pkg: fedora: Update Fedora 37 and 38 workflows to use the new scripts
This commit is contained in:
parent
a6038d7004
commit
ae772bae3b
28
.github/workflows/fedora-37.yml
vendored
28
.github/workflows/fedora-37.yml
vendored
|
@ -12,9 +12,7 @@ jobs:
|
||||||
build:
|
build:
|
||||||
name: Build Kernel
|
name: Build Kernel
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container:
|
container: registry.fedoraproject.org/fedora:37
|
||||||
image: registry.fedoraproject.org/fedora:37
|
|
||||||
options: --security-opt seccomp=unconfined
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
|
@ -22,25 +20,33 @@ jobs:
|
||||||
- name: Install build dependencies
|
- name: Install build dependencies
|
||||||
run: |
|
run: |
|
||||||
dnf distro-sync -y
|
dnf distro-sync -y
|
||||||
|
dnf install -y git make gcc flex bison bzip2 rpm-build
|
||||||
dnf install -y rpmdevtools rpm-sign 'dnf-command(builddep)'
|
dnf install -y rpmdevtools rpm-sign 'dnf-command(builddep)'
|
||||||
dnf builddep -y pkg/fedora/kernel-surface/kernel-surface.spec
|
|
||||||
|
# Install build dependencies
|
||||||
|
dnf builddep -y kernel
|
||||||
|
|
||||||
|
# Install additional build dependencies
|
||||||
|
dnf install -y sbsigntools
|
||||||
|
|
||||||
- name: Setup secureboot certificate
|
- name: Setup secureboot certificate
|
||||||
env:
|
env:
|
||||||
SB_KEY: ${{ secrets.SURFACE_SB_KEY }}
|
SB_KEY: ${{ secrets.SURFACE_SB_KEY }}
|
||||||
run: |
|
run: |
|
||||||
cd pkg
|
|
||||||
|
|
||||||
# Install the surface secureboot certificate
|
# Install the surface secureboot certificate
|
||||||
echo "$SB_KEY" | base64 -d > fedora/kernel-surface/surface.key
|
echo "$SB_KEY" | base64 -d > pkg/fedora/kernel-surface/secureboot/MOK.key
|
||||||
cp keys/surface.crt fedora/kernel-surface/surface.crt
|
cp pkg/keys/surface.crt pkg/fedora/kernel-surface/secureboot/MOK.crt
|
||||||
|
|
||||||
- name: Build packages
|
- name: Build packages
|
||||||
run: |
|
run: |
|
||||||
cd pkg/fedora/kernel-surface
|
cd pkg/fedora/kernel-surface
|
||||||
|
|
||||||
|
# setup git
|
||||||
|
git config --global user.email "surfacebot@users.noreply.github.com"
|
||||||
|
git config --global user.name "surfacebot"
|
||||||
|
|
||||||
# Build the .rpm packages
|
# Build the .rpm packages
|
||||||
../makerpm -- --with=signkernel -ba
|
python3 build-linux-surface.py
|
||||||
|
|
||||||
- name: Sign packages
|
- name: Sign packages
|
||||||
env:
|
env:
|
||||||
|
@ -84,9 +90,7 @@ jobs:
|
||||||
name: Update package repository
|
name: Update package repository
|
||||||
needs: [release]
|
needs: [release]
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container:
|
container: registry.fedoraproject.org/fedora:37
|
||||||
image: fedora:37
|
|
||||||
options: --security-opt seccomp=unconfined
|
|
||||||
steps:
|
steps:
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
run: |
|
run: |
|
||||||
|
|
28
.github/workflows/fedora-38.yml
vendored
28
.github/workflows/fedora-38.yml
vendored
|
@ -12,9 +12,7 @@ jobs:
|
||||||
build:
|
build:
|
||||||
name: Build Kernel
|
name: Build Kernel
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container:
|
container: registry.fedoraproject.org/fedora:38
|
||||||
image: registry.fedoraproject.org/fedora:38
|
|
||||||
options: --security-opt seccomp=unconfined
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
|
@ -22,25 +20,33 @@ jobs:
|
||||||
- name: Install build dependencies
|
- name: Install build dependencies
|
||||||
run: |
|
run: |
|
||||||
dnf distro-sync -y
|
dnf distro-sync -y
|
||||||
|
dnf install -y git make gcc flex bison bzip2 rpm-build
|
||||||
dnf install -y rpmdevtools rpm-sign 'dnf-command(builddep)'
|
dnf install -y rpmdevtools rpm-sign 'dnf-command(builddep)'
|
||||||
dnf builddep -y pkg/fedora/kernel-surface/kernel-surface.spec
|
|
||||||
|
# Install build dependencies
|
||||||
|
dnf builddep -y kernel
|
||||||
|
|
||||||
|
# Install additional build dependencies
|
||||||
|
dnf install -y sbsigntools
|
||||||
|
|
||||||
- name: Setup secureboot certificate
|
- name: Setup secureboot certificate
|
||||||
env:
|
env:
|
||||||
SB_KEY: ${{ secrets.SURFACE_SB_KEY }}
|
SB_KEY: ${{ secrets.SURFACE_SB_KEY }}
|
||||||
run: |
|
run: |
|
||||||
cd pkg
|
|
||||||
|
|
||||||
# Install the surface secureboot certificate
|
# Install the surface secureboot certificate
|
||||||
echo "$SB_KEY" | base64 -d > fedora/kernel-surface/surface.key
|
echo "$SB_KEY" | base64 -d > pkg/fedora/kernel-surface/secureboot/MOK.key
|
||||||
cp keys/surface.crt fedora/kernel-surface/surface.crt
|
cp pkg/keys/surface.crt pkg/fedora/kernel-surface/secureboot/MOK.crt
|
||||||
|
|
||||||
- name: Build packages
|
- name: Build packages
|
||||||
run: |
|
run: |
|
||||||
cd pkg/fedora/kernel-surface
|
cd pkg/fedora/kernel-surface
|
||||||
|
|
||||||
|
# setup git
|
||||||
|
git config --global user.email "surfacebot@users.noreply.github.com"
|
||||||
|
git config --global user.name "surfacebot"
|
||||||
|
|
||||||
# Build the .rpm packages
|
# Build the .rpm packages
|
||||||
../makerpm -- --with=signkernel -ba
|
python3 build-linux-surface.py
|
||||||
|
|
||||||
- name: Sign packages
|
- name: Sign packages
|
||||||
env:
|
env:
|
||||||
|
@ -84,9 +90,7 @@ jobs:
|
||||||
name: Update package repository
|
name: Update package repository
|
||||||
needs: [release]
|
needs: [release]
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container:
|
container: registry.fedoraproject.org/fedora:38
|
||||||
image: fedora:38
|
|
||||||
options: --security-opt seccomp=unconfined
|
|
||||||
steps:
|
steps:
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
run: |
|
run: |
|
||||||
|
|
Loading…
Reference in a new issue