confd: fix audit logs using proper facility #23
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This job can be started by a git tag or using the workflow dispatch. | |
| # | |
| # The version string *must* be of the format: vYY.MM(-alphaN|-betaN|-rcN) | |
| # | |
| # In /etc/os-release this string is used for VERSION, VERSION_ID, and | |
| # IMAGE_VERSION, with the 'v' prefix. In release artifact filenames, | |
| # and zip file directory names, the 'v' is dropped per convention. | |
| name: Release General | |
| on: | |
| push: | |
| tags: | |
| - 'v[0-9]*.*' | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| required: false | |
| type: string | |
| jobs: | |
| build: | |
| if: github.repository == 'kernelkit/infix' && startsWith(github.ref, 'refs/tags/') | |
| name: Build Infix ${{ github.ref_name }} [${{ matrix.target }}] | |
| runs-on: [ self-hosted, release ] | |
| strategy: | |
| matrix: | |
| target: [aarch64, x86_64] | |
| fail-fast: false | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| clean: true | |
| submodules: recursive | |
| - name: Set Release Variables | |
| id: vars | |
| run: | | |
| if [ -n "${{ inputs.version }}" ]; then | |
| ver=${{ inputs.version }} | |
| else | |
| ver=${GITHUB_REF#refs/tags/} | |
| fi | |
| echo "ver=${ver}" >> $GITHUB_OUTPUT | |
| fver=${ver#v} | |
| target=${{ matrix.target }}-${fver} | |
| echo "dir=infix-$target" >> $GITHUB_OUTPUT | |
| echo "tgz=infix-$target.tar.gz" >> $GITHUB_OUTPUT | |
| - name: Restore Cache of dl/ | |
| uses: actions/cache@v4 | |
| with: | |
| path: dl/ | |
| key: dl-${{ hashFiles('.git/modules/buildroot/HEAD', 'configs/*', 'package/*/*.hash') }} | |
| restore-keys: | | |
| dl- | |
| - name: Restore Cache of .ccache/ | |
| uses: actions/cache@v4 | |
| with: | |
| path: .ccache/ | |
| key: ccache-${{ matrix.target }}-${{ hashFiles('.git/modules/buildroot/HEAD', 'package/*/*.hash') }} | |
| restore-keys: | | |
| ccache-${{ matrix.target }}- | |
| ccache- | |
| - name: Configure & Build | |
| env: | |
| INFIX_RELEASE: ${{ steps.vars.outputs.ver }} | |
| run: | | |
| target=${{ matrix.target }}_defconfig | |
| echo "Building $target ..." | |
| make $target | |
| make | |
| - name: Generate SBOM from Build | |
| run: | | |
| make legal-info | |
| - name: Prepare Artifacts | |
| run: | | |
| cd output/ | |
| mv images ${{ steps.vars.outputs.dir }} | |
| ln -s ${{ steps.vars.outputs.dir }} images | |
| tar chfz ${{ steps.vars.outputs.tgz }} ${{ steps.vars.outputs.dir }} | |
| mv legal-info legal-info-$target | |
| tar chfz legal-info-$target.tar.gz legal-info-$target | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact-${{ matrix.target }} | |
| path: output/*.tar.gz | |
| release: | |
| name: Release Infix ${{ github.ref_name }} | |
| needs: build | |
| runs-on: [ self-hosted, release ] | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: 'true' | |
| - name: Set Release Variables | |
| id: rel | |
| run: | | |
| if [ -n "${{ inputs.version }}" ]; then | |
| ver=${{ inputs.version }} | |
| else | |
| ver=${GITHUB_REF#refs/tags/} | |
| fi | |
| echo "ver=${ver}" >> $GITHUB_OUTPUT | |
| if echo $ver | grep -qE 'v[0-9.]+(-alpha|-beta|-rc)[0-9]*'; then | |
| echo "pre=true" >> $GITHUB_OUTPUT | |
| echo "latest=false" >> $GITHUB_OUTPUT | |
| elif echo $ver | grep -qE '^v[0-9.]+\.[0-9.]+(\.[0-9]+)?$'; then | |
| echo "pre=false" >> $GITHUB_OUTPUT | |
| echo "latest=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "pre=false" >> $GITHUB_OUTPUT | |
| echo "latest=false" >> $GITHUB_OUTPUT | |
| fi | |
| echo "pre=${{ steps.rel.outputs.pre }}" | |
| echo "latest=${{ steps.rel.outputs.latest }}" | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| pattern: "artifact-*" | |
| merge-multiple: true | |
| - name: Create checksums ... | |
| run: | | |
| for file in *.tar.gz; do | |
| sha256sum $file > $file.sha256 | |
| done | |
| - name: Extract ChangeLog entry ... | |
| run: | | |
| awk '/^-----*$/{if (x == 1) exit; x=1;next}x' doc/ChangeLog.md \ | |
| |head -n -1 > release.md | |
| cat release.md | |
| - uses: ncipollo/release-action@v1 | |
| with: | |
| name: Infix ${{ github.ref_name }} | |
| prerelease: ${{ steps.rel.outputs.pre }} | |
| makeLatest: ${{ steps.rel.outputs.latest }} | |
| bodyFile: release.md | |
| artifacts: "*.tar.gz*" | |
| - name: Summary | |
| run: | | |
| cat <<EOF >> $GITHUB_STEP_SUMMARY | |
| # Infix ${{ github.ref_name }} Released! :rocket: | |
| For the public download links of this release, please see: | |
| <https://github.com/kernelkit/infix/releases/tag/${{ github.ref_name }}> | |
| EOF |