actions/build-container-installer
1
0
Fork 0
mirror of https://github.com/JasonN3/build-container-installer.git synced 2025-12-25 19:07:54 +01:00
Code Releases Activity

Merge branch 'main' into add_secure_boot

Browse source
This commit is contained in:
Jason N 2024-03-18 14:36:32 -04:00 committed by GitHub
commit ec0cd1e6ee
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
33 changed files with 1231 additions and 171 deletions
Download patch file Download diff file Expand all files Collapse all files

237
action.yml
View file

@ -2,10 +2,51 @@ name: Build Container Installer
description: Generates an ISO for installing an OSTree stored in a container image
inputs:
action_version:
description: Version of the action container to run
deprecationMessage: No longer used. github.action_ref replaces the need for this. Will be removed in a future version.
required: false
additional_templates:
description: Space delimited list of additional Lorax templates to include
required: false
arch:
description: Architecture for image to build
required: true
default: x86_64
dnf_cache_key:
description: Overrides the dnf cache key
required: false
enable_cache_dnf:
description: Whether to enable caching for dnf
required: false
default: "true"
enable_cache_skopeo:
description: Whether to enable caching for skopeo
required: false
default: "false"
enrollment_password:
description: Used for supporting secure boot (requires secure_boot_key_url to be defined)
required: false
default: "container-installer"
extra_boot_params:
description: Extra params used by grub to boot the anaconda installer
required: false
flatpak_remote_name:
description: Name of the Flatpak remote repo
required: false
default: "flathub"
flatpak_remote_refs:
description: Space delimited list of refs to the flatpak packages to install
required: false
default: ""
flatpak_remote_refs_dir:
description: Directory that contains files that list the flatpak refs to install
required: false
default: ""
flatpak_remote_url:
description: The URL of the Flatpak remote flatpakrepo file
required: false
default: https://flathub.org/repo/flathub.flatpakrepo
image_name:
description: Name of the source container image
required: true
@ -14,6 +55,24 @@ inputs:
description: Repository containing the source container image
required: true
default: quay.io/fedora-ostree-desktops
image_tag:
description: Tag of the source container image. Defaults to the installer version
required: false
iso_name:
description: "Name of the resulting ISO. Relative paths are relative to github.workspace"
required: false
default: build/deploy.iso
repos:
description: List of repo files for Lorax to use
required: false
rootfs_size:
description: The size (in GiB) for the squashfs runtime volume
secure_boot_key_url:
description: Secure boot key that is installed from URL location
required: false
skopeo_cache_key:
description: Overrides the skopeo cache key
required: false
variant:
description: "Source container variant. Available options can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinonite"
required: true
@ -22,53 +81,153 @@ inputs:
description: Fedora version of installer to build
required: true
default: "39"
image_tag:
description: Tag of the source container image. Defaults to the installer version
required: false
web_ui:
description: Enable Anaconda WebUI
required: false
default: "false"
enrollment_password:
description: Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined)
required: false
default: "container-installer"
secure_boot_key_url:
description: Secure boot key that is installed from URL location
required: false
action_version:
description: Version of the action container to run
deprecationMessage: No longer used. github.action_ref replaces the need for this. Will be removed in a future version.
required: false
additional_templates:
description: Space delimetered list of additional Lorax templates to include
required: false
outputs:
iso_name:
value: ${{ steps.rename_iso.outputs.iso_name }}
description: The name of the resulting .iso
iso_path:
value: ${{ steps.rename_iso.outputs.iso_path }}
description: The name and path of the resulting .iso
runs:
using: composite
steps:
- name: Lowercase Registry
id: registry_case
uses: ASzc/change-string-case-action@v6
with:
string: ghcr.io/${{ github.repository }}
- name: Run docker image
- name: Make cache directory
shell: bash
run: |
# Check if running inside of the action repo
if [[ -z "${{ github.action_ref }}" ]]; then if [[ "${{ github.ref_name }}" =~ (.*)/merge ]]; then tag=pr-${BASH_REMATCH[1]}; else tag=${{ github.ref_name }}; fi; fi
if [[ -z "${tag}" ]]; then tag=${{ github.action_ref }}; fi
image=${{ steps.registry_case.outputs.lowercase }}
docker run --privileged --volume .:/github/workspace/ ${image}:${tag} \
ARCH=${{ inputs.arch }} \
IMAGE_NAME=${{ inputs.image_name }} \
IMAGE_REPO=${{ inputs.image_repo }} \
VARIANT=${{ inputs.variant }} \
VERSION=${{ inputs.version }} \
IMAGE_TAG=${{ inputs.image_tag || inputs.version }} \
WEB_UI=${{ inputs.web_ui }} \
ENROLLMENT_PASSWORD=${{ inputs.enrollment_password }} \
SECURE_BOOT_KEY_URL=${{ inputs.secure_boot_key_url }} \
"ADDITIONAL_TEMPLATES=${{ inputs.additional_templates }}"
sudo mkdir /cache
sudo chmod 777 /cache
- name: Load dnf cache
id: load_dnf_cache
env:
dnf_cache_key: dnf-${{ inputs.version }}
if: inputs.enable_cache_dnf == 'true'
uses: actions/cache/restore@v4
with:
path: /cache/dnf
key: ${{ inputs.dnf_cache_key || env.dnf_cache_key }}
- name: Load skopeo cache
id: load_skopeo_cache
env:
skopeo_cache_key: skopeo-${{ inputs.image_name }}-${{ inputs.version || inputs.image_tag }}
if: inputs.enable_cache_skopeo == 'true'
uses: actions/cache/restore@v4
with:
path: /cache/skopeo
key: ${{ inputs.skopeo_cache_key || env.skopeo_cache_key }}
- name: Ensure cache directories exist
shell: bash
run: |
mkdir /cache/dnf || true
mkdir /cache/dnf_new || true
mkdir /cache/skopeo || true
- name: Run docker image
env:
ACTION_REPO: ${{ github.action_repository }}
ACTION_REF: ${{ github.action_ref }}
shell: bash
run: |
image="ghcr.io/jasonn3/build-container-installer"
# Check if running inside of the action repo
if [[ -z "${ACTION_REPO}" || "${ACTION_REPO}" == "${{ github.repository }}" ]]
then
if [[ "${{ github.ref_name }}" =~ (.*)/merge ]]
then
tag="pr-${BASH_REMATCH[1]}"
image="docker.io/jasonn3/build-container-installer"
else
tag="${{ github.ref_name }}"
fi
else
tag="${ACTION_REF}"
fi
if [[ "${{ inputs.enable_cache_dnf }}" == "true" ]]
then
cache="${cache} -v /cache/dnf:/cache/dnf"
fi
if [[ "${{ inputs.enable_cache_skopeo }}" == "true" ]]
then
cache="${cache} -v /cache/skopeo:/cache/skopeo"
fi
if [[ "${{ steps.load_dnf_cache.outputs.cache-hit }}" != "true" ]]
then
cache="${cache} -v /cache/dnf_new:/cache/dnf_new"
fi
vars=""
if [[ -n "${{ inputs.flatpak_remote_refs }}" ]] && [[ -n "${{ inputs.flatpak_remote_refs_dir }}" ]]
then
echo "ERROR: flatpak_remote_refs is mutually exclusive to flatpak_remote_refs_dir"
exit 1
else
if [[ -n "${{ inputs.flatpak_remote_refs }}" ]]
then
vars="${vars} FLATPAK_REMOTE_REFS=\"${{ inputs.flatpak_remote_refs }}\""
else
vars="${vars} FLATPAK_REMOTE_REFS_DIR=\"${{ inputs.flatpak_remote_refs_dir }}\""
fi
fi
docker run --privileged --volume ${{ github.workspace }}:/github/workspace/ ${cache} ${image}:${tag} \
ADDITIONAL_TEMPLATES="${{ inputs.additional_templates }}" \
ARCH="${{ inputs.arch }}" \
DNF_CACHE="/cache/dnf" \
ENROLLMENT_PASSWORD="${{ inputs.enrollment_password }}" \
FLATPAK_REMOTE_NAME="${{ inputs.flatpak_remote_name }}" \
${vars} \
FLATPAK_REMOTE_URL="${{ inputs.flatpak_remote_url }}" \
IMAGE_NAME="${{ inputs.image_name }}" \
IMAGE_REPO="${{ inputs.image_repo }}" \
IMAGE_TAG="${{ inputs.image_tag || inputs.version }}" \
SECURE_BOOT_KEY_URL="${{ inputs.secure_boot_key_url }}" \
VARIANT="${{ inputs.variant }}" \
VERSION="${{ inputs.version }}" \
WEB_UI="${{ inputs.web_ui }}"
- name: Save dnf cache
env:
dnf_cache_key: dnf-${{ inputs.version }}
if: inputs.enable_cache_dnf == 'true' && steps.load_dnf_cache.outputs.cache-hit != 'true'
uses: actions/cache/save@v4
with:
path: /cache/dnf_new
key: ${{ inputs.dnf_cache_key || env.dnf_cache_key }}
- name: Save skopeo cache
env:
skopeo_cache_key: skopeo-${{ inputs.image_name }}-${{ inputs.version || inputs.image_tag }}
if: inputs.enable_cache_skopeo == 'true' && steps.load_dnf_cache.outputs.cache-hit != 'true'
uses: actions/cache/save@v4
with:
path: /cache/skopeo
key: ${{ inputs.skopeo_cache_key || env.skopeo_cache_key }}
- name: Rename ISO file
id: rename_iso
shell: bash
run: |
if [[ ! ( "${{ inputs.iso_name }}" =~ \.iso$ ) ]]
then
iso_name="${{ inputs.iso_name }}.iso"
else
iso_name="${{ inputs.iso_name }}"
fi
if [[ "${{ inputs.iso_name }}" =~ ^/ ]]
then
full_path="${iso_name}"
else
full_path="${{ github.workspace }}/${iso_name}"
fi
mv ${{ github.workspace }}/build/deploy.iso ${full_path} || true
cd $(dirname ${full_path})
iso_fn=$(basename ${iso_name})
sha256sum ${iso_fn} > ${iso_fn}-CHECKSUM
echo "iso_path=${full_path}" >> $GITHUB_OUTPUT
echo "iso_name=${iso_fn}" >> $GITHUB_OUTPUT