diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index ad1a839..e82b395 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -15,6 +15,7 @@ env: IMAGE_REPO: 'quay.io/fedora-ostree-desktops' IMAGE_TAG: '39' VARIANT: 'Server' + FLATPAK_REMOTE_REFS: app/org.videolan.VLC/x86_64/stable runtime/org.kde.Platform/x86_64/5.15-23.08 SECURE_BOOT_KEY_URL: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' ENROLLMENT_PASSWORD: 'container-installer' @@ -27,6 +28,8 @@ jobs: steps: - name: Checkout repo uses: actions/checkout@v4 + with: + submodules: recursive - name: Docker meta id: meta @@ -62,7 +65,9 @@ jobs: permissions: contents: read packages: write + continue-on-error: false strategy: + fail-fast: false matrix: version: - 38 @@ -98,6 +103,7 @@ jobs: image_tag: ${{ env.IMAGE_TAG }} version: ${{ matrix.version }} variant: ${{ env.VARIANT }} + flatpak_remote_refs: ${{ env.FLATPAK_REMOTE_REFS }} secure_boot_key_url: ${{ env.SECURE_BOOT_KEY_URL }} enrollment_password: ${{ env.ENROLLMENT_PASSWORD }} iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso @@ -128,7 +134,9 @@ jobs: permissions: contents: read packages: write + continue-on-error: false strategy: + fail-fast: false matrix: version: - 38 @@ -136,6 +144,8 @@ jobs: steps: - name: Checkout repo uses: actions/checkout@v4 + with: + submodules: recursive - name: Ensure qemu is installed run: | @@ -159,7 +169,7 @@ jobs: - name: Run ISO checks run: | mv ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }} deploy.iso - make test-iso VERSION=${{ matrix.version }} + make test-iso VERSION=${{ matrix.version }} FLATPAK_REMOTE_REFS="${{ env.FLATPAK_REMOTE_REFS}}" - name: Add Kickstart and Grub options to ISO run: | @@ -203,11 +213,15 @@ jobs: env: VM_USER: core VM_PASS: foobar + VM_IP: "127.0.0.1" + VM_PORT: "5555" run: | mkfifo vm.stdin qemu-system-x86_64 -name "Anaconda" \ -m 4096 -cpu qemu64 -display none -smp 2 \ -chardev socket,path=/tmp/qga.sock,server,nowait,id=qga0 \ + -device e1000,netdev=net0 \ + -netdev user,id=net0,hostfwd=tcp::${VM_PORT}-:22 \ -device virtio-serial \ -device virtserialport,chardev=qga0,name=org.qemu.guest_agent.0 \ -boot c -hda disk.qcow2 -serial telnet:localhost:4321,server,nowait & export QEMU_PID=$! @@ -218,18 +232,23 @@ jobs: timeout 30m bash -c "while ! (grep 'login:' vm.stdout); do sleep 1; done" - export VM_IP=$({ echo '{"execute": "guest-network-get-interfaces"}'; sleep 2; } | socat unix-connect:/tmp/qga.sock - | jq -r '.return[1]["ip-addresses"][] | select(."ip-address-type"=="ipv4") | .["ip-address"]') - if ! (echo > /dev/tcp/${VM_IP}/22) + if ! (echo > /dev/tcp/${VM_IP}/${VM_PORT}) then echo "SSH must be installed and enabled inside the container" fi - echo "VM ready for tests at IP ${VM_IP}" - for check in $(ls tests/vm) - do - if [[ -f $check && $check != "README.md" ]] - then - chmod +x $check - ./${check} - fi - done + echo "VM ready for tests at IP ${VM_IP}:${VM_PORT}" + echo "Creating Ansible inventory" + cat << EOF > ansible_inventory + ungrouped: + hosts: + vm: + ansible_host: ${VM_IP} + ansible_port: ${VM_PORT} + ansible_user: ${VM_USER} + ansible_password: ${VM_PASS} + ansible_ssh_common_args: '-o StrictHostKeyChecking=no' + EOF + + #make test-vm + kill $QEMU_PID diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..fe51240 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,4 @@ +[submodule "external/fedora-lorax-templates"] + path = external/fedora-lorax-templates + url = https://pagure.io/fedora-lorax-templates.git + branch = f39 diff --git a/Makefile b/Makefile index a21d1be..4849aca 100644 --- a/Makefile +++ b/Makefile @@ -8,6 +8,10 @@ IMAGE_TAG = $(VERSION) VARIANT = Server WEB_UI = false REPOS = /etc/yum.repos.d/fedora.repo /etc/yum.repos.d/fedora-updates.repo +ADDITIONAL_TEMPLATES = +FLATPAK_REMOTE_NAME = flathub +FLATPAK_REMOTE_URL = https://flathub.org/repo/flathub.flatpakrepo +FLATPAK_REMOTE_REFS = ENROLLMENT_PASSWORD = SECURE_BOOT_KEY_URL = ADDITIONAL_TEMPLATES = @@ -22,7 +26,10 @@ _IMAGE_REPO_DOUBLE_ESCAPED = $(subst \,\\\,$(_IMAGE_REPO_ESCAPED)) _VOLID = $(firstword $(subst -, ,$(IMAGE_NAME)))-$(ARCH)-$(IMAGE_TAG) _REPO_FILES = $(subst /etc/yum.repos.d,repos,$(REPOS)) _LORAX_TEMPLATES = $(subst .in,,$(shell ls lorax_templates/*.tmpl.in)) $(foreach file,$(shell ls lorax_templates/scripts/post),lorax_templates/post_$(file).tmpl) -_TEMPLATE_VARS = ARCH VERSION IMAGE_REPO IMAGE_NAME IMAGE_TAG VARIANT WEB_UI REPOS _IMAGE_REPO_ESCAPED _IMAGE_REPO_DOUBLE_ESCAPED ENROLLMENT_PASSWORD +_EXTERNAL_TEMPLATES = fedora-lorax-templates/ostree-based-installer/lorax-embed-flatpaks.tmpl +_FLATPAK_REPO_URL = $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^URL=' | cut -d= -f2) +_FLATPAK_REPO_GPG = $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^GPGKey=' | cut -d= -f2) +_TEMPLATE_VARS = ARCH VERSION IMAGE_REPO IMAGE_NAME IMAGE_TAG VARIANT WEB_UI REPOS _IMAGE_REPO_ESCAPED _IMAGE_REPO_DOUBLE_ESCAPED FLATPAK_REMOTE_NAME FLATPAK_REMOTE_URL FLATPAK_REMOTE_REFS _FLATPAK_REPO_URL _FLATPAK_REPO_GPG ENROLLMENT_PASSWORD ifeq ($(VARIANT),Server) _LORAX_ARGS = --macboot --noupgrade @@ -34,6 +41,10 @@ ifeq ($(WEB_UI),true) _LORAX_ARGS += -i anaconda-webui endif +ifneq ($(FLATPAK_REMOTE_REFS),) +_LORAX_ARGS += -i flatpak-libs +endif + # Step 7: Build end ISO ## Default action build/deploy.iso: boot.iso container/$(IMAGE_NAME)-$(IMAGE_TAG) xorriso/input.txt @@ -84,7 +95,6 @@ lorax_templates/post_%.tmpl: lorax_templates/scripts/post/% do \ if [[ $$line =~ ^\<\% ]]; \ then \ - echo $$line >> lorax_templates/post_$*.tmpl; \ echo >> lorax_templates/post_$*.tmpl; \ else \ if [[ $$header == 0 ]]; \ @@ -111,7 +121,6 @@ lorax_templates/%.tmpl: lorax_templates/%.tmpl.in $(eval _VARS = IMAGE_NAME IMAGE_TAG _IMAGE_REPO_DOUBLE_ESCAPED _IMAGE_REPO_ESCAPED) $(foreach var,$(_VARS),$(var)=$($(var))) envsubst '$(foreach var,$(_VARS),$$$(var))' < $(_BASE_DIR)/lorax_templates/$*.tmpl.in > $(_BASE_DIR)/lorax_templates/$*.tmpl - # Step 2: Replace vars in repo files repos/%.repo: /etc/yum.repos.d/%.repo mkdir repos || true @@ -139,6 +148,8 @@ boot.iso: $(_LORAX_TEMPLATES) $(_REPO_FILES) $(foreach file,$(_REPO_FILES),--repo $(_BASE_DIR)/$(file)) \ $(foreach file,$(_LORAX_TEMPLATES),--add-template $(_BASE_DIR)/$(file)) \ $(foreach file,$(ADDITIONAL_TEMPLATES),--add-template $(file)) \ + $(foreach file,$(_FLATPAK_TEMPLATES),--add-template $(file)) \ + $(foreach file,$(_EXTERNAL_TEMPLATES),--add-template $(_BASE_DIR)/external/$(file)) \ --rootfs-size $(ROOTFS_SIZE) \ $(foreach var,$(_TEMPLATE_VARS),--add-template-var "$(shell echo $(var) | tr '[:upper:]' '[:lower:]')=$($(var))") \ $(_BASE_DIR)/results/ @@ -177,12 +188,34 @@ clean: rm -f $(_BASE_DIR)/*.log || true install-deps: - dnf install -y lorax xorriso skopeo coreutils + dnf install -y lorax xorriso skopeo flatpak dbus-daemon ostree coreutils + +test: test-iso test-vm test-iso: $(eval _TESTS = $(filter-out README.md,$(shell ls tests/iso))) - $(foreach test,$(_TESTS),chmod +x tests/iso/$(test)) - $(foreach test,$(_TESTS),./tests/iso/$(test) deploy.iso) - -.PHONY: clean install-deps + $(eval _VARS = VERSION FLATPAK_REMOTE_NAME _FLATPAK_REPO_URL) + sudo apt-get update + sudo apt-get install -y squashfs-tools + sudo modprobe loop + sudo mkdir /mnt/iso /mnt/install + sudo mount -o loop deploy.iso /mnt/iso + sudo mount -t squashfs -o loop /mnt/iso/images/install.img /mnt/install + + chmod +x $(foreach test,$(_TESTS),tests/iso/$(test)) + for test in $(_TESTS); \ + do \ + $(foreach var,$(_VARS),$(var)=$($(var))) ./tests/iso/$${test}; \ + done + + # Cleanup + sudo umount /mnt/install + sudo umount /mnt/iso + +test-vm: + $(eval _TESTS = $(filter-out README.md,$(shell ls tests/vm))) + chmod +x $(foreach test,$(_TESTS),tests/vm/$(test)) + for test in $(_TESTS); do ./tests/vm/$${test} deploy.iso; done + +.PHONY: clean install-deps test test-iso test-vm diff --git a/README.md b/README.md index cdc4119..b50912f 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -![Build status](https://github.com/jasonn3/build-container-installer/actions/workflows/build-and-test.yml/badge.svg??event=push) +![Build status](https://github.com/jasonn3/build-container-installer/actions/workflows/build-and-test.yml/badge.svg?event=push) # Build Container Installer Action This action is used to enerate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer` diff --git a/action.yml b/action.yml index 75c7fb5..d4e7861 100644 --- a/action.yml +++ b/action.yml @@ -20,6 +20,18 @@ inputs: extra_boot_params: description: Extra params used by grub to boot the anaconda installer required: false + flatpak_remote_name: + description: Name of the Flatpak remote repo + required: false + default: "flathub" + flatpak_remote_refs: + description: Space delimited list of refs to the flatpak packages to install + required: false + default: "" + flatpak_remote_url: + description: The URL of the Flatpak remote flatpakrepo file + required: false + default: https://flathub.org/repo/flathub.flatpakrepo image_name: description: Name of the source container image required: true @@ -69,17 +81,19 @@ runs: if [[ -z "${{ github.action_ref }}" ]]; then if [[ "${{ github.ref_name }}" =~ (.*)/merge ]]; then tag=pr-${BASH_REMATCH[1]}; else tag=${{ github.ref_name }}; fi; fi if [[ -z "${tag}" ]]; then tag=${{ github.action_ref }}; fi docker run --privileged --volume ${{ github.workspace }}:/github/workspace ghcr.io/jasonn3/build-container-installer:${tag} \ + ADDITIONAL_TEMPLATES="${{ inputs.additional_templates }}" \ ARCH=${{ inputs.arch }} \ + ENROLLMENT_PASSWORD=${{ inputs.enrollment_password }} \ + FLATPAK_REMOTE_NAME=${{ inputs.flatpak_remote_name }} \ + FLATPAK_REMOTE_REFS="${{ inputs.flatpak_remote_refs }}" \ + FLATPAK_REMOTE_URL=${{ inputs.flatpak_remote_url }} \ IMAGE_NAME=${{ inputs.image_name }} \ IMAGE_REPO=${{ inputs.image_repo }} \ + IMAGE_TAG=${{ inputs.image_tag || inputs.version }} \ + SECURE_BOOT_KEY_URL=${{ inputs.secure_boot_key_url }} \ VARIANT=${{ inputs.variant }} \ VERSION=${{ inputs.version }} \ - IMAGE_TAG=${{ inputs.image_tag || inputs.version }} \ - WEB_UI=${{ inputs.web_ui }} \ - ISO_NAME=${{ inputs.iso_name }} \ - ENROLLMENT_PASSWORD=${{ inputs.enrollment_password }} \ - SECURE_BOOT_KEY_URL=${{ inputs.secure_boot_key_url }} \ - "ADDITIONAL_TEMPLATES=${{ inputs.additional_templates }}" + WEB_UI=${{ inputs.web_ui }} - name: Rename ISO file id: rename_iso diff --git a/entrypoint.sh b/entrypoint.sh index 3f78761..c32743b 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -2,19 +2,24 @@ set -ex -for entry in $@ +# Create /dev/loop0 if it doesn't already exist. `losetup` has an issue creating it during the first run +mknod -m 0660 /dev/loop0 b 7 0 2>/dev/null || true + +for i do - export $entry + key=$(echo ${i} | cut -d= -f1) + value=$(echo ${i} | cut -d= -f2-) + export ${key}="${value}" done # Pull container -make container/${IMAGE_NAME}-${IMAGE_TAG} $@ +make container/${IMAGE_NAME}-${IMAGE_TAG} "$@" # Build base ISO -make boot.iso $@ +make boot.iso "$@" # Add container to ISO -make build/deploy.iso $@ +make build/deploy.iso "$@" # Make output dir in github workspace mkdir /github/workspace/build || true diff --git a/lorax_templates/scripts/post/configure_flatpak b/lorax_templates/scripts/post/configure_flatpak new file mode 100644 index 0000000..1c54a7f --- /dev/null +++ b/lorax_templates/scripts/post/configure_flatpak @@ -0,0 +1,11 @@ +<%page args="_flatpak_repo_gpg"/> + +if [[ -d /ostree/deploy/default/var/lib/flatpak/repo ]] +then + echo ${_flatpak_repo_gpg} | base64 -d > /ostree/deploy/default/var/lib/flatpak/repo/flathub.trustedkeys.gpg +elif [[ -d /var/lib/flatpak/repo ]] +then + echo ${_flatpak_repo_gpg} | base64 -d > /var/lib/flatpak/repo/flathub.trustedkeys.gpg +else + echo "Could not find Flatpaks repo" +fi diff --git a/lorax_templates/set_flatpak_repo.tmpl.in b/lorax_templates/set_flatpak_repo.tmpl.in new file mode 100644 index 0000000..622e9a1 --- /dev/null +++ b/lorax_templates/set_flatpak_repo.tmpl.in @@ -0,0 +1,4 @@ +<%page args="flatpak_remote_name, _flatpak_repo_url"/> + +replace "flatpak_manager\.add_remote\(\".*\", \".*\"\)" "flatpak_manager.add_remote(\"${flatpak_remote_name}\", \"${_flatpak_repo_url}\")" /usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py +replace "flatpak_manager\.replace_installed_refs_remote\(\".*\"\)" "flatpak_manager.replace_installed_refs_remote(\"${flatpak_remote_name}\")" /usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py diff --git a/tests/iso/os-release.sh b/tests/iso/os-release.sh index ea066bc..ccef46c 100644 --- a/tests/iso/os-release.sh +++ b/tests/iso/os-release.sh @@ -1,24 +1,7 @@ #!/bin/bash -iso=$1 - -sudo apt-get update -sudo apt-get install -y squashfs-tools - -sudo mkdir /mnt/{iso,install} - -# Mount ISO -sudo mount -o loop $iso /mnt/iso - -# Mount squashfs -sudo mount -t squashfs -o loop /mnt/iso/images/install.img /mnt/install - FOUND_VERSION=$(cat /mnt/install/etc/os-release | grep VERSION_ID | cut -d= -f2) -# Cleanup -sudo umount /mnt/install -sudo umount /mnt/iso - if [[ ${FOUND_VERSION} != ${VERSION} ]] then echo "Version mismatch" diff --git a/tests/iso/verify_flatpakrepo_updated.sh b/tests/iso/verify_flatpakrepo_updated.sh new file mode 100644 index 0000000..b5ee240 --- /dev/null +++ b/tests/iso/verify_flatpakrepo_updated.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +add_line=$(grep flatpak_manager.add_remote /mnt/install/usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py) + +add_line_repo=$(echo ${add_line} | grep ${FLATPAK_REMOTE_NAME}) +add_line_url=$(echo ${add_line} | grep ${_FLATPAK_REPO_URL}) + +result=0 +if [ -z "${add_line_repo}" ] +then + echo "Repo name not updated on add_remote line" + result=1 +else + echo "Repo name found on add_remote line" +fi + +if [ -z "${add_line_url}" ] +then + echo "Repo url not updated on add_remote line" + result=1 +else + echo "Repo url found on add_remote line" +fi + +replace_line=$(grep flatpak_manager.replace_installed_refs_remote /mnt/install/usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py) + +replace_line_repo=$(echo ${replace_line} | grep ${FLATPAK_REMOTE_NAME}) + +if [ -z "${replace_line_repo}" ] +then + echo "Repo name not updated on replace_installed_refs line" + result=1 +else + echo "Repo name found on replace_installed_refs line" +fi + +exit ${result} \ No newline at end of file diff --git a/tests/vm/flatpak.yml b/tests/vm/flatpak.yml new file mode 100644 index 0000000..6f46263 --- /dev/null +++ b/tests/vm/flatpak.yml @@ -0,0 +1,10 @@ +#!/usr/bin/env -S ansible-playbook -i ./ansible_inventory +--- +- name: Test for flatpaks + hosts: vm + gather_facts: no + + tasks: + - name: Test updating flatpak packages + ansible.builtin.command: + cmd: /usr/bin/flatpak update -y