Skip to content

VyOS nightly build

VyOS nightly build #66

name: VyOS rolling nightly build
on:
schedule:
- cron: "0 0 * * *"
workflow_dispatch:
jobs:
build-iso:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Set VyOS version
id: set_vyos_version
run: |
echo "VYOS_VERSION=1.4-rolling-$(date -u +%Y%m%d%H%M)" >> $GITHUB_ENV
- uses: actions/checkout@v3
- name: Git clone vyos-build
run: git clone -b current --single-branch https://github.com/vyos/vyos-build
- name: Build ISO (smoketest)
run: |
docker run --rm --privileged -v ./vyos-build/:/vyos -w /vyos vyos/vyos-build:current sudo --preserve-env ./build-vyos-image --architecture amd64 --build-by "[email protected]" --vyos-mirror https://rolling-packages.vyos.net/current/ --debian-mirror http://deb.debian.org/debian/ --build-type release --custom-package vyos-1x-smoketest --version "${VYOS_VERSION}" iso
- name: Make archive for smoketests
run: |
sudo tar -czf vyos-build.tar.gz -C $(pwd) vyos-build
- name: Run smoketests
uses: cross-the-world/ssh-scp-ssh-pipelines@latest
env:
VYOS_VERSION: ${{ env.VYOS_VERSION }}
with:
host: ${{ secrets.SSH_HOST }}
user: ${{ secrets.SSH_USER }}
port: ${{ secrets.SSH_PORT }}
key: ${{ secrets.SSH_KEY }}
connect_timeout: 10s
first_ssh: |
rm -rf ~/vyos-build* || true
scp: |
'./vyos-build.tar.gz' => '~/'
last_ssh: |
tar -xzf vyos-build.tar.gz
docker run --rm --privileged -v ~/vyos-build:/vyos -w /vyos vyos/vyos-build:current sudo make test
docker run --rm --privileged -v ~/vyos-build:/vyos -w /vyos vyos/vyos-build:current sudo make testc
rm -rf ~/vyos-build || true
- name: Build ISO
run: |
docker run --rm --privileged -v ./vyos-build/:/vyos -w /vyos vyos/vyos-build:current sudo --preserve-env ./build-vyos-image --architecture amd64 --build-by "[email protected]" --vyos-mirror https://rolling-packages.vyos.net/current/ --debian-mirror http://deb.debian.org/debian/ --build-type release --version "${VYOS_VERSION}" iso
- name: Copy ISO
run: |
cp ./vyos-build/build/live-image-amd64.hybrid.iso ./vyos-$VYOS_VERSION-amd64.iso
- name: Sign ISO (Minisign)
run: |
echo 'untrusted comment: minisign encrypted secret key' > minisign.key
echo $minisign_key >> minisign.key
shasum minisign.key
echo $minisign_password | $GITHUB_WORKSPACE/bin/minisign -s minisign.key -Sm ./vyos-$VYOS_VERSION-amd64.iso
$GITHUB_WORKSPACE/bin/minisign -Vm ./vyos-$VYOS_VERSION-amd64.iso -x ./vyos-$VYOS_VERSION-amd64.iso.minisig -p $GITHUB_WORKSPACE/minisign.pub
env:
minisign_key: ${{ secrets.minisign_key }}
minisign_password: ${{ secrets.minisign_password }}
- name: Upload ISO to S3 Glacier
uses: keithweaver/[email protected]
with:
command: cp
source: ./vyos-${{ env.VYOS_VERSION }}-amd64.iso
destination: s3://${{ secrets.aws_s3_bucket }}/vyos-${{ env.VYOS_VERSION }}-amd64.iso
aws_access_key_id: ${{ secrets.aws_access_key_id }}
aws_secret_access_key: ${{ secrets.aws_secret_access_key }}
aws_region: us-east-1
flags: --storage-class GLACIER
- name: Upload ISO's signature to S3 Glacier
uses: keithweaver/[email protected]
with:
command: cp
source: ./vyos-${{ env.VYOS_VERSION }}-amd64.iso.minisig
destination: s3://${{ secrets.aws_s3_bucket }}/vyos-${{ env.VYOS_VERSION }}-amd64.iso.minisig
aws_access_key_id: ${{ secrets.aws_access_key_id }}
aws_secret_access_key: ${{ secrets.aws_secret_access_key }}
aws_region: us-east-1
flags: --storage-class GLACIER
- name: Upload ISO artifact
uses: actions/upload-artifact@v3
with:
name: vyos-${{ env.VYOS_VERSION }}-amd64.iso
path: ./vyos-${{ env.VYOS_VERSION }}-amd64.iso
retention-days: 30
if-no-files-found: error
- name: Upload ISO's Minisign artifact
uses: actions/upload-artifact@v3
with:
name: vyos-${{ env.VYOS_VERSION }}-amd64.iso.minisig
path: ./vyos-${{ env.VYOS_VERSION }}-amd64.iso.minisig
retention-days: 30
if-no-files-found: error
- name: Update latest_build.txt
run: echo $(date -u +%Y%m%d%H%M) > $GITHUB_WORKSPACE/latest_build.txt
- name: Create autocommit and tag
uses: stefanzweifel/git-auto-commit-action@v4
with:
tagging_message: ${{ env.VYOS_VERSION }}
commit_message: ${{ env.VYOS_VERSION }}
- name: Publish release
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ env.VYOS_VERSION }}
fail_on_unmatched_files: true
files: |
./vyos-${{ env.VYOS_VERSION }}-amd64.iso
./vyos-${{ env.VYOS_VERSION }}-amd64.iso.minisig
- name: Remove old releases
uses: dev-drprasad/[email protected]
with:
keep_latest: 30
delete_tags: true
env:
GITHUB_TOKEN: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
- name: Send Slack notification on fail
if: failure()
id: slack
uses: slackapi/[email protected]
with:
payload: |
{
"text": "*vyos-rolling-nightly-builds*\nGitHub Action build result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK