linux-surface/.github/workflows/release.yml

on:
  push:
   branches:
      - feature/pkg
    # tags:
    # - 'v*+'

name: Create release and upload binaries

jobs:
  build-arch:
    name: Build Arch Linux
    runs-on: ubuntu-latest
    container: archlinux
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Build
        run: |
          cd pkg/arch

          # Create build user (can't makepkg as root)
          useradd -m -g wheel -s /bin/bash build
          echo "build ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
          chown -R build:wheel .

          # Install makepkg deps
          pacman -Sy sudo binutils fakeroot grep base-devel git --noconfirm

          # Build
          su build --pty -s /bin/bash -c './build.sh'          

      - name: Prepare Release
        run: |
          mkdir release
          mv pkg/arch/**/*.pkg.tar.zst release          

      - name: Sign Packages
        env:
          GPG_KEY: ${{ secrets.GITHUB_GPG_KEY }}
          GPG_PASSPHRASE: ${{ secrets.GITHUB_GPG_PASSPHRASE }}
        run: |
          cd release

          # import GPG key
          echo "$GPG_KEY" | base64 -d | gpg --import --no-tty --batch --yes
          export GPG_TTY=$(tty)

          # sign packages
          ls *.pkg.tar.zst | xargs -L1 gpg --detach-sign --batch --no-tty --pinentry-mode=loopback --passphrase $GPG_PASSPHRASE -u 5B574D1B513F9A05          

      - name: Upload artifacts
        uses: actions/upload-artifact@v1
        with:
          name: arch-latest
          path: release
  release:
    name: Create and Upload Release
    needs: [build-arch]
    runs-on: ubuntu-latest
    steps:
      - name: Download Arch Linux artifacts
        uses: actions/download-artifact@v1
        with:
          name: arch-latest

      - name: Create Release
        id: create_release
        uses: actions/create-release@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tag_name: ${{ github.ref }}
          release_name: ${{ github.ref }}
          draft: false
          prerelease: false

      - name: Upload Arch Linux Assets to Release
        uses: svenstaro/upload-release-action@v1-release
        with:
          repo_token: ${{ secrets.GITHUB_TOKEN }}
          file: ./arch-latest/*
          tag: ${{ github.ref }}
          overwrite: true
          file_glob: true