token: switch over to GITHUB_TOKEN #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Package Build PR Check Reusable Workflow | ||
|
Check failure on line 1 in .github/workflows/qcom-upstream-pr-pkg-build-reusable-workflow.yml
|
||
| description: | | ||
| This reusable workflow is called by an upstream repo PR to verify that what | ||
| is attempted to be merged won't break the package | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| qcom-build-utils-ref: | ||
| description: The ref name that was used to invoke this reusable workflow | ||
| type: string | ||
| required: true | ||
| upstream-repo: | ||
| description: The upstream github repository name that triggered this workflow | ||
| type: string | ||
| required: true | ||
| upstream-repo-ref: | ||
| description: The upstream github ref that triggered the build | ||
| type: string | ||
| required: true | ||
| pkg-repo: | ||
| description: The upstream package repo against which to try the build | ||
| type: string | ||
| required: true | ||
| pr-number: | ||
| type: number | ||
| required: true | ||
| run-lintian: | ||
| type: boolean | ||
| default: false | ||
| distro-codename: | ||
| description: The distribution codename to build for. Ex noble, jammy, etc | ||
| type: string | ||
| default: noble | ||
| permissions: | ||
| contents: read | ||
| packages: read | ||
| env: | ||
| # For ABI checker | ||
| REPO_URL: https://qualcomm-linux.github.io/pkg-oss-staging-repo/ | ||
| upstream_version: "" | ||
| distro_revision: "" | ||
| jobs: | ||
| pkg-build-pr-check: | ||
| runs-on: ubuntu-24.04-arm | ||
| defaults: | ||
| run: | ||
| shell: bash | ||
| container: | ||
| # This docker image is built and published by the qualcomm-linux/docker_deb_build repo CI workflow | ||
| image: ghcr.io/qualcomm-linux/pkg-builder:${{inputs.distro-codename}} | ||
| options: --privileged | ||
| credentials: | ||
| username: ${{ github.actor }} | ||
| password: ${{ ITHUB_TOKEN }} | ||
| steps: | ||
| - name: Print caller info | ||
| run: | | ||
| echo "upstream-repo : ${{inputs.upstream-repo}}" | ||
| echo "upstream-repo-ref : ${{inputs.upstream-repo-ref}}" | ||
| echo "pkg-repo : ${{inputs.pkg-repo}}" | ||
| if [[ -z "${{inputs.pkg-repo}}" ]]; then | ||
| echo "ERROR: inputs.pkg-repo is empty. Make sure that the caller workflow's repo has the repo variable PKG_REPO_GITHUB_NAME populated with the correct value. This variable should be in the format of owner/repo-name, for example: qualcomm-linux/pkg-repo" | ||
| exit 1 | ||
| fi | ||
| - name: Checkout qcom-build-utils | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| repository: qualcomm-linux/qcom-build-utils | ||
| ref: ${{inputs.qcom-build-utils-ref}} | ||
| path: ./qcom-build-utils | ||
| fetch-depth: 1 | ||
| sparse-checkout: | | ||
| .github | ||
| scripts | ||
| - name: Checkout Packaging Repo | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| repository: ${{inputs.pkg-repo}} | ||
| clean: false | ||
| token: ${{secrets.DEB_PKG_BOT_CI_TOKEN}} | ||
| path: ./package-repo | ||
| fetch-depth: 0 | ||
| fetch-tags: true | ||
| - name: Checkout Upstream PR Branch | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| repository: ${{inputs.upstream-repo}} | ||
| ref: ${{inputs.upstream-repo-ref}} | ||
| clean: false | ||
| token: ${{secrets.DEB_PKG_BOT_CI_TOKEN}} | ||
| path: ./upstream-repo | ||
| fetch-depth: 0 | ||
| - name: Tag Upstream PR And Add It As A Remote | ||
| run: | | ||
| cd ./upstream-repo | ||
| git tag upstream/pr | ||
| cd ../package-repo | ||
| git remote add upstream-source ../upstream-repo | ||
| git fetch upstream-source "+refs/tags/*:refs/tags/*" | ||
| - name: Merge Upstream PR Changes to Packaging Repo on top of debian/qcom-next | ||
| run: | | ||
| cd ./package-repo | ||
| git config user.name "${{vars.DEB_PKG_BOT_CI_NAME}}" | ||
| git config user.email "${{vars.DEB_PKG_BOT_CI_EMAIL}}" | ||
| git checkout upstream/latest | ||
| git checkout debian/qcom-next | ||
| git checkout -b debian/upstream-pr | ||
| version=$(dpkg-parsechangelog --show-field Version) | ||
| # Split into upstream and distro revision | ||
| upstream_version="${version%%-*}" # Everything before the first dash | ||
| distro_revision="${version#*-}" # Everything after the first dash | ||
| echo "Upstream version: $upstream_version" | ||
| echo "Debian revision: $distro_revision" | ||
| echo "upstream_version=$upstream_version" >> $GITHUB_ENV | ||
| echo "distro_revision=$distro_revision" >> $GITHUB_ENV | ||
| # Run gbp with --no-merge, this is because we do not want gbp to perform the final merging of upstream/latest into debian/qcom-next | ||
| # This because in upstream/latest, the top commit is the one of the filtering of git, github and debian folder. gbp will complain | ||
| # the merge is unseccessful because we want to merge with debian/qcom-next, which has a workflow in .github, resulting in a merge conflict | ||
| # where in one branch we deleted .github folder, and the other we add files. We will therefore take the matter in our own hands manually after. | ||
| gbp import-orig \ | ||
| --verbose \ | ||
| --upstream-branch=upstream/latest \ | ||
| --debian-branch=debian/upstream-pr \ | ||
| --no-pristine-tar \ | ||
| --upstream-vcs-tag=upstream/pr \ | ||
| --upstream-version=${upstream_version}~pr${{inputs.pr-number}} \ | ||
| --upstream-tag="upstream/%(version)s" \ | ||
| --import-msg=$'Merge commit after import of upstream %(version)s.\n\nFiltered out upstream .git/, .github/ and debian/ folders\n\nSigned-off-by: Github Service Bot <githubservice@qti.qualcomm.com>' \ | ||
| --filter=.git \ | ||
| --filter=.github \ | ||
| --filter=debian \ | ||
| --no-merge \ | ||
| ../upstream-repo | ||
| git merge \ | ||
| --allow-unrelated-histories \ | ||
| --signoff \ | ||
| -m "Merge upstream/pr into debian/qcom-next" \ | ||
| -m "Filtered out .git, .github and debian from upstram, and preserved .github debian/qcom-next" \ | ||
| upstream/latest | ||
| - name: Promote Changelog | ||
| run: | | ||
| cd ./package-repo | ||
| export DEBFULLNAME="${{vars.DEB_PKG_BOT_CI_NAME}}" | ||
| export DEBEMAIL="${{vars.DEB_PKG_BOT_CI_EMAIL}}" | ||
| # use ignore branch because we are not on default debian branch | ||
| # use -b to ignore new version is less than current version. This happens because of the ~pr# | ||
| gbp dch \ | ||
| --ignore-branch \ | ||
| --distribution=${{inputs.distro-codename}} \ | ||
| --new-version=${{env.upstream_version}}~pr${{inputs.pr-number}}-${{env.distro_revision}} \ | ||
| --dch-opt="-b" | ||
| git commit -a -s -m "Update changelog for ${{env.upstream_version}}~pr${{inputs.pr-number}}-${{env.distro_revision}} Pull Request dry run" | ||
| - name: Build Debian Packages | ||
| uses: ./qcom-build-utils/.github/actions/build_package | ||
| with: | ||
| distro-codename: ${{inputs.distro-codename}} | ||
| pkg-dir: package-repo | ||
| build-dir: build-area | ||
| run-lintian: ${{inputs.run-lintian}} | ||
| - name: Run ABI Check | ||
| if: true | ||
| uses: ./qcom-build-utils/.github/actions/abi_checker | ||
| with: | ||
| distro-codename: ${{inputs.distro-codename}} | ||
