diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 77ff2f0..53f412d 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -26,7 +26,7 @@ jobs: statuses: write steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: submodules: recursive fetch-depth: 0 @@ -72,6 +72,7 @@ jobs: tags: | type=ref,event=branch type=ref,event=pr + type=raw,value=${{ github.sha }} type=semver,pattern=v{{version}} type=semver,pattern=v{{major}}.{{minor}} type=semver,pattern=v{{major}}.{{minor}}.{{patch}} @@ -85,6 +86,7 @@ jobs: ghcr.io/${{ github.repository }} tags: | pr-${{ inputs.pr }} + ${{ github.sha }} - name: Buildah Build id: build-image @@ -95,7 +97,7 @@ jobs: labels: ${{ steps.meta.outputs.labels || steps.meta_pr.outputs.labels }} - name: Login to GitHub Container Registry - uses: docker/login-action@v2.1.0 + uses: docker/login-action@v3.6.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -121,7 +123,7 @@ jobs: - name: Install Cosign if: startsWith(github.ref, 'refs/tags/v') - uses: sigstore/cosign-installer@v3.5.0 + uses: sigstore/cosign-installer@v3.10.0 - name: Sign the images if: startsWith(github.ref, 'refs/tags/v') diff --git a/.github/workflows/build_iso.yml b/.github/workflows/build_iso.yml index 4c89f38..6cd33ef 100644 --- a/.github/workflows/build_iso.yml +++ b/.github/workflows/build_iso.yml @@ -32,7 +32,7 @@ jobs: matrix: ${{ fromJson(needs.load_vars.outputs.BUILD_MATRIX) }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: submodules: recursive @@ -53,7 +53,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" per_page: 100 - name: Set status @@ -62,7 +62,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -138,7 +138,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} diff --git a/.github/workflows/build_vars.yml b/.github/workflows/build_vars.yml index e574c15..8a60657 100644 --- a/.github/workflows/build_vars.yml +++ b/.github/workflows/build_vars.yml @@ -9,40 +9,54 @@ on: value: ' { "version": [ - "39", - "40", - ], + "41", + "42", + "43" + ], "flatpaks": [ "false", - "flatpak_dir", + "flatpak_refs_dir", "flatpak_refs" ], - "exclude": [ - { - "version": "40", - "flatpaks": "flatpak_dir" - }, - { - "version": "40", - "flatpaks": "flatpak_refs" - } + "image_repo": [ + "ghcr.io/ublue-os", + "quay.io/fedora", + "quay.io/fedora-ostree-desktops" ], "include": [ { - "version": "39", - "image_repo": "quay.io/fedora-ostree-desktops", - "image_name": "base" + "image_repo": "ghcr.io/ublue-os", + "image_name": "base-main", }, { - "version": "40", "image_repo": "quay.io/fedora", "image_name": "fedora-bootc" }, { - "version": "38", + "image_repo": "quay.io/fedora-ostree-desktops", + "image_name": "base-atomic" + } + ], + "exclude": [ + { "image_repo": "quay.io/fedora", - "image_name": "fedora-bootc", - "image_src": "docker://quay.io/fedora-ostree-desktops/base:39" + "flatpaks": "flatpak_refs_dir" + }, + { + "image_repo": "quay.io/fedora", + "flatpaks": "flatpak_refs" + }, + { + "image_repo": "quay.io/fedora-ostree-desktops", + "flatpaks": "flatpak_refs_dir" + }, + { + "image_repo": "quay.io/fedora-ostree-desktops", + "flatpaks": "flatpak_refs" + }, + { + "image_repo": "ghcr.io/ublue-os", + "version": "43" } ] }' diff --git a/.github/workflows/clean_repo.yml b/.github/workflows/clean_repo.yml index b1e1368..a19ddd5 100644 --- a/.github/workflows/clean_repo.yml +++ b/.github/workflows/clean_repo.yml @@ -1,7 +1,7 @@ name: Clean Container Registry on: - schedule: - - cron: '0 21 * * 0' +# schedule: +# - cron: '0 21 * * 0' workflow_dispatch: @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Delete Untagged Packages - uses: Chizkiyahu/delete-untagged-ghcr-action@v4 + uses: Chizkiyahu/delete-untagged-ghcr-action@v5 with: token: ${{ secrets.PACKAGE_DELETER }} repository_owner: ${{ github.repository_owner }} diff --git a/.github/workflows/test_deployment.yml b/.github/workflows/test_deployment.yml index 792b68a..8738ded 100644 --- a/.github/workflows/test_deployment.yml +++ b/.github/workflows/test_deployment.yml @@ -31,7 +31,7 @@ jobs: matrix: ${{ fromJson(needs.load_vars.outputs.BUILD_MATRIX) }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: submodules: recursive @@ -52,7 +52,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" per_page: 100 - name: Set status @@ -61,7 +61,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -107,6 +107,6 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} diff --git a/.github/workflows/test_iso.yml b/.github/workflows/test_iso.yml index 3b072d7..049fc11 100644 --- a/.github/workflows/test_iso.yml +++ b/.github/workflows/test_iso.yml @@ -31,7 +31,7 @@ jobs: matrix: ${{ fromJson(needs.load_vars.outputs.BUILD_MATRIX) }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: submodules: recursive @@ -52,7 +52,7 @@ jobs: id: jobs with: github_token: ${{ secrets.GITHUB_TOKEN }} - job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + job_name: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" per_page: 100 - name: Set status @@ -61,7 +61,7 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: pending - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} targetUrl: ${{ steps.jobs.outputs.html_url }} @@ -98,6 +98,6 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} - context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }})" + context: "${{ inputs.parent_job_name }} / ${{ env.JOB_NAME }} (${{ matrix.version }}, ${{ matrix.flatpaks }}, ${{ matrix.image_repo }})" sha: ${{ env.sha }} - targetUrl: ${{ steps.jobs.outputs.html_url }} \ No newline at end of file + targetUrl: ${{ steps.jobs.outputs.html_url }} diff --git a/.github/workflows/test_repo.yml b/.github/workflows/test_repo.yml index 4c658e3..59071c0 100644 --- a/.github/workflows/test_repo.yml +++ b/.github/workflows/test_repo.yml @@ -20,7 +20,7 @@ jobs: contents: read steps: - name: Checkout repo - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Run test run: | diff --git a/.github/workflows/update_wiki.yml b/.github/workflows/update_wiki.yml new file mode 100644 index 0000000..fce015c --- /dev/null +++ b/.github/workflows/update_wiki.yml @@ -0,0 +1,50 @@ +name: Update Wiki +on: + push: + branches: + - main + paths: + - 'docs/**' + - '.github/workflows/update_wiki.yml' + +jobs: + update-wiki: + name: Update Wiki + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - name: Install packages + run: | + sudo apt install -y make rsync + # Checkout Main Repo + - uses: actions/checkout@v5 + + # Checkout Wiki Repo + - uses: actions/checkout@v5 + with: + repository: ${{github.repository}}.wiki + persist-credentials: true + path: wiki + ref: master + + # Generate final files + - name: Generate Files + run: | + cd ${GITHUB_WORKSPACE}/docs + make + + # Copy Docs + - name: Copy files + run: | + rsync -av --exclude='.git/*' ${GITHUB_WORKSPACE}/docs/ ${GITHUB_WORKSPACE}/wiki/ + + # Push Changes + - name: Push changes + run: | + cd ${GITHUB_WORKSPACE}/wiki/ + git config --local user.email "action@github.com" + git config --local user.name "GitHub Action" + git add . + git commit -m "Add changes" + git push diff --git a/.gitmodules b/.gitmodules index e05748a..3ac6662 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,7 +1,7 @@ [submodule "external/fedora-lorax-templates"] path = external/fedora-lorax-templates url = https://pagure.io/fedora-lorax-templates.git - branch = f39 + branch = f40 [submodule "external/lorax"] path = external/lorax url = https://github.com/weldr/lorax.git diff --git a/Containerfile b/Containerfile index a0678e4..18b844b 100644 --- a/Containerfile +++ b/Containerfile @@ -1,6 +1,6 @@ -FROM fedora:40 +FROM fedora:42 -ARG VERSION=39 +ARG VERSION=42 ENV ARCH="x86_64" ENV IMAGE_NAME="base" diff --git a/Makefile b/Makefile index 25ee23a..9f85c58 100644 --- a/Makefile +++ b/Makefile @@ -27,7 +27,7 @@ export install_pkg _IMAGE_REPO_ESCAPED := $(subst /,\/,$(IMAGE_REPO)) _IMAGE_REPO_DOUBLE_ESCAPED := $(subst \,\\\,$(_IMAGE_REPO_ESCAPED)) _LORAX_ARGS := -_LORAX_TEMPLATES := $(call get_templates,install) +export _LORAX_TEMPLATES := $(call get_templates,install) lorax_templates/install_include_post.tmpl _REPO_FILES := $(subst /etc/yum.repos.d,repos,$(REPOS)) _TEMP_DIR := $(shell mktemp -d) _TEMPLATE_VARS := ARCH IMAGE_NAME IMAGE_REPO _IMAGE_REPO_DOUBLE_ESCAPED _IMAGE_REPO_ESCAPED IMAGE_SIGNED IMAGE_TAG REPOS _RHEL VARIANT VERSION WEB_UI @@ -35,7 +35,7 @@ _VOLID := $(firstword $(subst -, ,$(IMAGE_NAME)))-$(ARCH)-$( ifeq ($(findstring redhat.repo,$(REPOS)),redhat.repo) export _RHEL := true -_LORAX_TEMPLATES += $(call get_templates,rhel) +export _LORAX_TEMPLATES += $(call get_templates,rhel) else undefine _RHEL endif @@ -53,17 +53,17 @@ _LORAX_ARGS += -i anaconda-webui endif ifneq ($(DNF_CACHE),) -_LORAX_ARGS += --cachedir $(DNF_CACHE) -_LORAX_TEMPLATES += $(call get_templates,cache) -_TEMPLATE_VARS += DNF_CACHE + _LORAX_ARGS += --cachedir $(DNF_CACHE) +export _LORAX_TEMPLATES += $(call get_templates,cache) + _TEMPLATE_VARS += DNF_CACHE endif ifneq ($(FLATPAK_DIR),) -_FLATPAK_REPO_GPG := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^GPGKey=' | cut -d= -f2) + _FLATPAK_REPO_GPG := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^GPGKey=' | cut -d= -f2) export _FLATPAK_REPO_URL := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^URL=' | cut -d= -f2) -_LORAX_ARGS += -i flatpak-libs -_LORAX_TEMPLATES += $(call get_templates,flatpak) -_TEMPLATE_VARS += FLATPAK_DIR FLATPAK_REMOTE_NAME FLATPAK_REMOTE_REFS FLATPAK_REMOTE_URL _FLATPAK_REPO_GPG _FLATPAK_REPO_URL + _LORAX_ARGS += -i flatpak-libs +export _LORAX_TEMPLATES += $(call get_templates,flatpak) + _TEMPLATE_VARS += FLATPAK_DIR FLATPAK_REMOTE_NAME FLATPAK_REMOTE_REFS FLATPAK_REMOTE_URL _FLATPAK_REPO_GPG _FLATPAK_REPO_URL else ifneq ($(FLATPAK_REMOTE_REFS_DIR),) COLLECTED_REFS := $(foreach file,$(filter-out README.md Makefile,$(wildcard $(FLATPAK_REMOTE_REFS_DIR)/*)),$(shell cat $(file))) @@ -71,19 +71,19 @@ export FLATPAK_REMOTE_REFS += $(sort $(COLLECTED_REFS)) endif ifneq ($(FLATPAK_REMOTE_REFS),) -_FLATPAK_REPO_GPG := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^GPGKey=' | cut -d= -f2) + _FLATPAK_REPO_GPG := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^GPGKey=' | cut -d= -f2) export _FLATPAK_REPO_URL := $(shell curl -L $(FLATPAK_REMOTE_URL) | grep -i '^URL=' | cut -d= -f2) -_LORAX_ARGS += -i flatpak-libs -_LORAX_TEMPLATES += $(call get_templates,flatpak) \ - external/fedora-lorax-templates/ostree-based-installer/lorax-embed-flatpaks.tmpl -_TEMPLATE_VARS += FLATPAK_DIR FLATPAK_REMOTE_NAME FLATPAK_REMOTE_REFS FLATPAK_REMOTE_URL _FLATPAK_REPO_GPG _FLATPAK_REPO_URL + _LORAX_ARGS += -i flatpak-libs +export _LORAX_TEMPLATES += $(call get_templates,flatpak) \ + external/fedora-lorax-templates/ostree-based-installer/lorax-embed-flatpaks.tmpl + _TEMPLATE_VARS += FLATPAK_DIR FLATPAK_REMOTE_NAME FLATPAK_REMOTE_REFS FLATPAK_REMOTE_URL _FLATPAK_REPO_GPG _FLATPAK_REPO_URL endif endif ifneq ($(SECURE_BOOT_KEY_URL),) -_LORAX_TEMPLATES += $(call get_templates,secureboot) -_TEMPLATE_VARS += ENROLLMENT_PASSWORD +export _LORAX_TEMPLATES += $(call get_templates,secureboot) + _TEMPLATE_VARS += ENROLLMENT_PASSWORD endif _SUBDIRS := container external flatpak_refs lorax_templates repos xorriso test @@ -106,14 +106,14 @@ sb_pubkey.der: curl --fail -L -o sb_pubkey.der $(SECURE_BOOT_KEY_URL) # Build boot.iso using Lorax -results/images/boot.iso: external/lorax/branch-$(VERSION) $(filter lorax_templates/%,$(_LORAX_TEMPLATES)) $(_REPO_FILES) $(if $(SECURE_BOOT_KEY_URL),sb_pubkey.der) +results/images/boot.iso: external/lorax/branch-$(VERSION) $(filter lorax_templates/%,$(_LORAX_TEMPLATES)) $(filter repos/%,$(_REPO_FILES)) $(if $(SECURE_BOOT_KEY_URL),sb_pubkey.der) $(if $(wildcard results), rm -Rf results) $(if $(wildcard /etc/rpm/macros.image-language-conf),mv /etc/rpm/macros.image-language-conf $(_TEMP_DIR)/macros.image-language-conf) lorax -p $(IMAGE_NAME) -v $(VERSION) -r $(VERSION) -t $(VARIANT) \ --isfinal --buildarch=$(ARCH) --volid=$(_VOLID) --sharedir $(PWD)/external/lorax/share/templates.d/99-generic \ $(_LORAX_ARGS) \ - $(foreach file,$(_REPO_FILES),--repo $(PWD)/$(file)) \ + $(foreach file,$(_REPO_FILES),--repo $(patsubst repos/%,$(PWD)/repos/%,$(file))) \ $(foreach file,$(_LORAX_TEMPLATES),--add-template $(PWD)/$(file)) \ $(foreach file,$(ADDITIONAL_TEMPLATES),--add-template $(file)) \ $(foreach file,$(_FLATPAK_TEMPLATES),--add-template $(file)) \ diff --git a/README.md b/README.md index b8da5e4..fdea723 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ # Build Container Installer Action -This action is used to generate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer` +This action is used to generate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command `ostreecontainer`, which also supports bootc. ## Usage @@ -29,137 +29,15 @@ This action is designed to be called from a GitHub workflow using the following with: name: ${{ steps.build.outputs.iso_name }} path: | - ${{ steps.build.outputs.iso_path }} - ${{ steps.build.outputs.iso_path }}-CHECKSUM + ${{ steps.build.outputs.iso_path }}/${{ steps.build.outputs.iso_name }} + ${{ steps.build.outputs.iso_path }}/${{ steps.build.outputs.iso_name }}-CHECKSUM if-no-files-found: error retention-days: 0 compression-level: 0 ``` -See [Customizing](#customizing) for information about customizing the ISO that gets created using `with` +**See the [Wiki](https://github.com/JasonN3/build-container-installer/wiki) for development and usage information.** -## Customizing - -The following variables can be used to customize the created ISO. - -### Inputs - -| Variable | Description | Default Value | Action | Container/Makefile | -| ----------------------- | ---------------------------------------------------------------------------- | -------------------------------------------- | ------------------ | ------------------ | -| additional_templates | Space delimited list of additional Lorax templates to include | \[empty\] | :white_check_mark: | :white_check_mark: | -| arch | Architecture for image to build | x86_64 | :white_check_mark: | :white_check_mark: | -| enrollment_password | Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) | container-installer | :white_check_mark: | :white_check_mark: | -| extra_boot_params | Extra params used by grub to boot the anaconda installer | \[empty\] | :white_check_mark: | :white_check_mark: | -| flatpak_remote_name | Name of the Flatpak repo on the destination OS | flathub | :white_check_mark: | :white_check_mark: | -| flatpak_remote_refs | Space separated list of flatpak refs to install | \[empty\] | :white_check_mark: | :white_check_mark: | -| flatpak_remote_refs_dir | Directory that contains files that list the flatpak refs to install | \[empty\] | :white_check_mark: | :white_check_mark: | -| flatpak_remote_url | URL of the flatpakrepo file | | :white_check_mark: | :white_check_mark: | -| image_name | Name of the source container image | base | :white_check_mark: | :white_check_mark: | -| image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | :white_check_mark: | :white_check_mark: | -| image_signed | Whether the container image is signed. The policy to test the signing must be configured inside the container image | true | :white_check_mark: | :white_check_mark: | -| image_src | Overrides the source of the container image. Must be formatted for the skopeo copy command | \[empty\] | :white_check_mark: | :white_check_mark: | -| image_tag | Tag of the source container image | *VERSION* | :white_check_mark: | :white_check_mark: | -| iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | :white_check_mark: | :white_check_mark: | -| make_target | Overrides the default make target | *ISO_NAME*-Checksum | :white_check_mark: | :x: | -| repos | List of repo files for Lorax to use | /etc/yum.repos.d/*.repo | :white_check_mark: | :white_check_mark: | -| rootfs_size | The size (in GiB) for the squashfs runtime volume | 2 | :white_check_mark: | :white_check_mark: | -| secure_boot_key_url | Secure boot key that is installed from URL location\*\* | \[empty\] | :white_check_mark: | :white_check_mark: | -| variant | Source container variant\* | Server | :white_check_mark: | :white_check_mark: | -| version | Fedora version of installer to build | 39 | :white_check_mark: | :white_check_mark: | -| web_ui | Enable Anaconda WebUI (experimental) | false | :white_check_mark: | :white_check_mark: | - -\*Available options for VARIANT can be found by running `dnf provides system-release`. -Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinoite - -\*\* If you need to reference a local file, you can use `file://*path*` - -### Outputs - -| Variable | Description | Usage | -| -------- | ----------------------------------------| ------------------------------------------------ | -| iso_name | The name of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | -| iso_path | The name and path of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | - -For outputs, see example above. - -## Development - -### Makefile - -The Makefile contains all commands that are run the action. There are separate targets for each file generated, however `make` can be used to generate the final image and `make clean` can be used to clean up the workspace. The resulting ISO will be stored in the `build` directory. - -You can use `make install-deps` to install the required packages. - -See [Customizing](#customizing) for information about customizing the ISO that gets created. All variables should be specified in CAPITALIZED form. - -### Container - -A container with `make install-deps` already run is provided at `ghcr.io/jasonn3/build-container-installer:latest` - -To use the container file, run `docker run --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest`. - -This will create an ISO with the baked in defaults of the container image. The resulting file will be called `deploy.iso` - -See [Customizing](#customizing) for information about customizing the ISO that gets created. All variables should be specified in CAPITALIZED form. -Examples: - -Building an ISO to install Fedora 38 - -```bash -docker run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=38 IMAGE_NAME=base IMAGE_TAG=38 VARIANT=Server -``` - -Building an ISO to install Fedora 39 - -```bash -docker run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=Server -``` - -### VSCode Dev Container - -There is a dev container configuration provided for development. By default, it will use the existing container image available at `ghcr.io/jasonn3/build-container-installer:latest`. However, you can have it build a new image by editing `.devcontainer/devcontainer.json` and replacing `image` with `build`. `Ctrl+/` can be used to comment and uncomment blocks of code within VSCode. - -The code from VSCode will be available at `/workspaces/build-container-installer` once the container has started. - -Privileged is required for access to loop devices for lorax. - -Use existing container image: - -```diff -{ - "name": "Existing Image", -- "build": { -- "context": "..", -- "dockerfile": "../Containerfile", -- "args": { -- "version": "39" -- } -- }, -+ "image": "ghcr.io/jasonn3/build-container-installer:latest", - "overrideCommand": true, - "shutdownAction": "stopContainer", - "privileged": true -} -``` - -Build a new container image: - -```diff -{ - "name": "New Image", -+ "build": { -+ "context": "..", -+ "dockerfile": "../Containerfile", -+ "args": { -+ "version": "39" -+ } -+ }, -- "image": "ghcr.io/jasonn3/build-container-installer:latest", - "overrideCommand": true, - "shutdownAction": "stopContainer", - "privileged": true -} -``` ## Star History diff --git a/action.yml b/action.yml index 7115248..3615f05 100644 --- a/action.yml +++ b/action.yml @@ -89,7 +89,7 @@ inputs: description: Overrides the skopeo cache key required: false variant: - description: "Source container variant. Available options can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinonite" + description: "Source container variant. Available options can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinoite" required: true default: Server version: diff --git a/docs/Makefile b/docs/Makefile new file mode 100644 index 0000000..49f871b --- /dev/null +++ b/docs/Makefile @@ -0,0 +1,12 @@ +SHELL = /bin/bash + +docs: + find -name '*.md' -print0 | xargs -0 -I {} bash -c ' \ + source_file=$${1:2}; \ + final_file=$${source_file//\//_}; \ + mv "$${source_file}" "$${final_file}"; \ + no_ext_source=$${source_file:0:-3}; \ + no_ext_final=$${final_file:0:-3}; \ + sed -i "s;(\(../\)*$${source_file});($${no_ext_final});g" $$(find -name '\''*.md'\''); \ + ' _ {} + find . -type d -empty -delete diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 0000000..2091ec8 --- /dev/null +++ b/docs/README.md @@ -0,0 +1 @@ +These are the files for the [wiki](https://github.com/JasonN3/build-container-installer/wiki) \ No newline at end of file diff --git a/docs/_Sidebar.md b/docs/_Sidebar.md new file mode 100644 index 0000000..7e637e7 --- /dev/null +++ b/docs/_Sidebar.md @@ -0,0 +1,11 @@ +- [Home](home.md) +- [Usage](usage.md) +- Development + - [Using the Makefile](development/makefile.md) + - [Using the Container](development/container.md) + - [Using the VSCode Dev Container](development/vscode.md) + +- Examples + - [Adding Flatpaks](examples/adding-flatpaks.md) + +- [Known Errors](known_errors.md) diff --git a/docs/development/container.md b/docs/development/container.md new file mode 100644 index 0000000..0e0a0ef --- /dev/null +++ b/docs/development/container.md @@ -0,0 +1,22 @@ +# Using the Container + +A container with `make install-deps` already run is provided at `ghcr.io/jasonn3/build-container-installer:latest` + +To use the container file, run `podman run --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest`. + +This will create an ISO with the baked in defaults of the container image. The resulting file will be called `deploy.iso` + +See [Inputs](usage#inputs) for information about customizing the ISO that gets created. The variables can be defined as environment variables or command arguments. All variables should be specified in CAPITALIZED form. +Examples: + +Building an ISO to install Fedora 39 +```bash +podman run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=Server +``` + +Building an ISO to install Fedora 40 +```bash +podman run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=40 IMAGE_NAME=base IMAGE_TAG=40 VARIANT=Server +``` + +The same commands are also available using `docker` by replacing `podman` with `docker` in each command. diff --git a/docs/development/makefile.md b/docs/development/makefile.md new file mode 100644 index 0000000..be37851 --- /dev/null +++ b/docs/development/makefile.md @@ -0,0 +1,7 @@ +# Using the Makefile + +The Makefile contains all the commands that are run in the action. There are separate targets for each file generated, however `make` can be used to generate the final image and `make clean` can be used to clean up the workspace. The resulting ISO will be stored in the `build` directory. + +`make install-deps` can be used to install the necessary packages. + +See [Inputs](usage#inputs) for information about the available parameters. All variables should be specified in CAPITALIZED form. diff --git a/docs/development/vscode.md b/docs/development/vscode.md new file mode 100644 index 0000000..4b22fe9 --- /dev/null +++ b/docs/development/vscode.md @@ -0,0 +1,46 @@ +# Using the VSCode Dev Container + +There is a dev container configuration provided for development. By default, it will use the existing container image available at `ghcr.io/jasonn3/build-container-installer:latest`. However, you can have it build a new image by editing `.devcontainer/devcontainer.json` and replacing `image` with `build`. `Ctrl+/` can be used to comment and uncomment blocks of code within VSCode. + +The code from VSCode will be available at `/workspaces/build-container-installer` once the container has started. + +Privileged is required for access to loop devices for lorax. + +## Use existing container image + +```diff +{ + "name": "Existing Image", +- "build": { +- "context": "..", +- "dockerfile": "../Containerfile", +- "args": { +- "version": "39" +- } +- }, ++ "image": "ghcr.io/jasonn3/build-container-installer:latest", + "overrideCommand": true, + "shutdownAction": "stopContainer", + "privileged": true +} +``` + +## Build a new container image + +```diff +{ + "name": "New Image", ++ "build": { ++ "context": "..", ++ "dockerfile": "../Containerfile", ++ "args": { ++ "version": "39" ++ } ++ }, +- "image": "ghcr.io/jasonn3/build-container-installer:latest", + "overrideCommand": true, + "shutdownAction": "stopContainer", + "privileged": true +} +``` + diff --git a/docs/examples/adding-flatpaks.md b/docs/examples/adding-flatpaks.md new file mode 100644 index 0000000..153b740 --- /dev/null +++ b/docs/examples/adding-flatpaks.md @@ -0,0 +1,74 @@ +# Adding Flatpaks + +- [Directly using refs](#directly-using-refs) +- [Using a directory](#using-a-directory) + +## Directly using refs + +Action: +Specify the following in your workflow: + +```yaml +- name: Build ISO + uses: jasonn3/build-container-installer@main + id: build + with: + flatpak_remote_name: flathub + flatpak_remote_url: https://flathub.org/repo/flathub.flatpakrepo + flatpak_remote_refs: app/org.videolan.VLC/x86_64/stable runtime/org.kde.Platform/x86_64/5.15-23.08 +``` + +Podman: +Run the following command: + +```bash +podman run --privileged --volume ./:/github/workspace/ ghcr.io/jasonn3/build-container-installer:main \ + FLATPAK_REMOTE_NAME=flathub \ + FLATPAK_REMOTE_URL=https://flathub.org/repo/flathub.flatpakrepo \ + FLATPAK_REMOTE_REFS="app/org.videolan.VLC/x86_64/stable runtime/org.kde.Platform/x86_64/5.15-23.08" +``` + +--- + +## Using a directory + +Action: + +1. Create a directory within your GitHub repo named flatpak_refs +1. Create a file within flatpak_refs with the following content + +```plaintext +app/org.videolan.VLC/x86_64/stable +runtime/org.kde.Platform/x86_64/5.15-23.08 +``` + +Specify the following in your workflow: + +```yaml +- name: Build ISO + uses: jasonn3/build-container-installer@main + id: build + with: + flatpak_remote_name: flathub + flatpak_remote_url: https://flathub.org/repo/flathub.flatpakrepo + flatpak_remote_refs_dir: /github/workspace/flatpak_refs +``` + +Podman: + +1. Create a directory named flatpak_refs +1. Create a file within flatpak_refs with the following content + +```plaintext +app/org.videolan.VLC/x86_64/stable +runtime/org.kde.Platform/x86_64/5.15-23.08 +``` + +Run the following command: + +```bash +podman run --privileged --volume ./:/github/workspace/ ghcr.io/jasonn3/build-container-installer:main \ + FLATPAK_REMOTE_NAME=flathub \ + FLATPAK_REMOTE_URL=https://flathub.org/repo/flathub.flatpakrepo \ + FLATPAK_REMOTE_REFS="app/org.videolan.VLC/x86_64/stable runtime/org.kde.Platform/x86_64/5.15-23.08" +``` diff --git a/docs/home.md b/docs/home.md new file mode 100644 index 0000000..f7e2096 --- /dev/null +++ b/docs/home.md @@ -0,0 +1,14 @@ +Welcome to the build-container-installer wiki! + +## Index + +- [Usage](usage.md) +- Development + - [Using the Makefile](development/makefile.md) + - [Using the Container](development/container.md) + - [Using the VSCode Dev Container](development/vscode.md) + +- Examples + - [Adding Flatpaks](examples/adding-flatpaks.md) + +- [Known Errors](known_errors.md) diff --git a/docs/known_errors.md b/docs/known_errors.md new file mode 100644 index 0000000..bda0b22 --- /dev/null +++ b/docs/known_errors.md @@ -0,0 +1,7 @@ +# Known Errors + +This page describes known errors and how to resolve them. + +## failed to write boot loader configuration + +Add `RUN bootupctl backend generate-update-metadata` at the end of your Dockerfile/Containerfile \ No newline at end of file diff --git a/docs/usage.md b/docs/usage.md new file mode 100644 index 0000000..9ffeb8e --- /dev/null +++ b/docs/usage.md @@ -0,0 +1,68 @@ +# Usage + +This action is designed to be called from a GitHub workflow using the following format + +```yaml +- name: Build ISO + uses: jasonn3/build-container-installer@main + id: build + with: + arch: ${{ env.ARCH}} + image_name: ${{ env.IMAGE_NAME}} + image_repo: ${{ env.IMAGE_REPO}} + image_tag: ${{ env.IMAGE_TAG }} + version: ${{ env.VERSION }} + variant: ${{ env.VARIANT }} + iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ env.VERSION }}.iso + +# This example is for uploading your ISO as a Github artifact. You can do something similar using any cloud storage, so long as you copy the output +- name: Upload ISO as artifact + id: upload + uses: actions/upload-artifact@v4 + with: + name: ${{ steps.build.outputs.iso_name }} + path: | + ${{ steps.build.outputs.iso_path }}/${{ steps.build.outputs.iso_name }} + ${{ steps.build.outputs.iso_path }}/${{ steps.build.outputs.iso_name }}-CHECKSUM + if-no-files-found: error + retention-days: 0 + compression-level: 0 +``` + +## Inputs + +| Variable | Description | Default Value | Action | Container/Makefile | +| ----------------------- | ---------------------------------------------------------------------------- | ---------------------------------------------- | ------------------ | ------------------ | +| additional_templates | Space delimited list of additional Lorax templates to include | \[empty\] | :white_check_mark: | :white_check_mark: | +| arch | Architecture for image to build | x86_64 | :white_check_mark: | :white_check_mark: | +| enrollment_password | Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) | container-installer | :white_check_mark: | :white_check_mark: | +| extra_boot_params | Extra params used by grub to boot the anaconda installer | \[empty\] | :white_check_mark: | :white_check_mark: | +| flatpak_remote_name | Name of the Flatpak repo on the destination OS | flathub | :white_check_mark: | :white_check_mark: | +| flatpak_remote_refs | Space separated list of flatpak refs to install | \[empty\] | :white_check_mark: | :white_check_mark: | +| flatpak_remote_refs_dir | Directory that contains files that list the flatpak refs to install | \[empty\] | :white_check_mark: | :white_check_mark: | +| flatpak_remote_url | URL of the flatpakrepo file | | :white_check_mark: | :white_check_mark: | +| image_name | Name of the source container image | base | :white_check_mark: | :white_check_mark: | +| image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | :white_check_mark: | :white_check_mark: | +| image_signed | Whether the container image is signed. The policy to test the signing must be configured inside the container image | true | :white_check_mark: | :white_check_mark: | +| image_src | Overrides the source of the container image. Must be formatted for the skopeo copy command | \[empty\] | :white_check_mark: | :white_check_mark: | +| image_tag | Tag of the source container image | *VERSION* | :white_check_mark: | :white_check_mark: | +| iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | :white_check_mark: | :white_check_mark: | +| make_target | Overrides the default make target | *ISO_NAME*-Checksum | :white_check_mark: | :x: | +| repos | List of repo files for Lorax to use | /etc/yum.repos.d/*.repo | :white_check_mark: | :white_check_mark: | +| rootfs_size | The size (in GiB) for the squashfs runtime volume | 2 | :white_check_mark: | :white_check_mark: | +| secure_boot_key_url | Secure boot key that is installed from URL location\*\* | \[empty\] | :white_check_mark: | :white_check_mark: | +| variant | Source container variant\* | Server | :white_check_mark: | :white_check_mark: | +| version | Fedora version of installer to build | 39 | :white_check_mark: | :white_check_mark: | +| web_ui | Enable Anaconda WebUI (experimental) | false | :white_check_mark: | :white_check_mark: | + +\*Available options for VARIANT can be found by running `dnf provides system-release`. +Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinoite + +\*\* If you need to reference a local file, you can use `file://*path*` + +## Outputs + +| Variable | Description | Usage | +| -------- | ----------------------------------------| ------------------------------------------------ | +| iso_name | The name of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} | +| iso_path | The path to the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_path }} | diff --git a/external/Makefile b/external/Makefile index 74047b1..0cac3e7 100644 --- a/external/Makefile +++ b/external/Makefile @@ -1,6 +1,6 @@ lorax/branch-$(VERSION): git config advice.detachedHead false - cd lorax && git reset --hard HEAD && git checkout $(if $(_RHEL),rhel$(word 1,$(subst ., ,$(VERSION)))-branch,tags/$(shell cd lorax && git tag -l lorax-$(VERSION).* --sort=creatordate | tail -n 1)) + cd lorax && git reset --hard HEAD && git checkout $(if $(_RHEL),rhel$(word 1,$(subst ., ,$(VERSION)))-branch,tags/$(shell cd lorax && git tag -l lorax-$(VERSION).* --sort=creatordate | grep -v 'lorax-40\.5' | tail -n 1)) touch lorax/branch-$(VERSION) install-deps: diff --git a/flatpaks/Makefile b/flatpaks/Makefile index 3b6e939..7729d01 100644 --- a/flatpaks/Makefile +++ b/flatpaks/Makefile @@ -14,6 +14,7 @@ repo: script.sh script.sh: cat << EOF > script.sh + which flatpak &> /dev/null || dnf install -y flatpak mkdir -p /flatpak/flatpak /flatpak/triggers mkdir /var/tmp || true chmod -R 1777 /var/tmp diff --git a/lorax_templates/Makefile b/lorax_templates/Makefile index d022767..b2e80e5 100644 --- a/lorax_templates/Makefile +++ b/lorax_templates/Makefile @@ -39,10 +39,14 @@ endef post_%.tmpl: scripts/post/% $(call convert_post_to_tmpl,$*,usr/share/anaconda/post-scripts/$*.ks,true) +install_include_post.tmpl: + echo '<%page />' > install_include_post.tmpl + for file in $(patsubst post_%.tmpl, %, $(filter post_%, $(notdir $(_LORAX_TEMPLATES)))); do echo "append usr/share/anaconda/interactive-defaults.ks \"%include /usr/share/anaconda/post-scripts/$${file}.ks\"" >> install_include_post.tmpl; done + install-deps: -FILES=$(wildcard post_*) +FILES=$(wildcard post_*) install_include_post.tmpl clean: ifneq ($(FILES),) rm -Rf $(FILES) -endif \ No newline at end of file +endif diff --git a/lorax_templates/flatpak_set_repo.tmpl b/lorax_templates/flatpak_set_repo.tmpl index 0d8db43..b7fae2d 100644 --- a/lorax_templates/flatpak_set_repo.tmpl +++ b/lorax_templates/flatpak_set_repo.tmpl @@ -1,8 +1,8 @@ <%page args="flatpak_remote_name, _flatpak_repo_url, version"/> % if int(version) >= 41: +append etc/anaconda/conf.d/anaconda.conf "[Payload]" append etc/anaconda/conf.d/anaconda.conf "flatpak_remote = ${flatpak_remote_name} ${_flatpak_repo_url}" % else: replace "flatpak_manager\.add_remote\(\".*\", \".*\"\)" "flatpak_manager.add_remote(\"${flatpak_remote_name}\", \"${_flatpak_repo_url}\")" /usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py replace "flatpak_manager\.replace_installed_refs_remote\(\".*\"\)" "flatpak_manager.replace_installed_refs_remote(\"${flatpak_remote_name}\")" /usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py % endif - diff --git a/test/iso/flatpak_repo_updated.sh b/test/iso/flatpak_repo_updated.sh index 83f3773..c8187ff 100644 --- a/test/iso/flatpak_repo_updated.sh +++ b/test/iso/flatpak_repo_updated.sh @@ -1,5 +1,19 @@ #!/bin/bash +if [[ ${VERSION} -ge 41 ]] +then + result=0 + grep "^\[Payload\]" mnt/install/etc/anaconda/conf.d/anaconda.conf > /dev/null || { + echo "Missing [Payload] header" + result=1 + } + grep "^flatpak_remote = ${FLATPAK_REMOTE_NAME} ${_FLATPAK_REPO_URL}" mnt/install/etc/anaconda/conf.d/anaconda.conf > /dev/null || { + echo "Missing flatpak_remote option" + result=1 + } + exit ${result} +fi + add_line=$(grep flatpak_manager.add_remote mnt/install/usr/lib64/python*/site-packages/pyanaconda/modules/payloads/payload/rpm_ostree/flatpak_installation.py) add_line_repo=$(echo "${add_line}" | grep "${FLATPAK_REMOTE_NAME}") diff --git a/test/vm/Makefile b/test/vm/Makefile index 99288cb..6578595 100644 --- a/test/vm/Makefile +++ b/test/vm/Makefile @@ -24,7 +24,7 @@ ansible_inventory: .PHONY: $(VM_TESTS) install-deps install-deps: - $(install_pkg) qemu qemu-utils xorriso qemu-system-x86 netcat socat jq ansible curl + $(install_pkg) qemu-system qemu-utils xorriso qemu-system-x86 ncat socat jq ansible curl files/mnt/iso: $(if $(wildcard files/mnt),,mkdir files/mnt) @@ -97,4 +97,4 @@ start_vm: install_os fi echo "VM ready for tests at IP $(VM_IP):$(VM_PORT)" - echo $$QEMU_PID > start_vm \ No newline at end of file + echo $$QEMU_PID > start_vm diff --git a/test/vm/flatpak_fedora_repo_disabled.yml b/test/vm/flatpak_fedora_repo_disabled.yml index 17a3e08..eb87099 100644 --- a/test/vm/flatpak_fedora_repo_disabled.yml +++ b/test/vm/flatpak_fedora_repo_disabled.yml @@ -10,7 +10,9 @@ register: services_state - name: Check that flatpak-add-fedora-repos is disabled + when: services_state['ansible_facts']['services']['flatpak-add-fedora-repos.service'] is defined ansible.builtin.assert: that: - services_state['ansible_facts']['services']['flatpak-add-fedora-repos.service']['status'] == 'disabled' - fail_msg: 'flatpak-add-fedora-repos.service is not disabled' \ No newline at end of file + fail_msg: 'flatpak-add-fedora-repos.service is not disabled' + success_msg: 'flatpak-add-fedora-repos.service is correctly disabled'