summaryrefslogtreecommitdiff
path: root/.github/workflows/vyos-rolling-nightly-build.yml
blob: aca274246abebefc1e36189f99bcbbb14a0d1be8 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91

name: VyOS rolling nightly build

on:
  schedule:
    - cron: "0 0 * * *"

  workflow_dispatch:

env:
  minisign_key: ${{ secrets.minisign_key }}
  minisign_password: ${{ secrets.minisign_password }}

jobs:
  build-iso:
    runs-on: ubuntu-latest
    permissions:
      contents: write
    steps:

      - name: Set VyOS version
        id: set_vyos_version
        run: |
          echo "VYOS_VERSION=1.4-rolling-$(date -u +%Y%m%d%H%M)" >> $GITHUB_ENV

      - uses: actions/checkout@v3

      - name: Update latest_build.txt
        run: echo $(date -u +%Y%m%d%H%M) > $GITHUB_WORKSPACE/latest_build.txt

      - name: Create autocommit and tag
        uses: stefanzweifel/git-auto-commit-action@v4
        with:
          tagging_message: ${{ env.VYOS_VERSION }}
          commit_message: ${{ env.VYOS_VERSION }}

      - name: Git clone vyos-build
        run: git clone -b current --single-branch https://github.com/vyos/vyos-build

      - name: Build ISO
        run: |
          docker run --rm --privileged -v ./vyos-build/:/vyos -w /vyos vyos/vyos-build:current sudo --preserve-env ./build-vyos-image --architecture amd64 --build-by "autobuild@vyos.net" --debian-mirror http://deb.debian.org/debian/ --build-type release --version "${VYOS_VERSION}" iso
 
      # - name: Debug
      #   run: |
      #     mkdir -p ./vyos-build/build/
      #     echo "TEST" > ./vyos-build/build/live-image-amd64.hybrid.iso

      - name: Copy ISO
        run: |
          cp ./vyos-build/build/live-image-amd64.hybrid.iso ./vyos-$VYOS_VERSION-amd64.iso

      - name: Sign ISO (Minisign)
        run: |
          echo 'untrusted comment: minisign encrypted secret key' > minisign.key
          echo $minisign_key >> minisign.key
          shasum minisign.key
          echo $minisign_password | $GITHUB_WORKSPACE/bin/minisign -s minisign.key -Sm ./vyos-$VYOS_VERSION-amd64.iso
          $GITHUB_WORKSPACE/bin/minisign -Vm ./vyos-$VYOS_VERSION-amd64.iso -x ./vyos-$VYOS_VERSION-amd64.iso.minisig -p $GITHUB_WORKSPACE/minisign.pub

      - name: Upload ISO artifact
        uses: actions/upload-artifact@v3
        with:
          name: vyos-${{ env.VYOS_VERSION }}-amd64.iso
          path: ./vyos-${{ env.VYOS_VERSION }}-amd64.iso
          retention-days: 30
          if-no-files-found: error

      - name: Upload ISO's Minisign artifact
        uses: actions/upload-artifact@v3
        with:
          name: vyos-${{ env.VYOS_VERSION }}-amd64.iso.minisig
          path: ./vyos-${{ env.VYOS_VERSION }}-amd64.iso.minisig
          retention-days: 30
          if-no-files-found: error

      - name: Publish release
        uses: softprops/action-gh-release@v1
        with:
          tag_name: ${{ env.VYOS_VERSION }}
          fail_on_unmatched_files: true
          files: |
            ./vyos-${{ env.VYOS_VERSION }}-amd64.iso
            ./vyos-${{ env.VYOS_VERSION }}-amd64.iso.minisig

      - name: Remove old releases
        uses: dev-drprasad/delete-older-releases@v0.2.1
        with:
          keep_latest: 30
          delete_tags: true
        env:
          GITHUB_TOKEN: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
generated by cgit v1.2.3 (git 2.39.1) at 2025-09-03 16:43:01 +0000