From 80921040cabbfdb88957a59c7f0821b76c7c9fee Mon Sep 17 00:00:00 2001 From: Jason N <33561705+JasonN3@users.noreply.github.com> Date: Tue, 23 Apr 2024 10:28:57 -0400 Subject: [PATCH 01/40] Update examples with correct volume path (#109) --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5962565..2f85f4d 100644 --- a/README.md +++ b/README.md @@ -93,12 +93,12 @@ Examples: Building an ISO to install Fedora 38 ```bash -docker run --rm --privileged --volume .:/github/workspace/build ghcr.io/jasonn3/build-container-installer:latest VERSION=38 IMAGE_NAME=base IMAGE_TAG=38 VARIANT=Server +docker run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=38 IMAGE_NAME=base IMAGE_TAG=38 VARIANT=Server ``` Building an ISO to install Fedora 39 ```bash -docker run --rm --privileged --volume .:/github/workspace/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=Server +docker run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=Server ``` ### VSCode Dev Container From 575e169bf9380eaeb0620ff65d3f9d96b11f8965 Mon Sep 17 00:00:00 2001 From: Matt Norton Date: Tue, 30 Apr 2024 16:05:03 +0100 Subject: [PATCH 02/40] Fix spelling error in `README.md` (#112) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2f85f4d..02c0ad7 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ ![Build status](https://github.com/jasonn3/build-container-installer/actions/workflows/tests.yml/badge.svg?event=push) [![Codacy Badge](https://app.codacy.com/project/badge/Grade/35a48e77e64f469ba19d60a1a1e0be71)](https://app.codacy.com/gh/JasonN3/build-container-installer/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) # Build Container Installer Action -This action is used to enerate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer` +This action is used to generate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer` ## Usage This action is designed to be called from a GitHub workflow using the following format From 6e803c8fcb82c34bfc6228239ed4d5489b116327 Mon Sep 17 00:00:00 2001 From: Matt Norton Date: Wed, 1 May 2024 13:41:18 +0100 Subject: [PATCH 03/40] Fix code example indentation (#114) --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 02c0ad7..9fc0ee2 100644 --- a/README.md +++ b/README.md @@ -27,9 +27,9 @@ This action is designed to be called from a GitHub workflow using the following path: | ${{ steps.build.outputs.iso_path }} ${{ steps.build.outputs.iso_path }}-CHECKSUM - if-no-files-found: error - retention-days: 0 - compression-level: 0 + if-no-files-found: error + retention-days: 0 + compression-level: 0 ``` See [Customizing](#customizing) for information about customizing the ISO that gets created using `with` From ee3a60c6a131fe2d107f02720a3e90849b750aae Mon Sep 17 00:00:00 2001 From: Matt Norton Date: Mon, 6 May 2024 12:39:07 +0100 Subject: [PATCH 04/40] Add hyperlink to badge icons in `README.md` (#116) --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9fc0ee2..764e3fd 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ -![Build status](https://github.com/jasonn3/build-container-installer/actions/workflows/tests.yml/badge.svg?event=push) [![Codacy Badge](https://app.codacy.com/project/badge/Grade/35a48e77e64f469ba19d60a1a1e0be71)](https://app.codacy.com/gh/JasonN3/build-container-installer/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) +[![Build status](https://github.com/jasonn3/build-container-installer/actions/workflows/tests.yml/badge.svg?event=push)](https://github.com/jasonn3/build-container-installer/actions/workflows/tests.yml) +[![Codacy Badge](https://app.codacy.com/project/badge/Grade/35a48e77e64f469ba19d60a1a1e0be71)](https://app.codacy.com/gh/JasonN3/build-container-installer/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) # Build Container Installer Action This action is used to generate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer` From 383427c619a8b6f0f008f7fb55ee3a721662381b Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Thu, 9 May 2024 15:39:51 -0400 Subject: [PATCH 05/40] Add build for Fedora-bootc (#105) --- .codacy/markdownlint.rb | 2 + .github/ISSUE_TEMPLATE/bug_report.md | 6 +- .github/workflows/build_iso.yml | 35 ++++------- .github/workflows/build_vars.yml | 51 +++++++++++++--- .github/workflows/test_deployment.yml | 43 ++++++------- .github/workflows/test_iso.yml | 39 +++++------- .github/workflows/tests.yml | 88 ++++----------------------- .mdlrc | 1 + Makefile | 13 ++-- README.md | 71 +++++++++++++-------- action.yml | 1 + external/Makefile | 2 +- test/iso/install_os-release.sh | 2 +- test/repo/vars.py | 4 +- test/vm/Makefile | 4 +- xorriso/Makefile | 3 +- xorriso/gen_input.sh | 7 ++- 17 files changed, 174 insertions(+), 198 deletions(-) create mode 100644 .codacy/markdownlint.rb create mode 100644 .mdlrc diff --git a/.codacy/markdownlint.rb b/.codacy/markdownlint.rb new file mode 100644 index 0000000..fcd51bc --- /dev/null +++ b/.codacy/markdownlint.rb @@ -0,0 +1,2 @@ +all +rule 'MD033', :allowed_elements => ["a","img","picture","source"] \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index b443a7a..4cac71d 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -12,6 +12,7 @@ A clear and concise description of what the bug is. **To Reproduce** Steps to reproduce the behavior: + 1. Go to '...' 2. Click on '....' 3. Scroll down to '....' @@ -24,8 +25,9 @@ A clear and concise description of what you expected to happen. If applicable, add screenshots to help explain your problem. **Desktop (please complete the following information):** - - OS: [e.g. iOS] - - Version [e.g. 22] + +- OS: [e.g. iOS] +- Version [e.g. 22] **Additional context** Add any other context about the problem here. diff --git a/.github/workflows/build_iso.yml b/.github/workflows/build_iso.yml index 54e309f..990de53 100644 --- a/.github/workflows/build_iso.yml +++ b/.github/workflows/build_iso.yml @@ -9,15 +9,6 @@ on: parent_job_name: required: true type: string - flatpaks_refs: - required: false - type: string - flatpaks_refs_dir: - required: false - type: string - suffix: - required: false - type: string jobs: load_vars: @@ -38,8 +29,7 @@ jobs: continue-on-error: false strategy: fail-fast: false - matrix: - version: ${{ fromJson(needs.load_vars.outputs.BUILD_VERSIONS) }} + matrix: ${{ fromJson(needs.load_vars.outputs.BUILD_MATRIX) }} steps: - name: Checkout uses: actions/checkout@v4 @@ -63,7 +53,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" per_page: 100 - name: Set status @@ -72,7 +62,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: ${{ env.JOB_NAME }} (${{ matrix.version }}) + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -115,25 +105,26 @@ jobs: id: build with: arch: ${{ needs.load_vars.outputs.ARCH }} - image_name: ${{ needs.load_vars.outputs.IMAGE_NAME }} - image_repo: ${{ needs.load_vars.outputs.IMAGE_REPO }} + image_name: ${{ matrix.image_name }} + image_repo: ${{ matrix.image_repo}} image_tag: ${{ matrix.version }} version: ${{ matrix.version }} + repos: ${{ matrix.repos }} variant: ${{ needs.load_vars.outputs.VARIANT }} - flatpak_remote_refs: ${{ inputs.flatpaks_refs }} - flatpak_remote_refs_dir: ${{ inputs.flatpaks_refs_dir }} + flatpak_remote_refs: ${{ matrix.flatpaks == 'flatpak_refs' && needs.load_vars.outputs.FLATPAK_REMOTE_REFS || '' }} + flatpak_remote_refs_dir: ${{ matrix.flatpaks == 'flatpak_refs_dir' && needs.load_vars.outputs.FLATPAK_REMOTE_REFS_DIR || '' }} secure_boot_key_url: ${{ needs.load_vars.outputs.SECURE_BOOT_KEY_URL }} enrollment_password: ${{ needs.load_vars.outputs.ENROLLMENT_PASSWORD }} - iso_name: build/${{ needs.load_vars.outputs.IMAGE_NAME }}-${{ matrix.version }}${{ inputs.suffix && format('-{0}', inputs.suffix || '') }}.iso + iso_name: build/${{ matrix.image_name }}-${{ matrix.version }}${{ matrix.flatpaks == 'false' && '' || format('-{0}', matrix.flatpaks) }}.iso - name: Upload ISO as artifact id: upload uses: actions/upload-artifact@v4 with: - name: ${{ needs.load_vars.outputs.IMAGE_NAME }}-${{ matrix.version }}${{ inputs.suffix && format('-{0}', inputs.suffix || '') }} + name: ${{ matrix.image_name }}-${{ matrix.version }}${{ matrix.flatpaks == 'false' && '' || format('-{0}', matrix.flatpaks) }} path: | - build/${{ needs.load_vars.outputs.IMAGE_NAME }}-${{ matrix.version }}${{ inputs.suffix && format('-{0}', inputs.suffix || '') }}.iso - build/${{ needs.load_vars.outputs.IMAGE_NAME }}-${{ matrix.version }}${{ inputs.suffix && format('-{0}', inputs.suffix || '') }}.iso-CHECKSUM + build/${{ matrix.image_name }}-${{ matrix.version }}${{ matrix.flatpaks == 'false' && '' || format('-{0}', matrix.flatpaks) }}.iso + build/${{ matrix.image_name }}-${{ matrix.version }}${{ matrix.flatpaks == 'false' && '' || format('-{0}', matrix.flatpaks) }}.iso-CHECKSUM if-no-files-found: error retention-days: 0 compression-level: 0 @@ -145,7 +136,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: ${{ env.JOB_NAME }} (${{ matrix.version }}) + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} diff --git a/.github/workflows/build_vars.yml b/.github/workflows/build_vars.yml index ce4e273..55b53cc 100644 --- a/.github/workflows/build_vars.yml +++ b/.github/workflows/build_vars.yml @@ -5,18 +5,53 @@ on: outputs: ARCH: value: 'x86_64' - BUILD_VERSIONS: - value: '[38, 39, 40]' - IMAGE_NAME: - value: 'base' - IMAGE_REPO: - value: 'quay.io/fedora-ostree-desktops' - IMAGE_TAG: - value: '39' + BUILD_MATRIX: + value: ' + { + "version": [ + "38", + "39", + "40", + ], + "flatpaks": [ + "false", + "flatpak_dir", + "flatpak_refs" + ], + "exclude": [ + { + "version": "40", + "flatpaks": "flatpak_dir" + }, + { + "version": "40", + "flatpaks": "flatpak_refs" + } + ], + "include": [ + { + "version": "38", + "image_repo": "quay.io/fedora-ostree-desktops", + "image_name": "base" + }, + { + "version": "39", + "image_repo": "quay.io/fedora-ostree-desktops", + "image_name": "base" + }, + { + "version": "40", + "image_repo": "quay.io/fedora", + "image_name": "fedora-bootc" + } + ] + }' VARIANT: value: 'Server' FLATPAK_REMOTE_REFS_DIR: value: flatpak_refs + FLATPAK_REMOTE_REFS: + value: "app/org.mozilla.firefox/x86_64/stable app/org.videolan.VLC/x86_64/stable" SECURE_BOOT_KEY_URL: value: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' ENROLLMENT_PASSWORD: diff --git a/.github/workflows/test_deployment.yml b/.github/workflows/test_deployment.yml index da2a2b2..792b68a 100644 --- a/.github/workflows/test_deployment.yml +++ b/.github/workflows/test_deployment.yml @@ -9,15 +9,6 @@ on: parent_job_name: required: true type: string - flatpaks_refs: - required: false - type: string - flatpaks_refs_dir: - required: false - type: string - suffix: - required: false - type: string jobs: load_vars: @@ -37,8 +28,7 @@ jobs: continue-on-error: false strategy: fail-fast: false - matrix: - version: ${{ fromJson(needs.load_vars.outputs.BUILD_VERSIONS) }} + matrix: ${{ fromJson(needs.load_vars.outputs.BUILD_MATRIX) }} steps: - name: Checkout uses: actions/checkout@v4 @@ -62,7 +52,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" per_page: 100 - name: Set status @@ -71,7 +61,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: ${{ env.JOB_NAME }} (${{ matrix.version }}) + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -84,7 +74,7 @@ jobs: - name: Download generated ISO uses: actions/download-artifact@v4 with: - name: ${{ format('{0}-{1}', needs.load_vars.outputs.IMAGE_NAME, matrix.version) }}${{ inputs.suffix && format('-{0}', inputs.suffix || '') }} + name: ${{ matrix.image_name }}-${{ matrix.version }}${{ matrix.flatpaks == 'false' && '' || format('-{0}', matrix.flatpaks) }} - name: Run VM Tests env: @@ -93,18 +83,23 @@ jobs: VM_IP: "127.0.0.1" VM_PORT: "5555" run: | - make test/vm ISO_NAME=${{ format('{0}-{1}', needs.load_vars.outputs.IMAGE_NAME, matrix.version) }}${{ inputs.suffix && format('-{0}', inputs.suffix || '') }}.iso \ - VM_IP=${VM_IP} VM_PORT=${VM_PORT} VM_USER=${VM_USER} VM_PASS=${VM_PASS} \ + make test/vm \ ARCH=${{ needs.load_vars.outputs.ARCH}} \ - IMAGE_NAME=${{ needs.load_vars.outputs.IMAGE_NAME}} \ - IMAGE_REPO=${{ needs.load_vars.outputs.IMAGE_REPO}} \ + ENROLLMENT_PASSWORD=${{ needs.load_vars.outputs.ENROLLMENT_PASSWORD }} \ + ${{ matrix.flatpaks == 'flatpak_refs' && format('FLATPAK_REMOTE_REFS="{0}"', needs.load_vars.outputs.FLATPAK_REMOTE_REFS) || '' }} \ + ${{ matrix.flatpaks == 'flatpak_refs_dir' && format('FLATPAK_REMOTE_REFS_DIR="{0}"', needs.load_vars.outputs.FLATPAK_REMOTE_REFS_DIR) || '' }} \ + IMAGE_NAME=${{ matrix.image_name }} \ + IMAGE_REPO=${{ matrix.image_repo }} \ IMAGE_TAG=${{ matrix.version }} \ - VERSION=${{ matrix.version }} \ - VARIANT=${{ needs.load_vars.outputs.VARIANT }} \ - ${{ inputs.flatpaks_refs && format('FLATPAK_REMOTE_REFS="{0}"', inputs.flatpaks_refs) || '' }} \ - ${{ inputs.flatpaks_refs_dir && format('FLATPAK_REMOTE_REFS_DIR="{0}"', inputs.flatpaks_refs_dir) || '' }} \ + ISO_NAME=${{ matrix.image_name }}-${{ matrix.version }}${{ matrix.flatpaks == 'false' && '' || format('-{0}', matrix.flatpaks) }}.iso \ + ${{ matrix.repos != '' && format('REPOS="{0}"', matrix.repos) || '' }} \ SECURE_BOOT_KEY_URL=${{ needs.load_vars.outputs.SECURE_BOOT_KEY_URL }} \ - ENROLLMENT_PASSWORD=${{ needs.load_vars.outputs.ENROLLMENT_PASSWORD }} + VARIANT=${{ needs.load_vars.outputs.VARIANT }} \ + VERSION=${{ matrix.version }} \ + VM_IP=${VM_IP} \ + VM_PASS=${VM_PASS} \ + VM_PORT=${VM_PORT} \ + VM_USER=${VM_USER} - name: Set status if: inputs.pr && always() @@ -112,6 +107,6 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: ${{ env.JOB_NAME }} (${{ matrix.version }}) + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} diff --git a/.github/workflows/test_iso.yml b/.github/workflows/test_iso.yml index b78c2a5..3b072d7 100644 --- a/.github/workflows/test_iso.yml +++ b/.github/workflows/test_iso.yml @@ -9,15 +9,6 @@ on: parent_job_name: required: true type: string - flatpaks_refs: - required: false - type: string - flatpaks_refs_dir: - required: false - type: string - suffix: - required: false - type: string jobs: load_vars: @@ -37,8 +28,7 @@ jobs: continue-on-error: false strategy: fail-fast: false - matrix: - version: ${{ fromJson(needs.load_vars.outputs.BUILD_VERSIONS) }} + matrix: ${{ fromJson(needs.load_vars.outputs.BUILD_MATRIX) }} steps: - name: Checkout uses: actions/checkout@v4 @@ -62,7 +52,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" per_page: 100 - name: Set status @@ -71,7 +61,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: ${{ env.JOB_NAME }} (${{ matrix.version }}) + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -84,22 +74,23 @@ jobs: - name: Download generated ISO uses: actions/download-artifact@v4 with: - name: ${{ format('{0}-{1}', needs.load_vars.outputs.IMAGE_NAME, matrix.version) }}${{ inputs.suffix && format('-{0}', inputs.suffix || '') }} + name: ${{ matrix.image_name }}-${{ matrix.version }}${{ matrix.flatpaks == 'false' && '' || format('-{0}', matrix.flatpaks) }} - name: Run ISO checks run: | make test/iso \ ARCH=${{ needs.load_vars.outputs.ARCH}} \ - IMAGE_NAME=${{ needs.load_vars.outputs.IMAGE_NAME}} \ - IMAGE_REPO=${{ needs.load_vars.outputs.IMAGE_REPO}} \ - IMAGE_TAG=${{ matrix.version }} \ - VERSION=${{ matrix.version }} \ - VARIANT=${{ needs.load_vars.outputs.VARIANT }} \ - ${{ inputs.flatpaks_refs && format('FLATPAK_REMOTE_REFS="{0}"', inputs.flatpaks_refs) || '' }} \ - ${{ inputs.flatpaks_refs_dir && format('FLATPAK_REMOTE_REFS_DIR="{0}"', inputs.flatpaks_refs_dir) || '' }} \ - SECURE_BOOT_KEY_URL=${{ needs.load_vars.outputs.SECURE_BOOT_KEY_URL }} \ ENROLLMENT_PASSWORD=${{ needs.load_vars.outputs.ENROLLMENT_PASSWORD }} \ - ISO_NAME=${{ format('{0}-{1}', needs.load_vars.outputs.IMAGE_NAME, matrix.version) }}${{ inputs.suffix && format('-{0}', inputs.suffix || '') }}.iso + ${{ matrix.flatpaks == 'flatpak_refs' && format('FLATPAK_REMOTE_REFS="{0}"', needs.load_vars.outputs.FLATPAK_REMOTE_REFS) || '' }} \ + ${{ matrix.flatpaks == 'flatpak_refs_dir' && format('FLATPAK_REMOTE_REFS_DIR="{0}"', needs.load_vars.outputs.FLATPAK_REMOTE_REFS_DIR) || '' }} \ + IMAGE_NAME=${{ matrix.image_name }} \ + IMAGE_REPO=${{ matrix.image_repo }} \ + IMAGE_TAG=${{ matrix.version }} \ + ISO_NAME=${{ matrix.image_name }}-${{ matrix.version }}${{ matrix.flatpaks == 'false' && '' || format('-{0}', matrix.flatpaks) }}.iso \ + ${{ matrix.repos != '' && format('REPOS="{0}"', matrix.repos) || '' }} \ + SECURE_BOOT_KEY_URL=${{ needs.load_vars.outputs.SECURE_BOOT_KEY_URL }} \ + VARIANT=${{ needs.load_vars.outputs.VARIANT }} \ + VERSION=${{ matrix.version }} - name: Set status if: inputs.pr && always() @@ -107,6 +98,6 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: ${{ env.JOB_NAME }} (${{ matrix.version }}) + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} \ No newline at end of file diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index b715490..651d3f0 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -31,95 +31,29 @@ jobs: pr: ${{ inputs.pr }} parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build Container - build_iso_flatpaks: - name: Build ISO with Flatpaks + build_isos: + name: Build ISOs needs: - build_container uses: ./.github/workflows/build_iso.yml with: pr: ${{ inputs.pr }} - parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build ISO with Flatpaks - flatpaks_refs_dir: flatpak_refs - suffix: flatpaks + parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build ISOs - test_iso_flatpaks: - name: Test ISO with Flatpaks + test_isos: + name: Test ISOs needs: - - build_iso_flatpaks + - build_isos uses: ./.github/workflows/test_iso.yml with: pr: ${{ inputs.pr }} - parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Test ISO with Flatpaks - flatpaks_refs_dir: flatpak_refs - suffix: flatpaks + parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Test ISOs - test_deployment_flatpaks: - name: Test Deployment with Flatpaks + test_deployments: + name: Test Deployments needs: - - build_iso_flatpaks + - build_isos uses: ./.github/workflows/test_deployment.yml with: pr: ${{ inputs.pr }} - parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Test Deployment with Flatpaks - flatpaks_refs_dir: flatpak_refs - suffix: flatpaks - - build_iso_flatpak_refs: - name: Build ISO with Flatpak Refs - needs: - - build_container - uses: ./.github/workflows/build_iso.yml - with: - pr: ${{ inputs.pr }} - parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build ISO with Flatpak Refs - flatpaks_refs: "app/org.mozilla.firefox/x86_64/stable app/org.videolan.VLC/x86_64/stable" - suffix: flatpaks_refs - - test_iso_flatpak_refs: - name: Test ISO with Flatpak Refs - needs: - - build_iso_flatpak_refs - uses: ./.github/workflows/test_iso.yml - with: - pr: ${{ inputs.pr }} - parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Test ISO with Flatpak Refs - flatpaks_refs: "app/org.mozilla.firefox/x86_64/stable app/org.videolan.VLC/x86_64/stable" - suffix: flatpaks_refs - - test_deployment_flatpak_refs: - name: Test Deployment with Flatpak Refs - needs: - - build_iso_flatpak_refs - uses: ./.github/workflows/test_deployment.yml - with: - pr: ${{ inputs.pr }} - parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Test Deployment with Flatpak Refs - flatpaks_refs: "app/org.mozilla.firefox/x86_64/stable app/org.videolan.VLC/x86_64/stable" - suffix: flatpaks_refs - - build_iso: - name: Build ISO - needs: - - build_container - uses: ./.github/workflows/build_iso.yml - with: - pr: ${{ inputs.pr }} - parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build ISO - - test_iso: - name: Test ISO - needs: - - build_iso - uses: ./.github/workflows/test_iso.yml - with: - pr: ${{ inputs.pr }} - parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Test ISO - - test_deployment: - name: Test Deployment - needs: - - build_iso - uses: ./.github/workflows/test_deployment.yml - with: - pr: ${{ inputs.pr }} - parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Test Deployment \ No newline at end of file + parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Test Deployments diff --git a/.mdlrc b/.mdlrc new file mode 100644 index 0000000..17717c6 --- /dev/null +++ b/.mdlrc @@ -0,0 +1 @@ +style "#{File.dirname(__FILE__)}/.codacy/markdownlint.rb" \ No newline at end of file diff --git a/Makefile b/Makefile index 65557ce..7886947 100644 --- a/Makefile +++ b/Makefile @@ -34,17 +34,18 @@ _TEMPLATE_VARS := ARCH IMAGE_NAME IMAGE_REPO _IMAGE_REPO_DOUBLE_ESCA _VOLID := $(firstword $(subst -, ,$(IMAGE_NAME)))-$(ARCH)-$(IMAGE_TAG) ifeq ($(findstring redhat.repo,$(REPOS)),redhat.repo) -_RHEL := true +export _RHEL := true +_LORAX_TEMPLATES += $(call get_templates,rhel) else -_RHEL := false +undefine _RHEL endif ifeq ($(_RHEL),true) _LORAX_ARGS += --nomacboot --noupgrade else ifeq ($(VARIANT),Server) -_LORAX_ARGS += --macboot --noupgrade +_LORAX_ARGS += --macboot --noupgrade --squashfs-only else -_LORAX_ARGS += --nomacboot +_LORAX_ARGS += --nomacboot --squashfs-only endif ifeq ($(WEB_UI),true) @@ -110,7 +111,7 @@ results/images/boot.iso: external/lorax/branch-$(VERSION) $(filter lorax_templat $(if $(wildcard /etc/rpm/macros.image-language-conf),mv /etc/rpm/macros.image-language-conf $(_TEMP_DIR)/macros.image-language-conf) lorax -p $(IMAGE_NAME) -v $(VERSION) -r $(VERSION) -t $(VARIANT) \ - --isfinal --squashfs-only --buildarch=$(ARCH) --volid=$(_VOLID) --sharedir $(PWD)/external/lorax/share/templates.d/99-generic \ + --isfinal --buildarch=$(ARCH) --volid=$(_VOLID) --sharedir $(PWD)/external/lorax/share/templates.d/99-generic \ $(_LORAX_ARGS) \ $(foreach file,$(_REPO_FILES),--repo $(PWD)/$(file)) \ $(foreach file,$(_LORAX_TEMPLATES),--add-template $(PWD)/$(file)) \ @@ -131,7 +132,7 @@ clean: .PHONY: install-deps install-deps: - $(install_pkg) lorax xorriso coreutils gettext + $(install_pkg) lorax xorriso coreutils gettext syslinux-nonlinux $(foreach DIR,$(filter-out test,$(_SUBDIRS)),$(MAKE) -w -C $(DIR) install-deps;) diff --git a/README.md b/README.md index 764e3fd..974e8c8 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,11 @@ [![Codacy Badge](https://app.codacy.com/project/badge/Grade/35a48e77e64f469ba19d60a1a1e0be71)](https://app.codacy.com/gh/JasonN3/build-container-installer/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) # Build Container Installer Action + This action is used to generate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer` ## Usage + This action is designed to be called from a GitHub workflow using the following format ```yaml - name: Build ISO @@ -36,9 +38,11 @@ This action is designed to be called from a GitHub workflow using the following See [Customizing](#customizing) for information about customizing the ISO that gets created using `with` ## Customizing + The following variables can be used to customize the created ISO. ### Inputs + | Variable | Description | Default Value | Action | Container/Makefile | | ----------------------- | ---------------------------------------------------------------------------- | -------------------------------------------- | ------------------ | ------------------ | | additional_templates | Space delimited list of additional Lorax templates to include | \[empty\] | :white_check_mark: | :white_check_mark: | @@ -48,12 +52,12 @@ The following variables can be used to customize the created ISO. | flatpak_remote_name | Name of the Flatpak repo on the destination OS | flathub | :white_check_mark: | :white_check_mark: | | flatpak_remote_refs | Space separated list of flatpak refs to install | \[empty\] | :white_check_mark: | :white_check_mark: | | flatpak_remote_refs_dir | Directory that contains files that list the flatpak refs to install | \[empty\] | :white_check_mark: | :white_check_mark: | -| flatpak_remote_url | URL of the flatpakrepo file | https://flathub.org/repo/flathub.flatpakrepo | :white_check_mark: | :white_check_mark: | +| flatpak_remote_url | URL of the flatpakrepo file | | :white_check_mark: | :white_check_mark: | | image_name | Name of the source container image | base | :white_check_mark: | :white_check_mark: | | image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | :white_check_mark: | :white_check_mark: | | image_tag | Tag of the source container image | *VERSION* | :white_check_mark: | :white_check_mark: | | iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | :white_check_mark: | :white_check_mark: | -| make_target | Overrides the default make target | *ISO Checksum* | :white_check_mark: | :x: | +| make_target | Overrides the default make target | *ISO_NAME*-Checksum | :white_check_mark: | :x: | | repos | List of repo files for Lorax to use | /etc/yum.repos.d/*.repo | :white_check_mark: | :white_check_mark: | | rootfs_size | The size (in GiB) for the squashfs runtime volume | 2 | :white_check_mark: | :white_check_mark: | | secure_boot_key_url | Secure boot key that is installed from URL location\*\* | \[empty\] | :white_check_mark: | :white_check_mark: | @@ -67,6 +71,7 @@ Variant will be the third item in the package name. Example: `fedora-release-kin \*\* If you need to reference a local file, you can use `file://*path*` ### Outputs + | Variable | Description | Usage | | -------- | ----------------------------------------| ------------------------------------------------ | | iso_name | The name of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | @@ -75,7 +80,9 @@ Variant will be the third item in the package name. Example: `fedora-release-kin For outputs, see example above. ## Development + ### Makefile + The Makefile contains all of the commands that are run in the action. There are separate targets for each file generated, however `make` can be used to generate the final image and `make clean` can be used to clean up the workspace. The resulting ISO will be stored in the `build` directory. `make install-deps` can be used to install the necessary packages @@ -83,6 +90,7 @@ The Makefile contains all of the commands that are run in the action. There are See [Customizing](#customizing) for information about customizing the ISO that gets created. All variable should be specified CAPITALIZED. ### Container + A container with `make install-deps` already run is provided at `ghcr.io/jasonn3/build-container-installer:latest` To use the container file, run `docker run --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest`. @@ -103,6 +111,7 @@ docker run --rm --privileged --volume .:/build-container-installer/build ghcr.i ``` ### VSCode Dev Container + There is a dev container configuration provided for development. By default it will use the existing container image available at `ghcr.io/jasonn3/build-container-installer:latest`, however, you can have it build a new image by editing `.devcontainer/devcontainer.json` and replacing `image` with `build`. `Ctrl+/` can be used to comment and uncomment blocks of code within VSCode. The code from VSCode will be available at `/workspaces/build-container-installer` once the container has started. @@ -112,35 +121,45 @@ Privileged is required for access to loop devices for lorax. Use existing container image: ``` { - "name": "Existing Dockerfile", - // "build": { - // "context": "..", - // "dockerfile": "../Containerfile", - // "args": { - // "version": "39" - // } - // }, - "image": "ghcr.io/jasonn3/build-container-installer:latest", - "overrideCommand": true, - "shutdownAction": "stopContainer", - "privileged": true + "name": "Existing Dockerfile", +// "build": { +// "context": "..", +// "dockerfile": "../Containerfile", +// "args": { +// "version": "39" +// } +// }, + "image": "ghcr.io/jasonn3/build-container-installer:latest", + "overrideCommand": true, + "shutdownAction": "stopContainer", + "privileged": true } ``` Build a new container image: ``` { - "name": "Existing Dockerfile", - "build": { - "context": "..", - "dockerfile": "../Containerfile", - "args": { - "version": "39" - } - }, - //"image": "ghcr.io/jasonn3/build-container-installer:latest", - "overrideCommand": true, - "shutdownAction": "stopContainer", - "privileged": true + "name": "Existing Dockerfile", + "build": { + "context": "..", + "dockerfile": "../Containerfile", + "args": { + "version": "39" + } + }, + //"image": "ghcr.io/jasonn3/build-container-installer:latest", + "overrideCommand": true, + "shutdownAction": "stopContainer", + "privileged": true } ``` + +## Star History + + + + + + Star History Chart + + \ No newline at end of file diff --git a/action.yml b/action.yml index 2df4659..0a6a436 100644 --- a/action.yml +++ b/action.yml @@ -211,6 +211,7 @@ runs: IMAGE_REPO="${{ inputs.image_repo }}" \ IMAGE_TAG="${{ inputs.image_tag || inputs.version }}" \ ISO_NAME=/github/workspace/${{ inputs.iso_name }} \ + ${{ inputs.repos && format('REPOS="{0}"', inputs.repos) || '' }} \ SECURE_BOOT_KEY_URL="${{ inputs.secure_boot_key_url }}" \ VARIANT="${{ inputs.variant }}" \ VERSION="${{ inputs.version }}" \ diff --git a/external/Makefile b/external/Makefile index d56cb17..74047b1 100644 --- a/external/Makefile +++ b/external/Makefile @@ -1,6 +1,6 @@ lorax/branch-$(VERSION): git config advice.detachedHead false - cd lorax && git reset --hard HEAD && git checkout tags/$(shell cd lorax && git tag -l lorax-$(VERSION).* --sort=creatordate | tail -n 1) + cd lorax && git reset --hard HEAD && git checkout $(if $(_RHEL),rhel$(word 1,$(subst ., ,$(VERSION)))-branch,tags/$(shell cd lorax && git tag -l lorax-$(VERSION).* --sort=creatordate | tail -n 1)) touch lorax/branch-$(VERSION) install-deps: diff --git a/test/iso/install_os-release.sh b/test/iso/install_os-release.sh index 37e0007..788111a 100644 --- a/test/iso/install_os-release.sh +++ b/test/iso/install_os-release.sh @@ -1,6 +1,6 @@ #!/bin/bash -FOUND_VERSION=$(grep VERSION_ID mnt/install/etc/os-release | cut -d= -f2) +FOUND_VERSION=$(grep VERSION_ID mnt/install/etc/os-release | cut -d= -f2 | tr -d '"') if [[ ${FOUND_VERSION} != ${VERSION} ]] then diff --git a/test/repo/vars.py b/test/repo/vars.py index e76f3e3..4aea753 100755 --- a/test/repo/vars.py +++ b/test/repo/vars.py @@ -100,12 +100,12 @@ for line in readme_lines: if parts[2].strip() != inputs[var_name]['description']: print("WARNING: " + var_name + " description in README.md does not match action.yml") if 'default_value' in inputs[var_name]: - if not parts[3].strip().strip('"').startswith('*'): + if not parts[3].strip().strip('"<>').startswith('*'): if inputs[var_name]['default_value'] == "": if parts[3].strip().strip('"') != '\\[empty\\]': print("ERROR: " + var_name + " default value in README.md does not match action.yml") errors += 1 - elif parts[3].strip().strip('"') != inputs[var_name]['default_value']: + elif parts[3].strip().strip('"<>') != inputs[var_name]['default_value']: print("ERROR: " + var_name + " default value in README.md does not match action.yml") errors += 1 if 'action' in inputs[var_name] and inputs[var_name]['action']: diff --git a/test/vm/Makefile b/test/vm/Makefile index 1c3ef4b..99288cb 100644 --- a/test/vm/Makefile +++ b/test/vm/Makefile @@ -32,7 +32,7 @@ files/mnt/iso: sudo mount -o loop ../../$(ISO_NAME) files/mnt/iso files/grub.cfg: files/mnt/iso - cp files/mnt/iso/boot/grub2/grub.cfg files/grub.cfg + cp files/mnt/iso/$(if $(_RHEL),isolinux/grub.conf,boot/grub2/grub.cfg) files/grub.cfg sed -i 's/quiet/console=ttyS0,115200n8 inst.ks=cdrom:\/ks.cfg/' files/grub.cfg sed -i 's/set default="1"/set default="0"/' files/grub.cfg sed -i 's/set timeout=60/set timeout=1/' files/grub.cfg @@ -57,7 +57,7 @@ files/install.iso: files/grub.cfg -compliance joliet_long_names -map files/ks.cfg ks.cfg -chmod 0444 ks.cfg - -map files/grub.cfg boot/grub2/grub.cfg + -map files/grub.cfg $(if $(_RHEL),isolinux/grub.conf,boot/grub2/grub.cfg) -end EOF diff --git a/xorriso/Makefile b/xorriso/Makefile index 65b8b2a..b2f5d87 100644 --- a/xorriso/Makefile +++ b/xorriso/Makefile @@ -1,5 +1,6 @@ input.txt: gen_input.sh - sed -i 's/quiet/quiet $(EXTRA_BOOT_PARAMS)/g' ../results/boot/grub2/grub.cfg + find + $(if $(wildcard ../results/boot/grub2/grub.cfg),sed -i 's/quiet/quiet $(EXTRA_BOOT_PARAMS)/g' ../results/boot/grub2/grub.cfg) sed -i 's/quiet/quiet $(EXTRA_BOOT_PARAMS)/g' ../results/EFI/BOOT/grub.cfg $(eval _VARS = ARCH FLATPAK_DIR IMAGE_NAME IMAGE_TAG ISO_NAME VERSION) $(foreach var,$(_VARS),$(var)=$($(var))) bash gen_input.sh | tee input.txt diff --git a/xorriso/gen_input.sh b/xorriso/gen_input.sh index a0f3a48..0329186 100644 --- a/xorriso/gen_input.sh +++ b/xorriso/gen_input.sh @@ -14,8 +14,11 @@ do then continue fi - echo "-map ${PWD}/${file} ${file:2}" - echo "-chmod 0444 ${file:2}" + if [[ -f ${PWD}/${file} ]] + then + echo "-map ${PWD}/${file} ${file:2}" + echo "-chmod 0444 ${file:2}" + fi done popd > /dev/null From e0e4de8f9a94c7bf21c111218d7e7a8afbcceb33 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Fri, 10 May 2024 19:59:44 -0400 Subject: [PATCH 06/40] Add support for unsigned container images (#118) --- .vscode/settings.json | 2 +- Makefile | 2 +- Makefile.inputs | 3 ++- README.md | 1 + action.yml | 5 +++++ .../scripts/post/install_configure_upgrades | 17 ++++++++++++++--- 6 files changed, 24 insertions(+), 6 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index 8e97809..2625bca 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,5 +1,5 @@ { "files.associations": { - "Makefile.*": "makefile" + "Makefile.inputs": "makefile" } } \ No newline at end of file diff --git a/Makefile b/Makefile index 7886947..25ee23a 100644 --- a/Makefile +++ b/Makefile @@ -30,7 +30,7 @@ _LORAX_ARGS := _LORAX_TEMPLATES := $(call get_templates,install) _REPO_FILES := $(subst /etc/yum.repos.d,repos,$(REPOS)) _TEMP_DIR := $(shell mktemp -d) -_TEMPLATE_VARS := ARCH IMAGE_NAME IMAGE_REPO _IMAGE_REPO_DOUBLE_ESCAPED _IMAGE_REPO_ESCAPED IMAGE_TAG REPOS _RHEL VARIANT VERSION WEB_UI +_TEMPLATE_VARS := ARCH IMAGE_NAME IMAGE_REPO _IMAGE_REPO_DOUBLE_ESCAPED _IMAGE_REPO_ESCAPED IMAGE_SIGNED IMAGE_TAG REPOS _RHEL VARIANT VERSION WEB_UI _VOLID := $(firstword $(subst -, ,$(IMAGE_NAME)))-$(ARCH)-$(IMAGE_TAG) ifeq ($(findstring redhat.repo,$(REPOS)),redhat.repo) diff --git a/Makefile.inputs b/Makefile.inputs index ad4f333..51804c3 100644 --- a/Makefile.inputs +++ b/Makefile.inputs @@ -7,6 +7,7 @@ export EXTRA_BOOT_PARAMS := export IMAGE_NAME := base export IMAGE_REPO := quay.io/fedora-ostree-desktops export IMAGE_TAG = $(VERSION) +export IMAGE_SIGNED := true REPOS := $(subst :,\:,$(wildcard /etc/yum.repos.d/*.repo)) export ROOTFS_SIZE := 4 export VARIANT := Server @@ -21,4 +22,4 @@ export FLATPAK_DIR := # Secure boot export ENROLLMENT_PASSWORD := export SECURE_BOOT_KEY_URL := -export ISO_NAME := build/deploy.iso \ No newline at end of file +export ISO_NAME := build/deploy.iso diff --git a/README.md b/README.md index 974e8c8..0124d58 100644 --- a/README.md +++ b/README.md @@ -55,6 +55,7 @@ The following variables can be used to customize the created ISO. | flatpak_remote_url | URL of the flatpakrepo file | | :white_check_mark: | :white_check_mark: | | image_name | Name of the source container image | base | :white_check_mark: | :white_check_mark: | | image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | :white_check_mark: | :white_check_mark: | +| image_signed | Whether the container image is signed. The policy to test the signing must be configured inside the container image | true | :white_check_mark: | :white_check_mark: | | image_tag | Tag of the source container image | *VERSION* | :white_check_mark: | :white_check_mark: | | iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | :white_check_mark: | :white_check_mark: | | make_target | Overrides the default make target | *ISO_NAME*-Checksum | :white_check_mark: | :x: | diff --git a/action.yml b/action.yml index 0a6a436..e325527 100644 --- a/action.yml +++ b/action.yml @@ -59,6 +59,10 @@ inputs: description: Repository containing the source container image required: true default: quay.io/fedora-ostree-desktops + image_signed: + description: Whether the container image is signed. The policy to test the signing must be configured inside the container image + required: false + default: "true" image_tag: description: Tag of the source container image. Defaults to the installer version required: false @@ -209,6 +213,7 @@ runs: FLATPAK_DIR="${{ steps.flatpak_dependencies.outputs.flatpak_dir && format('/github/workspace/{0}', steps.flatpak_dependencies.outputs.flatpak_dir) || '' }}" \ IMAGE_NAME="${{ inputs.image_name }}" \ IMAGE_REPO="${{ inputs.image_repo }}" \ + IMAGE_SIGNED="${{ inputs.image_signed }}" \ IMAGE_TAG="${{ inputs.image_tag || inputs.version }}" \ ISO_NAME=/github/workspace/${{ inputs.iso_name }} \ ${{ inputs.repos && format('REPOS="{0}"', inputs.repos) || '' }} \ diff --git a/lorax_templates/scripts/post/install_configure_upgrades b/lorax_templates/scripts/post/install_configure_upgrades index f474d93..20ca2ae 100644 --- a/lorax_templates/scripts/post/install_configure_upgrades +++ b/lorax_templates/scripts/post/install_configure_upgrades @@ -1,7 +1,18 @@ -<%page args="image_repo, _image_repo_double_escaped, image_name, image_tag, _rhel, version"/> +<%page args="image_repo, _image_repo_double_escaped, image_name, image_signed, image_tag, _rhel, version"/> + if (which bootc &> /dev/null) && [ ${_rhel} == 'false' && ${version} -ge 39 ] then - bootc switch --mutate-in-place --enforce-container-sigpolicy --transport registry ${image_repo}/${image_name}:${image_tag} + if [ ${image_signed} == 'true' ] + then + bootc switch --mutate-in-place --enforce-container-sigpolicy --transport registry ${image_repo}/${image_name}:${image_tag} + else + bootc switch --mutate-in-place --transport registry ${image_repo}/${image_name}:${image_tag} + fi else - sed -i 's/container-image-reference=.*/container-image-reference=ostree-image-signed:docker:\/\/${_image_repo_double_escaped}\/${image_name}:${image_tag}/' /ostree/deploy/default/deploy/*.origin + if [ ${image_signed} == 'true' ] + then + sed -i 's/container-image-reference=.*/container-image-reference=ostree-image-signed:docker:\/\/${_image_repo_double_escaped}\/${image_name}:${image_tag}/' /ostree/deploy/default/deploy/*.origin + else + sed -i 's/container-image-reference=.*/container-image-reference=ostree-unverified-image:docker:\/\/${_image_repo_double_escaped}\/${image_name}:${image_tag}/' /ostree/deploy/default/deploy/*.origin + fi fi From 3d7e6b3725b8a310fdad04a5a5ff12352eae9e85 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Tue, 11 Jun 2024 14:29:32 -0400 Subject: [PATCH 07/40] Add `image_src` variable for container image source override (#121) --- .github/workflows/build_vars.yml | 6 ---- Makefile.inputs | 1 + README.md | 58 ++++++++++++++++++-------------- action.yml | 21 +++++++----- container/Makefile | 6 +++- test/repo/vars.py | 6 +++- 6 files changed, 56 insertions(+), 42 deletions(-) diff --git a/.github/workflows/build_vars.yml b/.github/workflows/build_vars.yml index 55b53cc..1f9cf95 100644 --- a/.github/workflows/build_vars.yml +++ b/.github/workflows/build_vars.yml @@ -9,7 +9,6 @@ on: value: ' { "version": [ - "38", "39", "40", ], @@ -29,11 +28,6 @@ on: } ], "include": [ - { - "version": "38", - "image_repo": "quay.io/fedora-ostree-desktops", - "image_name": "base" - }, { "version": "39", "image_repo": "quay.io/fedora-ostree-desktops", diff --git a/Makefile.inputs b/Makefile.inputs index 51804c3..a77e4f2 100644 --- a/Makefile.inputs +++ b/Makefile.inputs @@ -6,6 +6,7 @@ export ARCH := x86_64 export EXTRA_BOOT_PARAMS := export IMAGE_NAME := base export IMAGE_REPO := quay.io/fedora-ostree-desktops +export IMAGE_SRC := export IMAGE_TAG = $(VERSION) export IMAGE_SIGNED := true REPOS := $(subst :,\:,$(wildcard /etc/yum.repos.d/*.repo)) diff --git a/README.md b/README.md index 0124d58..b8da5e4 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,7 @@ This action is used to generate an ISO for installing an OSTree stored in a cont ## Usage This action is designed to be called from a GitHub workflow using the following format + ```yaml - name: Build ISO uses: jasonn3/build-container-installer@main @@ -56,6 +57,7 @@ The following variables can be used to customize the created ISO. | image_name | Name of the source container image | base | :white_check_mark: | :white_check_mark: | | image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | :white_check_mark: | :white_check_mark: | | image_signed | Whether the container image is signed. The policy to test the signing must be configured inside the container image | true | :white_check_mark: | :white_check_mark: | +| image_src | Overrides the source of the container image. Must be formatted for the skopeo copy command | \[empty\] | :white_check_mark: | :white_check_mark: | | image_tag | Tag of the source container image | *VERSION* | :white_check_mark: | :white_check_mark: | | iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | :white_check_mark: | :white_check_mark: | | make_target | Overrides the default make target | *ISO_NAME*-Checksum | :white_check_mark: | :x: | @@ -84,11 +86,11 @@ For outputs, see example above. ### Makefile -The Makefile contains all of the commands that are run in the action. There are separate targets for each file generated, however `make` can be used to generate the final image and `make clean` can be used to clean up the workspace. The resulting ISO will be stored in the `build` directory. +The Makefile contains all commands that are run the action. There are separate targets for each file generated, however `make` can be used to generate the final image and `make clean` can be used to clean up the workspace. The resulting ISO will be stored in the `build` directory. -`make install-deps` can be used to install the necessary packages +You can use `make install-deps` to install the required packages. -See [Customizing](#customizing) for information about customizing the ISO that gets created. All variable should be specified CAPITALIZED. +See [Customizing](#customizing) for information about customizing the ISO that gets created. All variables should be specified in CAPITALIZED form. ### Container @@ -98,39 +100,42 @@ To use the container file, run `docker run --privileged --volume .:/build-contai This will create an ISO with the baked in defaults of the container image. The resulting file will be called `deploy.iso` -See [Customizing](#customizing) for information about customizing the ISO that gets created. The variable can either be defined as environment variables. All variable should be specified CAPITALIZED. +See [Customizing](#customizing) for information about customizing the ISO that gets created. All variables should be specified in CAPITALIZED form. Examples: Building an ISO to install Fedora 38 + ```bash docker run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=38 IMAGE_NAME=base IMAGE_TAG=38 VARIANT=Server ``` Building an ISO to install Fedora 39 + ```bash docker run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=Server ``` ### VSCode Dev Container -There is a dev container configuration provided for development. By default it will use the existing container image available at `ghcr.io/jasonn3/build-container-installer:latest`, however, you can have it build a new image by editing `.devcontainer/devcontainer.json` and replacing `image` with `build`. `Ctrl+/` can be used to comment and uncomment blocks of code within VSCode. +There is a dev container configuration provided for development. By default, it will use the existing container image available at `ghcr.io/jasonn3/build-container-installer:latest`. However, you can have it build a new image by editing `.devcontainer/devcontainer.json` and replacing `image` with `build`. `Ctrl+/` can be used to comment and uncomment blocks of code within VSCode. The code from VSCode will be available at `/workspaces/build-container-installer` once the container has started. Privileged is required for access to loop devices for lorax. Use existing container image: -``` + +```diff { - "name": "Existing Dockerfile", -// "build": { -// "context": "..", -// "dockerfile": "../Containerfile", -// "args": { -// "version": "39" -// } -// }, - "image": "ghcr.io/jasonn3/build-container-installer:latest", + "name": "Existing Image", +- "build": { +- "context": "..", +- "dockerfile": "../Containerfile", +- "args": { +- "version": "39" +- } +- }, ++ "image": "ghcr.io/jasonn3/build-container-installer:latest", "overrideCommand": true, "shutdownAction": "stopContainer", "privileged": true @@ -138,17 +143,18 @@ Use existing container image: ``` Build a new container image: -``` + +```diff { - "name": "Existing Dockerfile", - "build": { - "context": "..", - "dockerfile": "../Containerfile", - "args": { - "version": "39" - } - }, - //"image": "ghcr.io/jasonn3/build-container-installer:latest", + "name": "New Image", ++ "build": { ++ "context": "..", ++ "dockerfile": "../Containerfile", ++ "args": { ++ "version": "39" ++ } ++ }, +- "image": "ghcr.io/jasonn3/build-container-installer:latest", "overrideCommand": true, "shutdownAction": "stopContainer", "privileged": true @@ -163,4 +169,4 @@ Build a new container image: Star History Chart - \ No newline at end of file + diff --git a/action.yml b/action.yml index e325527..7115248 100644 --- a/action.yml +++ b/action.yml @@ -29,26 +29,26 @@ inputs: required: false default: "true" enrollment_password: - description: Used for supporting secure boot (requires secure_boot_key_url to be defined) + description: Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) required: false default: "container-installer" extra_boot_params: description: Extra params used by grub to boot the anaconda installer required: false flatpak_remote_name: - description: Name of the Flatpak remote repo + description: Name of the Flatpak repo on the destination OS required: false default: "flathub" flatpak_remote_refs: - description: Space delimited list of refs to the flatpak packages to install + description: Space separated list of flatpak refs to install required: false default: "" flatpak_remote_refs_dir: - description: Directory that contains files that list the flatpak refs to install relative to the github workspace + description: Directory that contains files that list the flatpak refs to install required: false default: "" flatpak_remote_url: - description: The URL of the Flatpak remote flatpakrepo file + description: URL of the flatpakrepo file required: false default: https://flathub.org/repo/flathub.flatpakrepo image_name: @@ -63,15 +63,18 @@ inputs: description: Whether the container image is signed. The policy to test the signing must be configured inside the container image required: false default: "true" + image_src: + description: Overrides the source of the container image. Must be formatted for the skopeo copy command + required: false image_tag: - description: Tag of the source container image. Defaults to the installer version + description: Tag of the source container image required: false iso_name: - description: "Name of the resulting ISO. Relative paths are relative to github.workspace" + description: Name of the ISO you wish to output when completed required: false default: build/deploy.iso make_target: - description: "Overrides the default make target" + description: Overrides the default make target required: false repos: description: List of repo files for Lorax to use @@ -158,6 +161,7 @@ runs: FLATPAK_REMOTE_URL="${{ inputs.flatpak_remote_url }}" \ IMAGE_NAME="${{ inputs.image_name }}" \ IMAGE_REPO="${{ inputs.image_repo }}" \ + IMAGE_SRC="${{ inputs.image_src }}" \ IMAGE_TAG="${{ inputs.image_tag || inputs.version }}" - name: Run docker image @@ -214,6 +218,7 @@ runs: IMAGE_NAME="${{ inputs.image_name }}" \ IMAGE_REPO="${{ inputs.image_repo }}" \ IMAGE_SIGNED="${{ inputs.image_signed }}" \ + IMAGE_SRC="${{ inputs.image_src }}" \ IMAGE_TAG="${{ inputs.image_tag || inputs.version }}" \ ISO_NAME=/github/workspace/${{ inputs.iso_name }} \ ${{ inputs.repos && format('REPOS="{0}"', inputs.repos) || '' }} \ diff --git a/container/Makefile b/container/Makefile index 88024a0..c9f7c4a 100644 --- a/container/Makefile +++ b/container/Makefile @@ -1,5 +1,9 @@ +ifeq ($(IMAGE_SRC),) +IMAGE_SRC := docker://$(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) +endif + $(IMAGE_NAME)-$(IMAGE_TAG): - skopeo copy docker://$(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) oci:$(IMAGE_NAME)-$(IMAGE_TAG) + skopeo copy $(IMAGE_SRC) oci:$(IMAGE_NAME)-$(IMAGE_TAG) install-deps: $(install_pkg) skopeo diff --git a/test/repo/vars.py b/test/repo/vars.py index 4aea753..497b67e 100755 --- a/test/repo/vars.py +++ b/test/repo/vars.py @@ -97,16 +97,20 @@ for line in readme_lines: errors += 1 continue if 'description' in inputs[var_name]: - if parts[2].strip() != inputs[var_name]['description']: + if parts[2].strip().strip('\*') != inputs[var_name]['description']: print("WARNING: " + var_name + " description in README.md does not match action.yml") if 'default_value' in inputs[var_name]: if not parts[3].strip().strip('"<>').startswith('*'): if inputs[var_name]['default_value'] == "": if parts[3].strip().strip('"') != '\\[empty\\]': print("ERROR: " + var_name + " default value in README.md does not match action.yml") + print("Found " + parts[3].strip().strip('"<>')) + print("Expected " + inputs[var_name]['default_value']) errors += 1 elif parts[3].strip().strip('"<>') != inputs[var_name]['default_value']: print("ERROR: " + var_name + " default value in README.md does not match action.yml") + print("Found " + parts[3].strip().strip('"<>')) + print("Expected " + inputs[var_name]['default_value']) errors += 1 if 'action' in inputs[var_name] and inputs[var_name]['action']: if parts[4].strip() != ':white_check_mark:': From 19c4aae2f2e1a3618b8c70d29df435cb51b208e1 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Thu, 13 Jun 2024 11:58:32 -0400 Subject: [PATCH 08/40] Fix `image_src` not setting default value (#122) --- .github/workflows/build_iso.yml | 2 ++ .github/workflows/build_vars.yml | 6 ++++++ container/Makefile | 6 +----- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build_iso.yml b/.github/workflows/build_iso.yml index 990de53..4c89f38 100644 --- a/.github/workflows/build_iso.yml +++ b/.github/workflows/build_iso.yml @@ -107,6 +107,7 @@ jobs: arch: ${{ needs.load_vars.outputs.ARCH }} image_name: ${{ matrix.image_name }} image_repo: ${{ matrix.image_repo}} + image_src: ${{ matrix.image_src }} image_tag: ${{ matrix.version }} version: ${{ matrix.version }} repos: ${{ matrix.repos }} @@ -118,6 +119,7 @@ jobs: iso_name: build/${{ matrix.image_name }}-${{ matrix.version }}${{ matrix.flatpaks == 'false' && '' || format('-{0}', matrix.flatpaks) }}.iso - name: Upload ISO as artifact + if: matrix.version != 'fake' id: upload uses: actions/upload-artifact@v4 with: diff --git a/.github/workflows/build_vars.yml b/.github/workflows/build_vars.yml index 1f9cf95..6806eaa 100644 --- a/.github/workflows/build_vars.yml +++ b/.github/workflows/build_vars.yml @@ -37,6 +37,12 @@ on: "version": "40", "image_repo": "quay.io/fedora", "image_name": "fedora-bootc" + }, + { + "version": "fake", + "image_repo": "quay.io/fedora", + "image_name": "fedora-bootc", + "image_src": "docker://quay.io/fedora-ostree-desktops/base:39" } ] }' diff --git a/container/Makefile b/container/Makefile index c9f7c4a..9e662dc 100644 --- a/container/Makefile +++ b/container/Makefile @@ -1,9 +1,5 @@ -ifeq ($(IMAGE_SRC),) -IMAGE_SRC := docker://$(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) -endif - $(IMAGE_NAME)-$(IMAGE_TAG): - skopeo copy $(IMAGE_SRC) oci:$(IMAGE_NAME)-$(IMAGE_TAG) + skopeo copy $(if $(IMAGE_SRC),$(IMAGE_SRC),docker://$(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG)) oci:$(IMAGE_NAME)-$(IMAGE_TAG) install-deps: $(install_pkg) skopeo From 03ed84acd8c24cf62ac9ccbe318305f00f09f91e Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Thu, 13 Jun 2024 15:17:32 -0400 Subject: [PATCH 09/40] version must be a number --- .github/workflows/build_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_vars.yml b/.github/workflows/build_vars.yml index 6806eaa..e574c15 100644 --- a/.github/workflows/build_vars.yml +++ b/.github/workflows/build_vars.yml @@ -39,7 +39,7 @@ on: "image_name": "fedora-bootc" }, { - "version": "fake", + "version": "38", "image_repo": "quay.io/fedora", "image_name": "fedora-bootc", "image_src": "docker://quay.io/fedora-ostree-desktops/base:39" From 326734dccbe05edf2b9435df679d530d4dfcaffb Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Fri, 21 Jun 2024 10:26:19 -0400 Subject: [PATCH 10/40] Add image signing (#124) --- .github/workflows/build_container.yml | 30 ++++++++++++++++++++++++++- cosign.pub | 4 ++++ 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 cosign.pub diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 705485a..6b2ec21 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -94,6 +94,13 @@ jobs: tags: ${{ steps.meta.outputs.tags || steps.meta_pr.outputs.tags }} labels: ${{ steps.meta.outputs.labels || steps.meta_pr.outputs.labels }} + - name: Login to GitHub Container Registry + uses: docker/login-action@v2.1.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Push image uses: redhat-actions/push-to-registry@v2 with: @@ -110,4 +117,25 @@ jobs: status: ${{ job.status }} context: ${{ env.JOB_NAME }} sha: ${{ env.sha }} - targetUrl: ${{ steps.jobs.outputs.html_url }} \ No newline at end of file + targetUrl: ${{ steps.jobs.outputs.html_url }} + + - name: Install Cosign + if: startsWith(github.ref, 'refs/tags/v') + uses: sigstore/cosign-installer@v3.5.0 + + - name: Sign the images + if: startsWith(github.ref, 'refs/tags/v') + env: + TAGS: ${{ steps.build-image.outputs.tags }} + COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + run: | + images="" + digest="" + for tag in ${TAGS}; do + if [[ -z "${digest}" ]] + then + digest=$(cat $(echo ${tag} | tr '/:' '--')_digest.txt) + fi + images+="${tag}@${digest} " + done + cosign sign --key env://COSIGN_PRIVATE_KEY --yes ${images} diff --git a/cosign.pub b/cosign.pub new file mode 100644 index 0000000..4d5e06d --- /dev/null +++ b/cosign.pub @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEY4ljyIhI2w9DOptB4WT20S+K5ts3 +GJTEKRkXmIYEXGfyKpJMdlGCWeg2kOam5dNhWKXXl46d3eBBo9S53TPpyQ== +-----END PUBLIC KEY----- From 2b91de59597440aca34123ba8d3c4a48712f8b08 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Fri, 21 Jun 2024 11:28:08 -0400 Subject: [PATCH 11/40] add password --- .github/workflows/build_container.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 6b2ec21..77ff2f0 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -128,6 +128,7 @@ jobs: env: TAGS: ${{ steps.build-image.outputs.tags }} COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} run: | images="" digest="" From 92531089f947bc6493e9d11aafd2b412dc128ea4 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Fri, 21 Jun 2024 11:51:54 -0400 Subject: [PATCH 12/40] inherit secrets --- .github/workflows/tests.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 651d3f0..52e8305 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -27,6 +27,7 @@ jobs: build_container: name: Build Container uses: ./.github/workflows/build_container.yml + secrets: inherit with: pr: ${{ inputs.pr }} parent_job_name: ${{ inputs.parent_job_name && format('{0} / ', inputs.parent_job_name) }}Build Container From edf9c39029ac4c105720a807ae39b8dcd5fa7938 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 25 Jun 2024 09:48:43 -0400 Subject: [PATCH 13/40] Bump docker/login-action from 2.1.0 to 3.2.0 (#125) --- .github/workflows/build_container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 77ff2f0..54b9360 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -95,7 +95,7 @@ jobs: labels: ${{ steps.meta.outputs.labels || steps.meta_pr.outputs.labels }} - name: Login to GitHub Container Registry - uses: docker/login-action@v2.1.0 + uses: docker/login-action@v3.2.0 with: registry: ghcr.io username: ${{ github.actor }} From 909d1a1bd8032a4fa8825902bcf649a4a5c48f83 Mon Sep 17 00:00:00 2001 From: Kean Ren Date: Wed, 26 Jun 2024 10:34:16 -0400 Subject: [PATCH 14/40] Update .gitmodules from f39 to f40 (#126) Co-authored-by: renhai2 --- .gitmodules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitmodules b/.gitmodules index e05748a..3ac6662 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,7 +1,7 @@ [submodule "external/fedora-lorax-templates"] path = external/fedora-lorax-templates url = https://pagure.io/fedora-lorax-templates.git - branch = f39 + branch = f40 [submodule "external/lorax"] path = external/lorax url = https://github.com/weldr/lorax.git From ceccfc98ef73825152095431bfa85c796f174c7a Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Sun, 4 Aug 2024 18:10:17 +0000 Subject: [PATCH 15/40] fix issue with custom repo files --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 25ee23a..20bc28d 100644 --- a/Makefile +++ b/Makefile @@ -106,14 +106,14 @@ sb_pubkey.der: curl --fail -L -o sb_pubkey.der $(SECURE_BOOT_KEY_URL) # Build boot.iso using Lorax -results/images/boot.iso: external/lorax/branch-$(VERSION) $(filter lorax_templates/%,$(_LORAX_TEMPLATES)) $(_REPO_FILES) $(if $(SECURE_BOOT_KEY_URL),sb_pubkey.der) +results/images/boot.iso: external/lorax/branch-$(VERSION) $(filter lorax_templates/%,$(_LORAX_TEMPLATES)) $(filter repos/%,$(_REPO_FILES)) $(if $(SECURE_BOOT_KEY_URL),sb_pubkey.der) $(if $(wildcard results), rm -Rf results) $(if $(wildcard /etc/rpm/macros.image-language-conf),mv /etc/rpm/macros.image-language-conf $(_TEMP_DIR)/macros.image-language-conf) lorax -p $(IMAGE_NAME) -v $(VERSION) -r $(VERSION) -t $(VARIANT) \ --isfinal --buildarch=$(ARCH) --volid=$(_VOLID) --sharedir $(PWD)/external/lorax/share/templates.d/99-generic \ $(_LORAX_ARGS) \ - $(foreach file,$(_REPO_FILES),--repo $(PWD)/$(file)) \ + $(foreach file,$(_REPO_FILES),--repo $(patsubst repos/%,$(PWD)/repos/%,$(file))) \ $(foreach file,$(_LORAX_TEMPLATES),--add-template $(PWD)/$(file)) \ $(foreach file,$(ADDITIONAL_TEMPLATES),--add-template $(file)) \ $(foreach file,$(_FLATPAK_TEMPLATES),--add-template $(file)) \ From 776a9a7e988b760789dfe55795a04a8621ff539d Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Mon, 12 Aug 2024 11:38:47 -0400 Subject: [PATCH 16/40] Tag image with long sha (#136) --- .github/workflows/build_container.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 54b9360..ca65ed7 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -72,6 +72,7 @@ jobs: tags: | type=ref,event=branch type=ref,event=pr + type=raw,value=${{ github.sha }} type=semver,pattern=v{{version}} type=semver,pattern=v{{major}}.{{minor}} type=semver,pattern=v{{major}}.{{minor}}.{{patch}} @@ -85,6 +86,7 @@ jobs: ghcr.io/${{ github.repository }} tags: | pr-${{ inputs.pr }} + ${{ github.sha }} - name: Buildah Build id: build-image From f98ebd14208b9aab7abf360b035db51ffe4acff9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Aug 2024 11:40:00 -0400 Subject: [PATCH 17/40] Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 (#131) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jason Nagin <33561705+JasonN3@users.noreply.github.com> --- .github/workflows/build_container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index ca65ed7..32df1e1 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -123,7 +123,7 @@ jobs: - name: Install Cosign if: startsWith(github.ref, 'refs/tags/v') - uses: sigstore/cosign-installer@v3.5.0 + uses: sigstore/cosign-installer@v3.6.0 - name: Sign the images if: startsWith(github.ref, 'refs/tags/v') From aa74d32215ba7bd6682211bfc3c07ede6e182614 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Aug 2024 11:40:47 -0400 Subject: [PATCH 18/40] Bump docker/login-action from 3.2.0 to 3.3.0 (#129) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jason Nagin <33561705+JasonN3@users.noreply.github.com> --- .github/workflows/build_container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 32df1e1..60ff1ea 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -97,7 +97,7 @@ jobs: labels: ${{ steps.meta.outputs.labels || steps.meta_pr.outputs.labels }} - name: Login to GitHub Container Registry - uses: docker/login-action@v3.2.0 + uses: docker/login-action@v3.3.0 with: registry: ghcr.io username: ${{ github.actor }} From 54d96145905fed494e57147928726f23fe42e876 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Wed, 21 Aug 2024 10:09:28 -0400 Subject: [PATCH 19/40] Copy Wiki from main repo (#128) Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- .github/workflows/update_wiki.yml | 50 ++++++++++++ README.md | 126 +----------------------------- docs/Makefile | 12 +++ docs/README.md | 1 + docs/_Sidebar.md | 8 ++ docs/development/container.md | 22 ++++++ docs/development/makefile.md | 7 ++ docs/development/vscode.md | 46 +++++++++++ docs/examples/adding-flatpaks.md | 74 ++++++++++++++++++ docs/home.md | 11 +++ docs/usage.md | 68 ++++++++++++++++ 11 files changed, 301 insertions(+), 124 deletions(-) create mode 100644 .github/workflows/update_wiki.yml create mode 100644 docs/Makefile create mode 100644 docs/README.md create mode 100644 docs/_Sidebar.md create mode 100644 docs/development/container.md create mode 100644 docs/development/makefile.md create mode 100644 docs/development/vscode.md create mode 100644 docs/examples/adding-flatpaks.md create mode 100644 docs/home.md create mode 100644 docs/usage.md diff --git a/.github/workflows/update_wiki.yml b/.github/workflows/update_wiki.yml new file mode 100644 index 0000000..daeeb9b --- /dev/null +++ b/.github/workflows/update_wiki.yml @@ -0,0 +1,50 @@ +name: Update Wiki +on: + push: + branches: + - main + paths: + - 'docs/**' + - '.github/workflows/update_wiki.yml' + +jobs: + update-wiki: + name: Update Wiki + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - name: Install packages + run: | + apt install -y make rsync + # Checkout Main Repo + - uses: actions/checkout@v2 + + # Checkout Wiki Repo + - uses: actions/checkout@v2 + with: + repository: ${{github.repository}}.wiki + persist-credentials: true + path: wiki + ref: master + + # Generate final files + - name: Generate Files + run: | + cd ${GITHUB_WORKSPACE}/docs + make + + # Copy Docs + - name: Copy files + run: | + rsync -av --exclude='.git/*' ${GITHUB_WORKSPACE}/docs/ ${GITHUB_WORKSPACE}/wiki/ + + # Push Changes + - name: Push changes + run: | + cd ${GITHUB_WORKSPACE}/wiki/ + git config --local user.email "action@github.com" + git config --local user.name "GitHub Action" + git add . + git commit -m "Add changes" + git push diff --git a/README.md b/README.md index b8da5e4..26a3de9 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ # Build Container Installer Action -This action is used to generate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer` +This action is used to generate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer`, which also supports bootc. ## Usage @@ -36,130 +36,8 @@ This action is designed to be called from a GitHub workflow using the following compression-level: 0 ``` -See [Customizing](#customizing) for information about customizing the ISO that gets created using `with` +**See the [Wiki](https://github.com/JasonN3/build-container-installer/wiki) for development and usage information.** -## Customizing - -The following variables can be used to customize the created ISO. - -### Inputs - -| Variable | Description | Default Value | Action | Container/Makefile | -| ----------------------- | ---------------------------------------------------------------------------- | -------------------------------------------- | ------------------ | ------------------ | -| additional_templates | Space delimited list of additional Lorax templates to include | \[empty\] | :white_check_mark: | :white_check_mark: | -| arch | Architecture for image to build | x86_64 | :white_check_mark: | :white_check_mark: | -| enrollment_password | Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) | container-installer | :white_check_mark: | :white_check_mark: | -| extra_boot_params | Extra params used by grub to boot the anaconda installer | \[empty\] | :white_check_mark: | :white_check_mark: | -| flatpak_remote_name | Name of the Flatpak repo on the destination OS | flathub | :white_check_mark: | :white_check_mark: | -| flatpak_remote_refs | Space separated list of flatpak refs to install | \[empty\] | :white_check_mark: | :white_check_mark: | -| flatpak_remote_refs_dir | Directory that contains files that list the flatpak refs to install | \[empty\] | :white_check_mark: | :white_check_mark: | -| flatpak_remote_url | URL of the flatpakrepo file | | :white_check_mark: | :white_check_mark: | -| image_name | Name of the source container image | base | :white_check_mark: | :white_check_mark: | -| image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | :white_check_mark: | :white_check_mark: | -| image_signed | Whether the container image is signed. The policy to test the signing must be configured inside the container image | true | :white_check_mark: | :white_check_mark: | -| image_src | Overrides the source of the container image. Must be formatted for the skopeo copy command | \[empty\] | :white_check_mark: | :white_check_mark: | -| image_tag | Tag of the source container image | *VERSION* | :white_check_mark: | :white_check_mark: | -| iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | :white_check_mark: | :white_check_mark: | -| make_target | Overrides the default make target | *ISO_NAME*-Checksum | :white_check_mark: | :x: | -| repos | List of repo files for Lorax to use | /etc/yum.repos.d/*.repo | :white_check_mark: | :white_check_mark: | -| rootfs_size | The size (in GiB) for the squashfs runtime volume | 2 | :white_check_mark: | :white_check_mark: | -| secure_boot_key_url | Secure boot key that is installed from URL location\*\* | \[empty\] | :white_check_mark: | :white_check_mark: | -| variant | Source container variant\* | Server | :white_check_mark: | :white_check_mark: | -| version | Fedora version of installer to build | 39 | :white_check_mark: | :white_check_mark: | -| web_ui | Enable Anaconda WebUI (experimental) | false | :white_check_mark: | :white_check_mark: | - -\*Available options for VARIANT can be found by running `dnf provides system-release`. -Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinoite - -\*\* If you need to reference a local file, you can use `file://*path*` - -### Outputs - -| Variable | Description | Usage | -| -------- | ----------------------------------------| ------------------------------------------------ | -| iso_name | The name of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | -| iso_path | The name and path of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | - -For outputs, see example above. - -## Development - -### Makefile - -The Makefile contains all commands that are run the action. There are separate targets for each file generated, however `make` can be used to generate the final image and `make clean` can be used to clean up the workspace. The resulting ISO will be stored in the `build` directory. - -You can use `make install-deps` to install the required packages. - -See [Customizing](#customizing) for information about customizing the ISO that gets created. All variables should be specified in CAPITALIZED form. - -### Container - -A container with `make install-deps` already run is provided at `ghcr.io/jasonn3/build-container-installer:latest` - -To use the container file, run `docker run --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest`. - -This will create an ISO with the baked in defaults of the container image. The resulting file will be called `deploy.iso` - -See [Customizing](#customizing) for information about customizing the ISO that gets created. All variables should be specified in CAPITALIZED form. -Examples: - -Building an ISO to install Fedora 38 - -```bash -docker run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=38 IMAGE_NAME=base IMAGE_TAG=38 VARIANT=Server -``` - -Building an ISO to install Fedora 39 - -```bash -docker run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=Server -``` - -### VSCode Dev Container - -There is a dev container configuration provided for development. By default, it will use the existing container image available at `ghcr.io/jasonn3/build-container-installer:latest`. However, you can have it build a new image by editing `.devcontainer/devcontainer.json` and replacing `image` with `build`. `Ctrl+/` can be used to comment and uncomment blocks of code within VSCode. - -The code from VSCode will be available at `/workspaces/build-container-installer` once the container has started. - -Privileged is required for access to loop devices for lorax. - -Use existing container image: - -```diff -{ - "name": "Existing Image", -- "build": { -- "context": "..", -- "dockerfile": "../Containerfile", -- "args": { -- "version": "39" -- } -- }, -+ "image": "ghcr.io/jasonn3/build-container-installer:latest", - "overrideCommand": true, - "shutdownAction": "stopContainer", - "privileged": true -} -``` - -Build a new container image: - -```diff -{ - "name": "New Image", -+ "build": { -+ "context": "..", -+ "dockerfile": "../Containerfile", -+ "args": { -+ "version": "39" -+ } -+ }, -- "image": "ghcr.io/jasonn3/build-container-installer:latest", - "overrideCommand": true, - "shutdownAction": "stopContainer", - "privileged": true -} -``` ## Star History diff --git a/docs/Makefile b/docs/Makefile new file mode 100644 index 0000000..21029af --- /dev/null +++ b/docs/Makefile @@ -0,0 +1,12 @@ +SHELL = /bin/bash + +docs: + find -name '*.md' -print0 | xargs -0 -I {} bash -c ' \ + source_file=$${1:2}; \ + final_file=$${source_file//\//_}; \ + mv "$${source_file}" "$${final_file}"; \ + no_ext_source=$${source_file:0:-3}; \ + no_ext_final=$${final_file:0:-3}; \ + sed -i "s;(\(../\)*$${source_file});($${no_ext_final});g" $$(find -name '*.md'); \ + ' _ {} + find . -type d -empty -delete diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 0000000..2091ec8 --- /dev/null +++ b/docs/README.md @@ -0,0 +1 @@ +These are the files for the [wiki](https://github.com/JasonN3/build-container-installer/wiki) \ No newline at end of file diff --git a/docs/_Sidebar.md b/docs/_Sidebar.md new file mode 100644 index 0000000..93379d1 --- /dev/null +++ b/docs/_Sidebar.md @@ -0,0 +1,8 @@ +- [Home](home.md) +- Development + - [Using the Makefile](development/makefile.md) + - [Using the Container](development/container.md) + - [Using the VSCode Dev Container](development/vscode.md) + +- Examples + - [Adding Flatpaks](examples/adding-flatpaks.md) diff --git a/docs/development/container.md b/docs/development/container.md new file mode 100644 index 0000000..29d4a7a --- /dev/null +++ b/docs/development/container.md @@ -0,0 +1,22 @@ +# Using the Container + +A container with `make install-deps` already run is provided at `ghcr.io/jasonn3/build-container-installer:latest` + +To use the container file, run `podman run --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest`. + +This will create an ISO with the baked in defaults of the container image. The resulting file will be called `deploy.iso` + +See [Inputs](../usage.md#inputs) for information about customizing the ISO that gets created. The variables can be defined as environment variables or command arguments. All variables should be specified in CAPITALIZED form. +Examples: + +Building an ISO to install Fedora 39 +```bash +podman run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=Server +``` + +Building an ISO to install Fedora 40 +```bash +podman run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=40 IMAGE_NAME=base IMAGE_TAG=40 VARIANT=Server +``` + +The same commands are also available using `docker` by replacing `podman` with `docker` in each command. diff --git a/docs/development/makefile.md b/docs/development/makefile.md new file mode 100644 index 0000000..a94535e --- /dev/null +++ b/docs/development/makefile.md @@ -0,0 +1,7 @@ +# Using the Makefile + +The Makefile contains all the commands that are run in the action. There are separate targets for each file generated, however `make` can be used to generate the final image and `make clean` can be used to clean up the workspace. The resulting ISO will be stored in the `build` directory. + +`make install-deps` can be used to install the necessary packages. + +See [Inputs](../usage.md#inputs) for information about the available parameters. All variables should be specified in CAPITALIZED form. diff --git a/docs/development/vscode.md b/docs/development/vscode.md new file mode 100644 index 0000000..4b22fe9 --- /dev/null +++ b/docs/development/vscode.md @@ -0,0 +1,46 @@ +# Using the VSCode Dev Container + +There is a dev container configuration provided for development. By default, it will use the existing container image available at `ghcr.io/jasonn3/build-container-installer:latest`. However, you can have it build a new image by editing `.devcontainer/devcontainer.json` and replacing `image` with `build`. `Ctrl+/` can be used to comment and uncomment blocks of code within VSCode. + +The code from VSCode will be available at `/workspaces/build-container-installer` once the container has started. + +Privileged is required for access to loop devices for lorax. + +## Use existing container image + +```diff +{ + "name": "Existing Image", +- "build": { +- "context": "..", +- "dockerfile": "../Containerfile", +- "args": { +- "version": "39" +- } +- }, ++ "image": "ghcr.io/jasonn3/build-container-installer:latest", + "overrideCommand": true, + "shutdownAction": "stopContainer", + "privileged": true +} +``` + +## Build a new container image + +```diff +{ + "name": "New Image", ++ "build": { ++ "context": "..", ++ "dockerfile": "../Containerfile", ++ "args": { ++ "version": "39" ++ } ++ }, +- "image": "ghcr.io/jasonn3/build-container-installer:latest", + "overrideCommand": true, + "shutdownAction": "stopContainer", + "privileged": true +} +``` + diff --git a/docs/examples/adding-flatpaks.md b/docs/examples/adding-flatpaks.md new file mode 100644 index 0000000..153b740 --- /dev/null +++ b/docs/examples/adding-flatpaks.md @@ -0,0 +1,74 @@ +# Adding Flatpaks + +- [Directly using refs](#directly-using-refs) +- [Using a directory](#using-a-directory) + +## Directly using refs + +Action: +Specify the following in your workflow: + +```yaml +- name: Build ISO + uses: jasonn3/build-container-installer@main + id: build + with: + flatpak_remote_name: flathub + flatpak_remote_url: https://flathub.org/repo/flathub.flatpakrepo + flatpak_remote_refs: app/org.videolan.VLC/x86_64/stable runtime/org.kde.Platform/x86_64/5.15-23.08 +``` + +Podman: +Run the following command: + +```bash +podman run --privileged --volume ./:/github/workspace/ ghcr.io/jasonn3/build-container-installer:main \ + FLATPAK_REMOTE_NAME=flathub \ + FLATPAK_REMOTE_URL=https://flathub.org/repo/flathub.flatpakrepo \ + FLATPAK_REMOTE_REFS="app/org.videolan.VLC/x86_64/stable runtime/org.kde.Platform/x86_64/5.15-23.08" +``` + +--- + +## Using a directory + +Action: + +1. Create a directory within your GitHub repo named flatpak_refs +1. Create a file within flatpak_refs with the following content + +```plaintext +app/org.videolan.VLC/x86_64/stable +runtime/org.kde.Platform/x86_64/5.15-23.08 +``` + +Specify the following in your workflow: + +```yaml +- name: Build ISO + uses: jasonn3/build-container-installer@main + id: build + with: + flatpak_remote_name: flathub + flatpak_remote_url: https://flathub.org/repo/flathub.flatpakrepo + flatpak_remote_refs_dir: /github/workspace/flatpak_refs +``` + +Podman: + +1. Create a directory named flatpak_refs +1. Create a file within flatpak_refs with the following content + +```plaintext +app/org.videolan.VLC/x86_64/stable +runtime/org.kde.Platform/x86_64/5.15-23.08 +``` + +Run the following command: + +```bash +podman run --privileged --volume ./:/github/workspace/ ghcr.io/jasonn3/build-container-installer:main \ + FLATPAK_REMOTE_NAME=flathub \ + FLATPAK_REMOTE_URL=https://flathub.org/repo/flathub.flatpakrepo \ + FLATPAK_REMOTE_REFS="app/org.videolan.VLC/x86_64/stable runtime/org.kde.Platform/x86_64/5.15-23.08" +``` diff --git a/docs/home.md b/docs/home.md new file mode 100644 index 0000000..6f88490 --- /dev/null +++ b/docs/home.md @@ -0,0 +1,11 @@ +Welcome to the build-container-installer wiki! + +## Index + +- Development + - [Using the Makefile](development/makefile.md) + - [Using the Container](development/container.md) + - [Using the VSCode Dev Container](development/vscode.md) + +- Examples + - [Adding Flatpaks](examples/adding-flatpaks.md) diff --git a/docs/usage.md b/docs/usage.md new file mode 100644 index 0000000..9f6a83f --- /dev/null +++ b/docs/usage.md @@ -0,0 +1,68 @@ +# Usage + +This action is designed to be called from a GitHub workflow using the following format + +```yaml +- name: Build ISO + uses: jasonn3/build-container-installer@main + id: build + with: + arch: ${{ env.ARCH}} + image_name: ${{ env.IMAGE_NAME}} + image_repo: ${{ env.IMAGE_REPO}} + image_tag: ${{ env.IMAGE_TAG }} + version: ${{ env.VERSION }} + variant: ${{ env.VARIANT }} + iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ env.VERSION }}.iso + +# This example is for uploading your ISO as a Github artifact. You can do something similar using any cloud storage, so long as you copy the output +- name: Upload ISO as artifact + id: upload + uses: actions/upload-artifact@v4 + with: + name: ${{ steps.build.outputs.iso_name }} + path: | + ${{ steps.build.outputs.iso_path }} + ${{ steps.build.outputs.iso_path }}-CHECKSUM + if-no-files-found: error + retention-days: 0 + compression-level: 0 +``` + +## Inputs + +| Variable | Description | Default Value | Action | Container/Makefile | +| ----------------------- | ---------------------------------------------------------------------------- | ---------------------------------------------- | ------------------ | ------------------ | +| additional_templates | Space delimited list of additional Lorax templates to include | \[empty\] | :white_check_mark: | :white_check_mark: | +| arch | Architecture for image to build | x86_64 | :white_check_mark: | :white_check_mark: | +| enrollment_password | Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) | container-installer | :white_check_mark: | :white_check_mark: | +| extra_boot_params | Extra params used by grub to boot the anaconda installer | \[empty\] | :white_check_mark: | :white_check_mark: | +| flatpak_remote_name | Name of the Flatpak repo on the destination OS | flathub | :white_check_mark: | :white_check_mark: | +| flatpak_remote_refs | Space separated list of flatpak refs to install | \[empty\] | :white_check_mark: | :white_check_mark: | +| flatpak_remote_refs_dir | Directory that contains files that list the flatpak refs to install | \[empty\] | :white_check_mark: | :white_check_mark: | +| flatpak_remote_url | URL of the flatpakrepo file | | :white_check_mark: | :white_check_mark: | +| image_name | Name of the source container image | base | :white_check_mark: | :white_check_mark: | +| image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | :white_check_mark: | :white_check_mark: | +| image_signed | Whether the container image is signed. The policy to test the signing must be configured inside the container image | true | :white_check_mark: | :white_check_mark: | +| image_src | Overrides the source of the container image. Must be formatted for the skopeo copy command | \[empty\] | :white_check_mark: | :white_check_mark: | +| image_tag | Tag of the source container image | *VERSION* | :white_check_mark: | :white_check_mark: | +| iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | :white_check_mark: | :white_check_mark: | +| make_target | Overrides the default make target | *ISO_NAME*-Checksum | :white_check_mark: | :x: | +| repos | List of repo files for Lorax to use | /etc/yum.repos.d/*.repo | :white_check_mark: | :white_check_mark: | +| rootfs_size | The size (in GiB) for the squashfs runtime volume | 2 | :white_check_mark: | :white_check_mark: | +| secure_boot_key_url | Secure boot key that is installed from URL location\*\* | \[empty\] | :white_check_mark: | :white_check_mark: | +| variant | Source container variant\* | Server | :white_check_mark: | :white_check_mark: | +| version | Fedora version of installer to build | 39 | :white_check_mark: | :white_check_mark: | +| web_ui | Enable Anaconda WebUI (experimental) | false | :white_check_mark: | :white_check_mark: | + +\*Available options for VARIANT can be found by running `dnf provides system-release`. +Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinoite + +\*\* If you need to reference a local file, you can use `file://*path*` + +## Outputs + +| Variable | Description | Usage | +| -------- | ----------------------------------------| ------------------------------------------------ | +| iso_name | The name of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | +| iso_path | The name and path of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | \ No newline at end of file From f10dd64668e822264ef39ae93beec550961818d7 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Wed, 21 Aug 2024 10:29:27 -0400 Subject: [PATCH 20/40] Add known errors page (#137) --- .github/workflows/update_wiki.yml | 2 +- docs/_Sidebar.md | 2 ++ docs/home.md | 2 ++ docs/known_errors.md | 7 +++++++ 4 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 docs/known_errors.md diff --git a/.github/workflows/update_wiki.yml b/.github/workflows/update_wiki.yml index daeeb9b..ac78537 100644 --- a/.github/workflows/update_wiki.yml +++ b/.github/workflows/update_wiki.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Install packages run: | - apt install -y make rsync + sudo apt install -y make rsync # Checkout Main Repo - uses: actions/checkout@v2 diff --git a/docs/_Sidebar.md b/docs/_Sidebar.md index 93379d1..300a54e 100644 --- a/docs/_Sidebar.md +++ b/docs/_Sidebar.md @@ -6,3 +6,5 @@ - Examples - [Adding Flatpaks](examples/adding-flatpaks.md) + +- [Known Errors](known_errors.md) \ No newline at end of file diff --git a/docs/home.md b/docs/home.md index 6f88490..e8b6e75 100644 --- a/docs/home.md +++ b/docs/home.md @@ -9,3 +9,5 @@ Welcome to the build-container-installer wiki! - Examples - [Adding Flatpaks](examples/adding-flatpaks.md) + +- [Known Errors](known_errors.md) \ No newline at end of file diff --git a/docs/known_errors.md b/docs/known_errors.md new file mode 100644 index 0000000..bda0b22 --- /dev/null +++ b/docs/known_errors.md @@ -0,0 +1,7 @@ +# Known Errors + +This page describes known errors and how to resolve them. + +## failed to write boot loader configuration + +Add `RUN bootupctl backend generate-update-metadata` at the end of your Dockerfile/Containerfile \ No newline at end of file From 237ff3e130d9455a33f02e34b258ed7cbc79b9a9 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Wed, 21 Aug 2024 14:23:54 -0400 Subject: [PATCH 21/40] escape quote --- docs/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/Makefile b/docs/Makefile index 21029af..49f871b 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -7,6 +7,6 @@ docs: mv "$${source_file}" "$${final_file}"; \ no_ext_source=$${source_file:0:-3}; \ no_ext_final=$${final_file:0:-3}; \ - sed -i "s;(\(../\)*$${source_file});($${no_ext_final});g" $$(find -name '*.md'); \ + sed -i "s;(\(../\)*$${source_file});($${no_ext_final});g" $$(find -name '\''*.md'\''); \ ' _ {} find . -type d -empty -delete From 0180c5003041d49b357465562e942aab8c04c71b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 22 Aug 2024 10:11:18 -0400 Subject: [PATCH 22/40] Bump actions/checkout from 2 to 4 (#138) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/update_wiki.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update_wiki.yml b/.github/workflows/update_wiki.yml index ac78537..a9bdf15 100644 --- a/.github/workflows/update_wiki.yml +++ b/.github/workflows/update_wiki.yml @@ -18,10 +18,10 @@ jobs: run: | sudo apt install -y make rsync # Checkout Main Repo - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 # Checkout Wiki Repo - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 with: repository: ${{github.repository}}.wiki persist-credentials: true From f9395d5ae1ad571746a7fd890e80f2d4360b81e7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Oct 2024 09:36:44 -0400 Subject: [PATCH 23/40] Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 (#143) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build_container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 60ff1ea..57949bc 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -123,7 +123,7 @@ jobs: - name: Install Cosign if: startsWith(github.ref, 'refs/tags/v') - uses: sigstore/cosign-installer@v3.6.0 + uses: sigstore/cosign-installer@v3.7.0 - name: Sign the images if: startsWith(github.ref, 'refs/tags/v') From a1ce6da2d6c1af0561bec053366d0f3aa7e38743 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Wed, 30 Oct 2024 15:01:05 -0400 Subject: [PATCH 24/40] Add F41 tests (#145) Co-authored-by: Noel Miller --- .github/workflows/build_vars.yml | 37 +++++------------------- flatpaks/Makefile | 1 + lorax_templates/flatpak_set_repo.tmpl | 2 +- test/iso/flatpak_repo_updated.sh | 14 +++++++++ test/vm/flatpak_fedora_repo_disabled.yml | 4 ++- 5 files changed, 27 insertions(+), 31 deletions(-) diff --git a/.github/workflows/build_vars.yml b/.github/workflows/build_vars.yml index e574c15..ffbe614 100644 --- a/.github/workflows/build_vars.yml +++ b/.github/workflows/build_vars.yml @@ -10,40 +10,19 @@ on: { "version": [ "39", - "40", - ], + "40", + "41" + ], "flatpaks": [ "false", - "flatpak_dir", + "flatpak_refs_dir", "flatpak_refs" ], - "exclude": [ - { - "version": "40", - "flatpaks": "flatpak_dir" - }, - { - "version": "40", - "flatpaks": "flatpak_refs" - } + "image_repo": [ + "ghcr.io/ublue-os" ], - "include": [ - { - "version": "39", - "image_repo": "quay.io/fedora-ostree-desktops", - "image_name": "base" - }, - { - "version": "40", - "image_repo": "quay.io/fedora", - "image_name": "fedora-bootc" - }, - { - "version": "38", - "image_repo": "quay.io/fedora", - "image_name": "fedora-bootc", - "image_src": "docker://quay.io/fedora-ostree-desktops/base:39" - } + "image_name": [ + "base-main" ] }' VARIANT: diff --git a/flatpaks/Makefile b/flatpaks/Makefile index 3b6e939..7729d01 100644 --- a/flatpaks/Makefile +++ b/flatpaks/Makefile @@ -14,6 +14,7 @@ repo: script.sh script.sh: cat << EOF > script.sh + which flatpak &> /dev/null || dnf install -y flatpak mkdir -p /flatpak/flatpak /flatpak/triggers mkdir /var/tmp || true chmod -R 1777 /var/tmp diff --git a/lorax_templates/flatpak_set_repo.tmpl b/lorax_templates/flatpak_set_repo.tmpl index 0d8db43..b7fae2d 100644 --- a/lorax_templates/flatpak_set_repo.tmpl +++ b/lorax_templates/flatpak_set_repo.tmpl @@ -1,8 +1,8 @@ <%page args="flatpak_remote_name, _flatpak_repo_url, version"/> % if int(version) >= 41: +append etc/anaconda/conf.d/anaconda.conf "[Payload]" append etc/anaconda/conf.d/anaconda.conf "flatpak_remote = ${flatpak_remote_name} ${_flatpak_repo_url}" % else: replace "flatpak_manager\.add_remote\(\".*\", \".*\"\)" "flatpak_manager.add_remote(\"${flatpak_remote_name}\", \"${_flatpak_repo_url}\")" /usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py replace "flatpak_manager\.replace_installed_refs_remote\(\".*\"\)" "flatpak_manager.replace_installed_refs_remote(\"${flatpak_remote_name}\")" /usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py % endif - diff --git a/test/iso/flatpak_repo_updated.sh b/test/iso/flatpak_repo_updated.sh index 83f3773..c8187ff 100644 --- a/test/iso/flatpak_repo_updated.sh +++ b/test/iso/flatpak_repo_updated.sh @@ -1,5 +1,19 @@ #!/bin/bash +if [[ ${VERSION} -ge 41 ]] +then + result=0 + grep "^\[Payload\]" mnt/install/etc/anaconda/conf.d/anaconda.conf > /dev/null || { + echo "Missing [Payload] header" + result=1 + } + grep "^flatpak_remote = ${FLATPAK_REMOTE_NAME} ${_FLATPAK_REPO_URL}" mnt/install/etc/anaconda/conf.d/anaconda.conf > /dev/null || { + echo "Missing flatpak_remote option" + result=1 + } + exit ${result} +fi + add_line=$(grep flatpak_manager.add_remote mnt/install/usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py) add_line_repo=$(echo "${add_line}" | grep "${FLATPAK_REMOTE_NAME}") diff --git a/test/vm/flatpak_fedora_repo_disabled.yml b/test/vm/flatpak_fedora_repo_disabled.yml index 17a3e08..eb87099 100644 --- a/test/vm/flatpak_fedora_repo_disabled.yml +++ b/test/vm/flatpak_fedora_repo_disabled.yml @@ -10,7 +10,9 @@ register: services_state - name: Check that flatpak-add-fedora-repos is disabled + when: services_state['ansible_facts']['services']['flatpak-add-fedora-repos.service'] is defined ansible.builtin.assert: that: - services_state['ansible_facts']['services']['flatpak-add-fedora-repos.service']['status'] == 'disabled' - fail_msg: 'flatpak-add-fedora-repos.service is not disabled' \ No newline at end of file + fail_msg: 'flatpak-add-fedora-repos.service is not disabled' + success_msg: 'flatpak-add-fedora-repos.service is correctly disabled' From ec2a9f4e3fbf100d7d42487bc45524f106ace8cf Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Thu, 31 Oct 2024 09:47:55 -0400 Subject: [PATCH 25/40] disable schedule --- .github/workflows/clean_repo.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/clean_repo.yml b/.github/workflows/clean_repo.yml index b1e1368..d5e05ab 100644 --- a/.github/workflows/clean_repo.yml +++ b/.github/workflows/clean_repo.yml @@ -1,7 +1,7 @@ name: Clean Container Registry on: - schedule: - - cron: '0 21 * * 0' +# schedule: +# - cron: '0 21 * * 0' workflow_dispatch: From 312375b2cd5b2e426c3ff966cfd4e7515f658524 Mon Sep 17 00:00:00 2001 From: Noel Miller <4983138+noelmiller@users.noreply.github.com> Date: Tue, 3 Dec 2024 12:00:55 -0600 Subject: [PATCH 26/40] fix link to inputs (#147) Co-authored-by: Jason Nagin <33561705+JasonN3@users.noreply.github.com> --- docs/development/container.md | 2 +- docs/development/makefile.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/development/container.md b/docs/development/container.md index 29d4a7a..8df3e27 100644 --- a/docs/development/container.md +++ b/docs/development/container.md @@ -6,7 +6,7 @@ To use the container file, run `podman run --privileged --volume .:/build-contai This will create an ISO with the baked in defaults of the container image. The resulting file will be called `deploy.iso` -See [Inputs](../usage.md#inputs) for information about customizing the ISO that gets created. The variables can be defined as environment variables or command arguments. All variables should be specified in CAPITALIZED form. +See [Inputs](usage.md#inputs) for information about customizing the ISO that gets created. The variables can be defined as environment variables or command arguments. All variables should be specified in CAPITALIZED form. Examples: Building an ISO to install Fedora 39 diff --git a/docs/development/makefile.md b/docs/development/makefile.md index a94535e..be37851 100644 --- a/docs/development/makefile.md +++ b/docs/development/makefile.md @@ -4,4 +4,4 @@ The Makefile contains all the commands that are run in the action. There are sep `make install-deps` can be used to install the necessary packages. -See [Inputs](../usage.md#inputs) for information about the available parameters. All variables should be specified in CAPITALIZED form. +See [Inputs](usage#inputs) for information about the available parameters. All variables should be specified in CAPITALIZED form. From e80a97fbb08318a708bc8a3b2515f4a7aa912c0c Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Tue, 3 Dec 2024 13:02:35 -0500 Subject: [PATCH 27/40] fix link path --- docs/development/container.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/development/container.md b/docs/development/container.md index 8df3e27..0e0a0ef 100644 --- a/docs/development/container.md +++ b/docs/development/container.md @@ -6,7 +6,7 @@ To use the container file, run `podman run --privileged --volume .:/build-contai This will create an ISO with the baked in defaults of the container image. The resulting file will be called `deploy.iso` -See [Inputs](usage.md#inputs) for information about customizing the ISO that gets created. The variables can be defined as environment variables or command arguments. All variables should be specified in CAPITALIZED form. +See [Inputs](usage#inputs) for information about customizing the ISO that gets created. The variables can be defined as environment variables or command arguments. All variables should be specified in CAPITALIZED form. Examples: Building an ISO to install Fedora 39 From f09a756b7a1205f121d8508f1171759328b95d2c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Dec 2024 13:03:39 -0500 Subject: [PATCH 28/40] Bump Chizkiyahu/delete-untagged-ghcr-action from 4 to 5 (#148) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/clean_repo.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/clean_repo.yml b/.github/workflows/clean_repo.yml index d5e05ab..a19ddd5 100644 --- a/.github/workflows/clean_repo.yml +++ b/.github/workflows/clean_repo.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Delete Untagged Packages - uses: Chizkiyahu/delete-untagged-ghcr-action@v4 + uses: Chizkiyahu/delete-untagged-ghcr-action@v5 with: token: ${{ secrets.PACKAGE_DELETER }} repository_owner: ${{ github.repository_owner }} From 362fea7d5d5df8d8d2412379c05b77bdaaf934a0 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Thu, 2 Jan 2025 09:02:24 -0500 Subject: [PATCH 29/40] Block broken lorax versions (#152) --- .github/workflows/build_iso.yml | 6 +++--- .github/workflows/test_deployment.yml | 6 +++--- .github/workflows/test_iso.yml | 6 +++--- external/Makefile | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build_iso.yml b/.github/workflows/build_iso.yml index 4c89f38..3c2316d 100644 --- a/.github/workflows/build_iso.yml +++ b/.github/workflows/build_iso.yml @@ -53,7 +53,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" per_page: 100 - name: Set status @@ -62,7 +62,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -138,7 +138,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} diff --git a/.github/workflows/test_deployment.yml b/.github/workflows/test_deployment.yml index 792b68a..ec85345 100644 --- a/.github/workflows/test_deployment.yml +++ b/.github/workflows/test_deployment.yml @@ -52,7 +52,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" per_page: 100 - name: Set status @@ -61,7 +61,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -107,6 +107,6 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} diff --git a/.github/workflows/test_iso.yml b/.github/workflows/test_iso.yml index 3b072d7..4697e30 100644 --- a/.github/workflows/test_iso.yml +++ b/.github/workflows/test_iso.yml @@ -52,7 +52,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" per_page: 100 - name: Set status @@ -61,7 +61,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -98,6 +98,6 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} \ No newline at end of file diff --git a/external/Makefile b/external/Makefile index 74047b1..0cac3e7 100644 --- a/external/Makefile +++ b/external/Makefile @@ -1,6 +1,6 @@ lorax/branch-$(VERSION): git config advice.detachedHead false - cd lorax && git reset --hard HEAD && git checkout $(if $(_RHEL),rhel$(word 1,$(subst ., ,$(VERSION)))-branch,tags/$(shell cd lorax && git tag -l lorax-$(VERSION).* --sort=creatordate | tail -n 1)) + cd lorax && git reset --hard HEAD && git checkout $(if $(_RHEL),rhel$(word 1,$(subst ., ,$(VERSION)))-branch,tags/$(shell cd lorax && git tag -l lorax-$(VERSION).* --sort=creatordate | grep -v 'lorax-40\.5' | tail -n 1)) touch lorax/branch-$(VERSION) install-deps: From 46786df34449d211be50addcde81570b6e5aba8b Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Wed, 8 Jan 2025 10:39:29 -0500 Subject: [PATCH 30/40] Test with base Fedora images (#155) --- .github/workflows/build_vars.yml | 36 ++++++++++++++++++++++++++++---- 1 file changed, 32 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build_vars.yml b/.github/workflows/build_vars.yml index ffbe614..336a401 100644 --- a/.github/workflows/build_vars.yml +++ b/.github/workflows/build_vars.yml @@ -9,7 +9,7 @@ on: value: ' { "version": [ - "39", + "39", "40", "41" ], @@ -19,10 +19,38 @@ on: "flatpak_refs" ], "image_repo": [ - "ghcr.io/ublue-os" + "ghcr.io/ublue-os", + "quay.io/fedora-ostree-desktops" ], - "image_name": [ - "base-main" + "include": [ + { + "image_repo": "ghcr.io/ublue-os", + "image_name": "base-main", + }, + { + "image_repo": "quay.io/fedora-ostree-desktops", + "version": "40", + "image_name": "base" + }, + { + "image_repo": "quay.io/fedora-ostree-desktops", + "version": "41", + "image_name": "base-atomic" + } + ], + "exclude": [ + { + "image_repo": "quay.io/fedora-ostree-desktops", + "version": "39" + }, + { + "image_repo": "quay.io/fedora-ostree-desktops", + "flatpaks": "flatpak_refs_dir" + }, + { + "image_repo": "quay.io/fedora-ostree-desktops", + "flatpaks": "flatpak_refs" + } ] }' VARIANT: From d2186329e46f75e7b88a932554869ba173b923cf Mon Sep 17 00:00:00 2001 From: RoyalOughtness <129108030+RoyalOughtness@users.noreply.github.com> Date: Mon, 3 Feb 2025 06:32:53 -0800 Subject: [PATCH 31/40] fix: typo (#156) --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 7115248..3615f05 100644 --- a/action.yml +++ b/action.yml @@ -89,7 +89,7 @@ inputs: description: Overrides the skopeo cache key required: false variant: - description: "Source container variant. Available options can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinonite" + description: "Source container variant. Available options can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinoite" required: true default: Server version: From 45fec1fc9de463178cf414c8045a2480aa3d8419 Mon Sep 17 00:00:00 2001 From: Noel Miller <4983138+noelmiller@users.noreply.github.com> Date: Mon, 5 May 2025 16:07:08 -0500 Subject: [PATCH 32/40] Add tests for 42 (#161) Co-authored-by: Jason N. <33561705+JasonN3@users.noreply.github.com> --- .github/workflows/build_vars.yml | 23 +++++++++++++++-------- Makefile | 32 ++++++++++++++++---------------- lorax_templates/Makefile | 8 ++++++-- test/vm/Makefile | 4 ++-- 4 files changed, 39 insertions(+), 28 deletions(-) diff --git a/.github/workflows/build_vars.yml b/.github/workflows/build_vars.yml index 336a401..e74c6ca 100644 --- a/.github/workflows/build_vars.yml +++ b/.github/workflows/build_vars.yml @@ -9,9 +9,9 @@ on: value: ' { "version": [ - "39", "40", - "41" + "41", + "42" ], "flatpaks": [ "false", @@ -20,6 +20,7 @@ on: ], "image_repo": [ "ghcr.io/ublue-os", + "quay.io/fedora", "quay.io/fedora-ostree-desktops" ], "include": [ @@ -28,20 +29,22 @@ on: "image_name": "base-main", }, { - "image_repo": "quay.io/fedora-ostree-desktops", - "version": "40", - "image_name": "base" + "image_repo": "quay.io/fedora", + "image_name": "fedora-bootc" }, { "image_repo": "quay.io/fedora-ostree-desktops", - "version": "41", "image_name": "base-atomic" } ], "exclude": [ { - "image_repo": "quay.io/fedora-ostree-desktops", - "version": "39" + "image_repo": "quay.io/fedora", + "flatpaks": "flatpak_refs_dir" + }, + { + "image_repo": "quay.io/fedora", + "flatpaks": "flatpak_refs" }, { "image_repo": "quay.io/fedora-ostree-desktops", @@ -50,6 +53,10 @@ on: { "image_repo": "quay.io/fedora-ostree-desktops", "flatpaks": "flatpak_refs" + }, + { + "image_repo": "quay.io/fedora-ostree-desktops", + "version": "40" } ] }' diff --git a/Makefile b/Makefile index 20bc28d..9f85c58 100644 --- a/Makefile +++ b/Makefile @@ -27,7 +27,7 @@ export install_pkg _IMAGE_REPO_ESCAPED := $(subst /,\/,$(IMAGE_REPO)) _IMAGE_REPO_DOUBLE_ESCAPED := $(subst \,\\\,$(_IMAGE_REPO_ESCAPED)) _LORAX_ARGS := -_LORAX_TEMPLATES := $(call get_templates,install) +export _LORAX_TEMPLATES := $(call get_templates,install) lorax_templates/install_include_post.tmpl _REPO_FILES := $(subst /etc/yum.repos.d,repos,$(REPOS)) _TEMP_DIR := $(shell mktemp -d) _TEMPLATE_VARS := ARCH IMAGE_NAME IMAGE_REPO _IMAGE_REPO_DOUBLE_ESCAPED _IMAGE_REPO_ESCAPED IMAGE_SIGNED IMAGE_TAG REPOS _RHEL VARIANT VERSION WEB_UI @@ -35,7 +35,7 @@ _VOLID := $(firstword $(subst -, ,$(IMAGE_NAME)))-$(ARCH)-$( ifeq ($(findstring redhat.repo,$(REPOS)),redhat.repo) export _RHEL := true -_LORAX_TEMPLATES += $(call get_templates,rhel) +export _LORAX_TEMPLATES += $(call get_templates,rhel) else undefine _RHEL endif @@ -53,17 +53,17 @@ _LORAX_ARGS += -i anaconda-webui endif ifneq ($(DNF_CACHE),) -_LORAX_ARGS += --cachedir $(DNF_CACHE) -_LORAX_TEMPLATES += $(call get_templates,cache) -_TEMPLATE_VARS += DNF_CACHE + _LORAX_ARGS += --cachedir $(DNF_CACHE) +export _LORAX_TEMPLATES += $(call get_templates,cache) + _TEMPLATE_VARS += DNF_CACHE endif ifneq ($(FLATPAK_DIR),) -_FLATPAK_REPO_GPG := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^GPGKey=' | cut -d= -f2) + _FLATPAK_REPO_GPG := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^GPGKey=' | cut -d= -f2) export _FLATPAK_REPO_URL := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^URL=' | cut -d= -f2) -_LORAX_ARGS += -i flatpak-libs -_LORAX_TEMPLATES += $(call get_templates,flatpak) -_TEMPLATE_VARS += FLATPAK_DIR FLATPAK_REMOTE_NAME FLATPAK_REMOTE_REFS FLATPAK_REMOTE_URL _FLATPAK_REPO_GPG _FLATPAK_REPO_URL + _LORAX_ARGS += -i flatpak-libs +export _LORAX_TEMPLATES += $(call get_templates,flatpak) + _TEMPLATE_VARS += FLATPAK_DIR FLATPAK_REMOTE_NAME FLATPAK_REMOTE_REFS FLATPAK_REMOTE_URL _FLATPAK_REPO_GPG _FLATPAK_REPO_URL else ifneq ($(FLATPAK_REMOTE_REFS_DIR),) COLLECTED_REFS := $(foreach file,$(filter-out README.md Makefile,$(wildcard $(FLATPAK_REMOTE_REFS_DIR)/*)),$(shell cat $(file))) @@ -71,19 +71,19 @@ export FLATPAK_REMOTE_REFS += $(sort $(COLLECTED_REFS)) endif ifneq ($(FLATPAK_REMOTE_REFS),) -_FLATPAK_REPO_GPG := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^GPGKey=' | cut -d= -f2) + _FLATPAK_REPO_GPG := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^GPGKey=' | cut -d= -f2) export _FLATPAK_REPO_URL := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^URL=' | cut -d= -f2) -_LORAX_ARGS += -i flatpak-libs -_LORAX_TEMPLATES += $(call get_templates,flatpak) \ - external/fedora-lorax-templates/ostree-based-installer/lorax-embed-flatpaks.tmpl -_TEMPLATE_VARS += FLATPAK_DIR FLATPAK_REMOTE_NAME FLATPAK_REMOTE_REFS FLATPAK_REMOTE_URL _FLATPAK_REPO_GPG _FLATPAK_REPO_URL + _LORAX_ARGS += -i flatpak-libs +export _LORAX_TEMPLATES += $(call get_templates,flatpak) \ + external/fedora-lorax-templates/ostree-based-installer/lorax-embed-flatpaks.tmpl + _TEMPLATE_VARS += FLATPAK_DIR FLATPAK_REMOTE_NAME FLATPAK_REMOTE_REFS FLATPAK_REMOTE_URL _FLATPAK_REPO_GPG _FLATPAK_REPO_URL endif endif ifneq ($(SECURE_BOOT_KEY_URL),) -_LORAX_TEMPLATES += $(call get_templates,secureboot) -_TEMPLATE_VARS += ENROLLMENT_PASSWORD +export _LORAX_TEMPLATES += $(call get_templates,secureboot) + _TEMPLATE_VARS += ENROLLMENT_PASSWORD endif _SUBDIRS := container external flatpak_refs lorax_templates repos xorriso test diff --git a/lorax_templates/Makefile b/lorax_templates/Makefile index d022767..b2e80e5 100644 --- a/lorax_templates/Makefile +++ b/lorax_templates/Makefile @@ -39,10 +39,14 @@ endef post_%.tmpl: scripts/post/% $(call convert_post_to_tmpl,$*,usr/share/anaconda/post-scripts/$*.ks,true) +install_include_post.tmpl: + echo '<%page />' > install_include_post.tmpl + for file in $(patsubst post_%.tmpl, %, $(filter post_%, $(notdir $(_LORAX_TEMPLATES)))); do echo "append usr/share/anaconda/interactive-defaults.ks \"%include /usr/share/anaconda/post-scripts/$${file}.ks\"" >> install_include_post.tmpl; done + install-deps: -FILES=$(wildcard post_*) +FILES=$(wildcard post_*) install_include_post.tmpl clean: ifneq ($(FILES),) rm -Rf $(FILES) -endif \ No newline at end of file +endif diff --git a/test/vm/Makefile b/test/vm/Makefile index 99288cb..6578595 100644 --- a/test/vm/Makefile +++ b/test/vm/Makefile @@ -24,7 +24,7 @@ ansible_inventory: .PHONY: $(VM_TESTS) install-deps install-deps: - $(install_pkg) qemu qemu-utils xorriso qemu-system-x86 netcat socat jq ansible curl + $(install_pkg) qemu-system qemu-utils xorriso qemu-system-x86 ncat socat jq ansible curl files/mnt/iso: $(if $(wildcard files/mnt),,mkdir files/mnt) @@ -97,4 +97,4 @@ start_vm: install_os fi echo "VM ready for tests at IP $(VM_IP):$(VM_PORT)" - echo $$QEMU_PID > start_vm \ No newline at end of file + echo $$QEMU_PID > start_vm From 91208e0329d2282a549eb4eaaf10c0ed8c5a33fd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 May 2025 18:44:24 -0400 Subject: [PATCH 33/40] Bump docker/login-action from 3.3.0 to 3.4.0 (#160) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jason Nagin <33561705+JasonN3@users.noreply.github.com> --- .github/workflows/build_container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 57949bc..900cd43 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -97,7 +97,7 @@ jobs: labels: ${{ steps.meta.outputs.labels || steps.meta_pr.outputs.labels }} - name: Login to GitHub Container Registry - uses: docker/login-action@v3.3.0 + uses: docker/login-action@v3.4.0 with: registry: ghcr.io username: ${{ github.actor }} From d77e9563739921c2f93de778d4fbad854f52d389 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 May 2025 20:44:40 -0400 Subject: [PATCH 34/40] Bump sigstore/cosign-installer from 3.7.0 to 3.8.2 (#162) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jason Nagin <33561705+JasonN3@users.noreply.github.com> --- .github/workflows/build_container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 900cd43..615b8ea 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -123,7 +123,7 @@ jobs: - name: Install Cosign if: startsWith(github.ref, 'refs/tags/v') - uses: sigstore/cosign-installer@v3.7.0 + uses: sigstore/cosign-installer@v3.8.2 - name: Sign the images if: startsWith(github.ref, 'refs/tags/v') From 6810b148ad076484005cd80ded8ba51c6621dd71 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 5 Oct 2025 18:24:07 -0400 Subject: [PATCH 35/40] Bump docker/login-action from 3.4.0 to 3.6.0 (#174) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build_container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 615b8ea..dc664e0 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -97,7 +97,7 @@ jobs: labels: ${{ steps.meta.outputs.labels || steps.meta_pr.outputs.labels }} - name: Login to GitHub Container Registry - uses: docker/login-action@v3.4.0 + uses: docker/login-action@v3.6.0 with: registry: ghcr.io username: ${{ github.actor }} From 3b090e7c2eea3f73c65ac2790514a39816a0b3e4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 5 Oct 2025 18:33:45 -0400 Subject: [PATCH 36/40] Bump sigstore/cosign-installer from 3.8.2 to 3.10.0 (#173) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build_container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index dc664e0..cf98730 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -123,7 +123,7 @@ jobs: - name: Install Cosign if: startsWith(github.ref, 'refs/tags/v') - uses: sigstore/cosign-installer@v3.8.2 + uses: sigstore/cosign-installer@v3.10.0 - name: Sign the images if: startsWith(github.ref, 'refs/tags/v') From 33d0e5a5c241506b86b94277fa53537cc99e411a Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Sun, 5 Oct 2025 17:58:17 -0500 Subject: [PATCH 37/40] Add tests for Fedora 43 (#175) --- .github/workflows/build_vars.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_vars.yml b/.github/workflows/build_vars.yml index e74c6ca..06c5eaa 100644 --- a/.github/workflows/build_vars.yml +++ b/.github/workflows/build_vars.yml @@ -9,9 +9,9 @@ on: value: ' { "version": [ - "40", "41", - "42" + "42", + "43" ], "flatpaks": [ "false", From e310904cc7086ffd73ca14b1abf74f9efb90ea12 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Wed, 8 Oct 2025 11:41:09 -0400 Subject: [PATCH 38/40] Fix documentation about iso_path (#177) --- README.md | 4 ++-- docs/_Sidebar.md | 3 ++- docs/home.md | 3 ++- docs/usage.md | 6 +++--- 4 files changed, 9 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 26a3de9..fdea723 100644 --- a/README.md +++ b/README.md @@ -29,8 +29,8 @@ This action is designed to be called from a GitHub workflow using the following with: name: ${{ steps.build.outputs.iso_name }} path: | - ${{ steps.build.outputs.iso_path }} - ${{ steps.build.outputs.iso_path }}-CHECKSUM + ${{ steps.build.outputs.iso_path }}/${{ steps.build.outputs.iso_name }} + ${{ steps.build.outputs.iso_path }}/${{ steps.build.outputs.iso_name }}-CHECKSUM if-no-files-found: error retention-days: 0 compression-level: 0 diff --git a/docs/_Sidebar.md b/docs/_Sidebar.md index 300a54e..7e637e7 100644 --- a/docs/_Sidebar.md +++ b/docs/_Sidebar.md @@ -1,4 +1,5 @@ - [Home](home.md) +- [Usage](usage.md) - Development - [Using the Makefile](development/makefile.md) - [Using the Container](development/container.md) @@ -7,4 +8,4 @@ - Examples - [Adding Flatpaks](examples/adding-flatpaks.md) -- [Known Errors](known_errors.md) \ No newline at end of file +- [Known Errors](known_errors.md) diff --git a/docs/home.md b/docs/home.md index e8b6e75..f7e2096 100644 --- a/docs/home.md +++ b/docs/home.md @@ -2,6 +2,7 @@ Welcome to the build-container-installer wiki! ## Index +- [Usage](usage.md) - Development - [Using the Makefile](development/makefile.md) - [Using the Container](development/container.md) @@ -10,4 +11,4 @@ Welcome to the build-container-installer wiki! - Examples - [Adding Flatpaks](examples/adding-flatpaks.md) -- [Known Errors](known_errors.md) \ No newline at end of file +- [Known Errors](known_errors.md) diff --git a/docs/usage.md b/docs/usage.md index 9f6a83f..9ffeb8e 100644 --- a/docs/usage.md +++ b/docs/usage.md @@ -22,8 +22,8 @@ This action is designed to be called from a GitHub workflow using the following with: name: ${{ steps.build.outputs.iso_name }} path: | - ${{ steps.build.outputs.iso_path }} - ${{ steps.build.outputs.iso_path }}-CHECKSUM + ${{ steps.build.outputs.iso_path }}/${{ steps.build.outputs.iso_name }} + ${{ steps.build.outputs.iso_path }}/${{ steps.build.outputs.iso_name }}-CHECKSUM if-no-files-found: error retention-days: 0 compression-level: 0 @@ -65,4 +65,4 @@ Variant will be the third item in the package name. Example: `fedora-release-kin | Variable | Description | Usage | | -------- | ----------------------------------------| ------------------------------------------------ | | iso_name | The name of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | -| iso_path | The name and path of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | \ No newline at end of file +| iso_path | The path to the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_path }} | From c9ef3de33236e66781ec37bd0485e8009eaefe24 Mon Sep 17 00:00:00 2001 From: Jason Nagin <33561705+JasonN3@users.noreply.github.com> Date: Wed, 8 Oct 2025 13:04:06 -0400 Subject: [PATCH 39/40] Upgrade base image to 42 (#176) --- .github/workflows/build_iso.yml | 6 +++--- .github/workflows/build_vars.yml | 4 ++-- .github/workflows/test_deployment.yml | 6 +++--- .github/workflows/test_iso.yml | 8 ++++---- Containerfile | 4 ++-- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/build_iso.yml b/.github/workflows/build_iso.yml index 3c2316d..2964d72 100644 --- a/.github/workflows/build_iso.yml +++ b/.github/workflows/build_iso.yml @@ -53,7 +53,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" per_page: 100 - name: Set status @@ -62,7 +62,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -138,7 +138,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} diff --git a/.github/workflows/build_vars.yml b/.github/workflows/build_vars.yml index 06c5eaa..8a60657 100644 --- a/.github/workflows/build_vars.yml +++ b/.github/workflows/build_vars.yml @@ -55,8 +55,8 @@ on: "flatpaks": "flatpak_refs" }, { - "image_repo": "quay.io/fedora-ostree-desktops", - "version": "40" + "image_repo": "ghcr.io/ublue-os", + "version": "43" } ] }' diff --git a/.github/workflows/test_deployment.yml b/.github/workflows/test_deployment.yml index ec85345..f343313 100644 --- a/.github/workflows/test_deployment.yml +++ b/.github/workflows/test_deployment.yml @@ -52,7 +52,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" per_page: 100 - name: Set status @@ -61,7 +61,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -107,6 +107,6 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} diff --git a/.github/workflows/test_iso.yml b/.github/workflows/test_iso.yml index 4697e30..c3b5103 100644 --- a/.github/workflows/test_iso.yml +++ b/.github/workflows/test_iso.yml @@ -52,7 +52,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" per_page: 100 - name: Set status @@ -61,7 +61,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -98,6 +98,6 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }}, ${{ matrix.image_name }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} - targetUrl: ${{ steps.jobs.outputs.html_url }} \ No newline at end of file + targetUrl: ${{ steps.jobs.outputs.html_url }} diff --git a/Containerfile b/Containerfile index a0678e4..18b844b 100644 --- a/Containerfile +++ b/Containerfile @@ -1,6 +1,6 @@ -FROM fedora:40 +FROM fedora:42 -ARG VERSION=39 +ARG VERSION=42 ENV ARCH="x86_64" ENV IMAGE_NAME="base" From 4ab1e18f8346cea28b84a8c16fca7cfece611ef0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 31 Oct 2025 19:26:02 -0400 Subject: [PATCH 40/40] Bump actions/checkout from 4 to 5 (#171) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jason Nagin <33561705+JasonN3@users.noreply.github.com> --- .github/workflows/build_container.yml | 2 +- .github/workflows/build_iso.yml | 2 +- .github/workflows/test_deployment.yml | 2 +- .github/workflows/test_iso.yml | 2 +- .github/workflows/test_repo.yml | 2 +- .github/workflows/update_wiki.yml | 4 ++-- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index cf98730..53f412d 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -26,7 +26,7 @@ jobs: statuses: write steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: submodules: recursive fetch-depth: 0 diff --git a/.github/workflows/build_iso.yml b/.github/workflows/build_iso.yml index 2964d72..6cd33ef 100644 --- a/.github/workflows/build_iso.yml +++ b/.github/workflows/build_iso.yml @@ -32,7 +32,7 @@ jobs: matrix: ${{ fromJson(needs.load_vars.outputs.BUILD_MATRIX) }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: submodules: recursive diff --git a/.github/workflows/test_deployment.yml b/.github/workflows/test_deployment.yml index f343313..8738ded 100644 --- a/.github/workflows/test_deployment.yml +++ b/.github/workflows/test_deployment.yml @@ -31,7 +31,7 @@ jobs: matrix: ${{ fromJson(needs.load_vars.outputs.BUILD_MATRIX) }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: submodules: recursive diff --git a/.github/workflows/test_iso.yml b/.github/workflows/test_iso.yml index c3b5103..049fc11 100644 --- a/.github/workflows/test_iso.yml +++ b/.github/workflows/test_iso.yml @@ -31,7 +31,7 @@ jobs: matrix: ${{ fromJson(needs.load_vars.outputs.BUILD_MATRIX) }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: submodules: recursive diff --git a/.github/workflows/test_repo.yml b/.github/workflows/test_repo.yml index 4c658e3..59071c0 100644 --- a/.github/workflows/test_repo.yml +++ b/.github/workflows/test_repo.yml @@ -20,7 +20,7 @@ jobs: contents: read steps: - name: Checkout repo - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Run test run: | diff --git a/.github/workflows/update_wiki.yml b/.github/workflows/update_wiki.yml index a9bdf15..fce015c 100644 --- a/.github/workflows/update_wiki.yml +++ b/.github/workflows/update_wiki.yml @@ -18,10 +18,10 @@ jobs: run: | sudo apt install -y make rsync # Checkout Main Repo - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 # Checkout Wiki Repo - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: repository: ${{github.repository}}.wiki persist-credentials: true