This repository has been archived by the owner on Jan 10, 2025. It is now read-only.
⚙️ Build OpenSSH 📦 #257
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ⚙️ Build OpenSSH 📦 | |
#MAX_RUNTIME: | |
on: | |
workflow_dispatch: | |
schedule: | |
- cron: "15 18 * * *" # 12:00 AM Nepal Time Midnight EveryDay | |
env: | |
GITHUB_TOKEN: ${{ secrets.STATIC_TOOLBOX }} | |
jobs: | |
#------------------------------------------------------------------------------------# | |
# To list all bootlin ToolChains: https://toolchains.bootlin.com/toolchains.html | |
# curl -qfsSL "https://toolchains.bootlin.com/downloads/releases/toolchains/" | grep -oE 'href="[^"]+"' | awk -F'"' '{print $2}' | grep -E '^[^?/]' | sed 's:/$::' | |
# With the def settings in the def host, the following fail to compile (NOT Tested on containers): | |
# aarch64be | |
# armebv7-eabihf | |
#------------------------------------------------------------------------------------# | |
build-aarch64: | |
name: Build OpenSSH (ARCH=aarch64) | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install CoreUtils & Deps | |
run: | | |
sudo apt-get update -y | |
sudo apt-get install automake b3sum build-essential ca-certificates ccache lzip jq make musl musl-dev musl-tools p7zip-full wget -y | |
- name: Build OpenSSH | |
run: | | |
set -x ; set +e | |
# Git Clone Repo | |
cd $(mktemp -d) && git clone "https://github.com/binary-manu/static-cross-openssh" | |
cd "./static-cross-openssh" ; make switch-toolchain 2>/dev/null | |
# Make all | |
make -j"$(($(nproc)+1))" ARCH=aarch64 PREFIX=/ __all__/VERSION=latest all | |
# Extract & Put Everything in a sngle dir | |
find "./bin" -type f -name '*.tgz' -exec sh -c 'mkdir -p "${1%.tgz}" && tar -xzf "$1" -C "${1%.tgz}" --strip-components=1' sh {} \; | |
# rm the original .tgz & empty files | |
rm ./bin/*.tgz && find "./bin" -empty -delete | |
# create a new .tgz | |
find "./bin" -maxdepth 1 -type d -name '*openssh*' -exec tar -czf "{}.tgz" -C "$(dirname {})" "$(basename {})" \; | |
# Move to $pwd and rename | |
find ./bin -type f -name '*.tgz' -exec sh -c 'mv "$1" "$(basename "$1" .tgz)_$(ls ./toolchain | awk -F"--" "{print \$1}").tgz"' sh {} \; | |
# Extract name to GITHUB_ENV | |
export RELEASE_NAME="$(ls *.tgz)" && echo "RELEASE_NAME=$RELEASE_NAME" >> $GITHUB_ENV | |
export RELEASE_PATH="$(realpath $RELEASE_NAME)" && echo "RELEASE_PATH=$RELEASE_PATH" >> $GITHUB_ENV | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.RELEASE_NAME }} | |
path: ${{ env.RELEASE_PATH }} | |
#------------------------------------------------------------------------------------# | |
build-armv7-eabihf: | |
name: Build OpenSSH (ARCH=armv7-eabihf) | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install CoreUtils & Deps | |
run: | | |
sudo apt-get update -y | |
sudo apt-get install automake b3sum build-essential ca-certificates ccache lzip jq make musl musl-dev musl-tools p7zip-full wget -y | |
- name: Build OpenSSH | |
run: | | |
set -x ; set +e | |
# Get $VERSION | |
export OPENSSH_VERSION="$(curl -qfsSL https://api.github.com/repos/openssh/openssh-portable/tags | jq -r '.[0].name')" | |
echo "OPENSSH_VERSION=$OPENSSH_VERSION" >> $GITHUB_ENV | |
# Git Clone Repo | |
cd $(mktemp -d) && git clone "https://github.com/binary-manu/static-cross-openssh" | |
cd "./static-cross-openssh" ; make switch-toolchain 2>/dev/null | |
# Make all | |
make -j"$(($(nproc)+1))" ARCH=armv7-eabihf PREFIX=/ __all__/VERSION=latest all | |
# Extract & Put Everything in a sngle dir | |
find "./bin" -type f -name '*.tgz' -exec sh -c 'mkdir -p "${1%.tgz}" && tar -xzf "$1" -C "${1%.tgz}" --strip-components=1' sh {} \; | |
# rm the original .tgz & empty files | |
rm ./bin/*.tgz && find "./bin" -empty -delete | |
# create a new .tgz | |
find "./bin" -maxdepth 1 -type d -name '*openssh*' -exec tar -czf "{}.tgz" -C "$(dirname {})" "$(basename {})" \; | |
# Move to $pwd and rename | |
find ./bin -type f -name '*.tgz' -exec sh -c 'mv "$1" "$(basename "$1" .tgz)_$(ls ./toolchain | awk -F"--" "{print \$1}").tgz"' sh {} \; | |
# Extract name to GITHUB_ENV | |
export RELEASE_NAME="$(ls *.tgz)" && echo "RELEASE_NAME=$RELEASE_NAME" >> $GITHUB_ENV | |
export RELEASE_PATH="$(realpath $RELEASE_NAME)" && echo "RELEASE_PATH=$RELEASE_PATH" >> $GITHUB_ENV | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.RELEASE_NAME }} | |
path: ${{ env.RELEASE_PATH }} | |
#------------------------------------------------------------------------------------# | |
build-x86-64: | |
name: Build OpenSSH (ARCH=x86-64) | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install CoreUtils & Deps | |
run: | | |
sudo apt-get update -y | |
sudo apt-get install automake b3sum build-essential ca-certificates ccache lzip jq make musl musl-dev musl-tools p7zip-full wget -y | |
- name: Build OpenSSH | |
run: | | |
set -x ; set +e | |
# Git Clone Repo | |
cd $(mktemp -d) && git clone "https://github.com/binary-manu/static-cross-openssh" | |
cd "./static-cross-openssh" ; make switch-toolchain 2>/dev/null | |
# Make all | |
make -j"$(($(nproc)+1))" ARCH=x86-64 PREFIX=/ __all__/VERSION=latest all | |
# Extract & Put Everything in a sngle dir | |
find "./bin" -type f -name '*.tgz' -exec sh -c 'mkdir -p "${1%.tgz}" && tar -xzf "$1" -C "${1%.tgz}" --strip-components=1' sh {} \; | |
# rm the original .tgz & empty files | |
rm ./bin/*.tgz && find "./bin" -empty -delete | |
# create a new .tgz | |
find "./bin" -maxdepth 1 -type d -name '*openssh*' -exec tar -czf "{}.tgz" -C "$(dirname {})" "$(basename {})" \; | |
# Move to $pwd and rename | |
find ./bin -type f -name '*.tgz' -exec sh -c 'mv "$1" "$(basename "$1" .tgz)_$(ls ./toolchain | awk -F"--" "{print \$1}").tgz"' sh {} \; | |
# Extract name to GITHUB_ENV | |
export RELEASE_NAME="$(ls *.tgz)" && echo "RELEASE_NAME=$RELEASE_NAME" >> $GITHUB_ENV | |
export RELEASE_PATH="$(realpath $RELEASE_NAME)" && echo "RELEASE_PATH=$RELEASE_PATH" >> $GITHUB_ENV | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.RELEASE_NAME }} | |
path: ${{ env.RELEASE_PATH }} | |
#------------------------------------------------------------------------------------# | |
#------------------------------------------------------------------------------------# | |
create-release: | |
name: Create OpenSSH Release | |
runs-on: ubuntu-latest | |
needs: [build-aarch64, build-armv7-eabihf, build-x86-64] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Env | |
run: | | |
# Create tmp dir for releases | |
mkdir /tmp/releases | |
# Get $VERSION | |
export OPENSSH_VERSION="$(curl -qfsSL https://api.github.com/repos/openssh/openssh-portable/tags | jq -r '.[0].name')" | |
# If we get rate-limited, git clone the repo | |
if [ -z "$OPENSSH_VERSION" ]; then | |
cd $(mktemp -d) && git clone https://github.com/openssh/openssh-portable && cd openssh-portable | |
export OPENSSH_VERSION=$(git tag --sort=-creatordate | head -n 1) | |
fi | |
# Export it to ENV | |
echo "OPENSSH_VERSION=$OPENSSH_VERSION" >> $GITHUB_ENV | |
- name: Download Artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
path: /tmp/releases | |
- name: List Artifacts && Unpack | |
run: | | |
ls -laR /tmp/releases && cd /tmp/releases | |
##aarch64_arm64## | |
#---------------# | |
find . -type f -name '*aarch64*' -exec tar -xzvf {} \; | |
#scp | |
find ./bin -type f -name '*scp*' -exec mv {} scp_aarch64_arm64_Linux \; | |
#sftp | |
find ./bin -type f -name '*sftp*' ! -name '*sftp-server*' -exec mv {} sftp_aarch64_arm64_Linux \; | |
#sftp_server | |
find ./bin -type f -name '*sftp-server*' -exec mv {} sftp_server_aarch64_arm64_Linux \; | |
#ssh | |
find ./bin -type f -name '*ssh*' ! -name '*sshd*' ! -name "*ssh-*" -exec mv {} ssh_aarch64_arm64_Linux \; | |
#ssh-add | |
find ./bin -type f -name '*ssh-add*' -exec mv {} ssh-add_aarch64_arm64_Linux \; | |
#ssh-agent | |
find ./bin -type f -name '*ssh-agent*' -exec mv {} ssh-agent_aarch64_arm64_Linux \; | |
#ssh-keygen | |
find ./bin -type f -name '*ssh-keygen*' -exec mv {} ssh-keygen_aarch64_arm64_Linux \; | |
#ssh-keyscan | |
find ./bin -type f -name '*ssh-keyscan*' -exec mv {} ssh-keyscan_aarch64_arm64_Linux \; | |
#ssh-keysign | |
find ./bin -type f -name '*ssh-keysign*' -exec mv {} ssh-keysign_aarch64_arm64_Linux \; | |
#sshd | |
find ./bin -type f -name '*sshd*' ! -name '*sshd_config*' -exec mv {} sshd_aarch64_arm64_Linux \; | |
#sshd_config | |
find ./bin -type f -name '*sshd_config*' -exec mv {} sshd_config_aarch64_arm64_Linux \; | |
#Remove Empties | |
find . -empty -delete | |
#---------------# | |
##amd_x86_64## | |
find . -type f -name '*x86-64*' -exec tar -xzvf {} \; | |
#scp | |
find ./bin -type f -name '*scp*' -exec mv {} scp_amd_x86_64_Linux \; | |
#sftp | |
find ./bin -type f -name '*sftp*' ! -name '*sftp-server*' -exec mv {} sftp_amd_x86_64_Linux \; | |
#sftp_server | |
find ./bin -type f -name '*sftp-server*' -exec mv {} sftp_server_amd_x86_64_Linux \; | |
#ssh | |
find ./bin -type f -name '*ssh*' ! -name '*sshd*' ! -name "*ssh-*" -exec mv {} ssh_amd_x86_64_Linux \; | |
#ssh-add | |
find ./bin -type f -name '*ssh-add*' -exec mv {} ssh-add_amd_x86_64_Linux \; | |
#ssh-agent | |
find ./bin -type f -name '*ssh-agent*' -exec mv {} ssh-agent_amd_x86_64_Linux \; | |
#ssh-keygen | |
find ./bin -type f -name '*ssh-keygen*' -exec mv {} ssh-keygen_amd_x86_64_Linux \; | |
#ssh-keyscan | |
find ./bin -type f -name '*ssh-keyscan*' -exec mv {} ssh-keyscan_amd_x86_64_Linux \; | |
#ssh-keysign | |
find ./bin -type f -name '*ssh-keysign*' -exec mv {} ssh-keysign_amd_x86_64_Linux \; | |
#sshd | |
find ./bin -type f -name '*sshd*' ! -name '*sshd_config*' -exec mv {} sshd_amd_x86_64_Linux \; | |
#sshd_config | |
find ./bin -type f -name '*sshd_config*' -exec mv {} sshd_config_amd_x86_64_Linux \; | |
#Remove Empties | |
find . -empty -delete | |
#---------------# | |
##armv7_eabihf## | |
find . -type f -name '*armv7-eabihf*' -exec tar -xzvf {} \; | |
#scp | |
find ./bin -type f -name '*scp*' -exec mv {} scp_armv7_eabihf_Linux \; | |
#sftp | |
find ./bin -type f -name '*sftp*' ! -name '*sftp-server*' -exec mv {} sftp_armv7_eabihf_Linux \; | |
#sftp_server | |
find ./bin -type f -name '*sftp-server*' -exec mv {} sftp_server_armv7_eabihf_Linux \; | |
#ssh | |
find ./bin -type f -name '*ssh*' ! -name '*sshd*' ! -name "*ssh-*" -exec mv {} ssh_armv7_eabihf_Linux \; | |
#ssh-add | |
find ./bin -type f -name '*ssh-add*' -exec mv {} ssh-add_armv7_eabihf_Linux \; | |
#ssh-agent | |
find ./bin -type f -name '*ssh-agent*' -exec mv {} ssh-agent_armv7_eabihf_Linux \; | |
#ssh-keygen | |
find ./bin -type f -name '*ssh-keygen*' -exec mv {} ssh-keygen_armv7_eabihf_Linux \; | |
#ssh-keyscan | |
find ./bin -type f -name '*ssh-keyscan*' -exec mv {} ssh-keyscan_armv7_eabihf_Linux \; | |
#ssh-keysign | |
find ./bin -type f -name '*ssh-keysign*' -exec mv {} ssh-keysign_armv7_eabihf_Linux \; | |
#sshd | |
find ./bin -type f -name '*sshd*' ! -name '*sshd_config*' -exec mv {} sshd_armv7_eabihf_Linux \; | |
#sshd_config | |
find ./bin -type f -name '*sshd_config*' -exec mv {} sshd_config_armv7_eabihf_Linux \; | |
#Remove Empties | |
find . -empty -delete | |
- name: Create Body for Release | |
run: | | |
set +e | |
cd /tmp/releases | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
echo '---' >> /tmp/RELEASE_NOTE.md | |
echo '```console' >> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
echo "Changelog: 'https://www.openssh.com/releasenotes.html'" >> /tmp/RELEASE_NOTE.md | |
echo "Install: 'https://github.com/Azathothas/static-toolbox/blob/master/README.md#openssh'" >> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
echo -e "--> METADATA" >> /tmp/RELEASE_NOTE.md | |
/bin/bash -c 'PS4="$ "; file * | grep -v '.txt' '&>> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
echo -e "--> SHA256SUM" >> /tmp/RELEASE_NOTE.md | |
/bin/bash -c 'PS4="$ ";sha256sum * | grep -v '.txt' ' &>> /tmp/RELEASE_NOTE.md | |
echo -e '```\n' >> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
echo '---' >> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
echo '- #### Version' >> /tmp/RELEASE_NOTE.md | |
echo '```console' >> /tmp/RELEASE_NOTE.md | |
/bin/bash -c 'PS4="$ "; ./sshd_amd_x86_64_Linux --help' &>> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
/bin/bash -c 'PS4="$ "; ./sftp_server_amd_x86_64_Linux -help' &>> /tmp/RELEASE_NOTE.md | |
echo '```' >> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
echo '---' >> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
echo '- #### Sizes' >> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
echo '```console' >> /tmp/RELEASE_NOTE.md | |
/bin/bash -c 'PS4="$ "; ls -lh ./* | grep -v '.txt' | awk "{print \$5, \$9}" | column -t' &>> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
echo '```' >> /tmp/RELEASE_NOTE.md | |
echo -e "" >> /tmp/RELEASE_NOTE.md | |
continue-on-error: true | |
- name: Releaser | |
uses: softprops/[email protected] | |
with: | |
name: "OpenSSH ${{ env.OPENSSH_VERSION }}" | |
tag_name: "openssh-${{ env.OPENSSH_VERSION }}" | |
prerelease: false | |
draft: false | |
generate_release_notes: false | |
token: "${{ secrets.GITHUB_TOKEN }}" | |
body_path: "/tmp/RELEASE_NOTE.md" | |
files: | | |
/tmp/releases/* | |
#------------------------------------------------------------------------------------# |