jayvdb
commented
2 years ago I have been able to get all my dependencies into Debian bullseye, by using https://build.opensuse.org/ to do debian builds.
Info about it is at https://en.opensuse.org/openSUSE:Build_Service_Debian_builds
My project is https://build.opensuse.org/project/show/home:jayvdb:debian , which publishes built packages to repo https://download.opensuse.org/repositories/home:/jayvdb:/debian/Debian_11
As a result, my main use of this github action is now able to use lpenz/ghaction-cmake:0.18 instead of custom docker builds from my fork. Happy days.
My pre_command still includes a PPA, which is more finicky to create, maintain, and use, but maybe I am biased...
apt-get update \
&& DEBIAN_FRONTEND=noninteractive \
TZ=Etc/UTC \
apt-get install -y --no-install-recommends \
ca-certificates \
gnupg2 \
sudo \
software-properties-common \
wget \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ED7108895311FB59 \
&& wget https://download.opensuse.org/repositories/home:/jayvdb:/debian/Debian_11/Release.key \
&& apt-key add Release.key \
&& ls /etc/apt/sources.list.d/ \
&& echo deb http://ppa.launchpad.net/jayvdb/experimental/ubuntu jammy main >> /etc/apt/sources.list.d/ppas.list \
&& echo deb http://download.opensuse.org/repositories/home:/jayvdb:/debian/Debian_11 ./ >> /etc/apt/sources.list.d/obs.list \
&& cat /etc/apt/sources.list \
&& echo deb http://deb.debian.org/debian bullseye main contrib non-free > /etc/apt/sources.list \
&& echo deb http://deb.debian.org/debian bullseye-updates main contrib non-free >> /etc/apt/sources.listI need to check whether apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ED7108895311FB59 can be replaced with a key_url approach ; probably it can.
But in any case, I intend to remove the PPA, relying only on OBS, in which case pairs of sourceline & key_url would suffice for me.
However, that design may not be ideal, because GitHub Actions doesnt support anchors and aliases, whereas Travis and GitLab CI do. See the following for some of the discussions about that:
- https://github.community/t/support-for-yaml-anchors/16128/89
- https://github.com/github/feedback/discussions/4501
- https://github.com/actions/runner/issues/1182
As a result, the array of sources would need to be duplicated for each use of this github action.
There are some wonderful workarounds for the lack of anchors and aliases, but IMO use of env: & ${{ env.FOO }} is the most straight forward, however envs are not a good way to store arrays of pairs.
So I am thinking that there should be two inputs, sourcelines and key_urls which are each multi-line.
Another alternative is to put JSON into an env var, and then maybe even it can be unserialized using GHA expression fromJSON before being given to this github action as an object - not sure if GHA supports passing objects into GHAs such as this one.
An alternative to https://github.com/lpenz/ghaction-cmake/issues/11 is to allow custom apt sources, so that users can build better -dev packages while waiting for debian to fix the problem. This has the added benefit of allowing using non-debian maintained packages, such as NVidia (https://docs.nvidia.com/datacenter/tesla/tesla-installation-notes/index.html ; although that may only work when using self-hosted runners with GPUs) and Intel (https://www.intel.com/content/www/us/en/developer/articles/guide/installing-free-libraries-and-python-apt-repo.html)
The Travis CI implementation of this was quite good, e.g.