name: Build Container Installer description: Generates an ISO for installing an OSTree stored in a container image inputs: action_version: description: Version of the action container to run deprecationMessage: No longer used. github.action_ref replaces the need for this. Will be removed in a future version. required: false additional_templates: description: Space delimited list of additional Lorax templates to include required: false arch: description: Architecture for image to build required: true default: x86_64 dnf_cache_key: description: Overrides the dnf cache key required: false enable_cache_dnf: description: Whether to enable caching for dnf required: false default: "true" enable_cache_skopeo: description: Whether to enable caching for skopeo required: false default: "false" enrollment_password: description: Used for supporting secure boot (requires secure_boot_key_url to be defined) required: false default: "container-installer" extra_boot_params: description: Extra params used by grub to boot the anaconda installer required: false flatpak_remote_name: description: Name of the Flatpak remote repo required: false default: "flathub" flatpak_remote_refs: description: Space delimited list of refs to the flatpak packages to install required: false default: "" flatpak_remote_refs_dir: description: Directory that contains files that list the flatpak refs to install required: false default: "" flatpak_remote_url: description: The URL of the Flatpak remote flatpakrepo file required: false default: https://flathub.org/repo/flathub.flatpakrepo image_name: description: Name of the source container image required: true default: base image_repo: description: Repository containing the source container image required: true default: quay.io/fedora-ostree-desktops image_tag: description: Tag of the source container image. Defaults to the installer version required: false iso_name: description: "Name of the resulting ISO. Relative paths are relative to github.workspace" required: false default: build/deploy.iso repos: description: List of repo files for Lorax to use required: false rootfs_size: description: The size (in GiB) for the squashfs runtime volume secure_boot_key_url: description: Secure boot key that is installed from URL location required: false skopeo_cache_key: description: Overrides the skopeo cache key required: false variant: description: "Source container variant. Available options can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinonite" required: true default: Server version: description: Fedora version of installer to build required: true default: "39" web_ui: description: Enable Anaconda WebUI required: false default: "false" outputs: iso_name: value: ${{ steps.rename_iso.outputs.iso_name }} description: The name of the resulting .iso iso_path: value: ${{ steps.rename_iso.outputs.iso_path }} description: The name and path of the resulting .iso runs: using: composite steps: - name: Make cache directory shell: bash run: | sudo mkdir /cache sudo chmod 777 /cache - name: Load dnf cache id: load_dnf_cache env: dnf_cache_key: dnf-${{ inputs.version }} if: inputs.enable_cache_dnf == 'true' uses: actions/cache/restore@v4 with: path: /cache/dnf key: ${{ inputs.dnf_cache_key || env.dnf_cache_key }} - name: Load skopeo cache id: load_skopeo_cache env: skopeo_cache_key: skopeo-${{ inputs.image_name }}-${{ inputs.version || inputs.image_tag }} if: inputs.enable_cache_skopeo == 'true' uses: actions/cache/restore@v4 with: path: /cache/skopeo key: ${{ inputs.skopeo_cache_key || env.skopeo_cache_key }} - name: Ensure cache directories exist shell: bash run: | mkdir /cache/dnf || true mkdir /cache/dnf_new || true mkdir /cache/skopeo || true - name: Run docker image env: ACTION_REPO: ${{ github.action_repository }} ACTION_REF: ${{ github.action_ref }} shell: bash run: | image="ghcr.io/jasonn3/build-container-installer" # Check if running inside of the action repo if [[ -z "${ACTION_REPO}" || "${ACTION_REPO}" == "${{ github.repository }}" ]] then if [[ "${{ github.ref_name }}" =~ (.*)/merge ]] then tag="pr-${BASH_REMATCH[1]}" image="docker.io/jasonn3/build-container-installer" else tag="${{ github.ref_name }}" fi else tag="${ACTION_REF}" fi if [[ "${{ inputs.enable_cache_dnf }}" == "true" ]] then cache="${cache} -v /cache/dnf:/cache/dnf" fi if [[ "${{ inputs.enable_cache_skopeo }}" == "true" ]] then cache="${cache} -v /cache/skopeo:/cache/skopeo" fi if [[ "${{ steps.load_dnf_cache.outputs.cache-hit }}" != "true" ]] then cache="${cache} -v /cache/dnf_new:/cache/dnf_new" fi vars="" if [[ -n "${{ inputs.flatpak_remote_refs }}" ]] && [[ -n "${{ inputs.flatpak_remote_refs_dir }}" ]] then echo "ERROR: flatpak_remote_refs is mutually exclusive to flatpak_remote_refs_dir" exit 1 else if [[ -n "${{ inputs.flatpak_remote_refs }}" ]] then vars="${vars} FLATPAK_REMOTE_REFS=\"${{ inputs.flatpak_remote_refs }}\"" else vars="${vars} FLATPAK_REMOTE_REFS_DIR=\"${{ inputs.flatpak_remote_refs_dir }}\"" fi fi docker run --privileged --volume ${{ github.workspace }}:/github/workspace/ ${cache} ${image}:${tag} \ ADDITIONAL_TEMPLATES="${{ inputs.additional_templates }}" \ ARCH="${{ inputs.arch }}" \ DNF_CACHE="/cache/dnf" \ ENROLLMENT_PASSWORD="${{ inputs.enrollment_password }}" \ FLATPAK_REMOTE_NAME="${{ inputs.flatpak_remote_name }}" \ ${vars} \ FLATPAK_REMOTE_URL="${{ inputs.flatpak_remote_url }}" \ IMAGE_NAME="${{ inputs.image_name }}" \ IMAGE_REPO="${{ inputs.image_repo }}" \ IMAGE_TAG="${{ inputs.image_tag || inputs.version }}" \ SECURE_BOOT_KEY_URL="${{ inputs.secure_boot_key_url }}" \ VARIANT="${{ inputs.variant }}" \ VERSION="${{ inputs.version }}" \ WEB_UI="${{ inputs.web_ui }}" - name: Save dnf cache env: dnf_cache_key: dnf-${{ inputs.version }} if: inputs.enable_cache_dnf == 'true' && steps.load_dnf_cache.outputs.cache-hit != 'true' uses: actions/cache/save@v4 with: path: /cache/dnf_new key: ${{ inputs.dnf_cache_key || env.dnf_cache_key }} - name: Save skopeo cache env: skopeo_cache_key: skopeo-${{ inputs.image_name }}-${{ inputs.version || inputs.image_tag }} if: inputs.enable_cache_skopeo == 'true' && steps.load_dnf_cache.outputs.cache-hit != 'true' uses: actions/cache/save@v4 with: path: /cache/skopeo key: ${{ inputs.skopeo_cache_key || env.skopeo_cache_key }} - name: Rename ISO file id: rename_iso shell: bash run: | if [[ ! ( "${{ inputs.iso_name }}" =~ \.iso$ ) ]] then iso_name="${{ inputs.iso_name }}.iso" else iso_name="${{ inputs.iso_name }}" fi if [[ "${{ inputs.iso_name }}" =~ ^/ ]] then full_path="${iso_name}" else full_path="${{ github.workspace }}/${iso_name}" fi mv ${{ github.workspace }}/build/deploy.iso ${full_path} || true cd $(dirname ${full_path}) iso_fn=$(basename ${iso_name}) sha256sum ${iso_fn} > ${iso_fn}-CHECKSUM echo "iso_path=${full_path}" >> $GITHUB_OUTPUT echo "iso_name=${iso_fn}" >> $GITHUB_OUTPUT