26 lines
1.2 KiB
YAML
26 lines
1.2 KiB
YAML
pipeline:
|
|
build:
|
|
image: archlinux:base-devel
|
|
pull: true
|
|
volumes:
|
|
- /mnt/archlinux/nyyu:/repo
|
|
commands:
|
|
- cp -f conf/{makepkg,pacman}.conf /etc/
|
|
- cat conf/pacman-conf.d-noextract.conf >> /etc/pacman.conf
|
|
- sed -i 's/# REPOSITORIES/[nyyu]\nServer = https:\\/\\/archlinux.nyyu.dev\\/nyyu\nSigLevel = Never/' /etc/pacman.conf
|
|
- sed -i 's/#PACKAGER=".*"/PACKAGER="nyyu <mail@nyyu.dev>"/' /etc/makepkg.conf
|
|
- pacman-key --init
|
|
- pacman -Syu git jq pacman-contrib pandoc-bin --noconfirm
|
|
- useradd build -m
|
|
- "echo 'build ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers"
|
|
- chown -R build:build .
|
|
- sudo -u build --preserve-env=PGP_KEY,PGP_PWD,PGP_ID sh -c 'mkdir ~/.gnupg && echo -e "default-cache-ttl 3600\nallow-preset-passphrase" > ~/.gnupg/gpg-agent.conf && echo "$PGP_KEY" | gpg --import --no-tty --batch --yes && echo "$PGP_PWD" | /usr/lib/gnupg/gpg-preset-passphrase --preset $PGP_ID'
|
|
- sudo -u build --preserve-env=CI_REPO_REMOTE,CI_COMMIT_BRANCH,CI_PREV_COMMIT_SHA,GIT_PASSWORD sh -c './build.sh'
|
|
secrets: [pgp_id, pgp_key, pgp_pwd, git_password]
|
|
when:
|
|
branch: master
|
|
event:
|
|
- push
|
|
- cron
|
|
- tag
|