diff --git a/.github/workflows/1.txt b/.github/workflows/1.txt new file mode 100644 index 000000000..c6174c5bf --- /dev/null +++ b/.github/workflows/1.txt @@ -0,0 +1 @@ +git clone --depth 1 --branch v23.05.3 https://github.com/openwrt/openwrt.git diff --git a/.github/workflows/AutoBuild.yml b/.github/workflows/AutoBuild.yml new file mode 100644 index 000000000..3d23f6a22 --- /dev/null +++ b/.github/workflows/AutoBuild.yml @@ -0,0 +1,198 @@ +name: AutoBuild + +on: + workflow_dispatch: + inputs: + build_mode: + description: 'Build mode' + required: true + default: 'build_pkgs_and_imgs' + type: choice + options: + - build_pkgs_and_imgs + - build_imgs + - build_pkgs + compile_packages: + description: 'Compile packages' + required: false + default: 'A B C etc.' + type: string + no_pages: + description: 'Donot deploy pages' + required: true + default: false + type: boolean + export_dl: + description: 'Export DL' + required: true + default: false + type: boolean + + push: + branches: [ master ] + paths: + - 'Makefile' + + watch: + types: [started] + +env: +# Release path + release_path: 'releases' +# 删除早期的 packages + DELETE_OLD_PACKAGES: true +# 删除早期的 workflow 任务 + DELETE_OLD_WORKFLOW: true + WORKFLOW_RETAIN_DAYS: 14 + KEEP_RUNS_RECORD: 100 +### End + +# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. +# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. +concurrency: + group: "${{ github.workflow }}-${{ github.ref }}" + cancel-in-progress: false + +jobs: + compile: + permissions: + contents: write # To push a branch + strategy: + matrix: + version: [23.05.3] + arch: [ + x86_64, + mips_24kc, + arm_cortex-a7_neon-vfpv4, + aarch64_cortex-a53, + aarch64_cortex-a72, + arm_cortex-a9, + arm_cortex-a15_neon-vfpv4, + mipsel_24kc, + aarch64_generic + ] + include: + - usign_id: '53FF2B6672243D28' + - gpg_id: 'A5F2461EC8F6DCAA' + - release_path: 'releases' + - no_img: true + - arch: x86_64 + target: ['x86', '64'] # for imagebuilder + profile: generic # for imagebuilder + no_img: false + uses: ./.github/workflows/compile.yml + with: + build_mode: ${{ inputs.build_mode }} + compiles: ${{ inputs.compile_packages }} + no_img: ${{ matrix.no_img }} + TPATH: ${{ matrix.release_path }} + VERSION: ${{ matrix.version }} + TARGET: ${{ matrix.target[0] }} + SUBTARGET: ${{ matrix.target[1] }} + PROFILE: ${{ matrix.profile }} + ARCH: ${{ matrix.arch }} + USIGN_ID: ${{ matrix.usign_id }} + GPG_ID: ${{ matrix.gpg_id }} + secrets: inherit + + push_packages: + needs: compile + if: (inputs.build_mode == 0 || inputs.build_mode == 'build_pkgs_and_imgs' || inputs.build_mode == 'build_pkgs') && !cancelled() + permissions: + contents: write # To push a branch + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: 'gh-pages' + lfs: false + submodules: false + - name: Download artifact + uses: actions/download-artifact@v4 + - name: Move artifact + shell: bash + env: + keepdir: '19.07|21.02|22.03' + run: | + if [ "$DELETE_OLD_PACKAGES" == "true" ]; then + find $release_path/* -maxdepth 0 -type d 2>/dev/null | grep -Ev "\b($keepdir)$" | xargs -I{} rm -rf "{}" + fi + mkdir -p $release_path 2>/dev/null + cp -rf OpenWRT-Build-*/*/ $release_path/ + rm -rf OpenWRT-Build-*/ 2>/dev/null + - name: Display structure of downloaded files + working-directory: ${{ env.release_path }} + run: ls -R + - name: Commit and push Packages + env: + Branch: gh-pages + run: | + git config --local user.name "GitHub Action" + git config --local user.email "actions-user@users.noreply.github.com" + #git remote update # include submodules + #git fetch --no-tags --prune --no-recurse-submodules --depth=1 origin $Branch + #git checkout -B $Branch refs/remotes/origin/$Branch + git add $release_path/**/ + git reset HEAD $release_path/**/targets/ + git diff-index --cached --quiet HEAD $release_path/**/packages/**/*.ipk \ + && git diff-index --cached --quiet HEAD $release_path/**/packages/**/Packages.manifest \ + && git diff-index --cached --quiet HEAD $release_path/**/*.pub \ + || (git commit -m "Update packages" && git push) + + export_dl: + needs: compile + if: inputs.export_dl == 1 && (inputs.build_mode == 0 || inputs.build_mode == 'build_pkgs_and_imgs' || inputs.build_mode == 'build_pkgs') && !cancelled() + runs-on: ubuntu-latest + steps: + - name: Initialize Environment + run: | + sudo mkdir -p /workdir + sudo chown $USER:$GROUPS /workdir + mkdir -p /workdir/DL + - name: Cache DL dependencies + uses: actions/cache@v4 + with: + path: /workdir/DL + key: ${{ runner.os }}-OpenWRT-SDK-DL-Cache-Makefile-${{ hashFiles('**/Makefile') }} + restore-keys: | + ${{ runner.os }}-OpenWRT-SDK-DL-Cache-Makefile- + - name: Compress DL Cache + run: | + pushd /workdir/DL + tar -cJvf /workdir/DL.txz * --owner=0 --group=0 --no-same-owner --no-same-permissions + popd + - name: Upload DL Cache artifact + uses: actions/upload-artifact@v4 + with: + name: DL.txz + path: /workdir/DL.txz + retention-days: 1 + + deploy_pages: + needs: [compile, push_packages] + if: inputs.no_pages == 0 && !cancelled() + permissions: + contents: read + pages: write + id-token: write + strategy: + matrix: + release_path: ['releases'] + uses: ./.github/workflows/jekyll.yml + with: + destination_path: ${{ matrix.release_path }} + + clean-up-old-workflow: + needs: push_packages + permissions: + contents: read + actions: write + runs-on: ubuntu-latest + steps: + - name: Delete old Workflow Runs + uses: Mattraks/delete-workflow-runs@v2.0.3 + if: env.DELETE_OLD_WORKFLOW == 'true' && !cancelled() + with: + retain_days: ${{ env.WORKFLOW_RETAIN_DAYS }} + keep_minimum_runs: ${{ env.KEEP_RUNS_RECORD }} diff --git a/.github/workflows/build_world.yml b/.github/workflows/build_world.yml new file mode 100644 index 000000000..10a499ea0 --- /dev/null +++ b/.github/workflows/build_world.yml @@ -0,0 +1,21 @@ +name: build_world + +on: + workflow_dispatch: + inputs: + version: + description: 'Release version' + required: true + default: '23.05.3' + type: string + target: + description: 'Device target' + required: true + default: 'x86' + type: string + subtarget: + description: 'Device subtarget' + required: true + default: '64' + type: string + diff --git a/.github/workflows/compile.yml b/.github/workflows/compile.yml new file mode 100644 index 000000000..524d6e1de --- /dev/null +++ b/.github/workflows/compile.yml @@ -0,0 +1,304 @@ +name: Compile packages and Build images + +on: + workflow_call: + inputs: + build_mode: + required: false + type: string + compiles: + required: false + type: string + no_img: + required: false + type: boolean + TPATH: + required: true + type: string + VERSION: + required: true + type: string + TARGET: + required: false + type: string + SUBTARGET: + required: false + type: string + PROFILE: + required: false + type: string + ARCH: + required: true + type: string + USIGN_ID: + required: true + type: string + GPG_ID: + required: false + type: string + +env: +# 使用 GPG 签名 Packages (非必要) + GPG_SIGN: true +# Cache Libraries + CACHE_DOWNLOAD: true +# 删除无用文件以增加编译空间 + DELETE_USELESS_FILES: false +# Artifact retention days + ARTIFACT_RETENTION_DAYS: 3 +### 结束 + +jobs: + compile: + runs-on: ubuntu-latest + permissions: + contents: write # To push a branch + # pull-requests: write # To create a PR from that branch + env: + TPATH: ${{ inputs.TPATH }} + VERSION: ${{ inputs.VERSION }} + TARGET: ${{ inputs.TARGET }} + SUBTARGET: ${{ inputs.SUBTARGET }} + PROFILE: ${{ inputs.PROFILE }} + ARCH: ${{ inputs.ARCH }} + USIGN_ID: ${{ inputs.USIGN_ID }} + USIGN_KEY: ${{ secrets[format('USIGN_{0}', inputs.USIGN_ID )] }} + GPG_ID: ${{ inputs.GPG_ID }} + GPG_PW: ${{ secrets[format('GPG_PW_{0}', inputs.GPG_ID )] }} + GPG_KEY: ${{ secrets[format('GPG_{0}', inputs.GPG_ID )] }} + PREFIX: fantasticpackages_ + + steps: + - name: Maximize Build Space + if: env.DELETE_USELESS_FILES == 'true' && !cancelled() + uses: easimon/maximize-build-space@master + with: + root-reserve-mb: 5120 + remove-dotnet: 'true' + remove-android: 'true' + remove-haskell: 'true' + + - name: Initialize Environment + env: + DEBIAN_FRONTEND: noninteractive + run: | + sudo mkdir -p /workdir + sudo chown $USER:$GROUPS /workdir + mkdir -p "/workdir/DL" + if [ "${{ env.DELETE_USELESS_FILES }}" == "true" ] + then + docker rmi $(docker images -q) + sudo rm -rf /usr/share/dotnet /etc/mysql /etc/php + sudo -E apt-get -y autoremove --purge + sudo -E apt-get clean + fi + + - name: Determine branch name + run: | + BRANCH="${VERSION%.*}" + echo "Building for $BRANCH" + echo "BRANCH=$BRANCH" >> $GITHUB_ENV + + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ env.BRANCH }} + lfs: true + submodules: true + + - name: Import keys + shell: bash + run: | + # usign + EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) + echo "USIGN_PUBKEY<<$EOF" >> $GITHUB_ENV + cat $GITHUB_WORKSPACE/keys/usign/${USIGN_ID}.pub >> $GITHUB_ENV + echo "$EOF" >> $GITHUB_ENV + # gpg + gpg --batch --pinentry-mode=loopback --yes --passphrase "$(echo -n "${GPG_PW}")" --import <(echo "${GPG_KEY}") + echo "$(sed 's|\s||g' "$GITHUB_WORKSPACE/keys/gpg/${GPG_ID}.finger"):6:" | gpg --import-ownertrust + + - name: Cache DL dependencies + if: env.CACHE_DOWNLOAD == 'true' && (inputs.build_mode == 0 || inputs.build_mode == 'build_pkgs_and_imgs' || inputs.build_mode == 'build_pkgs') && !cancelled() + uses: actions/cache@v4 + with: + path: /workdir/DL + key: ${{ runner.os }}-OpenWRT-SDK-DL-Cache-Makefile-${{ hashFiles('**/Makefile') }} + #key: ${{ runner.os }}-DL-${{ github.ref_name }}-${{ hashFiles('Makefile') }}-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-OpenWRT-SDK-DL-Cache-Makefile- + #restore-keys: | + # ${{ runner.os }}-DL-${{ github.ref_name }}-${{ hashFiles('Makefile') }}- + # ${{ runner.os }}-DL-${{ github.ref_name }}- + + - name: Determine EXTRA_FEEDS and PACKAGES + if: (inputs.build_mode == 0 || inputs.build_mode == 'build_pkgs_and_imgs' || inputs.build_mode == 'build_pkgs') && !cancelled() + shell: bash + env: + EXTRA_FEEDS: >- + src-link|${{ env.PREFIX }}packages|/feed/feeds/packages/ + src-link|${{ env.PREFIX }}luci|/feed/feeds/luci/ + run: | + # EXTRA_FEEDS + echo "Feeds $EXTRA_FEEDS" + echo "EXTRA_FEEDS=$EXTRA_FEEDS" >> $GITHUB_ENV + # PACKAGES + _packages="$(ls -1 $GITHUB_WORKSPACE/feeds/packages/ | tr '\n' ' ')" + _luci="$(ls -1 $GITHUB_WORKSPACE/feeds/luci/ | tr '\n' ' ')" + _all="$_packages $_luci" + _manual='' + for _p in ${{ inputs.compiles }}; do + [ -z "$(find "$GITHUB_WORKSPACE/feeds" -maxdepth 2 -name $_p 2>/dev/null)" ] && continue + _manual="${_manual:+$_manual }$_p" + done + PACKAGES="${_manual:-$_all}" + echo "Building $PACKAGES" + echo "PACKAGES=$PACKAGES" >> $GITHUB_ENV + + - name: Checkout Releases + id: checkout_releases + env: + Branch: gh-pages + shell: bash + run: | + git fetch --no-tags --prune --no-recurse-submodules --depth=1 origin $Branch + git checkout origin/$Branch -- $TPATH/$BRANCH/packages/$ARCH/ 2>/dev/null || echo + echo "mv $TPATH/$BRANCH/packages/$ARCH/ to /workdir/bin/packages/$ARCH/${PREFIX}" + mkdir -p "/workdir/bin/packages/$ARCH" 2>/dev/null + if [ -d "$TPATH/$BRANCH/packages/$ARCH" ]; then + pushd $TPATH/$BRANCH/packages/$ARCH + find * -maxdepth 0 -type d 2>/dev/null | xargs -I{} mv "{}" "/workdir/bin/packages/$ARCH/${PREFIX}{}" + popd + fi + + - name: Build Packages + id: build_packags + if: (inputs.build_mode == 0 || inputs.build_mode == 'build_pkgs_and_imgs' || inputs.build_mode == 'build_pkgs') && !cancelled() + uses: fantastic-packages/gh-action-sdk@master + env: + #ARCH: ${{ env.ARCH }}-${{ env.VERSION }} + ARCH: ${{ env.ARCH }}-${{ env.BRANCH }}-SNAPSHOT + ARTIFACTS_DIR: /workdir + DL_DIR: /workdir/DL + FEED_DIR: ${{ github.workspace }} + EXTRA_FEEDS: ${{ env.EXTRA_FEEDS }} + NO_REPO_FEEDS: 1 + NO_SHFMT_CHECK: 1 + PACKAGES: ${{ env.PACKAGES }} + INDEX: 1 + KEY_BUILD: ${{ env.USIGN_KEY }} + V: 99 + + - name: Checkout Packages + id: checkout_packags + shell: bash + if: (inputs.build_mode == 0 || inputs.build_mode == 'build_pkgs_and_imgs' || inputs.build_mode == 'build_pkgs') && !cancelled() + run: | + sign_packages() { + # gpg + if [ "${{env.GPG_SIGN}}" == "true" ]; then + gpg -u ${GPG_ID} --batch --pinentry-mode=loopback --yes --passphrase "$(echo -n "${GPG_PW}")" -a -o Packages.asc --detach-sign Packages + fi + } + # + mkdir -p "$GITHUB_WORKSPACE/$TPATH" 2>/dev/null + if [ -d "/workdir/bin" ]; then + sudo chown -R $USER:$GROUPS /workdir/bin + rm -rf "$GITHUB_WORKSPACE/$TPATH/$BRANCH/packages/$ARCH/packages" 2>/dev/null + rm -rf "$GITHUB_WORKSPACE/$TPATH/$BRANCH/packages/$ARCH/luci" 2>/dev/null + mkdir -p "$GITHUB_WORKSPACE/$TPATH/$BRANCH/packages/$ARCH/" 2>/dev/null + for EXTRA_FEED in $EXTRA_FEEDS; do + feed=$(echo "$EXTRA_FEED" | cut -d'|' -f2) + if [ -d "/workdir/bin/packages/$ARCH/$feed" ]; then + echo "cp /workdir/bin/packages/$ARCH/$feed to $GITHUB_WORKSPACE/$TPATH/$BRANCH/packages/$ARCH/${feed/$PREFIX/}" + cp -Rf "/workdir/bin/packages/$ARCH/$feed" "$GITHUB_WORKSPACE/$TPATH/$BRANCH/packages/$ARCH/${feed/$PREFIX/}" + pushd "$GITHUB_WORKSPACE/$TPATH/$BRANCH/packages/$ARCH/${feed/$PREFIX/}"; sign_packages; popd + fi + done + # + pushd "$GITHUB_WORKSPACE/$TPATH/$BRANCH" + echo "$USIGN_PUBKEY" > ${USIGN_ID}.pub + cat <<- EOF > ${USIGN_ID}.sh + #!/bin/sh + KEYID=${USIGN_ID} + mkdir -p /etc/opkg/keys 2>/dev/null + cat <<- PUBKEY > /etc/opkg/keys/\${KEYID,,} + ${USIGN_PUBKEY} + PUBKEY + EOF + if [ "${{env.GPG_SIGN}}" == "true" ]; then + cp -f "$GITHUB_WORKSPACE/keys/gpg/${GPG_ID}.finger" ${GPG_ID}.gpg.finger + cp -f "$GITHUB_WORKSPACE/keys/gpg/${GPG_ID}.pub" ${GPG_ID}.gpg.pub + cp -f "$GITHUB_WORKSPACE/keys/gpg/${GPG_ID}.rev" ${GPG_ID}.gpg.rev + fi + popd + # Clean images output dir + rm -rf /workdir/bin/targets 2>/dev/null + fi + + - name: Display structure of downloaded files (${{ env.BRANCH }}, ${{ env.ARCH }}) + if: ${{ steps.checkout_packags.outcome == 'success' || steps.checkout_releases.outcome == 'success' }} + run: ls -R + working-directory: /workdir/bin/packages/ + + - name: Determine packages be installed + if: inputs.no_img == 0 && (inputs.build_mode == 0 || inputs.build_mode == 'build_pkgs_and_imgs' || inputs.build_mode == 'build_imgs') && !cancelled() + shell: bash + run: | + INSTALLS="$(cat "$GITHUB_WORKSPACE/.github/workflows/prebuildpackages/$ARCH" | tr '\n' ' ')" + echo "Installing $INSTALLS" + echo "INSTALLS=$INSTALLS" >> $GITHUB_ENV + + - name: Build Images + if: inputs.no_img == 0 && (inputs.build_mode == 0 || inputs.build_mode == 'build_pkgs_and_imgs' || inputs.build_mode == 'build_imgs') && !cancelled() + uses: fantastic-packages/gh-action-imagebuilder@master + env: + ARCH: ${{ env.TARGET }}-${{ env.SUBTARGET }}-${{ env.VERSION }} + PROFILE: ${{ env.PROFILE }} + ARTIFACTS_DIR: /workdir + REPO_DIR: /workdir/bin/packages/${{ env.ARCH }} + EXTRA_REPOS: >- + src|${{ env.PREFIX }}packages|file:///repo/${{ env.PREFIX }}packages + src|${{ env.PREFIX }}luci|file:///repo/${{ env.PREFIX }}luci + NO_LOCAL_REPOS: 1 + KEY_BUILD: ${{ env.USIGN_KEY }} + KEY_BUILD_PUB: ${{ env.USIGN_PUBKEY }} + PACKAGES: ${{ env.INSTALLS }} + ROOTFS_SIZE: 256 + + - name: Checkout Images + shell: bash + if: inputs.no_img == 0 && (inputs.build_mode == 0 || inputs.build_mode == 'build_pkgs_and_imgs' || inputs.build_mode == 'build_imgs') && !cancelled() + run: | + if [ -d "/workdir/bin" ]; then + sudo chown -R $USER:$GROUPS /workdir/bin + rm -rf "$GITHUB_WORKSPACE/$TPATH/$BRANCH/targets/$TARGET/$SUBTARGET" 2>/dev/null + mkdir -p "$GITHUB_WORKSPACE/$TPATH/$BRANCH/targets/$TARGET/" 2>/dev/null + echo "mv /workdir/bin/targets/$TARGET/$SUBTARGET to $GITHUB_WORKSPACE/$TPATH/$BRANCH/targets/$TARGET/$SUBTARGET" + mv -f "/workdir/bin/targets/$TARGET/$SUBTARGET" "$GITHUB_WORKSPACE/$TPATH/$BRANCH/targets/$TARGET/$SUBTARGET" + pushd "$GITHUB_WORKSPACE/$TPATH/$BRANCH/targets/$TARGET/$SUBTARGET" + if [ "${{env.GPG_SIGN}}" == "true" ]; then + gpg -u ${GPG_ID} --batch --pinentry-mode=loopback --yes --passphrase "$(echo -n "${GPG_PW}")" -a -o sha256sums.asc --detach-sign sha256sums + fi + popd + fi + + - name: Generate artifact name and clean up irrelevant packages + run: | + echo "artifact=OpenWRT-Build-$VERSION-$ARCH-$TARGET-$SUBTARGET-$PROFILE" >> $GITHUB_ENV + find $TPATH/* -maxdepth 0 2>/dev/null | grep -v "$BRANCH" | xargs -I{} rm -rf "{}" + find $TPATH/$BRANCH/packages/* -maxdepth 0 2>/dev/null | grep -v "$ARCH" | xargs -I{} rm -rf "{}" + find $TPATH/$BRANCH/targets/* -maxdepth 0 2>/dev/null | grep -v "$TARGET" | xargs -I{} rm -rf "{}" + find $TPATH/$BRANCH/targets/$TARGET/* -maxdepth 0 2>/dev/null | grep -v "$SUBTARGET" | xargs -I{} rm -rf "{}" + + - name: Display structure of upload files (${{ env.VERSION }}, ${{ env.ARCH }}, ${{ env.TARGET }}-${{ env.SUBTARGET }}) + run: ls -R + working-directory: ${{ env.TPATH }}/ + + - name: Upload artifact + uses: actions/upload-artifact@v4 + with: + name: ${{ env.artifact }} + path: | + ${{ env.TPATH }}/ + retention-days: ${{ env.ARTIFACT_RETENTION_DAYS }}