Skip to content
name: Build repo packages
on:
workflow_dispatch:
schedule:
- cron: "0 0 * * *"
push:
branches:
- main
paths-ignore:
- "**/README.md"
jobs:
build-linux-firmware:
name: Build Linux firmware package
runs-on: ubuntu-latest
container: archlinux
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install build dependencies
run: |
# Install makepkg deps
pacman --noconfirm -Syu
pacman --noconfirm -S sudo binutils fakeroot base-devel git rdfind
- name: Build Package
run: |
cd linux-firmware
# Fix permissions (can't makepkg as root)
echo "nobody ALL=(ALL) NOPASSWD: /usr/bin/pacman" >> /etc/sudoers
chown -R nobody .
# Package compression settings (Matches latest Arch)
export PKGEXT='.pkg.tar.xz'
# export COMPRESSZST=(zstd -c -T0 --ultra -20 -)
export MAKEFLAGS="-j2"
# Build linux-firmware
su nobody --pty -p -s /bin/bash -c 'makepkg -f --syncdeps --skippgpcheck --noconfirm'
# Build linux-firmware-lenovo-sm8250
cd ../linux-firmware-lenovo-sm8250
chown -R nobody .
su nobody --pty -p -s /bin/bash -c 'makepkg -f --syncdeps --skippgpcheck --noconfirm'
- name: Prepare release
run: |
mkdir firmware-release
cp linux-firmware/*.pkg.tar.xz firmware-release
cp linux-firmware-lenovo-sm8250/*.pkg.tar.xz firmware-release
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: linux-firmware-aarch64-latest
path: firmware-release
build-kernel:
name: Build Linux kernel package
runs-on: ubuntu-latest
container: archlinux
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install build dependencies
run: |
# Install makepkg deps
pacman --noconfirm -Syu
pacman --noconfirm -S sudo binutils fakeroot base-devel git \
xmlto docbook-xsl kmod inetutils bc dtc \
aarch64-linux-gnu-gcc aarch64-linux-gnu-glibc
# Fix permissions (can't makepkg as root)
echo "nobody ALL=(ALL) NOPASSWD: /usr/bin/pacman" >> /etc/sudoers
- name: Set up makepkg-aarch64 for cross-compilation
run: |
cd makepkg-aarch64
# Fix permissions (can't makepkg as root)
chown -R nobody .
# Build and install
su nobody --pty -p -s /bin/bash -c 'makepkg -fi --syncdeps --skippgpcheck --noconfirm'
- name: Build Package
run: |
cd linux-sm8250
git config --global user.email "[email protected]"
git config --global user.name "chalkinbot"
# Fix permissions (can't makepkg as root)
chown -R nobody .
# Package compression settings (Matches latest Arch)
export PKGEXT='.pkg.tar.xz'
# export COMPRESSZST=(zstd -c -T0 --ultra -20 -)
export MAKEFLAGS="-j9"
# Build
su nobody --pty -p -s /bin/bash -c 'makepkg-aarch64 -f --syncdeps --skippgpcheck --noconfirm'
# Build linux-sdm845
cd ../linux-sdm845
chown -R nobody .
su nobody --pty -p -s /bin/bash -c 'makepkg-aarch64 -f --syncdeps --skippgpcheck --noconfirm'
- name: Prepare release
run: |
mkdir release
cp linux-sdm845/*.pkg.tar.xz release
cp linux-sm8250/*.pkg.tar.xz release
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: linux-sm8250-aarch64-latest
path: release
build-packages:
needs: [build-linux-firmware, build-kernel]
runs-on: ubuntu-latest
env:
BUILD_SH: 'sudo arch-chroot ./builder qemu-aarch64-static /usr/bin/bash -c'
BUILD_ALARM_SH: 'sudo arch-chroot ./builder qemu-aarch64-static /usr/bin/su - alarm -c'
steps:
- name: checkout repo
uses: actions/checkout@v2
- uses: actions/download-artifact@v4
- name: Display structure of downloaded files
run: ls -R
- name: Set variables
run: |
echo RELEASE=$(date +%Y\/%m\/%d) >> $GITHUB_ENV
shell: bash
- name: Setup builder
run: |
sudo apt update && sudo apt install qemu-user-static libarchive-tools arch-install-scripts
sudo curl -L -o ./ArchLinuxARM-aarch64-latest.tar.gz http://os.archlinuxarm.org/os/ArchLinuxARM-aarch64-latest.tar.gz
sudo mkdir -p ./builder/build
sudo bsdtar -xpf ./ArchLinuxARM-aarch64-latest.tar.gz -C ./builder
sudo mount --bind ./builder ./builder
sudo cp /usr/bin/qemu-aarch64-static ./builder/usr/bin/qemu-aarch64-static
sudo cp {build.sh,qcom.yaml} ./builder/build
sudo mkdir -p build/pkgs/updated/
sudo cp linux-*/*.pkg.tar.xz build/pkgs/updated/
sudo curl -L -o ./builder/etc/pacman.conf https://github.com/silime/ArchlinuxARM-qcom-aarch64/raw/main/pacman.conf
${{ env.BUILD_SH }} "pacman -R --ask=4 linux-aarch64"
${{ env.BUILD_SH }} "pacman-key --init && pacman-key --populate archlinuxarm"
${{ env.BUILD_SH }} "pacman-key --recv-keys F60FD4C6D426DAB6"
${{ env.BUILD_SH }} "pacman-key --lsign F60FD4C6D426DAB6"
${{ env.BUILD_SH }} "pacman -Syyu --noconfirm --ask=4 arch-install-scripts cloud-guest-utils sudo binutils fakeroot base-devel git"
${{ env.BUILD_SH }} "chown -R alarm /build"
${{ env.BUILD_SH }} "echo 'alarm ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers"
shell: bash
- name: Setup GPG
run: |
# Import the GPG private key
echo 1
${{ env.BUILD_ALARM_SH }} 'echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --import --passphrase "${{ secrets.GPG_PASSPHRASE }}" --pinentry-mode loopback'
# Configure the GPG agent to use the passphrase
echo 2
${{ env.BUILD_ALARM_SH }} 'echo "default-cache-ttl 18000" > ~/.gnupg/gpg-agent.conf'
echo 3
${{ env.BUILD_ALARM_SH }} 'echo "max-cache-ttl 18000" >> ~/.gnupg/gpg-agent.conf'
echo 4
${{ env.BUILD_ALARM_SH }} 'gpgconf --reload gpg-agent'
echo 5
- name: Sign the file
run: |
${{ env.BUILD_ALARM_SH }} 'echo "This is a test file." > ~/testfile.txt'
${{ env.BUILD_ALARM_SH }} 'gpg --armor --detach-sign --passphrase "${{ secrets.GPG_PASSPHRASE }}" --pinentry-mode loopback --output ~/testfile.sig ~/testfile.txt'
- name: Build packages
run: |
${{ env.BUILD_ALARM_SH }} 'git config --global user.email "[email protected]"'
${{ env.BUILD_ALARM_SH }} 'git config --global user.name "chalkinbot"'
${{ env.BUILD_ALARM_SH }} 'cd /build/ && ./build.sh qcom qcom "${{ secrets.GPG_PASSPHRASE }}"'
${{ env.BUILD_ALARM_SH }} 'cd /build/ && tar -cvf logs.tar ./build/logs'
- name: create artifact
uses: actions/upload-artifact@v4
with:
name: logs
path: ./builder/build/logs.tar # or path/to/artifact
- name: create release
uses: softprops/action-gh-release@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
body: ${{ env.RELEASE }}
tag_name: ${{ env.RELEASE }}
draft: false
prerelease: false
files: |
./builder/build/repo/qcom/*
# - name: delete old releases
# uses: dev-drprasad/[email protected]
# with:
# keep_latest: 1
# delete_tags: true
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}