-
Notifications
You must be signed in to change notification settings - Fork 4
131 lines (113 loc) · 4.67 KB
/
Linux.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Linux (gcc with EDK2)
on:
workflow_dispatch:
branches: [main]
push:
branches: [main]
tags:
- '**'
pull_request:
branches: [main]
env:
BUILD_TYPE: RELEASE
COMPILER: GCC5
GCC5_ARM_PREFIX: arm-linux-gnueabi-
GCC5_AARCH64_PREFIX: aarch64-linux-gnu-
GCC5_RISCV64_PREFIX: riscv64-linux-gnu-
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
TARGET_TYPE: [ia32, x64, aa64, arm, riscv64]
include:
- TARGET_TYPE: x64
TARGET_ARCH: X64
TARGET_PKGS: nasm gcc-multilib
- TARGET_TYPE: ia32
TARGET_ARCH: IA32
TARGET_PKGS: nasm gcc-multilib
- TARGET_TYPE: aa64
TARGET_ARCH: AARCH64
TARGET_PKGS: gcc-aarch64-linux-gnu
- TARGET_TYPE: arm
TARGET_ARCH: ARM
TARGET_PKGS: gcc-arm-linux-gnueabi
- TARGET_TYPE: riscv64
TARGET_ARCH: RISCV64
TARGET_PKGS: gcc-riscv64-linux-gnu
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set version
id: set_version
run: echo "version=$(git describe --tags)" >> $GITHUB_OUTPUT
- name: Create version.h file
run: |
git update-index --skip-worktree src/version.h
echo '#define VERSION_STRING L"${{steps.set_version.outputs.version}}"' > src/version.h
- name: Set up Linux environment
run: |
sudo apt-get update
sudo apt-get -y --no-install-recommends install python3-distutils uuid-dev ${{ matrix.TARGET_PKGS }}
- name: Set up EDK2
run: |
git clone --recursive https://github.com/tianocore/edk2.git
# We must patch EDK2's OpenSSL module to be able to import/export certificates and keys
patch --binary -d edk2 -p1 -i ../Add-extra-PKCS-encoding-and-decoding-to-OpensslLibFull.patch
# And we must patch OpenSSL itself to fix ARM and RISCV64 compilation
patch -d edk2/CryptoPkg/Library/OpensslLib/openssl -p1 -i ../../../../../OpenSSL-submodule-fixes-for-ARM-compilation.patch
patch -d edk2/CryptoPkg/Library/OpensslLib/openssl -p1 -i ../../../../../OpenSSL-submodule-fixes-for-RISCV64-compilation.patch
make -C edk2/BaseTools
- name: Build UEFI application
run: |
export WORKSPACE=$PWD
export PACKAGES_PATH=$WORKSPACE:$WORKSPACE/edk2
source edk2/edksetup.sh
build -a ${{ matrix.TARGET_ARCH }} -b ${{ env.BUILD_TYPE }} -t ${{ env.COMPILER }} -p MosbyPkg.dsc
mv Build/${{ env.BUILD_TYPE }}_${{ env.COMPILER }}/${{ matrix.TARGET_ARCH }}/Mosby.efi Mosby_${{ matrix.TARGET_TYPE }}.efi
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.TARGET_TYPE }}
path: ./*.efi
- name: Display SHA-256
run: sha256sum ./*.efi
create-release:
runs-on: ubuntu-latest
permissions:
contents: write
if: startsWith(github.ref, 'refs/tags/')
needs: build
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set version
id: set_version
run: echo "version=$(git describe --tags)" >> $GITHUB_OUTPUT
- name: Download artifacts
uses: actions/download-artifact@v4
- name: Download resources
run: |
curl --create-dirs -L https://go.microsoft.com/fwlink/?LinkId=321185 -o certs/kek_ms1.cer
curl --create-dirs -L https://go.microsoft.com/fwlink/?linkid=2239775 -o certs/kek_ms2.cer
curl --create-dirs -L https://go.microsoft.com/fwlink/?linkid=321192 -o certs/db_ms1.cer
curl --create-dirs -L https://go.microsoft.com/fwlink/?linkid=321194 -o certs/db_ms2.cer
curl --create-dirs -L https://go.microsoft.com/fwlink/?linkid=2239776 -o certs/db_ms3.cer
curl --create-dirs -L https://go.microsoft.com/fwlink/?linkid=2239872 -o certs/db_ms4.cer
curl --create-dirs -L https://uefi.org/sites/default/files/resources/x86_DBXUpdate.bin -o dbx/dbx_ia32.bin
curl --create-dirs -L https://uefi.org/sites/default/files/resources/x64_DBXUpdate.bin -o dbx/dbx_x64.bin
curl --create-dirs -L https://uefi.org/sites/default/files/resources/arm_DBXUpdate.bin -o dbx/dbx_arm.bin
curl --create-dirs -L https://uefi.org/sites/default/files/resources/arm64_DBXUpdate.bin -o dbx/dbx_aa64.bin
- name: Create release archive
run: 7z a -tzip -r Mosby_${{ steps.set_version.outputs.version }}.zip README.md ./image/MosbyList.txt certs/ dbx/ ./*/*.efi
- name: Create release
uses: softprops/action-gh-release@v2
with:
token: ${{secrets.GITHUB_TOKEN}}
name: Mosby ${{ steps.set_version.outputs.version }}
files: ./*.zip