Update plasma-wayland-protocols, plasma-activities and 5 more modules #70
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and push runtime | |
| on: | |
| workflow_dispatch: | |
| push: | |
| paths: | |
| - 'org.kde.Sdk/**' | |
| branches: | |
| - master | |
| pull_request: | |
| paths: | |
| - 'org.kde.Sdk/**' | |
| branches: | |
| - master | |
| jobs: | |
| flatpak: | |
| name: org.kde.Sdk build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Free up disk space | |
| run: | | |
| sudo rm -rf /opt/ghc /usr/local/.ghcup || true | |
| sudo rm -rf /opt/hostedtoolcache | |
| sudo rm -rf /usr/share/gradle-* | |
| sudo rm -rf /usr/local/julia* /usr/share/java /usr/share/kotlinc | |
| sudo rm -rf /opt/az /opt/microsoft /opt/pipx | |
| sudo rm -rf /usr/share/miniconda /home/runner/.rustup /home/packer/.rustup /home/runneradmin/.rustup | |
| sudo rm -rf /etc/skel/.rustup /opt/google-cloud-sdk | |
| sudo rm -rf /usr/share/az_* /opt/google /usr/lib/firefox /usr/local/aws-* | |
| sudo rm -rf /usr/libexec/gcc /opt/actionarchivecache | |
| sudo rm -rf /var/lib/mysql /usr/local/n | |
| sudo rm -rf /usr/local/lib/android | |
| sudo rm -rf /usr/share/dotnet /usr/share/swift | |
| sudo rm -rf /usr/local/share/boost /usr/local/share/powershell | |
| sudo rm -rf /usr/lib/google-cloud-sdk /usr/lib/jvm | |
| sudo rm -rf /usr/local/graalvm /usr/local/share/chromium | |
| sudo rm -rf /usr/local/lib/node_modules | |
| sudo rm -rf /usr/lib/dotnet /usr/lib/php /usr/share/mysql | |
| sudo rm -rf /usr/lib/llvm-* | |
| sudo rm -rf /usr/lib/mono | |
| sudo apt purge -y \ | |
| firefox \ | |
| google-chrome-stable \ | |
| microsoft-edge-stable | |
| sudo apt-get clean || true | |
| sudo rm -rf /var/lib/apt/lists/* | |
| - uses: actions/checkout@v5 | |
| with: | |
| submodules: 'true' | |
| persist-credentials: false | |
| - name: Restore cache | |
| id: cache | |
| uses: actions/cache/restore@v4 | |
| with: | |
| path: .flatpak-builder | |
| key: org.kde.Sdk-${{ hashFiles('org.kde.Sdk') }} | |
| restore-keys: org.kde.Sdk- | |
| - name: Enable unprivileged user namespaces | |
| run: | | |
| sudo aa-teardown >/dev/null 2>&1 || true | |
| sudo systemctl disable --now apparmor.service >/dev/null 2>&1 | |
| sudo sysctl -w kernel.apparmor_restrict_unprivileged_unconfined=0 | |
| sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 | |
| - name: Download sources | |
| run: | | |
| docker run --rm \ | |
| --security-opt seccomp=${GITHUB_WORKSPACE}/flatpak.seccomp.json \ | |
| --security-opt apparmor=unconfined \ | |
| --cap-drop all \ | |
| --entrypoint="" \ | |
| -v /proc:/host/proc \ | |
| -v "${GITHUB_WORKSPACE}:/work" \ | |
| -w /work \ | |
| ghcr.io/solopasha/flatpaks/buildroot:latest \ | |
| /bin/bash -c ' | |
| max_retries=5 | |
| sleep_seconds=7 | |
| for (( retry_count=0; retry_count<max_retries; retry_count++ )); do | |
| if flatpak-builder --force-clean --sandbox --download-only builddir org.kde.Sdk/org.kde.Sdk.json; then | |
| exit 0 | |
| fi | |
| if [[ $retry_count -lt $((max_retries - 1)) ]]; then | |
| echo "Attempt $((retry_count + 1)) failed. Retrying in $sleep_seconds seconds..." | |
| sleep $sleep_seconds | |
| fi | |
| done | |
| echo "Failed after $max_retries attempts" | |
| exit 1 | |
| ' | |
| - name: Build | |
| run: | | |
| mkdir -p ${GITHUB_WORKSPACE}/flatpak | |
| docker run --rm \ | |
| --security-opt seccomp=${GITHUB_WORKSPACE}/flatpak.seccomp.json \ | |
| --security-opt apparmor=unconfined \ | |
| --cap-drop all \ | |
| --entrypoint="" \ | |
| -v /proc:/host/proc \ | |
| -v "${GITHUB_WORKSPACE}:/work" \ | |
| -v "${GITHUB_WORKSPACE}/flatpak:/home/builduser/.local/share/flatpak" \ | |
| -w /work \ | |
| ghcr.io/solopasha/flatpaks/buildroot:latest \ | |
| /bin/bash -c ' | |
| flatpak remote-add --user --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo | |
| git config --global --add safe.directory "*" | |
| flatpak-builder -v \ | |
| --user \ | |
| --arch=x86_64 \ | |
| --default-branch=master \ | |
| --delete-build-dirs \ | |
| --disable-download \ | |
| --disable-rofiles-fuse \ | |
| --force-clean \ | |
| --install-deps-from=flathub \ | |
| --repo=repo \ | |
| --sandbox \ | |
| builddir org.kde.Sdk/org.kde.Sdk.json || exit 1 | |
| rm -rf builddir | |
| rm -rf .flatpak-builder/ccache || : | |
| du -sh .flatpak-builder || : | |
| ' | |
| - name: Bundles | |
| run: | | |
| docker run --rm \ | |
| --cap-drop all \ | |
| --entrypoint="" \ | |
| -v "${GITHUB_WORKSPACE}:/work" \ | |
| -w /work \ | |
| ghcr.io/solopasha/flatpaks/buildroot:latest \ | |
| /bin/bash -c ' | |
| flatpak build-bundle repo org.kde.Sdk.flatpak \ | |
| --runtime-repo=https://flathub.org/repo/flathub.flatpakrepo \ | |
| --arch=x86_64 \ | |
| --runtime \ | |
| --oci \ | |
| org.kde.Sdk solopasha | |
| flatpak build-bundle repo org.kde.Sdk.Locale.flatpak \ | |
| --runtime-repo=https://flathub.org/repo/flathub.flatpakrepo \ | |
| --arch=x86_64 \ | |
| --runtime \ | |
| --oci \ | |
| org.kde.Sdk.Locale solopasha | |
| flatpak build-bundle repo org.kde.Sdk.Debug.flatpak \ | |
| --runtime-repo=https://flathub.org/repo/flathub.flatpakrepo \ | |
| --arch=x86_64 \ | |
| --runtime \ | |
| --oci \ | |
| org.kde.Sdk.Debug solopasha | |
| flatpak build-bundle repo org.kde.Platform.flatpak \ | |
| --runtime-repo=https://flathub.org/repo/flathub.flatpakrepo \ | |
| --arch=x86_64 \ | |
| --runtime \ | |
| --oci \ | |
| org.kde.Platform solopasha | |
| flatpak build-bundle repo org.kde.Platform.Locale.flatpak \ | |
| --runtime-repo=https://flathub.org/repo/flathub.flatpakrepo \ | |
| --arch=x86_64 \ | |
| --runtime \ | |
| --oci \ | |
| org.kde.Platform.Locale solopasha | |
| ' | |
| - name: Upload org.kde.Sdk | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: org.kde.Sdk.flatpak | |
| path: org.kde.Sdk.flatpak | |
| retention-days: 1 | |
| compression-level: 0 | |
| if-no-files-found: error | |
| - name: Upload org.kde.Sdk.Locale | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: org.kde.Sdk.Locale.flatpak | |
| path: org.kde.Sdk.Locale.flatpak | |
| retention-days: 1 | |
| compression-level: 0 | |
| if-no-files-found: error | |
| - name: Upload org.kde.Sdk.Debug | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: org.kde.Sdk.Debug.flatpak | |
| path: org.kde.Sdk.Debug.flatpak | |
| retention-days: 1 | |
| compression-level: 0 | |
| if-no-files-found: error | |
| - name: Upload org.kde.Platform | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: org.kde.Platform.flatpak | |
| path: org.kde.Platform.flatpak | |
| retention-days: 1 | |
| compression-level: 0 | |
| if-no-files-found: error | |
| - name: Upload org.kde.Platform.Locale | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: org.kde.Platform.Locale.flatpak | |
| path: org.kde.Platform.Locale.flatpak | |
| retention-days: 1 | |
| compression-level: 0 | |
| if-no-files-found: error | |
| - name: Save cache | |
| id: cache-save | |
| uses: actions/cache/save@v4 | |
| if: always() && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') | |
| with: | |
| path: .flatpak-builder | |
| key: ${{ steps.cache.outputs.cache-primary-key }} | |
| publish-oci: | |
| if: ( github.event_name == 'push' || github.event_name == 'workflow_dispatch' ) && github.ref == 'refs/heads/master' | |
| needs: flatpak | |
| permissions: | |
| packages: write | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ghcr.io/solopasha/flatpaks/buildroot:latest | |
| options: --tmpfs /run/containers:uid=1001,gid=1001,mode=0700 --cap-drop all | |
| steps: | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: 'org.kde.*.flatpak' | |
| - name: Login | |
| run: | | |
| skopeo login --username "${{ github.repository_owner }}" --password "${{ secrets.GITHUB_TOKEN }}" ghcr.io | |
| - name: Push | |
| run: | | |
| for i in {1..7}; do | |
| skopeo copy --retry-times 3 \ | |
| oci:org.kde.Sdk.flatpak \ | |
| docker://ghcr.io/${{ github.repository }}/org.kde.sdk:latest && break || sleep $((5 * i)) | |
| done | |
| for i in {1..7}; do | |
| skopeo copy --retry-times 3 \ | |
| oci:org.kde.Sdk.Locale.flatpak \ | |
| docker://ghcr.io/${{ github.repository }}/org.kde.sdk.locale:latest && break || sleep $((5 * i)) | |
| done | |
| for i in {1..7}; do | |
| skopeo copy --retry-times 3 \ | |
| oci:org.kde.Sdk.Debug.flatpak \ | |
| docker://ghcr.io/${{ github.repository }}/org.kde.sdk.debug:latest && break || sleep $((5 * i)) | |
| done | |
| for i in {1..7}; do | |
| skopeo copy --retry-times 3 \ | |
| oci:org.kde.Platform.flatpak \ | |
| docker://ghcr.io/${{ github.repository }}/org.kde.platform:latest && break || sleep $((5 * i)) | |
| done | |
| for i in {1..7}; do | |
| skopeo copy --retry-times 3 \ | |
| oci:org.kde.Platform.Locale.flatpak \ | |
| docker://ghcr.io/${{ github.repository }}/org.kde.platform.locale:latest && break || sleep $((5 * i)) | |
| done | |
| repo: | |
| if: ( github.event_name == 'push' || github.event_name == 'workflow_dispatch' ) && github.ref == 'refs/heads/master' | |
| needs: | |
| - flatpak | |
| - publish-oci | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: repo-update | |
| cancel-in-progress: false | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Cache repo | |
| id: cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: repo | |
| key: repo-${{ github.sha }} | |
| restore-keys: repo- | |
| - uses: actions/checkout@v5 | |
| if: steps.cache.outputs.cache-hit == '' | |
| - name: Download repo | |
| if: steps.cache.outputs.cache-hit == '' | |
| run: | | |
| docker run --rm \ | |
| --cap-drop all \ | |
| --entrypoint="" \ | |
| -v "${GITHUB_WORKSPACE}:/work" \ | |
| -w /work \ | |
| ghcr.io/solopasha/flatpaks/buildroot:latest \ | |
| /bin/bash -c ' | |
| ostree init --repo repo --mode=archive-z2 | |
| ostree remote add ${{ github.repository_owner }} \ | |
| https://${{ github.repository_owner }}.github.io/${{ github.event.repository.name }} \ | |
| --gpg-import=./RPM-GPG-KEY-${{ github.repository_owner }} --repo repo | |
| ostree pull --disable-fsync --mirror ${{ github.repository_owner }} --repo repo | |
| ' | |
| - name: flatpakrepo | |
| if: steps.cache.outputs.cache-hit == '' | |
| run: | | |
| cat << EOF > repo/index.flatpakrepo | |
| [Flatpak Repo] | |
| Title=${{ github.repository }} | |
| Url=https://${{ github.repository_owner }}.github.io/${{ github.event.repository.name }}/ | |
| Homepage=${{ github.repositoryUrl }} | |
| Description=${{ github.repository }} | |
| Icon=https://raw.githubusercontent.com/flatpak/flatpak/main/flatpak.png | |
| GPGKey=$(base64 --wrap=0 < RPM-GPG-KEY-${{ github.repository_owner }}) | |
| EOF | |
| - name: Update static index | |
| run: | | |
| mkdir -p repo/index | |
| JSON='{"Registry":"https://ghcr.io/","Results":[]}' | |
| for manifest in org.kde.sdk org.kde.sdk.locale org.kde.sdk.debug org.kde.platform org.kde.platform.locale; do | |
| DOCKER="$(skopeo inspect docker://ghcr.io/${{ github.repository }}/$manifest:latest | jq -c --arg github_repository "${{ github.repository }}" --arg manifest $manifest '. as $img | { "Name": ($github_repository + "/" + $manifest), "Images": [$img] }')" | |
| JSON=$(jq --argjson docker "$DOCKER" '.Results += [ $docker ]' <<< "$JSON" ) | |
| done | |
| echo "$JSON" > repo/index/static | |
| - name: Upload repo | |
| uses: actions/upload-pages-artifact@v3 | |
| with: | |
| path: repo/ | |
| deploy: | |
| if: ( github.event_name == 'push' || github.event_name == 'workflow_dispatch' ) && github.ref == 'refs/heads/master' | |
| needs: repo | |
| permissions: | |
| pages: write | |
| id-token: write | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deployment.outputs.page_url }} | |
| concurrency: | |
| group: repo-update | |
| cancel-in-progress: false | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Deploy to GitHub Pages | |
| id: deployment | |
| uses: actions/deploy-pages@v4 | |
| merge: | |
| name: Merge PR | |
| if: github.event_name == 'pull_request' && github.actor == 'solopasha' | |
| runs-on: ubuntu-latest | |
| needs: flatpak | |
| permissions: | |
| pull-requests: write | |
| contents: write | |
| steps: | |
| - name: Merge Pull Request | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.WORKFLOW_TOKEN }} | |
| run: | | |
| for i in {1..5}; do | |
| gh pr merge --rebase ${{ github.event.pull_request.html_url }} && break || sleep $((5 * i)) | |
| done |