This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build repo packages | |
on: | |
workflow_dispatch: | |
schedule: | |
- cron: "0 0 * * *" | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- "**/README.md" | |
jobs: | |
build-linux-firmware: | |
name: Build Linux firmware package | |
runs-on: ubuntu-latest | |
container: archlinux | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Install build dependencies | |
run: | | |
# Install makepkg deps | |
pacman --noconfirm -Syu | |
pacman --noconfirm -S sudo binutils fakeroot base-devel git rdfind | |
- name: Build Package | |
run: | | |
cd linux-firmware | |
# Fix permissions (can't makepkg as root) | |
echo "nobody ALL=(ALL) NOPASSWD: /usr/bin/pacman" >> /etc/sudoers | |
chown -R nobody . | |
# Package compression settings (Matches latest Arch) | |
export PKGEXT='.pkg.tar.xz' | |
# export COMPRESSZST=(zstd -c -T0 --ultra -20 -) | |
export MAKEFLAGS="-j2" | |
# Build linux-firmware | |
su nobody --pty -p -s /bin/bash -c 'makepkg -f --syncdeps --skippgpcheck --noconfirm' | |
# Build linux-firmware-lenovo-sm8250 | |
cd ../linux-firmware-lenovo-sm8250 | |
chown -R nobody . | |
su nobody --pty -p -s /bin/bash -c 'makepkg -f --syncdeps --skippgpcheck --noconfirm' | |
- name: Prepare release | |
run: | | |
mkdir firmware-release | |
cp linux-firmware/*.pkg.tar.xz firmware-release | |
cp linux-firmware-lenovo-sm8250/*.pkg.tar.xz firmware-release | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linux-firmware-aarch64-latest | |
path: firmware-release | |
build-kernel: | |
name: Build Linux kernel package | |
runs-on: ubuntu-latest | |
container: archlinux | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Install build dependencies | |
run: | | |
# Install makepkg deps | |
pacman --noconfirm -Syu | |
pacman --noconfirm -S sudo binutils fakeroot base-devel git \ | |
xmlto docbook-xsl kmod inetutils bc dtc \ | |
aarch64-linux-gnu-gcc aarch64-linux-gnu-glibc | |
# Fix permissions (can't makepkg as root) | |
echo "nobody ALL=(ALL) NOPASSWD: /usr/bin/pacman" >> /etc/sudoers | |
- name: Set up makepkg-aarch64 for cross-compilation | |
run: | | |
cd makepkg-aarch64 | |
# Fix permissions (can't makepkg as root) | |
chown -R nobody . | |
# Build and install | |
su nobody --pty -p -s /bin/bash -c 'makepkg -fi --syncdeps --skippgpcheck --noconfirm' | |
- name: Build Package | |
run: | | |
cd linux-sm8250 | |
git config --global user.email "[email protected]" | |
git config --global user.name "chalkinbot" | |
# Fix permissions (can't makepkg as root) | |
chown -R nobody . | |
# Package compression settings (Matches latest Arch) | |
export PKGEXT='.pkg.tar.xz' | |
# export COMPRESSZST=(zstd -c -T0 --ultra -20 -) | |
export MAKEFLAGS="-j9" | |
# Build | |
su nobody --pty -p -s /bin/bash -c 'makepkg-aarch64 -f --syncdeps --skippgpcheck --noconfirm' | |
# Build linux-sdm845 | |
cd ../linux-sdm845 | |
chown -R nobody . | |
su nobody --pty -p -s /bin/bash -c 'makepkg-aarch64 -f --syncdeps --skippgpcheck --noconfirm' | |
- name: Prepare release | |
run: | | |
mkdir release | |
cp linux-sdm845/*.pkg.tar.xz release | |
cp linux-sm8250/*.pkg.tar.xz release | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: linux-sm8250-aarch64-latest | |
path: release | |
build-packages: | |
needs: [build-linux-firmware, build-kernel] | |
runs-on: ubuntu-latest | |
env: | |
BUILD_SH: 'sudo arch-chroot ./builder qemu-aarch64-static /usr/bin/bash -c' | |
BUILD_ALARM_SH: 'sudo arch-chroot ./builder qemu-aarch64-static /usr/bin/su - alarm -c' | |
steps: | |
- name: checkout repo | |
uses: actions/checkout@v2 | |
- uses: actions/download-artifact@v4 | |
- name: Display structure of downloaded files | |
run: ls -R | |
- name: Set variables | |
run: | | |
echo RELEASE=$(date +%Y\/%m\/%d) >> $GITHUB_ENV | |
shell: bash | |
- name: Setup builder | |
run: | | |
sudo apt update && sudo apt install qemu-user-static libarchive-tools arch-install-scripts | |
sudo curl -L -o ./ArchLinuxARM-aarch64-latest.tar.gz http://os.archlinuxarm.org/os/ArchLinuxARM-aarch64-latest.tar.gz | |
sudo mkdir -p ./builder/build | |
sudo bsdtar -xpf ./ArchLinuxARM-aarch64-latest.tar.gz -C ./builder | |
sudo mount --bind ./builder ./builder | |
sudo cp /usr/bin/qemu-aarch64-static ./builder/usr/bin/qemu-aarch64-static | |
sudo cp {build.sh,qcom.yaml} ./builder/build | |
sudo mkdir -p build/pkgs/updated/ | |
sudo cp linux-*/*.pkg.tar.xz build/pkgs/updated/ | |
sudo curl -L -o ./builder/etc/pacman.conf https://github.com/silime/ArchlinuxARM-qcom-aarch64/raw/main/pacman.conf | |
${{ env.BUILD_SH }} "pacman -R --ask=4 linux-aarch64" | |
${{ env.BUILD_SH }} "pacman-key --init && pacman-key --populate archlinuxarm" | |
${{ env.BUILD_SH }} "pacman-key --recv-keys F60FD4C6D426DAB6" | |
${{ env.BUILD_SH }} "pacman-key --lsign F60FD4C6D426DAB6" | |
${{ env.BUILD_SH }} "pacman -Syyu --noconfirm --ask=4 arch-install-scripts cloud-guest-utils sudo binutils fakeroot base-devel git" | |
${{ env.BUILD_SH }} "chown -R alarm /build" | |
${{ env.BUILD_SH }} "echo 'alarm ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers" | |
shell: bash | |
- name: Setup GPG | |
run: | | |
# Import the GPG private key | |
echo 1 | |
${{ env.BUILD_ALARM_SH }} 'echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --import --passphrase "${{ secrets.GPG_PASSPHRASE }}" --pinentry-mode loopback' | |
# Configure the GPG agent to use the passphrase | |
echo 2 | |
${{ env.BUILD_ALARM_SH }} 'echo "default-cache-ttl 18000" > ~/.gnupg/gpg-agent.conf' | |
echo 3 | |
${{ env.BUILD_ALARM_SH }} 'echo "max-cache-ttl 18000" >> ~/.gnupg/gpg-agent.conf' | |
echo 4 | |
${{ env.BUILD_ALARM_SH }} 'gpgconf --reload gpg-agent' | |
echo 5 | |
- name: Sign the file | |
run: | | |
${{ env.BUILD_ALARM_SH }} 'echo "This is a test file." > ~/testfile.txt' | |
${{ env.BUILD_ALARM_SH }} 'gpg --armor --detach-sign --passphrase "${{ secrets.GPG_PASSPHRASE }}" --pinentry-mode loopback --output ~/testfile.sig ~/testfile.txt' | |
- name: Build packages | |
run: | | |
${{ env.BUILD_ALARM_SH }} 'git config --global user.email "[email protected]"' | |
${{ env.BUILD_ALARM_SH }} 'git config --global user.name "chalkinbot"' | |
${{ env.BUILD_ALARM_SH }} 'cd /build/ && ./build.sh qcom qcom "${{ secrets.GPG_PASSPHRASE }}"' | |
${{ env.BUILD_ALARM_SH }} 'cd /build/ && tar -cvf logs.tar ./build/logs' | |
- name: create artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: logs | |
path: ./builder/build/logs.tar # or path/to/artifact | |
- name: create release | |
uses: softprops/action-gh-release@v2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
body: ${{ env.RELEASE }} | |
tag_name: ${{ env.RELEASE }} | |
draft: false | |
prerelease: false | |
files: | | |
./builder/build/repo/qcom/* | |
# - name: delete old releases | |
# uses: dev-drprasad/[email protected] | |
# with: | |
# keep_latest: 1 | |
# delete_tags: true | |
# env: | |
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |