Compare commits
3 Commits
e6edc3c4fb
...
025dc110a0
| Author | SHA256 | Date | |
|---|---|---|---|
025dc110a0
|
|||
|
be1af2bbfe
|
|||
|
cd65d2035f
|
@@ -139,7 +139,26 @@ jobs:
|
||||
echo "${{ secrets.CISS_DLB_ROOT_PWD }}" >| opt/config/password.txt
|
||||
echo "${{ secrets.CISS_DLB_ROOT_SSH_PUBKEY }}" >| opt/config/authorized_keys
|
||||
|
||||
- name: Preparing Centurion Cloud for LIVE ISO Upload.
|
||||
- name: Starting CISS.debian.live.builder. This may take a while ...
|
||||
shell: bash
|
||||
run: |
|
||||
chmod 0755 ciss_live_builder.sh
|
||||
timestamp=$(date -u +"%Y_%m_%dT%H_%M_%SZ")
|
||||
### Change "--autobuild=" to the specific kernel version you need: 6.12.22+bpo-amd64.
|
||||
./ciss_live_builder.sh \
|
||||
--autobuild=6.12.22+bpo-amd64 \
|
||||
--architecture amd64 \
|
||||
--build-directory /opt/livebuild \
|
||||
--control "${timestamp}" \
|
||||
--debug \
|
||||
--dhcp-centurion \
|
||||
--jump-host "${{ secrets.CISS_DLB_JUMP_HOSTS }}" \
|
||||
--provider-netcup-ipv6 "${{ secrets.CISS_DLB_NETCUP_IPV6 }}" \
|
||||
--root-password-file opt/config/password.txt \
|
||||
--ssh-port 42842 \
|
||||
--ssh-pubkey opt/config
|
||||
|
||||
- name: Checking Centurion Cloud for existing LIVE ISOs.
|
||||
shell: bash
|
||||
run: |
|
||||
set -euo pipefail
|
||||
@@ -177,24 +196,12 @@ jobs:
|
||||
fi
|
||||
rm -f propfind_public.xml public_iso_list.txt
|
||||
|
||||
- name: Starting CISS.debian.live.builder. This may take a while ...
|
||||
- name: Upload the ISO file to the Centurion Cloud (cloud.e2ee.li) via WebDAV.
|
||||
shell: bash
|
||||
run: |
|
||||
chmod 0755 ciss_live_builder.sh
|
||||
timestamp=$(date -u +"%Y_%m_%d_%H_%M_Z")
|
||||
### Change "--autobuild=" to the specific kernel version you need: 6.12.22+bpo-amd64.
|
||||
./ciss_live_builder.sh \
|
||||
--autobuild=6.12.22+bpo-amd64 \
|
||||
--architecture amd64 \
|
||||
--build-directory /opt/livebuild \
|
||||
--control "${timestamp}" \
|
||||
--debug \
|
||||
--dhcp-centurion \
|
||||
--jump-host "${{ secrets.CISS_DLB_JUMP_HOSTS }}" \
|
||||
--provider-netcup-ipv6 "${{ secrets.CISS_DLB_NETCUP_IPV6 }}" \
|
||||
--root-password-file opt/config/password.txt \
|
||||
--ssh-port 42842 \
|
||||
--ssh-pubkey opt/config
|
||||
SHARE_TOKEN="${{ secrets.CENTURION_CLOUD_UL_USER }}"
|
||||
SHARE_PASS="${{ secrets.CENTURION_CLOUD_UL_PASSWD }}"
|
||||
|
||||
if [[ $(ls /opt/livebuild/*.iso 2>/dev/null | wc -l) -ne 1 ]]; then
|
||||
echo "❌ There must be exactly one .iso file in the directory!"
|
||||
exit 1
|
||||
@@ -204,39 +211,39 @@ jobs:
|
||||
echo "✅ ISO file found: ${VAR_ISO_FILE_NAME}"
|
||||
fi
|
||||
|
||||
- name: Upload the ISO file to the Centurion Cloud (cloud.e2ee.li) via WebDAV.
|
||||
shell: bash
|
||||
run: |
|
||||
curl --progress-bar \
|
||||
--retry 2 \
|
||||
https://cloud.e2ee.li/public.php/webdav/"${VAR_ISO_FILE_NAME}" \
|
||||
--upload-file "${VAR_ISO_FILE_PATH}" \
|
||||
-u '${SHARE_TOKEN}:${SHARE_PASS}' | cat
|
||||
if [[ $? -eq 0 ]]; then
|
||||
if curl --progress-bar --retry 2 https://cloud.e2ee.li/public.php/webdav/"${VAR_ISO_FILE_NAME}" \
|
||||
--upload-file "${VAR_ISO_FILE_PATH}" -u '${SHARE_TOKEN}:${SHARE_PASS}' | cat; then
|
||||
echo "✅ New ISO successfully uploaded."
|
||||
else
|
||||
echo "❌ Uploading the new ISO failed."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Generating a hash of ISO and signing with the 'CI PGP DEPLOY ONLY' key.
|
||||
- name: Generating a sha512 Hash of ISO, signing with the 'CI PGP DEPLOY ONLY' key, generate a success message file.
|
||||
shell: bash
|
||||
run: |
|
||||
VAR_ISO_FILE_SHA512="${VAR_ISO_FILE_PATH}.sha512"
|
||||
sha512sum "${VAR_ISO_FILE}" | awk '{print $1}' >| "${VAR_ISO_FILE_SHA512}"
|
||||
VAR_ISO_FILE_SHA512=$(< "${VAR_ISO_FILE_SHA512}")
|
||||
SIGNATURE_FILE="${VAR_ISO_FILE_SHA512}.sign"
|
||||
gpg --batch --yes --armor --detach-sign --output "${SIGNATURE_FILE}" "${VAR_ISO_FILE_SHA512}"
|
||||
rm -f "${VAR_ISO_FILE_PATH}"
|
||||
if [[ $(ls /opt/livebuild/*.iso 2>/dev/null | wc -l) -ne 1 ]]; then
|
||||
echo "❌ There must be exactly one .iso file in the directory!"
|
||||
exit 1
|
||||
else
|
||||
VAR_ISO_FILE_PATH=$(ls /opt/livebuild/*.iso)
|
||||
VAR_ISO_FILE_NAME=$(basename "${VAR_ISO_FILE_PATH}")
|
||||
echo "✅ ISO file found: ${VAR_ISO_FILE_NAME}"
|
||||
fi
|
||||
|
||||
- name: Generate a success message file to push back into the repository.
|
||||
shell: bash
|
||||
run: |
|
||||
VAR_ISO_FILE_SHA512="${VAR_ISO_FILE_NAME}.sha512"
|
||||
touch "${VAR_ISO_FILE_SHA512}"
|
||||
sha512sum "${VAR_ISO_FILE_PATH}" | awk '{print $1}' >| "${VAR_ISO_FILE_SHA512}"
|
||||
SIGNATURE_FILE="${VAR_ISO_FILE_SHA512}.sign"
|
||||
touch "${SIGNATURE_FILE}"
|
||||
gpg --batch --yes --armor --detach-sign --output "${SIGNATURE_FILE}" "${VAR_ISO_FILE_SHA512}"
|
||||
|
||||
timestamp=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
|
||||
PRIVATE_FILE="LIVE_ISO.private"
|
||||
touch "${PRIVATE_FILE}"
|
||||
cat << EOF >| "${PRIVATE_FILE}"
|
||||
# SPDX-Version: 3.0
|
||||
# SPDX-CreationInfo: 2025-05-31; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-CreationInfo: 2025-06-01; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
|
||||
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
|
||||
# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
@@ -249,7 +256,7 @@ jobs:
|
||||
This file was automatically generated by the DEPLOY BOT on: "${timestamp}".
|
||||
|
||||
CISS.debian.live.builder ISO :
|
||||
"${VAR_ISO_FILE}"
|
||||
"${VAR_ISO_FILE_NAME}"
|
||||
CISS.debian.live.builder ISO sha512 :
|
||||
"${VAR_ISO_FILE_SHA512}"
|
||||
CISS.debian.live.builder ISO sha512 sign :
|
||||
@@ -259,6 +266,7 @@ jobs:
|
||||
- name: Stage generated files.
|
||||
shell: bash
|
||||
run: |
|
||||
PRIVATE_FILE="LIVE_ISO.private"
|
||||
git add "${PRIVATE_FILE}"
|
||||
env:
|
||||
GIT_SSH_COMMAND: "ssh -p 42842"
|
||||
|
||||
Reference in New Issue
Block a user