Release v68 #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
run-name: ${{ startsWith(github.ref, 'refs/tags/v') && format('Release {0}', github.ref_name) || null }} | |
on: | |
workflow_dispatch: | |
push: | |
tags: | |
- v[0-9]+* | |
# branches: | |
# - master | |
# paths: | |
# - 'ip2net/**' | |
# - 'mdig/**' | |
# - 'nfq/**' | |
# - 'tpws/**' | |
jobs: | |
build-linux: | |
name: Linux ${{ matrix.arch }} | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- arch: arm64 | |
tool: aarch64-unknown-linux-musl | |
- arch: arm | |
tool: arm-unknown-linux-musleabi | |
# - arch: armhf | |
# tool: arm-unknown-linux-musleabihf | |
# - arch: armv7 | |
# tool: armv7-unknown-linux-musleabi | |
# - arch: armv7hf | |
# tool: armv7-unknown-linux-musleabihf | |
# - arch: mips64el | |
# tool: mips64el-unknown-linux-musl | |
- arch: mips64 | |
tool: mips64-unknown-linux-musl | |
# - arch: mipsel | |
# tool: mipsel-unknown-linux-musl | |
- arch: mipselsf | |
tool: mipsel-unknown-linux-muslsf | |
# - arch: mips | |
# tool: mips-unknown-linux-musl | |
- arch: mipssf | |
tool: mips-unknown-linux-muslsf | |
# - arch: ppc64 | |
# tool: powerpc64-unknown-linux-musl | |
- arch: ppc | |
tool: powerpc-unknown-linux-musl | |
- arch: x86 | |
tool: i586-unknown-linux-musl | |
- arch: x86_64 | |
tool: x86_64-unknown-linux-musl | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
path: zapret | |
- name: Set up build tools | |
env: | |
REPO: 'spvkgn/musl-cross' | |
TOOL: ${{ matrix.tool }} | |
run: | | |
sudo apt update -qq && sudo apt install -y libcap-dev | |
mkdir -p $HOME/tools | |
wget -qO- https://github.com/$REPO/releases/download/latest/$TOOL.tar.xz | tar -C $HOME/tools -xJ || exit 1 | |
[ -d "$HOME/tools/$TOOL/bin" ] && echo "$HOME/tools/$TOOL/bin" >> $GITHUB_PATH | |
- name: Build | |
env: | |
ARCH: ${{ matrix.arch }} | |
TARGET: ${{ matrix.tool }} | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
DEPS_DIR=$GITHUB_WORKSPACE/deps | |
export CC="$TARGET-gcc" | |
export LD=$TARGET-ld | |
export AR=$TARGET-ar | |
export NM=$TARGET-nm | |
export STRIP=$TARGET-strip | |
export PKG_CONFIG_PATH=$DEPS_DIR/lib/pkgconfig | |
# optimize for size | |
export CFLAGS="-Os -flto=auto" | |
export LDFLAGS="-Os" | |
# netfilter libs | |
git clone --depth 1 -b libmnl-1.0.5 git://git.netfilter.org/libmnl | |
git clone --depth 1 -b libnfnetlink-1.0.2 git://git.netfilter.org/libnfnetlink | |
git clone --depth 1 -b libnetfilter_queue-1.0.5 git://git.netfilter.org/libnetfilter_queue | |
for i in libmnl libnfnetlink libnetfilter_queue ; do | |
( | |
cd $i | |
./autogen.sh && \ | |
./configure --prefix= --host=$TARGET --enable-static --disable-shared && \ | |
make install -j$(nproc) DESTDIR=$DEPS_DIR | |
) | |
sed -i "s|^prefix=.*|prefix=$DEPS_DIR|g" $DEPS_DIR/lib/pkgconfig/$i.pc | |
done | |
# zlib | |
gh api repos/madler/zlib/releases/latest --jq '.tag_name' |\ | |
xargs -I{} wget -qO- https://github.com/madler/zlib/archive/refs/tags/{}.tar.gz | tar -xz | |
( | |
cd zlib-* | |
./configure --prefix= --static && \ | |
make install -j$(nproc) DESTDIR=$DEPS_DIR | |
) | |
# headers | |
# wget https://git.alpinelinux.org/aports/plain/main/bsd-compat-headers/queue.h && \ | |
# wget https://git.kernel.org/pub/scm/libs/libcap/libcap.git/plain/libcap/include/sys/capability.h && \ | |
install -Dm644 -t $DEPS_DIR/include/sys /usr/include/x86_64-linux-gnu/sys/queue.h /usr/include/sys/capability.h | |
# zapret | |
CFLAGS="$CFLAGS -static-libgcc -static -I$DEPS_DIR/include" \ | |
LDFLAGS="$LDFLAGS -L$DEPS_DIR/lib" \ | |
make -C zapret -j$(nproc) | |
tar -C zapret/binaries/my -cJf zapret-linux-$ARCH.tar.xz . | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: zapret-linux-${{ matrix.arch }} | |
path: zapret-*.tar.xz | |
if-no-files-found: error | |
build-macos: | |
name: macOS | |
runs-on: macos-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Build zapret | |
run: | | |
make mac -j$(sysctl -n hw.logicalcpu) | |
tar -C binaries/my -cJf zapret-mac-x64.tar.xz . | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: zapret-mac-x64 | |
path: zapret-*.tar.xz | |
if-no-files-found: error | |
build-freebsd: | |
name: FreeBSD ${{ matrix.arch }} | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- target: x86_64 | |
arch: x86_64 | |
# - target: i386 | |
# arch: x86 | |
container: | |
image: empterdose/freebsd-cross-build:11.4 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install packages | |
run: apk add tar xz | |
- name: Build zapret | |
env: | |
TARGET: ${{ matrix.target }} | |
ARCH: ${{ matrix.arch }} | |
run: | | |
settarget $TARGET-freebsd11 make bsd -j$(nproc) || exit 1 | |
tar -C binaries/my -cJf zapret-freebsd-$ARCH.tar.xz . | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: zapret-freebsd-${{ matrix.arch }} | |
path: zapret-*.tar.xz | |
if-no-files-found: error | |
build-windows: | |
name: Windows ${{ matrix.arch }} | |
runs-on: windows-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: [ x86_64, x86 ] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
path: zapret | |
- name: Set up MinGW | |
uses: msys2/setup-msys2@v2 | |
with: | |
msystem: ${{ matrix.arch == 'x86_64' && 'MINGW64' || 'MINGW32' }} | |
install: >- | |
${{ matrix.arch == 'x86_64' && 'mingw-w64-x86_64-toolchain' || 'mingw-w64-i686-toolchain' }} | |
- name: Build ip2net, mdig | |
shell: msys2 {0} | |
run: | | |
mkdir -p output | |
cd zapret | |
mingw32-make -C ip2net win | |
mingw32-make -C mdig win | |
cp -a {ip2net/ip2net,mdig/mdig}.exe ../output | |
- name: Restore psmisc from cache | |
id: cache-restore-psmisc | |
uses: actions/cache/restore@v4 | |
with: | |
path: ${{ github.workspace }}/psmisc | |
key: psmisc-${{ matrix.arch }} | |
- name: Set up Cygwin | |
env: | |
PACKAGES: ${{ steps.cache-restore-psmisc.outputs.cache-hit != 'true' && 'cygport gettext-devel libiconv-devel libncurses-devel' || null }} | |
uses: cygwin/cygwin-install-action@v4 | |
with: | |
platform: ${{ matrix.arch }} | |
site: ${{ matrix.arch == 'x86_64' && 'http://ctm.crouchingtigerhiddenfruitbat.org/pub/cygwin/circa/64bit/2024/01/30/231215' || null }} | |
check-sig: ${{ matrix.arch == 'x86_64' && 'false' || null }} | |
packages: >- | |
gcc-core | |
make | |
zlib-devel | |
zip | |
unzip | |
wget | |
${{ env.PACKAGES }} | |
- name: Build psmisc | |
if: steps.cache-restore-psmisc.outputs.cache-hit != 'true' | |
env: | |
URL: https://mirrors.kernel.org/sourceware/cygwin/x86_64/release/psmisc | |
shell: C:\cygwin\bin\bash.exe -eo pipefail '{0}' | |
run: >- | |
export MAKEFLAGS=-j$(nproc) && | |
mkdir -p psmisc && cd psmisc && | |
wget -qO- ${URL} | grep -Po 'href=\"\Kpsmisc-(\d+\.)+\d+.+src\.tar\.xz(?=\")' | xargs -I{} wget -O- ${URL}/{} | tar -xJ && | |
cd psmisc-*.src && | |
echo CYGCONF_ARGS+=\" --disable-dependency-tracking --disable-nls\" >> psmisc.cygport && | |
cygport psmisc.cygport prep compile install | |
- name: Save psmisc to cache | |
if: steps.cache-restore-psmisc.outputs.cache-hit != 'true' | |
uses: actions/cache/save@v4 | |
with: | |
path: ${{ github.workspace }}/psmisc | |
key: psmisc-${{ matrix.arch }} | |
- name: Build winws | |
env: | |
TARGET: ${{ matrix.arch == 'x86_64' && 'cygwin' || 'cygwin32' }} | |
shell: C:\cygwin\bin\bash.exe -eo pipefail '{0}' | |
run: >- | |
export MAKEFLAGS=-j$(nproc) && | |
cd zapret && | |
make -C nfq ${TARGET} && | |
cp -a nfq/winws.exe ../output | |
- name: Create zip | |
env: | |
BITS: ${{ matrix.arch == 'x86_64' && '64' || '32' }} | |
DIR: ${{ matrix.arch == 'x86_64' && 'x64' || 'x86' }} | |
shell: C:\cygwin\bin\bash.exe -e '{0}' | |
run: >- | |
cp -a -t output psmisc/psmisc-*.src/psmisc-*/inst/usr/bin/killall.exe /usr/bin/cygwin1.dll && | |
wget -O WinDivert.zip https://github.com/basil00/WinDivert/releases/download/v2.2.2/WinDivert-2.2.2-A.zip && | |
unzip -j WinDivert.zip "*/${DIR}/WinDivert.dll" "*/${DIR}/WinDivert${BITS}.sys" -d output && | |
zip zapret-win-${{ matrix.arch }}.zip -j output/* | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: zapret-win-${{ matrix.arch }} | |
path: zapret-*.zip | |
if-no-files-found: error | |
release: | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') | |
needs: [ build-linux, build-windows, build-macos, build-freebsd ] | |
permissions: | |
contents: write | |
runs-on: ubuntu-latest | |
env: | |
repo_dir: zapret-${{ github.ref_name }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
path: ${{ env.repo_dir }} | |
- name: Download artifacts | |
uses: actions/download-artifact@v4 | |
id: bins | |
with: | |
path: ${{ env.repo_dir }}/binaries | |
pattern: zapret-* | |
- name: Install upx | |
uses: crazy-max/ghaction-upx@v3 | |
with: | |
install-only: true | |
- name: Prepare binaries | |
shell: bash | |
run: | | |
cd ${{ steps.bins.outputs.download-path }} | |
run_upx() { | |
upx --best --lzma $@ || true | |
} | |
run_dir() { | |
for f in $dir/* ; do | |
# extract binaries | |
case $f in | |
*.tar.xz ) | |
tar -C $dir -xvf $f && rm $f | |
if [[ $dir == *-linux-x86_64 ]]; then | |
tar -C $dir -czvf $dir/tpws_wsl.tgz tpws | |
run_upx $dir/* | |
elif [[ $dir =~ linux ]] && [[ $dir != *-linux-mips64 ]]; then | |
run_upx $dir/* | |
fi | |
;; | |
*.zip ) | |
unzip $f -d $dir && rm $f | |
if [[ $dir =~ win ]]; then | |
chmod -x $dir/* | |
run_upx --force $dir/cygwin1.dll | |
fi | |
;; | |
esac | |
done | |
mv $dir $1 | |
} | |
for dir in * ; do | |
if [ -d $dir ]; then | |
echo "Processing $dir" | |
case $dir in | |
*-freebsd-x86_64 ) run_dir freebsd-x64 ;; | |
*-linux-arm ) run_dir arm ;; | |
*-linux-arm64 ) run_dir aarch64 ;; | |
*-linux-mips64 ) run_dir mips64r2-msb ;; | |
*-linux-mipselsf ) run_dir mips32r1-lsb ;; | |
*-linux-mipssf ) run_dir mips32r1-msb ;; | |
*-linux-ppc ) run_dir ppc ;; | |
*-linux-x86 ) run_dir x86 ;; | |
*-linux-x86_64 ) run_dir x86_64 ;; | |
*-mac-x64 ) run_dir mac64 ;; | |
*-win-x86 ) run_dir win32 ;; | |
*-win-x86_64 ) run_dir win64 ;; | |
esac | |
fi | |
done | |
ls -lhR | |
- name: Create release bundles | |
run: | | |
rm -rf ${{ env.repo_dir }}/.git* | |
tar -czf ${{ env.repo_dir }}.tar.gz ${{ env.repo_dir }} | |
zip -qr ${{ env.repo_dir }}.zip ${{ env.repo_dir }} | |
- name: Upload release assets | |
uses: softprops/action-gh-release@v2 | |
with: | |
fail_on_unmatched_files: true | |
prerelease: false | |
draft: false | |
body: | | |
### zapret ${{ github.ref_name }} | |
files: | | |
zapret*.tar.gz | |
zapret*.zip |