name: Patch Mikrotik RouterOS on: # push: # branches: [ "main" ] schedule: - cron: "0 0 * * *" workflow_dispatch: permissions: contents: write jobs: Patch_RouterOS_7: runs-on: ubuntu-22.04 strategy: matrix: arch: [x86_64,arm64] channel: [stable, testing] env: TZ: 'Asia/Shanghai' LATEST_VERSION: "" BUILD_TIME: "0" ARCH: "" CUSTOM_LICENSE_PRIVATE_KEY: ${{ secrets.CUSTOM_LICENSE_PRIVATE_KEY }} CUSTOM_LICENSE_PUBLIC_KEY: ${{ secrets.CUSTOM_LICENSE_PUBLIC_KEY }} CUSTOM_NPK_SIGN_PRIVATE_KEY: ${{ secrets.CUSTOM_NPK_SIGN_PRIVATE_KEY }} CUSTOM_NPK_SIGN_PUBLIC_KEY: ${{ secrets.CUSTOM_NPK_SIGN_PUBLIC_KEY }} MIKRO_LICENSE_PUBLIC_KEY: ${{ secrets.MIKRO_LICENSE_PUBLIC_KEY }} MIKRO_NPK_SIGN_PUBLIC_LKEY: ${{ secrets.MIKRO_NPK_SIGN_PUBLIC_LKEY }} MIKRO_LICENCE_URL: ${{ secrets.MIKRO_LICENCE_URL }} CUSTOM_LICENCE_URL: ${{ secrets.CUSTOM_LICENCE_URL }} MIKRO_UPGRADE_URL: ${{ secrets.MIKRO_UPGRADE_URL }} CUSTOM_UPGRADE_URL: ${{ secrets.CUSTOM_UPGRADE_URL }} steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.11' - name: Get latest routeros version id: get_latest run: | echo $(uname -a) LATEST_VERSION=$(wget -nv -O - https://${{ env.MIKRO_UPGRADE_URL }}/routeros/NEWESTa7.${{ matrix.channel }} | cut -d ' ' -f1) echo Latest Version:$LATEST_VERSION if [ "${{ github.event_name }}" == "schedule" ]; then _LATEST_VERSION=$(wget -nv -O - https://${{ env.CUSTOM_UPGRADE_URL }}/routeros/NEWESTa7.${{ matrix.channel }} | cut -d ' ' -f1) if [ "$_LATEST_VERSION" == "$LATEST_VERSION" ]; then echo "No new version found" echo "has_new_version=false" >> $GITHUB_OUTPUT exit 0 fi fi echo "has_new_version=true" >> $GITHUB_OUTPUT BUILD_TIME=$(date +"%s") echo Build Time:$BUILD_TIME wget -nv -O CHANGELOG https://${{ env.MIKRO_UPGRADE_URL }}/routeros/$LATEST_VERSION/CHANGELOG cat CHANGELOG echo "LATEST_VERSION=${LATEST_VERSION}" >> $GITHUB_ENV echo "BUILD_TIME=${BUILD_TIME}" >> $GITHUB_ENV if [ "${{ matrix.arch }}" == "x86_64" ]; then ARCH='' echo "ARCH=$ARCH" >> $GITHUB_ENV elif [ "${{ matrix.arch }}" == "arm64" ]; then ARCH='-arm64' echo "ARCH=$ARCH" >> $GITHUB_ENV fi - name: Cache Squashfs if: steps.get_latest.outputs.has_new_version == 'true' id: cache-squashfs uses: actions/cache@v4 with: path: | python3.sfs option.sfs key: busybox-python3-squashfs-${{ matrix.arch }} - name: Create Squashfs for option and python3 if: steps.get_latest.outputs.has_new_version == 'true' && steps.cache-squashfs.outputs.cache-hit != 'true' run: | sudo mkdir -p ./option-root/bin/ if [ "${{ matrix.arch }}" == "x86_64" ]; then sudo cp busybox/busybox_x86_64 ./option-root/bin/busybox sudo chmod +x ./option-root/bin/busybox elif [ "${{ matrix.arch }}" == "arm64" ]; then sudo cp busybox/busybox_aarch64 ./option-root/bin/busybox sudo chmod +x ./option-root/bin/busybox fi sudo chmod +x ./busybox/busybox_x86_64 COMMANDS=$(./busybox/busybox_x86_64 --list) for cmd in $COMMANDS; do sudo ln -sf /pckg/option/bin/busybox ./option-root/bin/$cmd done sudo mksquashfs option-root option.sfs -quiet -comp xz -no-xattrs -b 256k sudo rm -rf option-root if [ "${{ matrix.arch }}" == "x86_64" ]; then sudo wget -O cpython-3.11.9.tar.gz -nv https://github.com/indygreg/python-build-standalone/releases/download/20240415/cpython-3.11.9+20240415-x86_64-unknown-linux-gnu-install_only.tar.gz elif [ "${{ matrix.arch }}" == "arm64" ]; then sudo wget -O cpython-3.11.9.tar.gz -nv https://github.com/indygreg/python-build-standalone/releases/download/20240415/cpython-3.11.9+20240415-aarch64-unknown-linux-gnu-install_only.tar.gz fi sudo tar -xf cpython-3.11.9.tar.gz sudo rm cpython-3.11.9.tar.gz sudo rm -rf ./python/include sudo rm -rf ./python/share sudo mksquashfs python python3.sfs -quiet -comp xz -no-xattrs -b 256k sudo rm -rf ./python - name: Cache NetInstall ${{ env.LATEST_VERSION }} if: steps.get_latest.outputs.has_new_version == 'true' && matrix.arch == 'x86_64' id: cache-netinstall uses: actions/cache@v4 with: path: | netinstall.zip netinstall.tar.gz key: netinstall-${{ env.LATEST_VERSION }} - name: Get netinstall ${{ env.LATEST_VERSION }} if: steps.get_latest.outputs.has_new_version == 'true' && matrix.arch == 'x86_64' && steps.cache-netinstall.outputs.cache-hit != 'true' run: | sudo wget -nv -O netinstall.zip https://download.mikrotik.com/routeros/$LATEST_VERSION/netinstall-$LATEST_VERSION.zip sudo wget -nv -O netinstall.tar.gz https://download.mikrotik.com/routeros/$LATEST_VERSION/netinstall-$LATEST_VERSION.tar.gz - name: Patch netinstall ${{ env.LATEST_VERSION }} if: steps.get_latest.outputs.has_new_version == 'true' && matrix.arch == 'x86_64' run: | sudo unzip netinstall.zip sudo -E python3 patch.py netinstall netinstall.exe sudo zip netinstall-$LATEST_VERSION.zip ./netinstall.exe sudo tar -xvf netinstall.tar.gz sudo -E python3 patch.py netinstall netinstall-cli sudo tar -czvf netinstall-$LATEST_VERSION.tar.gz ./netinstall-cli - name: Cache mikrotik-${{ env.LATEST_VERSION }}${{ env.ARCH }}.iso if: steps.get_latest.outputs.has_new_version == 'true' id: cache-mikrotik uses: actions/cache@v4 with: path: | mikrotik.iso key: mikrotik-${{ env.LATEST_VERSION }}-${{ matrix.arch }} - name: Get mikrotik-${{ env.LATEST_VERSION }}${{ env.ARCH }}.iso if: steps.get_latest.outputs.has_new_version == 'true' && steps.cache-mikrotik.outputs.cache-hit != 'true' run: | sudo wget -nv -O mikrotik.iso https://download.mikrotik.com/routeros/$LATEST_VERSION/mikrotik-$LATEST_VERSION$ARCH.iso - name: Patch mikrotik-${{ env.LATEST_VERSION }}${{ env.ARCH }}.iso if: steps.get_latest.outputs.has_new_version == 'true' run: | sudo apt-get install -y mkisofs xorriso > /dev/null sudo mkdir ./iso sudo mount -o loop,ro mikrotik.iso ./iso sudo mkdir ./new_iso sudo cp -r ./iso/* ./new_iso/ sudo rsync -a ./iso/ ./new_iso/ sudo umount ./iso sudo rm -rf ./iso sudo mv ./new_iso/routeros-$LATEST_VERSION$ARCH.npk ./ sudo -E python3 patch.py npk routeros-$LATEST_VERSION$ARCH.npk NPK_FILES=$(find ./new_iso/*.npk) for file in $NPK_FILES; do sudo -E python3 npk.py sign $file $file done sudo cp routeros-$LATEST_VERSION$ARCH.npk ./new_iso/ sudo -E python3 npk.py create ./new_iso/gps-$LATEST_VERSION$ARCH.npk ./option-$LATEST_VERSION$ARCH.npk option ./option.sfs -desc="busybox" sudo cp option-$LATEST_VERSION$ARCH.npk ./new_iso/ sudo -E python3 npk.py create ./new_iso/gps-$LATEST_VERSION$ARCH.npk ./python3-$LATEST_VERSION$ARCH.npk python3 ./python3.sfs -desc="python 3.11.9" sudo cp python3-$LATEST_VERSION$ARCH.npk ./new_iso/ sudo mkdir ./efiboot sudo mount -o loop ./new_iso/efiboot.img ./efiboot if [ "${{ matrix.arch }}" == "x86_64" ]; then sudo -E python3 patch.py kernel ./efiboot/linux.x86_64 sudo cp ./efiboot/linux.x86_64 ./BOOTX64.EFI sudo cp ./BOOTX64.EFI ./new_iso/isolinux/linux sudo umount ./efiboot sudo mkisofs -o mikrotik-$LATEST_VERSION$ARCH.iso \ -V "MikroTik $LATEST_VERSION ${{ matrix.arch }}" \ -sysid "" -preparer "MiKroTiK" \ -publisher "" -A "MiKroTiK RouterOS" \ -input-charset utf-8 \ -b isolinux/isolinux.bin \ -c isolinux/boot.cat \ -no-emul-boot \ -boot-load-size 4 \ -boot-info-table \ -eltorito-alt-boot \ -e efiboot.img \ -no-emul-boot \ -R -J \ ./new_iso elif [ "${{ matrix.arch }}" == "arm64" ]; then sudo -E python3 patch.py kernel ./efiboot/EFI/BOOT/BOOTAA64.EFI sudo umount ./efiboot sudo xorriso -as mkisofs -o mikrotik-$LATEST_VERSION$ARCH.iso \ -V "MikroTik $LATEST_VERSION ${{ matrix.arch }}" \ -sysid "" -preparer "MiKroTiK" \ -publisher "" -A "MiKroTiK RouterOS" \ -input-charset utf-8 \ -b efiboot.img \ -no-emul-boot \ -R -J \ ./new_iso fi sudo rm -rf ./efiboot sudo mkdir ./all_packages sudo cp ./new_iso/*.npk ./all_packages/ sudo rm -rf ./new_iso cd ./all_packages if [ "${{ matrix.arch }}" == "x86_64" ]; then sudo zip ../all_packages-x86-$LATEST_VERSION.zip *.npk elif [ "${{ matrix.arch }}" == "arm64" ]; then sudo zip ../all_packages-arm64-$LATEST_VERSION.zip *.npk fi cd .. - name: Cache refind if: steps.get_latest.outputs.has_new_version == 'true' && matrix.arch == 'x86_64' id: cache-refind uses: actions/cache@v4 with: path: refind-bin-0.14.2.zip key: refind - name: Get refind if: steps.get_latest.outputs.has_new_version == 'true' && matrix.arch == 'x86_64' && steps.cache-refind.outputs.cache-hit != 'true' run: sudo wget -nv -O refind-bin-0.14.2.zip https://nchc.dl.sourceforge.net/project/refind/0.14.2/refind-bin-0.14.2.zip - name: Create install-image-${{ env.LATEST_VERSION }}.img if: steps.get_latest.outputs.has_new_version == 'true' && matrix.arch == 'x86_64' run: | sudo modprobe nbd sudo apt-get install -y qemu-utils extlinux > /dev/null # Loading system # Copyright (C) 1994-2015 H. Peter Anvin et al # 20210811 # CHS EDD sudo xxd -p -u /usr/bin/extlinux | tr -d '\n' | sed \ -e 's/0D0A5359534C494E555820362E30342000/4C6F6164696E672073797374656D0D0A00/g' \ -e 's/20436F707972696768742028432920313939342D3230313520482E20506574657220416E76696E20657420616C0D0A/00436F707972696768742028432920313939342D3230313520482E20506574657220416E76696E20657420616C0D0A/g' \ -e 's/203230323130383131/003230323130383131/g' \ -e 's/43485300454444/00485300004444/g' | xxd -p -r >extlinux sudo chmod +x extlinux truncate --size 128M install-image-$LATEST_VERSION.img sudo qemu-nbd -c /dev/nbd0 -f raw install-image-$LATEST_VERSION.img sudo mkfs.vfat -n "Install" /dev/nbd0 sudo mkdir ./install sudo mount /dev/nbd0 ./install sudo mkdir -p ./install/EFI/BOOT sudo unzip refind-bin-0.14.2.zip refind-bin-0.14.2/refind/refind_x64.efi sudo cp refind-bin-0.14.2/refind/refind_x64.efi ./install/EFI/BOOT/BOOTX64.EFI sudo rm -rf refind-bin-0.14.2 echo -e 'timeout 0\ntextonly\ntextmode 0\nshowtools shutdown, reboot, exit\nmenuentry "Install RouterOS" {\n\tloader /linux\n\toptions "load_ramdisk=1 root=/dev/ram0 -install -hdd"\n}\ndefault_selection /EFI/BOOT/BOOTX64.EFI' \ > refind.conf sudo cp refind.conf ./install/EFI/BOOT/ sudo rm refind.conf sudo ./extlinux --install -H 64 -S 32 ./install/ echo -e 'default system\nLABEL system\n\tKERNEL linux\n\tAPPEND load_ramdisk=1 -install -hdd' \ > syslinux.cfg sudo cp syslinux.cfg ./install/ sudo rm syslinux.cfg sudo cp ./BOOTX64.EFI ./install/linux NPK_FILES=($(find ./all_packages/*.npk)) for ((i=1; i<=${#NPK_FILES[@]}; i++)) do echo "${NPK_FILES[$i-1]}=>$i.npk" sudo cp ${NPK_FILES[$i-1]} ./install/$i.npk done sudo touch ./install/CHOOSE sudo touch ./install/autorun.scr sudo umount /dev/nbd0 sudo qemu-nbd -d /dev/nbd0 sudo rm -rf ./install sudo zip install-image-$LATEST_VERSION.zip ./install-image-$LATEST_VERSION.img sudo rm ./install-image-$LATEST_VERSION.img - name: Cache chr-${{ env.LATEST_VERSION }}${{ env.ARCH }}.img.zip if: steps.get_latest.outputs.has_new_version == 'true' && matrix.arch == 'arm64' id: cache-chr-img uses: actions/cache@v4 with: path: | chr.img key: chr-${{ env.LATEST_VERSION }}-${{ matrix.arch }}.img - name: Get chr-${{ env.LATEST_VERSION }}${{ env.ARCH }}.img if: steps.get_latest.outputs.has_new_version == 'true' && steps.cache-chr-img.outputs.cache-hit != 'true' && matrix.arch == 'arm64' run: | sudo wget -nv -O chr.img.zip https://download.mikrotik.com/routeros/$LATEST_VERSION/chr-$LATEST_VERSION$ARCH.img.zip sudo unzip chr.img.zip sudo rm chr.img.zip sudo mv chr-$LATEST_VERSION$ARCH.img chr.img - name: Create chr-${{ env.LATEST_VERSION }}${{ env.ARCH }}.img if: steps.get_latest.outputs.has_new_version == 'true' run: | sudo modprobe nbd sudo apt-get install -y qemu-utils extlinux > /dev/null truncate --size 128M chr-$LATEST_VERSION$ARCH.img sgdisk --clear --set-alignment=2 \ --new=1::+32M --typecode=1:8300 --change-name=1:"RouterOS Boot" --attributes=1:set:2 \ --new=2::-0 --typecode=2:8300 --change-name=2:"RouterOS" \ --gpttombr=1:2 \ chr-$LATEST_VERSION$ARCH.img dd if=chr-$LATEST_VERSION$ARCH.img of=pt.bin bs=1 count=66 skip=446 echo -e "\x80" | dd of=pt.bin bs=1 count=1 conv=notrunc sgdisk --mbrtogpt --clear --set-alignment=2 \ --new=1::+32M --typecode=1:8300 --change-name=1:"RouterOS Boot" --attributes=1:set:2 \ --new=2::-0 --typecode=2:8300 --change-name=2:"RouterOS" \ chr-$LATEST_VERSION$ARCH.img dd if=mbr.bin of=chr-$LATEST_VERSION$ARCH.img bs=1 count=446 conv=notrunc dd if=pt.bin of=chr-$LATEST_VERSION$ARCH.img bs=1 count=66 seek=446 conv=notrunc sudo qemu-nbd -c /dev/nbd0 -f raw chr-$LATEST_VERSION$ARCH.img sudo mkfs.vfat -n "Boot" /dev/nbd0p1 sudo mkfs.ext4 -F -L "RouterOS" -m 0 /dev/nbd0p2 sudo mkdir -p ./img/{boot,routeros} sudo mount /dev/nbd0p1 ./img/boot/ if [ "${{ matrix.arch }}" == "x86_64" ]; then sudo mkdir -p ./img/boot/{BOOT,EFI/BOOT} sudo cp BOOTX64.EFI ./img/boot/EFI/BOOT/BOOTX64.EFI sudo ./extlinux --install -H 64 -S 32 ./img/boot/BOOT echo -e "default system\nlabel system\n\tkernel /EFI/BOOT/BOOTX64.EFI\n\tappend load_ramdisk=1 root=/dev/ram0 quiet" > syslinux.cfg sudo cp syslinux.cfg ./img/boot/BOOT/ sudo rm syslinux.cfg elif [ "${{ matrix.arch }}" == "arm64" ]; then sudo qemu-nbd -c /dev/nbd1 -f raw chr.img sudo mkdir -p ./chr/boot sudo mount /dev/nbd1p1 ./chr/boot/ sudo -E python3 patch.py kernel ./chr/boot/EFI/BOOT/BOOTAA64.EFI -O ./BOOTAA64.EFI sudo mkdir -p ./img/boot/EFI/BOOT sudo cp ./BOOTAA64.EFI ./img/boot/EFI/BOOT/BOOTAA64.EFI sudo umount /dev/nbd1p1 sudo rm -rf ./chr sudo qemu-nbd -d /dev/nbd1 fi sudo umount /dev/nbd0p1 sudo mount /dev/nbd0p2 ./img/routeros/ sudo mkdir -p ./img/routeros/{var/pdb/{system,option},boot,rw} sudo cp ./all_packages/option-$LATEST_VERSION$ARCH.npk ./img/routeros/var/pdb/option/image sudo cp ./all_packages/routeros-$LATEST_VERSION$ARCH.npk ./img/routeros/var/pdb/system/image sudo umount /dev/nbd0p2 sudo rm -rf ./img sudo qemu-nbd -d /dev/nbd0 sudo qemu-img convert -f raw -O qcow2 chr-$LATEST_VERSION$ARCH.img chr-$LATEST_VERSION$ARCH.qcow2 sudo qemu-img convert -f raw -O vmdk chr-$LATEST_VERSION$ARCH.img chr-$LATEST_VERSION$ARCH.vmdk sudo qemu-img convert -f raw -O vpc chr-$LATEST_VERSION$ARCH.img chr-$LATEST_VERSION$ARCH.vhd sudo qemu-img convert -f raw -O vhdx chr-$LATEST_VERSION$ARCH.img chr-$LATEST_VERSION$ARCH.vhdx sudo qemu-img convert -f raw -O vdi chr-$LATEST_VERSION$ARCH.img chr-$LATEST_VERSION$ARCH.vdi sudo zip chr-$LATEST_VERSION$ARCH.qcow2.zip chr-$LATEST_VERSION$ARCH.qcow2 sudo zip chr-$LATEST_VERSION$ARCH.vmdk.zip chr-$LATEST_VERSION$ARCH.vmdk sudo zip chr-$LATEST_VERSION$ARCH.vhd.zip chr-$LATEST_VERSION$ARCH.vhd sudo zip chr-$LATEST_VERSION$ARCH.vhdx.zip chr-$LATEST_VERSION$ARCH.vhdx sudo zip chr-$LATEST_VERSION$ARCH.vdi.zip chr-$LATEST_VERSION$ARCH.vdi sudo zip chr-$LATEST_VERSION$ARCH.img.zip chr-$LATEST_VERSION$ARCH.img sudo rm chr-$LATEST_VERSION$ARCH.qcow2 sudo rm chr-$LATEST_VERSION$ARCH.vmdk sudo rm chr-$LATEST_VERSION$ARCH.vhd sudo rm chr-$LATEST_VERSION$ARCH.vhdx sudo rm chr-$LATEST_VERSION$ARCH.vdi sudo rm chr-$LATEST_VERSION$ARCH.img # - name: Upload artifact # uses: actions/upload-artifact@v4 # with: # name: "RouterOS ${{ env.LATEST_VERSION }} ${{ matrix.arch }}" # path: | # mikrotik-${{ env.LATEST_VERSION }}${{ env.ARCH }}.iso # chr-${{ env.LATEST_VERSION }}*.zip # netinstall-${{ env.LATEST_VERSION }}.zip # install-image-${{ env.LATEST_VERSION }}.zip # routeros-${{ env.LATEST_VERSION }}${{ env.ARCH }}.npk # option-${{ env.LATEST_VERSION }}${{ env.ARCH }}.npk # all_packages-*-${{ env.LATEST_VERSION }}.zip - name: Upload Files if: steps.get_latest.outputs.has_new_version == 'true' run: | mkdir -p ./publish/$LATEST_VERSION echo $LATEST_VERSION $BUILD_TIME > ./publish/NEWESTa7.${{ matrix.channel }} cp CHANGELOG ./publish/$LATEST_VERSION/ cp ./all_packages/*.npk ./publish/$LATEST_VERSION/ sudo apt-get install -y lftp > /dev/null 2>&1 sudo -E lftp -u ${{ secrets.SSH_USERNAME }},'${{ secrets.SSH_PASSWORD }}' sftp://${{ secrets.SSH_SERVER }}:${{ secrets.SSH_PORT }} <