Build stable kernel package #103
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build stable kernel package | |
on: | |
workflow_dispatch: | |
inputs: | |
release: | |
type: choice | |
description: Release type | |
options: | |
- none | |
- pre-release | |
- release | |
env: | |
HOME: /home/runner | |
KERNEL_STABLE_VER: 6.8.4 | |
PKGVER: 3 | |
jobs: | |
apt: | |
name: Setup dependencies | |
runs-on: self-hosted | |
steps: | |
- run: | | |
sudo apt-get update \ | |
&& sudo apt-get install -y build-essential \ | |
bc kmod cpio flex libncurses-dev \ | |
libelf-dev libssl-dev dwarves bison \ | |
gawk openssl libssl-dev dkms libudev-dev \ | |
libpci-dev libiberty-dev autoconf \ | |
debhelper lz4 | |
checkout: | |
name: Checkout main repo | |
needs: apt | |
runs-on: self-hosted | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: true | |
download_source: | |
name: Download linux kernel source | |
needs: [apt, checkout] | |
runs-on: self-hosted | |
steps: | |
- run: | | |
wget https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-${{ env.KERNEL_STABLE_VER }}.tar.xz \ | |
&& tar xvf linux-${{ env.KERNEL_STABLE_VER }}.tar.xz | |
apply_patch: | |
name: Apply patches | |
needs: [apt, checkout, download_source] | |
runs-on: self-hosted | |
steps: | |
- working-directory: linux-${{ env.KERNEL_STABLE_VER }} | |
run: | | |
patch -Np1 -i ../patches/kernel_compiler_patch/more-uarches-for-kernel-6.8-rc4+.patch | |
for i in ../patches/xanmod/linux-6.8.y-xanmod/net/netfilter/*FLOWOFFLOAD*.patch \ | |
../patches/xanmod/linux-6.8.y-xanmod/net/tcp/bbr3/*.patch \ | |
../patches/xanmod/linux-6.8.y-xanmod/net/tcp/cloudflare/*.patch; do | |
patch -Np1 -i ${i} | |
done | |
for i in $(grep '^Patch' ../patches/clearlinux/linux.spec |\ | |
grep -Ev '^Patch0132|^Patch0118|^Patch0113|^Patch0138|^Patch0139|^Patch0109|^Patch0147' | sed -n 's/.*: //p'); do | |
patch -Np1 -i "../patches/clearlinux/${i}" | |
done | |
patch -Np1 -i ../patches/cachy/6.8/0001-aex-xts.patch | |
patch -Np1 -i ../patches/cachy/6.8/0007-ksm.patch | |
patch -Np1 -i ../patches/cachy/6.8/0008-zstd.patch | |
patch -Np1 -i ../patches/tcp-brutal/0001-net-tcp_brutal-make-it-as-a-built-in-kernel-module.patch | |
patch -Np1 -i ../patches/tcp-brutal/0002-net-tcp_brutal-use-div_u64-to-let-it-build-on-32-bit.patch | |
patch -Np1 -i ../patches/bcm-fullcone/0001-netfilter-nat-add-brcm-fullcone-support.patch | |
patch -Np1 -i ../patches/bcm-fullcone/0002-netfilter-nat-add-brcm-fullcone-nft-support.patch | |
setup_config: | |
name: Setup config | |
needs: [apt, checkout, download_source, apply_patch] | |
runs-on: self-hosted | |
strategy: | |
fail-fast: false | |
max-parallel: 2 | |
matrix: | |
config: [generic, cloud] | |
steps: | |
- working-directory: linux-${{ env.KERNEL_STABLE_VER }} | |
run: | | |
scripts/config --file ../config.${{ matrix.config }} \ | |
--set-str LOCALVERSION "-egoist-${{ matrix.config }}" | |
# /proc/config.gz | |
scripts/config --file ../config.${{ matrix.config }} \ | |
-e IKCONFIG \ | |
-e IKCONFIG_PROC | |
# x86-64-v2 | |
scripts/config --file ../config.${{ matrix.config }} \ | |
-d GENERIC_CPU \ | |
-e GENERIC_CPU2 | |
# xt_FLOWOFFLOAD | |
scripts/config --file ../config.${{ matrix.config }} \ | |
-e NETFILTER_XT_TARGET_FLOWOFFLOAD | |
# BBR3 | |
scripts/config --file ../config.${{ matrix.config }} \ | |
-m TCP_CONG_CUBIC \ | |
-d DEFAULT_CUBIC \ | |
-e TCP_CONG_BBR \ | |
-e DEFAULT_BBR \ | |
--set-str DEFAULT_TCP_CONG bbr | |
# BBR3 doesn't work properly with FQ_CODEL | |
scripts/config --file ../config.${{ matrix.config }} \ | |
-m NET_SCH_FQ_CODEL \ | |
-e NET_SCH_FQ \ | |
-d DEFAULT_FQ_CODEL \ | |
-e DEFAULT_FQ \ | |
--set-str DEFAULT_NET_SCH fq | |
# TCP Brutal | |
scripts/config --file ../config.${{ matrix.config }} \ | |
-m TCP_CONG_BRUTAL | |
# zswap | |
scripts/config --file ../config.${{ matrix.config }} \ | |
-e ZSWAP_DEFAULT_ON \ | |
-d ZSWAP_COMPRESSOR_DEFAULT_LZO \ | |
-e ZSWAP_COMPRESSOR_DEFAULT_ZSTD | |
# NTFS3 | |
scripts/config --file ../config.${{ matrix.config }} \ | |
-m NTFS3_FS \ | |
-e NTFS3_LZX_XPRESS \ | |
-e NTFS3_FS_POSIX_ACL | |
# SMB | |
scripts/config --file ../config.${{ matrix.config }} \ | |
-m SMB_SERVER \ | |
-e SMB_SERVER_SMBDIRECT \ | |
-e SMB_SERVER_CHECK_CAP_NET_ADMIN \ | |
-e SMB_SERVER_KERBEROS5 | |
# Security | |
scripts/config --file ../config.${{ matrix.config }} \ | |
-e SECURITY_SELINUX \ | |
-e SECURITY_SELINUX_BOOTPARAM \ | |
-e SECURITY_SMACK \ | |
-e SECURITY_SMACK_BRINGUP \ | |
-e SECURITY_SMACK_NETFILTER \ | |
-e SECURITY_SMACK_APPEND_SIGNALS \ | |
-e SECURITY_TOMOYO \ | |
-e SECURITY_APPARMOR \ | |
-e SECURITY_YAMA | |
build_kernel: | |
name: Build Kernel | |
needs: [apt, checkout, download_source, apply_patch, setup_config] | |
runs-on: self-hosted | |
strategy: | |
fail-fast: false | |
max-parallel: 1 | |
matrix: | |
config: [generic, cloud] | |
steps: | |
- working-directory: linux-${{ env.KERNEL_STABLE_VER }} | |
env: | |
DEBEMAIL: "love4taylor <[email protected]>" | |
KDEB_COMPRESS: "xz" | |
run: | | |
mkdir -p ../${{ matrix.config }} | |
make \ | |
KBUILD_OUTPUT=../${{ matrix.config }} \ | |
KCONFIG_CONFIG=../config.${{ matrix.config }} \ | |
olddefconfig | |
make \ | |
KBUILD_OUTPUT=../${{ matrix.config }} \ | |
KCONFIG_CONFIG=../config.${{ matrix.config }} \ | |
KDEB_PKGVERSION=$(make kernelversion)-${{ env.PKGVER }} \ | |
-j`nproc` \ | |
bindeb-pkg | |
upload_config: | |
name: Upload config | |
needs: [apt, checkout, download_source, apply_patch, setup_config, build_kernel] | |
runs-on: self-hosted | |
strategy: | |
fail-fast: false | |
max-parallel: 2 | |
matrix: | |
config: [generic, cloud] | |
steps: | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: config.${{ matrix.config }} | |
path: config.${{ matrix.config }} | |
upload_deb: | |
name: Upload deb | |
needs: [apt, checkout, download_source, apply_patch, setup_config, build_kernel] | |
runs-on: self-hosted | |
strategy: | |
fail-fast: false | |
max-parallel: 2 | |
matrix: | |
config: [generic, cloud] | |
steps: | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: deb.${{ matrix.config }} | |
path: | | |
linux-image-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb | |
linux-headers-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb | |
linux-libc-dev_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb | |
compression-level: 0 | |
release: | |
name: Release | |
needs: [apt, checkout, download_source, apply_patch, setup_config, build_kernel] | |
runs-on: self-hosted | |
strategy: | |
fail-fast: false | |
matrix: | |
config: [generic, cloud] | |
steps: | |
- if: ${{ github.event.inputs.release != 'none' }} | |
uses: ncipollo/release-action@v1 | |
with: | |
allowUpdates: true | |
artifacts: | | |
linux-image-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb | |
linux-headers-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb | |
linux-libc-dev_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb | |
prerelease: ${{ github.event.inputs.release == 'pre-release' }} | |
makeLatest: ${{ github.event.inputs.release == 'release' }} | |
tag: ${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }} |