39 lines
1.4 KiB
YAML
39 lines
1.4 KiB
YAML
kind: pipeline
|
|
type: docker
|
|
name: default
|
|
|
|
steps:
|
|
- name: build
|
|
pull: always
|
|
image: archlinux:base-devel
|
|
volumes:
|
|
- name: repo
|
|
path: /repo
|
|
commands:
|
|
- cp -f conf/{makepkg,pacman}.conf /etc/
|
|
- cat conf/pacman-conf.d-noextract.conf >> /etc/pacman.conf
|
|
- sed -i 's/# REPOSITORIES/[nyyu]\nServer = https:\\/\\/archlinux.nyyu.dev\\/nyyu\nSigLevel = Never/' /etc/pacman.conf
|
|
- sed -i 's/#PACKAGER=".*"/PACKAGER="nyyu <mail@nyyu.dev>"/' /etc/makepkg.conf
|
|
- pacman -Syu git jq pacman-contrib pandoc-bin --noconfirm
|
|
- useradd build -m
|
|
- "echo 'build ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers"
|
|
- chown -R build:build .
|
|
- sudo -u build --preserve-env=PGP_KEY,PGP_PWD,PGP_ID sh -c 'mkdir ~/.gnupg && echo -e "default-cache-ttl 3600\nallow-preset-passphrase" > ~/.gnupg/gpg-agent.conf && echo "$PGP_KEY" | gpg --import --no-tty --batch --yes && echo "$PGP_PWD" | /usr/lib/gnupg/gpg-preset-passphrase --preset $PGP_ID'
|
|
- sudo -u build --preserve-env=DRONE_GIT_HTTP_URL,DRONE_BRANCH,GIT_PASSWORD sh -c './build.sh'
|
|
environment:
|
|
PGP_KEY:
|
|
from_secret: PGP_KEY
|
|
PGP_PWD:
|
|
from_secret: PGP_PWD
|
|
PGP_ID:
|
|
from_secret: PGP_ID
|
|
GIT_PASSWORD:
|
|
from_secret: git_password
|
|
volumes:
|
|
- name: repo
|
|
host:
|
|
path: /mnt/archlinux/nyyu
|
|
|
|
trigger:
|
|
branch:
|
|
- master
|