Skip to content

Add GitHub Actions workflow to build Unifont BMP TTF #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Sep 19, 2023
Merged

Add GitHub Actions workflow to build Unifont BMP TTF #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0aae3a7
Add GitHub Actions workflow to build Unifont BMP TTF
AlexTMjugador Sep 19, 2023
332543d
Exclude revoked key from trusted keys file
AlexTMjugador Sep 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 63 additions & 0 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
name: Build Unifont

permissions:
# Required for uploading artifacts
actions: write

on:
workflow_dispatch:
inputs:
unifont_version:
description: 'The Unifont version to build (example: 15.1.01)'
required: true
type: string

jobs:
build:
name: Unifont BMP TTF
runs-on: ubuntu-latest
timeout-minutes: 10

steps:
- name: Checkout source
uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4

- name: Install required dependencies
run: |
sudo apt-get update
sudo apt-get install -yq --no-install-recommends fontforge

- name: Download and verify Unifont v${{ inputs.unifont_version }}
run: |
readonly BASE_URL='https://unifoundry.com/pub/unifont/unifont-${{ inputs.unifont_version }}'
readonly SOURCE_TARBALL_NAME='unifont-${{ inputs.unifont_version }}.tar.gz'

echo "> Fetching Unifont source tarball and its signature..."
curl -o unifont.tar.gz "$BASE_URL/$SOURCE_TARBALL_NAME"
curl -o unifont.tar.gz.sig "$BASE_URL/$SOURCE_TARBALL_NAME.sig"

# Verify according to the instructions at https://unifoundry.com/verify/index.html
# with a known-good keyring at this repository
echo "> Asserting Unifont source tarball provenance..."
echo "Creating root of trust key"
gpg --batch --quick-generate-key --passphrase '' '41898282+github-actions[bot]@users.noreply.github.com'
echo "> Importing expected Unifoundry signing keys from unifoundry-keys.gpg"
gpg --batch --import unifoundry-keys.gpg
echo "> Extending trust to Unifoundry signing keys by signing with root of trust key"
gpg --list-keys --with-colons | awk -F: '/^fpr:/ { print $10 }' | while read -r key_fingerprint; do
gpg --batch --expert --quick-lsign "$key_fingerprint" || true
done
echo "> Verifying Unifont source tarball signature"
gpg --batch --verify unifont.tar.gz.sig unifont.tar.gz

- name: Extract and build Unifont BMP TTF
run: |
tar -xf unifont.tar.gz
mv 'unifont-${{ inputs.unifont_version }}' unifont
make -C unifont/font truetype

- name: Upload generated Unifont BMP TTF as artifact
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
with:
name: Unifont BMP TTF
path: unifont/font/compiled/unifont-${{ inputs.unifont_version }}.ttf
65 changes: 65 additions & 0 deletions unifoundry-keys.gpg
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFI9G/MBEADSuYOMN3qajJihjXpO6JQ/rpxQOSwpwUglG7gPej1krh8QkpPy
GE5AydjgsMFSES1Hk1KkwSkULPYaR+omEBFBC6ZSM8li7HyPw1x6cJejY5uZ6NXu
ryvmnJBQ3cb0dBhCZGMVt3qDv8KRZ3fB1GwOPF2M4oH04HFHBkxBmcpCDj/7f2sO
6BcRvqKlhGjm+w6jzyDgAvxpri/PvKsN+Os70DwOw3JzEegDrhoaW2V55v+ycXXK
KRnRemBBRkM5yDtsRsrsNAWZhh9Kak2bV36Rv549+oLIvkt32e7Xeezgx5guVD1w
/+oa+25ZUKwqLYvfA1cfb8wH93yR1Xy2tWoasN3XP7legHt2YsGIu5QDg9Bq1oQ+
Z1uNUYnLBYumjdlofThqAQwYxQ23DuWczAUaLZUc72r/iAN3rDLaW4rt3XpN+5fo
yHV8BKRWQ/kMRlRTQADolClHog2bavj0FxYqwfChLHl9INsi2uDnzEgJWdstKq7J
3s1KRxhCt7i+D+K2ICZZMyuW0SD+N81V8gVXtAuCNvTj8kzYOaSUyn8kjJklVLwV
wo3s2xSSMI4sZAwdPkwGiet+aqPn6AemGxsmmWONVpXCP9bkezvPDAVrVYRlZDtm
8JAQ6sTjq/z/wAAPrwNIagxKmvzpRJe/WikWBBEDzaONwGIBrRnIqJGndwARAQAB
tCZQYXVsIEhhcmR5IDx1bmlmb3VuZHJ5QHVuaWZvdW5kcnkuY29tPokCWAQTAQoA
QgIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4ACGQEWIQSV0umrh0DYBGOH/RUa
CSJ7H0NaMwUCYjYhRAUJGV8G0QAKCRAaCSJ7H0NaM7LvD/sEMAgz4Xnzzv1TA17Y
gVCsDm2CM8BFSztG5VfeFOguhcoQHvh1Y7Bko+oMwMBbo8+mWIb/Zcm3/BVMSmSn
h3WfT0dEQOkK6n4gm0XHCKfG77hvna7zDmbNp77+T3jGLaXrcS9Wcal5sBmxuFFc
Pum36lZBD0mf2NqVWuZBujtA6pPuSs5t4NaU/N+3bZrbjtmqIKqurKQQVS4aU7Jn
K6jkPYTjjG3ivJZvZcp9KxukrMbe3Dr2S1yQUPuwgPzu2W8UbM9OuAalXxv8yOSg
2JnXWuhHPG/LWIYXnzZcDYMEKK5acpWjs8fqNTi7IukH/EZoNSB2YwlvwojV3EVl
7x2kmvamcUJNmJaQg6jYCIMyAfTXsz7lsm/Ij+fqdSiwfysBpq9qPxtClrHt5y3t
cGtaAxVwKWIybBf8azmb2HSSXt3YQDdfGpHJ7dFVZeDRcLFP6WiU/hmDDcHRRd9G
NbTKl6YMLC/F+h+oLJGWtIz9vQAdpCAekr8EsUi8yU6smjZboceaTI+R7iBlrZe+
ampb3q31e3RHrrSPv3CjkI82R8spWdH+KxIc9qlPte6E36HPOdEj70ekMnfQzJQG
hEDJ6/8AjBbZm4n7+zSZVOit2R3zDlYPE7Q5gcTE+FN7f7mAXgV77a15wSiXV+LW
WXTf9lmppFOulvaszUGkS4eTfrQhUGF1bCBIYXJkeSA8dW5pZm91bmRyeUBnbWFp
bC5jb20+iQJVBBMBCgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBJXS
6auHQNgEY4f9FRoJInsfQ1ozBQJiNiFEBQkZXwbRAAoJEBoJInsfQ1ozKI0P/izG
E3W/2c8ikWXMZR2lHuf1VgHGc2pEbOQws63Cb8EJGpykOFDyatLItdJgnuuLKJLe
3anqT40x/XOnAaaDLcolY5nZaEdyBnG9hXG1x9HT5lQQr9V0GRiSyIVMpRMuYDba
85axMM9rFsRvfuszjIIAleBgSwyX4IH6XrxMmSr08KtguixFpRCS5Wz9Zgm3JTKc
kyGiDWSZhvMZ7+lQxQGS6tpjEgqi9qdlgy1EtcUSWjgoyiAhgYt+J4OHStu/bLAr
X7X1Ivyk0TxIKLlB3isjHsiqNovKbSXJw3zwtwaef9rfYEBWaf1Qa4iiBPpCDyvF
HxA8pNzWadDZ+1vPWcWBrz96nDC+Dwu6dXoAVYnDrBWoVgc2fX6+Gas3esinxgUM
UsBDfbGk+LsxLHbWZQocyPvaX0ms81UbBgibt62ZwevKq/9+BtUzF3S0MHoiF4C1
iofqtQgOp7bRVzo/cLt+i2rwaXaNWaZBUciF3wEQMM+bpBYagFK0iuGExEGrlBJH
SiDtuHJ9bxueN9wpILRtjhXjn5s3g4hBM0GYvRS6Se6T94kpuLBJXX8/BHN3hrIZ
vFR9cnfkSAcay3sDd8YG1ZMtbcz3o7rR2c4xgKmsbI1TAF0289u0dZUggrGpt5vg
9rAXde2DOCxIR3U7Q1rRcWjRbqWseNk7tUg4w5KHuQINBFI9HTQBEAC9cuBfOGba
uA+M/8bUN8PIxr0N0ImbTHUxf8P+o1sLxoMOiirK13s4uS/WXtyc6/47w0XmWoQt
v/Kc2khfDFyTVnLeU1NYHG45+WRobxsaDu6sKo1EJZhmy6L0kFUSDSmcpT6i9N+O
plWjAbkUUX63Y1G13yk4J1X5fD9VWqLNyokNmC6dwnJfzHlhlQHOuEUQtNHeJhfQ
NkE4ixaP3ZXwdTONNau7YKoYekqumf3CwynUD0YKeLBubU+YKcva9vJy7p4/9eQu
UE+xvfNhzH2rEjgbOgbCDN5aupWe44dV0PcJ8FOTP95mbKNW1H5HnD1f4gx8IFJi
bgi7zObriQUmqLsBDWF8FvIhiTudRzqZURaKDYUBBveVDD9XHzlnjA56XsPUoEE5
vHY+sA0STBLdh4ROf7rUYOHLGkBL9U3wVbd9YhGzY5nUQCTl5bH3Jimy3RnNwHWb
cs3hWYUZSacJnhrbNgrC7e0BPf0z+ZzfV9UAYnADTwwWxyqup/RSKtB59PNCB0a1
0iTmMEW3fSKIXdCEqaqINjCDGzvJiitCbkUlDViil+jyhDypZLAZGG1Bf+dKSWM6
O94U7l8/Ycc18lrv/ZNLyuDVjd+RCD0+44lDd9lD8V1hUmvqg+rg+MF5LPO/hR07
a7mpBqdto5KC/0KqlJNnNOZWV6cbSYGaWQARAQABiQI8BBgBCgAmAhsMFiEEldLp
q4dA2ARjh/0VGgkiex9DWjMFAmI2IUoFCRlfBZYACgkQGgkiex9DWjOwgA//S7gm
Bq8hFesEsrb1JE59ahY3RtvIJfp+bBLo7f1ZEVPGmF8OK+wlZhEg+2scN3QzZvBv
AYlHYBplIgsUi3eNLUh7x80GQIDfjMU5pZ0DJG/e97f6zv11rIfCsvnkUp+9dmu2
LR+k97rujrobUHjl8mlWOhbb3S5I3f6CF8UViHwKHfYzPWQLMFMvabmWbmIVXQuX
ocJCz9sWrJpqWgGuMjcMfo07IiFan2fHptF2K5i5LQV/S0sAykXZcHiME6bxa6TA
3GqjgOaQnEZfhu1pSEOS9asVCCPMyCIYdrrmx3eQ0z7qxLxxtzEVn/JWprZqCSzQ
tcPn8591obaAXzF8ddJ0wJ2nxKUhy3H8jhSaJMEZKBrikhZIiC/5NY4OuRYaIjFe
CpfrRULYTUciEl7EViJdNwBJxr1mgXc+DZioxkOg2C+Yya6yL9zewgsFvR/D7zT3
Z5YeLSpdfz9BRV2ys8sRHBCqFmn3E/8KV5lYUDWD1YhAN1uTkeZMy2oa1Eqf2Hdj
zesutlS4FGk+BeGqHrj6J+MfVT7FsW0u+3BraB8ojQ0+QbPxku0RF4bIC9b/AkEN
th6zWJDmOrY7mTlXmdEYe0s6hwc8kWSt/WuQvd+Gg1MkA1uBNekEq6jK3gPV9z5g
5FvYNgYvjGGpyMBuulIcw82FGG5Jogf1q6n5l4E=
=nbqX
-----END PGP PUBLIC KEY BLOCK-----