Misthios/bootc-images
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7aa0abcba460045cddc7121fc75d290343637ed4
bootc-images/.gitea/workflows/build.yaml
Wesley van Tilburg 7aa0abcba4
Some checks failed
Build containers / Build and push image (asahi-cosmic, 43) (push) Failing after 3m40s
Details
ci: test changes
2026-02-28 15:44:52 +01:00

100 lines
3.1 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: Build containers
on:
workflow_dispatch:
pull_request:
branches: ["main"]
push:
branches: ["main"]
jobs:
build_push:
name: Build and push image
runs-on: coole-runner
strategy:
fail-fast: false
matrix:
image: [asahi-cosmic]
version: [43]
container:
image: "quay.io/fedora-ostree-desktops/buildroot:${{ matrix.version }}"
options: "--security-opt=label=disable --privileged --user 0:0 --device=/dev/fuse --volume /:/run/host:rw"
steps:
- name: Install latest rpm-ostree package from testing repos
run: |
dnf upgrade -y --enablerepo=updates-testing --refresh rpm-ostree
dnf install -y nodejs buildah tar jq
mkdir -p ~/.docker
- name: Fixup containers/storage.conf
run: |
sed -i 's/driver = "overlay"/driver = "vfs"/' /usr/share/containers/storage.conf
- name: Checkout
uses: actions/checkout@v4
- name: Log in
uses: redhat-actions/podman-login@v1
with:
registry: git.plabble.org
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_TOKEN }}
auth_file_path: /tmp/auth.json
- name: Build rootfs
run: |
sudo ./builder.sh asahi-cosmic 43
- name: Build container (SUIDpreserving OCI extraction)
run: |
set -xeuo pipefail
IMAGE_NAME="misthios/${{ matrix.image }}"
IMAGE_TAG="${{ matrix.version }}"
OCI_DIR="images/${{ matrix.image }}/manifest.ociarchive"
# Create container from scratch
ctr=$(buildah from scratch)
mnt=$(buildah mount "$ctr")
# Extract layers in correct order
manifest="$OCI_DIR/manifest.json"
layers=$(jq -r '.[0].Layers[]' "$manifest")
for layer in $layers; do
LAYER_PATH="$OCI_DIR/blobs/sha256/${layer#sha256:}"
echo "Extracting layer: $LAYER_PATH"
tar --numeric-owner -xpf "$LAYER_PATH" -C "$mnt"
done
# Add metadata
buildah config \
--label containers.bootc=1 \
--label org.opencontainers.image.title="${{ matrix.image }}" \
--label org.opencontainers.image.version="${{ matrix.version }}" \
--label org.opencontainers.image.revision="${{ github.sha }}" \
--label io.bootc.image.version="${{ matrix.version }}" \
--label io.bootc.image.revision="${{ github.sha }}" \
--env container=oci \
--stop-signal SIGRTMIN+3 \
--cmd "/sbin/init" \
"$ctr"
# Commit final image
buildah commit "$ctr" "${IMAGE_NAME}:${IMAGE_TAG}"
buildah unmount "$ctr"
buildah rm "$ctr"
- name: Push
run: |
buildah push \
misthios/${{ matrix.image }}:${{ matrix.version }} \
docker://git.plabble.org/misthios/${{ matrix.image }}:${{ matrix.version }} \
--creds "${{ secrets.REGISTRY_USERNAME }}:${{ secrets.REGISTRY_TOKEN }}" \
--compression-format=zstd \
--compression-level=12
Reference in New Issue View Git Blame Copy Permalink