actions/build-container-installer
1
0
Fork 0
mirror of https://github.com/JasonN3/build-container-installer.git synced 2025-12-25 10:57:55 +01:00
Code Releases Activity

don't create a separate ubi container

Browse source
This commit is contained in:
Jason N. 2024-03-20 09:50:37 -04:00
parent 1e6b2d5bc0
commit f7d0f5bf5c
7 changed files with 61 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

28
.github/workflows/bot_commands.yml vendored
View file

@ -56,11 +56,27 @@ jobs:
pr: ${{ github.event.issue.number }} pr: ${{ github.event.issue.number }}
parent_job_name: Run Build Container parent_job_name: Run Build Container
run_test_iso: run_build_iso:
name: Run ISO Tests name: Run Build Container
if: > if: >
github.event.issue.pull_request && github.event.issue.pull_request &&
contains(github.event.comment.body, '/run test iso') contains(github.event.comment.body, '/run build iso')
permissions:
contents: read
packages: write
statuses: write
needs:
- permissions
uses: ./.github/workflows/build_iso.yml
with:
pr: ${{ github.event.issue.number }}
parent_job_name: Run Build Container
secrets:
RH_REPO: ${{ secrets.RH_REPO }}
RH_ENT: ${{ secrets.RH_ENT }}
run_test_iso:
name: Run ISO Tests
permissions: permissions:
contents: read contents: read
packages: write packages: write
@ -68,6 +84,7 @@ jobs:
needs: needs:
- permissions - permissions
- load_vars - load_vars
- run_build_iso
uses: ./.github/workflows/test_iso.yml uses: ./.github/workflows/test_iso.yml
with: with:
pr: ${{ github.event.issue.number }} pr: ${{ github.event.issue.number }}
@ -78,9 +95,6 @@ jobs:
run_test_deployment: run_test_deployment:
name: Run ISO Deployment Tests name: Run ISO Deployment Tests
if: >
github.event.issue.pull_request &&
contains(github.event.comment.body, '/run test iso')
permissions: permissions:
contents: read contents: read
packages: write packages: write
@ -88,7 +102,7 @@ jobs:
needs: needs:
- permissions - permissions
- load_vars - load_vars
- run_test_iso - run_build_iso
uses: ./.github/workflows/test_deployment.yml uses: ./.github/workflows/test_deployment.yml
with: with:
pr: ${{ github.event.issue.number }} pr: ${{ github.event.issue.number }}

36
.github/workflows/build_container.yml vendored
View file

@ -7,11 +7,6 @@ on:
parent_job_name: parent_job_name:
required: true required: true
type: string type: string
secrets:
RH_REPO:
required: true
RH_ENT:
required: true
jobs: jobs:
@ -28,19 +23,6 @@ jobs:
contents: read contents: read
packages: write packages: write
statuses: write statuses: write
continue-on-error: false
strategy:
fail-fast: false
matrix:
os:
- registry.fedoraproject.org/fedora
- registry.access.redhat.com/ubi8/ubi
include:
- os: registry.fedoraproject.org/fedora
tag: 39
- os: registry.access.redhat.com/ubi8/ubi
tag: latest
append: ubi
steps: steps:
- name: Checkout - name: Checkout
@ -85,7 +67,7 @@ jobs:
uses: docker/metadata-action@v5 uses: docker/metadata-action@v5
with: with:
images: | images: |
ghcr.io/${{ github.repository }}${{ matrix.append && format('-{0}', matrix.append) }} ghcr.io/${{ github.repository }}
tags: | tags: |
type=ref,event=branch type=ref,event=branch
type=ref,event=pr type=ref,event=pr
@ -98,19 +80,10 @@ jobs:
uses: docker/metadata-action@v5 uses: docker/metadata-action@v5
with: with:
images: | images: |
ghcr.io/${{ github.repository }}${{ matrix.append && format('-{0}', matrix.append) }} ghcr.io/${{ github.repository }}
tags: | tags: |
pr-${{ inputs.pr }} pr-${{ inputs.pr }}
- name: Get UBI Subs
if: matrix.append == 'ubi'
uses: actions/checkout@v4
with:
repository: ${{ secrets.RH_REPO }}
ssh-key: ${{ secrets.RH_ENT }}
persist-credentials: false
path: ubi
- name: Buildah Build - name: Buildah Build
id: build-image id: build-image
uses: redhat-actions/buildah-build@v2 uses: redhat-actions/buildah-build@v2
@ -118,11 +91,6 @@ jobs:
containerfiles: Containerfile containerfiles: Containerfile
tags: ${{ steps.meta.outputs.tags || steps.meta_pr.outputs.tags }} tags: ${{ steps.meta.outputs.tags || steps.meta_pr.outputs.tags }}
labels: ${{ steps.meta.outputs.labels || steps.meta_pr.outputs.labels }} labels: ${{ steps.meta.outputs.labels || steps.meta_pr.outputs.labels }}
build-args: |
BASE_IMAGE=${{ matrix.os }}
IMAGE_VERSION=${{ matrix.tag }}
extra-args: |
${{ matrix.append == 'ubi' && format('--volume={0}/ubi:/run/secrets', github.workspace) || ''}}
- name: Push image - name: Push image
uses: redhat-actions/push-to-registry@v2 uses: redhat-actions/push-to-registry@v2

25
.github/workflows/build_iso.yml vendored
View file

@ -7,6 +7,11 @@ on:
parent_job_name: parent_job_name:
required: true required: true
type: string type: string
secrets:
RH_REPO:
required: true
RH_ENT:
required: true
outputs: outputs:
iso_name-38: iso_name-38:
description: "Version 38 ISO Name" description: "Version 38 ISO Name"
@ -39,9 +44,19 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
version: version:
- 7
- 8
- 9
- 38 - 38
- 39 - 39
- 40 - 40
include:
- version: 7
rhel: true
- version: 8
rhel: true
- version: 9
rhel: true
outputs: outputs:
iso_name-38: ${{ steps.save_output.outputs.iso_name-38 }} iso_name-38: ${{ steps.save_output.outputs.iso_name-38 }}
iso_name-39: ${{ steps.save_output.outputs.iso_name-39 }} iso_name-39: ${{ steps.save_output.outputs.iso_name-39 }}
@ -99,6 +114,15 @@ jobs:
run: | run: |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Get UBI Subs
if: matrix.rhel == true
uses: actions/checkout@v4
with:
repository: ${{ secrets.RH_REPO }}
ssh-key: ${{ secrets.RH_ENT }}
persist-credentials: false
path: ubi
- name: Build ISO - name: Build ISO
uses: ./ uses: ./
id: build id: build
@ -113,6 +137,7 @@ jobs:
secure_boot_key_url: ${{ needs.load_vars.outputs.SECURE_BOOT_KEY_URL }} secure_boot_key_url: ${{ needs.load_vars.outputs.SECURE_BOOT_KEY_URL }}
enrollment_password: ${{ needs.load_vars.outputs.ENROLLMENT_PASSWORD }} enrollment_password: ${{ needs.load_vars.outputs.ENROLLMENT_PASSWORD }}
iso_name: ${{ needs.load_vars.outputs.IMAGE_NAME }}-${{ matrix.version }}.iso iso_name: ${{ needs.load_vars.outputs.IMAGE_NAME }}-${{ matrix.version }}.iso
secrets_dir: ${{ matrix.rhel && '/github/workspace/ubi' || '' }}
- name: Save output - name: Save output
id: save_output id: save_output

6
.github/workflows/tests.yml vendored
View file

@ -35,9 +35,6 @@ jobs:
with: with:
pr: ${{ inputs.pr }} pr: ${{ inputs.pr }}
parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build Container parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build Container
secrets:
RH_REPO: ${{ secrets.RH_REPO }}
RH_ENT: ${{ secrets.RH_ENT }}
build_iso: build_iso:
name: Build ISO name: Build ISO
@ -47,6 +44,9 @@ jobs:
with: with:
pr: ${{ inputs.pr }} pr: ${{ inputs.pr }}
parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build ISO parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build ISO
secrets:
RH_REPO: ${{ secrets.RH_REPO }}
RH_ENT: ${{ secrets.RH_ENT }}
test_iso: test_iso:
name: Test ISO name: Test ISO

2
Containerfile
View file

@ -21,7 +21,7 @@ VOLUME /build-container-installer/build
VOLUME /build-container-installer/repos VOLUME /build-container-installer/repos
VOLUME /cache VOLUME /cache
RUN if [[ "$(grep '^ID=' /etc/os-release)" == 'ID="rhel"' ]]; then dnf install -y coreutils --allowerasing; fi; dnf install -y make && make install-deps RUN dnf install -y make && make install-deps
ENTRYPOINT ["/bin/bash", "/build-container-installer/entrypoint.sh"] ENTRYPOINT ["/bin/bash", "/build-container-installer/entrypoint.sh"]

4
Makefile
View file

@ -224,11 +224,9 @@ clean:
rm -f $(_BASE_DIR)/*.log || true rm -f $(_BASE_DIR)/*.log || true
install-deps: install-deps:
if [ "$(PACKAGE_MANAGER)" == "dnf" ]; then disable="--disablerepo='ubi-*'"; fi; \ $(PACKAGE_MANAGER) install -y ${disable} lorax xorriso skopeo flatpak dbus-daemon ostree coreutils gettext git subscription-manager
$(PACKAGE_MANAGER) install -y ${disable} lorax xorriso skopeo flatpak dbus-daemon ostree coreutils gettext git
install-test-deps: install-test-deps:
if [ "$(PACKAGE_MANAGER)" == "dnf" ]; then disable="--disablerepo='ubi-*'"; fi; \
$(PACKAGE_MANAGER) install -y qemu qemu-utils xorriso unzip qemu-system-x86 netcat socat jq isomd5sum ansible make coreutils squashfs-tools $(PACKAGE_MANAGER) install -y qemu qemu-utils xorriso unzip qemu-system-x86 netcat socat jq isomd5sum ansible make coreutils squashfs-tools

9
action.yml
View file

@ -67,6 +67,9 @@ inputs:
required: false required: false
rootfs_size: rootfs_size:
description: The size (in GiB) for the squashfs runtime volume description: The size (in GiB) for the squashfs runtime volume
secrets_dir:
description: The location that will be mounted to /run/secrets
required: false
secure_boot_key_url: secure_boot_key_url:
description: Secure boot key that is installed from URL location description: Secure boot key that is installed from URL location
required: false required: false
@ -175,7 +178,11 @@ runs:
vars="${vars} FLATPAK_REMOTE_REFS_DIR=\"${{ inputs.flatpak_remote_refs_dir }}\"" vars="${vars} FLATPAK_REMOTE_REFS_DIR=\"${{ inputs.flatpak_remote_refs_dir }}\""
fi fi
fi fi
docker run --privileged --volume ${{ github.workspace }}:/github/workspace/ ${cache} ${image}:${tag} \ if [[ -n "${{ inputs.secrets }}" ]]
then
volumes="--volume ${{ inputs.secrets }}:/run/secrets"
fi
docker run --privileged ${volumes} --volume ${{ github.workspace }}:/github/workspace/ ${cache} ${image}:${tag} \
ADDITIONAL_TEMPLATES="${{ inputs.additional_templates }}" \ ADDITIONAL_TEMPLATES="${{ inputs.additional_templates }}" \
ARCH="${{ inputs.arch }}" \ ARCH="${{ inputs.arch }}" \
DNF_CACHE="/cache/dnf" \ DNF_CACHE="/cache/dnf" \