Skip to content

Change environment variable used for Snap credentials #90

Change environment variable used for Snap credentials

Change environment variable used for Snap credentials #90

Workflow file for this run

name: Deploy Celeste
on:
push:
branches:
- main
tags-ignore:
- '**'
permissions:
id-token: write
contents: read
jobs:
create-release:
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, 'skip-ci: create-release')"
steps:
- name: Checkout Git repository
uses: actions/checkout@v3
- name: Setup makedeb APT repositories
uses: makedeb/setup-makedeb@main
with:
makedeb-repo: false
pbmpr-repo: true
- name: Install needed APT packages
run: sudo apt-get install just parse-changelog -y
- name: Create release
run: |
version="$(just get-version)"
release_notes="$(parse-changelog CHANGELOG.md "${version}")"
gh release create "v${version}" --title "v${version}" --target "${GITHUB_SHA}" -n "${release_notes}"
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_CUSTOM }}
deploy-mpr:
runs-on: ubuntu-latest
needs: [create-release]
if: "!failure() && !contains(github.event.head_commit.message, 'skip-ci: deploy-mpr')"
steps:
- name: Checkout Git repository
uses: actions/checkout@v3
- name: Setup makedeb APT repositories
uses: makedeb/setup-makedeb@main
- name: Publish MPR package
run: |
# Install our CI-utils package.
curl -Ls "https://shlink.hunterwittenborn.com/ci-utils" | sudo bash -
# Set up our SSH config.
mkdir "${HOME}/.ssh"
echo -e "Host mpr.makedeb.org\n Hostname mpr.makedeb.org\n IdentityFile ${HOME}/.ssh/ssh_key" > "${HOME}/.ssh/config"
echo "${SSH_KEY}" > "${HOME}/.ssh/ssh_key"
# Set up the MPR's SSH fingerprint in our local config.
MPR_SSH_KEY="$(curl 'https://mpr.makedeb.org/api/meta' | jq -r '.ssh_key_fingerprints.ECDSA')"
(
export SSH_HOST='mpr.makedeb.org'
export SSH_EXPECTED_FINGERPRINT="${MPR_SSH_KEY}"
export SET_PERMS=true
get-ssh-key
)
# Set up our Git user.
git config --global user.name 'Kavplex Bot'
git config --global user.email 'kavplex@hunterwittenborn.com'
# Clone the MPR repository for Celeste, and update it.
cd makedeb/
git clone 'ssh://mpr@mpr.makedeb.org/celeste'
cp PKGBUILD celeste/
cd celeste/
makedeb --print-srcinfo | tee .SRCINFO
source PKGBUILD
git add .
git commit -m "Bump version to '${pkgver}-${pkgrel}'"
git push
env:
SSH_KEY: ${{ secrets.SSH_KEY }}
deploy-snap:
runs-on: ubuntu-latest
needs: [create-release]
if: "!failure() && !contains(github.event.head_commit.message, 'skip-ci: deploy-snap')"
steps:
- name: Checkout Git repository
uses: actions/checkout@v3
- name: Setup makedeb APT repositories
uses: makedeb/setup-makedeb@main
with:
pbmpr-repo: true
- name: Build Celeste Snap
uses: snapcore/action-build@v1
id: snapcraft-build
with:
snapcraft-args: "-v"
- name: Upload and release Celeste Snap
# Use commit ID to temporarily fix https://github.com/snapcore/action-publish/issues/28.
uses: snapcore/action-publish@214b86e5ca036ead1668c79afb81e550e6c54d40
with:
snap: ${{ steps.snapcraft-build.outputs.snap }}
release: stable
env:
SNAPCRAFT_STORE_LEGACY_CREDENTIALS: ${{ secrets.SNAPCRAFT_STORE_CREDENTIALS }}
deploy-flathub:
runs-on: ubuntu-latest
needs: [deploy-snap]
if: "!failure() && !contains(github.event.head_commit.message, 'skip-ci: deply-flathub')"
steps:
- name: Checkout Flathub Celeste Git repository
uses: actions/checkout@v3
with:
repository: flathub/com.hunterwittenborn.Celeste
path: com.hunterwittenborn.Celeste
token: ${{ secrets.GH_TOKEN_CUSTOM }}
- name: Setup makedeb APT repositories
uses: makedeb/setup-makedeb@main
- name: Update Flathub package
run: |
# Set up our Git user.
git config --global user.name 'Kavplex Bot'
git config --global user.email 'kavplex@hunterwittenborn.com'
# Get the current snap revision.
snap download celeste
snap_revision="$(echo celeste_*.snap | sed -e 's|^celeste_||' -e 's|\.snap$||')"
snap_sha256sum="$(sha256sum celeste_*.snap | awk '{print $1}')"
# Update the version info for the Flatpak.
cd com.hunterwittenborn.Celeste
git checkout -b "version/${snap_revision}"
sed -i -e "s|a9zAmHVl4doDwIGkptVyA7VI7fMlPPpE_[0-9]*\.snap|a9zAmHVl4doDwIGkptVyA7VI7fMlPPpE_${snap_revision}.snap|" -e "s|sha256: .*|sha256: '${snap_sha256sum}'|" com.hunterwittenborn.Celeste.yml
git add . && git commit -m "Update package version"
git push --set-upstream origin "version/${snap_revision}"
# Create the PR and wait until we can merge it.
gh pr create --title "Update package version" --body ''
pr_id="$(gh pr list --json headRefName,headRepositoryOwner,number -q ".[] | select((.headRefName==\"version/${snap_revision}\") and .headRepositoryOwner.login==\"flathub\").number")"
while true; do
comments="$(gh pr view -c)"
if echo "${comments}" | grep -q failed; then
echo "The build failed! Please investigate manually."
exit 1
elif echo "${comments}" | grep -q successful; then
# Even after a successful build, we have to wait
# a bit longer for Buildbot to allow us to merge.
status='BLOCKED'
while [[ "${status}" == 'BLOCKED' ]]; do
echo 'Waiting for @flathubbot to allow merging...'
sleep 1
status="$(gh pr list --json number,mergeStateStatus -q ".[] | select(.number==${pr_id}).mergeStateStatus")"
done
echo "The build succeeded! Merging the PR..."
gh pr merge "${pr_id}" --merge
exit
fi
echo "Waiting for @flathubbot to report status checks..."
sleep 1
done
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_CUSTOM }}