V8.02.768.2025.06.01

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-06-01 21:37:10 +02:00
parent cd65d2035f
commit be1af2bbfe
1 changed files with 35 additions and 27 deletions
--- a/.gitea/workflows/generate-iso.yaml
+++ b/.gitea/workflows/generate-iso.yaml
@@ -157,16 +157,8 @@ jobs:
            --root-password-file opt/config/password.txt \
            --ssh-port 42842 \
            --ssh-pubkey opt/config
-          if [[ $(ls /opt/livebuild/*.iso 2>/dev/null | wc -l) -ne 1 ]]; then
-            echo "❌ There must be exactly one .iso file in the directory!"
-            exit 1
-          else
-            VAR_ISO_FILE_PATH=$(ls /opt/livebuild/*.iso)
-            VAR_ISO_FILE_NAME=$(basename "${VAR_ISO_FILE_PATH}")
-            echo "✅ ISO file found: ${VAR_ISO_FILE_NAME}"
-          fi

-      - name: Preparing Centurion Cloud for LIVE ISO Upload.
+      - name: Checking Centurion Cloud for existing LIVE ISOs.
        shell: bash
        run: |
          set -euo pipefail
@@ -207,36 +199,51 @@ jobs:
      - name: Upload the ISO file to the Centurion Cloud (cloud.e2ee.li) via WebDAV.
        shell: bash
        run: |
-          curl --progress-bar \
-            --retry 2 \
-            https://cloud.e2ee.li/public.php/webdav/"${VAR_ISO_FILE_NAME}" \
-            --upload-file "${VAR_ISO_FILE_PATH}" \
-            -u '${SHARE_TOKEN}:${SHARE_PASS}' | cat
-          if [[ $? -eq 0 ]]; then
+          SHARE_TOKEN="${{ secrets.CENTURION_CLOUD_UL_USER }}"
+          SHARE_PASS="${{ secrets.CENTURION_CLOUD_UL_PASSWD }}"
+
+          if [[ $(ls /opt/livebuild/*.iso 2>/dev/null | wc -l) -ne 1 ]]; then
+            echo "❌ There must be exactly one .iso file in the directory!"
+            exit 1
+          else
+            VAR_ISO_FILE_PATH=$(ls /opt/livebuild/*.iso)
+            VAR_ISO_FILE_NAME=$(basename "${VAR_ISO_FILE_PATH}")
+            echo "✅ ISO file found: ${VAR_ISO_FILE_NAME}"
+          fi
+
+          if curl --progress-bar --retry 2 https://cloud.e2ee.li/public.php/webdav/"${VAR_ISO_FILE_NAME}" \
+          --upload-file "${VAR_ISO_FILE_PATH}" -u '${SHARE_TOKEN}:${SHARE_PASS}' | cat; then
            echo "✅ New ISO successfully uploaded."
          else
            echo "❌ Uploading the new ISO failed."
            exit 1
          fi

-      - name: Generating a hash of ISO and signing with the 'CI PGP DEPLOY ONLY' key.
+      - name: Generating a sha512 Hash of ISO, signing with the 'CI PGP DEPLOY ONLY' key, generate a success message file.
        shell: bash
        run: |
-          VAR_ISO_FILE_SHA512="${VAR_ISO_FILE_PATH}.sha512"
-          sha512sum "${VAR_ISO_FILE}" | awk '{print $1}' >| "${VAR_ISO_FILE_SHA512}"
-          VAR_ISO_FILE_SHA512=$(< "${VAR_ISO_FILE_SHA512}")
-          SIGNATURE_FILE="${VAR_ISO_FILE_SHA512}.sign"
-          gpg --batch --yes --armor --detach-sign --output "${SIGNATURE_FILE}" "${VAR_ISO_FILE_SHA512}"
-          rm -f "${VAR_ISO_FILE_PATH}"
+          if [[ $(ls /opt/livebuild/*.iso 2>/dev/null | wc -l) -ne 1 ]]; then
+            echo "❌ There must be exactly one .iso file in the directory!"
+            exit 1
+          else
+            VAR_ISO_FILE_PATH=$(ls /opt/livebuild/*.iso)
+            VAR_ISO_FILE_NAME=$(basename "${VAR_ISO_FILE_PATH}")
+            echo "✅ ISO file found: ${VAR_ISO_FILE_NAME}"
+          fi

-      - name: Generate a success message file to push back into the repository.
-        shell: bash
-        run: |
+          VAR_ISO_FILE_SHA512="${VAR_ISO_FILE_NAME}.sha512"
+          touch "${VAR_ISO_FILE_SHA512}"
+          sha512sum "${VAR_ISO_FILE_PATH}" | awk '{print $1}' >| "${VAR_ISO_FILE_SHA512}"
+          SIGNATURE_FILE="${VAR_ISO_FILE_SHA512}.sign"
+          touch "${SIGNATURE_FILE}"
+          gpg --batch --yes --armor --detach-sign --output "${SIGNATURE_FILE}" "${VAR_ISO_FILE_SHA512}"
+
+          timestamp=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
          PRIVATE_FILE="LIVE_ISO.private"
          touch "${PRIVATE_FILE}"
          cat << EOF >| "${PRIVATE_FILE}"
          # SPDX-Version: 3.0
-          # SPDX-CreationInfo: 2025-05-31; WEIDNER, Marc S.; <msw@coresecret.dev>
+          # SPDX-CreationInfo: 2025-06-01; WEIDNER, Marc S.; <msw@coresecret.dev>
          # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
          # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
          # SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; <msw@coresecret.dev>
@@ -249,7 +256,7 @@ jobs:
          This file was automatically generated by the DEPLOY BOT on: "${timestamp}".

          CISS.debian.live.builder ISO :
-            "${VAR_ISO_FILE}"
+            "${VAR_ISO_FILE_NAME}"
          CISS.debian.live.builder ISO sha512 :
            "${VAR_ISO_FILE_SHA512}"
          CISS.debian.live.builder ISO sha512 sign :
@@ -259,6 +266,7 @@ jobs:
      - name: Stage generated files.
        shell: bash
        run: |
+          PRIVATE_FILE="LIVE_ISO.private"
          git add "${PRIVATE_FILE}"
        env:
          GIT_SSH_COMMAND: "ssh -p 42842"