Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Use CoreOS Kernel #1429

Merged
merged 64 commits into from
Jun 26, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
64 commits
Select commit Hold shift + click to select a range
e452b50
feat: Use CoreOS Kernel
m2Giles Jun 23, 2024
fc7f99e
chore: updated Containerfile Args
m2Giles Jun 23, 2024
8d8009f
chore: explicitly set coreOS stream to stable
m2Giles Jun 23, 2024
80a627d
chore(ci): Match CoreOS Kernel workflow for merge
m2Giles Jun 23, 2024
2dc8ca2
chore(ci): Fix Excludes
m2Giles Jun 23, 2024
9804c4c
Merge remote-tracking branch 'origin/main' into testing
m2Giles Jun 24, 2024
a909e01
chore(ci): coreOS tags
m2Giles Jun 24, 2024
e77dd81
chore(ci): coreOS tags
m2Giles Jun 24, 2024
7b28e47
chore(ci): coreOS tags
m2Giles Jun 24, 2024
6f709f1
chore(ci): coreOS tags
m2Giles Jun 24, 2024
9359e1e
feat: add nvidia coreos
m2Giles Jun 24, 2024
99da0bf
chore: change coreos for artifact upload
m2Giles Jun 24, 2024
f911655
fix: quote coreos tags
m2Giles Jun 24, 2024
5cf3e8d
fix: use coreos tag for artifact upload
m2Giles Jun 24, 2024
76fb64f
fix: update excludes
m2Giles Jun 24, 2024
6000925
fix: missing then
m2Giles Jun 24, 2024
918e217
fix: rpm path
m2Giles Jun 24, 2024
987ec74
fix: rpm path
m2Giles Jun 24, 2024
36cb807
fix: disable negativo17 only for coreos-nv
m2Giles Jun 24, 2024
0a6b614
fix: missing script in build base
m2Giles Jun 24, 2024
05e8d7a
fix: disable nvidia coreOS
m2Giles Jun 24, 2024
0f5b85f
fix: stop building ISOs in testing
m2Giles Jun 24, 2024
8ab5c96
feat: bluefin cli now sources bling
m2Giles Jun 24, 2024
fc729d1
fix: use bash equality check for bluefin-cli
m2Giles Jun 24, 2024
f978e4d
chore: sh uses single = for string comp
m2Giles Jun 24, 2024
558ad5b
Merge branch 'main' into bluefin-cli
m2Giles Jun 24, 2024
48451af
Merge branch 'main' into bluefin-cli
m2Giles Jun 25, 2024
729c461
chore: make ujust bluefin-cli more robust
m2Giles Jun 25, 2024
7ffea93
Merge remote-tracking branch 'origin/main' into testing
m2Giles Jun 25, 2024
ac157d1
Merge branch 'bluefin-cli' into testing
m2Giles Jun 25, 2024
d4f7da6
feat: use akmods caching layer
m2Giles Jun 25, 2024
e9966d1
chore: rework includes
m2Giles Jun 25, 2024
d7e35ff
chore: rework includes
m2Giles Jun 25, 2024
28aa216
chore: rework includes
m2Giles Jun 25, 2024
5d4768f
chore: rework includes
m2Giles Jun 25, 2024
12e1794
chore: rework includes
m2Giles Jun 25, 2024
cb7d3f5
chore: use excludes
m2Giles Jun 25, 2024
8c33966
fix: correct akmods path
m2Giles Jun 25, 2024
0536f1b
chore: don't build testing on push
m2Giles Jun 25, 2024
363c51b
chore: don't build testing on push
m2Giles Jun 25, 2024
014d395
chore: rework includes, nvidia coreos
m2Giles Jun 26, 2024
a1955eb
fix: use is_coreos env variable
m2Giles Jun 26, 2024
da45c2b
fix: specify fedora version for include
m2Giles Jun 26, 2024
86f128f
fix: change build arg
m2Giles Jun 26, 2024
6f9a8aa
Merge branch 'main' into testing
m2Giles Jun 26, 2024
1004ea6
fix: update build arg
m2Giles Jun 26, 2024
eed47fe
fix: update build arg
m2Giles Jun 26, 2024
620a9e7
chore: nvidia for coreos
Jun 26, 2024
eef814e
fix: use hwe nvidia install script
m2Giles Jun 26, 2024
7c31fee
chore: update rollback-helper and image-info.json
m2Giles Jun 26, 2024
922b129
chore(ci): reduce number of builds
m2Giles Jun 26, 2024
e321d44
chore: reduce pull request build time
m2Giles Jun 26, 2024
4e1db00
chore(ci): more build time speedups
m2Giles Jun 26, 2024
6b62412
chore(ci): unbreak workflow
m2Giles Jun 26, 2024
b28fcc9
chore(ci): try to not use max build space unless needed
m2Giles Jun 26, 2024
21f4271
chore: refactor to using coreos as tag
m2Giles Jun 26, 2024
e2e63b9
chore(ci): continue refactor
m2Giles Jun 26, 2024
4b27fb2
chore(ci): add aurora coreos, update containerfile
m2Giles Jun 26, 2024
407e718
chore(ci): change tag name to stable
m2Giles Jun 26, 2024
9a68526
chore: make sure there is a default tag
m2Giles Jun 26, 2024
90f995a
fix(ci): make sure artifacts use stable, not 40
m2Giles Jun 26, 2024
9d8294a
chore: cleanup branding and codacy errors
m2Giles Jun 26, 2024
1671ead
chore: more codacy
m2Giles Jun 26, 2024
c1f06d8
chore: more cleanup
m2Giles Jun 26, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions .github/workflows/build-coreos-aurora.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
name: aurora coreos
on:
merge_group:
pull_request:
branches:
- main
- testing
paths-ignore:
- '**.md'
- 'system_files/bluefin/**'
push:
branches:
- main
paths-ignore:
- '**.md'
- 'system_files/bluefin/**'
schedule:
- cron: '41 5 * * *' # 5:41 UTC everyday
workflow_dispatch:

jobs:
build:
name: build
uses: ./.github/workflows/reusable-build.yml
secrets: inherit
with:
brand_name: aurora
fedora_version: stable
13 changes: 11 additions & 2 deletions .github/workflows/build-coreos-bluefin.yml
Original file line number Diff line number Diff line change
@@ -1,12 +1,21 @@
name: bluefin CoreOS Kernel
name: bluefin coreos
on:
merge_group:
pull_request:
branches:
- main
- testing
paths-ignore:
- '**.md'
- 'system_files/kinoite/**'
push:
branches:
- main
paths-ignore:
- '**.md'
- 'system_files/kinoite/**'
schedule:
- cron: '41 5 * * *' # 5:41 UTC everyday
workflow_dispatch:

jobs:
Expand All @@ -16,4 +25,4 @@ jobs:
secrets: inherit
with:
brand_name: bluefin
fedora_version: coreos
fedora_version: stable
150 changes: 104 additions & 46 deletions .github/workflows/reusable-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,41 +48,92 @@ jobs:
image_flavor: asus
- fedora_version: 39
image_flavor: asus-nvidia
- fedora_version: stable
image_flavor: asus
- fedora_version: stable
image_flavor: asus-nvidia
- fedora_version: stable
image_flavor: surface
- fedora_version: stable
image_flavor: surface-nvidia

steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4

- name: Matrix Variables
run: |
# IMAGE_NAME
if [[ "${{ matrix.image_flavor }}" == "main" ]]; then
echo "IMAGE_NAME=${{ matrix.base_name }}" >> $GITHUB_ENV
else
echo "IMAGE_NAME=${{ format('{0}-{1}', matrix.base_name, matrix.image_flavor) }}" >> $GITHUB_ENV
fi

# BASE_IMAGE_NAME
if [[ "${{ matrix.base_name }}" =~ "bluefin" ]]; then
echo "BASE_IMAGE_NAME"="silverblue" >> $GITHUB_ENV
elif [[ "${{ matrix.base_name }}" =~ "aurora" ]]; then
echo "BASE_IMAGE_NAME"="kinoite" >> $GITHUB_ENV
fi

# TARGET_NAME
if [[ "${{ matrix.base_name }}" =~ "dx" ]]; then
echo "TARGET_NAME"="dx" >> $GITHUB_ENV
else
echo "TARGET_NAME"="base" >> $GITHUB_ENV
fi

# AKMODS_FLAVOR
if [[ "${{ matrix.image_flavor }}" =~ "asus" ]]; then
echo "AKMODS_FLAVOR=asus" >> $GITHUB_ENV
elif [[ "${{ matrix.image_flavor }}" =~ "surface" ]]; then
echo "AKMODS_FLAVOR=surface" >> $GITHUB_ENV
echo "KERNEL_SUFFIX=surface" >> $GITHUB_ENV
elif [[ "${{ matrix.fedora_version }}" =~ "stable" ]]; then
echo "AKMODS_FLAVOR=coreos" >> $GITHUB_ENV
else
echo "AKMODS_FLAVOR=main" >> $GITHUB_ENV
fi

# Env for matrix.image_flavor
if [[ "${{ matrix.image_flavor }}" == "nvidia" ]] && \
[[ "${{ matrix.fedora_version }}" =~ "stable" ]]; then
echo "image_flavor=main" >> $GITHUB_ENV
echo "coreos_type=nvidia" >> $GITHUB_ENV
elif [[ "${{ matrix.image_flavor }}" == "main" ]] && \
[[ "${{ matrix.fedora_version }}" =~ "stable" ]]; then
echo "image_flavor=${{ matrix.image_flavor }}" >> $GITHUB_ENV
echo "coreos_type=main" >> $GITHUB_ENV
else
echo "image_flavor=${{ matrix.image_flavor }}" >> $GITHUB_ENV
fi

- name: Get Current Fedora Version
id: labels
shell: bash
run: |
set -eo pipefail
if [[ ${{ matrix.fedora_version }} == "stable" ]]; then
KERNEL_RELEASE=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"] | split(".x86_64")[0]')
fedora_version=$(echo $KERNEL_RELEASE | grep -oP 'fc\K[0-9]+')
else
KERNEL_RELEASE=$(skopeo inspect docker://ghcr.io/ublue-os/silverblue-${{ env.image_flavor }}:${{ matrix.fedora_version }} | jq -r '.Labels["ostree.linux"] | split(".x86_64")[0]')
fi
fedora_version=$(echo $KERNEL_RELEASE | grep -oP 'fc\K[0-9]+')
ver=$(skopeo inspect docker://ghcr.io/ublue-os/${{ env.BASE_IMAGE_NAME }}-${{ env.image_flavor }}:$fedora_version | jq -r '.Labels["org.opencontainers.image.version"]')
echo "kernel_release=$KERNEL_RELEASE" >> $GITHUB_OUTPUT
echo "fedora_version=$fedora_version" >> $GITHUB_OUTPUT
if [ -z "$ver" ] || [ "null" = "$ver" ]; then
echo "inspected image version must not be empty or null"
exit 1
fi
echo "VERSION=$ver" >> $GITHUB_OUTPUT

- name: Verify base image
uses: EyeCantCU/cosign-action/verify@11f8c114a5e67c7a663c9dfcaf76d85429d254bc # v0.2.2
with:
containers: ${{ env.BASE_IMAGE_NAME}}-${{ matrix.image_flavor }}:${{ matrix.fedora_version }}
containers: ${{ env.BASE_IMAGE_NAME}}-${{ env.image_flavor }}:${{ steps.labels.outputs.fedora_version }}

- name: Verify Chainguard images
if: matrix.base_name != 'bluefin' && matrix.base_name != 'aurora'
Expand All @@ -94,6 +145,7 @@ jobs:
registry: cgr.dev/chainguard

- name: Maximize build space
if: contains(matrix.base_name, '-dx') && (github.event_name == 'pull_request' && ( matrix.image_flavor == 'main' || matrix.image_flavor == 'nvidia' ) || github.event_name != 'pull_request')
uses: ublue-os/remove-unwanted-software@517622d6452028f266b7ba4cc9a123b5f58a6b53 # v7

- name: Check just syntax
Expand All @@ -107,18 +159,26 @@ jobs:
TIMESTAMP="$(date +%Y%m%d)"
FEDORA_VERSION="${{ matrix.fedora_version }}"

if [[ "${{ matrix.fedora_version }}" -eq "39" ]]; then
if [[ "${{ matrix.fedora_version }}" == "stable" ]]; then
IS_LATEST_VERSION=false
IS_STABLE_VERSION=true
IS_GTS_VERSION=false
IS_COREOS=true
elif [[ "${{ matrix.fedora_version }}" -eq "39" ]]; then
IS_LATEST_VERSION=false
IS_STABLE_VERSION=true
IS_GTS_VERSION=true
IS_COREOS=false
elif [[ "${{ matrix.fedora_version }}" -eq "40" ]]; then
IS_LATEST_VERSION=true
IS_STABLE_VERSION=true
IS_GTS_VERSION=false
IS_COREOS=false
elif [[ "${{ matrix.fedora_version }}" -eq "41" ]]; then
IS_LATEST_VERSION=false
IS_STABLE_VERSION=false
IS_GTS_VERSION=false
IS_COREOS=false
fi

COMMIT_TAGS=()
Expand All @@ -137,22 +197,28 @@ jobs:
BUILD_TAGS=("${FEDORA_VERSION}" "${FEDORA_VERSION}-${TIMESTAMP}")

if [[ ${{ github.ref_name }} == "testing" ]]; then
BUILD_TAGS=("${FEDORA_VERSION}-testing" "${FEDORA_VERSION}-testing-${TIMESTAMP}")
if [[ "$IS_LATEST_VERSION" == "true" ]] && \
BUILD_TAGS=("${FEDORA_VERSION}-testing" "${FEDORA_VERSION}-testing-${TIMESTAMP}")
if [[ "$IS_LATEST_VERSION" == "true" ]] && \
[[ "$IS_STABLE_VERSION" == "true" ]]; then
BUILD_TAGS+=("testing")
echo "DEFAULT_TAG=testing" >> $GITHUB_ENV
elif [[ "$IS_GTS_VERSION" == "true" ]]; then
BUILD_TAGS+=("gts-testing")
echo "DEFAULT_TAG=gts-testing" >> $GITHUB_ENV
elif [[ "$IS_COREOS" == "true" ]]; then
echo "DEFAULT_TAG=stable-testing" >> $GITHUB_ENV
fi
else
if [[ "$IS_LATEST_VERSION" == "true" ]] && \
[[ "$IS_STABLE_VERSION" == "true" ]]; then
BUILD_TAGS+=("testing")
echo "DEFAULT_TAG=testing" >> $GITHUB_ENV
elif [[ "$IS_GTS_VERSION" == "true" ]]; then
BUILD_TAGS+=("gts-testing")
echo "DEFAULT_TAG=gts-testing" >> $GITHUB_ENV
fi
elif [[ "$IS_LATEST_VERSION" == "true" ]] && \
[[ "$IS_STABLE_VERSION" == "true" ]]; then
BUILD_TAGS+=("latest")
echo "DEFAULT_TAG=latest" >> $GITHUB_ENV
elif [[ "$IS_GTS_VERSION" == "true" ]]; then
BUILD_TAGS+=("gts")
echo "DEFAULT_TAG=gts" >> $GITHUB_ENV
BUILD_TAGS+=("latest")
echo "DEFAULT_TAG=latest" >> $GITHUB_ENV
elif [[ "$IS_GTS_VERSION" == "true" ]]; then
BUILD_TAGS+=("gts")
echo "DEFAULT_TAG=gts" >> $GITHUB_ENV
elif [[ "$IS_COREOS" == "true" ]]; then
echo "DEFAULT_TAG=stable" >> $GITHUB_ENV
fi
fi

if [[ "${{ github.event_name }}" == "pull_request" ]]; then
Expand All @@ -171,18 +237,6 @@ jobs:
done
echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT

- name: Get Current Fedora Version
id: labels
shell: bash
run: |
set -eo pipefail
ver=$(skopeo inspect docker://ghcr.io/ublue-os/silverblue-${{ matrix.image_flavor }}:${{ matrix.fedora_version }} | jq -r '.Labels["org.opencontainers.image.version"]')
if [ -z "$ver" ] || [ "null" = "$ver" ]; then
echo "inspected image version must not be empty or null"
exit 1
fi
echo "VERSION=$ver" >> $GITHUB_OUTPUT

# Build metadata
- name: Image Metadata
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5
Expand All @@ -193,13 +247,15 @@ jobs:
labels: |
org.opencontainers.image.title=${{ env.IMAGE_NAME }}
org.opencontainers.image.version=${{ steps.labels.outputs.VERSION }}
org.opencontainers.image.description=An interpretation of the Ubuntu spirit built on Fedora technology
org.opencontainers.image.description=An interpretation of the Ubuntu spirit built on Fedora technology
ostree.linux=${{ steps.labels.outputs.kernel_release }}
io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/bluefin/bluefin/README.md
io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4

# Build image using Buildah action
- name: Build Image
id: build_image
if: github.event_name == 'pull_request' && ( matrix.image_flavor == 'main' || matrix.image_flavor == 'nvidia' ) || github.event_name != 'pull_request'
uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2
with:
containerfiles: |
Expand All @@ -210,11 +266,13 @@ jobs:
build-args: |
BASE_IMAGE_NAME=${{ env.BASE_IMAGE_NAME }}
IMAGE_NAME=${{ env.IMAGE_NAME }}
IMAGE_FLAVOR=${{ matrix.image_flavor }}
IMAGE_FLAVOR=${{ env.image_flavor }}
IMAGE_VENDOR=${{ github.repository_owner }}
FEDORA_MAJOR_VERSION=${{ matrix.fedora_version }}
FEDORA_MAJOR_VERSION=${{ steps.labels.outputs.fedora_version }}
TARGET_BASE=${{ matrix.target_base }}
AKMODS_FLAVOR=${{ env.AKMODS_FLAVOR }}
COREOS_TYPE=${{ env.coreos_type }}
KERNEL=${{ steps.labels.outputs.kernel_release }}
labels: ${{ steps.meta.outputs.labels }}
oci: false
# TODO(GH-280)
Expand Down Expand Up @@ -285,7 +343,7 @@ jobs:
DIGEST: ${{ steps.push.outputs.digest }}
IMAGE_REGISTRY: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
IMAGE_NAME: ${{ env.IMAGE_NAME }}
IMAGE_FLAVOR: ${{ matrix.image_flavor }}
IMAGE_FLAVOR: ${{ env.image_flavor }}
FEDORA_VERSION: ${{ matrix.fedora_version }}
run:
echo "${IMAGE_REGISTRY}@${DIGEST}" > "${IMAGE_NAME}-${IMAGE_FLAVOR}-${FEDORA_VERSION}.txt"
Expand All @@ -294,11 +352,11 @@ jobs:
if: github.event_name != 'pull_request'
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4
with:
name: image-${{ env.IMAGE_NAME }}-${{ matrix.image_flavor }}-${{ matrix.fedora_version }}
name: image-${{ env.IMAGE_NAME }}-${{ env.image_flavor }}-${{ matrix.fedora_version }}
retention-days: 1
if-no-files-found: error
path: |
${{ env.IMAGE_NAME }}-${{ matrix.image_flavor }}-${{ matrix.fedora_version }}.txt
${{ env.IMAGE_NAME }}-${{ env.image_flavor }}-${{ matrix.fedora_version }}.txt

check:
name: Check all ${{ inputs.brand_name }} ${{ inputs.fedora_version }} builds successful
Expand Down Expand Up @@ -351,14 +409,14 @@ jobs:
fi
done

build_iso:
name: iso
needs: [check]
if: github.ref_name == 'testing' && inputs.fedora_version != '40'
# Eventually would be nice for building images in PRs
#if: ${{ endsWith(github.event.pull_request.title, '[ISO]') }}
uses: ./.github/workflows/reusable-build-iso.yml
secrets: inherit
with:
brand_name: ${{ inputs.brand_name }}
fedora_version: ${{ inputs.fedora_version }}
# build_iso:
# name: iso
# needs: [check]
# if: github.ref_name == 'testing' && inputs.fedora_version != '40'
# # Eventually would be nice for building images in PRs
# #if: ${{ endsWith(github.event.pull_request.title, '[ISO]') }}
# uses: ./.github/workflows/reusable-build-iso.yml
# secrets: inherit
# with:
# brand_name: ${{ inputs.brand_name }}
# fedora_version: ${{ inputs.fedora_version }}
Loading
Loading