{ github.event.repository.name }}/${{ github.event.repository.name }}"
BRANCH_BUILDTOOLS: 'develop'
BRANCH_CLIENT: 'develop'
BRANCH_SERVER: 'develop'
jobs:
prepare:
runs-on: ubuntu-22.04
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
build_all: ${{ steps.changes.outputs.build_all }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: "Checking common scripts for errors"
run: |
set -eux
sudo apt-get install -y shellcheck
find install/common -type f -name "*.sh" | xargs shellcheck --exclude="$(awk '!/^#|^$/ {print $1}' tests/lint/sc_ignore | paste -sd ",")" --severity=warning | tee sc_output
awk '/\(warning\):/ {w++} /\(error\):/ {e++} END {if (w+e) printf "::warning ::ShellCheck detected %d warnings and %d errors\n", w+0, e+0}' sc_output
- name: Determine changed
id: changes
run: |
git fetch --no-tags --prune --depth=2
echo "build_all=$(git diff --name-only HEAD~1 HEAD | grep -qE 'build_packages.yml' && echo true)" >> $GITHUB_OUTPUT
- name: Set matrix
id: set-matrix
run: |
package_types=()
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
[[ "${{ github.event.inputs.deb_build }}" == "true" ]] && package_types+=("deb")
[[ "${{ github.event.inputs.rpm_build }}" == "true" ]] && package_types+=("rpm")
elif [[ "${{ steps.changes.outputs.build_all }}" == "true" ]]; then
package_types+=("deb" "rpm")
else
[[ "${{ github.event.inputs.deb_build }}" == "true" ]] && package_types+=("deb")
[[ "${{ github.event.inputs.rpm_build }}" == "true" ]] && package_types+=("rpm")
fi
[[ ${#package_types[@]} -eq 0 ]] && exit 0
matrix=$(printf '%s\n' "${package_types[@]}" | jq -R . | jq -sc '{include: map({packageType: .})}')
echo "matrix=$matrix" >> $GITHUB_OUTPUT
build:
name: Build Packages
needs: prepare
runs-on: ubuntu-22.04
strategy:
matrix: ${{ fromJson(needs.prepare.outputs.matrix) }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set product version
run: |
PRODUCT_VERSION=$(grep -oP '\d+\.\d+\.\d+' <<< "${BRANCH_BUILDTOOLS//\//} ${BRANCH_CLIENT//\//} \
${BRANCH_SERVER//\//}" | head -n1)
echo "PRODUCT_VERSION=${PRODUCT_VERSION:-3.0.2}" >> $GITHUB_ENV
- name: Free Disk Space
run: |
sudo rm -rf /usr/local/lib/android /opt/ghc
sudo docker image prune --all --force
- name: Import GPG
uses: crazy-max/ghaction-import-gpg@v6
id: gpg_step
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASS }}
- name: Prepare build
if: matrix.packageType == 'deb' || matrix.packageType == 'rpm'
run: |
wget -O - https://dl.yarnpkg.com/debian/pubkey.gpg | \
sudo gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/yarnkey.gpg --import
sudo chmod 644 /usr/share/keyrings/yarnkey.gpg
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian/ stable main" | \
sudo tee /etc/apt/sources.list.d/yarn.list
sudo add-apt-repository -y ppa:dotnet/backports
sudo apt remove -y netstandard-targeting-pack-2.1
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo bash -
sudo apt install -y dotnet-sdk-9.0 yarn nodejs rename unzip maven openjdk-21-jdk-headless
JAVA_PATH=$(find /usr/lib/jvm/ -name "java" -path "*java-${JAVA_VERSION}*" | head -1)
sudo update-alternatives --install /usr/bin/java java "$JAVA_PATH" 100 && sudo update-alternatives --set java "$JAVA_PATH"
echo "JAVA_HOME=$(dirname $(dirname "$JAVA_PATH"))" >> $GITHUB_ENV
sudo npm install -g json
if [[ "${{ matrix.packageType }}" == "rpm" ]]; then
sudo apt install -y python3-rpm python3-pip
sudo pip install rpmlint
else
sudo apt install -y dpkg-sig lintian dh-make
fi
- name: Build DEB Packages
if: matrix.packageType == 'deb'
run: |
cd install/deb/
wget -q -O ./debian/source/buildtools.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-buildtools/archive/${BRANCH_BUILDTOOLS}.tar.gz"
wget -q -O ./debian/source/client.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-client/archive/${BRANCH_CLIENT}.tar.gz"
wget -q -O ./debian/source/server.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-server/archive/${BRANCH_SERVER}.tar.gz"
wget -q -O ./debian/source/DocStore.tar.gz "https://github.com/ONLYOFFICE/document-templates/archive/main/community-server.tar.gz"
wget -q -O ./debian/source/campaigns.tar.gz "https://github.com/ONLYOFFICE/ASC.Web.Campaigns/archive/master.tar.gz"
wget -q -O ./debian/source/plugins.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-plugins/archive/master.tar.gz"
rename -f -v "s/product([^\/]*)$/${PRODUCT_LOW}\$1/g" debian/*
find debian/ -type f -exec sed -i "s/{{product}}/${PRODUCT_LOW}/g" {} ';'
sed -i "s/{{package_header_tag_version}}/${PRODUCT_VERSION}.${BUILD_NUMBER}/g" debian/changelog debian/control
dpkg-buildpackage -uc -us
- name: Build RPM Packages
if: matrix.packageType == 'rpm'
run: |
cd install/rpm/SPECS
wget -q -O ./SOURCES/buildtools.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-buildtools/archive/${BRANCH_BUILDTOOLS}.tar.gz"
wget -q -O ./SOURCES/client.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-client/archive/${BRANCH_CLIENT}.tar.gz"
wget -q -O ./SOURCES/server.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-server/archive/${BRANCH_SERVER}.tar.gz"
wget -q -O ./SOURCES/DocStore.tar.gz "https://github.com/ONLYOFFICE/document-templates/archive/main/community-server.tar.gz"
wget -q -O ./SOURCES/campaigns.tar.gz "https://github.com/ONLYOFFICE/ASC.Web.Campaigns/archive/master.tar.gz"
wget -q -O ./SOURCES/plugins.tar.gz "https://github.com/ONLYOFFICE/$PRODUCT-plugins/archive/master.tar.gz"
mv ./SOURCES/product.rpmlintrc ./SOURCES/${PRODUCT_LOW}.rpmlintrc
sed -i -e '/BuildRequires/d' product.spec
rpmbuild -D "packager Ascensio System SIA <[email protected]>" \
-D "_topdir $(pwd)" \
-D "version ${PRODUCT_VERSION}" \
-D "release ${BUILD_NUMBER}" -ba product.spec
- name: Sign DEB Packages
if: matrix.packageType == 'deb'
run: |
dpkg-sig --sign origin \
--gpg-options "--pinentry-mode loopback --passphrase ${{ secrets.GPG_PRIVATE_KEY_PASS }}" \
--batch ${PACKAGE_DIRECTORY}/install/*.deb
- name: Sign RPM Packages
if: matrix.packageType == 'rpm'
run: |
gpg --export --armor > gpgkey.pub && rpm --import gpgkey.pub
rpm -D "__gpg /usr/bin/gpg" \
-D "_gpg_path $HOME/.gnupg" \
-D "_gpg_name ${{ secrets.GPG_KEY_NAME }}" \
-D "_gpg_sign_cmd_extra_args --pinentry-mode loopback --passphrase ${{ secrets.GPG_PRIVATE_KEY_PASS }}" \
--addsign ${PACKAGE_DIRECTORY}/install/rpm/SPECS/RPMS/noarch/*.rpm
- name: Upload DEB Packages
if: matrix.packageType == 'deb'
run: |
for deb_package in ${PACKAGE_DIRECTORY}/install/*.deb; do
echo -n "Uploading $( basename $deb_package )... "
curl --user "${{ secrets.REPO_LOGIN }}:${{ secrets.REPO_PASS }}" \
-H "Content-Type: multipart/form-data" \
--data-binary "@$deb_package" "${{ secrets.REPO_URL_4TESTING_DEB }}" \
&& echo "Success: $(basename "$deb_package") uploaded." || echo "Error: Failed to upload $(basename "$deb_package")"
done
- name: Upload RPM Packages
if: matrix.packageType == 'rpm'
run: |
for rpm_package in ${PACKAGE_DIRECTORY}/install/rpm/SPECS/RPMS/noarch/*.rpm; do
echo -n "Uploading $( basename $rpm_package )... "
curl --user "${{ secrets.REPO_LOGIN }}:${{ secrets.REPO_PASS }}" \
--upload-file "$rpm_package" "${{ secrets.REPO_URL_4TESTING_RPM }}" \
&& echo "Success: $(basename "$rpm_package") uploaded." || echo "Error: Failed to upload $(basename "$rpm_package")"
done
# - name: Checking the DEB package for errors
# if: matrix.packageType == 'deb'
# run: |
# lintian --profile debian ${PACKAGE_DIRECTORY}/install/*.deb | tee -a LINTIAN
# if grep -qE '^(W:|E:)' LINTIAN; then
# echo "::warning Noticedeb=lintian::$(cat LINTIAN | awk '/^W:/ { ws += 1 } /^E:/ { es += 1 } END { print "Warnings:", ws, "Errors:", es }')"
# fi
# - name: Checking the RPM package for errors
# if: matrix.packageType == 'rpm'
# run: |
# for rpm_package in ${PACKAGE_DIRECTORY}/install/rpm/SPECS/RPMS/noarch/*.rpm; do
# rpmlint --ignore-unused-rpmlintrc --rpmlintrc ${PACKAGE_DIRECTORY}/install/rpm/SPECS/SOURCES/${PRODUCT_LOW}.rpmlintrc $rpm_package | tee -a RPM_LINT
# done
# if grep -qE '(W:|E:)' RPM_LINT; then
# echo "::warning Noticerpm=rpmlint::$(cat RPM_LINT | awk '/W:/ { ws += 1 } /E:/ { es += 1 } END { print "Warnings:", ws, "Errors:", es }')"
# fi
trigger_oci:
name: Trigger ci-oci-install Workflow
needs: [prepare, build]
runs-on: ubuntu-22.04
if: ${{ success() }}
steps:
- name: Trigger CI-OCI-Install Workflow
run: |
deb_build="${{ github.event.inputs.deb_build }}"
rpm_build="${{ github.event.inputs.rpm_build }}"
[[ "${{ needs.prepare.outputs.build_all }}" == "true" ]] && deb_build="true" && rpm_build="true"
curl \
-X POST \
-u "${{ secrets.USERNAME}}:${{secrets.TOKEN}}" \
https://api.github.com/repos/ONLYOFFICE/DocSpace-buildtools/actions/workflows/85067971/dispatches \
-H "Accept: application/vnd.github.everest-preview+json" \
--data '{
"ref": "'"${{ github.ref_name }}"'",
"inputs": {
"deb_build": "'"${deb_build}"'",
"rpm_build": "'"${rpm_build}"'"
}
}'