actions/build-container-installer
1
0
Fork 0
mirror of https://github.com/JasonN3/build-container-installer.git synced 2025-12-25 02:47:56 +01:00
Code Releases Activity

Add flatpaks (#32)

Browse source
This commit is contained in:
Jason N 2024-03-10 23:39:22 -04:00 committed by GitHub
parent 54d89036fb
commit bfa150ceeb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 169 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

43
.github/workflows/build-and-test.yml vendored
View file

@ -15,6 +15,7 @@ env:
IMAGE_REPO: 'quay.io/fedora-ostree-desktops' IMAGE_REPO: 'quay.io/fedora-ostree-desktops'
IMAGE_TAG: '39' IMAGE_TAG: '39'
VARIANT: 'Server' VARIANT: 'Server'
FLATPAK_REMOTE_REFS: app/org.videolan.VLC/x86_64/stable runtime/org.kde.Platform/x86_64/5.15-23.08
SECURE_BOOT_KEY_URL: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' SECURE_BOOT_KEY_URL: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der'
ENROLLMENT_PASSWORD: 'container-installer' ENROLLMENT_PASSWORD: 'container-installer'
@ -27,6 +28,8 @@ jobs:
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
submodules: recursive
- name: Docker meta - name: Docker meta
id: meta id: meta
@ -62,7 +65,9 @@ jobs:
permissions: permissions:
contents: read contents: read
packages: write packages: write
continue-on-error: false
strategy: strategy:
fail-fast: false
matrix: matrix:
version: version:
- 38 - 38
@ -98,6 +103,7 @@ jobs:
image_tag: ${{ env.IMAGE_TAG }} image_tag: ${{ env.IMAGE_TAG }}
version: ${{ matrix.version }} version: ${{ matrix.version }}
variant: ${{ env.VARIANT }} variant: ${{ env.VARIANT }}
flatpak_remote_refs: ${{ env.FLATPAK_REMOTE_REFS }}
secure_boot_key_url: ${{ env.SECURE_BOOT_KEY_URL }} secure_boot_key_url: ${{ env.SECURE_BOOT_KEY_URL }}
enrollment_password: ${{ env.ENROLLMENT_PASSWORD }} enrollment_password: ${{ env.ENROLLMENT_PASSWORD }}
iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ matrix.version }}.iso
@ -128,7 +134,9 @@ jobs:
permissions: permissions:
contents: read contents: read
packages: write packages: write
continue-on-error: false
strategy: strategy:
fail-fast: false
matrix: matrix:
version: version:
- 38 - 38
@ -136,6 +144,8 @@ jobs:
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@v4 uses: actions/checkout@v4
with:
submodules: recursive
- name: Ensure qemu is installed - name: Ensure qemu is installed
run: | run: |
@ -159,7 +169,7 @@ jobs:
- name: Run ISO checks - name: Run ISO checks
run: | run: |
mv ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }} deploy.iso mv ${{ needs['build-and-push-iso']['outputs'][format('iso_name-{0}', matrix.version)] }} deploy.iso
make test-iso VERSION=${{ matrix.version }} make test-iso VERSION=${{ matrix.version }} FLATPAK_REMOTE_REFS="${{ env.FLATPAK_REMOTE_REFS}}"
- name: Add Kickstart and Grub options to ISO - name: Add Kickstart and Grub options to ISO
run: | run: |
@ -203,11 +213,15 @@ jobs:
env: env:
VM_USER: core VM_USER: core
VM_PASS: foobar VM_PASS: foobar
VM_IP: "127.0.0.1"
VM_PORT: "5555"
run: | run: |
mkfifo vm.stdin mkfifo vm.stdin
qemu-system-x86_64 -name "Anaconda" \ qemu-system-x86_64 -name "Anaconda" \
-m 4096 -cpu qemu64 -display none -smp 2 \ -m 4096 -cpu qemu64 -display none -smp 2 \
-chardev socket,path=/tmp/qga.sock,server,nowait,id=qga0 \ -chardev socket,path=/tmp/qga.sock,server,nowait,id=qga0 \
-device e1000,netdev=net0 \
-netdev user,id=net0,hostfwd=tcp::${VM_PORT}-:22 \
-device virtio-serial \ -device virtio-serial \
-device virtserialport,chardev=qga0,name=org.qemu.guest_agent.0 \ -device virtserialport,chardev=qga0,name=org.qemu.guest_agent.0 \
-boot c -hda disk.qcow2 -serial telnet:localhost:4321,server,nowait & export QEMU_PID=$! -boot c -hda disk.qcow2 -serial telnet:localhost:4321,server,nowait & export QEMU_PID=$!
@ -218,18 +232,23 @@ jobs:
timeout 30m bash -c "while ! (grep 'login:' vm.stdout); do sleep 1; done" timeout 30m bash -c "while ! (grep 'login:' vm.stdout); do sleep 1; done"
export VM_IP=$({ echo '{"execute": "guest-network-get-interfaces"}'; sleep 2; } | socat unix-connect:/tmp/qga.sock - | jq -r '.return[1]["ip-addresses"][] | select(."ip-address-type"=="ipv4") | .["ip-address"]') if ! (echo > /dev/tcp/${VM_IP}/${VM_PORT})
if ! (echo > /dev/tcp/${VM_IP}/22)
then then
echo "SSH must be installed and enabled inside the container" echo "SSH must be installed and enabled inside the container"
fi fi
echo "VM ready for tests at IP ${VM_IP}" echo "VM ready for tests at IP ${VM_IP}:${VM_PORT}"
for check in $(ls tests/vm) echo "Creating Ansible inventory"
do cat << EOF > ansible_inventory
if [[ -f $check && $check != "README.md" ]] ungrouped:
then hosts:
chmod +x $check vm:
./${check} ansible_host: ${VM_IP}
fi ansible_port: ${VM_PORT}
done ansible_user: ${VM_USER}
ansible_password: ${VM_PASS}
ansible_ssh_common_args: '-o StrictHostKeyChecking=no'
EOF
#make test-vm
kill $QEMU_PID

4
.gitmodules vendored Normal file
View file

@ -0,0 +1,4 @@
[submodule "external/fedora-lorax-templates"]
path = external/fedora-lorax-templates
url = https://pagure.io/fedora-lorax-templates.git
branch = f39

49
Makefile
View file

@ -8,6 +8,10 @@ IMAGE_TAG = $(VERSION)
VARIANT = Server VARIANT = Server
WEB_UI = false WEB_UI = false
REPOS = /etc/yum.repos.d/fedora.repo /etc/yum.repos.d/fedora-updates.repo REPOS = /etc/yum.repos.d/fedora.repo /etc/yum.repos.d/fedora-updates.repo
ADDITIONAL_TEMPLATES =
FLATPAK_REMOTE_NAME = flathub
FLATPAK_REMOTE_URL = https://flathub.org/repo/flathub.flatpakrepo
FLATPAK_REMOTE_REFS =
ENROLLMENT_PASSWORD = ENROLLMENT_PASSWORD =
SECURE_BOOT_KEY_URL = SECURE_BOOT_KEY_URL =
ADDITIONAL_TEMPLATES = ADDITIONAL_TEMPLATES =
@ -22,7 +26,10 @@ _IMAGE_REPO_DOUBLE_ESCAPED = $(subst \,\\\,$(_IMAGE_REPO_ESCAPED))
_VOLID = $(firstword $(subst -, ,$(IMAGE_NAME)))-$(ARCH)-$(IMAGE_TAG) _VOLID = $(firstword $(subst -, ,$(IMAGE_NAME)))-$(ARCH)-$(IMAGE_TAG)
_REPO_FILES = $(subst /etc/yum.repos.d,repos,$(REPOS)) _REPO_FILES = $(subst /etc/yum.repos.d,repos,$(REPOS))
_LORAX_TEMPLATES = $(subst .in,,$(shell ls lorax_templates/*.tmpl.in)) $(foreach file,$(shell ls lorax_templates/scripts/post),lorax_templates/post_$(file).tmpl) _LORAX_TEMPLATES = $(subst .in,,$(shell ls lorax_templates/*.tmpl.in)) $(foreach file,$(shell ls lorax_templates/scripts/post),lorax_templates/post_$(file).tmpl)
_TEMPLATE_VARS = ARCH VERSION IMAGE_REPO IMAGE_NAME IMAGE_TAG VARIANT WEB_UI REPOS _IMAGE_REPO_ESCAPED _IMAGE_REPO_DOUBLE_ESCAPED ENROLLMENT_PASSWORD _EXTERNAL_TEMPLATES = fedora-lorax-templates/ostree-based-installer/lorax-embed-flatpaks.tmpl
_FLATPAK_REPO_URL = $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^URL=' | cut -d= -f2)
_FLATPAK_REPO_GPG = $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^GPGKey=' | cut -d= -f2)
_TEMPLATE_VARS = ARCH VERSION IMAGE_REPO IMAGE_NAME IMAGE_TAG VARIANT WEB_UI REPOS _IMAGE_REPO_ESCAPED _IMAGE_REPO_DOUBLE_ESCAPED FLATPAK_REMOTE_NAME FLATPAK_REMOTE_URL FLATPAK_REMOTE_REFS _FLATPAK_REPO_URL _FLATPAK_REPO_GPG ENROLLMENT_PASSWORD
ifeq ($(VARIANT),Server) ifeq ($(VARIANT),Server)
_LORAX_ARGS = --macboot --noupgrade _LORAX_ARGS = --macboot --noupgrade
@ -34,6 +41,10 @@ ifeq ($(WEB_UI),true)
_LORAX_ARGS += -i anaconda-webui _LORAX_ARGS += -i anaconda-webui
endif endif
ifneq ($(FLATPAK_REMOTE_REFS),)
_LORAX_ARGS += -i flatpak-libs
endif
# Step 7: Build end ISO # Step 7: Build end ISO
## Default action ## Default action
build/deploy.iso: boot.iso container/$(IMAGE_NAME)-$(IMAGE_TAG) xorriso/input.txt build/deploy.iso: boot.iso container/$(IMAGE_NAME)-$(IMAGE_TAG) xorriso/input.txt
@ -84,7 +95,6 @@ lorax_templates/post_%.tmpl: lorax_templates/scripts/post/%
do \ do \
if [[ $$line =~ ^\<\% ]]; \ if [[ $$line =~ ^\<\% ]]; \
then \ then \
echo $$line >> lorax_templates/post_$*.tmpl; \
echo >> lorax_templates/post_$*.tmpl; \ echo >> lorax_templates/post_$*.tmpl; \
else \ else \
if [[ $$header == 0 ]]; \ if [[ $$header == 0 ]]; \
@ -111,7 +121,6 @@ lorax_templates/%.tmpl: lorax_templates/%.tmpl.in
$(eval _VARS = IMAGE_NAME IMAGE_TAG _IMAGE_REPO_DOUBLE_ESCAPED _IMAGE_REPO_ESCAPED) $(eval _VARS = IMAGE_NAME IMAGE_TAG _IMAGE_REPO_DOUBLE_ESCAPED _IMAGE_REPO_ESCAPED)
$(foreach var,$(_VARS),$(var)=$($(var))) envsubst '$(foreach var,$(_VARS),$$$(var))' < $(_BASE_DIR)/lorax_templates/$*.tmpl.in > $(_BASE_DIR)/lorax_templates/$*.tmpl $(foreach var,$(_VARS),$(var)=$($(var))) envsubst '$(foreach var,$(_VARS),$$$(var))' < $(_BASE_DIR)/lorax_templates/$*.tmpl.in > $(_BASE_DIR)/lorax_templates/$*.tmpl
# Step 2: Replace vars in repo files # Step 2: Replace vars in repo files
repos/%.repo: /etc/yum.repos.d/%.repo repos/%.repo: /etc/yum.repos.d/%.repo
mkdir repos || true mkdir repos || true
@ -139,6 +148,8 @@ boot.iso: $(_LORAX_TEMPLATES) $(_REPO_FILES)
$(foreach file,$(_REPO_FILES),--repo $(_BASE_DIR)/$(file)) \ $(foreach file,$(_REPO_FILES),--repo $(_BASE_DIR)/$(file)) \
$(foreach file,$(_LORAX_TEMPLATES),--add-template $(_BASE_DIR)/$(file)) \ $(foreach file,$(_LORAX_TEMPLATES),--add-template $(_BASE_DIR)/$(file)) \
$(foreach file,$(ADDITIONAL_TEMPLATES),--add-template $(file)) \ $(foreach file,$(ADDITIONAL_TEMPLATES),--add-template $(file)) \
$(foreach file,$(_FLATPAK_TEMPLATES),--add-template $(file)) \
$(foreach file,$(_EXTERNAL_TEMPLATES),--add-template $(_BASE_DIR)/external/$(file)) \
--rootfs-size $(ROOTFS_SIZE) \ --rootfs-size $(ROOTFS_SIZE) \
$(foreach var,$(_TEMPLATE_VARS),--add-template-var "$(shell echo $(var) | tr '[:upper:]' '[:lower:]')=$($(var))") \ $(foreach var,$(_TEMPLATE_VARS),--add-template-var "$(shell echo $(var) | tr '[:upper:]' '[:lower:]')=$($(var))") \
$(_BASE_DIR)/results/ $(_BASE_DIR)/results/
@ -177,12 +188,34 @@ clean:
rm -f $(_BASE_DIR)/*.log || true rm -f $(_BASE_DIR)/*.log || true
install-deps: install-deps:
dnf install -y lorax xorriso skopeo coreutils dnf install -y lorax xorriso skopeo flatpak dbus-daemon ostree coreutils
test: test-iso test-vm
test-iso: test-iso:
$(eval _TESTS = $(filter-out README.md,$(shell ls tests/iso))) $(eval _TESTS = $(filter-out README.md,$(shell ls tests/iso)))
$(foreach test,$(_TESTS),chmod +x tests/iso/$(test)) $(eval _VARS = VERSION FLATPAK_REMOTE_NAME _FLATPAK_REPO_URL)
$(foreach test,$(_TESTS),./tests/iso/$(test) deploy.iso)
.PHONY: clean install-deps
sudo apt-get update
sudo apt-get install -y squashfs-tools
sudo modprobe loop
sudo mkdir /mnt/iso /mnt/install
sudo mount -o loop deploy.iso /mnt/iso
sudo mount -t squashfs -o loop /mnt/iso/images/install.img /mnt/install
chmod +x $(foreach test,$(_TESTS),tests/iso/$(test))
for test in $(_TESTS); \
do \
$(foreach var,$(_VARS),$(var)=$($(var))) ./tests/iso/$${test}; \
done
# Cleanup
sudo umount /mnt/install
sudo umount /mnt/iso
test-vm:
$(eval _TESTS = $(filter-out README.md,$(shell ls tests/vm)))
chmod +x $(foreach test,$(_TESTS),tests/vm/$(test))
for test in $(_TESTS); do ./tests/vm/$${test} deploy.iso; done
.PHONY: clean install-deps test test-iso test-vm

2
README.md
View file

@ -1,4 +1,4 @@
![Build status](https://github.com/jasonn3/build-container-installer/actions/workflows/build-and-test.yml/badge.svg??event=push) ![Build status](https://github.com/jasonn3/build-container-installer/actions/workflows/build-and-test.yml/badge.svg?event=push)
# Build Container Installer Action # Build Container Installer Action
This action is used to enerate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer` This action is used to enerate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer`

26
action.yml
View file

@ -20,6 +20,18 @@ inputs:
extra_boot_params: extra_boot_params:
description: Extra params used by grub to boot the anaconda installer description: Extra params used by grub to boot the anaconda installer
required: false required: false
flatpak_remote_name:
description: Name of the Flatpak remote repo
required: false
default: "flathub"
flatpak_remote_refs:
description: Space delimited list of refs to the flatpak packages to install
required: false
default: ""
flatpak_remote_url:
description: The URL of the Flatpak remote flatpakrepo file
required: false
default: https://flathub.org/repo/flathub.flatpakrepo
image_name: image_name:
description: Name of the source container image description: Name of the source container image
required: true required: true
@ -69,17 +81,19 @@ runs:
if [[ -z "${{ github.action_ref }}" ]]; then if [[ "${{ github.ref_name }}" =~ (.*)/merge ]]; then tag=pr-${BASH_REMATCH[1]}; else tag=${{ github.ref_name }}; fi; fi if [[ -z "${{ github.action_ref }}" ]]; then if [[ "${{ github.ref_name }}" =~ (.*)/merge ]]; then tag=pr-${BASH_REMATCH[1]}; else tag=${{ github.ref_name }}; fi; fi
if [[ -z "${tag}" ]]; then tag=${{ github.action_ref }}; fi if [[ -z "${tag}" ]]; then tag=${{ github.action_ref }}; fi
docker run --privileged --volume ${{ github.workspace }}:/github/workspace ghcr.io/jasonn3/build-container-installer:${tag} \ docker run --privileged --volume ${{ github.workspace }}:/github/workspace ghcr.io/jasonn3/build-container-installer:${tag} \
ADDITIONAL_TEMPLATES="${{ inputs.additional_templates }}" \
ARCH=${{ inputs.arch }} \ ARCH=${{ inputs.arch }} \
ENROLLMENT_PASSWORD=${{ inputs.enrollment_password }} \
FLATPAK_REMOTE_NAME=${{ inputs.flatpak_remote_name }} \
FLATPAK_REMOTE_REFS="${{ inputs.flatpak_remote_refs }}" \
FLATPAK_REMOTE_URL=${{ inputs.flatpak_remote_url }} \
IMAGE_NAME=${{ inputs.image_name }} \ IMAGE_NAME=${{ inputs.image_name }} \
IMAGE_REPO=${{ inputs.image_repo }} \ IMAGE_REPO=${{ inputs.image_repo }} \
IMAGE_TAG=${{ inputs.image_tag || inputs.version }} \
SECURE_BOOT_KEY_URL=${{ inputs.secure_boot_key_url }} \
VARIANT=${{ inputs.variant }} \ VARIANT=${{ inputs.variant }} \
VERSION=${{ inputs.version }} \ VERSION=${{ inputs.version }} \
IMAGE_TAG=${{ inputs.image_tag || inputs.version }} \ WEB_UI=${{ inputs.web_ui }}
WEB_UI=${{ inputs.web_ui }} \
ISO_NAME=${{ inputs.iso_name }} \
ENROLLMENT_PASSWORD=${{ inputs.enrollment_password }} \
SECURE_BOOT_KEY_URL=${{ inputs.secure_boot_key_url }} \
"ADDITIONAL_TEMPLATES=${{ inputs.additional_templates }}"
- name: Rename ISO file - name: Rename ISO file
id: rename_iso id: rename_iso

15
entrypoint.sh
View file

@ -2,19 +2,24 @@
set -ex set -ex
for entry in $@ # Create /dev/loop0 if it doesn't already exist. `losetup` has an issue creating it during the first run
mknod -m 0660 /dev/loop0 b 7 0 2>/dev/null || true
for i
do do
export $entry key=$(echo ${i} | cut -d= -f1)
value=$(echo ${i} | cut -d= -f2-)
export ${key}="${value}"
done done
# Pull container # Pull container
make container/${IMAGE_NAME}-${IMAGE_TAG} $@ make container/${IMAGE_NAME}-${IMAGE_TAG} "$@"
# Build base ISO # Build base ISO
make boot.iso $@ make boot.iso "$@"
# Add container to ISO # Add container to ISO
make build/deploy.iso $@ make build/deploy.iso "$@"
# Make output dir in github workspace # Make output dir in github workspace
mkdir /github/workspace/build || true mkdir /github/workspace/build || true

11
lorax_templates/scripts/post/configure_flatpak Normal file
View file

@ -0,0 +1,11 @@
<%page args="_flatpak_repo_gpg"/>
if [[ -d /ostree/deploy/default/var/lib/flatpak/repo ]]
then
echo ${_flatpak_repo_gpg} | base64 -d > /ostree/deploy/default/var/lib/flatpak/repo/flathub.trustedkeys.gpg
elif [[ -d /var/lib/flatpak/repo ]]
then
echo ${_flatpak_repo_gpg} | base64 -d > /var/lib/flatpak/repo/flathub.trustedkeys.gpg
else
echo "Could not find Flatpaks repo"
fi

4
lorax_templates/set_flatpak_repo.tmpl.in Normal file
View file

@ -0,0 +1,4 @@
<%page args="flatpak_remote_name, _flatpak_repo_url"/>
replace "flatpak_manager\.add_remote\(\".*\", \".*\"\)" "flatpak_manager.add_remote(\"${flatpak_remote_name}\", \"${_flatpak_repo_url}\")" /usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py
replace "flatpak_manager\.replace_installed_refs_remote\(\".*\"\)" "flatpak_manager.replace_installed_refs_remote(\"${flatpak_remote_name}\")" /usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py

17
tests/iso/os-release.sh
View file

@ -1,24 +1,7 @@
#!/bin/bash #!/bin/bash
iso=$1
sudo apt-get update
sudo apt-get install -y squashfs-tools
sudo mkdir /mnt/{iso,install}
# Mount ISO
sudo mount -o loop $iso /mnt/iso
# Mount squashfs
sudo mount -t squashfs -o loop /mnt/iso/images/install.img /mnt/install
FOUND_VERSION=$(cat /mnt/install/etc/os-release | grep VERSION_ID | cut -d= -f2) FOUND_VERSION=$(cat /mnt/install/etc/os-release | grep VERSION_ID | cut -d= -f2)
# Cleanup
sudo umount /mnt/install
sudo umount /mnt/iso
if [[ ${FOUND_VERSION} != ${VERSION} ]] if [[ ${FOUND_VERSION} != ${VERSION} ]]
then then
echo "Version mismatch" echo "Version mismatch"

37
tests/iso/verify_flatpakrepo_updated.sh Normal file
View file

@ -0,0 +1,37 @@
#!/bin/bash
add_line=$(grep flatpak_manager.add_remote /mnt/install/usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py)
add_line_repo=$(echo ${add_line} | grep ${FLATPAK_REMOTE_NAME})
add_line_url=$(echo ${add_line} | grep ${_FLATPAK_REPO_URL})
result=0
if [ -z "${add_line_repo}" ]
then
echo "Repo name not updated on add_remote line"
result=1
else
echo "Repo name found on add_remote line"
fi
if [ -z "${add_line_url}" ]
then
echo "Repo url not updated on add_remote line"
result=1
else
echo "Repo url found on add_remote line"
fi
replace_line=$(grep flatpak_manager.replace_installed_refs_remote /mnt/install/usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py)
replace_line_repo=$(echo ${replace_line} | grep ${FLATPAK_REMOTE_NAME})
if [ -z "${replace_line_repo}" ]
then
echo "Repo name not updated on replace_installed_refs line"
result=1
else
echo "Repo name found on replace_installed_refs line"
fi
exit ${result}

10
tests/vm/flatpak.yml Normal file
View file

@ -0,0 +1,10 @@
#!/usr/bin/env -S ansible-playbook -i ./ansible_inventory
---
- name: Test for flatpaks
hosts: vm
gather_facts: no
tasks:
- name: Test updating flatpak packages
ansible.builtin.command:
cmd: /usr/bin/flatpak update -y