diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 3c99f9b..26a2ec5 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -49,7 +49,7 @@ jobs: with: containerfiles: Containerfile tags: ${{ steps.meta.outputs.tags }} - + - name: Push image uses: redhat-actions/push-to-registry@v2 with: @@ -58,7 +58,6 @@ jobs: username: ${{ github.actor }} password: ${{ github.token }} - build-and-push-iso: runs-on: ubuntu-latest needs: @@ -73,6 +72,9 @@ jobs: version: - 38 - 39 + outputs: + iso_name-38: ${{ steps.save_output.outputs.iso_name-38 }} + iso_name-39: ${{ steps.save_output.outputs.iso_name-39 }} steps: - name: Checkout repo uses: actions/checkout@v4 @@ -93,6 +95,7 @@ jobs: - name: Build ISO with new container uses: ./ + id: build with: arch: ${{ env.ARCH}} image_name: ${{ env.IMAGE_NAME}} @@ -103,17 +106,22 @@ jobs: flatpak_remote_refs: ${{ env.FLATPAK_REMOTE_REFS }} secure_boot_key_url: ${{ env.SECURE_BOOT_KEY_URL }} enrollment_password: ${{ env.ENROLLMENT_PASSWORD }} + iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso - - name: Rename ISO + - name: Save output + id: save_output + shell: bash run: | - mv build/deploy.iso build/${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso + echo "iso_name-${{ matrix.version }}=${{ steps.build.outputs.iso_name}}" >> $GITHUB_OUTPUT - name: Upload ISO as artifact id: upload uses: actions/upload-artifact@v4 with: - name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso - path: build/*.iso + name: ${{ steps.build.outputs.iso_name }} + path: | + ${{ steps.build.outputs.iso_path }} + ${{ steps.build.outputs.iso_path }}-CHECKSUM if-no-files-found: error retention-days: 0 compression-level: 0 @@ -142,7 +150,7 @@ jobs: - name: Ensure qemu is installed run: | sudo apt-get update - sudo apt-get install -y qemu qemu-utils xorriso unzip qemu-system-x86 netcat socat jq isomd5sum ansible make + sudo apt-get install -y qemu qemu-utils xorriso unzip qemu-system-x86 netcat socat jq isomd5sum ansible make coreutils - name: Create disk run: | @@ -151,14 +159,16 @@ jobs: - name: Download generated ISO uses: actions/download-artifact@v4 with: - name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso + name: ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }} - name: Verify ISO - run: checkisomd5 ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso + run: | + checkisomd5 ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }} + sha256sum -c ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }}-CHECKSUM - name: Run ISO checks run: | - mv ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso deploy.iso + mv ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }} deploy.iso make test-iso VERSION=${{ matrix.version }} FLATPAK_REMOTE_REFS="${{ env.FLATPAK_REMOTE_REFS}}" - name: Add Kickstart and Grub options to ISO @@ -234,8 +244,5 @@ jobs: ansible_user: ${VM_USER} ansible_password: ${VM_PASS} EOF - - cat ansible_inventory make test-vm - diff --git a/Containerfile b/Containerfile index 6ca8af4..7488139 100644 --- a/Containerfile +++ b/Containerfile @@ -11,6 +11,7 @@ ENV VERSION="${VERSION}" ENV WEB_UI="false" RUN mkdir /build-container-installer + COPY / /build-container-installer/ WORKDIR /build-container-installer diff --git a/Makefile b/Makefile index 083a1bd..579545c 100644 --- a/Makefile +++ b/Makefile @@ -45,7 +45,7 @@ ifneq ($(FLATPAK_REMOTE_REFS),) _LORAX_ARGS += -i flatpak-libs endif -# Step 7: Buid end ISO +# Step 7: Build end ISO ## Default action build/deploy.iso: boot.iso container/$(IMAGE_NAME)-$(IMAGE_TAG) xorriso/input.txt mkdir $(_BASE_DIR)/build || true @@ -188,7 +188,7 @@ clean: rm -f $(_BASE_DIR)/*.log || true install-deps: - dnf install -y lorax xorriso skopeo flatpak dbus-daemon ostree + dnf install -y lorax xorriso skopeo flatpak dbus-daemon ostree coreutils test: test-iso test-vm diff --git a/README.md b/README.md index fbe383b..b50912f 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -![Build status](https://github.com/jasonn3/build-container-installer/actions/workflows/build-and-test.yml/badge.svg??event=push) +![Build status](https://github.com/jasonn3/build-container-installer/actions/workflows/build-and-test.yml/badge.svg?event=push) # Build Container Installer Action This action is used to enerate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer` @@ -8,12 +8,28 @@ This action is designed to be called from a GitHub workflow using the following ```yaml - name: Build ISO uses: jasonn3/build-container-installer/v1.0.0 + id: build with: arch: ${{ env.ARCH}} image_name: ${{ env.IMAGE_NAME}} image_repo: ${{ env.IMAGE_REPO}} + image_tag: ${{ env.IMAGE_TAG }} version: ${{ env.VERSION }} variant: ${{ env.VARIANT }} + iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ env.VERSION }}.iso + +# This example is for uploading your ISO as a Github artifact. You can do something similar using any cloud storage, so long as you copy the output +- name: Upload ISO as artifact + id: upload + uses: actions/upload-artifact@v4 + with: + name: ${{ steps.build.outputs.iso_name }} + path: | + ${{ steps.build.outputs.iso_path }} + ${{ steps.build.outputs.iso_path }}-CHECKSUM + if-no-files-found: error + retention-days: 0 + compression-level: 0 ``` See [Customizing](#customizing) for information about customizing the ISO that gets created using `with` @@ -21,49 +37,61 @@ See [Customizing](#customizing) for information about customizing the ISO that g ## Customizing The following variables can be used to customize the created ISO. -| Variable | Description | Default Value | -| ------------------- | -------------------------------------------------------- | -------------------------------------------- | -| ARCH | Architecture for image to build | x86_64 | -| VERSION | Fedora version of installer to build | 39 | -| IMAGE_REPO | Repository containing the source container image | quay.io/fedora-ostree-desktops | -| IMAGE_NAME | Name of the source container image | base | -| IMAGE_TAG | Tag of the source container image | *VERSION* | -| EXTRA_BOOT_PARAMS | Extra params used by grub to boot the anaconda installer | \[empty\] | -| VARIANT | Source container variant\* | Server | -| WEB_UI | Enable Anaconda WebUI (experimental) | false | -| FLATPAK_REMOTE_NAME | Name of the Flatpak repo | flathub | -| FLATPAK_REMOTE_URL | URL to the flatpakrepo file | https://flathub.org/repo/flathub.flatpakrepo | -| FLATPAK_REMOTE_REFS | Space delimited list of Flatpak package refs to install | \[empty\] | +### Inputs +| Variable | Description | Default Value | +| -------------------- | ---------------------------------------------------------------------------- | ------------------------------ | +| additional_templates | Space delimited list of additional Lorax templates to include | \[empty\] | +| arch | Architecture for image to build | x86_64 | +| enrollment_password | Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) | container-installer | +| extra_boot_params | Extra params used by grub to boot the anaconda installer | \[empty\] | +| image_name | Name of the source container image | base | +| image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | +| image_tag | Tag of the source container image | *VERSION* | +| iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | +| secure_boot_key_url | Secure boot key that is installed from URL location\*\* | \[empty\] | +| variant | Source container variant\* | Server | +| version | Fedora version of installer to build | 39 | +| web_ui | Enable Anaconda WebUI (experimental) | false | -Available options for VARIANT can be found by running `dnf provides system-release`. +\*Available options for VARIANT can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinoite +\*\* If you need to reference a local file, you can use `file://*path*` + +### Outputs +| Variable | Description | Usage | +| -------- | ----------------------------------------| ------------------------------------------------ | +| iso_name | The name of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | +| iso_path | The name and path of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | + +For outputs, see example above. + ## Development ### Makefile The Makefile contains all of the commands that are run in the action. There are separate targets for each file generated, however `make` can be used to generate the final image and `make clean` can be used to clean up the workspace. The resulting ISO will be stored in the `build` directory. `make install-deps` can be used to install the necessary packages -See [Customizing](#customizing) for information about customizing the ISO that gets created. +See [Customizing](#customizing) for information about customizing the ISO that gets created. All variable should be specified CAPITALIZED. ### Container A container with `make install-deps` already run is provided at `ghcr.io/jasonn3/build-container-installer:latest` To use the container file, run `docker run --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest`. -This will create an ISO with the baked in defaults of the container image. +This will create an ISO with the baked in defaults of the container image. The resulting file will be called `deploy.iso` -See [Customizing](#customizing) for information about customizing the ISO that gets created. The variable can either be defined as environment variables. +See [Customizing](#customizing) for information about customizing the ISO that gets created. The variable can either be defined as environment variables. All variable should be specified CAPITALIZED. Examples: Building an ISO to install Fedora 38 ```bash -docker run --rm --privileged --volume .:/build-container-installer/build -e VERSION=38 -e IMAGE_NAME=base -e IMAGE_TAG=38 -e VARIANT=Server ghcr.io/jasonn3/build-container-installer:latest +docker run --rm --privileged --volume .:/github/workspace/build ghcr.io/jasonn3/build-container-installer:latest VERSION=38 IMAGE_NAME=base IMAGE_TAG=38 VARIANT=Server ``` Building an ISO to install Fedora 39 ```bash -docker run --rm --privileged --volume .:/build-container-installer/build -e VERSION=39 -e IMAGE_NAME=base -e IMAGE_TAG=39 -e VARIANT=Server ghcr.io/jasonn3/build-container-installer:latest +docker run --rm --privileged --volume .:/github/workspace/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=Server ``` ### VSCode Dev Container @@ -108,4 +136,3 @@ Build a new container image: "privileged": true } ``` - diff --git a/action.yml b/action.yml index 915f119..d4e7861 100644 --- a/action.yml +++ b/action.yml @@ -2,10 +2,36 @@ name: Build Container Installer description: Generates an ISO for installing an OSTree stored in a container image inputs: + action_version: + description: Version of the action container to run + deprecationMessage: No longer used. github.action_ref replaces the need for this. Will be removed in a future version. + required: false + additional_templates: + description: Space delimited list of additional Lorax templates to include + required: false arch: description: Architecture for image to build required: true default: x86_64 + enrollment_password: + description: Used for supporting secure boot (requires secure_boot_key_url to be defined) + required: false + default: "container-installer" + extra_boot_params: + description: Extra params used by grub to boot the anaconda installer + required: false + flatpak_remote_name: + description: Name of the Flatpak remote repo + required: false + default: "flathub" + flatpak_remote_refs: + description: Space delimited list of refs to the flatpak packages to install + required: false + default: "" + flatpak_remote_url: + description: The URL of the Flatpak remote flatpakrepo file + required: false + default: https://flathub.org/repo/flathub.flatpakrepo image_name: description: Name of the source container image required: true @@ -14,6 +40,16 @@ inputs: description: Repository containing the source container image required: true default: quay.io/fedora-ostree-desktops + image_tag: + description: Tag of the source container image. Defaults to the installer version + required: false + iso_name: + description: "Name of the resulting ISO. Relative paths are relative to github.workspace" + required: false + default: build/deploy.iso + secure_boot_key_url: + description: Secure boot key that is installed from URL location + required: false variant: description: "Source container variant. Available options can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinonite" required: true @@ -22,39 +58,18 @@ inputs: description: Fedora version of installer to build required: true default: "39" - image_tag: - description: Tag of the source container image. Defaults to the installer version - required: false web_ui: description: Enable Anaconda WebUI required: false default: "false" - enrollment_password: - description: Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) - required: false - default: "container-installer" - secure_boot_key_url: - description: Secure boot key that is installed from URL location - required: false - action_version: - description: Version of the action container to run - deprecationMessage: No longer used. github.action_ref replaces the need for this. Will be removed in a future version. - required: false - additional_templates: - description: Space delimited list of additional Lorax templates to include - required: false - flatpak_remote_name: - description: Name of the Flatpak remote repo - required: false - default: "flathub" - flatpak_remote_url: - description: The URL of the Flatpak remote flatpakrepo file - required: false - default: https://flathub.org/repo/flathub.flatpakrepo - flatpak_remote_refs: - description: Space delimited list of refs to the flatpak packages to install - required: false - default: "" + +outputs: + iso_name: + value: ${{ steps.rename_iso.outputs.iso_name }} + description: The name of the resulting .iso + iso_path: + value: ${{ steps.rename_iso.outputs.iso_path }} + description: The name and path of the resulting .iso runs: using: composite @@ -65,17 +80,40 @@ runs: # Check if running inside of the action repo if [[ -z "${{ github.action_ref }}" ]]; then if [[ "${{ github.ref_name }}" =~ (.*)/merge ]]; then tag=pr-${BASH_REMATCH[1]}; else tag=${{ github.ref_name }}; fi; fi if [[ -z "${tag}" ]]; then tag=${{ github.action_ref }}; fi - docker run --privileged --volume ${{ github.workspace }}:/github/workspace/ ghcr.io/jasonn3/build-container-installer:${tag} \ + docker run --privileged --volume ${{ github.workspace }}:/github/workspace ghcr.io/jasonn3/build-container-installer:${tag} \ + ADDITIONAL_TEMPLATES="${{ inputs.additional_templates }}" \ ARCH=${{ inputs.arch }} \ + ENROLLMENT_PASSWORD=${{ inputs.enrollment_password }} \ + FLATPAK_REMOTE_NAME=${{ inputs.flatpak_remote_name }} \ + FLATPAK_REMOTE_REFS="${{ inputs.flatpak_remote_refs }}" \ + FLATPAK_REMOTE_URL=${{ inputs.flatpak_remote_url }} \ IMAGE_NAME=${{ inputs.image_name }} \ IMAGE_REPO=${{ inputs.image_repo }} \ + IMAGE_TAG=${{ inputs.image_tag || inputs.version }} \ + SECURE_BOOT_KEY_URL=${{ inputs.secure_boot_key_url }} \ VARIANT=${{ inputs.variant }} \ VERSION=${{ inputs.version }} \ - IMAGE_TAG=${{ inputs.image_tag || inputs.version }} \ - WEB_UI=${{ inputs.web_ui }} \ - ADDITIONAL_TEMPLATES="${{ inputs.additional_templates }}" \ - FLATPAK_REMOTE_NAME=${{ inputs.flatpak_remote_name }} \ - FLATPAK_REMOTE_URL=${{ inputs.flatpak_remote_url }} \ - FLATPAK_REMOTE_REFS="${{ inputs.flatpak_remote_refs }}" - ENROLLMENT_PASSWORD=${{ inputs.enrollment_password }} \ - SECURE_BOOT_KEY_URL=${{ inputs.secure_boot_key_url }} \ + WEB_UI=${{ inputs.web_ui }} + + - name: Rename ISO file + id: rename_iso + shell: bash + run: | + if [[ ! ( "${{ inputs.iso_name }}" =~ \.iso$ ) ]] + then + iso_name="${{ inputs.iso_name }}.iso" + else + iso_name="${{ inputs.iso_name }}" + fi + if [[ "${{ inputs.iso_name }}" =~ ^/ ]] + then + full_path="${iso_name}" + else + full_path="${{ github.workspace }}/${iso_name}" + fi + mv ${{ github.workspace }}/build/deploy.iso ${full_path} || true + cd $(dirname ${full_path}) + iso_fn=$(basename ${iso_name}) + sha256sum ${iso_fn} > ${iso_fn}-CHECKSUM + echo "iso_path=${full_path}" >> $GITHUB_OUTPUT + echo "iso_name=${iso_fn}" >> $GITHUB_OUTPUT diff --git a/entrypoint.sh b/entrypoint.sh index da97b30..c32743b 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -26,5 +26,4 @@ mkdir /github/workspace/build || true # Copy resulting iso to github workspace and fix permissions cp build/deploy.iso /github/workspace/build -chmod -R ugo=rwX /github/workspace/build - +chmod -R ugo=rwx /github/workspace/build