Nightly CI #1340
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Nightly CI | |
'on': | |
schedule: | |
- cron: '0 1 * * *' | |
jobs: | |
makepkg: | |
name: makepkg | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- pkg: actionlint-git | |
- pkg: android-sdk-build-tools | |
# - pkg: ansible-cmdb | |
# - pkg: ansible-core-git | |
- pkg: ansible-lint-git | |
- pkg: anteon | |
- pkg: anteon-git | |
- pkg: assetfinder | |
- pkg: assetfinder-git | |
- pkg: awx | |
- pkg: butane | |
- pkg: butane-bin | |
- pkg: docker-bench-security | |
- pkg: docker-bench-security-git | |
- pkg: docker-prune | |
- pkg: dockle | |
- pkg: dstp | |
- pkg: dstp-git | |
- pkg: gnome-shell-extension-dash-to-dock-git | |
- pkg: gnome-shell-extension-public-ip-git | |
- pkg: gnome-shell-extension-workspace-matrix | |
- pkg: google-tsunami-security-scanner | |
- pkg: google-tsunami-security-scanner-git | |
# - pkg: google-tsunami-security-scanner-plugins-git | |
# - pkg: jmeter-plugins-manager | |
# - pkg: pumba | |
- pkg: pumba-bin | |
- pkg: ravro_dcrpt-git | |
- pkg: python-bandcamp-api-git | |
- pkg: spotdl | |
- pkg: thelounge-beta | |
- pkg: trivy-git | |
- pkg: vim-markdown-git | |
- pkg: vim-pkgbuild-git | |
- pkg: zoiper-bin | |
steps: | |
- name: Check out the codebase. | |
uses: actions/checkout@v4 | |
- name: Exit if pkg doesn't exist. | |
run: if [ ! -d "${{ matrix.pkg }}" ]; then exit 1; fi | |
- name: Pull devel image. | |
run: docker pull quay.io/aminvakil/archlinux:devel | |
- name: Run a container of devel image and mount package on it. | |
run: | | |
container_id=$(mktemp) | |
docker run --detach --privileged --cgroup-parent=docker.slice --cgroupns private --tmpfs /run --tmpfs /run/lock -v "${PWD}/${{ matrix.pkg }}":/pkg quay.io/aminvakil/archlinux:devel > "${container_id}" | |
echo "container_id=$container_id" >> $GITHUB_ENV | |
- name: Execute stuff before makepkg if there is any. | |
run: | | |
if [ -f ci/"${{ matrix.pkg }}"/before_makepkg.sh ]; then | |
shellcheck ci/"${{ matrix.pkg }}"/before_makepkg.sh | |
docker exec -i "$(cat ${container_id})" sh < ci/"${{ matrix.pkg }}"/before_makepkg.sh | |
fi | |
- name: Upgrade all packages. | |
run: docker exec "$(cat ${container_id})" pacman -Suy --noconfirm | |
- name: Change ownership of package folder | |
run: "docker exec $(cat ${container_id}) chown -R devel: /pkg" | |
- name: Install namcap | |
run: docker exec "$(cat ${container_id})" pacman -S namcap --noconfirm | |
- name: Namcap! | |
run: if [ ! -f ci/"${{ matrix.pkg }}"/namcap_skip ]; then docker exec "$(cat ${container_id})" su devel sh -c "cd /pkg && namcap PKGBUILD"; fi | |
- name: Makepkg! | |
run: docker exec "$(cat ${container_id})" su devel sh -c "cd /pkg && makepkg -sri --check --noconfirm" | |
- name: Execute stuff after makepkg if there is any. | |
run: | | |
if [ -f ci/"${{ matrix.pkg }}"/after_makepkg.sh ]; then | |
shellcheck ci/"${{ matrix.pkg }}"/after_makepkg.sh | |
docker exec -i "$(cat ${container_id})" sh < ci/"${{ matrix.pkg }}"/after_makepkg.sh | |
fi | |
- name: Stop and remove container forcefully. | |
run: docker rm -f "$(cat ${container_id})" |