openwrt/.github/workflows/kernel.yml
Alex Low 7152599407
build: harden GitHub workflow permissions
Grant pull-requests write permission to the labeler workflow and
read-only to everything else.

Signed-off-by: Alex Low <aleksandrosansan@gmail.com>
[ wrap to 80 columns and fix wrong author as requested by author itself ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-19 15:02:27 +02:00

176 lines
5.2 KiB
YAML

name: Build Kernel
on:
pull_request:
paths:
- '.github/workflows/kernel.yml'
- 'include/kernel-*'
- 'package/kernel/**'
- 'target/linux/generic/**'
permissions:
contents: read
jobs:
determine_targets:
name: Set targets
runs-on: ubuntu-latest
outputs:
target: ${{ steps.find_targets.outputs.target }}
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set targets
id: find_targets
run: |
export TARGETS="$(perl ./scripts/dump-target-info.pl targets 2>/dev/null \
| sort -u -t '/' -k1,1 \
| awk '{ print $1 }')"
JSON='['
FIRST=1
for TARGET in $TARGETS; do
[[ $FIRST -ne 1 ]] && JSON="$JSON"','
JSON="$JSON"'"'"${TARGET}"'"'
FIRST=0
done
JSON="$JSON"']'
echo -e "\n---- targets ----\n"
echo "$JSON"
echo -e "\n---- targets ----\n"
echo "::set-output name=target::$JSON"
build:
name: Build Kernel with external toolchain
needs: determine_targets
runs-on: ubuntu-latest
strategy:
fail-fast: False
matrix:
target: ${{fromJson(needs.determine_targets.outputs.target)}}
container: registry.gitlab.com/openwrt/buildbot/buildworker-3.4.1
steps:
- name: Checkout master directory
uses: actions/checkout@v2
with:
path: openwrt
- name: Checkout packages feed
uses: actions/checkout@v2
with:
repository: openwrt/packages
path: openwrt/feeds/packages
- name: Checkout luci feed
uses: actions/checkout@v2
with:
repository: openwrt/luci
path: openwrt/feeds/luci
- name: Checkout routing feed
uses: actions/checkout@v2
with:
repository: openwrt/routing
path: openwrt/feeds/routing
- name: Checkout telephony feed
uses: actions/checkout@v2
with:
repository: openwrt/telephony
path: openwrt/feeds/telephony
- name: Fix permission
run: |
chown -R buildbot:buildbot openwrt
- name: Initialization environment
run: |
TARGET=$(echo ${{ matrix.target }} | cut -d "/" -f 1)
SUBTARGET=$(echo ${{ matrix.target }} | cut -d "/" -f 2)
echo "TARGET=$TARGET" >> "$GITHUB_ENV"
echo "SUBTARGET=$SUBTARGET" >> "$GITHUB_ENV"
- name: Update & Install feeds
shell: su buildbot -c "sh -e {0}"
working-directory: openwrt
run: |
./scripts/feeds update -a
./scripts/feeds install -a
- name: Parse toolchain file
working-directory: openwrt
run: |
TOOLCHAIN_STRING="$(curl "https://downloads.cdn.openwrt.org/snapshots/targets/${{ env.TARGET }}/${{ env.SUBTARGET }}/sha256sums" \
| grep ".*openwrt-toolchain.*tar.xz")"
TOOLCHAIN_FILE=$(echo "$TOOLCHAIN_STRING" | sed -n -e 's/.*\(openwrt-toolchain.*\).tar.xz/\1/p')
TOOLCHAIN_SHA256=$(echo "$TOOLCHAIN_STRING" | cut -d ' ' -f 1)
echo "TOOLCHAIN_FILE=$TOOLCHAIN_FILE" >> "$GITHUB_ENV"
echo "TOOLCHAIN_SHA256=$TOOLCHAIN_SHA256" >> "$GITHUB_ENV"
- name: Cache external toolchain
id: cache-external-toolchain
uses: actions/cache@v3
with:
path: openwrt/${{ env.TOOLCHAIN_FILE }}
key: ${{ env.TOOLCHAIN_FILE }}-${{ env.TOOLCHAIN_SHA256 }}
- name: Download external toolchain
if: ${{ steps.cache-external-toolchain.outputs.cache-hit != 'true' }}
shell: su buildbot -c "sh -e {0}"
working-directory: openwrt
run: |
wget -O - https://downloads.cdn.openwrt.org/snapshots/targets/${{ env.TARGET }}/${{ env.SUBTARGET }}/${TOOLCHAIN_FILE}.tar.xz \
| tar --xz -xf -
- name: Configure external toolchain
shell: su buildbot -c "sh -e {0}"
working-directory: openwrt
run: |
echo CONFIG_ALL_KMODS=y >> .config
./scripts/ext-toolchain.sh \
--toolchain ${{ env.TOOLCHAIN_FILE }}/toolchain-* \
--overwrite-config \
--config ${{ env.TARGET }}/${{ env.SUBTARGET }}
make defconfig
- name: Show configuration
shell: su buildbot -c "sh -e {0}"
working-directory: openwrt
run: ./scripts/diffconfig.sh
- name: Build tools
shell: su buildbot -c "sh -e {0}"
working-directory: openwrt
run: make tools/install -j$(nproc) BUILD_LOG=1
- name: Build toolchain
shell: su buildbot -c "sh -e {0}"
working-directory: openwrt
run: make toolchain/install -j$(nproc) BUILD_LOG=1
- name: Build Kernel
shell: su buildbot -c "sh -e {0}"
working-directory: openwrt
run: make target/compile -j$(nproc) BUILD_LOG=1
- name: Build Kernel Kmods
shell: su buildbot -c "sh -e {0}"
working-directory: openwrt
run: make package/linux/compile -j$(nproc) BUILD_LOG=1
- name: Upload logs
if: failure()
uses: actions/upload-artifact@v2
with:
name: ${{ env.TARGET }}-${{ env.SUBTARGET }}-logs
path: "openwrt/logs"