From 616b816ffd249c0d90f04fe7e23a9d36360afaa1 Mon Sep 17 00:00:00 2001 From: CyberMind-FR Date: Fri, 26 Dec 2025 06:09:03 +0100 Subject: [PATCH] feat: add automatic firmware build on version tags MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Improvements to build-secubox-images.yml workflow: - Added automatic trigger on version tags (v*.*.*) - Auto-build all devices when triggered by tag push - SecuBox packages included by default on tag builds - Fixed release creation logic (use tag name, not run number) - Mark pre-releases automatically (alpha/beta/rc tags) - Better handling of workflow inputs with fallback defaults - Enhanced build summaries with tag information Now you can trigger firmware builds by pushing tags like: git tag v0.1.3-alpha && git push origin v0.1.3-alpha 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 --- .github/workflows/build-secubox-images.yml | 58 ++++++++++++++++------ 1 file changed, 44 insertions(+), 14 deletions(-) diff --git a/.github/workflows/build-secubox-images.yml b/.github/workflows/build-secubox-images.yml index d67140e9..c07e239b 100644 --- a/.github/workflows/build-secubox-images.yml +++ b/.github/workflows/build-secubox-images.yml @@ -1,6 +1,7 @@ name: Build SecuBox Images (GlobalScale) on: + # Manual trigger workflow_dispatch: inputs: device: @@ -29,8 +30,15 @@ on: type: boolean default: true + # Automatic trigger on version tags + push: + tags: + - 'v*.*.*' + - 'v*.*.*-*' + env: - OPENWRT_VERSION: ${{ github.event.inputs.openwrt_version }} + # Use input if manual trigger, otherwise default to 23.05.5 for tag triggers + OPENWRT_VERSION: ${{ github.event.inputs.openwrt_version || '23.05.5' }} permissions: contents: write @@ -47,8 +55,11 @@ jobs: - name: Set build matrix id: set-matrix run: | - DEVICE="${{ github.event.inputs.device }}" - + # If triggered by tag, build all devices; otherwise use input + DEVICE="${{ github.event.inputs.device || 'all' }}" + + echo "🎯 Building for device: $DEVICE" + # Define all devices in a file to avoid heredoc issues cat > /tmp/devices.json << 'DEVICES_EOF' [ @@ -183,7 +194,7 @@ jobs: done - name: Copy SecuBox packages - if: ${{ github.event.inputs.include_secubox == 'true' }} + if: ${{ github.event.inputs.include_secubox == 'true' || github.event_name == 'push' }} run: | echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "📦 COPYING SECUBOX PACKAGES" @@ -278,7 +289,7 @@ jobs: EOF - name: Add SecuBox packages to config - if: ${{ github.event.inputs.include_secubox == 'true' }} + if: ${{ github.event.inputs.include_secubox == 'true' || github.event_name == 'push' }} run: | cd openwrt @@ -653,6 +664,11 @@ jobs: fi # Create info file + SECUBOX_INCLUDED="${{ github.event.inputs.include_secubox }}" + if [[ "${{ github.event_name }}" == "push" ]]; then + SECUBOX_INCLUDED="true (auto)" + fi + cat > BUILD_INFO.txt << EOF SecuBox Firmware Build ======================= @@ -660,9 +676,16 @@ jobs: Profile: ${{ matrix.profile }} Target: ${{ matrix.target }}/${{ matrix.subtarget }} OpenWrt: ${{ env.OPENWRT_VERSION }} - SecuBox: ${{ github.event.inputs.include_secubox }} + SecuBox: ${SECUBOX_INCLUDED:-true} Built: $(date -u +%Y-%m-%dT%H:%M:%SZ) Commit: ${{ github.sha }} + EOF + + if [[ "${{ github.event_name }}" == "push" ]]; then + echo "Tag: ${{ github.ref_name }}" >> BUILD_INFO.txt + fi + + cat >> BUILD_INFO.txt << EOF Firmware Images: $IMG_COUNT SecuBox Packages: $PKG_COUNT @@ -734,7 +757,7 @@ jobs: echo "| Profile | \`${{ matrix.profile }}\` |" >> $GITHUB_STEP_SUMMARY echo "| Target | ${{ matrix.target }}/${{ matrix.subtarget }} |" >> $GITHUB_STEP_SUMMARY echo "| OpenWrt Version | ${{ env.OPENWRT_VERSION }} |" >> $GITHUB_STEP_SUMMARY - echo "| SecuBox Included | ${{ github.event.inputs.include_secubox }} |" >> $GITHUB_STEP_SUMMARY + echo "| SecuBox Included | ${{ github.event.inputs.include_secubox || 'true (auto)' }} |" >> $GITHUB_STEP_SUMMARY echo "| Build Time | $(date -u +%Y-%m-%d\ %H:%M:%S\ UTC) |" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY @@ -786,7 +809,7 @@ jobs: release: needs: [setup, build-image] runs-on: ubuntu-latest - if: github.event.inputs.device == 'all' + if: github.event.inputs.device == 'all' || github.event_name == 'push' steps: - name: Download all artifacts @@ -865,16 +888,17 @@ jobs: EOF - name: Create release - if: github.ref == 'refs/heads/main' + if: startsWith(github.ref, 'refs/tags/v') uses: softprops/action-gh-release@v2 with: - name: "SecuBox Firmware ${{ env.OPENWRT_VERSION }}" - tag_name: "firmware-${{ env.OPENWRT_VERSION }}-${{ github.run_number }}" + name: "SecuBox Firmware ${{ github.ref_name }}" + tag_name: ${{ github.ref_name }} body_path: release/RELEASE_NOTES.md files: | release/*.tar.gz release/SHA256SUMS - draft: true + draft: false + prerelease: ${{ contains(github.ref_name, 'alpha') || contains(github.ref_name, 'beta') || contains(github.ref_name, 'rc') }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -904,10 +928,16 @@ jobs: echo "| Property | Value |" >> $GITHUB_STEP_SUMMARY echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY echo "| OpenWrt Version | ${{ env.OPENWRT_VERSION }} |" >> $GITHUB_STEP_SUMMARY - echo "| SecuBox Included | ${{ github.event.inputs.include_secubox }} |" >> $GITHUB_STEP_SUMMARY - echo "| Target Device | ${{ github.event.inputs.device }} |" >> $GITHUB_STEP_SUMMARY + echo "| SecuBox Included | ${{ github.event.inputs.include_secubox || 'true (auto)' }} |" >> $GITHUB_STEP_SUMMARY + echo "| Target Device | ${{ github.event.inputs.device || 'all (auto)' }} |" >> $GITHUB_STEP_SUMMARY echo "| Workflow Run | #${{ github.run_number }} |" >> $GITHUB_STEP_SUMMARY echo "| Triggered by | ${{ github.event_name }} |" >> $GITHUB_STEP_SUMMARY + + # Add tag info if triggered by tag + if [[ "${{ github.event_name }}" == "push" ]] && [[ -n "${{ github.ref_name }}" ]]; then + echo "| Git Tag | \`${{ github.ref_name }}\` |" >> $GITHUB_STEP_SUMMARY + fi + echo "" >> $GITHUB_STEP_SUMMARY echo "## 📦 Generated Artifacts" >> $GITHUB_STEP_SUMMARY