Hyperion Kernel Build CI #19

Workflow file for this run

	name: Hyperion Kernel Build CI

	on:
	workflow_dispatch:

	concurrency:
	group: hyperion-kernel
	cancel-in-progress: false

	permissions:
	contents: write

	jobs:

	validate-config:
	runs-on: ubuntu-latest

	outputs:
	VERSION: ${{ steps.parse.outputs.VERSION }}
	FULL_VERSION: ${{ steps.parse.outputs.FULL_VERSION }}
	TAG: ${{ steps.parse.outputs.TAG }}
	HYPERION_VER: ${{ steps.parse.outputs.HYPERION_VER }}
	CONFIG_HASH: ${{ steps.parse.outputs.CONFIG_HASH }}
	PATCHES_HASH: ${{ steps.parse.outputs.PATCHES_HASH }}

	steps:
	- uses: actions/checkout@v4

	- name: Parse hyperion.config
	id: parse
	run: \|
	set -euo pipefail

	python3 << 'EOF'
	import os, hashlib, glob

	config={}
	with open("hyperion.config") as f:
	for line in f:
	line=line.strip()
	if not line or line.startswith("#"): continue
	k,v=line.split("=",1)
	config[k.strip()]=v.strip().strip('"')

	VERSION=int(config.get("CONFIG_VERSION",0))
	PATCH=int(config.get("CONFIG_PATCHLEVEL",0))
	SUB=int(config.get("CONFIG_SUBLEVEL",0))

	FULL_VERSION=f"{VERSION}.{PATCH}" if SUB==0 else f"{VERSION}.{PATCH}.{SUB}"

	LOCAL=config.get("CONFIG_LOCALVERSION","")

	HYPERION_VER=LOCAL.split("-Hyperion-",1)[-1] if "-Hyperion-" in LOCAL else LOCAL.lstrip("-")

	TAG=HYPERION_VER

	CONFIG_HASH=hashlib.sha256(open("hyperion.config","rb").read()).hexdigest()[:12]

	patches=sorted(glob.glob("patches/*.patch"))
	if patches:
	data=b''.join(open(p,"rb").read() for p in patches)
	PATCHES_HASH=hashlib.sha256(data).hexdigest()[:12]
	else:
	PATCHES_HASH="none"

	out=os.environ["GITHUB_OUTPUT"]

	for k,v in {
	"VERSION":VERSION,
	"FULL_VERSION":FULL_VERSION,
	"TAG":TAG,
	"HYPERION_VER":HYPERION_VER,
	"CONFIG_HASH":CONFIG_HASH,
	"PATCHES_HASH":PATCHES_HASH
	}.items():
	open(out,"a").write(f"{k}={v}\n")
	EOF


	build-kernel:
	needs: validate-config
	runs-on: ubuntu-latest

	env:
	KERNEL_VERSION: ${{ needs.validate-config.outputs.VERSION }}
	FULL_VERSION: ${{ needs.validate-config.outputs.FULL_VERSION }}
	TAG_NAME: ${{ needs.validate-config.outputs.TAG }}
	HYPERION_VER: ${{ needs.validate-config.outputs.HYPERION_VER }}
	CONFIG_HASH: ${{ needs.validate-config.outputs.CONFIG_HASH }}
	PATCHES_HASH: ${{ needs.validate-config.outputs.PATCHES_HASH }}

	KBUILD_BUILD_USER: Soumalya
	KBUILD_BUILD_HOST: github-runner

	CCACHE_DIR: ${{ github.workspace }}/.ccache
	CCACHE_MAXSIZE: 5G
	CCACHE_COMPRESS: true
	CCACHE_BASEDIR: ${{ github.workspace }}
	CCACHE_NOHASHDIR: true

	steps:

	- uses: actions/checkout@v4

	# deterministic timestamp
	- name: Generate reproducible timestamp
	run: \|
	SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)
	echo "SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH" >> $GITHUB_ENV
	echo "KBUILD_BUILD_TIMESTAMP=$(date -u -d "@$SOURCE_DATE_EPOCH")" >> $GITHUB_ENV
	echo "KBUILD_BUILD_VERSION=${GITHUB_RUN_NUMBER}" >> $GITHUB_ENV

	- name: Install dependencies
	run: \|
	sudo apt-get update
	sudo apt-get install -y --no-install-recommends \
	build-essential bc bison flex \
	libssl-dev libelf-dev libncurses-dev \
	dwarves rsync cpio git wget curl \
	ccache zstd ca-certificates

	# ccache layer
	- name: Restore compiler cache
	uses: actions/cache@v4
	with:
	path: .ccache
	key: ccache-${{ runner.os }}-${{ env.FULL_VERSION }}-${{ env.CONFIG_HASH }}-${{ env.PATCHES_HASH }}
	restore-keys: \|
	ccache-${{ runner.os }}-${{ env.FULL_VERSION }}-${{ env.CONFIG_HASH }}-
	ccache-${{ runner.os }}-${{ env.FULL_VERSION }}-
	ccache-

	# kernel tarball cache
	- name: Restore kernel source
	id: kernel
	uses: actions/cache@v4
	with:
	path: linux-${{ env.FULL_VERSION }}.tar.xz
	key: kernel-src-${{ env.FULL_VERSION }}

	- name: Download kernel
	if: steps.kernel.outputs.cache-hit != 'true'
	run: \|
	wget https://cdn.kernel.org/pub/linux/kernel/v${KERNEL_VERSION}.x/linux-${FULL_VERSION}.tar.xz
	wget https://cdn.kernel.org/pub/linux/kernel/v${KERNEL_VERSION}.x/sha256sums.asc
	grep "linux-${FULL_VERSION}.tar.xz" sha256sums.asc \| sha256sum -c -

	# kernel object tree cache
	- name: Restore kernel build cache
	id: kernel-build
	uses: actions/cache@v4
	with:
	path: kernel
	key: kernel-build-${{ env.FULL_VERSION }}-${{ env.CONFIG_HASH }}-${{ env.PATCHES_HASH }}
	restore-keys: \|
	kernel-build-${{ env.FULL_VERSION }}-${{ env.CONFIG_HASH }}-
	kernel-build-${{ env.FULL_VERSION }}-

	- name: Extract kernel
	if: steps.kernel-build.outputs.cache-hit != 'true'
	run: \|
	tar -xf linux-${FULL_VERSION}.tar.xz
	mv linux-${FULL_VERSION} kernel

	- name: Apply config
	working-directory: kernel
	run: \|
	cp ../hyperion.config .config
	make olddefconfig

	- name: Prepare kernel
	working-directory: kernel
	run: \|
	make prepare
	make modules_prepare

	- name: Apply patches
	working-directory: kernel
	run: \|
	shopt -s nullglob
	for patch in ../patches/*.patch; do
	patch -p1 < "$patch"
	done

	- name: Build kernel
	working-directory: kernel
	run: \|
	make -j$(nproc) \
	CC="ccache gcc" \
	LOCALVERSION="-Hyperion-${HYPERION_VER}" \
	bzImage modules

	- name: Package artifacts
	run: \|
	mkdir artifacts

	cp kernel/arch/x86/boot/bzImage artifacts/
	cp kernel/System.map artifacts/ \|\| true
	cp kernel/vmlinux artifacts/ \|\| true
	cp hyperion.config artifacts/

	tar --zstd -cf Hyperion-Kernel-${FULL_VERSION}.tar.zst artifacts

	- name: Generate checksum
	run: \|
	sha256sum Hyperion-Kernel-${FULL_VERSION}.tar.zst > Hyperion-Kernel-${FULL_VERSION}.sha256

	- name: Create release
	uses: softprops/action-gh-release@v2
	with:
	tag_name: ${{ env.TAG_NAME }}
	files: \|
	Hyperion-Kernel-${{ env.FULL_VERSION }}.tar.zst
	Hyperion-Kernel-${{ env.FULL_VERSION }}.sha256

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Hyperion Kernel Build CI #19

Workflow file

Hyperion Kernel Build CI #19

Uh oh!

Workflow file for this run