From 15e174dcd2cc36052789e7cadbde828de80b68cb Mon Sep 17 00:00:00 2001
From: Robert Sturla <robertsturla@outlook.com>
Date: Mon, 22 Jul 2024 01:06:09 +0100
Subject: [PATCH] feature: create cosmic dekstop base image

---
 .editorconfig                                 |  9 +++
 .github/CODEOWNERS                            |  1 +
 .github/renovate.json5                        | 23 +++++++
 .github/workflows/build.yml                   | 62 +++++++++++++++++++
 .github/workflows/renovate.yml                | 23 +++++++
 desktop-environments/cosmic/Containerfile     | 20 ++++++
 .../etc/yum.repos.d/ryanabx-cosmic-epoch.repo | 10 +++
 .../systemd/system/greetd-workaround.service  | 21 +++++++
 8 files changed, 169 insertions(+)
 create mode 100644 .editorconfig
 create mode 100644 .github/CODEOWNERS
 create mode 100644 .github/renovate.json5
 create mode 100644 .github/workflows/build.yml
 create mode 100644 .github/workflows/renovate.yml
 create mode 100644 desktop-environments/cosmic/Containerfile
 create mode 100644 desktop-environments/cosmic/files/etc/yum.repos.d/ryanabx-cosmic-epoch.repo
 create mode 100644 desktop-environments/cosmic/files/usr/lib/systemd/system/greetd-workaround.service

diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000..79621be
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,9 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = space
+indent_size = 2
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..385eb4c
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @p5
diff --git a/.github/renovate.json5 b/.github/renovate.json5
new file mode 100644
index 0000000..679b255
--- /dev/null
+++ b/.github/renovate.json5
@@ -0,0 +1,23 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+
+  // Use the basic Renovate preset, and allow settings to be overridden
+  "extends": [
+    "config:best-practices"
+  ],
+
+  "packageRules": [
+    {
+      // Automatically update any GitHub Actions packages through minor and patch upgrades
+      "automerge": true,
+      "matchUpdateTypes": ["minor", "patch", "pin", "digest", "pinDigest"],
+      "matchManagers": [
+        "github-actions"
+      ]
+    }
+  ],
+
+  "dockerfile": {
+    "enabled": false
+  }
+}
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..4222f1d
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,62 @@
+name: Build Images
+
+on:
+  pull_request:
+    branches:
+      - main
+  push:
+    branches:
+      - main
+  schedule:
+    - cron: "0 */12 * * *"
+  workflow_dispatch:
+
+env:
+  IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        fedora-version: [40]
+        desktop-environment: [cosmic]
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+    env:
+      IMAGE_NAME: eternal-linux/base/${{ matrix.desktop-environment }}
+      FEDORA_VERSION: ${{ matrix.fedora-version }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Generate Image Tags
+        uses: rsturla/eternal-main/.github/actions/generate-image-tags
+        with:
+          image-name: ${{ env.IMAGE_REGISTRY}}/${{ env.IMAGE_NAME }}
+          major-version: ${{ env.FEDORA_VERSION }}
+          is-release: ${{ github.event_name != 'pull_request' }}
+
+      - name: Build Image
+        uses: rsturla/eternal-main/.github/actions/build-image
+        with:
+          builder: docker
+          context: ./desktop-environments/${{ matrix.desktop-environment }}
+          image-name: ${{ env.IMAGE_NAME }}
+          image-tag: |
+            ${{ steps.generate-image-tags.outputs.tags }}
+          build-args: |
+            FEDORA_VERSION=${{ env.FEDORA_VERSION }}
+
+      - name: Push Image
+        uses: rsturla/eternal-main/.github/actions/push-image
+        with:
+          builder: ${{ steps.build-image.outputs.builder }}
+          image-name: ${{ steps.build.outputs.image }}
+          image-tags: ${{ steps.build.outputs.tags }}
+          image-registry: ${{ env.IMAGE_REGISTRY }}
+          registry-username: ${{ github.actor }}
+          registry-password: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml
new file mode 100644
index 0000000..ea096d6
--- /dev/null
+++ b/.github/workflows/renovate.yml
@@ -0,0 +1,23 @@
+name: Renovate CI
+
+on:
+  pull_request:
+    paths:
+      - ".github/renovate.json5"
+      - ".github/workflows/renovate.yml"
+  push:
+    branches:
+      - main
+    paths:
+      - ".github/renovate.json5"
+      - ".github/workflows/renovate.yml"
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+
+      - name: Validate Renovate Configuration
+        uses: ./.github/actions/validate-renovate-config
diff --git a/desktop-environments/cosmic/Containerfile b/desktop-environments/cosmic/Containerfile
new file mode 100644
index 0000000..208489f
--- /dev/null
+++ b/desktop-environments/cosmic/Containerfile
@@ -0,0 +1,20 @@
+ARG FEDORA_VERSION=40
+ARG FEDORA_EDITION=base
+ARG FEDORA_IMAGE=quay.io/fedora-ostree-desktops/${FEDORA_EDITION}:${FEDORA_VERSION}
+
+FROM ${FEDORA_IMAGE}
+
+COPY files/ /
+
+RUN rpm-ostree install \
+  cosmic-desktop \
+  gnome-keyring
+
+RUN rm -f /etc/systemd/system/display-manager.service && \
+  ln -s /usr/lib/systemd/system/cosmic-greeter.service /etc/systemd/system/display-manager.service \
+  && \
+  systemctl enable greetd-workaround.service \
+  && \
+  rpm-ostree cleanup -m && \
+  rm -rf /tmp/* /var/* && \
+  ostree container commit
diff --git a/desktop-environments/cosmic/files/etc/yum.repos.d/ryanabx-cosmic-epoch.repo b/desktop-environments/cosmic/files/etc/yum.repos.d/ryanabx-cosmic-epoch.repo
new file mode 100644
index 0000000..0d654be
--- /dev/null
+++ b/desktop-environments/cosmic/files/etc/yum.repos.d/ryanabx-cosmic-epoch.repo
@@ -0,0 +1,10 @@
+[copr:copr.fedorainfracloud.org:ryanabx:cosmic-epoch]
+name=Copr repo for cosmic-epoch owned by ryanabx
+baseurl=https://download.copr.fedorainfracloud.org/results/ryanabx/cosmic-epoch/fedora-$releasever-$basearch/
+type=rpm-md
+skip_if_unavailable=True
+gpgcheck=1
+gpgkey=https://download.copr.fedorainfracloud.org/results/ryanabx/cosmic-epoch/pubkey.gpg
+repo_gpgcheck=0
+enabled=1
+enabled_metadata=1
diff --git a/desktop-environments/cosmic/files/usr/lib/systemd/system/greetd-workaround.service b/desktop-environments/cosmic/files/usr/lib/systemd/system/greetd-workaround.service
new file mode 100644
index 0000000..0eed5a4
--- /dev/null
+++ b/desktop-environments/cosmic/files/usr/lib/systemd/system/greetd-workaround.service
@@ -0,0 +1,21 @@
+[Unit]
+Description=Workaround for SELinux issues for greetd
+ConditionFileIsExecutable=/usr/bin/greetd
+After=local-fs.target
+
+[Service]
+Type=oneshot
+# Copy if it doesn't exist
+ExecStartPre=/usr/bin/mkdir -p /usr/local/bin/overrides
+ExecStartPre=/usr/bin/bash -c "[ -x /usr/local/bin/overrides/greetd ] || /usr/bin/cp /usr/bin/greetd /usr/local/bin/overrides/greetd"
+# This is faster than using .mount unit. Also allows for the previous line/cleanup
+ExecStartPre=/usr/bin/bash -c "/usr/bin/mount --bind /usr/local/bin/overrides/greetd /usr/bin/greetd"
+# Fix caps
+ExecStart=/usr/bin/bash -c "/usr/sbin/restorecon -rv /usr/bin/greetd"
+# Clean-up after ourselves
+ExecStop=/usr/bin/umount /usr/bin/greetd
+ExecStop=/usr/bin/rm /usr/local/bin/overrides/greetd
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target