mirror of
https://github.com/fosrl/newt.git
synced 2026-03-26 12:36:45 +00:00
63 lines
1.8 KiB
YAML
63 lines
1.8 KiB
YAML
name: Publish APT repo to S3/CloudFront
|
|
|
|
on:
|
|
release:
|
|
types: [published]
|
|
workflow_dispatch:
|
|
inputs:
|
|
tag:
|
|
description: "Tag to publish (e.g. v1.9.0). Leave empty to use latest release."
|
|
required: false
|
|
type: string
|
|
backfill_all:
|
|
description: "Build/publish repo for ALL releases."
|
|
required: false
|
|
default: false
|
|
type: boolean
|
|
|
|
permissions:
|
|
id-token: write
|
|
contents: read
|
|
|
|
jobs:
|
|
publish:
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
PKG_NAME: newt
|
|
SUITE: stable
|
|
COMPONENT: main
|
|
REPO_BASE_URL: https://repo.dev.fosrl.io/apt
|
|
|
|
AWS_REGION: ${{ vars.AWS_REGION }}
|
|
S3_BUCKET: ${{ vars.S3_BUCKET }}
|
|
S3_PREFIX: ${{ vars.S3_PREFIX }}
|
|
CLOUDFRONT_DISTRIBUTION_ID: ${{ vars.CLOUDFRONT_DISTRIBUTION_ID }}
|
|
|
|
INPUT_TAG: ${{ inputs.tag }}
|
|
BACKFILL_ALL: ${{ inputs.backfill_all }}
|
|
EVENT_TAG: ${{ github.event.release.tag_name }}
|
|
GH_REPO: ${{ github.repository }}
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Configure AWS credentials (OIDC)
|
|
uses: aws-actions/configure-aws-credentials@v4
|
|
with:
|
|
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
|
|
aws-region: ${{ vars.AWS_REGION }}
|
|
|
|
- name: Install dependencies
|
|
run: sudo apt-get update && sudo apt-get install -y dpkg-dev apt-utils gnupg curl jq gh
|
|
|
|
- name: Install nfpm
|
|
run: curl -fsSL https://github.com/goreleaser/nfpm/releases/latest/download/nfpm_Linux_x86_64.tar.gz | sudo tar -xz -C /usr/local/bin nfpm
|
|
|
|
- name: Publish APT repo
|
|
env:
|
|
GH_TOKEN: ${{ github.token }}
|
|
APT_GPG_PRIVATE_KEY: ${{ secrets.APT_GPG_PRIVATE_KEY }}
|
|
APT_GPG_PASSPHRASE: ${{ secrets.APT_GPG_PASSPHRASE }}
|
|
run: ./scripts/publish-apt.sh
|