mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-04-28 18:02:38 +02:00
b6bb9a1216
Unreleased Fedora versions may refer to themselves as "rawhide", instead of their version (e.g., "41"). For this reason, we should try and replace the "rawhide" string with the proper Fedora version.
106 lines
4.3 KiB
YAML
106 lines
4.3 KiB
YAML
# Test official instructions for installing Dangerzone
|
|
# ====================================================
|
|
#
|
|
# The installation instructions have been copied from our INSTALL.md file.
|
|
# NOTE: When you change either place, please make sure to keep the two files in
|
|
# sync.
|
|
# NOTE: Because the commands run as root, the use of sudo is not necessary.
|
|
name: Test official instructions for installing Dangerzone
|
|
on:
|
|
schedule:
|
|
- cron: '0 0 * * *' # Run every day at 00:00 UTC.
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
install-from-apt-repo:
|
|
name: "Install Dangerzone on ${{ matrix.distro}} ${{ matrix.version }}"
|
|
runs-on: ubuntu-latest
|
|
container: ${{ matrix.distro }}:${{ matrix.version }}
|
|
strategy:
|
|
matrix:
|
|
include:
|
|
- distro: ubuntu
|
|
version: "24.10" # oracular
|
|
- distro: ubuntu
|
|
version: "24.04" # noble
|
|
- distro: ubuntu
|
|
version: "23.10" # mantic
|
|
- distro: ubuntu
|
|
version: "22.04" # jammy
|
|
- distro: ubuntu
|
|
version: "20.04" # focal
|
|
- distro: debian
|
|
version: "trixie" # 13
|
|
- distro: debian
|
|
version: "12" # bookworm
|
|
- distro: debian
|
|
version: "11" # bullseye
|
|
steps:
|
|
- name: Add Podman repo for Ubuntu Focal
|
|
if: matrix.distro == 'ubuntu' && matrix.version == 20.04
|
|
run: |
|
|
apt-get update && apt-get -y install curl wget gnupg2
|
|
. /etc/os-release
|
|
sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/ /' \
|
|
> /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list"
|
|
wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_${VERSION_ID}/Release.key -O- \
|
|
| apt-key add -
|
|
apt update
|
|
apt-get install python-all -y
|
|
|
|
- name: Add GPG key for the packages.freedom.press
|
|
run: |
|
|
apt-get update && apt-get install -y gnupg2 ca-certificates
|
|
dirmngr # NOTE: This is a command that's necessary only in containers
|
|
gpg --keyserver hkps://keys.openpgp.org \
|
|
--no-default-keyring --keyring ./fpf-apt-tools-archive-keyring.gpg \
|
|
--recv-keys "DE28 AB24 1FA4 8260 FAC9 B8BA A7C9 B385 2260 4281"
|
|
mkdir -p /etc/apt/keyrings/
|
|
mv fpf-apt-tools-archive-keyring.gpg /etc/apt/keyrings
|
|
|
|
- name: Add packages.freedom.press to our APT sources
|
|
run: |
|
|
. /etc/os-release
|
|
echo "deb [signed-by=/etc/apt/keyrings/fpf-apt-tools-archive-keyring.gpg] \
|
|
https://packages.freedom.press/apt-tools-prod ${VERSION_CODENAME?} main" \
|
|
| tee /etc/apt/sources.list.d/fpf-apt-tools.list
|
|
|
|
- name: Install Dangerzone
|
|
run: |
|
|
apt update
|
|
apt install -y dangerzone
|
|
|
|
install-from-yum-repo:
|
|
name: "Install Dangerzone on ${{ matrix.distro}} ${{ matrix.version }}"
|
|
runs-on: ubuntu-latest
|
|
container: ${{ matrix.distro }}:${{ matrix.version }}
|
|
strategy:
|
|
matrix:
|
|
include:
|
|
- distro: fedora
|
|
version: 39
|
|
- distro: fedora
|
|
version: 40
|
|
- distro: fedora
|
|
version: 41
|
|
steps:
|
|
- name: Add packages.freedom.press to our YUM sources
|
|
run: |
|
|
dnf install -y 'dnf-command(config-manager)'
|
|
dnf-3 config-manager --add-repo=https://packages.freedom.press/yum-tools-prod/dangerzone/dangerzone.repo
|
|
|
|
- name: Replace 'rawhide' string with Fedora version
|
|
# The previous command has created a `dangerzone.repo` file. The
|
|
# config-manager plugin should have substituted the $releasever variable
|
|
# with the Fedora version number. However, for unreleased Fedora
|
|
# versions, this gets translated to "rawhide", even though they do have
|
|
# a number. To fix this, we need to substitute the "rawhide" string
|
|
# witht the proper Fedora version.
|
|
run: |
|
|
source /etc/os-release
|
|
sed -i "s/rawhide/${VERSION_ID}/g" /etc/yum.repos.d/dangerzone.repo
|
|
|
|
- name: Install Dangerzone
|
|
# FIXME: We add the `-y` flag here, in lieu of a better way to check the
|
|
# Dangerzone signature.
|
|
run: dnf install -y dangerzone
|