7c7ba21c90
The GitHub runners usually have about 14 GB of free space. This is not enough to build a full Fedora kernel with debug symbols. Disabling the debug symbols is not an option, because they are needed to generate data for BPF programs, and because it would mean more patches to the spec file which I would like to avoid. The runners contain a bunch of software that is entirely useless for our purposes. For example, a full .NET distribution, the entire Android SDK, and a bunch of cached container images that arent Fedora. However, with GitHubs container directive it is not possible to remove these, because no custom code is ever executed on the runner itself. To execute code on the runner, the container has to be created and used manually. To simplify this, all of the actual logic has been moved to a dedicated script, similar to how the CI on iptsd is set up.
121 lines
3.3 KiB
YAML
121 lines
3.3 KiB
YAML
name: Fedora 38
|
|
|
|
env:
|
|
FEDORA: 38
|
|
GPG_KEY_ID: 56C464BAAC421453
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- 'fedora-38-*'
|
|
|
|
jobs:
|
|
build:
|
|
name: Build Kernel
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Maximize disk space
|
|
uses: easimon/maximize-build-space@master
|
|
with:
|
|
root-reserve-mb: 5120
|
|
remove-dotnet: true
|
|
remove-android: true
|
|
remove-docker-images: true
|
|
|
|
- name: Checkout code
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Initialize containers
|
|
run: |
|
|
bash ./.github/scripts/container/create.sh \
|
|
registry.fedoraproject.org/fedora:${{ env.FEDORA }}
|
|
|
|
- name: Install build dependencies
|
|
run: |
|
|
bash ./.github/scripts/container/exec.sh \
|
|
-- \
|
|
bash ./.github/scripts/package/fedora.sh setup-builddeps
|
|
|
|
- name: Setup secureboot certificate
|
|
env:
|
|
SB_KEY: ${{ secrets.SURFACE_SB_KEY }}
|
|
run: |
|
|
bash ./.github/scripts/container/exec.sh \
|
|
-e SB_KEY \
|
|
-- \
|
|
bash ./.github/scripts/package/fedora.sh setup-secureboot
|
|
|
|
- name: Build packages
|
|
run: |
|
|
bash ./.github/scripts/container/exec.sh \
|
|
-- \
|
|
bash ./.github/scripts/package/fedora.sh build-packages
|
|
|
|
- name: Sign packages
|
|
env:
|
|
GPG_KEY: ${{ secrets.LINUX_SURFACE_GPG_KEY }}
|
|
run: |
|
|
bash ./.github/scripts/container/exec.sh \
|
|
-e GPG_KEY \
|
|
-e GPG_KEY_ID \
|
|
-- \
|
|
bash ./.github/scripts/package/fedora.sh sign-packages
|
|
|
|
- name: Upload artifacts
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: fedora-${{ env.FEDORA }}-latest
|
|
path: pkg/fedora/kernel-surface/out/x86_64
|
|
|
|
release:
|
|
name: Publish release
|
|
needs: [build]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Download artifacts
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: fedora-${{ env.FEDORA }}-latest
|
|
path: fedora-${{ env.FEDORA }}-latest
|
|
|
|
- name: Upload assets
|
|
uses: svenstaro/upload-release-action@v2
|
|
with:
|
|
repo_token: ${{ secrets.LINUX_SURFACE_BOT_TOKEN }}
|
|
file: ./*-latest/*
|
|
tag: ${{ github.ref }}
|
|
overwrite: true
|
|
file_glob: true
|
|
|
|
repo:
|
|
name: Update package repository
|
|
needs: [release]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Download artifacts
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: fedora-${{ env.FEDORA }}-latest
|
|
path: fedora-${{ env.FEDORA }}-latest
|
|
|
|
- name: Initialize containers
|
|
run: |
|
|
bash ./.github/scripts/container/create.sh \
|
|
registry.fedoraproject.org/fedora:${{ env.FEDORA }}
|
|
|
|
- name: Update repository
|
|
env:
|
|
SURFACEBOT_TOKEN: ${{ secrets.LINUX_SURFACE_BOT_TOKEN }}
|
|
GIT_REF: ${{ github.ref }}
|
|
BRANCH_STAGING: u/staging
|
|
run: |
|
|
bash ./.github/scripts/container/exec.sh \
|
|
-e SURFACEBOT_TOKEN \
|
|
-e GIT_REF \
|
|
-e BRANCH_STAGING \
|
|
-e GITHUB_REPOSITORY \
|
|
-- \
|
|
bash ./.github/scripts/repository/fedora.sh ${{ env.FEDORA }} |