.github/workflows/builder.yml

name: builder

on: 
  push: 
  release:
    types: [created]

jobs:
  build-image:
    strategy:
      fail-fast: false
      matrix:
        arch: [armhf, arm64]
        # arch: [armhf]
        # arch: [arm64]
    runs-on: ubuntu-latest
    steps:
      - name: checkout
        uses: actions/checkout@v2
      - name: build
        run: |
          sudo apt-get update  
          sudo apt install qemu-user-static g++-arm-linux-gnueabihf g++-aarch64-linux-gnu kpartx aria2 tree s3fs
          sudo pip install requests
          mkdir images && sudo APIKEY=${{ secrets.GITHUBAPITOKEN }} USERNAME=${{ secrets.GITHUBUSERNAME }} PATH=./node_modules/.bin:$PATH ./builder --noninteractive ${{ matrix.arch }}
      - name: release
        run: |
          image=$(find images/*.img | head -1) 
          [[ -n "$image" ]] || exit 1
          release=$(git tag --points-at HEAD | tail -n2 2>/dev/null | sed -e 's/^release-//')
          [[ -z "$release" ]] && echo "Build Successful; no release" >&2 && exit 0
          echo "RELEASE=$release" >> $GITHUB_ENV
          echo "IMAGE=$image" >> $GITHUB_ENV
      - name: sshagent
        uses: webfactory/ssh-agent@v0.5.2
        with:
          ssh-private-key: ${{ secrets.SSHKEY }}
      - name: deploy
        if: ${{ env.RELEASE }}
        run: |
          sudo npm install -g @treehouses/cli
          export gitter_channel="${{ secrets.CHANNEL }}"
          image=${{ env.IMAGE }}
          release=${{ env.RELEASE }}
          release_is_number() { echo "$release" | grep -Eqx "[0-9]+" ; }
          architecture=${{ matrix.arch }}
          name="treehouse-$release-$architecture"
          if [ "$architecture" == armhf ]; then 
            name="treehouse-$release"
          fi
          image_gz="$name.img.gz"
          image_sha1=$image_gz.sha1
          image_dir="experiment/"
          if release_is_number; then 
            image_dir="" 
          fi
          echo "compressing ..."
          gzip -c -9 < "$image" > "$image_gz"
          sync
          echo "hashing ..."
          sha1sum "$image_gz" > "$image_sha1"
          sync
          echo "${{ secrets.AWSACCESSKEYID }}:${{ secrets.AWSACCESSKEYSECRET }}" > .passwd-s3fs
          chmod 600 .passwd-s3fs
          sudo rm -rf /var/www/html
          sudo mkdir -p /var/www/html
          sudo chmod 666 /var/www/html
          echo "uploading ..."
          sudo s3fs treehouses /var/www/html -o passwd_file=./.passwd-s3fs -o allow_other
          sudo cp "$image_gz" "$image_sha1" "/var/www/html/$image_dir"
          echo "treehouses image http://download.treehouses.io/$image_dir$image_gz"
          treehouses feedback "treehouses image http://download.treehouses.io/$image_dir$image_gz"
          mkdir -p ~/.ssh
          chmod 700 ~/.ssh
          echo "download.ole.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK6diybdi0R/Iptq9qGSP/ZU5zaJ8XrfGSuGvmsVFGKdQAPJsS4GhRm4cq8ucAYoatz9gx/mgJBWgPV6JPbkxiU=" > ~/.ssh/known_hosts
          echo "backuping ..."
          rsync -Pav "$image_gz" "$image_sha1" deploy@download.ole.org:/data/images/
          if release_is_number; then
            echo "Marking release as latest image"
            ssh deploy@download.ole.org sh -c ":; cd /data/images; ln -sf $name.img.gz latest.img.gz; ln -sf $name.img.gz.sha1 latest.img.gz.sha1"
          fi
          echo "Download url: http://download.treehouses.io/$image_dir$image_gz"
      - name: apache index
        if: ${{ env.RELEASE }}
        run: |
          sudo mv /var/www/html/index.html index.html.old
          sudo sync
          sudo systemctl start apache2
          sudo curl http://localhost -o index.html
          sudo mv index.html.old /var/www/html/.
          sudo sync
          sudo mv ./index.html /var/www/html
          sudo rm /var/www/html/index.html.old
      - name: new index.html
        if: ${{ env.RELEASE }}
        uses: chetan/invalidate-cloudfront-action@master
        env:
          DISTRIBUTION: ${{ secrets.AWSDISTRIBUTIONID }}
          PATHS: '/index.html'
          AWS_REGION: 'us-east-1'
          AWS_ACCESS_KEY_ID: ${{ secrets.AWSACCESSKEYID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWSACCESSKEYSECRET }}