This repository has been archived by the owner on Jul 8, 2024. It is now read-only.

⚙️ Build DropBear 📦 #54

Workflow file for this run

.github/workflows/build_dropbear.yaml at 2679d49

	name: ⚙️ Build DropBear 📦
	#MAX_RUNTIME:
	on:
	workflow_dispatch:
	schedule:
	#- cron: "0 0 * * 0" # 12:00 AM UTC Every Sunday (05:45 AM Morning Nepal)
	- cron: "0 0 /3 *" #Every 3 days
	env:
	GITHUB_TOKEN: ${{ secrets.STATIC_TOOLBOX }}

	jobs:
	#------------------------------------------------------------------------------------#
	#------------------------------------------------------------------------------------#
	build-dropbear:
	runs-on: ubuntu-latest

	permissions:
	contents: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4
	with:
	path: main

	- name: Install CoreUtils & Deps
	run: \|
	set +e
	sudo apt-get update -y
	sudo apt-get install automake b3sum build-essential ca-certificates ccache lzip jq make musl musl-dev musl-tools p7zip-full wget -y
	sudo apt-get install -y --no-install-recommends autoconf automake autopoint binutils bison build-essential ca-certificates flex file jq patch patchelf pkg-config python3-pip qemu-user-static wget xsltproc
	continue-on-error: true

	- name: Install Addons
	run: \|
	#presets
	set -x ; set +e
	#-------------#
	#7z
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/7z" -o "/usr/bin/7z" && sudo chmod +xwr "/usr/bin/7z"
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/7z" -o "/usr/local/bin/7z" && sudo chmod +xwr "/usr/local/bin/7z"
	#action-lint
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/actionlint" -o "/usr/local/bin/actionlint" && sudo chmod +xwr "/usr/local/bin/actionlint"
	#b3sum
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/b3sum" -o "/usr/bin/b3sum" && sudo chmod +xwr "/usr/bin/b3sum"
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/b3sum" -o "/usr/local/bin/b3sum" && sudo chmod +xwr "/usr/local/bin/b3sum"
	#delta
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/delta" -o "/usr/local/bin/delta" && sudo chmod +xwr "/usr/local/bin/delta"
	#dust
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/dust" -o "/usr/local/bin/dust" && sudo chmod +xwr "/usr/local/bin/dust"
	#eget
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/eget" -o "/usr/local/bin/eget" && sudo chmod +xwr "/usr/local/bin/eget"
	#git-sizer
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/git-sizer" -o "/usr/local/bin/git-sizer" && sudo chmod +xwr "/usr/local/bin/git-sizer"
	#rclone
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/rclone" -o "/usr/local/bin/rclone" && sudo chmod +xwr "/usr/local/bin/rclone"
	#validtoml
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/validtoml" -o "/usr/local/bin/validtoml" && sudo chmod +xwr "/usr/local/bin/validtoml"
	#Yq
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/yq" -o "/usr/local/bin/yq" && sudo chmod +xwr "/usr/local/bin/yq"
	#Yj
	sudo curl -qfsSL "https://bin.ajam.dev/x86_64_Linux/yj" -o "/usr/local/bin/yj" && sudo chmod +xwr "/usr/local/bin/yj"
	continue-on-error: true

	- name: Setup Env
	run: \|
	#Presets
	set -x ; set +e
	#tmp
	SYSTMP="$(dirname $(mktemp -u))" && export SYSTMP="$SYSTMP"
	echo "SYSTMP=$SYSTMP" >> "$GITHUB_ENV"
	#--------------#
	# Create Output Dir
	mkdir -p "$SYSTMP/releases"
	# Get $VERSION
	export DROPBEAR_VERSION="$(curl -qfsSL https://api.github.com/repos/mkj/dropbear/tags \| jq -r '.[0].name')"
	# If we get rate-limited, git clone the repo
	if [ -z "$DROPBEAR_VERSION" ]; then
	cd $(mktemp -d) && git clone "https://github.com/mkj/dropbear" && cd "./dropbear"
	export DROPBEAR_VERSION=$(git tag --sort=-creatordate \| head -n 1)
	fi
	# Export it to ENV
	echo "DROPBEAR_VERSION=$DROPBEAR_VERSION" >> "$GITHUB_ENV"
	continue-on-error: true

	- name: Install/Update Cargo
	run: \|
	# Presets
	set -x ; set +e
	#--------------#
	#Install
	bash <(curl -qfsSL "https://sh.rustup.rs") -y
	source "$HOME/.bashrc"
	rustc --version && cargo --version
	#Cross-rs
	cargo install cross --git "https://github.com/cross-rs/cross"
	sudo ldconfig && sudo ldconfig -p
	continue-on-error: true

	- name: Install/Update golang
	run: \|
	#Presets
	set -x ; set +e
	#--------------#
	echo "yes" \| bash <(curl -qfsSL "https://git.io/go-installer")
	source "$HOME/.bashrc"
	go version
	continue-on-error: true

	- name: Install Meson & Ninja
	run: \|
	# Presets
	set -x ; set +e
	#--------------#
	#Install
	sudo rm "/usr/bin/meson" "/usr/bin/ninja" 2>/dev/null
	pip install meson ninja --upgrade
	pip install meson ninja --break-system-packages --upgrade 2>/dev/null
	#python3 -m pip install meson ninja --upgrade
	sudo ln -s "$HOME/.local/bin/meson" "/usr/bin/meson" 2>/dev/null
	sudo ln -s "$HOME/.local/bin/ninja" "/usr/bin/ninja" 2>/dev/null
	sudo chmod +xwr "/usr/bin/meson" "/usr/bin/ninja"
	#version
	meson --version ; ninja --version
	sudo ldconfig && sudo ldconfig -pn
	continue-on-error: true

	- name: Install Mold
	run: \|
	# Presets
	set -x ; set +e
	#--------------#
	#Download latest release
	pushd "$(mktemp -d)" > /dev/null 2>&1 && eget "rui314/mold" --asset "x86_64-linux.tar.gz" --download-only --to "./mold.tar.gz"
	#Extract Archive
	find . -type f -name ".tar.gz" -exec tar -xvf {} --strip-components=1 \;
	#Main Binary
	sudo rm -rf "/usr/local/bin/ld.mold" 2>/dev/null ; sudo rm -rf "/usr/local/libexec/mold" 2>/dev/null
	sudo cp "./bin/mold" "/usr/local/bin/mold" ; sudo chmod +xwr "/usr/local/bin/mold"
	#symlinks
	# /usr/local/bin/ld.mold -> mold
	sudo ln -s "/usr/local/bin/mold" "/usr/local/bin/ld.mold"
	# /usr/local/libexec/mold/ld --> /usr/local/bin/mold
	sudo mkdir -p "/usr/local/libexec/mold" && sudo ln -s "/usr/local/bin/mold" "/usr/local/libexec/mold/ld" ; sudo chmod +xwr "/usr/local/libexec/mold"/*
	#lib : /usr/local/lib/mold/mold-wrapper.so
	sudo cp -r "./lib/." "/usr/local/lib/" ; sudo chmod +xwr "/usr/local/lib/mold"/* ; popd > /dev/null 2>&1
	#Test
	mold --version
	sudo ldconfig && sudo ldconfig -p
	continue-on-error: true

	- name: Install Bootlin Toolchains
	run: \|
	# Presets
	set -x ; set +e
	#--------------#
	##Clean
	sudo rm "/opt/toolchains" -rf 2>/dev/null
	##https://pub.ajam.dev/toolchains/x86_64-glibc-stable/ --> /opt/toolchains/x86_64-buildroot-linux-gnu
	pushd "$(mktemp -d)" > /dev/null 2>&1 && eget "https://pub.ajam.dev/toolchains/x86_64-glibc-stable.tar.bz2" --download-only
	find . -type f -name ".tar" -exec tar -xf {} \;
	sudo mkdir -p "/opt/toolchains" 2>/dev/null
	sudo mv "$(find . -maxdepth 1 -type d -exec basename {} \; \| grep -Ev '^\.$' \| xargs -I {} realpath {})" "/opt/toolchains/x86_64-buildroot-linux-gnu"
	cd "/opt/toolchains/x86_64-buildroot-linux-gnu" && sudo bash "./relocate-sdk.sh" ; popd > /dev/null 2>&1
	##https://pub.ajam.dev/toolchains/x86_64-musl-stable/ --> /opt/toolchains/x86_64-buildroot-linux-musl
	pushd "$(mktemp -d)" > /dev/null 2>&1 && eget "https://pub.ajam.dev/toolchains/x86_64-musl-stable.tar.bz2" --download-only
	find . -type f -name ".tar" -exec tar -xf {} \;
	sudo mkdir -p "/opt/toolchains" 2>/dev/null
	sudo mv "$(find . -maxdepth 1 -type d -exec basename {} \; \| grep -Ev '^\.$' \| xargs -I {} realpath {})" "/opt/toolchains/x86_64-buildroot-linux-musl"
	cd "/opt/toolchains/x86_64-buildroot-linux-musl" && sudo bash "./relocate-sdk.sh" ; popd > /dev/null 2>&1
	##https://pub.ajam.dev/toolchains/x86_64-uclibc-stable/ --> /opt/toolchains/x86_64-buildroot-linux-uclibc
	pushd "$(mktemp -d)" > /dev/null 2>&1 && eget "https://pub.ajam.dev/toolchains/x86_64-uclibc-stable.tar.bz2" --download-only
	find . -type f -name ".tar" -exec tar -xf {} \;
	sudo mkdir -p "/opt/toolchains" 2>/dev/null
	sudo mv "$(find . -maxdepth 1 -type d -exec basename {} \; \| grep -Ev '^\.$' \| xargs -I {} realpath {})" "/opt/toolchains/x86_64-buildroot-linux-uclibc"
	cd "/opt/toolchains/x86_64-buildroot-linux-uclibc" && sudo bash "./relocate-sdk.sh" ; popd > /dev/null 2>&1
	##Test
	echo -e "\n\n[+] Toolchains\n"
	du -h --max-depth="1" "/opt/toolchains" 2>/dev/null \| sort -hr ; echo -e "\n\n"
	continue-on-error: true

	- name: Install Zig
	run: \|
	# Presets
	set -x ; set +e
	#--------------#
	bash <(curl -qfsSL "https://raw.githubusercontent.com/Azathothas/Arsenal/main/misc/Linux/Debian/install_zig.sh")
	continue-on-error: true

	- name: Build dropbear for amd_x86_64 (Natively)
	run: \|
	#Presets
	set -x ; set +e
	export PATH="$HOME/bin:$HOME/.cargo/bin:$HOME/.cargo/env:$HOME/.go/bin:$HOME/go/bin:$HOME/miniconda3/bin:$HOME/miniconda3/condabin:/usr/local/zig:/usr/local/zig/lib:/usr/local/zig/lib/include:/usr/local/musl/bin:/usr/local/musl/lib:/usr/local/musl/include:$PATH"
	#--------------#
	#Get Source
	pushd "$(mktemp -d)" > /dev/null 2>&1 && git clone --filter "blob:none" "https://github.com/mkj/dropbear" && cd "./dropbear"
	#Configure Toolchains
	export TOOLCHAIN_BASE="x86_64-buildroot-linux-musl"
	export TOOLCHAIN_ROOT="/opt/toolchains/$TOOLCHAIN_BASE"
	export TOOLCHAIN_SYSROOT="$TOOLCHAIN_ROOT/$TOOLCHAIN_BASE/sysroot"
	export TOOLCHAIN_INCLUDE="$TOOLCHAIN_ROOT/include"
	export TOOLCHAIN_LIB="$TOOLCHAIN_ROOT/lib"
	export CROSS_COMPILE="$TOOLCHAIN_ROOT/bin/$TOOLCHAIN_BASE-"
	# Build FLAGS (no zig cc)
	unset AR CC CFLAGS CXX CXXFLAGS DLLTOOL HOST_CC HOST_CXX LDFLAGS OBJCOPY RANLIB
	unset CC && export CC="${CROSS_COMPILE}cc"
	unset CXX && export CXX="${CROSS_COMPILE}c++"
	unset DLLTOOL && export DLLTOOL="zig dlltool"
	unset HOST_CC && export HOST_CC="${CROSS_COMPILE}cc"
	unset HOST_CXX && export HOST_CXX="${CROSS_COMPILE}c++"
	unset OBJCOPY && export OBJCOPY="zig objcopy"
	unset RANLIB && export RANLIB="zig ranlib"
	unset CFLAGS && export CFLAGS="-O2 -flto=auto -fPIE -fpie -static -w -pipe --sysroot=$TOOLCHAIN_SYSROOT -I$TOOLCHAIN_SYSROOT/usr/include -I$TOOLCHAIN_ROOT/include"
	unset CXXFLAGS && export CXXFLAGS="${CFLAGS}"
	unset LDFLAGS && export LDFLAGS="-static -static-pie -pie -s -Wl,-S -Wl,--build-id=none --sysroot=$TOOLCHAIN_SYSROOT -L$TOOLCHAIN_SYSROOT/usr/lib -L$TOOLCHAIN_ROOT/lib"
	#Configure
	"./configure" --enable-static --disable-harden
	#Make a multicall-binary : https://github.com/mkj/dropbear/blob/master/MULTI.md
	make PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp" MULTI=1 -j"$(($(nproc)+1))"
	mv "./dropbearmulti" "$SYSTMP/releases/dropbearmulti_amd_x86_64_Linux"
	#Make Single Binaries : https://github.com/mkj/dropbear/blob/master/INSTALL.md
	make clean ; make PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp" -j"$(($(nproc)+1))"
	#Move to releases
	mv "./dbclient" "$SYSTMP/releases/dbclient_amd_x86_64_Linux"
	mv "./dropbear" "$SYSTMP/releases/dropbear_amd_x86_64_Linux"
	mv "./dropbearkey" "$SYSTMP/releases/dropbearkey_amd_x86_64_Linux"
	mv "./dropbearconvert" "$SYSTMP/releases/dropbearconvert_amd_x86_64_Linux"
	mv "./scp" "$SYSTMP/releases/dropbearscp_amd_x86_64_Linux"
	#Doesn't really reduce much size
	##Make Only Server: https://github.com/mkj/dropbear/blob/master/SMALL.md
	#make clean ; make PROGRAMS="dropbear" -j"$(($(nproc)+1))"
	#meta
	file $SYSTMP/releases/* && ls $SYSTMP/releases/* -lahr ; popd > /dev/null 2>&1
	#strip
	strip $SYSTMP/releases/*
	continue-on-error: true

	- name: Build dropbear for aarch64_arm64_arm64-v8 (Docker)
	run: \|
	#Presets
	set -x ; set +e
	#--------------#
	docker run --privileged --name "arm64v8_debian" \
	"arm64v8/debian:latest" \
	bash -c '
	export DEBIAN_FRONTEND=noninteractive
	apt-get update -y ; apt-get dist-upgrade -y ; apt-get upgrade -y
	apt install -y autoconf automake autopoint curl devscripts dpkg-dev file g++ gawk make libtool jq pkgconf tcl patch pkg-config wget tar unzip xsltproc
	apt install autoconf automake autopoint binutils bison build-essential ca-certificates coreutils curl dos2unix git gcc htop flex file jq moreutils nano pkg-config sudo util-linux wget -y
	apt install "glibc" "libssl" lzip musl musl-dev musl-tools "openssl" -y
	apt install asciidoctor libcapnp-dev libcap-ng-dev libcap-ng-utils libpython3-dev po4a zlib1g-dev -y
	pushd "$(mktemp -d)" && curl -qfLJO "$(curl -qfsSL https://api.github.com/repos/upx/upx/releases/latest \| jq -r ".assets[].browser_download_url" \| grep -i "arm64_linux")"
	find . -type f -name "tar" -exec tar -xvf {} \;
	sudo find . -type f -name "upx" -exec mv {} "/usr/bin/upx" \;
	sudo cp "/usr/bin/upx" "/usr/local/bin/upx"
	sudo chmod +xwr "/usr/bin/upx" "/usr/local/bin/upx" ; upx -h ; popd
	git clone "https://github.com/mkj/dropbear" && cd "./dropbear"
	./configure --enable-static --disable-harden
	make PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp" MULTI=1 -j"$(($(nproc)+1))"
	strip "./dropbearmulti" ; mv "./dropbearmulti" "/dropbearmulti_aarch64_arm64_Linux"
	make clean ; make PROGRAMS="dropbear dbclient dropbearkey dropbearconvert scp" -j"$(($(nproc)+1))"
	strip "./dbclient" ; mv "./dbclient" "/dbclient_aarch64_arm64_Linux"
	strip "./dropbear" ; mv "./dropbear" "/dropbear_aarch64_arm64_Linux"
	strip "./dropbearkey" ; mv "./dropbearkey" "/dropbearkey_aarch64_arm64_Linux"
	strip "./dropbearconvert" ; mv "./dropbearconvert" "/dropbearconvert_aarch64_arm64_Linux"
	strip "./scp" ; mv "./scp" "/dropbearscp_aarch64_arm64_Linux"
	'
	#Copy
	docker cp "arm64v8_debian:./dropbearmulti_aarch64_arm64_Linux" "$SYSTMP/releases"
	docker cp "arm64v8_debian:./dbclient_aarch64_arm64_Linux" "$SYSTMP/releases"
	docker cp "arm64v8_debian:./dropbear_aarch64_arm64_Linux" "$SYSTMP/releases"
	docker cp "arm64v8_debian:./dropbearkey_aarch64_arm64_Linux" "$SYSTMP/releases"
	docker cp "arm64v8_debian:./dropbearconvert_aarch64_arm64_Linux" "$SYSTMP/releases"
	docker cp "arm64v8_debian:./dropbearscp_aarch64_arm64_Linux" "$SYSTMP/releases"
	#meta
	file $SYSTMP/releases/* && ls $SYSTMP/releases/* -lahr
	#Delete Containers
	docker ps -a -q \| xargs docker rm >/dev/null 2>&1
	#Del Docker Images
	docker images -q \| xargs docker rmi -f >/dev/null 2>&1
	continue-on-error: true

	- name: Create Body for Release
	run: \|
	set +e
	cd $SYSTMP/releases
	echo -e "" >> /tmp/RELEASE_NOTE.md
	echo '---' >> /tmp/RELEASE_NOTE.md
	echo '```console' >> /tmp/RELEASE_NOTE.md
	echo -e "" >> /tmp/RELEASE_NOTE.md
	echo "Changelog: 'https://matt.ucc.asn.au/dropbear/CHANGES'" >> /tmp/RELEASE_NOTE.md
	echo -e "" >> /tmp/RELEASE_NOTE.md
	echo -e "--> METADATA" >> /tmp/RELEASE_NOTE.md
	/bin/bash -c 'PS4="$ "; file * \| grep -v '.txt' '&>> /tmp/RELEASE_NOTE.md
	echo -e "" >> /tmp/RELEASE_NOTE.md
	echo -e "--> SHA256SUM" >> /tmp/RELEASE_NOTE.md
	/bin/bash -c 'PS4="$ ";sha256sum * \| grep -v '.txt' ' &>> /tmp/RELEASE_NOTE.md
	echo -e '```\n' >> /tmp/RELEASE_NOTE.md
	echo -e "" >> /tmp/RELEASE_NOTE.md
	echo '---' >> /tmp/RELEASE_NOTE.md
	echo -e "" >> /tmp/RELEASE_NOTE.md
	echo '- #### Sizes' >> /tmp/RELEASE_NOTE.md
	echo -e "" >> /tmp/RELEASE_NOTE.md
	echo '```console' >> /tmp/RELEASE_NOTE.md
	/bin/bash -c 'PS4="$ "; ls -lh ./* \| grep -v '.txt' \| awk "{print \$5, \$9}" \| column -t' &>> /tmp/RELEASE_NOTE.md
	echo -e "" >> /tmp/RELEASE_NOTE.md
	echo '```' >> /tmp/RELEASE_NOTE.md
	echo -e "" >> /tmp/RELEASE_NOTE.md
	continue-on-error: true

	- name: Releaser
	uses: softprops/action-gh-release@v0.1.15
	with:
	name: "DropBear ${{ env.DROPBEAR_VERSION }}"
	tag_name: "dropbear-${{ env.DROPBEAR_VERSION }}"
	prerelease: false
	draft: false
	generate_release_notes: false
	token: "${{ secrets.GITHUB_TOKEN }}"
	body_path: "/tmp/RELEASE_NOTE.md"
	files: \|
	/tmp/releases/*
	#-------------------------------------------------------------#

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

⚙️ Build DropBear 📦 #54

Workflow file

⚙️ Build DropBear 📦 #54

Jobs

Run details

Workflow file for this run