From edbcf1c245976d12aae03dec21b67d572524e3db Mon Sep 17 00:00:00 2001 From: spiritlhl <103393591+spiritLHLS@users.noreply.github.com> Date: Sun, 20 Jul 2025 12:57:24 +0000 Subject: [PATCH] =?UTF-8?q?fix:=20=E5=9B=9E=E9=80=80=E4=B8=8D=E5=86=8D?= =?UTF-8?q?=E5=90=AF=E7=94=A8CGO=E7=BC=96=E8=AF=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/build_binary.yaml | 521 +---------------- ...{build_binary.old => build_binary_cgo.old} | 0 .github/workflows/build_binary_musl.old | 527 ++++++++++++++++++ .github/workflows/public_build.yml | 30 +- .goreleaser.yaml | 82 +++ README.md | 4 +- README_EN.md | 4 +- go.mod | 2 +- go.sum | 4 +- 9 files changed, 634 insertions(+), 540 deletions(-) rename .github/workflows/{build_binary.old => build_binary_cgo.old} (100%) create mode 100644 .github/workflows/build_binary_musl.old create mode 100644 .goreleaser.yaml diff --git a/.github/workflows/build_binary.yaml b/.github/workflows/build_binary.yaml index f36257a..d5875fa 100644 --- a/.github/workflows/build_binary.yaml +++ b/.github/workflows/build_binary.yaml @@ -1,287 +1,26 @@ -name: Build and Release +name: goreleaser + on: workflow_dispatch: tags: - "v*.*.*" jobs: - build: - name: Release Check And Build + goreleaser: runs-on: ubuntu-latest + container: + # 1.20 是 Windows 7/8 Server 2008/2012 最后一个支持版本 + image: goreleaser/goreleaser-cross:v1.20 steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Get latest tag - id: tag - run: | - TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.1.0") - echo "tag=$TAG" >> $GITHUB_OUTPUT - echo "version=${TAG#v}" >> $GITHUB_OUTPUT - - - name: Generate changelog - id: changelog - run: | - TAG="${{ steps.tag.outputs.tag }}" - PREV_TAG=$(git describe --tags --abbrev=0 "$TAG^" 2>/dev/null || echo "") - if [ -z "$PREV_TAG" ]; then - CHANGELOG=$(git log --oneline --pretty=format:"* %H %s" "$TAG" | head -20) - else - CHANGELOG=$(git log --oneline --pretty=format:"* %H %s" "$PREV_TAG..$TAG") - fi - FULL_CHANGELOG="## Changelog"$'\n'"$CHANGELOG" - echo "$FULL_CHANGELOG" > changelog.txt - echo "changelog<> $GITHUB_OUTPUT - echo "$FULL_CHANGELOG" >> $GITHUB_OUTPUT - echo "EOF" >> $GITHUB_OUTPUT - - - name: Create or update release - run: | - TAG="${{ steps.tag.outputs.tag }}" - CHANGELOG_BODY=$(cat changelog.txt | jq -Rs .) - RELEASE_EXISTS=$(curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/tags/$TAG" | jq -r '.id // empty') - if [ -z "$RELEASE_EXISTS" ]; then - curl -s -X POST -H "Authorization: Bearer ${{ secrets.GHT }}" \ - -H "Content-Type: application/json" \ - -d "{\"tag_name\":\"$TAG\",\"name\":\"$TAG\",\"body\":$CHANGELOG_BODY,\"draft\":false,\"prerelease\":false}" \ - "https://api.github.com/repos/${{ github.repository }}/releases" - else - curl -s -X PATCH -H "Authorization: Bearer ${{ secrets.GHT }}" \ - -H "Content-Type: application/json" \ - -d "{\"body\":$CHANGELOG_BODY}" \ - "https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_EXISTS" - fi - - - name: Delete existing release assets - run: | - TAG="${{ steps.tag.outputs.tag }}" - RELEASE_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/tags/$TAG" | jq -r '.id') - if [ "$RELEASE_ID" != "null" ]; then - ASSETS=$(curl -s -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets" | jq -r '.[] | .id') - for asset in $ASSETS; do - curl -s -X DELETE -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/assets/$asset" - done - sleep 30 - fi - - build-musl-toolchain: - name: Build musl Cross-Compiler Toolchain - runs-on: ubuntu-latest - strategy: - matrix: - target: - - x86_64-linux-musl - - i686-linux-musl - - aarch64-linux-musl - - riscv64-linux-musl - - mips64-linux-musl - - mips64el-linux-musl - - powerpc64le-linux-musl - - arm-linux-musleabihf - steps: - - name: Install build dependencies - run: | - sudo apt-get update -qq - sudo apt-get install -y build-essential curl - - - name: Cache musl toolchain - id: cache-musl - uses: actions/cache@v3 - with: - path: /opt/musl-${{ matrix.target }} - key: musl-toolchain-${{ matrix.target }}-v2 - - - name: Build musl cross-compiler - if: steps.cache-musl.outputs.cache-hit != 'true' - run: | - # Clone musl-cross-make - git clone https://github.com/richfelker/musl-cross-make.git - cd musl-cross-make - - # Create config for target - cat > config.mak << EOF - TARGET = ${{ matrix.target }} - OUTPUT = /opt/musl-${{ matrix.target }} - COMMON_CONFIG += --disable-nls - GCC_CONFIG += --enable-languages=c,c++ - GCC_CONFIG += --disable-libquadmath --disable-decimal-float - GCC_CONFIG += --disable-libitm --disable-fixed-point - EOF - - # Build the toolchain - make -j$(nproc) - sudo make install - - # Verify installation - ls -la /opt/musl-${{ matrix.target }}/bin/ - /opt/musl-${{ matrix.target }}/bin/${{ matrix.target }}-gcc --version - - - name: Create toolchain artifact - run: | - sudo tar -czf musl-${{ matrix.target }}-toolchain.tar.gz -C /opt musl-${{ matrix.target }} - - - name: Upload toolchain artifact - uses: actions/upload-artifact@v4 - with: - name: musl-${{ matrix.target }}-toolchain - path: musl-${{ matrix.target }}-toolchain.tar.gz - retention-days: 1 - - release-binary: - name: Release Go Binary - needs: [build, build-musl-toolchain] - strategy: - fail-fast: false - matrix: - include: - - goos: linux - goarch: amd64 - cgo_enabled: "1" - musl_target: x86_64-linux-musl - cflags: "-O2 -static -fno-stack-protector" - ldflags: "-extldflags=-static" - runner: ubuntu-latest - - - goos: linux - goarch: 386 - cgo_enabled: "1" - musl_target: i686-linux-musl - cflags: "-O1 -march=i686 -mtune=generic -fno-stack-protector" - ldflags: "-extldflags=-static" - runner: ubuntu-latest - - - goos: linux - goarch: arm64 - cgo_enabled: "1" - musl_target: aarch64-linux-musl - cflags: "-O1 -fno-stack-protector" - ldflags: "-extldflags=-static" - runner: ubuntu-latest - - - goos: linux - goarch: riscv64 - cgo_enabled: "1" - musl_target: riscv64-linux-musl - cflags: "-O1 -fno-stack-protector" - ldflags: "-extldflags=-static" - runner: ubuntu-latest - - - goos: linux - goarch: mips64 - cgo_enabled: "1" - musl_target: mips64-linux-musl - cflags: "-O1 -fno-stack-protector" - ldflags: "-extldflags=-static" - runner: ubuntu-latest - - - goos: linux - goarch: mips64le - cgo_enabled: "1" - musl_target: mips64el-linux-musl - cflags: "-O1 -fno-stack-protector" - ldflags: "-extldflags=-static" - runner: ubuntu-latest - - - goos: linux - goarch: ppc64le - cgo_enabled: "1" - musl_target: powerpc64le-linux-musl - cflags: "-O1 -fno-stack-protector" - ldflags: "-extldflags=-static" - runner: ubuntu-latest - - - goos: linux - goarch: arm - cgo_enabled: "1" - musl_target: arm-linux-musleabihf - cflags: "-O1 -fno-stack-protector" - ldflags: "-extldflags=-latomic -static" - runner: ubuntu-latest - - - goos: windows - goarch: amd64 - cgo_enabled: "1" - cc: x86_64-w64-mingw32-gcc - cflags: "-O2 -static-libgcc -static-libstdc++" - ldflags: "-extldflags=-static" - packages: "build-essential gcc-mingw-w64-x86-64" - runner: ubuntu-latest - - - goos: windows - goarch: 386 - cgo_enabled: "1" - cc: i686-w64-mingw32-gcc - cflags: "-O2 -static-libgcc -static-libstdc++" - ldflags: "-extldflags=-static" - packages: "build-essential gcc-mingw-w64-i686" - runner: ubuntu-latest - - - goos: windows - goarch: arm64 - cgo_enabled: "0" - ldflags: "-s -w" - packages: "build-essential" - runner: ubuntu-latest - - - goos: darwin - goarch: amd64 - cgo_enabled: "0" - ldflags: "-s -w" - runner: macos-latest - - - goos: darwin - goarch: arm64 - cgo_enabled: "0" - ldflags: "-s -w" - runner: macos-latest - - - goos: linux - goarch: s390x - cgo_enabled: "0" - ldflags: "-s -w" - runner: ubuntu-latest - - - goos: linux - goarch: mips - cgo_enabled: "0" - ldflags: "-s -w" - runner: ubuntu-latest - - - goos: linux - goarch: mipsle - cgo_enabled: "0" - ldflags: "-s -w" - runner: ubuntu-latest - - - goos: linux - goarch: ppc64 - cgo_enabled: "0" - ldflags: "-s -w" - runner: ubuntu-latest - - - goos: freebsd - goarch: amd64 - cgo_enabled: "0" - ldflags: "-s -w" - runner: ubuntu-latest - - - goos: freebsd - goarch: arm64 - cgo_enabled: "0" - ldflags: "-s -w" - runner: ubuntu-latest - - runs-on: ${{ matrix.runner }} - steps: - - name: Checkout code - uses: actions/checkout@v4 + - run: | + git config --global --add safe.directory /__w/ecs/ecs + - name: Checkout + uses: actions/checkout@v3 with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v4 with: go-version: 1.24.5 @@ -292,236 +31,12 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GHT }} - - name: Download musl toolchain - if: matrix.musl_target != '' - uses: actions/download-artifact@v4 + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v2 with: - name: musl-${{ matrix.musl_target }}-toolchain - - - name: Setup musl toolchain - if: matrix.musl_target != '' - run: | - sudo tar -xzf musl-${{ matrix.musl_target }}-toolchain.tar.gz -C /opt/ - echo "/opt/musl-${{ matrix.musl_target }}/bin" >> $GITHUB_PATH - - # Verify toolchain is working - /opt/musl-${{ matrix.musl_target }}/bin/${{ matrix.musl_target }}-gcc --version - - # Test compiler - echo 'int main() { return 0; }' > test.c - /opt/musl-${{ matrix.musl_target }}/bin/${{ matrix.musl_target }}-gcc ${{ matrix.cflags }} test.c -o test - rm -f test.c test - - - name: Install cross-compilation tools (non-musl) - if: matrix.runner != 'macos-latest' && matrix.musl_target == '' - run: | - sudo systemctl restart systemd-resolved || true - sudo apt-get update -qq || (sleep 10 && sudo apt-get update -qq) - - case "${{ matrix.goos }}-${{ matrix.goarch }}" in - windows-amd64|windows-386) - for i in 1 2 3; do - sudo apt-get install -y build-essential gcc-mingw-w64-x86-64 gcc-mingw-w64-i686 && break || sleep 10 - done ;; - *) - sudo systemctl restart systemd-resolved || true - for i in 1 2 3; do - sudo apt-get install -y build-essential && break || sleep 10 - done ;; - esac - - - name: Get latest tag - id: tag - run: | - TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.1.0") - echo "tag=$TAG" >> $GITHUB_OUTPUT - echo "version=${TAG#v}" >> $GITHUB_OUTPUT - - - name: Build Binary + distribution: goreleaser + version: latest + args: release env: - CGO_ENABLED: ${{ matrix.cgo_enabled }} - GOOS: ${{ matrix.goos }} - GOARCH: ${{ matrix.goarch }} - CGO_CFLAGS: ${{ matrix.cflags }} - CGO_LDFLAGS: ${{ matrix.ldflags }} - run: | - go clean -cache -modcache -testcache - - # Set CC based on target - if [[ "${{ matrix.musl_target }}" != "" ]]; then - export CC="/opt/musl-${{ matrix.musl_target }}/bin/${{ matrix.musl_target }}-gcc" - export CXX="/opt/musl-${{ matrix.musl_target }}/bin/${{ matrix.musl_target }}-g++" - elif [[ "${{ matrix.cc }}" != "" ]]; then - export CC="${{ matrix.cc }}" - fi - - # 设置额外的环境变量 - if [[ -n "${{ matrix.goarm }}" ]]; then - export GOARM=${{ matrix.goarm }} - fi - if [[ -n "${{ matrix.gomips }}" ]]; then - export GOMIPS=${{ matrix.gomips }} - fi - - # 针对 Darwin 的特殊处理 - if [[ "${{ matrix.cgo_enabled }}" == "1" && "${{ matrix.goos }}" == "darwin" ]]; then - if [[ "${{ matrix.goarch }}" == "amd64" ]]; then - export CC="x86_64-apple-darwin21.4-clang" - export CXX="x86_64-apple-darwin21.4-clang++" - elif [[ "${{ matrix.goarch }}" == "arm64" ]]; then - export CC="aarch64-apple-darwin21.4-clang" - export CXX="aarch64-apple-darwin21.4-clang++" - fi - export OSXCROSS_ROOT="${OSXCROSS_ROOT}" - fi - - # 清理和准备 - rm -rf vendor/ - go mod download - go mod tidy - mkdir -p bin - - # 设置二进制文件名 - BINARY_NAME="goecs" - if [[ "${{ matrix.goos }}" == "windows" ]]; then - BINARY_NAME="${BINARY_NAME}.exe" - fi - - # 构建 LDFLAGS - LDFLAGS="-s -w -X main.version=${{ steps.tag.outputs.version }} -X main.arch=${{ matrix.goarch }}" - if [[ "${{ matrix.cgo_enabled }}" == "1" ]]; then - LDFLAGS="${LDFLAGS} -checklinkname=0 ${{ matrix.ldflags }}" - else - LDFLAGS="${LDFLAGS} -checklinkname=0 ${{ matrix.ldflags }}" - fi - - # 执行构建 - echo "Building for GOOS=$GOOS GOARCH=$GOARCH CGO_ENABLED=$CGO_ENABLED" - if [[ -n "$CC" ]]; then - echo "Using CC=$CC" - fi - - go build -a -o bin/$BINARY_NAME -ldflags="$LDFLAGS" -trimpath ./ - - # 验证文件是否存在 - [[ -f "bin/$BINARY_NAME" ]] || exit 1 - - # 显示构建信息 - echo "Built binary: bin/$BINARY_NAME" - ls -la bin/ - if command -v file >/dev/null 2>&1; then - file bin/$BINARY_NAME - fi - - - name: Create ZIP archive - run: | - cd bin - BINARY_NAME="goecs" - if [[ "${{ matrix.goos }}" == "windows" ]]; then - BINARY_NAME="${BINARY_NAME}.exe" - fi - ZIP_NAME="goecs_${{ matrix.goos }}_${{ matrix.goarch }}" - if [[ -n "${{ matrix.goarm }}" ]]; then - ZIP_NAME="${ZIP_NAME}v${{ matrix.goarm }}" - fi - if [[ -n "${{ matrix.gomips }}" ]]; then - ZIP_NAME="${ZIP_NAME}_${{ matrix.gomips }}" - fi - ZIP_NAME="${ZIP_NAME}.zip" - zip "$ZIP_NAME" "$BINARY_NAME" - - - name: Upload to Release - run: | - TAG="${{ steps.tag.outputs.tag }}" - RELEASE_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/tags/$TAG" | jq -r '.id') - cd bin - for file in *.zip; do - if [[ -f "$file" ]]; then - curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" \ - -H "Content-Type: application/zip" \ - --data-binary @"$file" \ - "https://uploads.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets?name=$file" - fi - done - - checksums: - name: Generate Checksums - runs-on: ubuntu-latest - needs: release-binary - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Get latest tag - id: tag - run: | - TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.1.0") - echo "tag=$TAG" >> $GITHUB_OUTPUT - - - name: Download release assets - run: | - TAG="${{ steps.tag.outputs.tag }}" - RELEASE_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/tags/$TAG" | jq -r '.id') - mkdir -p assets - ASSETS=$(curl -s -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets") - echo "$ASSETS" | jq -r '.[] | select(.name | endswith(".zip")) | .browser_download_url' | while read url; do - filename=$(basename "$url") - curl -L -H "Authorization: Bearer ${{ secrets.GHT }}" "$url" -o "assets/$filename" - done - - - name: Generate checksums - run: | - cd assets - sha256sum *.zip > checksums.txt - if [[ -f "../goecs.sh" ]]; then - sha256sum ../goecs.sh >> checksums.txt - fi - - - name: Upload checksums - run: | - TAG="${{ steps.tag.outputs.tag }}" - RELEASE_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/tags/$TAG" | jq -r '.id') - curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" \ - -H "Content-Type: text/plain" \ - --data-binary @assets/checksums.txt \ - "https://uploads.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets?name=checksums.txt" - - update-script: - name: Update Script Version - runs-on: ubuntu-latest - needs: checksums - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Get latest tag - id: tag - run: | - TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.1.0") - echo "tag=$TAG" >> $GITHUB_OUTPUT - echo "version=${TAG#v}" >> $GITHUB_OUTPUT - - - name: Update goecs.sh version - run: | - VERSION="${{ steps.tag.outputs.version }}" - BRANCH="master" - git config --global user.name "github-actions[bot]" - git config --global user.email "github-actions[bot]@users.noreply.github.com" - git config --global --unset url."git@github.com:".insteadOf || true - git fetch origin $BRANCH - git checkout $BRANCH - if [ -f "goecs.sh" ]; then - sed -i "s/\(_yellow \"Unable to get version info, using default version \).*\(\".*\)/\1$VERSION\2/" "goecs.sh" - sed -i "s/\(ECS_VERSION=\"\).*\(\"\)/\1$VERSION\2/" "goecs.sh" - if ! git diff --quiet "goecs.sh"; then - git add "goecs.sh" - git commit -m "chore: update ECS_VERSION to $VERSION in goecs.sh" - git push origin $BRANCH - fi - fi - env: - GITHUB_TOKEN: ${{ secrets.GHT }} \ No newline at end of file + GITHUB_TOKEN: ${{ secrets.GHT }} + GOPRIVATE: github.com/oneclickvirt/security \ No newline at end of file diff --git a/.github/workflows/build_binary.old b/.github/workflows/build_binary_cgo.old similarity index 100% rename from .github/workflows/build_binary.old rename to .github/workflows/build_binary_cgo.old diff --git a/.github/workflows/build_binary_musl.old b/.github/workflows/build_binary_musl.old new file mode 100644 index 0000000..f36257a --- /dev/null +++ b/.github/workflows/build_binary_musl.old @@ -0,0 +1,527 @@ +name: Build and Release +on: + workflow_dispatch: + tags: + - "v*.*.*" + +jobs: + build: + name: Release Check And Build + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Get latest tag + id: tag + run: | + TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.1.0") + echo "tag=$TAG" >> $GITHUB_OUTPUT + echo "version=${TAG#v}" >> $GITHUB_OUTPUT + + - name: Generate changelog + id: changelog + run: | + TAG="${{ steps.tag.outputs.tag }}" + PREV_TAG=$(git describe --tags --abbrev=0 "$TAG^" 2>/dev/null || echo "") + if [ -z "$PREV_TAG" ]; then + CHANGELOG=$(git log --oneline --pretty=format:"* %H %s" "$TAG" | head -20) + else + CHANGELOG=$(git log --oneline --pretty=format:"* %H %s" "$PREV_TAG..$TAG") + fi + FULL_CHANGELOG="## Changelog"$'\n'"$CHANGELOG" + echo "$FULL_CHANGELOG" > changelog.txt + echo "changelog<> $GITHUB_OUTPUT + echo "$FULL_CHANGELOG" >> $GITHUB_OUTPUT + echo "EOF" >> $GITHUB_OUTPUT + + - name: Create or update release + run: | + TAG="${{ steps.tag.outputs.tag }}" + CHANGELOG_BODY=$(cat changelog.txt | jq -Rs .) + RELEASE_EXISTS=$(curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/tags/$TAG" | jq -r '.id // empty') + if [ -z "$RELEASE_EXISTS" ]; then + curl -s -X POST -H "Authorization: Bearer ${{ secrets.GHT }}" \ + -H "Content-Type: application/json" \ + -d "{\"tag_name\":\"$TAG\",\"name\":\"$TAG\",\"body\":$CHANGELOG_BODY,\"draft\":false,\"prerelease\":false}" \ + "https://api.github.com/repos/${{ github.repository }}/releases" + else + curl -s -X PATCH -H "Authorization: Bearer ${{ secrets.GHT }}" \ + -H "Content-Type: application/json" \ + -d "{\"body\":$CHANGELOG_BODY}" \ + "https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_EXISTS" + fi + + - name: Delete existing release assets + run: | + TAG="${{ steps.tag.outputs.tag }}" + RELEASE_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/tags/$TAG" | jq -r '.id') + if [ "$RELEASE_ID" != "null" ]; then + ASSETS=$(curl -s -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets" | jq -r '.[] | .id') + for asset in $ASSETS; do + curl -s -X DELETE -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/assets/$asset" + done + sleep 30 + fi + + build-musl-toolchain: + name: Build musl Cross-Compiler Toolchain + runs-on: ubuntu-latest + strategy: + matrix: + target: + - x86_64-linux-musl + - i686-linux-musl + - aarch64-linux-musl + - riscv64-linux-musl + - mips64-linux-musl + - mips64el-linux-musl + - powerpc64le-linux-musl + - arm-linux-musleabihf + steps: + - name: Install build dependencies + run: | + sudo apt-get update -qq + sudo apt-get install -y build-essential curl + + - name: Cache musl toolchain + id: cache-musl + uses: actions/cache@v3 + with: + path: /opt/musl-${{ matrix.target }} + key: musl-toolchain-${{ matrix.target }}-v2 + + - name: Build musl cross-compiler + if: steps.cache-musl.outputs.cache-hit != 'true' + run: | + # Clone musl-cross-make + git clone https://github.com/richfelker/musl-cross-make.git + cd musl-cross-make + + # Create config for target + cat > config.mak << EOF + TARGET = ${{ matrix.target }} + OUTPUT = /opt/musl-${{ matrix.target }} + COMMON_CONFIG += --disable-nls + GCC_CONFIG += --enable-languages=c,c++ + GCC_CONFIG += --disable-libquadmath --disable-decimal-float + GCC_CONFIG += --disable-libitm --disable-fixed-point + EOF + + # Build the toolchain + make -j$(nproc) + sudo make install + + # Verify installation + ls -la /opt/musl-${{ matrix.target }}/bin/ + /opt/musl-${{ matrix.target }}/bin/${{ matrix.target }}-gcc --version + + - name: Create toolchain artifact + run: | + sudo tar -czf musl-${{ matrix.target }}-toolchain.tar.gz -C /opt musl-${{ matrix.target }} + + - name: Upload toolchain artifact + uses: actions/upload-artifact@v4 + with: + name: musl-${{ matrix.target }}-toolchain + path: musl-${{ matrix.target }}-toolchain.tar.gz + retention-days: 1 + + release-binary: + name: Release Go Binary + needs: [build, build-musl-toolchain] + strategy: + fail-fast: false + matrix: + include: + - goos: linux + goarch: amd64 + cgo_enabled: "1" + musl_target: x86_64-linux-musl + cflags: "-O2 -static -fno-stack-protector" + ldflags: "-extldflags=-static" + runner: ubuntu-latest + + - goos: linux + goarch: 386 + cgo_enabled: "1" + musl_target: i686-linux-musl + cflags: "-O1 -march=i686 -mtune=generic -fno-stack-protector" + ldflags: "-extldflags=-static" + runner: ubuntu-latest + + - goos: linux + goarch: arm64 + cgo_enabled: "1" + musl_target: aarch64-linux-musl + cflags: "-O1 -fno-stack-protector" + ldflags: "-extldflags=-static" + runner: ubuntu-latest + + - goos: linux + goarch: riscv64 + cgo_enabled: "1" + musl_target: riscv64-linux-musl + cflags: "-O1 -fno-stack-protector" + ldflags: "-extldflags=-static" + runner: ubuntu-latest + + - goos: linux + goarch: mips64 + cgo_enabled: "1" + musl_target: mips64-linux-musl + cflags: "-O1 -fno-stack-protector" + ldflags: "-extldflags=-static" + runner: ubuntu-latest + + - goos: linux + goarch: mips64le + cgo_enabled: "1" + musl_target: mips64el-linux-musl + cflags: "-O1 -fno-stack-protector" + ldflags: "-extldflags=-static" + runner: ubuntu-latest + + - goos: linux + goarch: ppc64le + cgo_enabled: "1" + musl_target: powerpc64le-linux-musl + cflags: "-O1 -fno-stack-protector" + ldflags: "-extldflags=-static" + runner: ubuntu-latest + + - goos: linux + goarch: arm + cgo_enabled: "1" + musl_target: arm-linux-musleabihf + cflags: "-O1 -fno-stack-protector" + ldflags: "-extldflags=-latomic -static" + runner: ubuntu-latest + + - goos: windows + goarch: amd64 + cgo_enabled: "1" + cc: x86_64-w64-mingw32-gcc + cflags: "-O2 -static-libgcc -static-libstdc++" + ldflags: "-extldflags=-static" + packages: "build-essential gcc-mingw-w64-x86-64" + runner: ubuntu-latest + + - goos: windows + goarch: 386 + cgo_enabled: "1" + cc: i686-w64-mingw32-gcc + cflags: "-O2 -static-libgcc -static-libstdc++" + ldflags: "-extldflags=-static" + packages: "build-essential gcc-mingw-w64-i686" + runner: ubuntu-latest + + - goos: windows + goarch: arm64 + cgo_enabled: "0" + ldflags: "-s -w" + packages: "build-essential" + runner: ubuntu-latest + + - goos: darwin + goarch: amd64 + cgo_enabled: "0" + ldflags: "-s -w" + runner: macos-latest + + - goos: darwin + goarch: arm64 + cgo_enabled: "0" + ldflags: "-s -w" + runner: macos-latest + + - goos: linux + goarch: s390x + cgo_enabled: "0" + ldflags: "-s -w" + runner: ubuntu-latest + + - goos: linux + goarch: mips + cgo_enabled: "0" + ldflags: "-s -w" + runner: ubuntu-latest + + - goos: linux + goarch: mipsle + cgo_enabled: "0" + ldflags: "-s -w" + runner: ubuntu-latest + + - goos: linux + goarch: ppc64 + cgo_enabled: "0" + ldflags: "-s -w" + runner: ubuntu-latest + + - goos: freebsd + goarch: amd64 + cgo_enabled: "0" + ldflags: "-s -w" + runner: ubuntu-latest + + - goos: freebsd + goarch: arm64 + cgo_enabled: "0" + ldflags: "-s -w" + runner: ubuntu-latest + + runs-on: ${{ matrix.runner }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: 1.24.5 + + - name: Configure Git for Private Modules + run: | + git config --global url."https://${{ secrets.GHT }}@github.com/".insteadOf "https://github.com/" + git config --global url."git@github.com:".insteadOf "https://github.com/" + env: + GITHUB_TOKEN: ${{ secrets.GHT }} + + - name: Download musl toolchain + if: matrix.musl_target != '' + uses: actions/download-artifact@v4 + with: + name: musl-${{ matrix.musl_target }}-toolchain + + - name: Setup musl toolchain + if: matrix.musl_target != '' + run: | + sudo tar -xzf musl-${{ matrix.musl_target }}-toolchain.tar.gz -C /opt/ + echo "/opt/musl-${{ matrix.musl_target }}/bin" >> $GITHUB_PATH + + # Verify toolchain is working + /opt/musl-${{ matrix.musl_target }}/bin/${{ matrix.musl_target }}-gcc --version + + # Test compiler + echo 'int main() { return 0; }' > test.c + /opt/musl-${{ matrix.musl_target }}/bin/${{ matrix.musl_target }}-gcc ${{ matrix.cflags }} test.c -o test + rm -f test.c test + + - name: Install cross-compilation tools (non-musl) + if: matrix.runner != 'macos-latest' && matrix.musl_target == '' + run: | + sudo systemctl restart systemd-resolved || true + sudo apt-get update -qq || (sleep 10 && sudo apt-get update -qq) + + case "${{ matrix.goos }}-${{ matrix.goarch }}" in + windows-amd64|windows-386) + for i in 1 2 3; do + sudo apt-get install -y build-essential gcc-mingw-w64-x86-64 gcc-mingw-w64-i686 && break || sleep 10 + done ;; + *) + sudo systemctl restart systemd-resolved || true + for i in 1 2 3; do + sudo apt-get install -y build-essential && break || sleep 10 + done ;; + esac + + - name: Get latest tag + id: tag + run: | + TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.1.0") + echo "tag=$TAG" >> $GITHUB_OUTPUT + echo "version=${TAG#v}" >> $GITHUB_OUTPUT + + - name: Build Binary + env: + CGO_ENABLED: ${{ matrix.cgo_enabled }} + GOOS: ${{ matrix.goos }} + GOARCH: ${{ matrix.goarch }} + CGO_CFLAGS: ${{ matrix.cflags }} + CGO_LDFLAGS: ${{ matrix.ldflags }} + run: | + go clean -cache -modcache -testcache + + # Set CC based on target + if [[ "${{ matrix.musl_target }}" != "" ]]; then + export CC="/opt/musl-${{ matrix.musl_target }}/bin/${{ matrix.musl_target }}-gcc" + export CXX="/opt/musl-${{ matrix.musl_target }}/bin/${{ matrix.musl_target }}-g++" + elif [[ "${{ matrix.cc }}" != "" ]]; then + export CC="${{ matrix.cc }}" + fi + + # 设置额外的环境变量 + if [[ -n "${{ matrix.goarm }}" ]]; then + export GOARM=${{ matrix.goarm }} + fi + if [[ -n "${{ matrix.gomips }}" ]]; then + export GOMIPS=${{ matrix.gomips }} + fi + + # 针对 Darwin 的特殊处理 + if [[ "${{ matrix.cgo_enabled }}" == "1" && "${{ matrix.goos }}" == "darwin" ]]; then + if [[ "${{ matrix.goarch }}" == "amd64" ]]; then + export CC="x86_64-apple-darwin21.4-clang" + export CXX="x86_64-apple-darwin21.4-clang++" + elif [[ "${{ matrix.goarch }}" == "arm64" ]]; then + export CC="aarch64-apple-darwin21.4-clang" + export CXX="aarch64-apple-darwin21.4-clang++" + fi + export OSXCROSS_ROOT="${OSXCROSS_ROOT}" + fi + + # 清理和准备 + rm -rf vendor/ + go mod download + go mod tidy + mkdir -p bin + + # 设置二进制文件名 + BINARY_NAME="goecs" + if [[ "${{ matrix.goos }}" == "windows" ]]; then + BINARY_NAME="${BINARY_NAME}.exe" + fi + + # 构建 LDFLAGS + LDFLAGS="-s -w -X main.version=${{ steps.tag.outputs.version }} -X main.arch=${{ matrix.goarch }}" + if [[ "${{ matrix.cgo_enabled }}" == "1" ]]; then + LDFLAGS="${LDFLAGS} -checklinkname=0 ${{ matrix.ldflags }}" + else + LDFLAGS="${LDFLAGS} -checklinkname=0 ${{ matrix.ldflags }}" + fi + + # 执行构建 + echo "Building for GOOS=$GOOS GOARCH=$GOARCH CGO_ENABLED=$CGO_ENABLED" + if [[ -n "$CC" ]]; then + echo "Using CC=$CC" + fi + + go build -a -o bin/$BINARY_NAME -ldflags="$LDFLAGS" -trimpath ./ + + # 验证文件是否存在 + [[ -f "bin/$BINARY_NAME" ]] || exit 1 + + # 显示构建信息 + echo "Built binary: bin/$BINARY_NAME" + ls -la bin/ + if command -v file >/dev/null 2>&1; then + file bin/$BINARY_NAME + fi + + - name: Create ZIP archive + run: | + cd bin + BINARY_NAME="goecs" + if [[ "${{ matrix.goos }}" == "windows" ]]; then + BINARY_NAME="${BINARY_NAME}.exe" + fi + ZIP_NAME="goecs_${{ matrix.goos }}_${{ matrix.goarch }}" + if [[ -n "${{ matrix.goarm }}" ]]; then + ZIP_NAME="${ZIP_NAME}v${{ matrix.goarm }}" + fi + if [[ -n "${{ matrix.gomips }}" ]]; then + ZIP_NAME="${ZIP_NAME}_${{ matrix.gomips }}" + fi + ZIP_NAME="${ZIP_NAME}.zip" + zip "$ZIP_NAME" "$BINARY_NAME" + + - name: Upload to Release + run: | + TAG="${{ steps.tag.outputs.tag }}" + RELEASE_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/tags/$TAG" | jq -r '.id') + cd bin + for file in *.zip; do + if [[ -f "$file" ]]; then + curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" \ + -H "Content-Type: application/zip" \ + --data-binary @"$file" \ + "https://uploads.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets?name=$file" + fi + done + + checksums: + name: Generate Checksums + runs-on: ubuntu-latest + needs: release-binary + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Get latest tag + id: tag + run: | + TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.1.0") + echo "tag=$TAG" >> $GITHUB_OUTPUT + + - name: Download release assets + run: | + TAG="${{ steps.tag.outputs.tag }}" + RELEASE_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/tags/$TAG" | jq -r '.id') + mkdir -p assets + ASSETS=$(curl -s -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets") + echo "$ASSETS" | jq -r '.[] | select(.name | endswith(".zip")) | .browser_download_url' | while read url; do + filename=$(basename "$url") + curl -L -H "Authorization: Bearer ${{ secrets.GHT }}" "$url" -o "assets/$filename" + done + + - name: Generate checksums + run: | + cd assets + sha256sum *.zip > checksums.txt + if [[ -f "../goecs.sh" ]]; then + sha256sum ../goecs.sh >> checksums.txt + fi + + - name: Upload checksums + run: | + TAG="${{ steps.tag.outputs.tag }}" + RELEASE_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" "https://api.github.com/repos/${{ github.repository }}/releases/tags/$TAG" | jq -r '.id') + curl -s -H "Authorization: Bearer ${{ secrets.GHT }}" \ + -H "Content-Type: text/plain" \ + --data-binary @assets/checksums.txt \ + "https://uploads.github.com/repos/${{ github.repository }}/releases/$RELEASE_ID/assets?name=checksums.txt" + + update-script: + name: Update Script Version + runs-on: ubuntu-latest + needs: checksums + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Get latest tag + id: tag + run: | + TAG=$(git describe --tags --abbrev=0 2>/dev/null || echo "v0.1.0") + echo "tag=$TAG" >> $GITHUB_OUTPUT + echo "version=${TAG#v}" >> $GITHUB_OUTPUT + + - name: Update goecs.sh version + run: | + VERSION="${{ steps.tag.outputs.version }}" + BRANCH="master" + git config --global user.name "github-actions[bot]" + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global --unset url."git@github.com:".insteadOf || true + git fetch origin $BRANCH + git checkout $BRANCH + if [ -f "goecs.sh" ]; then + sed -i "s/\(_yellow \"Unable to get version info, using default version \).*\(\".*\)/\1$VERSION\2/" "goecs.sh" + sed -i "s/\(ECS_VERSION=\"\).*\(\"\)/\1$VERSION\2/" "goecs.sh" + if ! git diff --quiet "goecs.sh"; then + git add "goecs.sh" + git commit -m "chore: update ECS_VERSION to $VERSION in goecs.sh" + git push origin $BRANCH + fi + fi + env: + GITHUB_TOKEN: ${{ secrets.GHT }} \ No newline at end of file diff --git a/.github/workflows/public_build.yml b/.github/workflows/public_build.yml index 837f64d..01f668a 100644 --- a/.github/workflows/public_build.yml +++ b/.github/workflows/public_build.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v5 with: - go-version: '1.23.4' + go-version: '1.24.5' - name: Create public branch run: | @@ -30,47 +30,21 @@ jobs: - name: Remove security package references run: | - # 移除 network 包中对 security 的引用 find . -type f -name "*.go" -exec sed -i 's|"github.com/oneclickvirt/security/network"|"github.com/oneclickvirt/basics/network"|g' {} + - # # 修改 .back/network/network.go - # cat > .back/network/network.go << 'EOF' - # package network1 - - # import "github.com/oneclickvirt/basics/network" - - # func NetworkCheck(checkType string, enableSecurityCheck bool, language string) (string, string, error) { - # ipInfo, _, err := network.NetworkCheck(checkType, false, language) - # return ipInfo, "", err - # } - # EOF - - # 修改 utils/utils.go 中的 BasicsAndSecurityCheck 函数 sed -i '/SecurityUploadToken/d' utils/utils.go sed -i 's|"github.com/oneclickvirt/security/network"|"github.com/oneclickvirt/basics/network"|g' utils/utils.go - - # 在 utils/utils.go 中添加 token 常量(在 import 语句之后) sed -i '/^import/,/^)/{/^)/a\'$'\n''const token = "OvwKx5qgJtf7PZgCKbtyojSU.MTcwMTUxNzY1MTgwMw"'$'\n''}' utils/utils.go - - # 修改 go.mod,移除私有仓库依赖 sed -i '/github.com\/oneclickvirt\/security/d' go.mod - - # 修改 goecs.go,禁用 security 检测 sed -i 's|var securityFlag = flag.Bool("security", true,|var securityFlag = flag.Bool("security", false,|g' goecs.go - - # 更新依赖 go mod tidy - - # 修改 README.md 和 README_EN.md 中的敏感信息 sed -i 's|但二进制文件编译至 \[securityCheck\].*)|但已开源|g' README.md sed -i 's|but binary files compiled in \[securityCheck\].*)|but open sourced|g' README_EN.md - - # 修改命令行帮助信息 sed -i 's|security.*Enable/Disable security test (default true)|security Enable/Disable security test (default false)|g' README.md sed -i 's|security.*Enable/Disable security test (default true)|security Enable/Disable security test (default false)|g' README_EN.md - name: Build and Test run: | - env CGO_ENABLED=1 go build -o maintest + go build -o maintest ./maintest -menu=false -l en -security=false -upload=false || exit 1 rm -rf maintest diff --git a/.goreleaser.yaml b/.goreleaser.yaml new file mode 100644 index 0000000..b1829f1 --- /dev/null +++ b/.goreleaser.yaml @@ -0,0 +1,82 @@ +before: + hooks: + - go mod tidy -v +builds: + - id: universal + env: + - CGO_ENABLED=0 + ldflags: + - -s -w -X main.version={{.Version}} -X main.arch={{.Arch}} -checklinkname=0 + goos: + - linux + - windows + - freebsd + goarch: + - arm + - arm64 + - 386 + - amd64 + - mips + - mipsle + - mips64 + - mips64le + - ppc64 + - ppc64le + - s390x + - riscv64 + gomips: + - softfloat + ignore: + - goos: windows + goarch: arm + main: ./ + binary: goecs + - id: darwin-amd64 + env: + - CGO_ENABLED=1 + - CC=o64-clang + - CXX=o64-clang++ + ldflags: + - -s -w -X main.version={{.Version}} -X main.arch={{.Arch}} -checklinkname=0 + goos: + - darwin + goarch: + - amd64 + main: ./ + binary: goecs + - id: darwin-arm64 + env: + - CGO_ENABLED=1 + - CC=oa64-clang + - CXX=oa64-clang++ + ldflags: + - -s -w -X main.version={{.Version}} -X main.arch={{.Arch}} -checklinkname=0 + goos: + - darwin + goarch: + - arm64 + main: ./ + binary: goecs +universal_binaries: + - name_template: "goecs" + replace: false +checksum: + name_template: "checksums.txt" +snapshot: + name_template: "goecs" +archives: + - name_template: "goecs_{{ .Os }}_{{ .Arch }}" + format: zip + files: + - none* +changelog: + sort: asc + filters: + exclude: + - "^docs:" + - "^test:" + - "^chore" + - Merge pull request + - Merge branch + - go mod tidy + - New translations \ No newline at end of file diff --git a/README.md b/README.md index 0f887da..d82c40f 100644 --- a/README.md +++ b/README.md @@ -308,11 +308,9 @@ export PATH=$PATH:/usr/local/go/bin 3. 编译 ```bash -env CGO_ENABLED=1 go build -o goecs +go build -o goecs ``` -CGO在某些系统和架构中可能需要设置为0,请都进行尝试直到编译成功无报错。 - 4. 运行测试 ```bash ./goecs -menu=false -l zh diff --git a/README_EN.md b/README_EN.md index adc9dc0..be39925 100644 --- a/README_EN.md +++ b/README_EN.md @@ -302,11 +302,9 @@ export PATH=$PATH:/usr/local/go/bin 3. Compile ```bash -env CGO_ENABLED=1 go build -o goecs +go build -o goecs ``` -CGO may need to be set to 0 in some systems and architectures, please try them all until they compile successfully without errors. - 4. Run test ```bash ./goecs -menu=false -l en diff --git a/go.mod b/go.mod index 32d178f..54ed35e 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/oneclickvirt/defaultset v0.0.2-20240624082446 github.com/oneclickvirt/disktest v0.0.8-20250701092629 github.com/oneclickvirt/gostun v0.0.3-20250329105202 - github.com/oneclickvirt/memorytest v0.0.9-20250718142433 + github.com/oneclickvirt/memorytest v0.0.9-20250720125154 github.com/oneclickvirt/nt3 v0.0.5-20250416131047 github.com/oneclickvirt/pingtest v0.0.8-20250701125637 github.com/oneclickvirt/portchecker v0.0.3-20250329125750 diff --git a/go.sum b/go.sum index 5158d6a..f710fb0 100644 --- a/go.sum +++ b/go.sum @@ -119,8 +119,8 @@ github.com/oneclickvirt/gostun v0.0.3-20250329105202 h1:aJ6E91Lp94lq8iWRcCaxpXTj github.com/oneclickvirt/gostun v0.0.3-20250329105202/go.mod h1:f7DPEXAxbmwXSW33dbxtb0/KzqvOBWhTs2Or5xBerQA= github.com/oneclickvirt/mbw v0.0.1-20250630140849 h1:p6RMhOPBnQKAm9+VEQ2axAFsidrdSdrhXMyheIyv2a8= github.com/oneclickvirt/mbw v0.0.1-20250630140849/go.mod h1:0Vq6NRpyLmGUdfHfL3uDcFsuZhi7KlG+OCs5ky2757Y= -github.com/oneclickvirt/memorytest v0.0.9-20250718142433 h1:CSacphPNDDIKHofQLxtgGYyvRZjyP8GRBLgPzD6KhUI= -github.com/oneclickvirt/memorytest v0.0.9-20250718142433/go.mod h1:7xMacjQobvFAtODht2hxTsB9hM2IFS7vZk3gxx+bsjo= +github.com/oneclickvirt/memorytest v0.0.9-20250720125154 h1:TI6Fa1R5/BU6HPsVGPJ2by9bj+KRejUnP+tXpVuoq7g= +github.com/oneclickvirt/memorytest v0.0.9-20250720125154/go.mod h1:7xMacjQobvFAtODht2hxTsB9hM2IFS7vZk3gxx+bsjo= github.com/oneclickvirt/nt3 v0.0.5-20250416131047 h1:KL0xowq19cW+FMBGMJxdqpRNoeyR+eEmb+jYSubmlTk= github.com/oneclickvirt/nt3 v0.0.5-20250416131047/go.mod h1:CVsDJEaIdyyZHn3WKbhU8Wn6GOfmBNvJlC/dDLRqcSQ= github.com/oneclickvirt/pingtest v0.0.8-20250701125637 h1:J28Ai5miTq1J0I4gdT8rewJSd3LwzD90L/bNiiaKfHM=