40 lines
1.3 KiB
YAML
40 lines
1.3 KiB
YAML
name: 'Build ArchLinux package'
|
|
author: 'Carlos Galindo'
|
|
description: |
|
|
Builds an ArchLinux package in a container. Setups the container
|
|
with a build user, checks out the repository, imports required gpg
|
|
keys, builds and uploads the package as an artifact.
|
|
|
|
inputs:
|
|
extra_pkgs:
|
|
description: "Additional packages to be installed"
|
|
default: ""
|
|
gpg_keys:
|
|
description: "GPG keys to import in order to check signatures"
|
|
default: ""
|
|
|
|
runs:
|
|
using: 'composite'
|
|
steps:
|
|
- id: container_preparation
|
|
name: Install build tools
|
|
run: |
|
|
echo "##[group]Installing dependencies"
|
|
pacman -Sy --noconfirm --noprogressbar git sudo nodejs ${{ inputs.extra_pkgs }}
|
|
echo "##[endgroup]"
|
|
useradd --create-home --shell=/bin/false builder && usermod --lock builder
|
|
echo 'builder ALL = NOPASSWD: /usr/bin/pacman' >> /etc/sudoers
|
|
- uses: actions/checkout@v6
|
|
- id: makepkg
|
|
name: Build the package
|
|
run: |
|
|
chown -R builder:builder $FORGEJO_WORKSPACE
|
|
if [ ! -z "${{ inputs.gpg_keys }}" ]; then
|
|
sudo -u builder gpg --receive-keys ${{ inputs.gpg_keys }}
|
|
fi
|
|
sudo -u builder makepkg --dir $FORGEJO_WORKSPACE --syncdeps --noconfirm --noprogressbar
|
|
- uses: actions/upload-artifact@v3
|
|
with:
|
|
name: packages
|
|
path: '*.pkg.tar.zst'
|
|
|