actions/build-container-installer
1
0
Fork 0
mirror of https://github.com/JasonN3/build-container-installer.git synced 2025-12-25 02:47:56 +01:00
Code Releases Activity

add image_signed

Browse source
This commit is contained in:
Jason N. 2024-05-09 16:52:24 -04:00
parent 383427c619
commit 960be92807
4 changed files with 17 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Makefile.inputs
View file

@ -7,6 +7,7 @@ export EXTRA_BOOT_PARAMS :=
export IMAGE_NAME := base
export IMAGE_REPO := quay.io/fedora-ostree-desktops
export IMAGE_TAG = $(VERSION)
export IMAGE_SIGNED := false
REPOS := $(subst :,\:,$(wildcard /etc/yum.repos.d/*.repo))
export ROOTFS_SIZE := 4
export VARIANT := Server

1
README.md
View file

@ -55,6 +55,7 @@ The following variables can be used to customize the created ISO.
| flatpak_remote_url | URL of the flatpakrepo file | <https://flathub.org/repo/flathub.flatpakrepo> | :white_check_mark: | :white_check_mark: |
| image_name | Name of the source container image | base | :white_check_mark: | :white_check_mark: |
| image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | :white_check_mark: | :white_check_mark: |
| image_signed | Whether the container image is signed. The policy to test the signing must be configured inside the container image | false | :white_check_mark: | :white_check_mark: |
| image_tag | Tag of the source container image | *VERSION* | :white_check_mark: | :white_check_mark: |
| iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | :white_check_mark: | :white_check_mark: |
| make_target | Overrides the default make target | *ISO_NAME*-Checksum | :white_check_mark: | :x: |

5
action.yml
View file

@ -59,6 +59,10 @@ inputs:
description: Repository containing the source container image
required: true
default: quay.io/fedora-ostree-desktops
image_signed:
description: Whether the container image is signed. The policy to test the signing must be configured inside the container image
required: false
default: "true"
image_tag:
description: Tag of the source container image. Defaults to the installer version
required: false
@ -209,6 +213,7 @@ runs:
FLATPAK_DIR="${{ steps.flatpak_dependencies.outputs.flatpak_dir && format('/github/workspace/{0}', steps.flatpak_dependencies.outputs.flatpak_dir) || '' }}" \
IMAGE_NAME="${{ inputs.image_name }}" \
IMAGE_REPO="${{ inputs.image_repo }}" \
IMAGE_SIGNED="${{ inputs.image_signed }}" \
IMAGE_TAG="${{ inputs.image_tag || inputs.version }}" \
ISO_NAME=/github/workspace/${{ inputs.iso_name }} \
${{ inputs.repos && format('REPOS="{0}"', inputs.repos) || '' }} \

11
lorax_templates/scripts/post/install_configure_upgrades
View file

@ -1,7 +1,16 @@
<%page args="image_repo, _image_repo_double_escaped, image_name, image_tag, _rhel, version"/>
<%page args="image_repo, _image_repo_double_escaped, image_name, image_signed, image_tag, _rhel, version"/>
if (which bootc &> /dev/null) && [ ${_rhel} == 'false' && ${version} -ge 39 ]
then
% if image_signed == 'true':
bootc switch --mutate-in-place --enforce-container-sigpolicy --transport registry ${image_repo}/${image_name}:${image_tag}
% else:
bootc switch --mutate-in-place --enforce-container-sigpolicy --transport registry ${image_repo}/${image_name}:${image_tag}
% endif
else
% if image_signed == 'true':
sed -i 's/container-image-reference=.*/container-image-reference=ostree-image-signed:docker:\/\/${_image_repo_double_escaped}\/${image_name}:${image_tag}/' /ostree/deploy/default/deploy/*.origin
% else:
sed -i 's/container-image-reference=.*/container-image-reference=ostree-unverified-image:docker:\/\/${_image_repo_double_escaped}\/${image_name}:${image_tag}/' /ostree/deploy/default/deploy/*.origin
% endif
fi