diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 74801ed..ad1a839 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -18,7 +18,6 @@ env: SECURE_BOOT_KEY_URL: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' ENROLLMENT_PASSWORD: 'container-installer' - jobs: build-container: runs-on: ubuntu-latest @@ -47,7 +46,7 @@ jobs: with: containerfiles: Containerfile tags: ${{ steps.meta.outputs.tags }} - + - name: Push image uses: redhat-actions/push-to-registry@v2 with: @@ -56,7 +55,6 @@ jobs: username: ${{ github.actor }} password: ${{ github.token }} - build-and-push-iso: runs-on: ubuntu-latest needs: @@ -69,6 +67,9 @@ jobs: version: - 38 - 39 + outputs: + iso_name-38: ${{ steps.save_output.outputs.iso_name-38 }} + iso_name-39: ${{ steps.save_output.outputs.iso_name-39 }} steps: - name: Checkout repo uses: actions/checkout@v4 @@ -89,6 +90,7 @@ jobs: - name: Build ISO with new container uses: ./ + id: build with: arch: ${{ env.ARCH}} image_name: ${{ env.IMAGE_NAME}} @@ -98,17 +100,22 @@ jobs: variant: ${{ env.VARIANT }} secure_boot_key_url: ${{ env.SECURE_BOOT_KEY_URL }} enrollment_password: ${{ env.ENROLLMENT_PASSWORD }} + iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso - - name: Rename ISO + - name: Save output + id: save_output + shell: bash run: | - mv build/deploy.iso build/${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso + echo "iso_name-${{ matrix.version }}=${{ steps.build.outputs.iso_name}}" >> $GITHUB_OUTPUT - name: Upload ISO as artifact id: upload uses: actions/upload-artifact@v4 with: - name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso - path: build/*.iso + name: ${{ steps.build.outputs.iso_name }} + path: | + ${{ steps.build.outputs.iso_path }} + ${{ steps.build.outputs.iso_path }}-CHECKSUM if-no-files-found: error retention-days: 0 compression-level: 0 @@ -133,7 +140,7 @@ jobs: - name: Ensure qemu is installed run: | sudo apt-get update - sudo apt-get install -y qemu qemu-utils xorriso unzip qemu-system-x86 netcat socat jq isomd5sum ansible make + sudo apt-get install -y qemu qemu-utils xorriso unzip qemu-system-x86 netcat socat jq isomd5sum ansible make coreutils - name: Create disk run: | @@ -142,14 +149,16 @@ jobs: - name: Download generated ISO uses: actions/download-artifact@v4 with: - name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso + name: ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }} - name: Verify ISO - run: checkisomd5 ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso + run: | + checkisomd5 ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }} + sha256sum -c ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }}-CHECKSUM - name: Run ISO checks run: | - mv ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso deploy.iso + mv ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }} deploy.iso make test-iso VERSION=${{ matrix.version }} - name: Add Kickstart and Grub options to ISO @@ -224,4 +233,3 @@ jobs: ./${check} fi done - diff --git a/Containerfile b/Containerfile index 6ca8af4..7488139 100644 --- a/Containerfile +++ b/Containerfile @@ -11,6 +11,7 @@ ENV VERSION="${VERSION}" ENV WEB_UI="false" RUN mkdir /build-container-installer + COPY / /build-container-installer/ WORKDIR /build-container-installer diff --git a/Makefile b/Makefile index c8f8c01..a21d1be 100644 --- a/Makefile +++ b/Makefile @@ -34,7 +34,7 @@ ifeq ($(WEB_UI),true) _LORAX_ARGS += -i anaconda-webui endif -# Step 7: Buid end ISO +# Step 7: Build end ISO ## Default action build/deploy.iso: boot.iso container/$(IMAGE_NAME)-$(IMAGE_TAG) xorriso/input.txt mkdir $(_BASE_DIR)/build || true @@ -177,7 +177,7 @@ clean: rm -f $(_BASE_DIR)/*.log || true install-deps: - dnf install -y lorax xorriso skopeo + dnf install -y lorax xorriso skopeo coreutils test-iso: $(eval _TESTS = $(filter-out README.md,$(shell ls tests/iso))) diff --git a/README.md b/README.md index 82217f9..cdc4119 100644 --- a/README.md +++ b/README.md @@ -8,12 +8,28 @@ This action is designed to be called from a GitHub workflow using the following ```yaml - name: Build ISO uses: jasonn3/build-container-installer/v1.0.0 + id: build with: arch: ${{ env.ARCH}} image_name: ${{ env.IMAGE_NAME}} image_repo: ${{ env.IMAGE_REPO}} + image_tag: ${{ env.IMAGE_TAG }} version: ${{ env.VERSION }} variant: ${{ env.VARIANT }} + iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ env.VERSION }}.iso + +# This example is for uploading your ISO as a Github artifact. You can do something similar using any cloud storage, so long as you copy the output +- name: Upload ISO as artifact + id: upload + uses: actions/upload-artifact@v4 + with: + name: ${{ steps.build.outputs.iso_name }} + path: | + ${{ steps.build.outputs.iso_path }} + ${{ steps.build.outputs.iso_path }}-CHECKSUM + if-no-files-found: error + retention-days: 0 + compression-level: 0 ``` See [Customizing](#customizing) for information about customizing the ISO that gets created using `with` @@ -21,46 +37,61 @@ See [Customizing](#customizing) for information about customizing the ISO that g ## Customizing The following variables can be used to customize the created ISO. -| Variable | Description | Default Value | -| ----------------- | -------------------------------------------------------- | ------------------------------ | -| ARCH | Architecture for image to build | x86_64 | -| VERSION | Fedora version of installer to build | 39 | -| IMAGE_REPO | Repository containing the source container image | quay.io/fedora-ostree-desktops | -| IMAGE_NAME | Name of the source container image | base | -| IMAGE_TAG | Tag of the source container image | *VERSION* | -| EXTRA_BOOT_PARAMS | Extra params used by grub to boot the anaconda installer | \[empty\] | -| VARIANT | Source container variant\* | Server | -| WEB_UI | Enable Anaconda WebUI (experimental) | false | +### Inputs +| Variable | Description | Default Value | +| -------------------- | ---------------------------------------------------------------------------- | ------------------------------ | +| additional_templates | Space delimited list of additional Lorax templates to include | \[empty\] | +| arch | Architecture for image to build | x86_64 | +| enrollment_password | Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) | container-installer | +| extra_boot_params | Extra params used by grub to boot the anaconda installer | \[empty\] | +| image_name | Name of the source container image | base | +| image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | +| image_tag | Tag of the source container image | *VERSION* | +| iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | +| secure_boot_key_url | Secure boot key that is installed from URL location\*\* | \[empty\] | +| variant | Source container variant\* | Server | +| version | Fedora version of installer to build | 39 | +| web_ui | Enable Anaconda WebUI (experimental) | false | -Available options for VARIANT can be found by running `dnf provides system-release`. +\*Available options for VARIANT can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinoite +\*\* If you need to reference a local file, you can use `file://*path*` + +### Outputs +| Variable | Description | Usage | +| -------- | ----------------------------------------| ------------------------------------------------ | +| iso_name | The name of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | +| iso_path | The name and path of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | + +For outputs, see example above. + ## Development ### Makefile The Makefile contains all of the commands that are run in the action. There are separate targets for each file generated, however `make` can be used to generate the final image and `make clean` can be used to clean up the workspace. The resulting ISO will be stored in the `build` directory. `make install-deps` can be used to install the necessary packages -See [Customizing](#customizing) for information about customizing the ISO that gets created. +See [Customizing](#customizing) for information about customizing the ISO that gets created. All variable should be specified CAPITALIZED. ### Container A container with `make install-deps` already run is provided at `ghcr.io/jasonn3/build-container-installer:latest` To use the container file, run `docker run --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest`. -This will create an ISO with the baked in defaults of the container image. +This will create an ISO with the baked in defaults of the container image. The resulting file will be called `deploy.iso` -See [Customizing](#customizing) for information about customizing the ISO that gets created. The variable can either be defined as environment variables. +See [Customizing](#customizing) for information about customizing the ISO that gets created. The variable can either be defined as environment variables. All variable should be specified CAPITALIZED. Examples: Building an ISO to install Fedora 38 ```bash -docker run --rm --privileged --volume .:/build-container-installer/build -e VERSION=38 -e IMAGE_NAME=base -e IMAGE_TAG=38 -e VARIANT=Server ghcr.io/jasonn3/build-container-installer:latest +docker run --rm --privileged --volume .:/github/workspace/build ghcr.io/jasonn3/build-container-installer:latest VERSION=38 IMAGE_NAME=base IMAGE_TAG=38 VARIANT=Server ``` Building an ISO to install Fedora 39 ```bash -docker run --rm --privileged --volume .:/build-container-installer/build -e VERSION=39 -e IMAGE_NAME=base -e IMAGE_TAG=39 -e VARIANT=Server ghcr.io/jasonn3/build-container-installer:latest +docker run --rm --privileged --volume .:/github/workspace/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=Server ``` ### VSCode Dev Container @@ -105,4 +136,3 @@ Build a new container image: "privileged": true } ``` - diff --git a/action.yml b/action.yml index 22914f1..75c7fb5 100644 --- a/action.yml +++ b/action.yml @@ -2,10 +2,24 @@ name: Build Container Installer description: Generates an ISO for installing an OSTree stored in a container image inputs: + action_version: + description: Version of the action container to run + deprecationMessage: No longer used. github.action_ref replaces the need for this. Will be removed in a future version. + required: false + additional_templates: + description: Space delimited list of additional Lorax templates to include + required: false arch: description: Architecture for image to build required: true default: x86_64 + enrollment_password: + description: Used for supporting secure boot (requires secure_boot_key_url to be defined) + required: false + default: "container-installer" + extra_boot_params: + description: Extra params used by grub to boot the anaconda installer + required: false image_name: description: Name of the source container image required: true @@ -14,6 +28,16 @@ inputs: description: Repository containing the source container image required: true default: quay.io/fedora-ostree-desktops + image_tag: + description: Tag of the source container image. Defaults to the installer version + required: false + iso_name: + description: "Name of the resulting ISO. Relative paths are relative to github.workspace" + required: false + default: build/deploy.iso + secure_boot_key_url: + description: Secure boot key that is installed from URL location + required: false variant: description: "Source container variant. Available options can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinonite" required: true @@ -22,27 +46,18 @@ inputs: description: Fedora version of installer to build required: true default: "39" - image_tag: - description: Tag of the source container image. Defaults to the installer version - required: false web_ui: description: Enable Anaconda WebUI required: false default: "false" - enrollment_password: - description: Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) - required: false - default: "container-installer" - secure_boot_key_url: - description: Secure boot key that is installed from URL location - required: false - action_version: - description: Version of the action container to run - deprecationMessage: No longer used. github.action_ref replaces the need for this. Will be removed in a future version. - required: false - additional_templates: - description: Space delimetered list of additional Lorax templates to include - required: false + +outputs: + iso_name: + value: ${{ steps.rename_iso.outputs.iso_name }} + description: The name of the resulting .iso + iso_path: + value: ${{ steps.rename_iso.outputs.iso_path }} + description: The name and path of the resulting .iso runs: using: composite @@ -53,7 +68,7 @@ runs: # Check if running inside of the action repo if [[ -z "${{ github.action_ref }}" ]]; then if [[ "${{ github.ref_name }}" =~ (.*)/merge ]]; then tag=pr-${BASH_REMATCH[1]}; else tag=${{ github.ref_name }}; fi; fi if [[ -z "${tag}" ]]; then tag=${{ github.action_ref }}; fi - docker run --privileged --volume ${{ github.workspace }}:/github/workspace/ ghcr.io/jasonn3/build-container-installer:${tag} \ + docker run --privileged --volume ${{ github.workspace }}:/github/workspace ghcr.io/jasonn3/build-container-installer:${tag} \ ARCH=${{ inputs.arch }} \ IMAGE_NAME=${{ inputs.image_name }} \ IMAGE_REPO=${{ inputs.image_repo }} \ @@ -61,7 +76,30 @@ runs: VERSION=${{ inputs.version }} \ IMAGE_TAG=${{ inputs.image_tag || inputs.version }} \ WEB_UI=${{ inputs.web_ui }} \ + ISO_NAME=${{ inputs.iso_name }} \ ENROLLMENT_PASSWORD=${{ inputs.enrollment_password }} \ SECURE_BOOT_KEY_URL=${{ inputs.secure_boot_key_url }} \ "ADDITIONAL_TEMPLATES=${{ inputs.additional_templates }}" + - name: Rename ISO file + id: rename_iso + shell: bash + run: | + if [[ ! ( "${{ inputs.iso_name }}" =~ \.iso$ ) ]] + then + iso_name="${{ inputs.iso_name }}.iso" + else + iso_name="${{ inputs.iso_name }}" + fi + if [[ "${{ inputs.iso_name }}" =~ ^/ ]] + then + full_path="${iso_name}" + else + full_path="${{ github.workspace }}/${iso_name}" + fi + mv ${{ github.workspace }}/build/deploy.iso ${full_path} || true + cd $(dirname ${full_path}) + iso_fn=$(basename ${iso_name}) + sha256sum ${iso_fn} > ${iso_fn}-CHECKSUM + echo "iso_path=${full_path}" >> $GITHUB_OUTPUT + echo "iso_name=${iso_fn}" >> $GITHUB_OUTPUT diff --git a/entrypoint.sh b/entrypoint.sh index 5005737..3f78761 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -21,5 +21,4 @@ mkdir /github/workspace/build || true # Copy resulting iso to github workspace and fix permissions cp build/deploy.iso /github/workspace/build -chmod -R ugo=rwX /github/workspace/build - +chmod -R ugo=rwx /github/workspace/build