msw/CISS.debian.live.builder
SHA256
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

V8.02.768.2025.06.01

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-06-01 21:37:10 +02:00
parent cd65d2035f
commit be1af2bbfe
1 changed files with 35 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
.gitea/workflows/generate-iso.yaml
View File

@@ -157,16 +157,8 @@ jobs:
--root-password-file opt/config/password.txt \ --root-password-file opt/config/password.txt \
--ssh-port 42842 \ --ssh-port 42842 \
--ssh-pubkey opt/config --ssh-pubkey opt/config
if [[ $(ls /opt/livebuild/*.iso 2>/dev/null | wc -l) -ne 1 ]]; then
echo "❌ There must be exactly one .iso file in the directory!"
exit 1
else
VAR_ISO_FILE_PATH=$(ls /opt/livebuild/*.iso)
VAR_ISO_FILE_NAME=$(basename "${VAR_ISO_FILE_PATH}")
echo "✅ ISO file found: ${VAR_ISO_FILE_NAME}"
fi
- name: Preparing Centurion Cloud for LIVE ISO Upload. - name: Checking Centurion Cloud for existing LIVE ISOs.
shell: bash shell: bash
run: | run: |
set -euo pipefail set -euo pipefail
@@ -207,36 +199,51 @@ jobs:
- name: Upload the ISO file to the Centurion Cloud (cloud.e2ee.li) via WebDAV. - name: Upload the ISO file to the Centurion Cloud (cloud.e2ee.li) via WebDAV.
shell: bash shell: bash
run: | run: |
curl --progress-bar \ SHARE_TOKEN="${{ secrets.CENTURION_CLOUD_UL_USER }}"
--retry 2 \ SHARE_PASS="${{ secrets.CENTURION_CLOUD_UL_PASSWD }}"
https://cloud.e2ee.li/public.php/webdav/"${VAR_ISO_FILE_NAME}" \
--upload-file "${VAR_ISO_FILE_PATH}" \ if [[ $(ls /opt/livebuild/*.iso 2>/dev/null | wc -l) -ne 1 ]]; then
-u '${SHARE_TOKEN}:${SHARE_PASS}' | cat echo "❌ There must be exactly one .iso file in the directory!"
if [[ $? -eq 0 ]]; then exit 1
else
VAR_ISO_FILE_PATH=$(ls /opt/livebuild/*.iso)
VAR_ISO_FILE_NAME=$(basename "${VAR_ISO_FILE_PATH}")
echo "✅ ISO file found: ${VAR_ISO_FILE_NAME}"
fi
if curl --progress-bar --retry 2 https://cloud.e2ee.li/public.php/webdav/"${VAR_ISO_FILE_NAME}" \
--upload-file "${VAR_ISO_FILE_PATH}" -u '${SHARE_TOKEN}:${SHARE_PASS}' | cat; then
echo "✅ New ISO successfully uploaded." echo "✅ New ISO successfully uploaded."
else else
echo "❌ Uploading the new ISO failed." echo "❌ Uploading the new ISO failed."
exit 1 exit 1
fi fi
- name: Generating a hash of ISO and signing with the 'CI PGP DEPLOY ONLY' key. - name: Generating a sha512 Hash of ISO, signing with the 'CI PGP DEPLOY ONLY' key, generate a success message file.
shell: bash shell: bash
run: | run: |
VAR_ISO_FILE_SHA512="${VAR_ISO_FILE_PATH}.sha512" if [[ $(ls /opt/livebuild/*.iso 2>/dev/null | wc -l) -ne 1 ]]; then
sha512sum "${VAR_ISO_FILE}" | awk '{print $1}' >| "${VAR_ISO_FILE_SHA512}" echo "❌ There must be exactly one .iso file in the directory!"
VAR_ISO_FILE_SHA512=$(< "${VAR_ISO_FILE_SHA512}") exit 1
SIGNATURE_FILE="${VAR_ISO_FILE_SHA512}.sign" else
gpg --batch --yes --armor --detach-sign --output "${SIGNATURE_FILE}" "${VAR_ISO_FILE_SHA512}" VAR_ISO_FILE_PATH=$(ls /opt/livebuild/*.iso)
rm -f "${VAR_ISO_FILE_PATH}" VAR_ISO_FILE_NAME=$(basename "${VAR_ISO_FILE_PATH}")
echo "✅ ISO file found: ${VAR_ISO_FILE_NAME}"
fi
- name: Generate a success message file to push back into the repository. VAR_ISO_FILE_SHA512="${VAR_ISO_FILE_NAME}.sha512"
shell: bash touch "${VAR_ISO_FILE_SHA512}"
run: | sha512sum "${VAR_ISO_FILE_PATH}" | awk '{print $1}' >| "${VAR_ISO_FILE_SHA512}"
SIGNATURE_FILE="${VAR_ISO_FILE_SHA512}.sign"
touch "${SIGNATURE_FILE}"
gpg --batch --yes --armor --detach-sign --output "${SIGNATURE_FILE}" "${VAR_ISO_FILE_SHA512}"
timestamp=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
PRIVATE_FILE="LIVE_ISO.private" PRIVATE_FILE="LIVE_ISO.private"
touch "${PRIVATE_FILE}" touch "${PRIVATE_FILE}"
cat << EOF >| "${PRIVATE_FILE}" cat << EOF >| "${PRIVATE_FILE}"
# SPDX-Version: 3.0 # SPDX-Version: 3.0
# SPDX-CreationInfo: 2025-05-31; WEIDNER, Marc S.; <msw@coresecret.dev> # SPDX-CreationInfo: 2025-06-01; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
# SPDX-FileCopyrightText: 20242025; WEIDNER, Marc S.; <msw@coresecret.dev> # SPDX-FileCopyrightText: 20242025; WEIDNER, Marc S.; <msw@coresecret.dev>
@@ -249,7 +256,7 @@ jobs:
This file was automatically generated by the DEPLOY BOT on: "${timestamp}". This file was automatically generated by the DEPLOY BOT on: "${timestamp}".
CISS.debian.live.builder ISO : CISS.debian.live.builder ISO :
"${VAR_ISO_FILE}" "${VAR_ISO_FILE_NAME}"
CISS.debian.live.builder ISO sha512 : CISS.debian.live.builder ISO sha512 :
"${VAR_ISO_FILE_SHA512}" "${VAR_ISO_FILE_SHA512}"
CISS.debian.live.builder ISO sha512 sign : CISS.debian.live.builder ISO sha512 sign :
@@ -259,6 +266,7 @@ jobs:
- name: Stage generated files. - name: Stage generated files.
shell: bash shell: bash
run: | run: |
PRIVATE_FILE="LIVE_ISO.private"
git add "${PRIVATE_FILE}" git add "${PRIVATE_FILE}"
env: env:
GIT_SSH_COMMAND: "ssh -p 42842" GIT_SSH_COMMAND: "ssh -p 42842"