ci: publish images to vamos-images repo #79
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| concurrency: | |
| group: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' && github.run_id || github.head_ref || github.ref }}-build-${{ github.event_name }} | |
| cancel-in-progress: true | |
| on: | |
| push: | |
| branches: [master] | |
| pull_request: | |
| jobs: | |
| build-kernel: | |
| runs-on: ubuntu-24.04-arm | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: get kernel submodule ref | |
| id: kernel-submodule | |
| run: echo "ref=$(git ls-tree HEAD | awk '$4 == "kernel"' | awk '{print $3}')" | tee -a $GITHUB_OUTPUT | |
| - name: restore ccache | |
| uses: actions/cache@v4 | |
| with: | |
| path: .ccache | |
| key: ccache-kernel-${{ steps.kernel-submodule.outputs.ref }}-${{ github.run_id }} | |
| restore-keys: | | |
| ccache-kernel-${{ steps.kernel-submodule.outputs.ref }}- | |
| ccache-kernel- | |
| - name: build kernel | |
| run: ./vamos build kernel | |
| - name: upload boot.img | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: boot.img | |
| path: build/boot.img | |
| if-no-files-found: error | |
| build-system: | |
| runs-on: ubuntu-24.04-arm | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| - name: build system image | |
| run: ./vamos build system | |
| - name: upload system.erofs.img | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: system.erofs.img | |
| path: build/system.erofs.img | |
| if-no-files-found: error | |
| - name: upload rootfs profile | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: rootfs-profile | |
| path: | | |
| build/rootfs-profile.json | |
| build/rootfs-profile.md | |
| if-no-files-found: error | |
| release: | |
| if: github.event_name == 'push' | |
| needs: [build-kernel, build-system] | |
| runs-on: ubuntu-24.04-arm | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| - name: download boot.img | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: boot.img | |
| path: build/ | |
| - name: download system.erofs.img | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: system.erofs.img | |
| path: build/ | |
| - name: check deploy key | |
| id: check-key | |
| run: | | |
| if [ -n "${{ secrets.VAMOS_IMAGES_DEPLOY_KEY }}" ]; then | |
| echo "has_key=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "has_key=false" >> $GITHUB_OUTPUT | |
| echo "::warning::VAMOS_IMAGES_DEPLOY_KEY secret is not set — skipping image publish and release." | |
| fi | |
| - name: generate manifest | |
| if: steps.check-key.outputs.has_key == 'true' | |
| run: | | |
| VERSION=$(cat userspace/root/VERSION) | |
| echo "VERSION=$VERSION" >> $GITHUB_ENV | |
| IMAGES_URL="https://github.com/${{ github.repository_owner }}/vamos-images/raw/v${VERSION}" | |
| IMAGES_URL=$IMAGES_URL python3 tools/build/package_ota.py | |
| - name: push images to vamos-images | |
| if: steps.check-key.outputs.has_key == 'true' | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ github.repository_owner }}/vamos-images | |
| ssh-key: ${{ secrets.VAMOS_IMAGES_DEPLOY_KEY }} | |
| path: vamos-images | |
| - name: commit and tag images | |
| if: steps.check-key.outputs.has_key == 'true' | |
| run: | | |
| TAG="v${VERSION}" | |
| cd vamos-images | |
| git checkout --orphan "$TAG" | |
| cp ../build/ota/*.img . | |
| git add . | |
| git -c user.name="github-actions" -c user.email="actions@github.com" \ | |
| commit -m "release images for $TAG" | |
| git tag "$TAG" | |
| git push origin "$TAG" --force | |
| - name: create release | |
| if: steps.check-key.outputs.has_key == 'true' | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| TAG="v${VERSION}" | |
| # Delete existing release if it exists | |
| gh release delete "$TAG" --yes 2>/dev/null || true | |
| git tag -d "$TAG" 2>/dev/null || true | |
| git push origin ":refs/tags/$TAG" 2>/dev/null || true | |
| # Create release with manifest only | |
| gh release create "$TAG" \ | |
| --title "vamOS $TAG" \ | |
| --target "${{ github.sha }}" \ | |
| --notes "Automated release from commit ${{ github.sha }}" \ | |
| build/ota/manifest.json | |
| - name: post setup instructions | |
| if: steps.check-key.outputs.has_key == 'false' | |
| run: | | |
| echo "::warning::VAMOS_IMAGES_DEPLOY_KEY is not configured. To enable image publishing:" | |
| echo "::warning::1. Create a ${{ github.repository_owner }}/vamos-images repo" | |
| echo "::warning::2. Generate an SSH deploy key: ssh-keygen -t ed25519 -f vamos-images-deploy-key -N \"\"" | |
| echo "::warning::3. Add the public key to ${{ github.repository_owner }}/vamos-images as a deploy key with write access" | |
| echo "::warning::4. Add the private key as VAMOS_IMAGES_DEPLOY_KEY secret in ${{ github.repository }}" |