Build SD Image and Deploy OTA Update #25
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build SD Image and Deploy OTA Update | |
| on: | |
| push: | |
| tags: | |
| - "v*" | |
| permissions: | |
| contents: write | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| # Enable QEMU for aarch64 builds on x86 runners | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Install Nix | |
| uses: cachix/install-nix-action@v27 | |
| with: | |
| extra_nix_config: | | |
| experimental-features = nix-command flakes | |
| extra-platforms = aarch64-linux | |
| substituters = https://cache.nixos.org https://nix-community.cachix.org | |
| trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= | |
| builders-use-substitutes = true | |
| - name: Verify nix config | |
| run: | | |
| nix show-config | sed -n '/substituters/,/trusted-public-keys/p' | |
| # Use Cachix binary caches to speed up builds | |
| - name: Use nix-community Cachix | |
| uses: cachix/cachix-action@v15 | |
| with: | |
| name: nix-community | |
| continue-on-error: true | |
| - name: Use raspberry-pi-nix Cachix | |
| uses: cachix/cachix-action@v15 | |
| with: | |
| name: raspberry-pi-nix | |
| continue-on-error: true | |
| # Set up LNbitsBox Cachix for pushing OTA update closures | |
| - name: Set up LNbitsBox Cachix | |
| uses: cachix/cachix-action@v15 | |
| with: | |
| name: lnbitsbox | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| continue-on-error: true | |
| - name: Build SD image | |
| timeout-minutes: 120 | |
| run: | | |
| nix build .#sdImage -L --out-link result-sdimage | |
| ls -lah result-sdimage/sd-image | |
| - name: Build and push system toplevel for OTA updates | |
| timeout-minutes: 30 | |
| run: | | |
| nix build .#toplevel -L --out-link result-toplevel | |
| cachix push lnbitsbox result-toplevel || echo "Warning: Cachix push failed (may not be configured)" | |
| continue-on-error: true | |
| - name: Collect artefacts | |
| run: | | |
| mkdir -p dist | |
| cp -v result-sdimage/sd-image/*.img.zst dist/ | |
| sha256sum dist/*.img.zst | tee dist/SHA256SUMS.txt | |
| - name: Create update manifest | |
| run: | | |
| STORE_PATH=$(readlink -f result-toplevel) | |
| VERSION=$(cat "$STORE_PATH/etc/lnbitsbox-version" 2>/dev/null || echo "unknown") | |
| printf '{\n "version": "%s",\n "store_path": "%s",\n "nixos_version": "24.11"\n}\n' \ | |
| "$VERSION" "$STORE_PATH" > dist/manifest.json | |
| echo "Created manifest.json:" | |
| cat dist/manifest.json | |
| continue-on-error: true | |
| - name: Create GitHub Release and upload | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: | | |
| dist/*.img.zst | |
| dist/SHA256SUMS.txt | |
| dist/manifest.json |