name: Zabbix APK Builder on: # Trigger on pushes to main/test branch into the zabbix-apk-builder directory push: branches: [ main, test ] paths: [ 'zabbix-apk-builder/**' ] # Scheduled runs at 06:00 UTC daily schedule: - cron: '0 6 * * *' jobs: check-version: runs-on: ubuntu-latest # Skip the execution if the commit author is the bot itself to prevent loops if: ${{ gitea.event.head_commit.author.name != 'Gitea Action' }} outputs: should_build: ${{ steps.version-check.outputs.should_build }} latest_version: ${{ steps.version-check.outputs.latest_version }} current_version: ${{ steps.version-check.outputs.current_version }} is_push_trigger: ${{ steps.version-check.outputs.is_push_trigger }} steps: - name: Checkout repository uses: actions/checkout@v4 - name: Check for new Zabbix version id: version-check run: | set -euo pipefail # Remove jq installation # apt-get update && apt-get install -y jq # Detect trigger type IS_PUSH="${{ gitea.event_name == 'push' }}" echo "is_push_trigger=${IS_PUSH}" >> "${GITHUB_OUTPUT}" # Get versions CURRENT_VERSION=$(grep '^pkgver=' zabbix-apk-builder/APKBUILD | cut -d'=' -f2) LATEST_VERSION=$(curl -s "https://git.zabbix.com/rest/api/1.0/projects/ZBX/repos/zabbix/tags?limit=100" | \ grep -o '"displayId":"[^"]*"' | cut -d'"' -f4 | \ grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | grep -v 'rc\|beta\|alpha' | \ sort -V | tail -1) echo "current_version=${CURRENT_VERSION}" >> "${GITHUB_OUTPUT}" echo "latest_version=${LATEST_VERSION}" >> "${GITHUB_OUTPUT}" # Always build on push, build on schedule if versions differ if [[ "${IS_PUSH}" == "true" || "${CURRENT_VERSION}" != "${LATEST_VERSION}" ]]; then echo "should_build=true" >> "${GITHUB_OUTPUT}" else echo "should_build=false" >> "${GITHUB_OUTPUT}" fi update-version: needs: check-version # Only update version during scheduled runs when new version is available if: ${{ needs.check-version.outputs.should_build == 'true' && needs.check-version.outputs.is_push_trigger == 'false' && needs.check-version.outputs.current_version != needs.check-version.outputs.latest_version }} runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 with: token: ${{ secrets.ACCESS_TOKEN }} - name: Update APKBUILD version run: | set -euo pipefail LATEST_VERSION="${{ needs.check-version.outputs.latest_version }}" CURRENT_VERSION="${{ needs.check-version.outputs.current_version }}" echo "Updating APKBUILD from ${CURRENT_VERSION} to ${LATEST_VERSION}" # Update pkgver sed -i "s/^pkgver=.*/pkgver=${LATEST_VERSION}/" zabbix-apk-builder/APKBUILD # Reset pkgrel to 0 for new version sed -i "s/^pkgrel=.*/pkgrel=0/" zabbix-apk-builder/APKBUILD # Clear checksums (will be regenerated during build) sed -i 's/^sha512sums=.*/sha512sums="SKIP"/' zabbix-apk-builder/APKBUILD # Commit changes with [ci skip] to prevent recursive triggers git config --local user.email "action@gitea.com" git config --local user.name "Gitea Action" git add zabbix-apk-builder/APKBUILD git commit -m "AUTO: Update Zabbix to version ${LATEST_VERSION} [ci skip]" || exit 0 git push build-packages: # Build packages after version update (for scheduled runs) or immediately (for push runs) needs: [check-version, update-version] # Run if should_build=true AND either update-version ran successfully OR it was skipped due to push trigger if: ${{ needs.check-version.outputs.should_build == 'true' && (success() || needs.check-version.outputs.is_push_trigger == 'true') }} runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 with: # Use token to ensure we get the latest version if it was updated token: ${{ secrets.ACCESS_TOKEN }} ref: ${{ gitea.ref }} - name: Verify build environment run: | set -euo pipefail echo "=== Build Environment ===" echo "Trigger type: ${{ gitea.event_name }}" echo "Current branch: $(git branch --show-current)" echo "APKBUILD version: $(grep '^pkgver=' zabbix-apk-builder/APKBUILD | cut -d'=' -f2)" echo "Target version: ${{ needs.check-version.outputs.latest_version }}" - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Build Zabbix packages env: CI_RUN_ID: ${{ gitea.run_id }} run: | set -euo pipefail cd zabbix-apk-builder chmod +x build.sh ./build.sh - name: Verify and list built packages run: | set -euo pipefail cd zabbix-apk-builder # Verify packages exist somewhere PACKAGE_COUNT=$(find packages -name "*.apk" | wc -l) if [[ $PACKAGE_COUNT -eq 0 ]]; then echo "ERROR: No packages found" find packages -type f 2>/dev/null || echo "packages directory is empty" exit 1 fi echo "Found $PACKAGE_COUNT packages:" find packages -name "*.apk" -exec ls -lh {} \; - name: Upload packages as artifacts uses: actions/upload-artifact@v3 with: name: zabbix-apk-packages-${{ gitea.run_number }} path: zabbix-apk-builder/packages/**/*.apk retention-days: 30 if-no-files-found: error deploy-test: needs: [check-version, build-packages] if: ${{ needs.check-version.outputs.should_build == 'true' && contains(gitea.ref, 'test') }} runs-on: ubuntu-latest steps: - name: Download packages uses: actions/download-artifact@v3 with: name: zabbix-apk-packages-${{ gitea.run_number }} path: packages/ - name: Test deployment in Alpine container run: | set -euo pipefail # Find packages AGENT_PKG=$(find packages -name "zabbix-agent-*.apk" | head -1) PROXY_PKG=$(find packages -name "zabbix-proxy-*.apk" | head -1) # Test function test_package() { local pkg="$1" local binary="$2" if [[ -f "$pkg" ]]; then echo "Testing $(basename "$pkg")..." CONTAINER_ID=$(docker run -d alpine:latest sleep 30) docker cp "$pkg" "$CONTAINER_ID:/$(basename "$pkg")" if docker exec "$CONTAINER_ID" sh -c " apk add --allow-untrusted /$(basename "$pkg") >/dev/null 2>&1 which $binary >/dev/null 2>&1 $binary --version >/dev/null 2>&1 "; then echo "SUCCESS: $(basename "$pkg") test passed" else echo "FAIL: $(basename "$pkg") test failed" fi docker rm -f "$CONTAINER_ID" >/dev/null else echo "ERROR: Package not found: $pkg" fi } test_package "$AGENT_PKG" "zabbix_agentd" test_package "$PROXY_PKG" "zabbix_proxy"