diff --git a/.github/setup_go_for_macos1013.sh b/.github/setup_go_for_macos1013.sh new file mode 100755 index 00000000..49eac606 --- /dev/null +++ b/.github/setup_go_for_macos1013.sh @@ -0,0 +1,45 @@ +#!/usr/bin/env bash + +set -euo pipefail + +VERSION="1.25.8" +PATCH_COMMITS=( + "afe69d3cec1c6dcf0f1797b20546795730850070" + "1ed289b0cf87dc5aae9c6fe1aa5f200a83412938" +) +CURL_ARGS=( + -fL + --silent + --show-error +) + +if [[ -n "${GITHUB_TOKEN:-}" ]]; then + CURL_ARGS+=(-H "Authorization: Bearer ${GITHUB_TOKEN}") +fi + +mkdir -p "$HOME/go" +cd "$HOME/go" +wget "https://dl.google.com/go/go${VERSION}.darwin-arm64.tar.gz" +tar -xzf "go${VERSION}.darwin-arm64.tar.gz" +#cp -a go go_bootstrap +mv go go_osx +cd go_osx + +# these patch URLs only work on golang1.25.x +# that means after golang1.26 release it must be changed +# see: https://github.com/SagerNet/go/commits/release-branch.go1.25/ +# revert: +# 33d3f603c1: "cmd/link/internal/ld: use 12.0.0 OS/SDK versions for macOS linking" +# 937368f84e: "crypto/x509: change how we retrieve chains on darwin" + +for patch_commit in "${PATCH_COMMITS[@]}"; do + curl "${CURL_ARGS[@]}" "https://github.com/SagerNet/go/commit/${patch_commit}.diff" | patch --verbose -p 1 +done + +# Rebuild is not needed: we build with CGO_ENABLED=1, so Apple's external +# linker handles LC_BUILD_VERSION via MACOSX_DEPLOYMENT_TARGET, and the +# stdlib (crypto/x509) is compiled from patched src automatically. +#cd src +#GOROOT_BOOTSTRAP="$HOME/go/go_bootstrap" ./make.bash +#cd ../.. +#rm -rf go_bootstrap "go${VERSION}.darwin-arm64.tar.gz" diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f8121aa4..2b3f702a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -121,15 +121,10 @@ jobs: with: fetch-depth: 0 - name: Setup Go - if: ${{ ! (matrix.legacy_win7 || matrix.legacy_go124) }} + if: ${{ ! matrix.legacy_win7 }} uses: actions/setup-go@v5 with: go-version: ~1.25.8 - - name: Setup Go 1.24 - if: matrix.legacy_go124 - uses: actions/setup-go@v5 - with: - go-version: ~1.24.10 - name: Cache Go for Windows 7 if: matrix.legacy_win7 id: cache-go-for-windows7 @@ -436,22 +431,36 @@ jobs: include: - { arch: amd64 } - { arch: arm64 } - - { arch: amd64, legacy_go124: true, legacy_name: "macos-11" } + - { arch: amd64, legacy_osx: true, legacy_name: "macos-10.13" } steps: - name: Checkout uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 with: fetch-depth: 0 - name: Setup Go - if: ${{ ! matrix.legacy_go124 }} + if: ${{ ! matrix.legacy_osx }} uses: actions/setup-go@v5 with: go-version: ^1.25.3 - - name: Setup Go 1.24 - if: matrix.legacy_go124 - uses: actions/setup-go@v5 + - name: Cache Go for macOS 10.13 + if: matrix.legacy_osx + id: cache-go-for-macos1013 + uses: actions/cache@v4 with: - go-version: ~1.24.6 + path: | + ~/go/go_osx + key: go_osx_1258 + - name: Setup Go for macOS 10.13 + if: matrix.legacy_osx && steps.cache-go-for-macos1013.outputs.cache-hit != 'true' + env: + GITHUB_TOKEN: ${{ github.token }} + run: |- + .github/setup_go_for_macos1013.sh + - name: Setup Go for macOS 10.13 + if: matrix.legacy_osx + run: |- + echo "PATH=$HOME/go/go_osx/bin:$PATH" >> $GITHUB_ENV + echo "GOROOT=$HOME/go/go_osx" >> $GITHUB_ENV - name: Set tag run: |- git ls-remote --exit-code --tags origin v${{ needs.calculate_version.outputs.version }} || echo "PUBLISHED=false" >> "$GITHUB_ENV" @@ -459,7 +468,7 @@ jobs: - name: Set build tags run: | set -xeuo pipefail - if [[ "${{ matrix.legacy_go124 }}" != "true" ]]; then + if [[ "${{ matrix.legacy_osx }}" != "true" ]]; then TAGS=$(cat release/DEFAULT_BUILD_TAGS) else TAGS=$(cat release/DEFAULT_BUILD_TAGS_OTHERS) @@ -479,6 +488,7 @@ jobs: CGO_ENABLED: "1" GOOS: darwin GOARCH: ${{ matrix.arch }} + MACOSX_DEPLOYMENT_TARGET: ${{ matrix.legacy_osx && '10.13' || '' }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set name run: |-