actions/build-container-installer
1
0
Fork 0
mirror of https://github.com/JasonN3/build-container-installer.git synced 2025-12-25 02:47:56 +01:00
Code Releases Activity

Fix Container Copying to Directory (#41)

Browse source
This commit is contained in:
Noel Miller 2024-03-08 10:05:20 -06:00 committed by GitHub
parent 0b68c00dcf
commit 54d89036fb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 127 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

30
.github/workflows/build-and-test.yml vendored
View file

@ -18,7 +18,6 @@ env:
SECURE_BOOT_KEY_URL: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der'
ENROLLMENT_PASSWORD: 'container-installer'
jobs:
build-container:
runs-on: ubuntu-latest
@ -56,7 +55,6 @@ jobs:
username: ${{ github.actor }}
password: ${{ github.token }}
build-and-push-iso:
runs-on: ubuntu-latest
needs:
@ -69,6 +67,9 @@ jobs:
version:
- 38
- 39
outputs:
iso_name-38: ${{ steps.save_output.outputs.iso_name-38 }}
iso_name-39: ${{ steps.save_output.outputs.iso_name-39 }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
@ -89,6 +90,7 @@ jobs:
- name: Build ISO with new container
uses: ./
id: build
with:
arch: ${{ env.ARCH}}
image_name: ${{ env.IMAGE_NAME}}
@ -98,17 +100,22 @@ jobs:
variant: ${{ env.VARIANT }}
secure_boot_key_url: ${{ env.SECURE_BOOT_KEY_URL }}
enrollment_password: ${{ env.ENROLLMENT_PASSWORD }}
iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso
- name: Rename ISO
- name: Save output
id: save_output
shell: bash
run: |
mv build/deploy.iso build/${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso
echo "iso_name-${{ matrix.version }}=${{ steps.build.outputs.iso_name}}" >> $GITHUB_OUTPUT
- name: Upload ISO as artifact
id: upload
uses: actions/upload-artifact@v4
with:
name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso
path: build/*.iso
name: ${{ steps.build.outputs.iso_name }}
path: |
${{ steps.build.outputs.iso_path }}
${{ steps.build.outputs.iso_path }}-CHECKSUM
if-no-files-found: error
retention-days: 0
compression-level: 0
@ -133,7 +140,7 @@ jobs:
- name: Ensure qemu is installed
run: |
sudo apt-get update
sudo apt-get install -y qemu qemu-utils xorriso unzip qemu-system-x86 netcat socat jq isomd5sum ansible make
sudo apt-get install -y qemu qemu-utils xorriso unzip qemu-system-x86 netcat socat jq isomd5sum ansible make coreutils
- name: Create disk
run: |
@ -142,14 +149,16 @@ jobs:
- name: Download generated ISO
uses: actions/download-artifact@v4
with:
name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso
name: ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }}
- name: Verify ISO
run: checkisomd5 ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso
run: |
checkisomd5 ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }}
sha256sum -c ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }}-CHECKSUM
- name: Run ISO checks
run: |
mv ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso deploy.iso
mv ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }} deploy.iso
make test-iso VERSION=${{ matrix.version }}
- name: Add Kickstart and Grub options to ISO
@ -224,4 +233,3 @@ jobs:
./${check}
fi
done

1
Containerfile
View file

@ -11,6 +11,7 @@ ENV VERSION="${VERSION}"
ENV WEB_UI="false"
RUN mkdir /build-container-installer
COPY / /build-container-installer/
WORKDIR /build-container-installer

4
Makefile
View file

@ -34,7 +34,7 @@ ifeq ($(WEB_UI),true)
_LORAX_ARGS += -i anaconda-webui
endif
# Step 7: Buid end ISO
# Step 7: Build end ISO
## Default action
build/deploy.iso: boot.iso container/$(IMAGE_NAME)-$(IMAGE_TAG) xorriso/input.txt
mkdir $(_BASE_DIR)/build || true
@ -177,7 +177,7 @@ clean:
rm -f $(_BASE_DIR)/*.log || true
install-deps:
dnf install -y lorax xorriso skopeo
dnf install -y lorax xorriso skopeo coreutils
test-iso:
$(eval _TESTS = $(filter-out README.md,$(shell ls tests/iso)))

64
README.md
View file

@ -8,12 +8,28 @@ This action is designed to be called from a GitHub workflow using the following
```yaml
- name: Build ISO
uses: jasonn3/build-container-installer/v1.0.0
id: build
with:
arch: ${{ env.ARCH}}
image_name: ${{ env.IMAGE_NAME}}
image_repo: ${{ env.IMAGE_REPO}}
image_tag: ${{ env.IMAGE_TAG }}
version: ${{ env.VERSION }}
variant: ${{ env.VARIANT }}
iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ env.VERSION }}.iso
# This example is for uploading your ISO as a Github artifact. You can do something similar using any cloud storage, so long as you copy the output
- name: Upload ISO as artifact
id: upload
uses: actions/upload-artifact@v4
with:
name: ${{ steps.build.outputs.iso_name }}
path: |
${{ steps.build.outputs.iso_path }}
${{ steps.build.outputs.iso_path }}-CHECKSUM
if-no-files-found: error
retention-days: 0
compression-level: 0
```
See [Customizing](#customizing) for information about customizing the ISO that gets created using `with`
@ -21,46 +37,61 @@ See [Customizing](#customizing) for information about customizing the ISO that g
## Customizing
The following variables can be used to customize the created ISO.
| Variable | Description | Default Value |
| ----------------- | -------------------------------------------------------- | ------------------------------ |
| ARCH | Architecture for image to build | x86_64 |
| VERSION | Fedora version of installer to build | 39 |
| IMAGE_REPO | Repository containing the source container image | quay.io/fedora-ostree-desktops |
| IMAGE_NAME | Name of the source container image | base |
| IMAGE_TAG | Tag of the source container image | *VERSION* |
| EXTRA_BOOT_PARAMS | Extra params used by grub to boot the anaconda installer | \[empty\] |
| VARIANT | Source container variant\* | Server |
| WEB_UI | Enable Anaconda WebUI (experimental) | false |
### Inputs
| Variable | Description | Default Value |
| -------------------- | ---------------------------------------------------------------------------- | ------------------------------ |
| additional_templates | Space delimited list of additional Lorax templates to include | \[empty\] |
| arch | Architecture for image to build | x86_64 |
| enrollment_password | Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) | container-installer |
| extra_boot_params | Extra params used by grub to boot the anaconda installer | \[empty\] |
| image_name | Name of the source container image | base |
| image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops |
| image_tag | Tag of the source container image | *VERSION* |
| iso_name | Name of the ISO you wish to output when completed | build/deploy.iso |
| secure_boot_key_url | Secure boot key that is installed from URL location\*\* | \[empty\] |
| variant | Source container variant\* | Server |
| version | Fedora version of installer to build | 39 |
| web_ui | Enable Anaconda WebUI (experimental) | false |
Available options for VARIANT can be found by running `dnf provides system-release`.
\*Available options for VARIANT can be found by running `dnf provides system-release`.
Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinoite
\*\* If you need to reference a local file, you can use `file://*path*`
### Outputs
| Variable | Description | Usage |
| -------- | ----------------------------------------| ------------------------------------------------ |
| iso_name | The name of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} |
| iso_path | The name and path of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} |
For outputs, see example above.
## Development
### Makefile
The Makefile contains all of the commands that are run in the action. There are separate targets for each file generated, however `make` can be used to generate the final image and `make clean` can be used to clean up the workspace. The resulting ISO will be stored in the `build` directory.
`make install-deps` can be used to install the necessary packages
See [Customizing](#customizing) for information about customizing the ISO that gets created.
See [Customizing](#customizing) for information about customizing the ISO that gets created. All variable should be specified CAPITALIZED.
### Container
A container with `make install-deps` already run is provided at `ghcr.io/jasonn3/build-container-installer:latest`
To use the container file, run `docker run --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest`.
This will create an ISO with the baked in defaults of the container image.
This will create an ISO with the baked in defaults of the container image. The resulting file will be called `deploy.iso`
See [Customizing](#customizing) for information about customizing the ISO that gets created. The variable can either be defined as environment variables.
See [Customizing](#customizing) for information about customizing the ISO that gets created. The variable can either be defined as environment variables. All variable should be specified CAPITALIZED.
Examples:
Building an ISO to install Fedora 38
```bash
docker run --rm --privileged --volume .:/build-container-installer/build -e VERSION=38 -e IMAGE_NAME=base -e IMAGE_TAG=38 -e VARIANT=Server ghcr.io/jasonn3/build-container-installer:latest
docker run --rm --privileged --volume .:/github/workspace/build ghcr.io/jasonn3/build-container-installer:latest VERSION=38 IMAGE_NAME=base IMAGE_TAG=38 VARIANT=Server
```
Building an ISO to install Fedora 39
```bash
docker run --rm --privileged --volume .:/build-container-installer/build -e VERSION=39 -e IMAGE_NAME=base -e IMAGE_TAG=39 -e VARIANT=Server ghcr.io/jasonn3/build-container-installer:latest
docker run --rm --privileged --volume .:/github/workspace/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=Server
```
### VSCode Dev Container
@ -105,4 +136,3 @@ Build a new container image:
"privileged": true
}
```

74
action.yml
View file

@ -2,10 +2,24 @@ name: Build Container Installer
description: Generates an ISO for installing an OSTree stored in a container image
inputs:
action_version:
description: Version of the action container to run
deprecationMessage: No longer used. github.action_ref replaces the need for this. Will be removed in a future version.
required: false
additional_templates:
description: Space delimited list of additional Lorax templates to include
required: false
arch:
description: Architecture for image to build
required: true
default: x86_64
enrollment_password:
description: Used for supporting secure boot (requires secure_boot_key_url to be defined)
required: false
default: "container-installer"
extra_boot_params:
description: Extra params used by grub to boot the anaconda installer
required: false
image_name:
description: Name of the source container image
required: true
@ -14,6 +28,16 @@ inputs:
description: Repository containing the source container image
required: true
default: quay.io/fedora-ostree-desktops
image_tag:
description: Tag of the source container image. Defaults to the installer version
required: false
iso_name:
description: "Name of the resulting ISO. Relative paths are relative to github.workspace"
required: false
default: build/deploy.iso
secure_boot_key_url:
description: Secure boot key that is installed from URL location
required: false
variant:
description: "Source container variant. Available options can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinonite"
required: true
@ -22,27 +46,18 @@ inputs:
description: Fedora version of installer to build
required: true
default: "39"
image_tag:
description: Tag of the source container image. Defaults to the installer version
required: false
web_ui:
description: Enable Anaconda WebUI
required: false
default: "false"
enrollment_password:
description: Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined)
required: false
default: "container-installer"
secure_boot_key_url:
description: Secure boot key that is installed from URL location
required: false
action_version:
description: Version of the action container to run
deprecationMessage: No longer used. github.action_ref replaces the need for this. Will be removed in a future version.
required: false
additional_templates:
description: Space delimetered list of additional Lorax templates to include
required: false
outputs:
iso_name:
value: ${{ steps.rename_iso.outputs.iso_name }}
description: The name of the resulting .iso
iso_path:
value: ${{ steps.rename_iso.outputs.iso_path }}
description: The name and path of the resulting .iso
runs:
using: composite
@ -53,7 +68,7 @@ runs:
# Check if running inside of the action repo
if [[ -z "${{ github.action_ref }}" ]]; then if [[ "${{ github.ref_name }}" =~ (.*)/merge ]]; then tag=pr-${BASH_REMATCH[1]}; else tag=${{ github.ref_name }}; fi; fi
if [[ -z "${tag}" ]]; then tag=${{ github.action_ref }}; fi
docker run --privileged --volume ${{ github.workspace }}:/github/workspace/ ghcr.io/jasonn3/build-container-installer:${tag} \
docker run --privileged --volume ${{ github.workspace }}:/github/workspace ghcr.io/jasonn3/build-container-installer:${tag} \
ARCH=${{ inputs.arch }} \
IMAGE_NAME=${{ inputs.image_name }} \
IMAGE_REPO=${{ inputs.image_repo }} \
@ -61,7 +76,30 @@ runs:
VERSION=${{ inputs.version }} \
IMAGE_TAG=${{ inputs.image_tag || inputs.version }} \
WEB_UI=${{ inputs.web_ui }} \
ISO_NAME=${{ inputs.iso_name }} \
ENROLLMENT_PASSWORD=${{ inputs.enrollment_password }} \
SECURE_BOOT_KEY_URL=${{ inputs.secure_boot_key_url }} \
"ADDITIONAL_TEMPLATES=${{ inputs.additional_templates }}"
- name: Rename ISO file
id: rename_iso
shell: bash
run: |
if [[ ! ( "${{ inputs.iso_name }}" =~ \.iso$ ) ]]
then
iso_name="${{ inputs.iso_name }}.iso"
else
iso_name="${{ inputs.iso_name }}"
fi
if [[ "${{ inputs.iso_name }}" =~ ^/ ]]
then
full_path="${iso_name}"
else
full_path="${{ github.workspace }}/${iso_name}"
fi
mv ${{ github.workspace }}/build/deploy.iso ${full_path} || true
cd $(dirname ${full_path})
iso_fn=$(basename ${iso_name})
sha256sum ${iso_fn} > ${iso_fn}-CHECKSUM
echo "iso_path=${full_path}" >> $GITHUB_OUTPUT
echo "iso_name=${iso_fn}" >> $GITHUB_OUTPUT

3
entrypoint.sh
View file

@ -21,5 +21,4 @@ mkdir /github/workspace/build || true
# Copy resulting iso to github workspace and fix permissions
cp build/deploy.iso /github/workspace/build
chmod -R ugo=rwX /github/workspace/build
chmod -R ugo=rwx /github/workspace/build