package_upload #117
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update Repositories | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| repository_dispatch: | |
| types: [package_upload] | |
| workflow_dispatch: | |
| inputs: | |
| package_url: | |
| description: 'URL of the .deb or .rpm package to add' | |
| required: false | |
| permissions: | |
| contents: write | |
| deployments: write | |
| concurrency: | |
| group: aptly-repo | |
| cancel-in-progress: false | |
| jobs: | |
| update-repo: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Install aptly and gpg | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y aptly gpg createrepo-c pacman-package-manager zstd libarchive-tools | |
| - name: Restore Aptly database | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| .aptly | |
| public/rpm | |
| public/arch | |
| key: ${{ runner.os }}-aptly-${{ github.run_id }} | |
| restore-keys: | | |
| ${{ runner.os }}-aptly- | |
| - name: Sync and Reconstruct Repositories | |
| run: | | |
| mkdir -p incoming public/rpm public/arch | |
| echo "Reconstruyendo repositorios desde GitHub Releases..." | |
| # Descargar DEBs antiguos para restaurar Aptly si es necesario | |
| gh release download packages --pattern "*.deb" --dir incoming --repo ${{ github.repository }} --clobber || echo "No se encontraron DEBs" | |
| # Descargar RPMs y Arch para mantener la persistencia | |
| gh release download packages --pattern "*.rpm" --dir public/rpm --repo ${{ github.repository }} --clobber || echo "No se encontraron RPMs" | |
| gh release download packages --pattern "*.pkg.tar.*" --dir public/arch --repo ${{ github.repository }} --clobber || echo "No se encontraron paquetes Arch" | |
| # Descargar metadatos JSON si existen | |
| gh release download packages --pattern "packages.json" --dir . --repo ${{ github.repository }} --clobber || echo "No hay packages.json previo" | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| - name: Import GPG Key | |
| run: | | |
| if [ -z "${{ secrets.GPG_PRIVATE_KEY }}" ]; then | |
| echo "Generando llave GPG temporal..." | |
| echo "%no-protection" > gpg-key-gen | |
| echo "Key-Type: RSA" >> gpg-key-gen | |
| echo "Key-Length: 4096" >> gpg-key-gen | |
| echo "Name-Real: Inled Repo" >> gpg-key-gen | |
| echo "Name-Email: repo@inled.es" >> gpg-key-gen | |
| echo "Expire-Date: 0" >> gpg-key-gen | |
| echo "%commit" >> gpg-key-gen | |
| gpg --batch --generate-key gpg-key-gen | |
| else | |
| echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --import | |
| fi | |
| - name: Download package | |
| id: download | |
| if: github.event_name == 'repository_dispatch' || (github.event_name == 'workflow_dispatch' && github.event.inputs.package_url != '') | |
| run: | | |
| mkdir -p incoming | |
| if [ "${{ github.event_name }}" == "repository_dispatch" ]; then | |
| # Procesar múltiples URLs si existen | |
| PAYLOAD='${{ toJson(github.event.client_payload) }}' | |
| echo "Procesando payload de dispatch..." | |
| echo "$PAYLOAD" | jq -r 'to_entries[] | select(.key | endswith("_url")) | .value' | while read -r URL; do | |
| if [ -n "$URL" ] && [ "$URL" != "null" ]; then | |
| FILENAME=$(basename "$URL") | |
| echo "Descargando $URL..." | |
| wget -q "$URL" -O "incoming/$FILENAME" | |
| fi | |
| done | |
| else | |
| URL="${{ github.event.inputs.package_url }}" | |
| URL=$(echo "$URL" | xargs) | |
| FILENAME=$(basename "$URL") | |
| echo "Descargando $URL..." | |
| wget -q "$URL" -O "incoming/$FILENAME" | |
| fi | |
| - name: Upload to GitHub Release | |
| if: always() | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| tag_name: packages | |
| files: | | |
| incoming/*.deb | |
| incoming/*.rpm | |
| incoming/*.pkg.tar.* | |
| public/rpm/*.rpm | |
| public/arch/*.pkg.tar.* | |
| packages.json | |
| overwrite: true | |
| - name: Update repository | |
| run: | | |
| # Extraer versión del paquete para la release (opcional, usamos 'latest' por simplicidad) | |
| RELEASE_TAG="packages" | |
| export RELEASE_URL="https://github.com/${{ github.repository }}/releases/download/${RELEASE_TAG}" | |
| ./update-repo.sh | |
| env: | |
| RELEASE_URL: https://github.com/${{ github.repository }}/releases/download/packages | |
| - name: Deploy to Cloudflare Pages | |
| run: npx wrangler pages deploy public --project-name inled-apt --branch main | |
| env: | |
| CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} | |
| CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} |