Skip to content

kernel build and publish 6.18.23 #31

kernel build and publish 6.18.23

kernel build and publish 6.18.23 #31

Workflow file for this run

name: kernel-build-publish
run-name: kernel build and publish ${{ inputs.kernel_version }}
on:
workflow_call:
inputs:
kernel_version:
required: true
type: string
workflow_dispatch:
inputs:
kernel_version:
description: 'Kernel version to build (e.g. 6.1.167)'
required: true
type: string
permissions:
contents: write
pages: write
concurrency:
group: build-kernel
cancel-in-progress: false
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
jobs:
build:
runs-on: ubuntu-latest
container: debian:trixie
env:
KERNEL_VERSION: ${{ inputs.kernel_version }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install build dependencies
run: |
dpkg --add-architecture i386
apt-get update
apt-get install -y \
curl git gnupg gh gcc-i686-linux-gnu bc libssl-dev libssl-dev:i386 libelf-dev flex bison \
debhelper dpkg-dev rsync libncurses-dev apt-utils kmod cpio lsb-release libdw-dev python3
- name: Checkout apt repository
uses: actions/checkout@v4
with:
ref: repo
path: apt-repo
- name: Determine package revision
run: |
KCOMPONENT=$(echo "${KERNEL_VERSION}" | cut -d. -f1-2)
POOL="apt-repo/pool/${KCOMPONENT}"
LAST_REV=$(ls "${POOL}/linux-image-${KERNEL_VERSION}-openframe_${KERNEL_VERSION}-"*.deb 2>/dev/null \
| grep -oP '(?<='"${KERNEL_VERSION}"'-)\d+(?=_i386\.deb)' | sort -n | tail -1)
PKG_REVISION=$(( ${LAST_REV:-0} + 1 ))
echo "Package revision: ${PKG_REVISION}"
echo "PKG_REVISION=${PKG_REVISION}" >> $GITHUB_ENV
- name: Cache kernel tarball
uses: actions/cache@v4
with:
path: linux-${{ inputs.kernel_version }}.tar.xz
key: kernel-tarball-${{ inputs.kernel_version }}
- name: Download kernel source
run: |
if [ ! -f "linux-${KERNEL_VERSION}.tar.xz" ]; then
MAJOR=$(echo "${KERNEL_VERSION}" | cut -d. -f1)
curl -fO --retry 3 --retry-delay 5 \
"https://cdn.kernel.org/pub/linux/kernel/v${MAJOR}.x/linux-${KERNEL_VERSION}.tar.xz"
fi
if [ ! -d "linux-${KERNEL_VERSION}" ]; then
tar xf "linux-${KERNEL_VERSION}.tar.xz"
fi
- name: Apply patches
run: |
KBRANCH=$(echo "${KERNEL_VERSION}" | cut -d. -f1-2)
for patch in "patches/${KBRANCH}/"*.patch; do
echo "Applying ${patch}..."
patch --fuzz=3 -p1 -d "linux-${KERNEL_VERSION}" < "${patch}"
done
- name: Configure kernel
run: |
KBRANCH=$(echo "${KERNEL_VERSION}" | cut -d. -f1-2)
cp "configs/${KBRANCH}-openframe.config" "linux-${KERNEL_VERSION}/.config"
make -C "linux-${KERNEL_VERSION}" \
ARCH=i386 \
CROSS_COMPILE=i686-linux-gnu- \
LOCALVERSION=-openframe \
olddefconfig
- name: Build kernel packages
run: |
make -C "linux-${KERNEL_VERSION}" \
ARCH=i386 \
CROSS_COMPILE=i686-linux-gnu- \
LOCALVERSION=-openframe \
KDEB_PKGVERSION="${KERNEL_VERSION}-${PKG_REVISION}" \
-j$(nproc) \
bindeb-pkg
- name: Collect packages
run: |
mkdir -p packages
mv *.deb packages/
ls -lh packages/
- name: Build metapackage
run: |
KBRANCH=$(echo "${KERNEL_VERSION}" | cut -d. -f1-2)
METAPKG="linux-image-openframe-${KBRANCH}"
METADIR="metapkg/${METAPKG}"
mkdir -p "${METADIR}/DEBIAN"
printf 'Package: %s\nVersion: %s\nArchitecture: i386\nMaintainer: OpenFrame Project <noreply@openbeak.net>\nDescription: OpenFrame kernel metapackage (%s series)\n Tracks the latest OpenFrame Linux %s kernel.\n Install this package to receive kernel updates via apt upgrade.\nDepends: linux-image-%s-openframe\n' \
"${METAPKG}" "${KERNEL_VERSION}" "${KBRANCH}" "${KBRANCH}" "${KERNEL_VERSION}" \
> "${METADIR}/DEBIAN/control"
printf '#!/bin/sh\nset -e\nif [ "$1" = "configure" ]; then\n for prefix in linux-image linux-headers linux-libc-dev; do\n for pkg in $(dpkg-query -W -f '"'"'${Package}\n'"'"' "${prefix}-%s.*-openframe" 2>/dev/null || true); do\n apt-mark auto "$pkg" >/dev/null 2>&1 || true\n done\n done\nfi\n' \
"${KBRANCH}" \
> "${METADIR}/DEBIAN/postinst"
chmod 755 "${METADIR}/DEBIAN/postinst"
dpkg-deb --build --root-owner-group "${METADIR}" \
"packages/${METAPKG}_${KERNEL_VERSION}_i386.deb"
- name: Import GPG signing key
run: |
echo "${{ secrets.APT_SIGNING_KEY }}" | gpg --batch --import
- name: Update apt repository
run: |
KCOMPONENT=$(echo "${KERNEL_VERSION}" | cut -d. -f1-2)
POOL="apt-repo/pool/${KCOMPONENT}"
BINARY="apt-repo/dists/trixie/${KCOMPONENT}/binary-i386"
mkdir -p "${POOL}" "${BINARY}"
cp packages/*.deb "${POOL}/"
# Keep the 3 most recent versions of each package type, remove the rest
for pkg in linux-image linux-headers linux-libc-dev; do
ls -t "${POOL}/${pkg}"*.deb 2>/dev/null | tail -n +4 | xargs -r rm -v
done
# Export public signing key for users (binary dearmored for signed-by)
gpg --export > apt-repo/key.gpg
cd apt-repo
# Generate Packages index for this component
dpkg-scanpackages --arch i386 "pool/${KCOMPONENT}" \
> "dists/trixie/${KCOMPONENT}/binary-i386/Packages"
gzip -9c "dists/trixie/${KCOMPONENT}/binary-i386/Packages" \
> "dists/trixie/${KCOMPONENT}/binary-i386/Packages.gz"
# Discover all components and regenerate the Release file
COMPONENTS=$(ls -d dists/trixie/*/binary-i386 2>/dev/null | awk -F/ '{print $3}' | tr '\n' ' ' | sed 's/ $//')
# Generate Release file
apt-ftparchive \
-o APT::FTPArchive::Release::Origin="OpenFrame Kernel" \
-o APT::FTPArchive::Release::Label="OpenFrame Kernel" \
-o APT::FTPArchive::Release::Suite="trixie" \
-o APT::FTPArchive::Release::Codename="trixie" \
-o APT::FTPArchive::Release::Architectures="i386" \
-o "APT::FTPArchive::Release::Components=${COMPONENTS}" \
-o APT::FTPArchive::Release::Description="OpenFrame Kernel Packages" \
release dists/trixie > dists/trixie/Release
# Sign Release file
GPG_KEY_ID=$(gpg --list-keys --with-colons | awk -F: '/^pub/{print $5; exit}')
gpg --batch --yes --default-key "${GPG_KEY_ID}" \
--clearsign -o dists/trixie/InRelease dists/trixie/Release
gpg --batch --yes --default-key "${GPG_KEY_ID}" \
--detach-sign --armor -o dists/trixie/Release.gpg dists/trixie/Release
- name: Generate directory listing
run: |
cd apt-repo
{
printf '<!DOCTYPE html>\n<html>\n'
printf '<head><title>Index of /</title></head>\n'
printf '<body>\n<h1>Index of /</h1><hr><pre>'
human_size() {
local size=$1
if [ "$size" -ge 1073741824 ]; then
echo "$((size / 1073741824))G"
elif [ "$size" -ge 1048576 ]; then
echo "$((size / 1048576))M"
elif [ "$size" -ge 1024 ]; then
echo "$((size / 1024))K"
else
echo "$size"
fi
}
for f in pool/*/*.deb; do
[ -f "$f" ] || continue
fname=$(basename "$f")
fsize=$(stat -c '%s' "$f")
fdate=$(date -d "@$(stat -c '%Y' "$f")" '+%d-%b-%Y %H:%M')
hsize=$(human_size "$fsize")
href="${f}"
namelen=${#fname}
padlen=$((51 - namelen))
[ ${padlen} -lt 1 ] && padlen=1
padding=$(printf '%*s' ${padlen} '')
printf '\n<a href="%s">%s</a>%s%s %8s' \
"${href}" "${fname}" "${padding}" "${fdate}" "${hsize}"
done
printf '\n</pre><hr></body>\n</html>\n'
} > index.html
- name: Push apt repository
run: |
cd apt-repo
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
git add -A
git diff --cached --quiet && echo "No changes to commit" || \
git commit -m "Publish linux-${KERNEL_VERSION}-openframe"
git push origin repo
- name: Create or update GitHub release
env:
GH_TOKEN: ${{ github.token }}
run: |
TAG="v${KERNEL_VERSION}"
NOTES="Kernel ${KERNEL_VERSION} with OpenFrame patches, built for Debian Trixie (i386)."
if gh release view "${TAG}" --repo ${{ github.repository }} >/dev/null 2>&1; then
gh release upload "${TAG}" \
--repo ${{ github.repository }} \
--clobber \
packages/*.deb
else
gh release create "${TAG}" \
--repo ${{ github.repository }} \
--title "Linux ${KERNEL_VERSION}-openframe" \
--notes "${NOTES}" \
packages/*.deb
fi
- name: Dispatch image build in openframe-linux
env:
GH_TOKEN: ${{ secrets.DISPATCH_TOKEN }}
run: |
gh api repos/birdslikewires/openframe-linux/dispatches \
--method POST \
--field event_type=kernel-released \
--field client_payload[kernel_version]="${KERNEL_VERSION}"