.github/workflows: Remove support for Fedora 37 and 38

qzed · qzed · commit c4c55f5d58b7 · 2024-09-14T13:57:49.000+02:00
diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
@@ -104,84 +104,6 @@ jobs:
         name: arch-latest
         path: release
 
-  build-f37:
-    name: Build Fedora 37 package
-    runs-on: ubuntu-latest
-    container: registry.fedoraproject.org/fedora:37
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-
-    - name: Install build dependencies
-      run: |
-        dnf distro-sync -y
-        dnf install -y rpmdevtools rpm-sign 'dnf-command(builddep)'
-        dnf builddep -y fedora/surface-secureboot.spec
-
-    - name: Build package
-      run: |
-        cd fedora
-
-        # Build the .rpm packages
-        ./makerpm
-
-    - name: Sign packages
-      env:
-        GPG_KEY: ${{ secrets.LINUX_SURFACE_GPG_KEY }}
-      run: |
-        cd fedora/out/noarch
-
-        # import GPG key
-        echo "$GPG_KEY" | base64 -d | gpg --import --no-tty --batch --yes
-
-        # sign packages
-        rpm --resign *.rpm --define "_gpg_name $GPG_KEY_ID"
-
-    - name: Upload artifacts
-      uses: actions/upload-artifact@v3
-      with:
-        name: fedora-37-latest
-        path: fedora/out/noarch
-
-  build-f38:
-    name: Build Fedora 38 package
-    runs-on: ubuntu-latest
-    container: registry.fedoraproject.org/fedora:38
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-
-    - name: Install build dependencies
-      run: |
-        dnf distro-sync -y
-        dnf install -y rpmdevtools rpm-sign 'dnf-command(builddep)'
-        dnf builddep -y fedora/surface-secureboot.spec
-
-    - name: Build package
-      run: |
-        cd fedora
-
-        # Build the .rpm packages
-        ./makerpm
-
-    - name: Sign packages
-      env:
-        GPG_KEY: ${{ secrets.LINUX_SURFACE_GPG_KEY }}
-      run: |
-        cd fedora/out/noarch
-
-        # import GPG key
-        echo "$GPG_KEY" | base64 -d | gpg --import --no-tty --batch --yes
-
-        # sign packages
-        rpm --resign *.rpm --define "_gpg_name $GPG_KEY_ID"
-
-    - name: Upload artifacts
-      uses: actions/upload-artifact@v3
-      with:
-        name: fedora-38-latest
-        path: fedora/out/noarch
-
   build-f39:
     name: Build Fedora 39 package
     runs-on: ubuntu-latest
@@ -223,7 +145,7 @@ jobs:
 
   release:
     name: Publish release
-    needs: [build-deb, build-arch, build-f37, build-f38, build-f39]
+    needs: [build-deb, build-arch, build-f39]
     runs-on: ubuntu-latest
     steps:
     - name: Download Debian artifacts
@@ -238,18 +160,6 @@ jobs:
         name: arch-latest
         path: arch-latest
 
-    - name: Download Fedora 37 artifacts
-      uses: actions/download-artifact@v3
-      with:
-        name: fedora-37-latest
-        path: fedora-37-latest
-
-    - name: Download Fedora 38 artifacts
-      uses: actions/download-artifact@v3
-      with:
-        name: fedora-38-latest
-        path: fedora-38-latest
-
     - name: Download Fedora 39 artifacts
       uses: actions/download-artifact@v3
       with:
@@ -367,108 +277,6 @@ jobs:
         git commit -m "Update Arch Linux secure-boot MOK"
         git push --set-upstream origin "${update_branch}"
 
-  repo-f37:
-    name: Update Fedora 37 package repository
-    needs: [release]
-    runs-on: ubuntu-latest
-    container: registry.fedoraproject.org/fedora:37
-    steps:
-    - name: Install dependencies
-      run: |
-        dnf install -y git findutils
-
-    - name: Download artifacts
-      uses: actions/download-artifact@v3
-      with:
-        name: fedora-37-latest
-        path: fedora-37-latest
-
-    - name: Update repository
-      env:
-        SURFACEBOT_TOKEN: ${{ secrets.LINUX_SURFACE_BOT_TOKEN }}
-        BRANCH_STAGING: u/staging
-        GIT_REF: ${{ github.ref }}
-      run: |
-        repo="https://surfacebot:${SURFACEBOT_TOKEN}@github.com/linux-surface/repo.git"
-
-        # clone package repository
-        git clone -b "${BRANCH_STAGING}" "${repo}" repo
-
-        # copy packages
-        cp fedora-37-latest/* repo/fedora/f37
-        cd repo/fedora/f37
-
-        # parse git tag from ref
-        GIT_TAG=$(echo $GIT_REF | sed 's|^refs/tags/||g')
-
-        # convert packages into references
-        for pkg in $(find . -name '*.rpm'); do
-          echo "secureboot-mok:$GIT_TAG/$(basename $pkg)" > $pkg.blob
-          rm $pkg
-        done
-
-        # set git identity
-        git config --global user.email "surfacebot@users.noreply.github.com"
-        git config --global user.name "surfacebot"
-
-        # commit and push
-        update_branch="${BRANCH_STAGING}-$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
-        git checkout -b "${update_branch}"
-        git add .
-        git commit -m "Update Fedora 37 secure-boot MOK"
-        git push --set-upstream origin "${update_branch}"
-
-  repo-f38:
-    name: Update Fedora 38 package repository
-    needs: [release]
-    runs-on: ubuntu-latest
-    container: registry.fedoraproject.org/fedora:38
-    steps:
-    - name: Install dependencies
-      run: |
-        dnf install -y git findutils
-
-    - name: Download artifacts
-      uses: actions/download-artifact@v3
-      with:
-        name: fedora-38-latest
-        path: fedora-38-latest
-
-    - name: Update repository
-      env:
-        SURFACEBOT_TOKEN: ${{ secrets.LINUX_SURFACE_BOT_TOKEN }}
-        BRANCH_STAGING: u/staging
-        GIT_REF: ${{ github.ref }}
-      run: |
-        repo="https://surfacebot:${SURFACEBOT_TOKEN}@github.com/linux-surface/repo.git"
-
-        # clone package repository
-        git clone -b "${BRANCH_STAGING}" "${repo}" repo
-
-        # copy packages
-        cp fedora-38-latest/* repo/fedora/f38
-        cd repo/fedora/f38
-
-        # parse git tag from ref
-        GIT_TAG=$(echo $GIT_REF | sed 's|^refs/tags/||g')
-
-        # convert packages into references
-        for pkg in $(find . -name '*.rpm'); do
-          echo "secureboot-mok:$GIT_TAG/$(basename $pkg)" > $pkg.blob
-          rm $pkg
-        done
-
-        # set git identity
-        git config --global user.email "surfacebot@users.noreply.github.com"
-        git config --global user.name "surfacebot"
-
-        # commit and push
-        update_branch="${BRANCH_STAGING}-$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
-        git checkout -b "${update_branch}"
-        git add .
-        git commit -m "Update Fedora 38 secure-boot MOK"
-        git push --set-upstream origin "${update_branch}"
-
   repo-f39:
     name: Update Fedora 39 package repository
     needs: [release]
