summarylogtreecommitdiffstats
path: root/.drone.yml
blob: 8ef6f47801fa302a62d19d82219de1c7e145b175 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

kind: pipeline
name: arch-bce-packages

steps:
- name: build
  image: archlinux/base
  pull: always
  volumes:
    - name: build-products
      path: /tmp/products
  commands:
    - echo -e "[mbp]\nServer = https://packages.aunali1.com/archlinux/\$repo/\$arch" >> /etc/pacman.conf
    - pacman --noconfirm -Syyu
    - pacman-key --init
    - pacman-key --populate archlinux
    - pacman-key --recv-keys 7F9B8FC29F78B339
    - pacman-key --lsign-key 7F9B8FC29F78B339
    - pacman --noconfirm --needed -S base-devel sudo linux-mbp linux-mbp-headers
    - useradd builduser -m
    - passwd -d builduser
    - printf 'builduser ALL=(ALL) ALL\n' | tee -a /etc/sudoers # passwordless sudo
    - chown -R builduser:builduser ./
    - sudo -u builduser bash -c 'makepkg -s --noconfirm'
    - ls -lah *.pkg.tar.xz
    - mv *.pkg.tar.xz /tmp/products
  when:
    event: tag

- name: sign
  image: plugins/gpgsign
  volumes:
    - name: build-products
      path: /tmp/products
  settings:
    key:
      from_secret: signing_key
    passphrase:
      from_secret: signing_key_password
    files:
      - /tmp/products/*
    armor: false
    detach_sign: true
  when:
    event: tag

- name: publish-server
  image: appleboy/drone-scp
  volumes:
    - name: build-products
      path: /tmp/products
  settings:
    host: tel.aunali1.com
    username:
      from_secret: ingress_user
    key:
      from_secret: ingress_key
    port: 22
    rm: true
    strip_components: 2
    target: /srv/storage/ingress/mbp
    source:
      - /tmp/products/*
  when:
    event: tag

- name: update-repo
  image: appleboy/drone-ssh
  volumes:
    - name: build-products
      path: /tmp/products
  settings:
    host: tel.aunali1.com
    username:
      from_secret: ingress_user
    key:
      from_secret: ingress_key
    port: 22
    script:
      - ./update_mbp_repo_bce.sh
  when:
    event: tag

- name: publish-github
  image: plugins/github-release
  volumes:
    - name: build-products
      path: /tmp/products
  settings:
    api_key:
      from_secret: github_token
    files: /tmp/products/*
    prerelease: yes
  when:
    event: tag

volumes:
- name: build-products
  temp: {}