Build Image #78
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Image | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Release version' | |
| required: true | |
| default: '23.05.5|24.10.0-rc4|SNAPSHOT' | |
| type: string | |
| board: | |
| description: 'Device board' | |
| required: true | |
| default: 'x86' | |
| type: string | |
| subtarget: | |
| description: 'Device subtarget' | |
| required: true | |
| default: '64' | |
| type: string | |
| profile: | |
| description: 'Device profile' | |
| required: true | |
| default: 'generic' | |
| type: string | |
| workflow_call: | |
| inputs: | |
| version: | |
| required: true | |
| type: string | |
| board: | |
| required: true | |
| type: string | |
| subtarget: | |
| required: true | |
| type: string | |
| profile: | |
| required: true | |
| type: string | |
| env: | |
| DELETE_USELESS_FILES: false | |
| jobs: | |
| build_image: | |
| name: build_image ${{ inputs.version }}-${{ inputs.board }}-${{ inputs.subtarget }}-${{ inputs.profile }} | |
| runs-on: ubuntu-latest | |
| env: | |
| MIRROR_URL: 'https://downloads.openwrt.org' | |
| CONFBRANCH: 'conf' | |
| TARGETBRANCH: ${{ inputs.version }}-${{ inputs.board }}-${{ inputs.subtarget }} | |
| OP_VERSION: ${{ inputs.version }} | |
| USIGN_ID: ${{ vars.USIGN_ID }} | |
| USIGN_KEY: ${{ secrets[format('USIGN_{0}', vars.USIGN_ID )] }} | |
| USIGN_PUBKEY: ${{ vars[format('USIGN_PUB_{0}', vars.USIGN_ID )] }} | |
| VERIFY_KEY_ID: ${{ vars.VERIFY_KEY_ID }} | |
| ROOTFS_SIZE: 256 | |
| steps: | |
| - name: Check if deployed | |
| shell: bash | |
| run: | | |
| rcode=$(curl -sL -w '%{http_code}' -o /dev/null https://github.com/$GITHUB_REPOSITORY/tree/$TARGETBRANCH) | |
| echo rcode: $rcode | |
| [ "$rcode" != "404" ] || { >&2 echo Branch $TARGETBRANCH is not deployed, please build world first.; exit 1; } | |
| - name: Determine branch name and Generate op_target_url_prefix | |
| shell: bash | |
| run: | | |
| SNAPSHOTS=$(echo "$OP_VERSION" | grep -q SNAPSHOT && { [ "$OP_VERSION" = "SNAPSHOT" ] && echo y || echo i; } || echo ) | |
| echo "SNAPSHOTS=$SNAPSHOTS" >> $GITHUB_ENV | |
| SNAPSHOTS_BRANCH="$(echo "$OP_VERSION" | sed -En 's|^(.+)-SNAPSHOT$|\1|p')" | |
| echo "SNAPSHOTS_BRANCH=$SNAPSHOTS_BRANCH" >> $GITHUB_ENV | |
| BRANCH="$([ -n "$SNAPSHOTS_BRANCH" ] && echo "$SNAPSHOTS_BRANCH" || echo "${OP_VERSION%.*}")" | |
| echo "Building for $BRANCH" | |
| echo "BRANCH=$BRANCH" >> $GITHUB_ENV | |
| op_target_url_prefix="$MIRROR_URL/$([ -n "$SNAPSHOTS" ] && echo snapshots || echo "releases/$OP_VERSION")/targets/${{ inputs.board }}/${{ inputs.subtarget}}" | |
| echo "op_target_url_prefix=$op_target_url_prefix" >> $GITHUB_ENV | |
| - name: Maximize build space | |
| if: env.DELETE_USELESS_FILES == 'true' && !cancelled() | |
| uses: easimon/maximize-build-space@master | |
| with: | |
| root-reserve-mb: 10240 | |
| swap-size-mb: 8192 | |
| remove-dotnet: 'true' | |
| remove-android: 'true' | |
| remove-haskell: 'true' | |
| - name: Initialize Environment | |
| shell: bash | |
| run: | | |
| sudo apt update | |
| sudo apt -y install build-essential ccache clang curl flex bison g++ gawk \ | |
| gcc-multilib g++-multilib genisoimage gettext git libdw-dev libelf-dev \ | |
| libncurses5-dev libssl-dev locales pv pwgen python3 python3-pip \ | |
| python3-setuptools qemu-utils rsync signify-openbsd subversion swig unzip \ | |
| zlib1g-dev file wget zstd python3-venv python3-pyelftools python3-cryptography \ | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ env.CONFBRANCH }} | |
| - name: Get preinstalled path | |
| shell: bash | |
| run: | | |
| sel_config() { | |
| if [ -f "$2/${{ inputs.board }}/${{ inputs.subtarget}}/$3" ]; then | |
| eval $1="$2/${{ inputs.board }}/${{ inputs.subtarget}}/$3" | |
| elif [ -f "$2/${{ inputs.board }}/$3" ]; then | |
| eval $1="$2/${{ inputs.board }}/$3" | |
| elif [ -f "$2/$3" ]; then | |
| eval $1="$2/$3" | |
| else | |
| return 1 | |
| fi | |
| } | |
| preinstalled='' | |
| if [ -n "$SNAPSHOTS" ]; then | |
| sel_config preinstalled "$BRANCH" preinstalled || | |
| sel_config preinstalled "snapshots" preinstalled || | |
| sel_config preinstalled "default" preinstalled || sleep 0 | |
| else | |
| sel_config preinstalled "$OP_VERSION" preinstalled || | |
| sel_config preinstalled "$BRANCH" preinstalled || | |
| sel_config preinstalled "default" preinstalled || sleep 0 | |
| fi | |
| echo "preinstalled='$preinstalled'" | |
| echo "preinstalled=$preinstalled" >> $GITHUB_ENV | |
| - name: Checkout to TARGETBRANCH ${{ env.TARGETBRANCH }} | |
| id: checkout_to_targetbranch | |
| shell: bash | |
| run: | | |
| git fetch --depth=1 origin $TARGETBRANCH | |
| git checkout -b $TARGETBRANCH --track origin/$TARGETBRANCH | |
| - name: Setup Image Builder | |
| id: setup | |
| shell: bash | |
| run: | | |
| pushd targets/${{ inputs.board }}/${{ inputs.subtarget}} | |
| if [ "$(basename *-imagebuilder-*.* | awk -F'.' '{print $NF}')" = "aa" ]; then | |
| ibname=$(basename *-imagebuilder-*.* | sed -E 's|(\.tar\.[^\.]+).*|\1|') | |
| cat ${ibname}.* > $ibname | |
| rm -f ${ibname}.* | |
| fi | |
| popd | |
| tar $(echo "targets/${{ inputs.board }}/${{ inputs.subtarget}}/"*-imagebuilder-*.* | grep -qE '\.tar\.zst$' && echo '-I zstd') -xf targets/${{ inputs.board }}/${{ inputs.subtarget}}/*-imagebuilder-*.* | |
| mv *-imagebuilder-* imagebuilder | |
| pushd imagebuilder | |
| # | |
| eval "$(grep CONFIG_TARGET_ARCH_PACKAGES .config)" | |
| ARCH_PACKAGES=$CONFIG_TARGET_ARCH_PACKAGES | |
| echo "ARCH_PACKAGES=$ARCH_PACKAGES" >> $GITHUB_ENV | |
| # key-build | |
| echo "$USIGN_KEY" > key-build | |
| echo "$USIGN_PUBKEY" > key-build.pub | |
| echo "$USIGN_PUBKEY" > keys/${USIGN_ID,,} | |
| # key-verify | |
| for k in ${VERIFY_KEY_ID}; do | |
| curl -Lo keys/${k,,} "https://github.com/$GITHUB_REPOSITORY/raw/$CONFBRANCH/keys/usign/${k^^}.pub" | |
| done | |
| # core feed | |
| sed -i "/\/targets\/${{ inputs.board }}\/${{ inputs.subtarget}}\/packages/{ \ | |
| s|$MIRROR_URL/releases/$OP_VERSION|file://$GITHUB_WORKSPACE| \ | |
| }" repositories.conf | |
| # SNAPSHOT | |
| if [ -n "$SNAPSHOTS" ]; then | |
| sed -i "/\/targets\/${{ inputs.board }}\/${{ inputs.subtarget}}\/kmods/d" repositories.conf | |
| sed -i "s|releases/$OP_VERSION|snapshots|" repositories.conf | |
| fi | |
| # fantastic feeds | |
| n=$[ $(sed -n '/This is the local package repository/=' repositories.conf) -1 ] | |
| sed -i "${n}i\ | |
| src/gz fantasticpackages_packages https://github.com/$GITHUB_REPOSITORY_OWNER/packages/raw/gh-pages/releases/$BRANCH/packages/$ARCH_PACKAGES/packages\n\ | |
| src/gz fantasticpackages_luci https://github.com/$GITHUB_REPOSITORY_OWNER/packages/raw/gh-pages/releases/$BRANCH/packages/$ARCH_PACKAGES/luci\n\ | |
| src/gz fantasticpackages_special https://github.com/$GITHUB_REPOSITORY_OWNER/packages/raw/gh-pages/releases/$BRANCH/packages/$ARCH_PACKAGES/special" \ | |
| repositories.conf | |
| # ROOTFS_SIZE | |
| sed -i "s|\(\bCONFIG_TARGET_ROOTFS_PARTSIZE\)=.*|\1=$ROOTFS_SIZE|" .config | |
| # | |
| popd | |
| - name: Determine packages be installed | |
| shell: bash | |
| run: | | |
| INSTALLS='' | |
| url="https://github.com/$GITHUB_REPOSITORY/raw/$CONFBRANCH/$preinstalled \ | |
| https://github.com/$GITHUB_REPOSITORY_OWNER/packages/raw/master/.github/workflows/prebuildpackages/generic \ | |
| https://github.com/$GITHUB_REPOSITORY_OWNER/packages/raw/master/.github/workflows/prebuildpackages/$ARCH_PACKAGES" | |
| for l in $url; do | |
| if [ "$(curl -sL -w '%{http_code}' "$l" -o preinstalled)" != "404" ]; then | |
| INSTALLS=${INSTALLS:+$INSTALLS }$(cat preinstalled 2>/dev/null | tr '\n' ' ') | |
| else | |
| >&2 echo URL: $l is not found. | |
| fi | |
| done | |
| echo "Installing $INSTALLS" | |
| echo "INSTALLS=$INSTALLS" >> $GITHUB_ENV | |
| - name: Build image | |
| id: build_image | |
| if: ${{ steps.setup.outcome == 'success' }} | |
| shell: bash | |
| run: | | |
| group() { | |
| endgroup | |
| echo "::group:: $1" | |
| GROUP=1 | |
| } | |
| endgroup() { | |
| if [ -n "$GROUP" ]; then | |
| echo "::endgroup::" | |
| fi | |
| GROUP= | |
| } | |
| trap 'endgroup' ERR | |
| sudo chown -R $USER:$GROUPS imagebuilder | |
| pushd imagebuilder | |
| # | |
| group "echo start" | |
| echo start | |
| endgroup | |
| # | |
| group "ls -R keys/" | |
| ls -R keys/ | |
| endgroup | |
| # | |
| group "repositories.conf" | |
| cat repositories.conf | |
| endgroup | |
| # | |
| group "make image" | |
| make image \ | |
| PROFILE="${{ inputs.profile }}" \ | |
| DISABLED_SERVICES="$DISABLED_SERVICES" \ | |
| ADD_LOCAL_KEY=1 \ | |
| PACKAGES="$INSTALLS" | |
| endgroup | |
| # | |
| popd | |
| - name: Upload artifact (All) | |
| if: ${{ steps.build_image.outcome == 'success' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: target-${{ env.OP_VERSION }}-${{ inputs.BOARD }}-${{ inputs.SUBTARGET }}-${{ inputs.profile }}-all | |
| path: | | |
| imagebuilder/bin/targets/${{ inputs.BOARD }}/${{ inputs.SUBTARGET }}/ |