gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add automatic firmware build on version tags

Browse Source 
Improvements to build-secubox-images.yml workflow:
- Added automatic trigger on version tags (v*.*.*)
- Auto-build all devices when triggered by tag push
- SecuBox packages included by default on tag builds
- Fixed release creation logic (use tag name, not run number)
- Mark pre-releases automatically (alpha/beta/rc tags)
- Better handling of workflow inputs with fallback defaults
- Enhanced build summaries with tag information

Now you can trigger firmware builds by pushing tags like:
  git tag v0.1.3-alpha && git push origin v0.1.3-alpha

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
CyberMind-FR 2025-12-26 06:09:03 +01:00
parent 058df6c6e9
commit 616b816ffd
1 changed files with 44 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
.github/workflows/build-secubox-images.yml vendored
View File

@ -1,6 +1,7 @@
name: Build SecuBox Images (GlobalScale) name: Build SecuBox Images (GlobalScale)
on: on:
# Manual trigger
workflow_dispatch: workflow_dispatch:
inputs: inputs:
device: device:
@ -29,8 +30,15 @@ on:
type: boolean type: boolean
default: true default: true
# Automatic trigger on version tags
push:
tags:
- 'v*.*.*'
- 'v*.*.*-*'
env: env:
OPENWRT_VERSION: ${{ github.event.inputs.openwrt_version }} # Use input if manual trigger, otherwise default to 23.05.5 for tag triggers
OPENWRT_VERSION: ${{ github.event.inputs.openwrt_version || '23.05.5' }}
permissions: permissions:
contents: write contents: write
@ -47,7 +55,10 @@ jobs:
- name: Set build matrix - name: Set build matrix
id: set-matrix id: set-matrix
run: | run: |
DEVICE="${{ github.event.inputs.device }}" # If triggered by tag, build all devices; otherwise use input
DEVICE="${{ github.event.inputs.device || 'all' }}"
echo "🎯 Building for device: $DEVICE"
# Define all devices in a file to avoid heredoc issues # Define all devices in a file to avoid heredoc issues
cat > /tmp/devices.json << 'DEVICES_EOF' cat > /tmp/devices.json << 'DEVICES_EOF'
@ -183,7 +194,7 @@ jobs:
done done
- name: Copy SecuBox packages - name: Copy SecuBox packages
if: ${{ github.event.inputs.include_secubox == 'true' }} if: ${{ github.event.inputs.include_secubox == 'true' || github.event_name == 'push' }}
run: | run: |
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo "📦 COPYING SECUBOX PACKAGES" echo "📦 COPYING SECUBOX PACKAGES"
@ -278,7 +289,7 @@ jobs:
EOF EOF
- name: Add SecuBox packages to config - name: Add SecuBox packages to config
if: ${{ github.event.inputs.include_secubox == 'true' }} if: ${{ github.event.inputs.include_secubox == 'true' || github.event_name == 'push' }}
run: | run: |
cd openwrt cd openwrt
@ -653,6 +664,11 @@ jobs:
fi fi
# Create info file # Create info file
SECUBOX_INCLUDED="${{ github.event.inputs.include_secubox }}"
if [[ "${{ github.event_name }}" == "push" ]]; then
SECUBOX_INCLUDED="true (auto)"
fi
cat > BUILD_INFO.txt << EOF cat > BUILD_INFO.txt << EOF
SecuBox Firmware Build SecuBox Firmware Build
======================= =======================
@ -660,9 +676,16 @@ jobs:
Profile: ${{ matrix.profile }} Profile: ${{ matrix.profile }}
Target: ${{ matrix.target }}/${{ matrix.subtarget }} Target: ${{ matrix.target }}/${{ matrix.subtarget }}
OpenWrt: ${{ env.OPENWRT_VERSION }} OpenWrt: ${{ env.OPENWRT_VERSION }}
SecuBox: ${{ github.event.inputs.include_secubox }} SecuBox: ${SECUBOX_INCLUDED:-true}
Built: $(date -u +%Y-%m-%dT%H:%M:%SZ) Built: $(date -u +%Y-%m-%dT%H:%M:%SZ)
Commit: ${{ github.sha }} Commit: ${{ github.sha }}
EOF
if [[ "${{ github.event_name }}" == "push" ]]; then
echo "Tag: ${{ github.ref_name }}" >> BUILD_INFO.txt
fi
cat >> BUILD_INFO.txt << EOF
Firmware Images: $IMG_COUNT Firmware Images: $IMG_COUNT
SecuBox Packages: $PKG_COUNT SecuBox Packages: $PKG_COUNT
@ -734,7 +757,7 @@ jobs:
echo "| Profile | \`${{ matrix.profile }}\` |" >> $GITHUB_STEP_SUMMARY echo "| Profile | \`${{ matrix.profile }}\` |" >> $GITHUB_STEP_SUMMARY
echo "| Target | ${{ matrix.target }}/${{ matrix.subtarget }} |" >> $GITHUB_STEP_SUMMARY echo "| Target | ${{ matrix.target }}/${{ matrix.subtarget }} |" >> $GITHUB_STEP_SUMMARY
echo "| OpenWrt Version | ${{ env.OPENWRT_VERSION }} |" >> $GITHUB_STEP_SUMMARY echo "| OpenWrt Version | ${{ env.OPENWRT_VERSION }} |" >> $GITHUB_STEP_SUMMARY
echo "| SecuBox Included | ${{ github.event.inputs.include_secubox }} |" >> $GITHUB_STEP_SUMMARY echo "| SecuBox Included | ${{ github.event.inputs.include_secubox || 'true (auto)' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Build Time | $(date -u +%Y-%m-%d\ %H:%M:%S\ UTC) |" >> $GITHUB_STEP_SUMMARY echo "| Build Time | $(date -u +%Y-%m-%d\ %H:%M:%S\ UTC) |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY
@ -786,7 +809,7 @@ jobs:
release: release:
needs: [setup, build-image] needs: [setup, build-image]
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: github.event.inputs.device == 'all' if: github.event.inputs.device == 'all' || github.event_name == 'push'
steps: steps:
- name: Download all artifacts - name: Download all artifacts
@ -865,16 +888,17 @@ jobs:
EOF EOF
- name: Create release - name: Create release
if: github.ref == 'refs/heads/main' if: startsWith(github.ref, 'refs/tags/v')
uses: softprops/action-gh-release@v2 uses: softprops/action-gh-release@v2
with: with:
name: "SecuBox Firmware ${{ env.OPENWRT_VERSION }}" name: "SecuBox Firmware ${{ github.ref_name }}"
tag_name: "firmware-${{ env.OPENWRT_VERSION }}-${{ github.run_number }}" tag_name: ${{ github.ref_name }}
body_path: release/RELEASE_NOTES.md body_path: release/RELEASE_NOTES.md
files: | files: |
release/*.tar.gz release/*.tar.gz
release/SHA256SUMS release/SHA256SUMS
draft: true draft: false
prerelease: ${{ contains(github.ref_name, 'alpha') || contains(github.ref_name, 'beta') || contains(github.ref_name, 'rc') }}
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@ -904,10 +928,16 @@ jobs:
echo "| Property | Value |" >> $GITHUB_STEP_SUMMARY echo "| Property | Value |" >> $GITHUB_STEP_SUMMARY
echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY
echo "| OpenWrt Version | ${{ env.OPENWRT_VERSION }} |" >> $GITHUB_STEP_SUMMARY echo "| OpenWrt Version | ${{ env.OPENWRT_VERSION }} |" >> $GITHUB_STEP_SUMMARY
echo "| SecuBox Included | ${{ github.event.inputs.include_secubox }} |" >> $GITHUB_STEP_SUMMARY echo "| SecuBox Included | ${{ github.event.inputs.include_secubox || 'true (auto)' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Target Device | ${{ github.event.inputs.device }} |" >> $GITHUB_STEP_SUMMARY echo "| Target Device | ${{ github.event.inputs.device || 'all (auto)' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Workflow Run | #${{ github.run_number }} |" >> $GITHUB_STEP_SUMMARY echo "| Workflow Run | #${{ github.run_number }} |" >> $GITHUB_STEP_SUMMARY
echo "| Triggered by | ${{ github.event_name }} |" >> $GITHUB_STEP_SUMMARY echo "| Triggered by | ${{ github.event_name }} |" >> $GITHUB_STEP_SUMMARY
# Add tag info if triggered by tag
if [[ "${{ github.event_name }}" == "push" ]] && [[ -n "${{ github.ref_name }}" ]]; then
echo "| Git Tag | \`${{ github.ref_name }}\` |" >> $GITHUB_STEP_SUMMARY
fi
echo "" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY
echo "## 📦 Generated Artifacts" >> $GITHUB_STEP_SUMMARY echo "## 📦 Generated Artifacts" >> $GITHUB_STEP_SUMMARY