Build AmneziaWG for snapshot OpenWRT #137
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build AmneziaWG for snapshot OpenWRT | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
on: | |
push: | |
tags: | |
- "SNAPSHOT" | |
schedule: | |
- cron: '0 */4 * * *' | |
workflow_dispatch: | |
jobs: | |
generate-config: | |
runs-on: ubuntu-latest | |
outputs: | |
job-config: ${{ steps.generate-config.outputs.job-config }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '20.16.0' | |
- name: Install dependencies | |
run: npm install | |
- name: Generate Job Config | |
id: generate-config | |
run: node index.js SNAPSHOT | |
build: | |
name: "${{ matrix.build_env.tag }} - ${{ matrix.build_env.pkgarch}} :: ${{ matrix.build_env.target}}/${{ matrix.build_env.subtarget}} build" | |
runs-on: ubuntu-latest | |
needs: generate-config | |
strategy: | |
matrix: | |
build_env: ${{ fromJson(needs.generate-config.outputs.job-config) }} | |
fail-fast: false | |
steps: | |
- name: Check if release file exists | |
id: check_release | |
run: | | |
postfix="${{ matrix.build_env.tag }}_${{ matrix.build_env.vermagic }}_${{ matrix.build_env.pkgarch}}_${{ matrix.build_env.target}}_${{ matrix.build_env.subtarget}}" | |
RELEASE_FILE="kmod-amneziawg_${postfix}.ipk" | |
TAG=${{ matrix.build_env.tag }} | |
echo "Checking for release file: $RELEASE_FILE in release: $TAG" | |
# Используем GitHub CLI для проверки наличия файла в релизе | |
if gh release view "$TAG" --repo Slava-Shchipunov/awg-openwrt --json assets --jq ".assets | .[].name" | grep -q "$RELEASE_FILE"; then | |
echo "Release file $RELEASE_FILE already exists. Skipping job." | |
echo "FILE_EXISTS=true" >> $GITHUB_ENV | |
else | |
echo "FILE_EXISTS=false" >> $GITHUB_ENV | |
fi | |
# Прерываем job'у, если файл уже существует | |
- name: Skip job if release file exists | |
if: env.FILE_EXISTS == 'true' | |
run: | | |
echo "Skipping job as release file already exists." | |
exit 0 | |
- name: Get snapshot commit SHA and device ARCH | |
if: env.FILE_EXISTS == 'false' | |
run: | | |
PROFILE_URL="https://downloads.openwrt.org/snapshots/targets/${{ matrix.build_env.target}}/${{ matrix.build_env.subtarget}}/profiles.json" | |
SNAPSHOT_COMMIT_SHA=$(wget -q $PROFILE_URL -O- | tr ',' '\n' | grep "version_code"| awk -F: '{print $2}' | tr -d '"' | awk -F- '{print $2}') | |
echo "Snapshot commit sha: $SNAPSHOT_COMMIT_SHA" | |
echo "SNAPSHOT_COMMIT_SHA=$SNAPSHOT_COMMIT_SHA" >> $GITHUB_ENV | |
DEVICE_ARCH=$(wget -q $PROFILE_URL -O- | tr ',' '\n' | grep "arch_packages"| awk -F: '{print $2}' | tr -d '"') | |
echo "Device ARCH: $DEVICE_ARCH" | |
echo "DEVICE_ARCH=$DEVICE_ARCH" >> $GITHUB_ENV | |
- uses: actions/checkout@v4 | |
if: env.FILE_EXISTS == 'false' | |
with: | |
repository: openwrt/openwrt | |
fetch-depth: 0 | |
- name: Checkout snapshot commit in openwrt repo | |
if: env.FILE_EXISTS == 'false' | |
run: git checkout ${{ env.SNAPSHOT_COMMIT_SHA}} | |
- name: Building kernel and tools | |
if: env.FILE_EXISTS == 'false' | |
run: | | |
echo "pkgarch: ${{ matrix.build_env.pkgarch}}, target:${{ matrix.build_env.target}}, subtarget: ${{ matrix.build_env.subtarget}}" | |
# Setup & install feeds | |
wget https://downloads.openwrt.org/snapshots/targets/${{ matrix.build_env.target}}/${{ matrix.build_env.subtarget}}/feeds.buildinfo -O feeds.conf | |
echo "src-git awgopenwrt https://github.com/Slava-Shchipunov/awg-openwrt.git" >> ./feeds.conf | |
./scripts/feeds update && ./scripts/feeds install -a | |
# Setup config with AWG and dependencies | |
wget https://downloads.openwrt.org/snapshots/targets/${{ matrix.build_env.target}}/${{ matrix.build_env.subtarget}}/config.buildinfo -O .config | |
echo "CONFIG_PACKAGE_kmod-amneziawg=m" >> .config | |
echo "CONFIG_PACKAGE_amneziawg-tools=y" >> .config | |
echo "CONFIG_PACKAGE_luci-app-amneziawg=y" >> .config | |
echo "CONFIG_PACKAGE_kmod-crypto-lib-chacha20=m" >> .config | |
echo "CONFIG_PACKAGE_kmod-crypto-lib-chacha20poly1305=m" >> .config | |
echo "CONFIG_PACKAGE_kmod-crypto-chacha20poly1305=m" >> .config | |
make defconfig | |
echo " > make tools/install" | |
make tools/install -i -j `nproc` | |
cat ./build_dir/target-*/linux-*/linux-*/.vermagic || true | |
echo " > make toolchain/install" | |
make toolchain/install -i -j `nproc` | |
cat ./build_dir/target-*/linux-*/linux-*/.vermagic || true | |
# compile kernel module | |
echo " > make target/linux/compile" | |
make target/linux/compile -i -j `nproc` V=s | |
VERMAGIC=`cat ./build_dir/target-*/linux-*/linux-*/.vermagic` | |
VERMAGIC_EXPECTED=${{ matrix.build_env.vermagic }} | |
if [ "$VERMAGIC" != "$VERMAGIC_EXPECTED" ]; then | |
echo Vermagic mismatch: $VERMAGIC, expected $VERMAGIC_EXPECTED | |
exit 1 | |
fi | |
- name: Build AmneziaWG | |
if: env.FILE_EXISTS == 'false' | |
run: | | |
VERMAGIC=`cat ./build_dir/target-*/linux-*/linux-*/.vermagic` | |
echo "Vermagic: $VERMAGIC" | |
VERMAGIC_EXPECTED=${{ matrix.build_env.vermagic }} | |
if [ "$VERMAGIC" != "$VERMAGIC_EXPECTED" ]; then | |
echo Vermagic mismatch: $VERMAGIC, expected $VERMAGIC_EXPECTED | |
exit 1 | |
fi | |
# Ignore kmod build for some targets, replace with the awg-go | |
make package/kmod-amneziawg/{clean,download,prepare} V=s || true | |
make package/kmod-amneziawg/compile V=s || true | |
make package/luci-app-amneziawg/{clean,download,prepare} | |
make package/luci-app-amneziawg/compile V=s | |
make V=s package/amneziawg-tools/{clean,download,prepare} | |
make V=s package/amneziawg-tools/compile | |
- name: Prepare artifacts | |
if: env.FILE_EXISTS == 'false' | |
run: | | |
tag_name=${{ github.ref_name }} | |
mkdir -p awgrelease | |
postfix="${{ matrix.build_env.tag }}_${{ matrix.build_env.vermagic }}_${{ matrix.build_env.pkgarch}}_${{ matrix.build_env.target}}_${{ matrix.build_env.subtarget}}" | |
cp bin/packages/${{ matrix.build_env.pkgarch }}/awgopenwrt/amneziawg-tools_*.ipk awgrelease/amneziawg-tools_${postfix}.ipk | |
cp bin/packages/${{ matrix.build_env.pkgarch }}/awgopenwrt/luci-app-amneziawg_*.ipk awgrelease/luci-app-amneziawg_${postfix}.ipk | |
cp bin/targets/${{ matrix.build_env.target}}/${{ matrix.build_env.subtarget}}/packages/kmod-amneziawg_*.ipk awgrelease/kmod-amneziawg_${postfix}.ipk | |
- name: Delete old release assets | |
if: env.FILE_EXISTS == 'false' | |
run: | | |
postfix="${{ matrix.build_env.pkgarch }}_${{ matrix.build_env.target }}_${{ matrix.build_env.subtarget }}" | |
echo "Looking for old release files ending with: ${postfix}" | |
# Получаем список всех артефактов релиза по имени | |
assets=$(gh release view "${{ matrix.build_env.tag }}" --repo Slava-Shchipunov/awg-openwrt --json assets --jq ".assets | .[] | select(.name | endswith(\"$postfix.ipk\")) | .name") | |
# Удаляем найденные артефакты по имени | |
for asset_name in $assets; do | |
echo "Deleting asset with name: $asset_name" | |
gh release delete-asset "${{ matrix.build_env.tag }}" "$asset_name" --repo Slava-Shchipunov/awg-openwrt | |
done | |
- name: Release | |
if: env.FILE_EXISTS == 'false' | |
uses: softprops/action-gh-release@v1 | |
with: | |
files: awgrelease/*.ipk | |
tag_name: ${{ matrix.build_env.tag }} |