mirror of
https://github.com/JasonN3/build-container-installer.git
synced 2025-12-25 10:57:55 +01:00
f70e8ea027
* feat: Allow users to override secure boot key and password when using container or action * fix: follow redirects * chore: update docs * fix: added comments and removed additional \n * fix: removed defaults * fix: added conditional for adding public key * chore(ci): Added additional test for secure boot * chore(ci): fixed up workflows to match production * fix(ci): added workflow dispatch to test * fix(ci): fixed version and added IMAGE_TAG * chore(ci): changed to bluefin to test both 38 and 39 secure boot * chore(ci): added required variables to entrypoint * chore(ci): added merge_group and added paths-ignore * chore(ci): updated description * chore(ci): set to Silverblue since we are testing Bluefin * chore(ci): Fixed secure boot key not found error Received error in anaconda when check was hit, need to set as a soft failure to exit the script early without stopping anaconda installation. * chore: fixed formatting * chore: fixed whitespace * chore(ci): Removed duplicate test * chore: fix whitespace * chore(ci): fixed test and removed upload to Github Artifacts * chore: updated README * fix: set password to ublue default * fix: changed enrollment password in containerfile
133 lines
4.5 KiB
YAML
133 lines
4.5 KiB
YAML
name: Generate ISO
|
|
description: Creates an ISO for installing an OSTree container
|
|
|
|
inputs:
|
|
ARCH:
|
|
description: Architecture for image to build
|
|
required: true
|
|
default: x86_64
|
|
IMAGE_NAME:
|
|
description: Name of the source container image
|
|
required: true
|
|
default: base-main
|
|
IMAGE_REPO:
|
|
description: Repository containing the source container image
|
|
required: true
|
|
default: ghcr.io/ublue-os
|
|
VARIANT:
|
|
description: "Source container variant. Available options can be found by running `dnf provides system-release`. Variant will be the third item in the package name. Example: `fedora-release-kinoite-39-34.noarch` will be kinonite"
|
|
required: true
|
|
default: Kinoite
|
|
VERSION:
|
|
description: Fedora version of installer to build
|
|
required: true
|
|
default: "39"
|
|
IMAGE_TAG:
|
|
description: Tag of the source container image
|
|
required: false
|
|
EXTRA_BOOT_PARAMS:
|
|
description: Extra params used by grub to boot the anaconda installer
|
|
required: false
|
|
WEB_UI:
|
|
description: Enable Anaconda WebUI
|
|
required: true
|
|
default: "false"
|
|
ENROLLMENT_PASSWORD:
|
|
description: Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined)
|
|
required: false
|
|
SECURE_BOOT_KEY_URL:
|
|
description: Secure boot key that is installed from URL location
|
|
required: false
|
|
ACTION_REPO:
|
|
description: Repository with the build action
|
|
required: false
|
|
default: ${{ github.repository }}
|
|
ACTION_REF:
|
|
description: Repository ref for the build action
|
|
required: false
|
|
default: ${{ github.ref }}
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- name: Cleanup host
|
|
shell: bash
|
|
run: |
|
|
if [[ -d /host ]]
|
|
then
|
|
df -h /host
|
|
# Remove Android Library
|
|
rm -Rf /host/usr/local/lib/android
|
|
# Remove .NET runtime
|
|
rm -Rf /host/usr/share/dotnet
|
|
# Remove Haskell runtime
|
|
rm -rf /host/opt/ghc
|
|
rm -rf /host/usr/local/.ghcup
|
|
chroot /host docker image prune --all --force
|
|
df -h /host
|
|
else
|
|
echo "Host must be mounted as /host in order to make more space"
|
|
fi
|
|
|
|
- name: Install make and git
|
|
shell: bash
|
|
run: dnf install -y make git
|
|
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
with:
|
|
repository: ${{ inputs.ACTION_REPO }}
|
|
ref: ${{ inputs.ACTION_REF }}
|
|
submodules: recursive
|
|
|
|
- name: Install dependencies
|
|
shell: bash
|
|
run: make install-deps
|
|
|
|
- name: Lowercase Registry
|
|
id: registry_case
|
|
uses: ASzc/change-string-case-action@v6
|
|
with:
|
|
string: ${{ inputs.IMAGE_REPO }}
|
|
|
|
- name: Download image
|
|
shell: bash
|
|
run: |
|
|
make container/${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }} \
|
|
ARCH=${{ inputs.ARCH }} \
|
|
IMAGE_NAME=${{ inputs.IMAGE_NAME }} \
|
|
IMAGE_REPO=${{ steps.registry_case.outputs.lowercase }} \
|
|
IMAGE_TAG=${{ inputs.IMAGE_TAG || inputs.VERSION }} \
|
|
VARIANT=${{ inputs.VARIANT }} \
|
|
VERSION=${{ inputs.VERSION }} \
|
|
WEB_UI=${{ inputs.WEB_UI }}
|
|
|
|
- name: Create boot.iso
|
|
shell: bash
|
|
run: |
|
|
make boot.iso \
|
|
ARCH=${{ inputs.ARCH }} \
|
|
IMAGE_NAME=${{ inputs.IMAGE_NAME }} \
|
|
IMAGE_REPO=${{ steps.registry_case.outputs.lowercase }} \
|
|
IMAGE_TAG=${{ inputs.IMAGE_TAG || inputs.VERSION }} \
|
|
VARIANT=${{ inputs.VARIANT }} \
|
|
VERSION=${{ inputs.VERSION }} \
|
|
WEB_UI=${{ inputs.WEB_UI }} \
|
|
EXTRA_BOOT_PARAMS=${{ inputs.EXTRA_BOOT_PARAMS }} \
|
|
SECURE_BOOT_KEY_URL=${{ inputs.SECURE_BOOT_KEY_URL }} \
|
|
ENROLLMENT_PASSWORD=${{ inputs.ENROLLMENT_PASSWORD }}
|
|
|
|
- name: Create deploy.iso and generate sha256 checksum
|
|
shell: bash
|
|
run: |
|
|
make ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso \
|
|
ARCH=${{ inputs.ARCH }} \
|
|
IMAGE_NAME=${{ inputs.IMAGE_NAME }} \
|
|
IMAGE_REPO=${{ steps.registry_case.outputs.lowercase }} \
|
|
IMAGE_TAG=${{ inputs.IMAGE_TAG || inputs.VERSION }} \
|
|
VARIANT=${{ inputs.VARIANT }} \
|
|
VERSION=${{ inputs.VERSION }} \
|
|
WEB_UI=${{ inputs.WEB_UI }}
|
|
mkdir end_iso
|
|
sha256sum ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso > ./end_iso/${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}-CHECKSUM
|
|
mv ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso end_iso/
|