name: build on: workflow_dispatch: inputs: test_build: description: 'Test build' required: false default: 'false' type: choice options: - true - false fake_build: description: 'Fake build' required: false default: 'false' type: choice options: - true - false max_speed: description: 'Build with max speed' required: false default: 'true' type: choice options: - true - false push: tags: - v[0-9]+* env: TEST_BUILD: ${{ github.event.inputs.test_build == 'true' }} FAKE_BUILD: ${{ github.event.inputs.fake_build == 'true' }} MAX_SPEED: ${{ github.event.inputs.max_speed != 'false' }} TAG_SUFFIX: ${{ github.event.inputs.fake_build == 'true' && '-fake' || github.event.inputs.test_build == 'true' && '-test' || '' }} REPO_URL: https://github.com/remittor/zapret-openwrt REPO_LNK: remittor/zapret-openwrt REPO_BRANCH: master BUILD_ROOT: ${{ github.workspace }}/builder BUILD_DATE: unknown REPO_DATE: unknown LUCI_ARCH: aarch64_cortex-a53 jobs: check: runs-on: ubuntu-latest outputs: tag: ${{ steps.gh.outputs.tag }} date: ${{ steps.gh.outputs.date }} sha: ${{ steps.gh.outputs.sha }} url: ${{ steps.gh.outputs.url }} message: ${{ steps.gh.outputs.message }} build_date: ${{ steps.gh.outputs.build_date }} fw_date: ${{ steps.gh.outputs.fw_date }} is_active: ${{ steps.activity.outputs.is_active }} test_build: ${{ env.TEST_BUILD }} fake_build: ${{ env.FAKE_BUILD }} steps: - name: Get repo data via GH API id: gh env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | echo "Tag name from GITHUB_REF_NAME: $GITHUB_REF_NAME" echo "Tag name from github.ref_name: ${{ github.ref_name }}" BRANCH=$(gh api repos/$REPO_LNK --jq '.default_branch') REPO_DATE=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.commit.committer.date') BUILD_DATE=$( date --utc +'%Y%m%d' ) FW_DATE=$( date --utc +'%Y-%m-%d' ) { echo "tag=$GITHUB_REF_NAME" echo "date=$(date --utc -d $REPO_DATE +%Y%m%d)" echo "sha=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.sha[0:7]')" echo "url=$(gh api repos/$REPO_LNK/commits/$BRANCH --jq '.html_url')" echo "message<> $GITHUB_OUTPUT echo "REPO_DATE=$REPO_DATE" >> $GITHUB_ENV - name: Check for repo activity id: activity env: REPO_DATE: ${{ env.REPO_DATE }} URL: ${{ steps.gh.outputs.url }} run: | TIMESTAMP=$(date --utc -d $REPO_DATE +%s) DAYS=$(( ( $(date --utc +%s) - $TIMESTAMP ) / 86400 )) echo "Repository activity: $(date --utc -d $REPO_DATE)" echo "Commit: $URL" if [ "${{ github.event_name }}" != "schedule" ]; then is_active=true elif [[ $DAYS -lt 1 ]] ; then is_active=true else echo "Repository not updated within last 24 hours." is_active=false fi echo "is_active=$is_active" >> $GITHUB_OUTPUT build: needs: check #if: needs.check.outputs.is_active == 'true' runs-on: ubuntu-latest strategy: fail-fast: false matrix: branch: [ openwrt-24.10, SNAPSHOT ] arch: - aarch64_cortex-a53 - aarch64_cortex-a72 - aarch64_cortex-a76 - aarch64_generic - arm_arm1176jzf-s_vfp - arm_arm926ej-s - arm_cortex-a15_neon-vfpv4 - arm_cortex-a5_vfpv4 - arm_cortex-a7 - arm_cortex-a7_neon-vfpv4 - arm_cortex-a7_vfpv4 - arm_cortex-a8_vfpv3 - arm_cortex-a9 - arm_cortex-a9_neon - arm_cortex-a9_vfpv3-d16 - arm_fa526 - arm_xscale - mips64_octeonplus - mips_24kc - mips_4kec - mips_mips32 - mipsel_24kc - mipsel_24kc_24kf - mipsel_74kc - mipsel_mips32 - riscv64_riscv64 - x86_64 isTestOrFake: - ${{ needs.check.outputs.test_build == 'true' || needs.check.outputs.fake_build == 'true' }} exclude: - branch: openwrt-24.10 arch: riscv64_riscv64 - branch: SNAPSHOT arch: arm_cortex-a9_vfpv3-d16 - { isTestOrFake: true } include: - branch: openwrt-24.10 arch: x86_64 - branch: openwrt-24.10 arch: aarch64_cortex-a53 - branch: SNAPSHOT arch: aarch64_cortex-a53 container: image: openwrt/sdk:${{ matrix.arch }}-${{ matrix.branch }} options: --user root outputs: pkgver: ${{ steps.build.outputs.pkgver }} steps: - name: Checkout uses: actions/checkout@v4 with: repository: ${{ env.REPO_LNK }} path: zapret-openwrt - name: Setup OpenWrt SDK working-directory: /builder env: BRANCH: ${{ matrix.branch }} shell: bash run: | # gpg --verbose --recv-keys 0x1D53D1877742E911 # gpg --verbose --import <(wget -qO- 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/0x1D53D1877742E911.asc') gpg --verbose --import <(wget -qO- 'https://raw.githubusercontent.com/openwrt/keyring/refs/heads/master/gpg/0x1D53D1877742E911.asc') # disable check signatures sed -i 's/gpg --/#gpg --/g' setup.sh # disable cleanup keys sed -r -i 's/^rm.+//' setup.sh ./setup.sh ls -lh if [ "$BRANCH" = "openwrt-24.10" ]; then echo "PKGTYPE=ipk" >> $GITHUB_ENV else echo "PKGTYPE=apk" >> $GITHUB_ENV fi - name: Setup ccache uses: actions/cache@v4 with: path: '/builder/.ccache' key: ccache-${{ matrix.arch }}-${{ matrix.branch }}-${{ github.run_id }} restore-keys: | ccache-${{ matrix.arch }}-${{ matrix.branch }}- - name: Init packages id: init working-directory: '/builder' env: FAKE_BUILD: ${{ env.FAKE_BUILD == 'true' || ( env.TEST_BUILD == 'true' && matrix.branch == 'SNAPSHOT' ) }} BUILD_DATE: ${{ needs.check.outputs.build_date }} ARCH: ${{ matrix.arch }} BRANCH: ${{ matrix.branch }} SIGN_KEY: ${{ secrets.SIGN_PRIVATE_KEY }} CCACHE_DIR: '/builder/.ccache' shell: bash run: | PKGDIR=$GITHUB_WORKSPACE/zapret-openwrt MKFN=$PKGDIR/luci-app-zapret/Makefile PKGVER=$( grep -s '^PKG_VERSION:=.*' $MKFN | cut -d'=' -f2 ) echo "PKG_VERSION = $PKGVER" cp -vr $PKGDIR ./package/zapret-openwrt/ mv feeds.conf.default feeds.conf sed -i -e 's|base.*\.git|base https://github.com/openwrt/openwrt.git|' feeds.conf sed -i -e 's|packages.*\.git|packages https://github.com/openwrt/packages.git|' feeds.conf sed -i -e 's|luci.*\.git|luci https://github.com/openwrt/luci.git|' feeds.conf mkdir -p ./logs if [ "$FAKE_BUILD" = "false" ]; then ./scripts/feeds update base packages luci ./scripts/feeds install -a fi echo "FAKE_BUILD=$FAKE_BUILD" >> $GITHUB_ENV echo "PKGVER=$PKGVER" >> $GITHUB_ENV echo "pkgver=$PKGVER" >> $GITHUB_OUTPUT echo "status=success" >> $GITHUB_OUTPUT - name: Build packages id: build if: steps.init.outputs.status == 'success' working-directory: '/builder' env: BUILD_DATE: ${{ needs.check.outputs.build_date }} ARCH: ${{ matrix.arch }} BRANCH: ${{ matrix.branch }} SIGN_KEY: ${{ secrets.SIGN_PRIVATE_KEY }} CCACHE_DIR: '/builder/.ccache' shell: bash run: | MAKE_JOBS=$(($(nproc)+1)) echo "$MAKE_JOBS thread compile" if [ "$FAKE_BUILD" = "false" ]; then make defconfig sed -i 's/CONFIG_LUCI_JSMIN=y/CONFIG_LUCI_JSMIN=n/g' .config echo "------------- .config BEG -------------------" cat .config echo "------------- .config END -------------------" if [ "$ARCH" = "$LUCI_ARCH" ]; then PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net,luci-app-zapret}/compile` else PKGLIST=`echo package/zapret-openwrt/{zapret,zapret-tpws,zapret-mdig,zapret-ip2net}/compile` fi if [ "$MAX_SPEED" = "false" ]; then make $PKGLIST V=s CONFIG_CCACHE=1 BUILD_LOG=1 else make -j$MAKE_JOBS $PKGLIST CONFIG_CCACHE=1 fi else OUT_DIR=./bin/packages/dev_x/base mkdir -p $OUT_DIR touch $OUT_DIR/zapret_$PKGVER-$ARCH.$PKGTYPE touch $OUT_DIR/luci-app-zapret_$PKGVER-all.$PKGTYPE fi find ./bin/packages/*/base -type f ! -regex ".*\(zapret\).*\.[ai]pk$" -delete #echo ">>>>>>> build a repository index to make the output directory usable as local OPKG source" #ln -s `which usign` staging_dir/host/bin/usign #echo "$SIGN_KEY" | base64 -d > key-build #make package/index OUTDIR=$GITHUB_WORKSPACE/$PKGTYPE-$ARCH mkdir -p $OUTDIR cp -R ./bin/packages/*/base/. $OUTDIR/ ./staging_dir/host/bin/ccache --max-size=10M --show-stats echo "OUTDIR=$OUTDIR" >> $GITHUB_ENV echo "pkgver=$PKGVER" >> $GITHUB_OUTPUT echo "status=success" >> $GITHUB_OUTPUT - name: Compress build logs if: always() env: ARCH: ${{ matrix.arch }} BRANCH: ${{ matrix.branch }} LOGS_DIR: '/builder/logs' run: | tar -cJvf logs-$BRANCH-$ARCH.tar.xz $LOGS_DIR - name: Upload packages if: steps.build.outcome == 'success' uses: actions/upload-artifact@main with: path: ${{ env.OUTDIR }} name: zapret,${{ env.PKGTYPE }},${{ matrix.arch }} if-no-files-found: error - name: Upload build logs if: always() uses: actions/upload-artifact@v4 with: path: logs-*.tar.xz name: logs-${{ matrix.branch }}-${{ matrix.arch }} release: needs: [ check, build ] permissions: contents: write runs-on: ubuntu-latest steps: - name: Download artifacts uses: actions/download-artifact@v4 with: pattern: zapret,* - name: Put packages into zip env: TAG: ${{ needs.check.outputs.tag }} DATE: ${{ needs.check.outputs.date }} BUILD_DATE: ${{ needs.check.outputs.build_date }} PKGVER: ${{ needs.build.outputs.pkgver }} run: | echo "------------- DIR BEG -------------------" ls -la echo "------------- DIR END -------------------" mkdir -p sorted find . -maxdepth 1 -type d -name "zapret,ipk,*" -exec sh -c 'mkdir -p sorted/$(basename "{}" | cut -d, -f3)' \; find . -maxdepth 1 -type d -name "zapret,apk,*" -exec sh -c 'mkdir -p sorted/$(basename "{}" | cut -d, -f3)/apk' \; find . -maxdepth 1 -type d -name "zapret,ipk,*" -exec sh -c 'cp -R "{}/." sorted/$(basename "{}" | cut -d, -f3)' \; find . -maxdepth 1 -type d -name "zapret,apk,*" -exec sh -c 'cp -R "{}/." sorted/$(basename "{}" | cut -d, -f3)/apk' \; LUCI_IPK=$( find . -type f -path "*/zapret,ipk,*/luci-app-zapret*.ipk" -print | head -n 1 ) LUCI_APK=$( find . -type f -path "*/zapret,apk,*/luci-app-zapret*.apk" -print | head -n 1 ) find ./sorted -mindepth 1 -maxdepth 1 -type d -exec cp -f "$LUCI_IPK" "{}/" \; find ./sorted -mindepth 2 -maxdepth 2 -type d -name "apk" -exec cp -f "$LUCI_APK" "{}/" \; mkdir -p public find ./sorted -mindepth 1 -maxdepth 1 -type d -exec sh -c '7z a ./public/zapret_v${PKGVER}_$(basename "{}" | cut -d, -f3).zip {}/*' \; ls -lh ./public/*.zip - name: Upload assets uses: softprops/action-gh-release@v2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} TAG: ${{ needs.check.outputs.tag }} with: draft: ${{ env.TEST_BUILD == 'true' || env.FAKE_BUILD == 'true' }} prerelease: true tag_name: v${{ needs.build.outputs.pkgver }}${{ env.TAG_SUFFIX }} name: zapret v${{ needs.build.outputs.pkgver }} body: | zapret v${{ needs.build.outputs.pkgver }} for OpenWrt files: ./public/*.zip