beenull/linux-surface
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
linux-surface/.github/workflows/debian.yml
Maximilian Luz e531cd70d8
Apply patches via patch tool instead of git 
Apply patches via `patch` instead of `git am`. The `patch` tool is more
liberal in accepting patches and allows patches that need relocation of
hunks, whereas git fails in such instances. Using git makes it harder to
maintain these patches accross multiple kernel versions and we would
need to regularly update them.

Commit separately to keep the git source tree clean before building.
2020-06-14 20:43:01 +02:00

182 lines
5 KiB
YAML
Raw Blame History

on:
push:
tags:
- 'debian-*'
name: Debian
env:
GPG_KEY_ID: 56C464BAAC421453
KERNEL_VERSION: 5.6.15
KDEB_PKGVERSION: 5.6.15-1
LOCALVERSION: -surface
MAINLINE_REPO: git://git.launchpad.net/~ubuntu-kernel-test/ubuntu/+source/linux/+git/mainline-crack
MAINLINE_BRANCH: cod/mainline
jobs:
build:
name: Build Kernel
runs-on: ubuntu-latest
container: debian:sid
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install build dependencies
run: |
sed 's/^deb /deb-src /' /etc/apt/sources.list >> /etc/apt/sources.list
apt-get -y update
apt-get -y install build-essential fakeroot rsync git wget python3-debian dpkg-sig lz4 sbsigntool
apt-get -y build-dep linux
- name: Prepare kernel source
run: |
cd pkg/debian/kernel
# setup git
git config --global user.email "surfacebot@users.noreply.github.com"
git config --global user.name "surfacebot"
# get ubuntu mainline source
# see https://kernel.ubuntu.com/~kernel-ppa/mainline
git clone "$MAINLINE_REPO" --branch "$MAINLINE_BRANCH/v$KERNEL_VERSION" --depth 1 linux
cd linux
# apply surface build/packaging patches
for PATCH in ../*.patch; do
patch -p1 < ${PATCH}
done
git add .
git commit --allow-empty -m "Apply linux-surface packaging patches"
# apply surface patches
for PATCH in ../../../../patches/${KERNEL_VERSION%.*}/*.patch; do
patch -p1 < ${PATCH}
done
git add .
git commit --allow-empty -m "Apply linux-surface patches"
- name: Configure
run: |
cd pkg/debian/kernel/linux
# merge configs
./scripts/kconfig/merge_config.sh \
debian.master/config/config.common.ubuntu \
debian.master/config/amd64/config.common.amd64 \
debian.master/config/amd64/config.flavour.generic \
../ubuntu.config \
../../../../configs/surface-${KERNEL_VERSION%.*}.config
- name: Setup secureboot certificate
env:
SB_KEY: ${{ secrets.SURFACE_SB_KEY }}
run: |
cd pkg
mkdir -p debian/kernel/linux/keys
# unlock/copy key and certificate
echo "$SB_KEY" | base64 -d > debian/kernel/linux/keys/MOK.key
cp keys/surface.crt debian/kernel/linux/keys/MOK.crt
- name: Build
run: |
cd pkg/debian/kernel/linux
make bindeb-pkg -j2
- name: Prepare release
run: |
mkdir release
mv pkg/debian/kernel/*.deb release
- name: Sign packages
env:
GPG_KEY: ${{ secrets.SURFACE_GPG_KEY }}
run: |
# import GPG key
echo "$GPG_KEY" | base64 -d | gpg --import --no-tty --batch --yes
export GPG_TTY=$(tty)
# sign package
dpkg-sig -g "--batch --no-tty" --sign builder -k $GPG_KEY_ID release/*.deb
- name: Upload artifacts
uses: actions/upload-artifact@v1
with:
name: debian-latest
path: release
release:
name: Publish release
needs: [build]
runs-on: ubuntu-latest
steps:
- name: Download artifacts
uses: actions/download-artifact@v1
with:
name: debian-latest
- name: Upload assets
uses: svenstaro/upload-release-action@v1-release
with:
repo_token: ${{ secrets.GITHUB_BOT_TOKEN }}
file: ./*-latest/*
tag: ${{ github.ref }}
overwrite: true
file_glob: true
repo:
name: Update package repository
needs: [release]
runs-on: ubuntu-latest
container: debian:sid
steps:
- name: Install dependencies
run: |
apt-get update
apt-get install -y git
- name: Download artifacts
uses: actions/download-artifact@v1
with:
name: debian-latest
- name: Update repository
env:
SURFACEBOT_TOKEN: ${{ secrets.GITHUB_BOT_TOKEN }}
BRANCH_STAGING: u/staging
GIT_REF: ${{ github.ref }}
run: |
repo="https://surfacebot:${SURFACEBOT_TOKEN}@github.com/linux-surface/repo.git"
# clone package repository
git clone -b "${BRANCH_STAGING}" "${repo}" repo
# copy packages
cp debian-latest/* repo/debian/
cd repo/debian
# parse git tag from ref
GIT_TAG=$(echo $GIT_REF | sed 's|^refs/tags/||g')
# convert packages into references
for pkg in $(find . -name '*.deb'); do
echo "linux-surface:$GIT_TAG/$(basename $pkg)" > $pkg.blob
rm $pkg
done
# set git identity
git config --global user.email "surfacebot@users.noreply.github.com"
git config --global user.name "surfacebot"
# commit and push
update_branch="${BRANCH_STAGING}-$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
git switch -c "${update_branch}"
git add .
git commit -m "Update Debian kernel"
git push --set-upstream origin "${update_branch}"
Reference in a new issue View git blame Copy permalink