Create SECURITY.md #324
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Packaging (deb, rpm, zst) | |
on: | |
pull_request: | |
branches: [ master ] | |
push: | |
branches: [ master ] | |
jobs: | |
Debian: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Install sshpass on Github runner | |
run: sudo apt install sshpass | |
- name: FURTHER STEPS EXECUTED ON CONFIGURED RUNNER | |
run: exit 0 | |
- name: git clone | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "rm -rf ~/pam_usb_deb_$GITHUB_RUN_ID; mkdir ~/pam_usb_deb_$GITHUB_RUN_ID; cd ~/pam_usb_deb_$GITHUB_RUN_ID && git clone https://github.com/mcdope/pam_usb.git ." | |
- name: git fetch --all | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_deb_$GITHUB_RUN_ID && git fetch --all" | |
- name: git reset --hard | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_deb_$GITHUB_RUN_ID && git reset --hard" | |
- name: git switch -f | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
REF_TO_CHECKOUT: ${{ github.head_ref }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_deb_$GITHUB_RUN_ID && git switch -f $REF_TO_CHECKOUT || git switch -f master" | |
- name: git pull | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_deb_$GITHUB_RUN_ID && git pull" | |
- name: Generate build environment | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_deb_$GITHUB_RUN_ID && make buildenv-debian" | |
- name: Build package | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_deb_$GITHUB_RUN_ID && make build-debian" | |
- name: Cleanup | |
if: always() | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "rm -rf ~/pam_usb_deb_$GITHUB_RUN_ID" | |
Fedora: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Install local requirements | |
run: sudo apt install sshpass | |
- name: FURTHER STEPS EXECUTED ON CONFIGURED RUNNER | |
run: echo 0 | |
- name: git clone | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "rm -rf ~/pam_usb_rpm_$GITHUB_RUN_ID; mkdir ~/pam_usb_rpm_$GITHUB_RUN_ID; cd ~/pam_usb_rpm_$GITHUB_RUN_ID && git clone https://github.com/mcdope/pam_usb.git ." | |
- name: git fetch --all | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_rpm_$GITHUB_RUN_ID && git fetch --all" | |
- name: git reset --hard | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_rpm_$GITHUB_RUN_ID && git reset --hard" | |
- name: git switch -f | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
REF_TO_CHECKOUT: ${{ github.head_ref }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_rpm_$GITHUB_RUN_ID && git switch -f $REF_TO_CHECKOUT || git switch -f master" | |
- name: git pull | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_rpm_$GITHUB_RUN_ID && git pull" | |
- name: Generate build environment | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_rpm_$GITHUB_RUN_ID && make buildenv-fedora" | |
- name: Build package | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_rpm_$GITHUB_RUN_ID && make build-fedora" | |
- name: Cleanup | |
if: always() | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "rm -rf ~/pam_usb_rpm_$GITHUB_RUN_ID" | |
Arch: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Install local requirements | |
run: sudo apt install sshpass | |
- name: FURTHER STEPS EXECUTED ON CONFIGURED RUNNER | |
run: echo 0 | |
- name: git clone | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "rm -rf ~/pam_usb_arch_$GITHUB_RUN_ID; mkdir ~/pam_usb_arch_$GITHUB_RUN_ID; cd ~/pam_usb_arch_$GITHUB_RUN_ID && git clone https://github.com/mcdope/pam_usb.git . && chmod -R 0777 ~/pam_usb_arch_$GITHUB_RUN_ID" | |
- name: git fetch --all | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_arch_$GITHUB_RUN_ID && git fetch --all" | |
- name: git reset --hard | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_arch_$GITHUB_RUN_ID && git reset --hard" | |
- name: git switch -f | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
REF_TO_CHECKOUT: ${{ github.head_ref }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_arch_$GITHUB_RUN_ID && git switch -f $REF_TO_CHECKOUT || git switch -f master" | |
- name: git pull | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_arch_$GITHUB_RUN_ID && git pull" | |
- name: Generate build environment | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_arch_$GITHUB_RUN_ID && make buildenv-arch" | |
- name: Build package | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "cd ~/pam_usb_arch_$GITHUB_RUN_ID && make build-arch" | |
- name: Cleanup | |
if: always() | |
env: | |
TEST_RUNNER_HOST_NEW: ${{ secrets.TEST_RUNNER_HOST_NEW }} | |
TEST_RUNNER_USER_NEW: ${{ secrets.TEST_RUNNER_USER_NEW }} | |
TEST_RUNNER_PASS_NEW: ${{ secrets.TEST_RUNNER_PASS_NEW }} | |
TEST_RUNNER_PORT_NEW: ${{ secrets.TEST_RUNNER_PORT_NEW }} | |
run: sshpass -p "$TEST_RUNNER_PASS_NEW" ssh -o StrictHostKeyChecking=no -p $TEST_RUNNER_PORT_NEW $TEST_RUNNER_USER_NEW@$TEST_RUNNER_HOST_NEW "rm -rf ~/pam_usb_arch_$GITHUB_RUN_ID" |