Update Yum Repository #65
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Update Yum Repository | |
on: | |
schedule: | |
- cron: "0 2 * * 0" | |
workflow_dispatch: | |
env: | |
CENTOS_RELEASES: "7 8" | |
ROCKY_RELEASES: "8" | |
ERLANG_VERSIONS: "24 25 26 27" | |
ELIXIR_VERSIONS: "1.16 1.15 1.14 1.13 1.12" | |
MONGOOSEIM_VERSIONS: "5 6" | |
AWS_REGION: "eu-west-2" | |
AWS_SOURCE_BUCKET: "esl-erlang" | |
AWS_DESTINATION_BUCKET: "esl-packages" | |
AWS_BINARIES_BUCKET: "binaries2.erlang-solutions.com" | |
ARCHITECTURE: "x86_64,noarch" | |
jobs: | |
update-repo: | |
runs-on: ubuntu-latest | |
steps: | |
# Install dependencies required by the scripts | |
- name: Install Dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y awscli dpkg-sig gnupg createrepo-c | |
# Configure Credentials for AWS | |
- name: Set AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-west-2 | |
# Clean files from Destination S3 to avoid metadata issues | |
- name: Clean previous RPM files from destination Bucket | |
run: | | |
aws s3 rm s3://$AWS_DESTINATION_BUCKET/centos/ --recursive | |
aws s3 rm s3://$AWS_DESTINATION_BUCKET/rockylinux/ --recursive | |
# Run the script to create the repositories for ESL-erlang | |
- name: Create Repositories | |
run: | | |
for distro in $CENTOS_RELEASES $ROCKY_RELEASES | |
do | |
for erlang in $ERLANG_VERSIONS | |
do | |
mkdir -p "$distro/esl-erlang-$erlang" | |
createrepo_c "$distro/esl-erlang-$erlang" | |
done | |
done | |
# Run the script to create the repositories for Elixir | |
- name: Create Elixir Repositories | |
run: | | |
for distro in $CENTOS_RELEASES $ROCKY_RELEASES | |
do | |
for elixir in $ELIXIR_VERSIONS | |
do | |
mkdir -p "$distro/elixir-$elixir" | |
createrepo_c "$distro/elixir-$elixir" | |
done | |
done | |
# Run the script to create the repositories for MongooseIM | |
- name: Create Mongoose Repositories | |
run: | | |
for distro in $CENTOS_RELEASES $ROCKY_RELEASES | |
do | |
for mongooseim in $MONGOOSEIM_VERSIONS | |
do | |
mkdir -p "$distro/mongooseim-$mongooseim" | |
createrepo_c "$distro/mongooseim-$mongooseim" | |
done | |
done | |
# Download .RPM files from S3 | |
- name: Download RPM files | |
run: | | |
mkdir Packages | |
aws s3 sync s3://$AWS_SOURCE_BUCKET Packages --exclude "*" --include "*.rpm" | |
# Import GPG key | |
- name: Import keys | |
run: | | |
echo "${{ secrets.GPG_P_KEY }}" | tr ';' '\n' > RPM-GPG-KEY-pmanager | |
gpg --batch --import RPM-GPG-KEY-pmanager | |
gpg --batch --list-keys | |
gpg --batch --output RPM-GPG-KEY-pmanager.pub --armor --export ${{secrets.GPG_KEY_ID}} | |
rpm --import RPM-GPG-KEY-pmanager.pub | |
aws s3 sync . s3://$AWS_DESTINATION_BUCKET --acl public-read --exclude "*" --include "*.pub" | |
# Run the script to add the packages to the repositories and check sign | |
- name: Add RPM Packages to Repositories | |
run: | | |
for file in $(find Packages -name '*.rpm') | |
do | |
if [[ "$file" =~ (esl-erlang|elixir|mongooseim)_([0-9]+(\.[0-9]+)*(-[0-9]+)?)(_[0-9]+)?(_otp_[0-9.]+)?~(centos|rocky)~([0-9]+)_(x86_64|noarch)\.rpm$ ]]; then | |
if ! rpm -K "$file"; then | |
echo "File $file is not signed. Signing with key $GPG_KEY_ID." | |
rpm --addsign "$file" | |
fi | |
if [[ "${BASH_REMATCH[1]}" == "mongooseim" ]]; then | |
repo_name="${BASH_REMATCH[8]}/${BASH_REMATCH[1]}-${BASH_REMATCH[2]%%.*}" | |
elif [[ "${BASH_REMATCH[1]}" == "esl-erlang" ]]; then | |
repo_name="${BASH_REMATCH[8]}/${BASH_REMATCH[1]}-${BASH_REMATCH[2]%%.*}" | |
elif [[ "${BASH_REMATCH[1]}" == "elixir" ]]; then | |
repo_name="${BASH_REMATCH[8]}/${BASH_REMATCH[1]}-${BASH_REMATCH[2]%.*}" | |
fi | |
createrepo_c --update "$repo_name" | |
mv "$file" "$repo_name" | |
fi | |
done | |
# Upload RPM files to S3 | |
- name: Upload rpm files to S3 | |
run: | | |
aws s3 sync ./Packages/ s3://$AWS_DESTINATION_BUCKET --acl public-read | |
# Configure Yum Repository | |
- name: Configure yum repository | |
run: | | |
cat > esl-centos.repo << EOF | |
[esl] | |
name=ESL Erlang Repository | |
baseurl=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/centos | |
gpgcheck=1 | |
gpgkey=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/centos/RPM-GPG-KEY-pmanager.pub | |
enabled=1 | |
EOF | |
cat > elixir-centos.repo << EOF | |
[elixir] | |
name=Elixir Repository | |
baseurl=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/centos | |
gpgcheck=1 | |
gpgkey=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/centos/RPM-GPG-KEY-pmanager.pub | |
enabled=1 | |
EOF | |
cat > mongooseim-centos.repo << EOF | |
[mongooseim] | |
name=MongooseIM Repository | |
baseurl=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/centos | |
gpgcheck=1 | |
gpgkey=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/centos/RPM-GPG-KEY-pmanager.pub | |
enabled=1 | |
EOF | |
cat > esl-rocky.repo << EOF | |
[esl] | |
name=ESL Erlang Repository for Rocky | |
baseurl=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/rocky | |
gpgcheck=1 | |
gpgkey=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/rocky/RPM-GPG-KEY-pmanager.pub | |
enabled=1 | |
EOF | |
cat > elixir-rocky.repo << EOF | |
[elixir] | |
name=Elixir Repository for Rocky | |
baseurl=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/rocky | |
gpgcheck=1 | |
gpgkey=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/rocky/RPM-GPG-KEY-pmanager.pub | |
enabled=1 | |
EOF | |
cat > mongooseim-rocky.repo << EOF | |
[mongooseim] | |
name=MongooseIM Repository for Rocky | |
baseurl=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/rocky | |
gpgcheck=1 | |
gpgkey=https://s3-$AWS_REGION.amazonaws.com/$AWS_DESTINATION_BUCKET/rocky/RPM-GPG-KEY-pmanager.pub | |
enabled=1 | |
EOF | |
# Publish repositories to S3 Destination | |
- name: Publish repositories | |
run: | | |
for distro in $CENTOS_RELEASES | |
do | |
for erlang in $ERLANG_VERSIONS | |
do | |
createrepo_c --update "$distro/esl-erlang-$erlang" | |
aws s3 sync "$distro/esl-erlang-$erlang" "s3://$AWS_DESTINATION_BUCKET/centos/esl-erlang-$erlang" --acl public-read | |
done | |
done | |
for distro in $CENTOS_RELEASES | |
do | |
for elixir in $ELIXIR_VERSIONS | |
do | |
createrepo_c --update "$distro/elixir-$elixir" | |
aws s3 sync "$distro/elixir-$elixir" "s3://$AWS_DESTINATION_BUCKET/centos/elixir-$elixir" --acl public-read | |
done | |
done | |
for distro in $CENTOS_RELEASES | |
do | |
for mongooseim in $MONGOOSEIM_VERSIONS | |
do | |
createrepo_c --update "$distro/mongooseim-$mongooseim" | |
aws s3 sync "$distro/mongooseim-$mongooseim" "s3://$AWS_DESTINATION_BUCKET/centos/mongooseim-$mongooseim" --acl public-read | |
done | |
done | |
for distro in $ROCKY_RELEASES | |
do | |
for erlang in $ERLANG_VERSIONS | |
do | |
createrepo_c --update "$distro/esl-erlang-$erlang" | |
aws s3 sync "$distro/esl-erlang-$erlang" "s3://$AWS_DESTINATION_BUCKET/rockylinux/esl-erlang-$erlang" --acl public-read | |
done | |
done | |
for distro in $ROCKY_RELEASES | |
do | |
for elixir in $ELIXIR_VERSIONS | |
do | |
createrepo_c --update "$distro/elixir-$elixir" | |
aws s3 sync "$distro/elixir-$elixir" "s3://$AWS_DESTINATION_BUCKET/rockylinux/elixir-$elixir" --acl public-read | |
done | |
done | |
for distro in $ROCKY_RELEASES | |
do | |
for mongooseim in $MONGOOSEIM_VERSIONS | |
do | |
createrepo_c --update "$distro/mongooseim-$mongooseim" | |
aws s3 sync "$distro/mongooseim-$mongooseim" "s3://$AWS_DESTINATION_BUCKET/rockylinux/mongooseim-$mongooseim" --acl public-read | |
done | |
done | |
# Sync Normalized and Signed Packages to Binaries2 | |
- name: Sync Packages to Binaries2 | |
run: | | |
aws s3 sync s3://$AWS_DESTINATION_BUCKET s3://$AWS_BINARIES_BUCKET |