Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

github: make use of LXD's actions/lp-snap-build in build job (latest-candidate) #655

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 13 additions & 37 deletions .github/workflows/builds.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
name: Builds
on:
pull_request:
push:
branches:
- latest-candidate
Expand All @@ -15,54 +14,31 @@ concurrency:
jobs:
snap:
name: Trigger snap build
runs-on: ubuntu-22.04
if: ${{ github.repository == 'canonical/lxd-pkg-snap' && github.event_name == 'push' && github.actor != 'dependabot[bot]' }}
runs-on: ubuntu-24.04
if: ${{ github.repository == 'canonical/lxd-pkg-snap' && github.actor != 'dependabot[bot]' }}
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
PACKAGE: "lxd"
REPO: "git+ssh://[email protected]/~canonical-lxd/lxd"
BRANCH: ${{ github.ref_name }}
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Install Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
- uses: canonical/lxd/.github/actions/lp-snap-build@main
with:
go-version: 'stable'

- name: Setup Launchpad SSH access
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
LAUNCHPAD_LXD_BOT_KEY: ${{ secrets.LAUNCHPAD_LXD_BOT_KEY }}
run: |
set -eux
mkdir -m 0700 -p ~/.ssh/
ssh-agent -a "${SSH_AUTH_SOCK}" > /dev/null
ssh-add - <<< "${{ secrets.LAUNCHPAD_LXD_BOT_KEY }}"
ssh-add -L > ~/.ssh/id_ed25519.pub
# In ephemeral environments like GitHub Action runners, relying on TOFU isn't providing any security
# so require the key obtained by `ssh-keyscan` to match the expected hash from https://help.launchpad.net/SSHFingerprints
ssh-keyscan git.launchpad.net >> ~/.ssh/known_hosts
ssh-keygen -qlF git.launchpad.net | grep -xF 'git.launchpad.net RSA SHA256:UNOzlP66WpDuEo34Wgs8mewypV0UzqHLsIFoqwe8dYo'
ssh-key: "${{ secrets.LAUNCHPAD_LXD_BOT_KEY}}"

- name: Trigger Launchpad snap build
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
TARGET: ${{ github.ref_name }}
run: |
set -eux
git config --global transfer.fsckobjects true
git config --global user.name "Canonical LXD Bot"
git config --global user.email "[email protected]"
git config --global commit.gpgsign true
git config --global gpg.format "ssh"
git config --global user.signingkey ~/.ssh/id_ed25519.pub
localRev="$(git rev-parse HEAD)"
go install github.com/canonical/lxd-ci/lxd-snapcraft@latest
git clone -b "${TARGET}" git+ssh://[email protected]/~canonical-lxd/lxd ~/lxd-pkg-snap-lp
# XXX: `originVer` contains an array with the 2 versions
originVer=($(lxd-snapcraft -package lxd -get-version -file snapcraft.yaml))
rsync -a --exclude .git --delete . ~/lxd-pkg-snap-lp/
cd ~/lxd-pkg-snap-lp
originVer=($(lxd-snapcraft -package "${PACKAGE}" -get-version -file snapcraft.yaml))
rsync -a --exclude .git --delete . ~/"${PACKAGE}-pkg-snap-lp"/
cd ~/"${PACKAGE}-pkg-snap-lp"
lxd-snapcraft -package lxd -set-version "${originVer[0]}-${localRev:0:7}" -set-source-commit ""
git add --all
git commit --all --quiet -s --allow-empty -m "Automatic upstream build (${TARGET})" -m "Upstream commit: ${localRev}"
git commit --all --quiet -s --allow-empty -m "Automatic upstream build (${BRANCH})" -m "Upstream commit: ${localRev}"
git show
git push --quiet

2 changes: 1 addition & 1 deletion .github/workflows/commits.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ permissions:
jobs:
commits:
name: Branch target
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Check branch target
env:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ defaults:
jobs:
code-tests:
name: Code
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
Expand Down