WSABuilds/.github/workflows/magisk.yml

388 lines
17 KiB
YAML
Raw Normal View History

2021-10-26 11:16:38 +02:00
name: Magisk
on:
2021-10-26 13:43:23 +02:00
push:
pull_request:
2021-10-26 11:16:38 +02:00
workflow_dispatch:
inputs:
magisk_apk:
description: 'Download link to magisk apk.'
required: true
2021-11-02 12:53:50 +01:00
default: 'https://raw.githubusercontent.com/topjohnwu/magisk-files/canary/app-debug.apk'
2021-10-26 17:16:21 +02:00
gapps_variant:
description: 'Variants of gapps. Should be: [none, aroma, super, stock, full, mini, micro, nano, pico, tvstock, tvmini]'
required: true
default: 'none'
root_sol:
description: 'Root soluction. Should be: [magisk, none]'
required: true
default: 'magisk'
2021-10-26 11:16:38 +02:00
jobs:
build:
runs-on: ubuntu-20.04
strategy:
matrix:
arch: [x64, arm64]
2021-10-26 11:16:38 +02:00
steps:
- name: Dependencies
run: |
pip3 install beautifulsoup4 lxml
2021-10-26 17:16:21 +02:00
sudo apt-get update && sudo apt-get install setools lzip
2021-10-30 14:00:49 +02:00
- name: Download WSA
2021-10-26 11:16:38 +02:00
shell: python
run: |
import requests
from bs4 import BeautifulSoup
import re
import zipfile
import os
import urllib.request
res = requests.post("https://store.rg-adguard.net/api/GetFiles", "type=CategoryId&url=858014f3-3934-4abe-8078-4aa193e74ca8&ring=WIS&lang=en-US", headers={
"content-type": "application/x-www-form-urlencoded"
})
html = BeautifulSoup(res.content, "lxml")
a = html.find("a", string=re.compile("MicrosoftCorporationII\.WindowsSubsystemForAndroid_.*\.msixbundle"))
link = a["href"]
print(f"downloading link: {link}", flush=True)
out_file = "wsa.zip"
arch = "${{ matrix.arch }}"
2021-10-26 11:16:38 +02:00
if not os.path.isfile(out_file):
urllib.request.urlretrieve(link, out_file)
zip_name = ""
with zipfile.ZipFile(out_file) as zip:
for f in zip.filelist:
2021-10-26 12:41:08 +02:00
if arch in f.filename.lower():
2021-10-26 11:16:38 +02:00
zip_name = f.filename
if not os.path.isfile(zip_name):
print(f"unzipping to {zip_name}", flush=True)
zip.extract(f)
ver_no = zip_name.split("_")
ver = ver_no[1]
with open(os.environ['GITHUB_ENV'], 'a') as f:
f.write(f'WSA_VER={ver}\n')
rel = ver_no[3].split(".")
rell = str(rel[0])
with open(os.environ['GITHUB_ENV'], 'a') as f:
f.write(f'WSA_REL={rell}\n')
2021-10-26 13:33:26 +02:00
break
2021-10-26 11:16:38 +02:00
with zipfile.ZipFile(zip_name) as zip:
if not os.path.isdir(arch):
print(f"unzipping from {zip_name}", flush=True)
zip.extractall(arch)
print("done", flush=True)
- name: Download Magisk
shell: python
run: |
import urllib.request
import zipfile
import os
magisk_apk = """${{ github.event.inputs.magisk_apk }}"""
2021-10-26 13:43:23 +02:00
if not magisk_apk:
2021-11-02 12:55:41 +01:00
magisk_apk = """https://raw.githubusercontent.com/topjohnwu/magisk-files/canary/app-debug.apk"""
2021-10-26 13:43:23 +02:00
2021-10-26 11:16:38 +02:00
out_file = "magisk.zip"
arch = "${{ matrix.arch }}"
2021-10-26 11:16:38 +02:00
abi_map={"x64" : ["x86_64", "x86"], "arm64" : ["arm64-v8a", "armeabi-v7a"]}
if not os.path.isfile(out_file):
urllib.request.urlretrieve(magisk_apk, out_file)
def extract_as(zip, name, as_name, dir):
info = zip.getinfo(name)
info.filename = as_name
zip.extract(info, dir)
with zipfile.ZipFile(out_file) as zip:
extract_as(zip, f"lib/{ abi_map[arch][0] }/libmagisk64.so", "magisk64", "magisk")
extract_as(zip, f"lib/{ abi_map[arch][1] }/libmagisk32.so", "magisk32", "magisk")
extract_as(zip, f"lib/{ abi_map[arch][0] }/libmagiskinit.so", "magiskinit", "magisk")
2021-10-26 12:20:30 +02:00
extract_as(zip, f"lib/{ abi_map['x64'][0] }/libmagiskinit.so", "magiskpolicy", "magisk")
2021-10-26 14:27:40 +02:00
- name: Download OpenGApps
if: ${{ github.event.inputs.gapps_variant != 'none' && github.event.inputs.gapps_variant != '' }}
shell: python
run: |
import requests
import zipfile
import os
import urllib.request
import json
arch = "${{ matrix.arch }}"
variant = "${{ github.event.inputs.gapps_variant }}"
abi_map = {"x64" : "x86_64", "arm64": "arm64"}
res = requests.get(f"https://api.opengapps.org/list")
j = json.loads(res.content)
link = {i["name"]: i for i in j["archs"][abi_map[arch]]["apis"]["11.0"]["variants"]}[variant]["zip"]
print(f"downloading link: {link}", flush=True)
out_file = "gapps.zip"
if not os.path.isfile(out_file):
urllib.request.urlretrieve(link, out_file)
print("done", flush=True)
2021-10-27 15:59:25 +02:00
- name: Extract GApps and expand images
if: ${{ github.event.inputs.gapps_variant != 'none' && github.event.inputs.gapps_variant != '' }}
2021-10-26 11:16:38 +02:00
run: |
2021-10-27 15:59:25 +02:00
mkdir gapps
2021-10-31 09:37:54 +01:00
unzip -p gapps.zip {Core,GApps}/'*.lz' | tar --lzip -C gapps -xvf - -i --strip-components=2 --exclude='setupwizardtablet-x86_64' --exclude='packageinstallergoogle-all' --exclude='speech-common' --exclude='markup-lib-arm' --exclude='markup-lib-arm64' --exclude='markup-all'
2021-10-27 15:59:25 +02:00
2021-10-26 17:16:21 +02:00
e2fsck -yf ${{ matrix.arch }}/system.img
2021-10-27 15:59:25 +02:00
resize2fs ${{ matrix.arch }}/system.img $(( $(du -sB512 gapps | cut -f1) + $(du -sB512 ${{ matrix.arch }}/system.img | cut -f1) ))s
2021-10-26 17:16:21 +02:00
e2fsck -yf ${{ matrix.arch }}/product.img
resize2fs ${{ matrix.arch }}/product.img 1024M
e2fsck -yf ${{ matrix.arch }}/system_ext.img
resize2fs ${{ matrix.arch }}/system_ext.img 108M
2021-10-27 15:59:25 +02:00
- name: Expand vendor
run: |
e2fsck -yf ${{ matrix.arch }}/vendor.img
resize2fs ${{ matrix.arch }}/vendor.img 320M
2021-10-26 11:16:38 +02:00
- name: Mount images
run: |
sudo mkdir system
sudo mount -o loop ${{ matrix.arch }}/system.img system
sudo mount -o loop ${{ matrix.arch }}/vendor.img system/vendor
sudo mount -o loop ${{ matrix.arch }}/product.img system/product
sudo mount -o loop ${{ matrix.arch }}/system_ext.img system/system_ext
- name: Integrate Magisk
2021-11-11 01:48:49 +01:00
if: ${{ github.event.inputs.root_sol == 'magisk' || github.event.inputs.root_sol == '' }}
2021-10-26 11:16:38 +02:00
run: |
sudo mkdir system/sbin
sudo chcon --reference system/init.environ.rc system/sbin
sudo chown root:root system/sbin
sudo chmod 0700 system/sbin
sudo cp magisk/* system/sbin/
sudo find system/sbin -type f -exec chmod 0755 {} \;
sudo find system/sbin -type f -exec chown root:root {} \;
sudo find system/sbin -type f -exec chcon --reference system/product {} \;
chmod +x magisk/magiskpolicy
echo '/dev/wsa-magisk(/.*)? u:object_r:magisk_file:s0' | sudo tee -a system/vendor/etc/selinux/vendor_file_contexts
sudo ./magisk/magiskpolicy --load system/vendor/etc/selinux/precompiled_sepolicy --save system/vendor/etc/selinux/precompiled_sepolicy --magisk "allow * magisk_file lnk_file *"
sudo tee -a system/system/etc/init/hw/init.rc <<EOF
on post-fs-data
start logd
start adbd
mkdir /dev/wsa-magisk
mount tmpfs tmpfs /dev/wsa-magisk mode=0755
copy /sbin/magisk64 /dev/wsa-magisk/magisk64
chmod 0755 /dev/wsa-magisk/magisk64
symlink ./magisk64 /dev/wsa-magisk/magisk
symlink ./magisk64 /dev/wsa-magisk/su
symlink ./magisk64 /dev/wsa-magisk/resetprop
copy /sbin/magisk32 /dev/wsa-magisk/magisk32
chmod 0755 /dev/wsa-magisk/magisk32
copy /sbin/magiskinit /dev/wsa-magisk/magiskinit
chmod 0755 /dev/wsa-magisk/magiskinit
symlink ./magiskinit /dev/wsa-magisk/magiskpolicy
mkdir /dev/wsa-magisk/.magisk 700
mkdir /dev/wsa-magisk/.magisk/mirror 700
mkdir /dev/wsa-magisk/.magisk/block 700
rm /dev/.magisk_unblock
start FAhW7H9G5sf
2021-10-26 13:37:11 +02:00
wait /dev/.magisk_unblock 40
2021-10-26 11:16:38 +02:00
rm /dev/.magisk_unblock
service FAhW7H9G5sf /dev/wsa-magisk/magisk --post-fs-data
user root
seclabel u:r:magisk:s0
oneshot
service HLiFsR1HtIXVN6 /dev/wsa-magisk/magisk --service
class late_start
user root
seclabel u:r:magisk:s0
oneshot
on property:sys.boot_completed=1
start YqCTLTppv3ML
service YqCTLTppv3ML /dev/wsa-magisk/magisk --boot-complete
user root
seclabel u:r:magisk:s0
oneshot
EOF
2021-10-28 13:36:36 +02:00
- name: Fix External Storage
run: |
2021-10-28 15:36:19 +02:00
wget -qO- "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/archive/$GITHUB_REF.tar.gz" | sudo tar --wildcards -zxvf- --strip-component=2 '*/x64/system/*'
2021-10-28 13:36:36 +02:00
sudo find system/system/priv-app -type d -exec chmod 0755 {} \;
sudo find system/system/priv-app -type f -exec chmod 0644 {} \;
sudo find system/system/priv-app -type d -exec chcon --reference=system/system/priv-app {} \;
2021-10-26 15:41:38 +02:00
- name: Integrate GApps
if: ${{ github.event.inputs.gapps_variant != 'none' && github.event.inputs.gapps_variant != '' }}
run: |
2021-10-28 15:36:19 +02:00
wget -qO- "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/archive/$GITHUB_REF.tar.gz" | sudo tar --wildcards -zxvf- --strip-component=2 '*/x64/gapps/*'
2021-10-31 14:57:56 +01:00
shopt -s extglob
sudo cp -vr gapps/!(product) system/system
sudo cp -vr gapps/product/* system/product/
2021-10-26 17:16:21 +02:00
sudo find system/system/{app,etc,framework,priv-app} -exec chown root:root {} \;
sudo find system/product/{app,etc,overlay,priv-app} -exec chown root:root {} \;
sudo find system/system/{app,etc,framework,priv-app} -type d -exec chmod 0755 {} \;
sudo find system/product/{app,etc,overlay,priv-app} -type d -exec chmod 0755 {} \;
sudo find system/system/{app,framework,priv-app} -type f -exec chmod 0644 {} \;
2021-10-31 14:57:56 +01:00
ls gapps/etc/ | xargs -n 1 -I dir sudo find system/system/etc/dir -type f -exec chmod 0644 {} \;
2021-10-26 17:16:21 +02:00
sudo find system/product/{app,etc,overlay,priv-app} -type f -exec chmod 0644 {} \;
sudo find system/system/{app,framework,priv-app} -type d -exec chcon --reference=system/system/app {} \;
sudo find system/product/{app,etc,overlay,priv-app} -type d -exec chcon --reference=system/product/app {} \;
2021-10-31 14:57:56 +01:00
ls gapps/etc/ | xargs -n 1 -I dir sudo find system/system/etc/dir -type d -exec chcon --reference=system/system/etc/permissions {} \;
2021-10-26 17:16:21 +02:00
sudo find system/system/{app,framework,priv-app} -type f -exec chcon --reference=system/system/framework/ext.jar {} \;
2021-10-31 14:57:56 +01:00
ls gapps/etc/ | xargs -n 1 -I dir sudo find system/system/etc/dir -type f -exec chcon --reference=system/system/etc/permissions {} \;
2021-10-26 17:16:21 +02:00
sudo find system/product/{app,etc,overlay,priv-app} -type f -exec chcon --reference=system/product/etc/permissions/privapp-permissions-venezia.xml {} \;
2021-11-10 09:57:26 +01:00
chmod +x ./magisk/magiskpolicy
2021-11-10 09:46:44 +01:00
sudo ./magisk/magiskpolicy --load system/vendor/etc/selinux/precompiled_sepolicy --save system/vendor/etc/selinux/precompiled_sepolicy "allow gmscore_app gmscore_app vsock_socket { create connect write read }" "allow gmscore_app device_config_runtime_native_boot_prop file read" "allow gmscore_app system_server_tmpfs dir search" "allow gmscore_app system_server_tmpfs file open"
2021-10-27 13:28:04 +02:00
- name: Fix GApps prop
2021-10-27 15:59:25 +02:00
if: ${{ github.event.inputs.gapps_variant != 'none' && github.event.inputs.gapps_variant != '' }}
2021-10-27 13:28:04 +02:00
shell: sudo python {0}
run: |
from __future__ import annotations
from io import TextIOWrapper
from os import system
from typing import OrderedDict
2021-10-26 19:57:05 +02:00
2021-10-27 13:28:04 +02:00
class Prop(OrderedDict):
def __init__(self, file: TextIOWrapper) -> None:
super().__init__()
for i, line in enumerate(file.read().splitlines(False)):
if '=' in line:
k, v = line.split('=', 2)
self[k] = v
else:
self[f".{i}"] = line
2021-10-26 19:57:05 +02:00
2021-10-27 13:28:04 +02:00
def __str__(self) -> str:
return '\n'.join([v if k.startswith('.') else f"{k}={v}" for k, v in self.items()])
2021-10-26 19:57:05 +02:00
2021-10-27 13:28:04 +02:00
def __iadd__(self, other: str) -> Prop:
self[f".{len(self)}"] = other
return self
2021-10-26 19:57:05 +02:00
2021-10-27 13:28:04 +02:00
new_props = {
("product", "brand"): "google",
("product", "manufacturer"): "Google",
("build", "product"): "redfin",
("product", "name"): "redfin",
("product", "device"): "redfin",
("product", "model"): "Pixel 5",
("build", "flavor"): "redfin-user"
}
def description(sec: str, p: Prop) -> str:
return f"{p[f'ro.{sec}.build.flavor']} {p[f'ro.{sec}.build.version.release_or_codename']} {p[f'ro.{sec}.build.id']} {p[f'ro.{sec}.build.version.incremental']} {p[f'ro.{sec}.build.tags']}"
def fingerprint(sec: str, p: Prop) -> str:
return f"""{p[f"ro.product.{sec}.brand"]}/{p[f"ro.product.{sec}.name"]}/{p[f"ro.product.{sec}.device"]}:{p[f"ro.{sec}.build.version.release"]}/{p[f"ro.{sec}.build.id"]}/{p[f"ro.{sec}.build.version.incremental"]}:{p[f"ro.{sec}.build.type"]}/{p[f"ro.{sec}.build.tags"]}"""
def fix_prop(sec, prop):
print(f"fixing {prop}", flush=True)
with open(prop, 'r') as f:
p = Prop(f)
p += "# extra prop added by MagiskOnWSA"
for k, v in new_props.items():
p[f"ro.{k[0]}.{k[1]}"] = v
if k[0] == "build":
p[f"ro.{sec}.{k[0]}.{k[1]}"] = v
elif k[0] == "product":
p[f"ro.{k[0]}.{sec}.{k[1]}"] = v
p["ro.build.description"] = description(sec, p)
p[f"ro.build.fingerprint"] = fingerprint(sec, p)
p[f"ro.{sec}.build.description"] = description(sec, p)
p[f"ro.{sec}.build.fingerprint"] = fingerprint(sec, p)
p[f"ro.bootimage.build.fingerprint"] = fingerprint(sec, p)
with open(prop, 'w') as f:
f.write(str(p))
for sec, prop in {"system": "system/system/build.prop", "product": "system/product/build.prop", "system_ext": "system/system_ext/build.prop", "vendor": "system/vendor/build.prop", "odm": "system/vendor/odm/etc/build.prop"}.items():
fix_prop(sec, prop)
2021-10-26 11:16:38 +02:00
- name: Umount images
run: |
sudo umount system/vendor
sudo umount system/product
sudo umount system/system_ext
2021-10-26 11:16:38 +02:00
sudo umount system
2021-10-26 12:19:23 +02:00
- name: Shrink images
run: |
e2fsck -yf ${{ matrix.arch }}/system.img
2021-10-26 18:45:03 +02:00
resize2fs -M ${{ matrix.arch }}/system.img
e2fsck -yf ${{ matrix.arch }}/vendor.img
2021-10-26 18:45:03 +02:00
resize2fs -M ${{ matrix.arch }}/vendor.img
e2fsck -yf ${{ matrix.arch }}/product.img
2021-10-26 18:45:03 +02:00
resize2fs -M ${{ matrix.arch }}/product.img
e2fsck -yf ${{ matrix.arch }}/system_ext.img
2021-10-26 18:45:03 +02:00
resize2fs -M ${{ matrix.arch }}/system_ext.img
2021-10-31 09:37:54 +01:00
- name: Remove signature and add scripts
2021-10-26 11:16:38 +02:00
run: |
rm -rf ${{ matrix.arch }}/\[Content_Types\].xml ${{ matrix.arch }}/AppxBlockMap.xml ${{ matrix.arch }}/AppxSignature.p7x ${{ matrix.arch }}/AppxMetadata
2021-10-31 10:20:59 +01:00
tee ${{ matrix.arch }}/Install.ps1 <<EOF
2021-10-31 09:37:54 +01:00
function Test-Administrator
{
[OutputType([bool])]
param()
process {
[Security.Principal.WindowsPrincipal]\$user = [Security.Principal.WindowsIdentity]::GetCurrent();
return \$user.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator);
}
}
if(-not (Test-Administrator))
{
Start-Process -Verb RunAs powershell.exe -Args "-executionpolicy bypass -command Set-Location \`"\$PSScriptRoot\`"; \`"\$PSCommandPath\`""
exit
}
\$ErrorActionPreference = "Stop";
Add-AppxPackage -Register .\AppxManifest.xml
EOF
- name: Generate artifact name
run: |
variant="${{ github.event.inputs.gapps_variant }}"
2021-11-10 11:25:23 +01:00
root="${{ github.event.inputs.root_sol }}"
if [[ "$root" = "none" ]]; then
2021-11-10 11:31:48 +01:00
name1=""
2021-11-10 11:25:23 +01:00
elif [[ "$root" = "" ]]; then
name1="-with-magisk"
else
name1="-with-${root}"
fi
if [[ "$variant" = "none" || "$variant" = "" ]]; then
2021-11-10 11:25:23 +01:00
name2="-NoGApps"
else
2021-11-10 11:25:23 +01:00
name2="-GApps-${variant}"
fi
echo "artifact_name=WSA${name1}${name2}_${{ env.WSA_VER }}_${{ matrix.arch }}_${{ env.WSA_REL }}" >> $GITHUB_ENV
2021-10-26 11:16:38 +02:00
- name: Upload WSA
uses: actions/upload-artifact@v2
with:
name: ${{ env.artifact_name }}
path: './${{ matrix.arch }}/*'