This repository demonstrates building a simple Go hello program, packaging it as a .deb, and publishing it in an APT repository hosted on GitHub Pages.
Quick start
# download the signing key (no gpg required - binary format)
sudo curl -fsSL https://k0in.github.io/apt-github-pages/signing-key.gpg -o /usr/share/keyrings/apt-github-pages.gpg
# add the repository (signed)
echo "deb [signed-by=/usr/share/keyrings/apt-github-pages.gpg] https://k0in.github.io/apt-github-pages stable main" | sudo tee /etc/apt/sources.list.d/apt-github-pages.list
# update and install
sudo apt-get update
sudo apt-get install hello-k0inAlternatively, use [trusted=yes] to skip signature verification (not recommended for production):
echo "deb [trusted=yes] https://k0in.github.io/apt-github-pages stable main" | sudo tee /etc/apt/sources.list.d/apt-github-pages.listBuild and generate the APT repo locally with the Makefile
# build and package .deb for all architectures (amd64, arm64)
make package-all VERSION=0.1.0
# or build for a single architecture
make package ARCH=amd64 VERSION=0.1.0
# generate the APT repo metadata (requires `dpkg-scanpackages` from `dpkg-dev`)
ARCHITECTURES="amd64 arm64" ./scripts/generate-apt-repo.sh public dist/*.deb- Generate a GPG key (no passphrase for CI):
gpg --batch --gen-key <<EOF
Key-Type: EDDSA
Key-Curve: ed25519
Key-Usage: sign
Name-Real: APT Repo Signing Key
Name-Email: [email protected]
Expire-Date: 0
%no-protection
%commit
EOF- Export the private key and add it as a GitHub secret named
GPG_PRIVATE_KEY:
gpg --armor --export-secret-keys [email protected]
![@github-actions[bot]](proxy.php?url=https://avatars.githubusercontent.com/in/15368?s=64&v=4){kind=small}