build ayugram #72

Workflow file for this run

.github/workflows/ayugram.yml at 874040c

	name: Build and push

	on:
	workflow_dispatch:
	push:
	branches:
	- master

	env:
	appid: com.ayugram.desktop

	jobs:
	flatpak:
	name: flatpak build
	runs-on: ubuntu-latest
	permissions:
	contents: read

	steps:
	- name: Free up disk space
	run: \|
	sudo rm -rf /opt/ghc /usr/local/.ghcup \|\| true
	sudo rm -rf /opt/hostedtoolcache
	sudo rm -rf /usr/share/gradle-*
	sudo rm -rf /usr/local/julia* /usr/share/java /usr/share/kotlinc
	sudo rm -rf /opt/az /opt/microsoft /opt/pipx
	sudo rm -rf /usr/share/miniconda /home/runner/.rustup /home/packer/.rustup /home/runneradmin/.rustup
	sudo rm -rf /etc/skel/.rustup /opt/google-cloud-sdk
	sudo rm -rf /usr/share/az_* /opt/google /usr/lib/firefox /usr/local/aws-*
	sudo rm -rf /usr/libexec/gcc /opt/actionarchivecache
	sudo rm -rf /var/lib/mysql /usr/local/n
	sudo rm -rf /usr/local/lib/android
	sudo rm -rf /usr/share/dotnet /usr/share/swift
	sudo rm -rf /usr/local/share/boost /usr/local/share/powershell
	sudo rm -rf /usr/lib/google-cloud-sdk /usr/lib/jvm
	sudo rm -rf /usr/local/graalvm /usr/local/share/chromium
	sudo rm -rf /usr/local/lib/node_modules
	sudo rm -rf /usr/lib/dotnet /usr/lib/php /usr/share/mysql
	sudo rm -rf /usr/lib/llvm-*
	sudo rm -rf /usr/lib/mono
	sudo apt purge -y \
	firefox \
	google-chrome-stable \
	microsoft-edge-stable
	sudo apt-get clean \|\| true
	sudo rm -rf /var/lib/apt/lists/*

	- uses: actions/checkout@v4
	with:
	submodules: 'true'
	persist-credentials: false

	- name: Restore cache
	id: cache
	uses: actions/cache/restore@v4
	with:
	path: .flatpak-builder
	key: flatpak-${{ hashFiles('.yml', '.json') }}
	restore-keys: flatpak-

	- name: Enable unprivileged user namespaces
	run: \|
	sudo aa-teardown >/dev/null 2>&1 \|\| true
	sudo systemctl disable --now apparmor.service >/dev/null 2>&1
	sudo sysctl -w kernel.apparmor_restrict_unprivileged_unconfined=0
	sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0

	- name: Download sources
	run: \|
	docker run --rm \
	--security-opt seccomp=${GITHUB_WORKSPACE}/flatpak.seccomp.json \
	--security-opt apparmor=unconfined \
	--cap-drop all \
	--entrypoint="" \
	-v /proc:/host/proc \
	-v "${GITHUB_WORKSPACE}:/work" \
	-w /work \
	ghcr.io/solopasha/flatpaks/buildroot:latest \
	/bin/bash -c '
	max_retries=5
	sleep_seconds=7

	for (( retry_count=0; retry_count<max_retries; retry_count++ )); do
	if flatpak-builder --force-clean --sandbox --download-only builddir ${{ env.appid }}.yml; then
	exit 0
	fi

	if [[ $retry_count -lt $((max_retries - 1)) ]]; then
	echo "Attempt $((retry_count + 1)) failed. Retrying in $sleep_seconds seconds..."
	sleep $sleep_seconds
	fi
	done

	echo "Failed after $max_retries attempts"
	exit 1
	'

	- name: Build
	run: \|
	mkdir -p ${GITHUB_WORKSPACE}/flatpak
	docker run --rm \
	--security-opt seccomp=${GITHUB_WORKSPACE}/flatpak.seccomp.json \
	--security-opt apparmor=unconfined \
	--cap-drop all \
	--entrypoint="" \
	-v /proc:/host/proc \
	-v "${GITHUB_WORKSPACE}:/work" \
	-v "${GITHUB_WORKSPACE}/flatpak:/home/builduser/.local/share/flatpak" \
	-w /work \
	ghcr.io/solopasha/flatpaks/buildroot:latest \
	/bin/bash -c '
	flatpak remote-add --user --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
	git config --global --add safe.directory "*"
	flatpak-builder \
	--user \
	--arch=x86_64 \
	--ccache \
	--default-branch=master \
	--delete-build-dirs \
	--disable-download \
	--disable-rofiles-fuse \
	--force-clean \
	--install-deps-from=flathub \
	--repo=repo \
	--sandbox \
	builddir ${{ env.appid }}.yml
	'

	- name: Bundles
	run: \|
	docker run --rm \
	--cap-drop all \
	--entrypoint="" \
	-v "${GITHUB_WORKSPACE}:/work" \
	-w /work \
	ghcr.io/solopasha/flatpaks/buildroot:latest \
	/bin/bash -c '
	flatpak build-bundle repo ${{ env.appid }}.flatpak \
	--runtime-repo=https://flathub.org/repo/flathub.flatpakrepo \
	--arch=x86_64 \
	${{ env.appid }}

	# flatpak build-bundle repo ${{ env.appid }}.Debug.flatpak \
	# --runtime-repo=https://flathub.org/repo/flathub.flatpakrepo \
	# --arch=x86_64 \
	# --runtime \
	# ${{ env.appid }}.Debug
	'

	- name: Upload bundle
	uses: actions/upload-artifact@v4
	with:
	name: ${{ env.appid }}-bundle
	path: ${{ env.appid }}.flatpak
	retention-days: 1
	compression-level: 0

	# - name: Upload debuginfo
	# uses: actions/upload-artifact@v4
	# with:
	# name: ${{ env.appid }}-bundle.Debug
	# path: ${{ env.appid }}.Debug.flatpak
	# retention-days: 3
	# compression-level: 0

	- name: Save cache
	id: cache-save
	uses: actions/cache/save@v4
	if: always() && (github.event_name == 'push' \|\| github.event_name == 'workflow_dispatch')
	with:
	path: .flatpak-builder
	key: ${{ steps.cache.outputs.cache-primary-key }}

	repo:
	if: ( github.event_name == 'push' \|\| github.event_name == 'workflow_dispatch' ) && github.ref == 'refs/heads/master'
	needs: flatpak
	permissions:
	contents: read

	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Grab build artifacts
	uses: actions/download-artifact@v4
	with:
	pattern: ${{ env.appid }}-bundle
	path: ${{ env.appid }}.flatpak

	- name: Import bundle
	env:
	GPGKEY: ${{ secrets.gpgkey }}
	run: \|
	docker run --rm \
	--security-opt seccomp=${GITHUB_WORKSPACE}/flatpak.seccomp.json \
	--security-opt apparmor=unconfined \
	--cap-drop all \
	--entrypoint="" \
	--tmpfs /home/builduser/.gnupg:uid=1001,gid=1001,mode=0700 \
	-e GPGKEY \
	-v "${GITHUB_WORKSPACE}:/work" \
	-w /work \
	ghcr.io/solopasha/flatpaks/buildroot:latest \
	/bin/bash -c '
	echo "${GPGKEY}" \| gpg --import
	set -x
	ls
	find
	ostree init --repo repo --mode=archive-z2
	ostree remote add ${{ github.repository_owner }} \
	https://${{ github.repository_owner }}.github.io/${{ github.event.repository.name }} \
	--gpg-import=./RPM-GPG-KEY-${{ github.repository_owner }} --repo repo
	ostree pull --repo repo --disable-fsync --mirror ${{ github.repository_owner }} \|\| :
	flatpak -vv build-import-bundle repo ${{ env.appid }}.flatpak --gpg-sign=dc812d3cb7855746 --update-appstream \|\| exit 1
	flatpak build-update-repo --generate-static-deltas --prune repo --gpg-sign=dc812d3cb7855746
	'

	- name: flatpakrepo
	run: \|
	cat << EOF > repo/index.flatpakrepo
	[Flatpak Repo]
	Title=${{ github.repository }}
	Url=https://${{ github.repository_owner }}.github.io/${{ github.event.repository.name }}/
	Homepage=${{ github.repositoryUrl }}
	Description=${{ github.repository }}
	Icon=https://raw.githubusercontent.com/flatpak/flatpak/main/flatpak.png
	GPGKey=$(base64 --wrap=0 < RPM-GPG-KEY-${{ github.repository_owner }})
	EOF

	- name: flatpakref
	run: \|
	cat << EOF > repo/${{ env.appid }}.flatpakref
	[Flatpak Ref]
	Title=${{ env.appid }} from ${{ github.repository }}
	Name=${{ env.appid }}
	Branch=master
	Url=https://${{ github.repository_owner }}.github.io/${{ github.event.repository.name }}/
	SuggestRemoteName=ayugram-${{ github.repository_owner }}
	Icon=https://raw.githubusercontent.com/AyuGram/AyuGramDesktop/master/.github/AyuGram.png
	RuntimeRepo=https://dl.flathub.org/repo/flathub.flatpakrepo
	IsRuntime=false
	GPGKey=$(base64 --wrap=0 < RPM-GPG-KEY-${{ github.repository_owner }})
	EOF

	- name: Upload repo
	uses: actions/upload-pages-artifact@v3
	with:
	path: repo/

	deploy:
	if: ( github.event_name == 'push' \|\| github.event_name == 'workflow_dispatch' ) && github.ref == 'refs/heads/master'
	needs: repo
	permissions:
	pages: write
	id-token: write
	environment:
	name: github-pages
	url: ${{ steps.deployment.outputs.page_url }}

	runs-on: ubuntu-latest
	steps:
	- name: Deploy to GitHub Pages
	id: deployment
	uses: actions/deploy-pages@v4

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build ayugram #72

Workflow file

build ayugram #72

Uh oh!

Workflow file for this run