Skip to content

Snapshot Build

Snapshot Build #1031

Workflow file for this run

# RaspberryMatic Snapshot build
# yamllint disable rule:truthy
---
name: Snapshot Build
on:
schedule:
- cron: '0 0 * * *' # run at 0 AM UTC
workflow_dispatch:
inputs:
skip_build:
description: 'Skip build (for testing workflow)?'
required: true
default: "false"
# default read-only permission
permissions:
contents: read
jobs:
repo-check:
name: Check for Changes
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- id: commit-check
run: echo "has-commits=$(git --no-pager log --pretty='format:%an' --since='24 hours ago' | grep -v github-actions | wc -l)" >> $GITHUB_OUTPUT
outputs:
has-commits: ${{ steps.commit-check.outputs.has-commits }}
build:
permissions:
contents: write # actions/upload-artifact
name: Snapshot build [${{ matrix.platform }}]
if: ${{ github.repository == 'jens-maus/RaspberryMatic' && (github.event_name != 'schedule' || needs.repo-check.outputs.has-commits > 0) }}
runs-on: self-hosted
needs: repo-check
timeout-minutes: 480
outputs:
build_datetime: ${{ steps.env.outputs.build_datetime }}
build_version: ${{ steps.env.outputs.build_version }}
strategy:
fail-fast: false
matrix:
platform: [rpi0, rpi2, rpi3, rpi4, tinkerboard, odroid-c2, odroid-c4, odroid-n2, intelnuc, ova, oci_amd64, oci_arm64, oci_arm]
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Install Dependencies
run: |
if ! dpkg-query -l wget bc cpio rsync zip python3 file >/dev/null 2>&1; then
apt update
apt install -y --no-install-recommends wget bc cpio rsync zip python3 file
fi
if ! getent group | grep -q ^builder:; then groupadd -g 48 builder; fi
if ! getent passwd | grep -q ^builder:; then useradd -m -u 1003 -g 48 -G sudo builder; fi
if ! grep -q ^builder; then echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/etc/sudoers; fi
chown -R builder:builder /home/builder
- name: Setup Environment
id: env
run: |
echo "DATE=$(date +%Y%m%d)" >> $GITHUB_ENV
echo "OCCU_VERSION=$(grep 'OCCU_VERSION =' buildroot-external/package/occu/occu.mk | cut -d' ' -f3 | cut -d'-' -f1)" >> $GITHUB_ENV
echo "VERSION=$(grep 'OCCU_VERSION =' buildroot-external/package/occu/occu.mk | cut -d' ' -f3 | cut -d'-' -f1).$(date +%Y%m%d)" >> $GITHUB_ENV
echo "GITHUB_SHA7=$(echo ${GITHUB_SHA::7})" >> $GITHUB_ENV
echo "FAKE_BUILD=${{ github.event.inputs.skip_build }}" >> $GITHUB_ENV
JLEVEL=0
if [[ -f /sys/fs/cgroup/cpu.max ]]; then # cgroups v2
CPU_QUOTA=$(cut -d ' ' -f1 /sys/fs/cgroup/cpu.max)
if [[ "${CPU_QUOTA}" != "max" ]]; then
CPU_PERIOD=$(cut -d ' ' -f2 /sys/fs/cgroup/cpu.max)
JLEVEL=$((CPU_QUOTA / CPU_PERIOD + 1))
fi
elif [[ -f /sys/fs/cgroup/cpu/cpu.cfs_quota_us ]]; then # cgroups v1
CPU_QUOTA=$(cat /sys/fs/cgroup/cpu/cpu.cfs_quota_us)
if [[ "${CPU_QUOTA}" != "-1" ]]; then
CPU_PERIOD=$(cat /sys/fs/cgroup/cpu/cpu.cfs_period_us)
JLEVEL=$((CPU_QUOTA / CPU_PERIOD + 1))
fi
fi
echo "JLEVEL=${JLEVEL}" >> $GITHUB_ENV
echo "build_datetime=$(date +'%Y-%m-%d %H:%M:%S')" >> $GITHUB_OUTPUT
echo "build_version=$(grep 'OCCU_VERSION =' buildroot-external/package/occu/occu.mk | cut -d' ' -f3 | cut -d'-' -f1).$(date +%Y%m%d)" >> $GITHUB_OUTPUT
- name: Switch to experimental EULA files
run: |
mv -f release/updatepkg/raspmatic_${{ matrix.platform }}/EULA.de_nightly release/updatepkg/raspmatic_${{ matrix.platform }}/EULA.de
mv -f release/updatepkg/raspmatic_${{ matrix.platform }}/EULA.en_nightly release/updatepkg/raspmatic_${{ matrix.platform }}/EULA.en
# - name: remote debug tmate session
# uses: mxschmitt/action-tmate@v1
# if: matrix.platform == 'ova'
# major build step
- name: Build
timeout-minutes: 480
shell: bash
run: |
sudo -H -E -u builder nice -n 19 make DATE=${{ env.DATE }} BR2_DL_DIR=/mnt/download BR2_CCACHE_DIR=/mnt/ccache/${{ matrix.platform }} BR2_JLEVEL=${{ env.JLEVEL }} clean raspmatic_${{ matrix.platform }}-release
mv release/RaspberryMatic-${{ env.VERSION }}-${{ matrix.platform }}.mf release/RaspberryMatic-${{ env.VERSION }}-${{ env.GITHUB_SHA7 }}-${{ matrix.platform }}.mf
# cleanup
- name: Cleanup
run: |
rm -f release/*.img*
make clean
#######################
# nightly snapshot uploads
- name: Upload build snapshot [rpi*, tinkerboard, odroid-c2, odroid-c4, odroid-n2, intelnuc, ova]
if: |
github.repository_owner == 'jens-maus' &&
!startsWith(matrix.platform, 'oci_')
uses: WebFreak001/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
with:
upload_url: https://uploads.github.com/repos/jens-maus/RaspberryMatic/releases/22744592/assets{?name,label}
release_id: 22744592
asset_path: release/RaspberryMatic-${{ env.VERSION }}-${{ matrix.platform }}.zip
asset_name: RaspberryMatic-${{ env.OCCU_VERSION }}.$$-${{ matrix.platform }}.zip
asset_content_type: application/zip
max_releases: 1
- name: Upload build snapshot checksum [rpi*, tinkerboard, odroid-c2, odroid-c4, odroid-n2, intelnuc, ova]
if: |
github.repository_owner == 'jens-maus' &&
!startsWith(matrix.platform, 'oci_')
uses: WebFreak001/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
with:
upload_url: https://uploads.github.com/repos/jens-maus/RaspberryMatic/releases/22744592/assets{?name,label}
release_id: 22744592
asset_path: release/RaspberryMatic-${{ env.VERSION }}-${{ matrix.platform }}.zip.sha256
asset_name: RaspberryMatic-${{ env.OCCU_VERSION }}.$$-${{ matrix.platform }}.zip.sha256
asset_content_type: text/plain
max_releases: 1
- name: Upload build snapshot [ccu3]
if: |
github.repository_owner == 'jens-maus' &&
matrix.platform == 'rpi3'
uses: WebFreak001/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
with:
upload_url: https://uploads.github.com/repos/jens-maus/RaspberryMatic/releases/22744592/assets{?name,label}
release_id: 22744592
asset_path: release/RaspberryMatic-${{ env.VERSION }}-ccu3.tgz
asset_name: RaspberryMatic-${{ env.OCCU_VERSION }}.$$-ccu3.tgz
asset_content_type: application/gzip
max_releases: 1
- name: Upload build snapshot checksum [ccu3]
if: |
github.repository_owner == 'jens-maus' &&
matrix.platform == 'rpi3'
uses: WebFreak001/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
with:
upload_url: https://uploads.github.com/repos/jens-maus/RaspberryMatic/releases/22744592/assets{?name,label}
release_id: 22744592
asset_path: release/RaspberryMatic-${{ env.VERSION }}-ccu3.tgz.sha256
asset_name: RaspberryMatic-${{ env.OCCU_VERSION }}.$$-ccu3.tgz.sha256
asset_content_type: text/plain
max_releases: 1
- name: Upload build snapshot [ova]
if: |
github.repository_owner == 'jens-maus' &&
matrix.platform == 'ova'
uses: WebFreak001/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
with:
upload_url: https://uploads.github.com/repos/jens-maus/RaspberryMatic/releases/22744592/assets{?name,label}
release_id: 22744592
asset_path: release/RaspberryMatic-${{ env.VERSION }}.ova
asset_name: RaspberryMatic-${{ env.OCCU_VERSION }}.$$.ova
asset_content_type: application/gzip
max_releases: 1
- name: Upload build snapshot checksum [ova]
if: |
github.repository_owner == 'jens-maus' &&
matrix.platform == 'ova'
uses: WebFreak001/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
with:
upload_url: https://uploads.github.com/repos/jens-maus/RaspberryMatic/releases/22744592/assets{?name,label}
release_id: 22744592
asset_path: release/RaspberryMatic-${{ env.VERSION }}.ova.sha256
asset_name: RaspberryMatic-${{ env.OCCU_VERSION }}.$$.ova.sha256
asset_content_type: text/plain
max_releases: 1
- name: Upload build snapshot [oci]
if: |
github.repository_owner == 'jens-maus' &&
startsWith(matrix.platform, 'oci_')
uses: WebFreak001/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
with:
upload_url: https://uploads.github.com/repos/jens-maus/RaspberryMatic/releases/22744592/assets{?name,label}
release_id: 22744592
asset_path: release/RaspberryMatic-${{ env.VERSION }}-${{ matrix.platform }}.tgz
asset_name: RaspberryMatic-${{ env.OCCU_VERSION }}.$$-${{ matrix.platform }}.tgz
asset_content_type: application/gzip
max_releases: 1
- name: Upload build snapshot checksum [oci]
if: |
github.repository_owner == 'jens-maus' &&
startsWith(matrix.platform, 'oci_')
uses: WebFreak001/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
with:
upload_url: https://uploads.github.com/repos/jens-maus/RaspberryMatic/releases/22744592/assets{?name,label}
release_id: 22744592
asset_path: release/RaspberryMatic-${{ env.VERSION }}-${{ matrix.platform }}.tgz.sha256
asset_name: RaspberryMatic-${{ env.OCCU_VERSION }}.$$-${{ matrix.platform }}.tgz.sha256
asset_content_type: text/plain
max_releases: 1
########################
# upload build artifacts (oci only)
- name: Upload build artifact [oci]
if: |
startsWith(matrix.platform, 'oci_')
uses: actions/upload-artifact@v3
with:
path: release/RaspberryMatic-${{ env.VERSION }}-${{ matrix.platform }}.tgz*
name: RaspberryMatic-${{ env.VERSION }}-${{ env.GITHUB_SHA7 }}-${{ matrix.platform }}.tgz
continue-on-error: true
#######################
# manifest file artifact upload
- name: Upload manifest artifact
uses: actions/upload-artifact@v3
with:
path: release/RaspberryMatic-${{ env.VERSION }}-${{ env.GITHUB_SHA7 }}-${{ matrix.platform }}.mf
name: RaspberryMatic-${{ env.VERSION }}-${{ env.GITHUB_SHA7 }}-${{ matrix.platform }}.mf
##########################################
# OCI/Docker build and registry push step
oci-multiarch-build-push:
permissions:
packages: write # docker/build-push-action
name: OCI/Docker Build+Push
runs-on: ubuntu-22.04
needs: build
if: github.event_name != 'pull_request'
steps:
- uses: actions/checkout@v4
- name: Setup Environment
run: |
echo "BUILD_DATETIME=${{ needs.build.outputs.build_datetime }}" >> $GITHUB_ENV
echo "BUILD_VERSION=${{ needs.build.outputs.build_version }}" >> $GITHUB_ENV
echo "GIT_REF=$(git symbolic-ref -q --short HEAD || git describe --tags --exact-match)" >> $GITHUB_ENV
echo "GITHUB_SHA7=$(echo ${GITHUB_SHA::7})" >> $GITHUB_ENV
# download OCI platform artifacts
- name: Download oci_amd64 artifact
uses: actions/download-artifact@v3
with:
name: RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-oci_amd64.tgz
- name: Download oci_arm64 artifact
uses: actions/download-artifact@v3
with:
name: RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-oci_arm64.tgz
- name: Download oci_arm artifact
uses: actions/download-artifact@v3
with:
name: RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-oci_arm.tgz
- name: Extract OCI artifacts
run: |
mkdir -p oci_build
cd oci_build
for f in ../*-oci_*.tgz; do
tar --wildcards --strip-components 1 -xf $f "*/layer.tar"
mv -f layer.tar $(basename $f .tgz).tar
rm -f $f
done
- name: Build OCI tags
shell: bash
run: |
BASE_TAG="ghcr.io/${{ github.repository_owner }}/raspberrymatic"
UNIQUE_TAG="${BASE_TAG}:${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}"
if [[ ${GITHUB_EVENT_NAME} == 'schedule' || ${GITHUB_EVENT_NAME} == 'workflow_dispatch' ]]; then
BRANCH="${GITHUB_REF##*/}"
if [[ ${BRANCH} == 'master' ]]; then
BRANCH_TAG="${BASE_TAG}:snapshot"
else
BRANCH_TAG="${BASE_TAG}:snapshot-${BRANCH}"
fi
fi
echo "unique_tag=${UNIQUE_TAG}" >> $GITHUB_OUTPUT
echo "branch_tag=${BRANCH_TAG}" >> $GITHUB_OUTPUT
id: extract_branch
- name: Set up Docker Buildx
id: buildx
uses: docker/[email protected]
with:
install: true
- name: Login to GitHub Container Registry
uses: docker/[email protected]
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }}
- name: Build and push container image
uses: docker/[email protected]
id: docker_build
with:
context: oci_build
file: buildroot-external/board/oci/Dockerfile
platforms: linux/amd64,linux/arm64,linux/arm/v7
push: true
build-args: |
tar_prefix=RaspberryMatic-${{ env.BUILD_VERSION }}-oci_
labels: |
org.opencontainers.image.title=RaspberryMatic
org.opencontainers.image.description=Alternative OS for your HomeMatic CCU
org.opencontainers.image.vendor=RasperryMatic OpenSource Project
org.opencontainers.image.authors=RaspberryMatic OpenSource Team
org.opencontainers.image.licenses=Apache-2.0
org.opencontainers.image.url=https://raspberrymatic.de
org.opencontainers.image.source=https://github.com/${{ github.repository }}
org.opencontainers.image.documentation=https://github.com/${{ github.repository }}/wiki
org.opencontainers.image.created=${{ env.BUILD_DATETIME }}
org.opencontainers.image.ref.name=${{ env.GIT_REF }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.version=${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}
io.hass.name=RaspberryMatic CCU
io.hass.description=HomeMatic/homematicIP CCU central based on RaspberryMatic
io.hass.url=https://github.com/${{ github.repository }}/tree/master/home-assistant-addon
io.hass.version=${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}
io.hass.type=addon
io.hass.arch=armv7|aarch64|amd64
tags: |
${{ steps.extract_branch.outputs.unique_tag }}
${{ steps.extract_branch.outputs.branch_tag }}
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
helm:
permissions:
contents: write # stefanprodan/helm-gh-pages
name: Build K8s Helm chart
runs-on: ubuntu-22.04
needs: [build, oci-multiarch-build-push]
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Environment
id: env
run: |
echo "GITHUB_SHA7=$(echo ${GITHUB_SHA::7})" >> $GITHUB_ENV
- name: Publish Helm chart
uses: stefanprodan/helm-gh-pages@master
with:
token: ${{ secrets.GITHUB_TOKEN }}
charts_dir: helm
chart_version: 0.1 # Latest snapshot
app_version: ${{ needs.build.outputs.build_version }}-${{ env.GITHUB_SHA7 }}
##########################################
# Publish new version to public
publish-build:
permissions:
contents: write # github-actions[bot] repo write access
name: Publish build
runs-on: ubuntu-22.04
needs: [build, oci-multiarch-build-push]
if: github.event_name != 'pull_request'
steps:
- uses: actions/checkout@v4
- name: Setup Environment
run: |
echo "BUILD_VERSION=${{ needs.build.outputs.build_version }}" >> $GITHUB_ENV
echo "GITHUB_SHA7=$(echo ${GITHUB_SHA::7})" >> $GITHUB_ENV
- name: Bump HomeAssistant add-on version
run: |
VERSION=${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}
sed -i "s/^\(version:\)\(.*\)/\1 ${VERSION}/" home-assistant-addon-dev/config.yaml
# download rpi manifest files
- name: Download rpi0 manifest
uses: actions/download-artifact@v3
with:
name: RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-rpi0.mf
- name: Download rpi2 manifest
uses: actions/download-artifact@v3
with:
name: RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-rpi2.mf
- name: Download rpi3 manifest
uses: actions/download-artifact@v3
with:
name: RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-rpi3.mf
- name: Download rpi4 manifest
uses: actions/download-artifact@v3
with:
name: RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-rpi4.mf
- name: Bump rpi-imager version
run: |
release/rpi-imager-update.sh release/rpi-imager-dev.json \
RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-rpi0.mf \
RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-rpi2.mf \
RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-rpi3.mf \
RaspberryMatic-${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}-rpi4.mf
- name: Commit changes
run: |
git config user.name "github-actions"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git pull --rebase --autostash
git commit -a -m "snapshot bump [${{ env.BUILD_VERSION }}-${{ env.GITHUB_SHA7 }}]"
git push
cleanup:
permissions:
contents: write # c-hive/gha-remove-artifacts
actions: write # c-hive/gha-remove-artifacts
name: Cleanup artifacts/packages
runs-on: ubuntu-22.04
steps:
- name: Remove old artifacts
uses: c-hive/[email protected]
with:
age: '2 months'
skip-tags: true
skip-recent: 15
continue-on-error: true
- name: Remove old unused container images
uses: snok/[email protected]
with:
image-names: raspberrymatic
cut-off: One month ago UTC
timestamp-to-use: created_at
keep-at-least: 5
account-type: personal
skip-tags: latest, snapshot
filter-tags: "*-???????"
token: ${{ secrets.CR_PAT }}
continue-on-error: true