Skip to content

Build stable kernel package #114

Build stable kernel package

Build stable kernel package #114

Workflow file for this run

name: Build stable kernel package
on:
workflow_dispatch:
inputs:
release:
type: choice
description: Release type
options:
- none
- pre-release
- release
env:
HOME: /home/runner
KERNEL_STABLE_VER: 6.8.8
PKGVER: 1
jobs:
apt:
name: Setup dependencies
runs-on: self-hosted
steps:
- run: |
sudo apt-get update \
&& sudo apt-get install -y build-essential \
bc kmod cpio flex libncurses-dev \
libelf-dev libssl-dev dwarves bison \
gawk openssl libssl-dev dkms libudev-dev \
libpci-dev libiberty-dev autoconf \
debhelper lz4
checkout:
name: Checkout main repo
needs: apt
runs-on: self-hosted
steps:
- uses: actions/checkout@v4
with:
submodules: true
download_source:
name: Download linux kernel source
needs: [apt, checkout]
runs-on: self-hosted
steps:
- run: |
wget https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-${{ env.KERNEL_STABLE_VER }}.tar.xz \
&& tar xvf linux-${{ env.KERNEL_STABLE_VER }}.tar.xz
apply_patch:
name: Apply patches
needs: [apt, checkout, download_source]
runs-on: self-hosted
steps:
- working-directory: linux-${{ env.KERNEL_STABLE_VER }}
run: |
patch -Np1 -i ../patches/kernel_compiler_patch/more-uarches-for-kernel-6.8-rc4+.patch
for i in ../patches/xanmod/linux-6.8.y-xanmod/net/netfilter/*FLOWOFFLOAD*.patch \
../patches/xanmod/linux-6.8.y-xanmod/net/tcp/bbr3/*.patch \
../patches/xanmod/linux-6.8.y-xanmod/net/tcp/cloudflare/*.patch; do
patch -Np1 -i ${i}
done
for i in $(grep '^Patch' ../patches/clearlinux/linux.spec |\
grep -Ev '^Patch0132|^Patch0118|^Patch0113|^Patch0138|^Patch0139|^Patch0109|^Patch0147' | sed -n 's/.*: //p'); do
patch -Np1 -i "../patches/clearlinux/${i}"
done
patch -Np1 -i ../patches/cachy/6.8/0001-aes-xts.patch
patch -Np1 -i ../patches/cachy/6.8/0007-ksm.patch
patch -Np1 -i ../patches/cachy/6.8/0009-zstd.patch
patch -Np1 -i ../patches/tcp-brutal/0001-net-tcp_brutal-make-it-as-a-built-in-kernel-module.patch
patch -Np1 -i ../patches/tcp-brutal/0002-net-tcp_brutal-use-div_u64-to-let-it-build-on-32-bit.patch
patch -Np1 -i ../patches/bcm-fullcone/0001-netfilter-nat-add-brcm-fullcone-support.patch
patch -Np1 -i ../patches/bcm-fullcone/0002-netfilter-nat-add-brcm-fullcone-nft-support.patch
setup_config:
name: Setup config
needs: [apt, checkout, download_source, apply_patch]
runs-on: self-hosted
strategy:
fail-fast: false
max-parallel: 2
matrix:
config: [generic, cloud]
steps:
- working-directory: linux-${{ env.KERNEL_STABLE_VER }}
run: |
scripts/config --file ../config.${{ matrix.config }} \
--set-str LOCALVERSION "-egoist-${{ matrix.config }}"
# /proc/config.gz
scripts/config --file ../config.${{ matrix.config }} \
-e IKCONFIG \
-e IKCONFIG_PROC
# x86-64-v2
scripts/config --file ../config.${{ matrix.config }} \
-d GENERIC_CPU \
-e GENERIC_CPU2
# xt_FLOWOFFLOAD
scripts/config --file ../config.${{ matrix.config }} \
-e NETFILTER_XT_TARGET_FLOWOFFLOAD
# BBR3
scripts/config --file ../config.${{ matrix.config }} \
-m TCP_CONG_CUBIC \
-d DEFAULT_CUBIC \
-e TCP_CONG_BBR \
-e DEFAULT_BBR \
--set-str DEFAULT_TCP_CONG bbr
# BBR3 doesn't work properly with FQ_CODEL
scripts/config --file ../config.${{ matrix.config }} \
-m NET_SCH_FQ_CODEL \
-e NET_SCH_FQ \
-d DEFAULT_FQ_CODEL \
-e DEFAULT_FQ \
--set-str DEFAULT_NET_SCH fq
# TCP Brutal
scripts/config --file ../config.${{ matrix.config }} \
-m TCP_CONG_BRUTAL
# zswap
scripts/config --file ../config.${{ matrix.config }} \
-e ZPOOL \
-e ZSWAP \
-e ZSWAP_DEFAULT_ON \
-d ZSWAP_COMPRESSOR_DEFAULT_LZO \
-e ZSWAP_COMPRESSOR_DEFAULT_ZSTD \
-e ZSWAP_ZPOOL_DEFAULT_ZSMALLOC \
-e ZBUD \
-m Z3FOLD \
-e ZSMALLOC
# NTFS3
scripts/config --file ../config.${{ matrix.config }} \
-m NTFS3_FS \
-e NTFS3_LZX_XPRESS \
-e NTFS3_FS_POSIX_ACL
# SMB
scripts/config --file ../config.${{ matrix.config }} \
-m SMB_SERVER \
-e SMB_SERVER_SMBDIRECT \
-e SMB_SERVER_CHECK_CAP_NET_ADMIN \
-e SMB_SERVER_KERBEROS5
# Security
scripts/config --file ../config.${{ matrix.config }} \
-e SECURITY_SELINUX \
-e SECURITY_SELINUX_BOOTPARAM \
-e SECURITY_SMACK \
-e SECURITY_SMACK_BRINGUP \
-e SECURITY_SMACK_NETFILTER \
-e SECURITY_SMACK_APPEND_SIGNALS \
-e SECURITY_TOMOYO \
-e SECURITY_APPARMOR \
-e SECURITY_YAMA
build_kernel:
name: Build Kernel
needs: [apt, checkout, download_source, apply_patch, setup_config]
runs-on: self-hosted
strategy:
fail-fast: false
max-parallel: 1
matrix:
config: [generic, cloud]
steps:
- working-directory: linux-${{ env.KERNEL_STABLE_VER }}
env:
DEBEMAIL: "love4taylor <[email protected]>"
KDEB_COMPRESS: "xz"
run: |
mkdir -p ../${{ matrix.config }}
make \
KBUILD_OUTPUT=../${{ matrix.config }} \
KCONFIG_CONFIG=../config.${{ matrix.config }} \
olddefconfig
make \
KBUILD_OUTPUT=../${{ matrix.config }} \
KCONFIG_CONFIG=../config.${{ matrix.config }} \
KDEB_PKGVERSION=$(make kernelversion)-${{ env.PKGVER }} \
-j`nproc` \
bindeb-pkg
upload_config:
name: Upload config
needs: [apt, checkout, download_source, apply_patch, setup_config, build_kernel]
runs-on: self-hosted
strategy:
fail-fast: false
max-parallel: 2
matrix:
config: [generic, cloud]
steps:
- uses: actions/upload-artifact@v4
with:
name: config.${{ matrix.config }}
path: config.${{ matrix.config }}
upload_deb:
name: Upload deb
needs: [apt, checkout, download_source, apply_patch, setup_config, build_kernel]
runs-on: self-hosted
strategy:
fail-fast: false
max-parallel: 2
matrix:
config: [generic, cloud]
steps:
- uses: actions/upload-artifact@v4
with:
name: deb.${{ matrix.config }}
path: |
linux-image-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
linux-headers-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
linux-libc-dev_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
compression-level: 0
release:
name: Release
needs: [apt, checkout, download_source, apply_patch, setup_config, build_kernel]
runs-on: self-hosted
strategy:
fail-fast: false
matrix:
config: [generic, cloud]
steps:
- if: ${{ github.event.inputs.release != 'none' }}
uses: ncipollo/release-action@v1
with:
allowUpdates: true
artifacts: |
linux-image-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
linux-headers-${{ env.KERNEL_STABLE_VER }}-egoist-${{ matrix.config }}_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
linux-libc-dev_${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}_amd64.deb
prerelease: ${{ github.event.inputs.release == 'pre-release' }}
makeLatest: ${{ github.event.inputs.release == 'release' }}
tag: ${{ env.KERNEL_STABLE_VER }}-${{ env.PKGVER }}