labels: backend: docker clone: git: image: woodpeckerci/plugin-git:2.6.0 settings: partial: false depth: 10 steps: build: image: archlinux/archlinux:base-devel pull: true volumes: - /mnt/archlinux/nyyu:/repo commands: - cp -f conf/{makepkg,pacman}.conf /etc/ - cat conf/pacman-conf.d-noextract.conf >> /etc/pacman.conf - pacman-key --init - pacman -Syu git jq pacman-contrib pandoc-bin unzip zip --noconfirm - useradd build -m - "echo 'build ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers" - mkdir /build - chown -R build:build . /build - sudo -u build --preserve-env=PGP_KEY,PGP_PWD,PGP_ID sh -c 'mkdir ~/.gnupg && echo -e "default-cache-ttl 3600\nallow-preset-passphrase" > ~/.gnupg/gpg-agent.conf && echo "$PGP_KEY" | gpg --import --no-tty --batch --yes && echo "$PGP_PWD" | /usr/lib/gnupg/gpg-preset-passphrase --preset $PGP_ID' - sudo -u build --preserve-env=CI_REPO_CLONE_URL,CI_COMMIT_BRANCH,CI_PREV_COMMIT_SHA,GIT_USER,GIT_TOKEN sh -c './build.sh' environment: PGP_ID: from_secret: pgp_id PGP_KEY: from_secret: pgp_key PGP_PWD: from_secret: pgp_pwd GIT_USER: from_secret: git_user GIT_TOKEN: from_secret: git_token when: branch: master event: [ push, cron, tag, manual ]