Misthios/bootc-images
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: rework build
Some checks failed
Build containers / Build and push image (asahi-cosmic, 43) (push) Failing after 5m2s
Details

Browse Source
This commit is contained in:
Wesley
2026-02-22 15:37:25 +01:00
parent 71ccffc6a3
commit f20cccca73
7 changed files with 67 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
.gitea/workflows/build.yaml
View File

@@ -10,74 +10,54 @@ on:
jobs: jobs:
build_push: build_push:
name: Build and push image name: Build and push image
runs-on: job-v2 runs-on: wesley-arm
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
image: [asahi-cosmic] image: [asahi-cosmic]
version: [43] #Build current stable,next stable/rawhide (if not branched) version: [43] #Build current stable,next stable/rawhide (if not branched)
container: container:
image: "quay.io/fedora-ostree-desktops/buildroot:43" image: "quay.io/fedora-ostree-desktops/buildroot:${{ matrix.version }}"
options: "--security-opt apparmor=unconfined --privileged --user 0:0 --device=/dev/kvm --device=/dev/fuse --volume /:/run/host:rw --arch arm64" options: "--security-opt=label=disable --privileged --user 0:0 --device=/dev/fuse --volume /:/run/host:rw"
steps: steps:
- name: Install dependencies
run: |
dnf install -y nodejs
dnf upgrade -y --enablerepo=updates-testing --refresh rpm-ostree
- name: Install latest rpm-ostree package from testing repos
run: |
dnf upgrade -y --enablerepo=updates-testing --refresh rpm-ostree
dnf install -y nodejs
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Build Bootable Container image - name: Log in
run: |
./builder.sh "${{ matrix.image }}" "${{ matrix.version }}"
- name: Prepare Docker config directory
run: mkdir -p /root/.docker
- name: Login to Container Registry
uses: redhat-actions/podman-login@v1 uses: redhat-actions/podman-login@v1
if: (github.event_name == 'push' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
with: with:
registry: git.plabble.org registry: git.plabble.org
username: ${{ secrets.REGISTRY_USERNAME }} username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_TOKEN }} password: ${{ secrets.REGISTRY_TOKEN }}
auth_file_path: /tmp/auth.json auth_file_path: /tmp/auth.json
- name: Push container image to container registry - name: Build rootfs
id: push
run: | run: |
# Determine buildid (same logic as upstream) sudo ./builder.sh asahi-cosmic 43
if [[ -f ".buildid" ]]; then
buildid="$(< .buildid)"
else
buildid="$(date '+%Y%m%d.0')"
echo "${buildid}" > .buildid
fi
version="${{ matrix.version }}" - name: Build container
image="${{ matrix.image }}" id: build
uses: job79/buildah-build@65b3793a1370c1ccd74a5c0d090d70eb9637a4ef
with:
image: misthios/${{ matrix.container }}
tags: ${{ matrix.version }}
containerfiles: ./Containerfile
build-args: IMAGE=${{ matrix.image }}
# Path to the OCI archive produced by builder.sh - name: Push
archive="images/${image}/manifest.ociarchive" uses: redhat-actions/push-to-registry@v2
with:
echo "Pushing ${archive} as ${image}:${version}.${buildid}" image: ${{ steps.build.outputs.image }}
tags: ${{ steps.build.outputs.tags }}
# Push version.buildid registry: git.plabble.org
skopeo copy \ username: ${{ secrets.REGISTRY_USERNAME }}
--authfile /tmp/auth.json \ password: ${{ secrets.REGISTRY_TOKEN }}
--retry-times 3 \ extra-args: |
--dest-compress-format zstd \ --compression-format=zstd
oci-archive:${archive} \ --compression-level=12
docker://git.plabble.org/misthios/${image}:${version}.${buildid}
# Push version
skopeo copy \
--authfile /tmp/auth.json \
--retry-times 3 \
--dest-compress-format zstd \
docker://git.plabble.org/misthios/${image}:${version}.${buildid} \
docker://git.plabble.org/misthios/${image}:${version}

10
Containerfile Normal file
View File

@@ -0,0 +1,10 @@
ARG IMAGE
# Create the container from the rootfs and set the labels
FROM scratch
COPY --from=builder /src/images/${IMAGE}/manifest.ociarchive /
LABEL containers.bootc 1
ENV container=oci
# Make systemd the default
STOPSIGNAL SIGRTMIN+3
CMD ["/sbin/init"]

32
builder.sh
View File

@@ -43,34 +43,34 @@ echo "${buildid}" > .buildid
echo "Composing ${VERSION}.${buildid} ..." echo "Composing ${VERSION}.${buildid} ..."
# repos import # --- REPOS IMPORT ---
cp images/shared/*.repo "${IMAGE_DIR}" cp images/shared/*.repo "${IMAGE_DIR}/"
cp "${IMAGE_DIR}"/{$IMAGE}/repos/*.repo "${IMAGE_DIR}" cp "${IMAGE_DIR}"/repos/*.repo "${IMAGE_DIR}/"
# Ensure manifest has correct ref and releasever # --- MANIFEST FIXUPS ---
sed -i '/^ref:/d' "$MANIFEST" # Remove existing ref: and releasever:
sed -i '/^releasever:/d' "$MANIFEST" sed -i '/^ref:/d' "$MANIFEST"
sed -i "1i releasever: ${VERSION}" "$MANIFEST" sed -i '/^releasever:/d' "$MANIFEST"
# Insert new values at top
sed -i "1i releasever: ${VERSION}" "$MANIFEST"
sed -i "1i ref: ${REF}" "$MANIFEST" sed -i "1i ref: ${REF}" "$MANIFEST"
#Run a optional per image script to do image specific things # --- OPTIONAL POSTPROCESS ---
POSTPROCESS="${IMAGE_DIR}/${IMAGE}"/postprocess.sh" POSTPROCESS="$IMAGE_DIR/test.sh"
if [[ -x "${POSTPROCESS}" ]]; then if [[ -x "$POSTPROCESS" ]]; then
echo "Running postprocess script: ${POSTPROCESS}" echo "Running postprocess script: $POSTPROCESS"
"${POSTPROCESS}" "$POSTPROCESS"
else else
echo "No postprocess.sh found in ${IMAGE_DIR}, skipping." echo "No postprocess.sh found in ${IMAGE_DIR}, skipping."
fi fi
# --- COMPOSE IMAGE --- # --- COMPOSE IMAGE ---
ARGS=( ARGS=(
"--cachedir=cache" "--cachedir=cache"
"--initialize"
"--max-layers=96"
) )
rpm-ostree compose image \ rpm-ostree compose rootfs \
"${ARGS[@]}" \ "${ARGS[@]}" \
"$MANIFEST" \ "$MANIFEST" \
"$OUTPUT" "$OUTPUT"

22
images/asahi-cosmic/packages.yaml
View File

@@ -1,4 +1,13 @@
#Cosmic related packages
# System packages (boot)
packages-aarch64:
- grub2-efi
- efibootmgr
- shim
#System packages (common)
# Core packages (common.yaml upstream)
packages: packages:
- cosmic-edit - cosmic-edit
- cosmic-files - cosmic-files
@@ -16,17 +25,6 @@ packages:
- plymouth-system-theme - plymouth-system-theme
- system-config-printer - system-config-printer
- xdg-desktop-portal-gtk - xdg-desktop-portal-gtk
# System packages (boot)
packages-aarch64:
- grub2-efi
- efibootmgr
- shim
#System packages (common)
# Core packages (common.yaml upstream)
packages:
# Ensure that we have a kernel. Kernel packages are not in any comps group # Ensure that we have a kernel. Kernel packages are not in any comps group
# - kernel # - kernel
# - kernel-modules # - kernel-modules

2
images/asahi-cosmic/repos/group_asahi-fedora-remix-branding.repo
View File

@@ -1,4 +1,4 @@
copr:copr.fedorainfracloud.org:group_asahi:fedora-remix-branding] [copr:copr.fedorainfracloud.org:group_asahi:fedora-remix-branding]
name=Copr repo for fedora-remix-branding owned by @asahi name=Copr repo for fedora-remix-branding owned by @asahi
baseurl=https://download.copr.fedorainfracloud.org/results/@asahi/fedora-remix-branding/fedora-$releasever-$basearch/ baseurl=https://download.copr.fedorainfracloud.org/results/@asahi/fedora-remix-branding/fedora-$releasever-$basearch/
type=rpm-md type=rpm-md

0
images/asahi-cosmic/postprocess.sh → images/asahi-cosmic/test.sh Normal file → Executable file
View File

24
images/shared/base.yaml
View File

@@ -90,10 +90,6 @@ postprocess:
# Extra modules that we want by default that are known to exist in the kernel # Extra modules that we want by default that are known to exist in the kernel
add_dracutmodules+=" virtiofs " add_dracutmodules+=" virtiofs "
EOF EOF
cat > /usr/lib/dracut/dracut.conf.d/49-bootc-tpm2-tss.conf << 'EOF'
# We want this for systemd-cryptsetup tpm2 locking
add_dracutmodules+=" tpm2-tss "
EOF
cat > /usr/lib/dracut/dracut.conf.d/59-altfiles.conf << 'EOF' cat > /usr/lib/dracut/dracut.conf.d/59-altfiles.conf << 'EOF'
# https://issues.redhat.com/browse/RHEL-49590 # https://issues.redhat.com/browse/RHEL-49590
# On image mode systems we use nss-altfiles for passwd and group, # On image mode systems we use nss-altfiles for passwd and group,
@@ -173,26 +169,6 @@ postprocess:
Z /etc/colord/ - colord colord Z /etc/colord/ - colord colord
EOF EOF
#Enable Compose FS
- |
#!/usr/bin/env bash
set -xeuo pipefail
cat >> /usr/lib/ostree/prepare-root.conf << 'EOF'
[composefs]
enabled = yes
EOF
#Sysroot read-only
- |
#!/usr/bin/env bash
set -xeuo pipefail
install -dm 0755 -o 0 -g 0 /usr/lib/ostree
cat >> /usr/lib/ostree/prepare-root.conf << 'EOF'
[sysroot]
readonly = true
EOF
packages: packages:
# systemd. Also name systemd-pam because it was dropped to a recommends # systemd. Also name systemd-pam because it was dropped to a recommends