Update Publish Lutris PPA Workflow

* Split the workflow out into a reusable workflow. * Call the release PPA workflow only on GitHub release publications. * Call the staging PPA workflow on all GitHub release & prerelease publications. * Clean up comments, and make them a bit more consistent. * Add autoincrement logic to the PPA version number when the version we're building already exists on the target PPA. * Build Lunar and Kinetic packages on Jammy since GitHub only has LTS Ubuntu runners.
2024-07-08 19:45:47 +00:00 · 2022-12-12 22:16:04 -08:00 · 2022-12-12 22:16:04 -08:00 · bd9aef3aad
commit bd9aef3aad
parent c9a0635cb7
9 changed files with 410 additions and 131 deletions
--- a/.github/scripts/build-sign-ubuntu.sh
+++ b/.github/scripts/build-sign-ubuntu.sh
@ -1,77 +0,0 @@
-#!/bin/bash -e
-# This script is intended to be run as part of a GitHub workflow where we
-# build multiple times under different OS versions, which _may_ produce
-# differences in the built packages.
-#
-# It expects the following environment variables:
-# 	PPA_GPG_PRIVATE_KEY
-#		Private key with access to the Ubuntu PPA.
-#	PPA_GPG_PASSPHRASE
-#		Decrypts the above private key.
-
-# This gets the Ubuntu codename & version from the local OS.
-OS_CODENAME="$(grep 'VERSION_CODENAME=' /etc/os-release | cut -f2 -d'=' | tr -d '"')"
-OS_VERSION="$(grep 'VERSION_ID=' /etc/os-release | cut -f2 -d'=' | tr -d '"')"
-
-# Get the base Lutris version in the same way that the Makefile does.
-LUTRIS_VERSION=$(grep "__version__" lutris/__init__.py | cut -d" " -f 3 | sed 's|"\(.*\)"|\1|')
-
-# Creates a GPG keyring using the key passed from the GitHub workflow.
-echo "::group::Importing GPG private key..."
-PPA_GPG_KEY_ID=$(echo "${PPA_GPG_PRIVATE_KEY}" | gpg --import-options show-only --import | sed -n '2s/^\s*//p')
-export PPA_GPG_KEY_ID
-echo "${PPA_GPG_KEY_ID}"
-echo "${PPA_GPG_PRIVATE_KEY}" | gpg --batch --passphrase "${PPA_GPG_PASSPHRASE}" --import
-echo "::endgroup::"
-
-# May as well since we don't need after at this point.
-unset PPA_GPG_PRIVATE_KEY
-
-# Version numbers are recommended to follow the guide at:
-# https://help.launchpad.net/Packaging/PPA/BuildingASourcePackage#Versioning
-#
-# The basic format is:
-# <lutris_version>-<lutris_revision>ubuntu<ubuntu_specific_revision>ppa<ppa_revision>~ubuntu<ubuntu_version>
-#
-# ex. 0.5.12-0ubuntu1 (for just the package version)
-# ex. 0.5.12-0ubuntu1ppa1~ubuntu22.04 (for a package version meant for jammy)
-# ex. 0.5.12-0ubuntu1ppa1~ubuntu20.04 (for a package version meant for focal)
-# etc...
-#
-PPA_VERSION="ppa1~ubuntu${OS_VERSION}"
-
-# If the Lutris version doesn't have a revision, we add revision 0.
-LUTRIS_DEBIAN_VERSION="${LUTRIS_VERSION}"
-if [[ "${LUTRIS_VERSION}" = "${LUTRIS_VERSION/-*/}" ]]; then
-    LUTRIS_DEBIAN_VERSION="${LUTRIS_DEBIAN_VERSION}-0"
-fi
-
-# Finally, add an ubuntu revision, so that other packages can override ours
-# without bumping the actual version number.
-LUTRIS_DEBIAN_VERSION="${LUTRIS_DEBIAN_VERSION}ubuntu1"
-
-# Does an initial make process for creating a debian source package.
-echo "::group::Building deb for: $OS_VERSION ($OS_CODENAME)"
-debmake -n -p lutris -u "${LUTRIS_VERSION}" -b":python3"
-
-# Updates debian/control file based on current environment.
-sudo mk-build-deps --install \
-    --tool='apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes' \
-    debian/control
-
-# Update the changelog entry. Specifically we change the top most
-# changelog entry codename to match our current OS and the version
-# number to match the Debian+PPA version scheme described above.
-sed -i"" \
-    -re"1s/\s\w+;/ ${OS_CODENAME};/" \
-    -re"1s/${LUTRIS_VERSION}/${LUTRIS_DEBIAN_VERSION}${PPA_VERSION}/" \
-    debian/changelog
-
-# Builds and signs the debian package files.
-# PPA_GPG_KEY_ID and PPA_GPG_PASSPHRASE environment variables must be defined
-# by this point.
-make github-ppa
-echo "::endgroup::"
-
-# Clean up build dependencies.
-sudo rm -f lutris-build-deps*
--- a/.github/scripts/build-ubuntu-22.04.sh
+++ b/.github/scripts/build-ubuntu-22.04.sh
@ -0,0 +1,39 @@
+#!/bin/bash
+# This script is intended to be run as part of a GitHub workflow.  This specific
+# script overrides the build generic build process for Ubuntu 22.04 (Jammy) and
+# helps us work around the lack of GitHub Workflow Runners for non-LTS versions
+# of Ubuntu.
+#
+# Required Environment Variables:
+#
+#   CODEBASE_ROOT
+#       The absolute real path to the git repository root directory.
+#
+# Optional Environment Variables:
+#
+#   JAMMY_BUILDS
+#       A space or new-line separated list of Ubuntu codenames.
+#
+
+# First run the standard build process for Jammy.
+# shellcheck source=./build-ubuntu-generic.sh
+source "${CODEBASE_ROOT}/.github/scripts/build-ubuntu-generic.sh"
+echo "::endgroup::"
+
+# Rerun the build process for all codenames in the JAMMY_BUILDS env
+# variable.  We override the OS_CODENAME env variable, and then recurse
+# into the ./build-ubuntu.sh build script to build those versions within
+# our Jammy runner.
+if [[ -n ${JAMMY_BUILDS} ]]; then
+    for OS_CODENAME in ${JAMMY_BUILDS}; do
+        if ! distro-info --series "${OS_CODENAME}"; then
+            echo "Bad JAMMY_BUILDS codename '${OS_CODENAME}' provided.  Skipping this build."
+        else
+            # Clean up the codebase between runs.
+            git reset --hard
+            git clean -df
+            # shellcheck source=./build-ubuntu.sh
+            source "${CODEBASE_ROOT}/.github/scripts/build-ubuntu.sh"
+        fi
+    done
+fi
--- a/.github/scripts/build-ubuntu-generic.sh
+++ b/.github/scripts/build-ubuntu-generic.sh
@ -0,0 +1,67 @@
+#!/bin/bash
+# Default build script for producing a generic Lutris build.
+# It requires several environment variables which are typically
+# passed in from the ./build-ubuntu.sh script.
+#
+#   CODEBASE_ROOT
+#       The absolute real path to the git repository root directory.
+#
+#   LUTRIS_VERSION
+#       The version of Lutris being built, in semver format.
+#       Ex. "0.5.12-1" or "0.5.12"
+#
+#   OS_CODENAME
+#       The Ubuntu codename the package is being built for.
+#       Ex. "jammy" or "kinetic"
+#
+#   LUTRIS_DEBIAN_VERSION
+#       The Debian-specific version which follows the guidelines
+#       specified here: https://help.launchpad.net/Packaging/PPA/BuildingASourcePackage#Versioning
+#       Ex. "0.5.12-0ubuntu1"
+#
+#   PPA_VERSION
+#       The PPA release version which follows the same guide as mentioned
+#       in the LUTRIS_DEBIAN_VERSION variable.
+#       Ex. "ppa1~ubuntu22.04" or "ppa3~ubuntu22.04"
+#
+#   PPA_GPG_KEY_ID
+#       The Full or Partial ID of a GPG Key that is imported into the GPG
+#       key store.  This can be listed with `gpg --list-secret-keys`.
+#       Ex.  7596C2FB25663E2B6DD9F97CF380C7EDED8F0491 (Full Key ID)
+#       Ex.  F380C7EDED8F0491 (Partial Key ID)
+#
+#   PPA_GPG_PASSPHRASE
+#       The passphrase to unlock the above PPA_GPG_KEY_ID.
+#
+
+# Make sure the changelog has a proper entry for the version being built.
+if ! grep -q "${LUTRIS_VERSION}" "${CODEBASE_ROOT}/debian/changelog"; then
+    echo "Error: ${CODEBASE_ROOT}/debian/changelog does not contain an entry for our current version."
+    exit 255
+fi
+
+# Does an initial make process for creating a debian source package.
+debmake -n -p lutris -u "${LUTRIS_VERSION}" -b":python3"
+
+# Updates debian/control file based on current environment.
+sudo mk-build-deps --install \
+    --tool='apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes' \
+    "${CODEBASE_ROOT}/debian/control"
+
+# Update the changelog entry. Specifically we change the top most
+# changelog entry codename to match our current OS and the version
+# number to match the Debian+PPA version scheme described above.
+sed -i"" \
+    -re"1s/\s\w+;/ ${OS_CODENAME};/" \
+    -re"1s/${LUTRIS_VERSION}/${LUTRIS_DEBIAN_VERSION}${PPA_VERSION}/" \
+    "${CODEBASE_ROOT}/debian/changelog"
+
+# Builds and signs the debian package files.
+# PPA_GPG_KEY_ID and PPA_GPG_PASSPHRASE environment variables must be defined
+# by this point.
+make github-ppa
+
+# Clean up.
+sudo rm -f "${CODEBASE_ROOT}/lutris-build-deps"*
+git clean -df "${CODEBASE_ROOT}"
+git reset --hard
--- a/.github/scripts/build-ubuntu.sh
+++ b/.github/scripts/build-ubuntu.sh
@ -0,0 +1,149 @@
+#!/bin/bash -e
+# This script is intended to be run as part of a GitHub workflow where we
+# build multiple times under different OS versions, which _may_ produce
+# differences in the built packages.
+#
+# It expects the following environment variables:
+#
+#   PPA_GPG_PRIVATE_KEY
+#       Private key with access to the Ubuntu PPA.  Note that if the
+#       optional env variable PPA_GPG_KEY_ID is passed, then this
+#       variable is not required.  If both are passed, then PPA_GPG_KEY_ID
+#       is used.
+#
+#   PPA_GPG_PASSPHRASE
+#       Decrypts the above private key or PPA_GPG_KEY_ID.
+#
+#   PPA_URI
+#       The URI of the PPA to push updates to.
+#       Ex. ppa:lutris-team/lutris
+#
+# The following environment variables are optional and will override
+# default values.
+#
+#   CODEBASE_ROOT
+#       The absolute real path to the git repository root directory.
+#
+#   LUTRIS_VERSION
+#       The version of Lutris being built, in semver format.
+#       Ex. "0.5.12-1" or "0.5.12"
+#
+#   OS_CODENAME
+#       The Ubuntu codename the package is being built for.
+#       Ex. "jammy" or "kinetic"
+#
+#   LUTRIS_DEBIAN_VERSION
+#       The Debian-specific version which follows the guidelines
+#       specified here: https://help.launchpad.net/Packaging/PPA/BuildingASourcePackage#Versioning
+#       Ex. "0.5.12-0ubuntu1"
+#
+#   PPA_VERSION
+#       The PPA release version which follows the same guide as mentioned
+#       in the LUTRIS_DEBIAN_VERSION variable.
+#       Ex. "ppa1~ubuntu22.04" or "ppa3~ubuntu22.04"
+#
+#   PPA_GPG_KEY_ID
+#       The Full or Partial ID of a GPG Key that is imported into the GPG
+#       key store.  This can be listed with `gpg --list-secret-keys`.
+#       Ex.  7596C2FB25663E2B6DD9F97CF380C7EDED8F0491 (Full Key ID)
+#       Ex.  F380C7EDED8F0491 (Partial Key ID)
+#
+
+
+# Go three directories up to get the codebase root path.
+if [[ -z $CODEBASE_ROOT ]]; then
+    CODEBASE_ROOT="$(dirname "$(dirname "$(dirname "$(readlink -f "$0")")")")"
+fi
+
+# This gets the Ubuntu codename & version from the local OS if they are
+# not passed in to us already.
+if [[ -z $OS_CODENAME ]]; then
+    OS_CODENAME="$(grep 'VERSION_CODENAME=' /etc/os-release | cut -f2 -d'=' | tr -d '"')"
+fi
+# Get the OS version associated with OS_CODENAME.
+OS_VERSION="$(distro-info --series "${OS_CODENAME}" -r | cut -f1 -d' ')"
+
+# Get the base Lutris version in the same way that the Makefile does.
+if [[ -z $LUTRIS_VERSION ]]; then
+    LUTRIS_VERSION="$(grep "__version__" "${CODEBASE_ROOT}/lutris/__init__.py" | cut -d" " -f 3 | sed 's|"\(.*\)"|\1|')"
+fi
+
+# Creates a GPG keyring using the key passed from the GitHub workflow.
+if [[ -z $PPA_GPG_KEY_ID ]]; then
+    echo "::group::Importing GPG private key..."
+    PPA_GPG_KEY_ID=$(echo "${PPA_GPG_PRIVATE_KEY}" | gpg --import-options show-only --import | sed -n '2s/^\s*//p')
+    export PPA_GPG_KEY_ID
+    echo "${PPA_GPG_KEY_ID}"
+    echo "${PPA_GPG_PRIVATE_KEY}" | gpg --batch --passphrase "${PPA_GPG_PASSPHRASE}" --import
+    echo "::endgroup::"
+
+    # May as well since we don't need after at this point.
+    unset PPA_GPG_PRIVATE_KEY
+fi
+
+# Add the ppa if it isn't already.
+if ! grep -qi "${PPA_URI//ppa:/}" /etc/apt/sources.list.d/*.list; then
+    sudo apt-add-repository -y "${PPA_URI}"
+fi
+# Get the current version of Lutris on the PPA.
+if APT_VERSION="$(apt show lutris | grep 'Version: ' | cut -f2 -d' ')"; then
+    echo "Latest version on '${PPA_URI}' is '${APT_VERSION}'"
+else
+    echo "Pushing first package to '${PPA_URI}'"
+fi
+
+# Version numbers are recommended to follow the guide at:
+# https://help.launchpad.net/Packaging/PPA/BuildingASourcePackage#Versioning
+#
+# The basic format is:
+# <lutris_version>-<lutris_revision>ubuntu<ubuntu_specific_revision>ppa<ppa_revision>~ubuntu<ubuntu_version>
+#
+# ex. 0.5.12-0ubuntu1 (for just the package version)
+# ex. 0.5.12-0ubuntu1ppa1~ubuntu22.04 (for a package version meant for jammy)
+# ex. 0.5.12-0ubuntu1ppa1~ubuntu20.04 (for a package version meant for focal)
+# etc...
+#
+PPA_VERSION="ppa1~ubuntu${OS_VERSION}"
+
+# If the Lutris version doesn't have a revision, we add revision 0.
+LUTRIS_DEBIAN_VERSION="${LUTRIS_VERSION}"
+if [[ "${LUTRIS_VERSION}" = "${LUTRIS_VERSION/-*/}" ]]; then
+    LUTRIS_DEBIAN_VERSION="${LUTRIS_DEBIAN_VERSION}-0"
+fi
+
+# Finally, add an ubuntu revision, so that other packages can override ours
+# without bumping the actual version number.
+LUTRIS_DEBIAN_VERSION="${LUTRIS_DEBIAN_VERSION}ubuntu1"
+
+# If the version we're currently building exists on the PPA, increment
+# the PPA version number so that we supersede it.  Assuming a version
+# scheme like 0.5.12-0ubuntu1ppa1~ubuntu22.04, we trim everything up to
+# and including 'ppa' and everything after and including '~' to get the
+# PPA version number.
+if [[ "${APT_VERSION//ppa*/}" = "${LUTRIS_DEBIAN_VERSION}" ]]; then
+    echo "PPA (${PPA_URI}) has matching package version: ${LUTRIS_DEBIAN_VERSION}"
+    APT_PPA_VERSION="${APT_VERSION//*ppa/}"
+    APT_PPA_VERSION="${APT_PPA_VERSION//~*/}"
+    # Only autoincrement if the derived APT_PPA_VERSION is an integer.
+    if [[ ${APT_PPA_VERSION} =~ ^[0-9]*$ ]]; then
+        (( APT_PPA_VERSION++ ))
+        PPA_VERSION="ppa${APT_PPA_VERSION}~ubuntu${OS_VERSION}"
+    else
+        echo "Could not derive APT_PPA_VERSION from '${APT_VERSION}'; using default."
+    fi
+fi
+
+# Runs a specific build script for an OS Version if it exists or runs
+# the generic build script if not.  GitHub seems to only support LTS
+# versions of Ubuntu runners for build jobs, and so we use this to
+# build the non-LTS versions on the closest matching LTS version.
+if [[ -f "${CODEBASE_ROOT}/.github/scripts/build-ubuntu-${OS_VERSION}.sh" ]]; then
+    echo "::group::Building version-specific deb for ${OS_CODENAME}: ${LUTRIS_DEBIAN_VERSION}${PPA_VERSION}"
+    # shellcheck disable=SC1090
+    source "${CODEBASE_ROOT}/.github/scripts/build-ubuntu-${OS_VERSION}.sh"
+else
+    echo "::group::Building generic deb for ${OS_CODENAME}: ${LUTRIS_DEBIAN_VERSION}${PPA_VERSION}"
+    # shellcheck source=./build-ubuntu-generic.sh
+    source "${CODEBASE_ROOT}/.github/scripts/build-ubuntu-generic.sh"
+fi
+echo "::endgroup::"
--- a/.github/scripts/install-ubuntu-generic.sh
+++ b/.github/scripts/install-ubuntu-generic.sh
@ -0,0 +1,13 @@
+#!/bin/bash
+# Default dependencies needed on a fresh install of ubuntu in order to
+# build the lutris package.
+
+sudo apt update
+sudo apt install \
+    debhelper \
+    debmake \
+    devscripts \
+    dh-python \
+    meson \
+    equivs \
+    git-buildpackage
--- a/.github/scripts/install-ubuntu.sh
+++ b/.github/scripts/install-ubuntu.sh
@ -0,0 +1,45 @@
+#!/bin/bash -e
+# Handles installing dependencies for the build process.  If an
+# install-ubuntu-$OS_VERSION.sh script exists, install-ubuntu-22.04.sh
+# for example, then that script is executed to install dependencies
+# for that particular build instead of the install-ubuntu-generic.sh
+# script.
+#
+# The following environment variables are optional and will override
+# default values.
+#
+#   CODEBASE_ROOT
+#       The absolute real path to the git repository root directory.
+#
+#   OS_CODENAME
+#       The Ubuntu codename the package is being built for.
+#       Ex. "jammy" or "kinetic"
+#
+
+
+# Go three directories up to get the codebase root path.
+if [[ -z $CODEBASE_ROOT ]]; then
+    CODEBASE_ROOT="$(dirname "$(dirname "$(dirname "$(readlink -f "$0")")")")"
+fi
+
+# This gets the Ubuntu codename & version from the local OS, or allows
+# it to be passed in as an environment variable.
+if [[ -z $OS_CODENAME ]]; then
+    OS_CODENAME="$(grep 'VERSION_CODENAME=' /etc/os-release | cut -f2 -d'=' | tr -d '"')"
+fi
+if [[ -z $OS_VERSION ]]; then
+    OS_VERSION="$(grep 'VERSION_ID=' /etc/os-release | cut -f2 -d'=' | tr -d '"')"
+fi
+
+# Runs a specific install script for an OS version if it exists or runs
+# the generic install script.
+if [[ -e "${CODEBASE_ROOT}/.github/scripts/install-ubuntu-${OS_VERSION}.sh" ]]; then
+    echo "::group::Installing $OS_CODENAME ($OS_VERSION) build dependencies"
+    # shellcheck disable=SC1090
+    source "${CODEBASE_ROOT}/.github/scripts/install-ubuntu-${OS_VERSION}.sh"
+else
+    echo "::group::Installing generic build dependencies"
+    # shellcheck source=./install-ubuntu-generic.sh
+    source "${CODEBASE_ROOT}/.github/scripts/install-ubuntu-generic.sh"
+fi
+echo "::endgroup::"
--- a/.github/workflows/publish-lutris-ppa.yml
+++ b/.github/workflows/publish-lutris-ppa.yml
@ -1,57 +1,34 @@
-# Inspired by
-# https://github.com/yuezk/GlobalProtect-openconnect/blob/master/.github/workflows/build.yml
+# Handles publishing Lutris builds to the Lutris Ubuntu PPAs.  This
+# workflow is triggered when a release or prerelease is published,
+# checks out the tag associated with that release, builds a debian
+# source package, and then pushes that to the Ubuntu Launchpad.net PPA
+# where it is then built & published on their servers.
 name: Publish Lutris PPA

 on:
+  # See below for details about the 'release' event.
+  # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#release
  release:
-    types: [published]
+    types: [released,prereleased]

+# The only thing that really differs between the release and staging
+# builds is the target PPA_URI.
 jobs:
-
+  # Only build the release PPA when the event is not a prerelease.
  release-ppa:
-    strategy:
-      matrix:
-        os: [ ubuntu-22.04, ubuntu-20.04 ]
+    if: github.event.release.prerelease == false
+    uses: ./.github/workflows/publish-ppa.yml
+    with:
+      PPA_URI: "ppa:lutris-team/lutris"
+    secrets:
+      PPA_GPG_PRIVATE_KEY: ${{ secrets.PPA_GPG_PRIVATE_KEY }}
+      PPA_GPG_PASSPHRASE: ${{ secrets.PPA_GPG_PASSPHRASE }}

-    runs-on: ${{ matrix.os }}
-
-    steps:
-      # Checkout repository
-      - uses: actions/checkout@v2
-
-      # Dependencies for the build process to generate .deb packages.
-      - name: Install Dependencies
-        run: |
-          sudo apt update
-          sudo apt install \
-            debhelper \
-            debmake \
-            devscripts \
-            dh-python \
-            meson \
-            equivs \
-            git-buildpackage
-
-      # This builds and signs the debian package for each OS in matrix.os
-      # This script also recalculates dependencies based on the current
-      # OS and can potentially produce different package control files,
-      # but these files are not kept.
-      #
-      # Signing packages uses the secrets referenced below and passes
-      # them through the below script and into the make "github-ppa"
-      # Makefile directive.
-      #
-      # It would probably be a good idea to have a unique GPG just for
-      # this process, but whatever GPG key is passed here _must_ be
-      # registered on the PPA as an authorized key.
-      - name: Build Debian Package
-        env:
-          PPA_GPG_PRIVATE_KEY: ${{ secrets.PPA_GPG_PRIVATE_KEY }}
-          PPA_GPG_PASSPHRASE: ${{ secrets.PPA_GPG_PASSPHRASE }}
-        run: |
-          ./.github/scripts/build-sign-ubuntu.sh
-
-      # Pushes the build to the PPA.
-      - name: Publish to PPA
-        run: |
-          dput ppa:lutris-team/lutris ../*.changes
+  # Push all builds out to the staging PPA.
+  staging-ppa:
+    uses: ./.github/workflows/publish-ppa.yml
+    with:
+      PPA_URI: "ppa:lutris-team/lutris-staging"
+    secrets:
+      PPA_GPG_PRIVATE_KEY: ${{ secrets.PPA_GPG_PRIVATE_KEY }}
+      PPA_GPG_PASSPHRASE: ${{ secrets.PPA_GPG_PASSPHRASE }}
--- a/.github/workflows/publish-ppa.yml
+++ b/.github/workflows/publish-ppa.yml
@ -0,0 +1,67 @@
+# This is a reusable workflow that should not be called directly, but
+# instead, from another workflow as an action to be executed.
+name: Publish PPA
+
+on:
+  workflow_call:
+    inputs:
+      # This should be in the format: "ppa:username/repo"
+      # Ex. "ppa:lutris-team/lutris"
+      PPA_URI:
+        required: true
+        type: string
+
+    # Signing packages uses the secrets referenced below and passes
+    # them through the build-ubuntu.sh script and into the "github-ppa"
+    # Makefile directive.
+    #
+    # It would probably be a good idea to have a unique GPG key just
+    # for this process, but whatever GPG key is passed here _must_ be
+    # registered on the PPA_URI as an authorized key.
+    secrets:
+      PPA_GPG_PRIVATE_KEY:
+        required: true
+      PPA_GPG_PASSPHRASE:
+        required: true
+
+jobs:
+
+  publish-ppa:
+    # GitHub only has runners for LTS versions of Ubuntu.
+    # https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources
+    # Also note that, although a runner exists for Ubuntu 18.04, the
+    # lutris build-dependencies are not supported on that version.
+    strategy:
+      matrix:
+        os: [ ubuntu-22.04, ubuntu-20.04 ]
+    runs-on: ${{ matrix.os }}
+    steps:
+
+      - name: Checkout the repository
+        uses: actions/checkout@v3
+
+      - name: Install build dependencies
+        run: |
+          ./.github/scripts/install-ubuntu.sh
+
+      # This builds and signs the debian package for each OS in matrix.os
+      # This script also recalculates dependencies based on the current
+      # OS and can potentially produce different package control files,
+      # but these files are not kept.
+      - name: Build the Debian Package
+        env:
+          PPA_URI: ${{ inputs.PPA_URI }}
+          PPA_GPG_PRIVATE_KEY: ${{ secrets.PPA_GPG_PRIVATE_KEY }}
+          PPA_GPG_PASSPHRASE: ${{ secrets.PPA_GPG_PASSPHRASE }}
+          # This will be passed through to the build-specific script for
+          # Jammy and causes it to produce additional builds for the Ubuntu
+          # codenames listed below.
+          # Ex. "kinetic lunar"
+          JAMMY_BUILDS: "kinetic lunar"
+        run: |
+          ./.github/scripts/build-ubuntu.sh
+
+      # Pushes the build to the PPA_URI.
+      - name: Publish to PPA
+        run: |
+          dput ${{ inputs.PPA_URI }} ../*.changes
--- a/9
+++ b/9
@ -10,15 +10,15 @@ all:
 	debuild
 	debclean

-# The same as all, but requires two environment variables related to
-# package signing.
+# Build process for GitHub runners.
+# Requires two environment variables related to package signing.
 # 	PPA_GPG_KEY_ID
 #		Key ID used to sign the .deb package files.
 #	PPA_GPG_PASSPHRASE
 #		Decrypts the private key associated with GPG_KEY_ID.
 #
 # When running from a GitHub workflow.  The above environment variables
-# are passed in from .github/scripts/build-sign-ubuntu.sh and that script
+# are passed in from .github/scripts/build-ubuntu.sh and that script
 # receives those variables from the .github/workflows/publish-lutris-ppa.yml
 # which receives them from the repository secrets.
 github-ppa:
@ -27,11 +27,10 @@ github-ppa:
 	# version string, and so that lintian check is suppressed.  Also note
 	# that all parameters after "--lintian-opts" are passed to lintian
 	# so that _must_ be the last parameter.
-	echo "y" | debuild -S -sa \
+	echo "y" | debuild -S \
 		-k"${PPA_GPG_KEY_ID}" \
 		-p"gpg --batch --passphrase "${PPA_GPG_PASSPHRASE}" --pinentry-mode loopback" \
 		--lintian-opts --suppress-tags malformed-debian-changelog-version
-	debclean

 build:
 	gbp buildpackage --git-debian-branch=${GITBRANCH}