Fix android builds requiring external (cgo) linking, but cgo is not enabled

README.md

@@ -24,10 +24,10 @@ jobs:
   release:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: cli/gh-extension-precompile@v1
+      - uses: actions/checkout@v4
+      - uses: cli/gh-extension-precompile@v2
         with:
-          go_version: "1.16"
+          go_version_file: go.mod
 ```
 
 Then, either push a new git tag like `v1.0.0` to your repository, or create a new Release and have it initialize the associated git tag.
@@ -36,20 +36,38 @@ When the `release` workflow finishes running, compiled binaries will be uploaded
 
 You can safely test out release automation by creating tags that have a `-` in them; for example: `v2.0.0-rc.1`. Such Releases will be published as _prereleases_ and will not count as a stable release of your extension.
 
-To maximize portability of built products, this action builds Go binaries with [cgo](https://pkg.go.dev/cmd/cgo) disabled. To override that, set the `CGO_ENABLED` environment variable:
+To maximize portability of built products, this action builds Go binaries with [cgo](https://pkg.go.dev/cmd/cgo) disabled with the exception of [Android build targets](#building-for-android). To override cgo for all build targets, set the `CGO_ENABLED` environment variable:
 
 ```yaml
-- uses: cli/gh-extension-precompile@v1
+- uses: cli/gh-extension-precompile@v2
   env:
     CGO_ENABLED: 1
 ```
 
+### Building for Android
+
+`gh-extension-precompile@v2` introduces a breaking change by disabling `android-arm64` and `android-amd64` build targets by default due to [Go external linking requirements](https://github.com/cli/gh-extension-precompile/issues/50#issuecomment-2078086299).
+
+To enable Android build targets:
+
+1. `release_android` must be set to `true`
+2. `android_sdk_version` must be set to a targeted [Android API level](https://developer.android.com/tools/releases/platforms)
+3. `android_ndk_home` must be set to the path to Android NDK installed on Actions runner
+
+   `cli/gh-extension-precompile` will use pre-installed Android tools on GitHub-managed runners by default; self-hosted runners will need to install and configure this input.
+
+   _For more information on Android NDK installed on GitHub-managed runners, see [`actions/runner-images`](https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2404-Readme.md#android)_
+
+### Customizing the build process for Go extensions
+
+If you need to customize the build process for your Go extension, you can provide a custom build script. See [Extensions written in other compiled languages](#extensions-written-in-other-compiled-languages) below for instructions.
+
 ## Extensions written in other compiled languages
 
-If you aren't using Go for your compiled extension, you'll need to provide your own script for compiling your extension:
+If you aren't using Go for your compiled extension, or your Go extension requires customizations to the build script, you'll need to provide your own script for compiling your extension:
 
 ```yaml
-- uses: cli/gh-extension-precompile@v1
+- uses: cli/gh-extension-precompile@v2
   with:
     build_script_override: "script/build.sh"
 ```
@@ -88,18 +106,17 @@ jobs:
   release:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - id: import_gpg
         uses: crazy-max/ghaction-import-gpg@v5
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
           passphrase: ${{ secrets.GPG_PASSPHRASE }}
-      - uses: cli/gh-extension-precompile@v1
+      - uses: cli/gh-extension-precompile@v2
         with:
           gpg_fingerprint: ${{ steps.import_gpg.outputs.fingerprint }}
 ```
 
-
 ## Support for Artifact Attestations
 
 This action can optionally generate signed build provenance attestations for all published executables within `${{ github.workspace }}/dist/*`.
@@ -124,12 +141,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: cli/gh-extension-precompile@v1
+      - uses: cli/gh-extension-precompile@v2
         with:
           generate_attestations: true
 ```
 
-
 ## Authors
 
 - nate smith <https://github.com/vilmibm>

action.yml

@@ -20,6 +20,13 @@ inputs:
   generate_attestations:
     description: "Whether to generate artifact attestations for release binaries to establish build provenance, defaults to `false` if unspecified"
     default: false
+  release_android:
+    description: "Whether to release android binaries, defaults to `false` if unspecified"
+    default: false
+  android_ndk_home:
+    description: "Path to the Android NDK for android-amd64 and android-arm64 builds"
+  android_sdk_version:
+    description: "Android SDK build-tools version"
 branding:
   color: purple
   icon: box
@@ -77,6 +84,18 @@ runs:
         INPUT_TITLE: ${{ inputs.release_title_prefix }}
       shell: bash
 
+    - id: determine_android_ndk_home
+      run: |
+        if [ -n "$INPUT_ANDROID_NDK_HOME" ]; then
+          android_ndk_home="$INPUT_ANDROID_NDK_HOME"
+        else
+          android_ndk_home="$ANDROID_NDK_HOME"
+        fi
+        echo "ANDROID_NDK_HOME=$android_ndk_home" >> "$GITHUB_OUTPUT"
+      env:
+        INPUT_ANDROID_NDK_HOME: ${{ inputs.android_ndk_home }}
+      shell: bash
+
     - run: ${GITHUB_ACTION_PATH//\\//}/build_and_release.sh
       env:
         GITHUB_REPOSITORY: ${{ github.repository }}
@@ -86,9 +105,12 @@ runs:
         GH_RELEASE_TAG: ${{ steps.determine_release_tag.outputs.TAG }}
         GH_RELEASE_TITLE_PREFIX: ${{ steps.determine_release_title_prefix.outputs.PREFIX }}
         DRAFT_RELEASE: ${{ inputs.draft_release }}
+        ANDROID_NDK_HOME: ${{ steps.determine_android_ndk_home.outputs.ANDROID_NDK_HOME }}
+        ANDROID_SDK_VERSION: ${{ inputs.android_sdk_version }}
+        RELEASE_ANDROID: ${{ inputs.release_android }}
       shell: bash
 
     - if: ${{ inputs.generate_attestations == 'true' }}
       uses: actions/attest-build-provenance@v1
       with:
-        subject-path: '${{ github.workspace }}/dist/*'
+        subject-path: "${{ github.workspace }}/dist/*"

build_and_release.sh

@@ -2,8 +2,6 @@
 set -e
 
 platforms=(
-  android-amd64
-  android-arm64
   darwin-amd64
   darwin-arm64
   freebsd-386
@@ -18,6 +16,24 @@ platforms=(
   windows-arm64
 )
 
+if [[ "$RELEASE_ANDROID" == "true" ]]; then
+  platforms+=("android-amd64")
+  platforms+=("android-arm64")
+fi
+
+# We must know the android sdk version to build for android.
+if [[ "$RELEASE_ANDROID" == "true" && -z "$ANDROID_SDK_VERSION" ]]; then
+  echo "error: Cannot build for android without android_sdk_version." >&2
+  exit 1
+fi
+
+# We must have `ANDROID_NDK_HOME` set to build for android.
+# This will be available by default on GitHub hosted runners.
+if [[ "$RELEASE_ANDROID" == "true" && ! -d "$ANDROID_NDK_HOME" ]]; then
+  echo "error: Cannot build for android without android_ndk_home." >&2
+  exit 1
+fi
+
 prerelease=""
 if [[ $GH_RELEASE_TAG = *-* ]]; then
   prerelease="--prerelease"
@@ -45,7 +61,18 @@ else
     if [ "$goos" = "windows" ]; then
       ext=".exe"
     fi
-    GOOS="$goos" GOARCH="$goarch" CGO_ENABLED="${CGO_ENABLED:-0}" go build -trimpath -ldflags="-s -w" -o "dist/${p}${ext}"
+    cc=""
+    cgo_enabled="${CGO_ENABLED:-0}"
+    if [ "$goos" = "android" ]; then
+      if [ "$goarch" = "amd64" ]; then
+        cc="${ANDROID_NDK_HOME}/toolchains/llvm/prebuilt/linux-x86_64/bin/x86_64-linux-android${ANDROID_SDK_VERSION}-clang"
+        cgo_enabled="1"
+      elif [ "$goarch" = "arm64" ]; then
+        cc="${ANDROID_NDK_HOME}/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android${ANDROID_SDK_VERSION}-clang"
+        cgo_enabled="1"
+      fi
+    fi
+    GOOS="$goos" GOARCH="$goarch" CGO_ENABLED="$cgo_enabled" CC="$cc" go build -trimpath -ldflags="-s -w" -o "dist/${p}${ext}"
   done
 fi