mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-04-28 09:52:37 +02:00
04096380ff
Some checks failed
Build dev environments / Build dev-env (debian-bookworm) (push) Has been cancelled
Build dev environments / Build dev-env (debian-bullseye) (push) Has been cancelled
Build dev environments / Build dev-env (debian-trixie) (push) Has been cancelled
Build dev environments / Build dev-env (fedora-40) (push) Has been cancelled
Build dev environments / Build dev-env (fedora-41) (push) Has been cancelled
Build dev environments / Build dev-env (fedora-42) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-22.04) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-24.04) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-24.10) (push) Has been cancelled
Build dev environments / Build dev-env (ubuntu-25.04) (push) Has been cancelled
Build dev environments / build-container-image (push) Has been cancelled
Tests / run-lint (push) Has been cancelled
Tests / build-container-image (push) Has been cancelled
Tests / Download and cache Tesseract data (push) Has been cancelled
Release multi-arch container image / build-push-image (push) Has been cancelled
Scan latest app and container / security-scan-container (ubuntu-24.04) (push) Has been cancelled
Scan latest app and container / security-scan-container (ubuntu-24.04-arm) (push) Has been cancelled
Scan latest app and container / security-scan-app (ubuntu-24.04) (push) Has been cancelled
Scan latest app and container / security-scan-app (ubuntu-24.04-arm) (push) Has been cancelled
Tests / windows (push) Has been cancelled
Tests / macOS (arch64) (push) Has been cancelled
Tests / macOS (x86_64) (push) Has been cancelled
Tests / build-deb (debian bookworm) (push) Has been cancelled
Tests / build-deb (debian bullseye) (push) Has been cancelled
Tests / build-deb (debian trixie) (push) Has been cancelled
Tests / build-deb (ubuntu 22.04) (push) Has been cancelled
Tests / build-deb (ubuntu 24.04) (push) Has been cancelled
Tests / build-deb (ubuntu 24.10) (push) Has been cancelled
Tests / build-deb (ubuntu 25.04) (push) Has been cancelled
Tests / install-deb (debian bookworm) (push) Has been cancelled
Tests / install-deb (debian bullseye) (push) Has been cancelled
Tests / install-deb (debian trixie) (push) Has been cancelled
Tests / install-deb (ubuntu 22.04) (push) Has been cancelled
Tests / install-deb (ubuntu 24.04) (push) Has been cancelled
Tests / install-deb (ubuntu 24.10) (push) Has been cancelled
Tests / install-deb (ubuntu 25.04) (push) Has been cancelled
Tests / build-install-rpm (fedora 40) (push) Has been cancelled
Tests / build-install-rpm (fedora 41) (push) Has been cancelled
Tests / build-install-rpm (fedora 42) (push) Has been cancelled
Tests / run tests (debian bookworm) (push) Has been cancelled
Tests / run tests (debian bullseye) (push) Has been cancelled
Tests / run tests (debian trixie) (push) Has been cancelled
Tests / run tests (fedora 40) (push) Has been cancelled
Tests / run tests (fedora 41) (push) Has been cancelled
Tests / run tests (fedora 42) (push) Has been cancelled
Tests / run tests (ubuntu 22.04) (push) Has been cancelled
Tests / run tests (ubuntu 24.04) (push) Has been cancelled
Tests / run tests (ubuntu 24.10) (push) Has been cancelled
Tests / run tests (ubuntu 25.04) (push) Has been cancelled
106 lines
4.3 KiB
YAML
106 lines
4.3 KiB
YAML
# Test official instructions for installing Dangerzone
|
|
# ====================================================
|
|
#
|
|
# The installation instructions have been copied from our INSTALL.md file.
|
|
# NOTE: When you change either place, please make sure to keep the two files in
|
|
# sync.
|
|
# NOTE: Because the commands run as root, the use of sudo is not necessary.
|
|
name: Test official instructions for installing Dangerzone
|
|
on:
|
|
schedule:
|
|
- cron: '0 0 * * *' # Run every day at 00:00 UTC.
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
install-from-apt-repo:
|
|
name: "Install Dangerzone on ${{ matrix.distro}} ${{ matrix.version }}"
|
|
runs-on: ubuntu-latest
|
|
container: ${{ matrix.distro }}:${{ matrix.version }}
|
|
strategy:
|
|
matrix:
|
|
include:
|
|
- distro: ubuntu
|
|
version: "25.04" # plucky
|
|
- distro: ubuntu
|
|
version: "24.10" # oracular
|
|
- distro: ubuntu
|
|
version: "24.04" # noble
|
|
- distro: ubuntu
|
|
version: "22.04" # jammy
|
|
- distro: debian
|
|
version: "trixie" # 13
|
|
- distro: debian
|
|
version: "12" # bookworm
|
|
- distro: debian
|
|
version: "11" # bullseye
|
|
steps:
|
|
- name: Add packages.freedom.press PGP key (gpg)
|
|
if: matrix.version != 'trixie'
|
|
run: |
|
|
apt-get update && apt-get install -y gnupg2 ca-certificates
|
|
dirmngr # NOTE: This is a command that's necessary only in containers
|
|
# The key needs to be in the GPG keybox database format so the
|
|
# signing subkey is detected by apt-secure.
|
|
gpg --keyserver hkps://keys.openpgp.org \
|
|
--no-default-keyring --keyring ./fpf-apt-tools-archive-keyring.gpg \
|
|
--recv-keys "DE28 AB24 1FA4 8260 FAC9 B8BA A7C9 B385 2260 4281"
|
|
mkdir -p /etc/apt/keyrings/
|
|
mv ./fpf-apt-tools-archive-keyring.gpg /etc/apt/keyrings/.
|
|
|
|
- name: Add packages.freedom.press PGP key (sq)
|
|
if: matrix.version == 'trixie'
|
|
run: |
|
|
apt-get update && apt-get install -y ca-certificates sq
|
|
mkdir -p /etc/apt/keyrings/
|
|
# On debian trixie, apt-secure uses `sqv` to verify the signatures
|
|
# so we need to retrieve PGP keys and store them using the base64 format.
|
|
sq network keyserver \
|
|
--server hkps://keys.openpgp.org \
|
|
search "DE28 AB24 1FA4 8260 FAC9 B8BA A7C9 B385 2260 4281" \
|
|
--output /etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg
|
|
- name: Add packages.freedom.press to our APT sources
|
|
run: |
|
|
. /etc/os-release
|
|
echo "deb [signed-by=/etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg] \
|
|
https://packages.freedom.press/apt-tools-prod ${VERSION_CODENAME?} main" \
|
|
| tee /etc/apt/sources.list.d/fpf-apt-tools.list
|
|
|
|
- name: Install Dangerzone
|
|
run: |
|
|
apt update
|
|
apt install -y dangerzone
|
|
|
|
install-from-yum-repo:
|
|
name: "Install Dangerzone on ${{ matrix.distro}} ${{ matrix.version }}"
|
|
runs-on: ubuntu-latest
|
|
container: ${{ matrix.distro }}:${{ matrix.version }}
|
|
strategy:
|
|
matrix:
|
|
include:
|
|
- distro: fedora
|
|
version: 40
|
|
- distro: fedora
|
|
version: 41
|
|
- distro: fedora
|
|
version: 42
|
|
steps:
|
|
- name: Add packages.freedom.press to our YUM sources
|
|
run: |
|
|
dnf install -y 'dnf-command(config-manager)'
|
|
dnf-3 config-manager --add-repo=https://packages.freedom.press/yum-tools-prod/dangerzone/dangerzone.repo
|
|
|
|
- name: Replace 'rawhide' string with Fedora version
|
|
# The previous command has created a `dangerzone.repo` file. The
|
|
# config-manager plugin should have substituted the $releasever variable
|
|
# with the Fedora version number. However, for unreleased Fedora
|
|
# versions, this gets translated to "rawhide", even though they do have
|
|
# a number. To fix this, we need to substitute the "rawhide" string
|
|
# witht the proper Fedora version.
|
|
run: |
|
|
source /etc/os-release
|
|
sed -i "s/rawhide/${VERSION_ID}/g" /etc/yum.repos.d/dangerzone.repo
|
|
|
|
- name: Install Dangerzone
|
|
# FIXME: We add the `-y` flag here, in lieu of a better way to check the
|
|
# Dangerzone signature.
|
|
run: dnf install -y dangerzone
|