Update CI.yaml
This commit is contained in:
parent
0f002dd01f
commit
8903880fad
|
@ -156,105 +156,4 @@ jobs:
|
||||||
gpg -u sysadmin@z.cash --armor --digest-algo SHA256 --detach-sign *linux64-debian-\$i.tar.gz
|
gpg -u sysadmin@z.cash --armor --digest-algo SHA256 --detach-sign *linux64-debian-\$i.tar.gz
|
||||||
cd \$current_dir
|
cd \$current_dir
|
||||||
done
|
done
|
||||||
export final_version=\$(cat assert2.txt | awk '{print \$2}' | grep "desc.yml" | head -n 1 | sed 's/-desc.yml//g')
|
|
||||||
gsutil -q -m rsync -r ./debs gs://${{ secrets.GCP_PROJECT_ID_PROD }}-apt-packages/debs
|
|
||||||
gsutil -q -m rsync -r ./zcash-binaries gs://${{ secrets.GCP_PROJECT_ID_PROD }}-apt-packages/zcash-binaries
|
|
||||||
apt install aptly -y >/dev/null
|
|
||||||
|
|
||||||
# generate apt
|
|
||||||
mkdir aptserver
|
|
||||||
cd aptserver
|
|
||||||
gsutil -q -m cp -r gs://${{ secrets.GCP_PROJECT_ID_PROD }}-apt-server/pool/main/z/zcash/ .
|
|
||||||
cd zcash
|
|
||||||
cp -a ../../debs/buster/zcbuild/*.deb \$final_version-amd64-buster.deb
|
|
||||||
cp -a ../../debs/bullseye/zcbuild/*.deb \$final_version-amd64-bullseye.deb
|
|
||||||
cp -a ../../debs/bookworm/zcbuild/*.deb \$final_version-amd64-bookworm.deb || echo ""
|
|
||||||
ls \$final_version-amd64-buster.deb || exit 1
|
|
||||||
ls \$final_version-amd64-bullseye.deb || exit 1
|
|
||||||
ls \$final_version-amd64-bookworm.deb || echo ""
|
|
||||||
|
|
||||||
aptly repo create --distribution buster --comment "" --component main zcash_buster_amd64_repo
|
|
||||||
aptly repo create --distribution bullseye --comment "" --component main zcash_bullseye_amd64_repo
|
|
||||||
aptly repo create --distribution bookworm --comment "" --component main zcash_bookworm_amd64_repo
|
|
||||||
aptly repo create --distribution stretch --comment "" --component main zcash_stretch_amd64_repo
|
|
||||||
for i in \$(ls *.deb | grep buster); do
|
|
||||||
aptly repo add zcash_buster_amd64_repo \$i
|
|
||||||
done
|
|
||||||
for i in \$(ls *.deb | grep bullseye); do
|
|
||||||
aptly repo add zcash_bullseye_amd64_repo \$i
|
|
||||||
done
|
|
||||||
for i in \$(ls *.deb | grep stretch); do
|
|
||||||
aptly repo add zcash_stretch_amd64_repo \$i
|
|
||||||
done
|
|
||||||
for i in \$(ls *.deb | grep bookworm); do
|
|
||||||
aptly repo add zcash_bookworm_amd64_repo \$i
|
|
||||||
done
|
|
||||||
aptly snapshot create bookworm_snapshot from repo zcash_bookworm_amd64_repo
|
|
||||||
aptly snapshot create buster_snapshot from repo zcash_buster_amd64_repo
|
|
||||||
aptly snapshot create bullseye_snapshot from repo zcash_bullseye_amd64_repo
|
|
||||||
aptly snapshot create stretch_snapshot from repo zcash_stretch_amd64_repo
|
|
||||||
|
|
||||||
export key=\$(gpg --list-secret-keys --keyid-format=long sysadmin@z.cash | head -n 2 | grep -v sec)
|
|
||||||
aptly publish snapshot --distribution buster --component main --architectures amd64 --gpg-key="\$key" --passphrase="" buster_snapshot
|
|
||||||
aptly publish snapshot --distribution bookworm --component main --architectures amd64 --gpg-key="\$key" --passphrase="" bookworm_snapshot
|
|
||||||
aptly publish snapshot --distribution bullseye --component main --architectures amd64 --gpg-key="\$key" --passphrase="" bullseye_snapshot
|
|
||||||
aptly publish snapshot --distribution stretch --component main --architectures amd64 --gpg-key="\$key" --passphrase="" stretch_snapshot
|
|
||||||
|
|
||||||
apt install nginx-extras -y >/dev/null
|
|
||||||
cat << EOH > /etc/nginx/sites-enabled/default
|
|
||||||
server {
|
|
||||||
listen 80 default_server;
|
|
||||||
root /var/www/public;
|
|
||||||
location / {
|
|
||||||
autoindex on;
|
|
||||||
}
|
|
||||||
server_name _;
|
|
||||||
}
|
|
||||||
EOH
|
|
||||||
# get apt server
|
|
||||||
cp -a /root/.aptly/public /var/www/
|
|
||||||
chown -R www-data:www-data /var/www
|
|
||||||
/etc/init.d/nginx restart
|
|
||||||
mkdir \$HOME/mirror
|
|
||||||
cd \$HOME/mirror
|
|
||||||
wget -q -r 127.0.0.1
|
|
||||||
|
|
||||||
cp \$HOME/public.asc \$HOME/mirror/127.0.0.1/zcash.asc
|
|
||||||
cd \$HOME/mirror
|
|
||||||
gsutil -q -m rsync -r ./127.0.0.1 gs://${{ secrets.GCP_PROJECT_ID_PROD }}-apt-packages/127.0.0.1
|
|
||||||
cd 127.0.0.1
|
|
||||||
if ! [[ ${array[2]} == *"-rc"* ]]; then
|
|
||||||
gsutil -q -m rsync -r ./ gs://${{ secrets.GCP_PROJECT_ID_PROD }}-apt-server/
|
|
||||||
fi
|
|
||||||
echo "script finished"
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
export FAIL=0
|
|
||||||
chmod +x ./script.sh
|
|
||||||
|
|
||||||
gcloud compute scp ./script.sh --zone "us-central1-a" --tunnel-through-iap --project "${{ secrets.GCP_PROJECT_ID_PROD }}" test-gitian-$random: || export FAIL=1
|
|
||||||
gcloud compute scp --recurse $(pwd) --zone "us-central1-a" --tunnel-through-iap --project "${{ secrets.GCP_PROJECT_ID_PROD }}" test-gitian-$random:~/source || export FAIL=1
|
|
||||||
|
|
||||||
gcloud compute ssh --zone "us-central1-a" "test-gitian-$random" --tunnel-through-iap --project "${{ secrets.GCP_PROJECT_ID_PROD }}" --command="bash -i -c 'sudo -s ./script.sh'" -- -t || export FAIL=1
|
|
||||||
|
|
||||||
gcloud compute scp --recurse --zone "us-central1-a" --tunnel-through-iap --project "${{ secrets.GCP_PROJECT_ID_PROD }}" test-gitian-$random:/home/sa_*/source/gitian.sigs . || export FAIL=1
|
|
||||||
|
|
||||||
curl -s --request POST --url https://api.bunny.net/pullzone/${{ secrets.BUNNY_RESOURCE }}/purgeCache --header 'content-type: application/json' --header 'AccessKey: ${{ secrets.BUNNY_API_KEY }}' || export FAIL=1
|
|
||||||
|
|
||||||
rm -rf gitian.sigs/.git || export FAIL=1
|
|
||||||
if ! [[ ${array[2]} == *"-rc"* ]]; then
|
|
||||||
mkdir $HOME/.ssh || echo ""
|
|
||||||
ssh-keyscan github.com >> $HOME/.ssh/known_hosts || export FAIL=1
|
|
||||||
echo "${{ secrets.BOT_SSH_KEY }}" > $HOME/.ssh/id_rsa
|
|
||||||
chmod 600 $HOME/.ssh/id_rsa
|
|
||||||
git clone git@github.com:zcash/gitian.sigs.git sigs || export FAIL=1
|
|
||||||
cp -a gitian.sigs/* sigs/
|
|
||||||
cd sigs
|
|
||||||
git config --global user.name "ECC-CI"
|
|
||||||
git config --global user.email "${{ secrets.BOT_EMAIL }}"
|
|
||||||
git add .
|
|
||||||
git commit -am "${{ github.event.label.name }}" || export FAIL=1
|
|
||||||
git push || export FAIL=1
|
|
||||||
fi
|
|
||||||
gcloud compute instances delete "test-gitian-$random" --project "${{ secrets.GCP_PROJECT_ID_PROD }}" --zone "us-central1-a" --delete-disks=all
|
|
||||||
if [ $FAIL -eq 1 ]; then exit 1; fi
|
|
||||||
|
|
Loading…
Reference in New Issue