diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json deleted file mode 100644 index af4dc4e3187..00000000000 --- a/.devcontainer/devcontainer.json +++ /dev/null @@ -1,34 +0,0 @@ -// For format details, see https://aka.ms/devcontainer.json. -{ - "name": "Bluefin-devcontainer", - "image": "mcr.microsoft.com/devcontainers/base:ubuntu", - "customizations": { - "vscode": { - "extensions": [ - "eamodio.gitlens", - "hangxingliu.vscode-systemd-support", - "mads-hartmann.bash-ide-vscode", - "ms-azuretools.vscode-docker", - "sclu1034.justfile", - "timonwong.shellcheck" - ] - } - }, - // Likely need to add "--userns=keep-id, --group-add=keep-groups" for podman support - "runArgs": ["--init"], - "remoteEnv": { "LOCAL_WORKSPACE_FOLDER": "${localWorkspaceFolder}" }, - "securityOpt": [ - "label=disable" - ], - "features": { - "ghcr.io/devcontainers/features/docker-outside-of-docker:1": {}, - "ghcr.io/guiyomh/features/just:0": {}, - "ghcr.io/lukewiwa/features/shellcheck:0": {}, - "ghcr.io/jsburckhardt/devcontainer-features/skopeo:1": {} - }, - "onCreateCommand": { - "bash-completions": "sudo apt-get install -y bash-completion; echo 'source /etc/profile.d/bash_completion.sh' | sudo tee -a /etc/bash.bashrc > /dev/null", - "just-completions": "just --completions bash | sudo tee -a /etc/bash_completion.d/just > /dev/null", - "docker-completions": "docker completion bash | sudo tee -a /etc/bash_completion.d/docker.sh > /dev/null" - } -} diff --git a/.github/ISSUE_TEMPLATE/bug-report.yml b/.github/ISSUE_TEMPLATE/bug-report.yml index d46ddad28d4..7a46307aacd 100644 --- a/.github/ISSUE_TEMPLATE/bug-report.yml +++ b/.github/ISSUE_TEMPLATE/bug-report.yml @@ -34,7 +34,7 @@ body: attributes: label: Output of `groups` description: Please run `groups` and paste the output here. - render: shell + render: shell - type: textarea id: extra-context attributes: diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml index 05fc5aacd29..c4b02ee4427 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -32,4 +32,3 @@ body: - Vauxite validations: required: true - diff --git a/.github/changelogs.py b/.github/changelogs.py new file mode 100644 index 00000000000..845602db31c --- /dev/null +++ b/.github/changelogs.py @@ -0,0 +1,463 @@ +from itertools import product +import subprocess +import json +import time +from typing import Any +import re +from collections import defaultdict + +REGISTRY = "docker://ghcr.io/ublue-os/" + +IMAGE_MATRIX_LATEST = { + "experience": ["base", "dx"], + "de": ["kde", "gnome"], + "image_flavor": ["main", "nvidia", "hwe", "hwe-nvidia"], +} +IMAGE_MATRIX_GTS = { + "experience": ["base", "dx"], + "de": ["gnome"], + "image_flavor": ["main", "nvidia"], +} +IMAGE_MATRIX = { + "experience": ["base", "dx"], + "de": ["kde", "gnome"], + "image_flavor": ["main", "nvidia"], +} + +RETRIES = 3 +RETRY_WAIT = 5 +FEDORA_PATTERN = re.compile(r"\.fc\d\d") +START_PATTERN = lambda target: re.compile(rf"{target}-[0-9]+") + +PATTERN_ADD = "\n| ✨ | {name} | | {version} |" +PATTERN_CHANGE = "\n| 🔄 | {name} | {prev} | {new} |" +PATTERN_REMOVE = "\n| ❌ | {name} | {version} | |" +PATTERN_PKGREL_CHANGED = "{prev} ➡️ {new}" +PATTERN_PKGREL = "{version}" +COMMON_PAT = "### All Images\n| | Name | Previous | New |\n| --- | --- | --- | --- |{changes}\n\n" +OTHER_NAMES = { + "base": "### Base Images\n| | Name | Previous | New |\n| --- | --- | --- | --- |{changes}\n\n", + "dx": "### [Dev Experience Images](https://docs.projectbluefin.io/bluefin-dx)\n| | Name | Previous | New |\n| --- | --- | --- | --- |{changes}\n\n", + "kde": "### [Aurora Images](https://getaurora.dev/)\n| | Name | Previous | New |\n| --- | --- | --- | --- |{changes}\n\n", + "gnome": "### [Bluefin Images](https://projectbluefin.io/)\n| | Name | Previous | New |\n| --- | --- | --- | --- |{changes}\n\n", + "nvidia": "### Nvidia Images\n| | Name | Previous | New |\n| --- | --- | --- | --- |{changes}\n\n", + "hwe": "### HWE Images\n| | Name | Previous | New |\n| --- | --- | --- | --- |{changes}\n\n", +} + +COMMITS_FORMAT = "### Commits\n| Hash | Subject |\n| --- | --- |{commits}\n\n" +COMMIT_FORMAT = "\n| **[{short}](https://github.com/ublue-os/bluefin/commit/{githash})** | {subject} |" + +CHANGELOG_TITLE = "{tag}: {pretty}" +CHANGELOG_FORMAT = """\ +{handwritten} + +From previous `{target}` version `{prev}` there have been the following changes. **One package per new version shown.** + +### Major packages +| Name | Version | +| --- | --- | +| **Kernel** | {pkgrel:kernel} | +| **Gnome** | {pkgrel:gnome-control-center-filesystem} | +| **KDE** | {pkgrel:plasma-desktop} | +| **Mesa** | {pkgrel:mesa-filesystem} | +| **Podman** | {pkgrel:podman} | + +### Major DX packages +| Name | Version | +| --- | --- | +| **Incus** | {pkgrel:incus} | +| **Docker** | {pkgrel:docker-ce} | +| **Devpod** | {pkgrel:devpod} | + +{changes} + +### How to rebase +For current users, type the following to rebase to this version: +#### For this branch (if latest): +##### Bluefin +```bash +sudo bootc switch ghcr.io/ublue-os/bluefin:{target} --enforce-container-sigpolicy +``` +##### Aurora +```bash +sudo bootc switch ghcr.io/ublue-os/aurora:{target} --enforce-container-sigpolicy +``` +#### For this specific image: +##### Bluefin +```bash +sudo bootc switch ghcr.io/ublue-os/bluefin:{curr} --enforce-container-sigpolicy +``` +##### Aurora +```bash +sudo bootc switch ghcr.io/ublue-os/aurora:{curr} --enforce-container-sigpolicy +``` + +### Documentation +Be sure to read the [documentation](https://docs.projectbluefin.io/) for more information +on how to use your cloud native system. +""" +HANDWRITTEN_PLACEHOLDER = """\ +This is an automatically generated changelog for release `{curr}`.""" + +BLACKLIST_VERSIONS = [ + "kernel", + "gnome-control-center-filesystem", + "plasma-desktop", + "mesa-filesystem", + "podman", + "docker-ce", + "incus", + "devpod" +] + + +def get_images(target: str): + if target == "latest": + matrix = IMAGE_MATRIX_LATEST + elif target == "gts": + matrix = IMAGE_MATRIX_GTS + else: + matrix = IMAGE_MATRIX + + for experience, de, image_flavor in product(*matrix.values()): + img = "" + if de == "gnome": + img += "bluefin" + elif de == "kde": + img += "aurora" + + if experience == "dx": + img += "-dx" + + if image_flavor != "main": + img += "-" + img += image_flavor + + yield img, experience, de, image_flavor + + +def get_manifests(target: str): + out = {} + imgs = list(get_images(target)) + for j, (img, _, _, _) in enumerate(imgs): + output = None + print(f"Getting {img}:{target} manifest ({j+1}/{len(imgs)}).") + for i in range(RETRIES): + try: + output = subprocess.run( + ["skopeo", "inspect", REGISTRY + img + ":" + target], + check=True, + stdout=subprocess.PIPE, + ).stdout + break + except subprocess.CalledProcessError: + print( + f"Failed to get {img}:{target}, retrying in {RETRY_WAIT} seconds ({i+1}/{RETRIES})" + ) + time.sleep(RETRY_WAIT) + if output is None: + print(f"Failed to get {img}:{target}, skipping") + continue + out[img] = json.loads(output) + return out + + +def get_tags(target: str, manifests: dict[str, Any]): + tags = set() + + for manifest in manifests.values(): + for tag in manifest["RepoTags"]: + # Tags ending with .0 should not exist + if tag.endswith(".0"): + continue + if re.match(START_PATTERN(target), tag): + tags.add(tag) + + tags = list(sorted(tags)) + if not len(tags) > 2: + print("No current and previous tags found") + exit(1) + return tags[-2], tags[-1] + + +def get_packages(manifests: dict[str, Any]): + packages = {} + for img, manifest in manifests.items(): + try: + packages[img] = json.loads(manifest["Labels"]["dev.hhd.rechunk.info"])[ + "packages" + ] + except Exception as e: + print(f"Failed to get packages for {img}:\n{e}") + return packages + + +def get_package_groups(target: str, prev: dict[str, Any], manifests: dict[str, Any]): + common = set() + others = {k: set() for k in OTHER_NAMES.keys()} + + npkg = get_packages(manifests) + ppkg = get_packages(prev) + + keys = set(npkg.keys()) | set(ppkg.keys()) + pkg = defaultdict(set) + for k in keys: + pkg[k] = set(npkg.get(k, {})) | set(ppkg.get(k, {})) + + # Find common packages + first = True + for img, experience, de, image_flavor in get_images(target): + if img not in pkg: + continue + + if first: + for p in pkg[img]: + common.add(p) + else: + for c in common.copy(): + if c not in pkg[img]: + common.remove(c) + + first = False + + # Find other packages + for t, other in others.items(): + print(t) + first = True + for img, experience, de, image_flavor in get_images(target): + if img not in pkg: + continue + + if t == "hwe" and "hwe" not in image_flavor: + continue + if t == "nvidia" and "nvidia" not in image_flavor: + continue + if t == "kde" and de != "kde": + continue + if t == "gnome" and de != "gnome": + continue + if t == "base" and experience != "base": + continue + if t == "dx" and experience != "dx": + continue + + if first: + for p in pkg[img]: + if p not in common: + other.add(p) + else: + for c in other.copy(): + if c not in pkg[img]: + other.remove(c) + + first = False + + return sorted(common), {k: sorted(v) for k, v in others.items()} + + +def get_versions(manifests: dict[str, Any]): + versions = {} + pkgs = get_packages(manifests) + for img_pkgs in pkgs.values(): + for pkg, v in img_pkgs.items(): + versions[pkg] = re.sub(FEDORA_PATTERN, "", v) + return versions + + +def calculate_changes(pkgs: list[str], prev: dict[str, str], curr: dict[str, str]): + added = [] + changed = [] + removed = [] + + blacklist_ver = set([curr.get(v, None) for v in BLACKLIST_VERSIONS]) + + for pkg in pkgs: + # Clearup changelog by removing mentioned packages + if pkg in BLACKLIST_VERSIONS: + continue + if pkg in curr and curr.get(pkg, None) in blacklist_ver: + continue + if pkg in prev and prev.get(pkg, None) in blacklist_ver: + continue + + if pkg not in prev: + added.append(pkg) + elif pkg not in curr: + removed.append(pkg) + elif prev[pkg] != curr[pkg]: + changed.append(pkg) + + blacklist_ver.add(curr.get(pkg, None)) + blacklist_ver.add(prev.get(pkg, None)) + + out = "" + for pkg in added: + out += PATTERN_ADD.format(name=pkg, version=curr[pkg]) + for pkg in changed: + out += PATTERN_CHANGE.format(name=pkg, prev=prev[pkg], new=curr[pkg]) + for pkg in removed: + out += PATTERN_REMOVE.format(name=pkg, version=prev[pkg]) + return out + + +def get_commits(prev_manifests, manifests, workdir: str): + try: + start = next(iter(prev_manifests.values()))["Labels"][ + "org.opencontainers.image.revision" + ] + finish = next(iter(manifests.values()))["Labels"][ + "org.opencontainers.image.revision" + ] + + commits = subprocess.run( + [ + "git", + "-C", + workdir, + "log", + "--pretty=format:%H %h %s", + f"{start}..{finish}", + ], + check=True, + stdout=subprocess.PIPE, + ).stdout.decode("utf-8") + + out = "" + for commit in commits.split("\n"): + if not commit: + continue + githash, short, subject = commit.split(" ", 2) + + if subject.lower().startswith("merge"): + continue + + out += ( + COMMIT_FORMAT.replace("{short}", short) + .replace("{subject}", subject) + .replace("{githash}", githash) + ) + + if out: + return COMMITS_FORMAT.format(commits=out) + return "" + except Exception as e: + print(f"Failed to get commits:\n{e}") + return "" + + +def generate_changelog( + handwritten: str | None, + target: str, + pretty: str | None, + workdir: str, + prev_manifests, + manifests, +): + common, others = get_package_groups(target, prev_manifests, manifests) + versions = get_versions(manifests) + prev_versions = get_versions(prev_manifests) + + prev, curr = get_tags(target, manifests) + + if not pretty: + # Generate pretty version since we dont have it + try: + finish: str = next(iter(manifests.values()))["Labels"][ + "org.opencontainers.image.revision" + ] + except Exception as e: + print(f"Failed to get finish hash:\n{e}") + finish = "" + + # Remove .0 from curr + curr_pretty = re.sub(r"\.\d{1,2}$", "", curr) + # Remove target- from curr + curr_pretty = re.sub(rf"^[a-z]+-", "", curr_pretty) + pretty = target.capitalize() + " (F" + curr_pretty + if finish and target != "stable": + pretty += ", #" + finish[:7] + pretty += ")" + + title = CHANGELOG_TITLE.format_map(defaultdict(str, tag=curr, pretty=pretty)) + + changelog = CHANGELOG_FORMAT + + changelog = ( + changelog.replace("{handwritten}", handwritten if handwritten else HANDWRITTEN_PLACEHOLDER) + .replace("{target}", target) + .replace("{prev}", prev) + .replace("{curr}", curr) + ) + + for pkg, v in versions.items(): + if pkg not in prev_versions or prev_versions[pkg] == v: + changelog = changelog.replace( + "{pkgrel:" + pkg + "}", PATTERN_PKGREL.format(version=v) + ) + else: + changelog = changelog.replace( + "{pkgrel:" + pkg + "}", + PATTERN_PKGREL_CHANGED.format(prev=prev_versions[pkg], new=v), + ) + + changes = "" + changes += get_commits(prev_manifests, manifests, workdir) + common = calculate_changes(common, prev_versions, versions) + if common: + changes += COMMON_PAT.format(changes=common) + for k, v in others.items(): + chg = calculate_changes(v, prev_versions, versions) + if chg: + changes += OTHER_NAMES[k].format(changes=chg) + + changelog = changelog.replace("{changes}", changes) + + return title, changelog + + +def main(): + import argparse + + parser = argparse.ArgumentParser() + parser.add_argument("target", help="Target tag") + parser.add_argument("output", help="Output environment file") + parser.add_argument("changelog", help="Output changelog file") + parser.add_argument("--pretty", help="Subject for the changelog") + parser.add_argument("--workdir", help="Git directory for commits") + parser.add_argument("--handwritten", help="Handwritten changelog") + args = parser.parse_args() + + # Remove refs/tags, refs/heads, refs/remotes e.g. + # Tags cannot include / anyway. + target = args.target.split('/')[-1] + + if target == "main": + target = "stable" + + manifests = get_manifests(target) + prev, curr = get_tags(target, manifests) + print(f"Previous tag: {prev}") + print(f" Current tag: {curr}") + + prev_manifests = get_manifests(prev) + title, changelog = generate_changelog( + args.handwritten, + target, + args.pretty, + args.workdir, + prev_manifests, + manifests, + ) + + print(f"Changelog:\n# {title}\n{changelog}") + print(f"\nOutput:\nTITLE=\"{title}\"\nTAG={curr}") + + with open(args.changelog, "w") as f: + f.write(changelog) + + with open(args.output, "w") as f: + f.write(f'TITLE="{title}"\nTAG={curr}\n') + + +if __name__ == "__main__": + main() diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 6b668f9ef62..17baa6d61ba 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -12,4 +12,4 @@ updates: - package-ecosystem: "devcontainers" directory: "/" schedule: - interval: weekly \ No newline at end of file + interval: weekly diff --git a/.github/workflows/build-aurora-latest-iso.yml b/.github/workflows/build-aurora-latest-iso.yml deleted file mode 100644 index f3309c45188..00000000000 --- a/.github/workflows/build-aurora-latest-iso.yml +++ /dev/null @@ -1,13 +0,0 @@ -name: Aurora Latest ISO -on: - workflow_dispatch: - schedule: - - cron: '0 4 * * sun' # 04:00 Sunday -jobs: - build-40: - name: Aurora Latest ISO - uses: ./.github/workflows/reusable-build-iso.yml - secrets: inherit - with: - brand_name: aurora - fedora_version: latest diff --git a/.github/workflows/build-aurora-stable-iso.yml b/.github/workflows/build-aurora-stable-iso.yml deleted file mode 100644 index 628cae6c644..00000000000 --- a/.github/workflows/build-aurora-stable-iso.yml +++ /dev/null @@ -1,12 +0,0 @@ -name: Aurora Stable ISO -on: - workflow_dispatch: - -jobs: - build: - name: Aurora Stable - uses: ./.github/workflows/reusable-build-iso.yml - secrets: inherit - with: - brand_name: aurora - fedora_version: stable \ No newline at end of file diff --git a/.github/workflows/build-beta-aurora.yml b/.github/workflows/build-beta-aurora.yml deleted file mode 100644 index 6c90214bc2e..00000000000 --- a/.github/workflows/build-beta-aurora.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Aurora Beta -on: - merge_group: - pull_request: - branches: - - main - - testing - paths-ignore: - - "**.md" - - "system_files/silverblue/**" - push: - branches: - - main - paths-ignore: - - "**.md" - - "system_files/silverblue/**" - schedule: - - cron: "40 4 * * *" # 4:40 UTC everyday - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: aurora - fedora_version: beta - rechunk: true - diff --git a/.github/workflows/build-beta-bluefin.yml b/.github/workflows/build-beta-bluefin.yml deleted file mode 100644 index 495750c97ee..00000000000 --- a/.github/workflows/build-beta-bluefin.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Bluefin Beta -on: - merge_group: - pull_request: - branches: - - main - - testing - paths-ignore: - - "**.md" - - "system_files/silverblue/**" - push: - branches: - - main - paths-ignore: - - "**.md" - - "system_files/silverblue/**" - schedule: - - cron: "40 4 * * *" # 4:40 UTC everyday - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: bluefin - fedora_version: beta - rechunk: true - diff --git a/.github/workflows/build-bluefin-gts-iso.yml b/.github/workflows/build-bluefin-gts-iso.yml deleted file mode 100644 index 62f4478bfec..00000000000 --- a/.github/workflows/build-bluefin-gts-iso.yml +++ /dev/null @@ -1,14 +0,0 @@ -name: Bluefin GTS ISO -on: - workflow_dispatch: - # schedule: - # - cron: '0 2 * * sun' # 02:00 Sunday - -jobs: - build-gts: - name: Bluefin GTS - uses: ./.github/workflows/reusable-build-iso.yml - secrets: inherit - with: - brand_name: bluefin - fedora_version: gts diff --git a/.github/workflows/build-bluefin-latest-iso.yml b/.github/workflows/build-bluefin-latest-iso.yml deleted file mode 100644 index 03c87b390f7..00000000000 --- a/.github/workflows/build-bluefin-latest-iso.yml +++ /dev/null @@ -1,15 +0,0 @@ -name: Bluefin Latest ISO -on: - workflow_dispatch: - schedule: - - cron: '0 4 * * sun' # 04:00 Sunday - - -jobs: - build-latest: - name: Bluefin Latest - uses: ./.github/workflows/reusable-build-iso.yml - secrets: inherit - with: - brand_name: bluefin - fedora_version: latest diff --git a/.github/workflows/build-bluefin-stable-iso.yml b/.github/workflows/build-bluefin-stable-iso.yml deleted file mode 100644 index 5de9f605e24..00000000000 --- a/.github/workflows/build-bluefin-stable-iso.yml +++ /dev/null @@ -1,15 +0,0 @@ -name: Bluefin Stable ISO -on: - workflow_dispatch: - # schedule: - # - cron: '41 6 * * 2' # 6:41 UTC every Tuesday - - -jobs: - build-latest: - name: Bluefin Stable - uses: ./.github/workflows/reusable-build-iso.yml - secrets: inherit - with: - brand_name: bluefin - fedora_version: stable \ No newline at end of file diff --git a/.github/workflows/build-coreos-aurora-daily.yml b/.github/workflows/build-coreos-aurora-daily.yml deleted file mode 100644 index b02939db44e..00000000000 --- a/.github/workflows/build-coreos-aurora-daily.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: Aurora Stable Daily -on: - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: aurora - fedora_version: stable - rechunk: true - build_stable_daily: true - build_stable_weekly: false - diff --git a/.github/workflows/build-coreos-aurora-weekly.yml b/.github/workflows/build-coreos-aurora-weekly.yml deleted file mode 100644 index 3611c0afaaf..00000000000 --- a/.github/workflows/build-coreos-aurora-weekly.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: Aurora Stable Weekly -on: - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: aurora - fedora_version: stable - rechunk: true - build_stable_daily: false - build_stable_weekly: true - diff --git a/.github/workflows/build-coreos-aurora.yml b/.github/workflows/build-coreos-aurora.yml deleted file mode 100644 index 4531ad2d54a..00000000000 --- a/.github/workflows/build-coreos-aurora.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: Aurora Stable -on: - pull_request: - branches: - - main - - testing - paths-ignore: - - '**.md' - - 'system_files/silverblue/**' - schedule: - - cron: '45 5 * * *' # 5:41 UTC everyday - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: aurora - fedora_version: stable - rechunk: true - weekly_tag_day: Sunday - diff --git a/.github/workflows/build-coreos-bluefin-daily.yml b/.github/workflows/build-coreos-bluefin-daily.yml deleted file mode 100644 index d79e5c20499..00000000000 --- a/.github/workflows/build-coreos-bluefin-daily.yml +++ /dev/null @@ -1,17 +0,0 @@ -name: Bluefin Stable Daily -on: - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: bluefin - fedora_version: stable - rechunk: true - build_stable_daily: true - build_stable_weekly: false - - diff --git a/.github/workflows/build-coreos-bluefin-weekly.yml b/.github/workflows/build-coreos-bluefin-weekly.yml deleted file mode 100644 index 57def2f05b1..00000000000 --- a/.github/workflows/build-coreos-bluefin-weekly.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: Bluefin Stable Weekly -on: - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: bluefin - fedora_version: stable - rechunk: true - build_stable_daily: false - build_stable_weekly: true - diff --git a/.github/workflows/build-coreos-bluefin.yml b/.github/workflows/build-coreos-bluefin.yml deleted file mode 100644 index 3a0aaba4859..00000000000 --- a/.github/workflows/build-coreos-bluefin.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: Bluefin Stable -on: - pull_request: - branches: - - main - - testing - paths-ignore: - - '**.md' - - 'system_files/kinoite/**' - schedule: - - cron: '45 5 * * *' # 5:41 UTC everyday - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: bluefin - fedora_version: stable - rechunk: true - weekly_tag_day: Sunday - diff --git a/.github/workflows/build-gts-bluefin.yml b/.github/workflows/build-gts-bluefin.yml deleted file mode 100644 index 75773b97bbc..00000000000 --- a/.github/workflows/build-gts-bluefin.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Bluefin GTS -on: - pull_request: - branches: - - main - - testing - paths-ignore: - - '**.md' - - 'system_files/kinoite/**' - schedule: - - cron: '41 5 * * 0' # 5:41 UTC Weekly on Sundays - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: bluefin - fedora_version: gts - rechunk: true - diff --git a/.github/workflows/build-image-beta.yml b/.github/workflows/build-image-beta.yml new file mode 100644 index 00000000000..781c0030fc9 --- /dev/null +++ b/.github/workflows/build-image-beta.yml @@ -0,0 +1,50 @@ +name: Beta Images +on: + merge_group: + pull_request: + branches: + - main + - testing + paths-ignore: + - "**.md" + push: + branches: + - main + paths-ignore: + - "**.md" + schedule: + - cron: "40 4 * * 1,2,3,4,5,6" # 4:40 UTC All But Sunday + - cron: "40 4 * * 0" # 4:40 UTC Sunday + workflow_call: + workflow_dispatch: + inputs: + brand_name: + description: "Image Brand to Build" + default: '["bluefin"]' + type: choice + options: + - '["bluefin"]' + - '["aurora"]' + - '["bluefin", "aurora"]' + +jobs: + build-image-beta: + name: Build Beta Images + uses: ./.github/workflows/reusable-build.yml + secrets: inherit + strategy: + fail-fast: false + matrix: + brand_name: ${{ fromJson(inputs.brand_name || '["bluefin", "aurora"]') }} + with: + brand_name: ${{ matrix.brand_name }} + stream_name: beta + + generate-release: + name: Generate Release + needs: [build-image-beta] + if: github.event_name == 'workflow_dispatch' || github.event_name == 'workflow_call' || github.event_name.scheduled == '40 4 * * 0' + secrets: inherit + uses: ./.github/workflows/generate-release.yml + with: + stream_name: '["beta"]' diff --git a/.github/workflows/build-image-gts.yml b/.github/workflows/build-image-gts.yml new file mode 100644 index 00000000000..fecad3d02c6 --- /dev/null +++ b/.github/workflows/build-image-gts.yml @@ -0,0 +1,41 @@ +name: GTS Images +on: + pull_request: + branches: + - main + - testing + paths-ignore: + - "**.md" + schedule: + - cron: "41 5 * * 0" # 5:41 UTC Weekly on Sundays + workflow_dispatch: + workflow_call: + +jobs: + build-image-gts: + name: Build GTS Images + uses: ./.github/workflows/reusable-build.yml + secrets: inherit + strategy: + fail-fast: false + matrix: + brand_name: [bluefin] + with: + brand_name: ${{ matrix.brand_name }} + stream_name: gts + + generate_release: + name: Generate Release + needs: [build-image-gts] + if: github.event_name == 'scheduled' || github.event_name == 'workflow_dispatch' || github.event_name == 'workflow_call' + secrets: inherit + uses: ./.github/workflows/generate-release.yml + with: + stream_name: '["gts"]' + + build-iso-gts: + name: Build GTS ISOs + needs: [build-image-gts] + if: github.event_name == 'scheduled' + secrets: inherit + uses: ./.github/workflows/build-iso-gts.yml diff --git a/.github/workflows/build-image-latest.yml b/.github/workflows/build-image-latest.yml new file mode 100644 index 00000000000..0b405b721c2 --- /dev/null +++ b/.github/workflows/build-image-latest.yml @@ -0,0 +1,58 @@ +name: Latest Images +on: + merge_group: + pull_request: + branches: + - main + - testing + paths-ignore: + - "**.md" + push: + branches: + - main + paths-ignore: + - "**.md" + schedule: + - cron: "40 4 * * 1,2,3,4,5,6" # 4:40 UTC All But Sunday + - cron: "40 4 * * 0" # 4:40 UTC Sunday + workflow_call: + workflow_dispatch: + inputs: + brand_name: + description: "Image Brand to Build" + default: '["bluefin"]' + type: choice + options: + - '["bluefin"]' + - '["aurora"]' + - '["bluefin", "aurora"]' + +jobs: + build-image-latest: + name: Build Latest Images + uses: ./.github/workflows/reusable-build.yml + secrets: inherit + strategy: + fail-fast: false + matrix: + brand_name: ${{ fromJson(inputs.brand_name || '["bluefin", "aurora"]') }} + with: + image_flavors: '["main", "nvidia", "hwe", "hwe-nvidia"]' + brand_name: ${{ matrix.brand_name }} + stream_name: latest + + generate-release: + name: Generate Release + needs: [build-image-latest] + if: github.event_name == 'workflow_dispatch' || github.event_name == 'workflow_call' || github.event_name.scheduled == '40 4 * * 0' + secrets: inherit + uses: ./.github/workflows/generate-release.yml + with: + stream_name: '["latest"]' + + build-iso-latest: + name: Build Stable ISOs + needs: [build-image-latest] + if: github.event_name.scheduled == '40 4 * * 0' + secrets: inherit + uses: ./.github/workflows/build-iso-latest.yml diff --git a/.github/workflows/build-image-stable.yml b/.github/workflows/build-image-stable.yml new file mode 100644 index 00000000000..1cc1855e7e8 --- /dev/null +++ b/.github/workflows/build-image-stable.yml @@ -0,0 +1,51 @@ +name: Stable Images +on: + pull_request: + branches: + - main + - testing + paths-ignore: + - "**.md" + schedule: + - cron: "45 5 * * 1,2,3,4,5,6" # 5:41 UTC everyday + - cron: "45 5 * * 0" # 5:41 UTC sunday + workflow_call: + workflow_dispatch: + inputs: + brand_name: + description: "Image Brand to Build" + default: '["bluefin"]' + type: choice + options: + - '["bluefin"]' + - '["aurora"]' + - '["bluefin", "aurora"]' + +jobs: + build-image-stable: + name: Build Stable Images + uses: ./.github/workflows/reusable-build.yml + secrets: inherit + strategy: + fail-fast: false + matrix: + brand_name: ${{ fromJson(inputs.brand_name || '["bluefin", "aurora"]') }} + with: + brand_name: ${{ matrix.brand_name }} + stream_name: stable + + generate-release: + name: Generate Release + needs: [build-image-stable] + if: github.event_name == 'workflow_dispatch' || github.event_name == 'workflow_call' || github.event_name.scheduled == '45 5 * * 0' + secrets: inherit + uses: ./.github/workflows/generate-release.yml + with: + stream_name: '["stable"]' + + build-iso-stable: + name: Build Stable ISOs + needs: [build-image-stable] + if: github.event_name.scheduled == '45 5 * * 0' + secrets: inherit + uses: ./.github/workflows/build-iso-stable.yml diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml new file mode 100644 index 00000000000..5009707bde3 --- /dev/null +++ b/.github/workflows/build-images.yml @@ -0,0 +1,22 @@ +name: Build All Images +on: + workflow_dispatch: + +permissions: + contents: read + packages: write + id-token: write + +jobs: + build-image-gts: + uses: ./.github/workflows/build-image-gts.yml + secrets: inherit + build-image-stable: + uses: ./.github/workflows/build-image-stable.yml + secrets: inherit + build-image-latest: + uses: ./.github/workflows/build-image-latest.yml + secrets: inherit + build-image-beta: + uses: ./.github/workflows/build-image-beta.yml + secrets: inherit diff --git a/.github/workflows/build-iso-gts.yml b/.github/workflows/build-iso-gts.yml new file mode 100644 index 00000000000..6c12b0aa3dd --- /dev/null +++ b/.github/workflows/build-iso-gts.yml @@ -0,0 +1,17 @@ +name: GTS ISO +on: + workflow_dispatch: + workflow_call: + +jobs: + build-iso-gts: + name: Build GTS ISOs + uses: ./.github/workflows/reusable-build-iso.yml + secrets: inherit + strategy: + fail-fast: false + matrix: + brand_name: [bluefin] + with: + brand_name: ${{ matrix.brand_name }} + stream_name: gts diff --git a/.github/workflows/build-iso-latest.yml b/.github/workflows/build-iso-latest.yml new file mode 100644 index 00000000000..a7829198966 --- /dev/null +++ b/.github/workflows/build-iso-latest.yml @@ -0,0 +1,27 @@ +name: Latest ISO +on: + workflow_call: + workflow_dispatch: + inputs: + brand_name: + description: "Image Brand to Build" + default: '["bluefin"]' + type: choice + options: + - '["bluefin"]' + - '["aurora"]' + - '["bluefin", "aurora"]' + +jobs: + build-iso-latest: + name: Build Latest ISOs + uses: ./.github/workflows/reusable-build-iso.yml + secrets: inherit + strategy: + fail-fast: false + matrix: + brand_name: ${{ fromJson(inputs.brand_name || '["bluefin", "aurora"]') }} + with: + image_flavors: '["main", "nvidia", "hwe", "hwe-nvidia"]' + brand_name: ${{ matrix.brand_name }} + stream_name: latest diff --git a/.github/workflows/build-iso-stable.yml b/.github/workflows/build-iso-stable.yml new file mode 100644 index 00000000000..e7a09e30d48 --- /dev/null +++ b/.github/workflows/build-iso-stable.yml @@ -0,0 +1,26 @@ +name: Stable ISO +on: + workflow_call: + workflow_dispatch: + inputs: + brand_name: + description: "Image Brand to Build" + default: '["bluefin"]' + type: choice + options: + - '["bluefin"]' + - '["aurora"]' + - '["bluefin", "aurora"]' + +jobs: + build-iso-stable: + name: Build Stable ISOs + uses: ./.github/workflows/reusable-build-iso.yml + secrets: inherit + strategy: + fail-fast: false + matrix: + brand_name: ${{ fromJson(inputs.brand_name || '["bluefin", "aurora"]') }} + with: + brand_name: ${{ matrix.brand_name }} + stream_name: stable diff --git a/.github/workflows/build-isos.yml b/.github/workflows/build-isos.yml new file mode 100644 index 00000000000..1819fc8017a --- /dev/null +++ b/.github/workflows/build-isos.yml @@ -0,0 +1,19 @@ +name: Build All ISOs +on: + workflow_dispatch: + +permissions: + contents: read + packages: write + id-token: write + +jobs: + build-iso-gts: + uses: ./.github/workflows/build-iso-gts.yml + secrets: inherit + build-iso-stable: + uses: ./.github/workflows/build-iso-stable.yml + secrets: inherit + build-iso-latest: + uses: ./.github/workflows/build-iso-latest.yml + secrets: inherit diff --git a/.github/workflows/build-latest-aurora.yml b/.github/workflows/build-latest-aurora.yml deleted file mode 100644 index 4df95903220..00000000000 --- a/.github/workflows/build-latest-aurora.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: Aurora Latest -on: - merge_group: - pull_request: - branches: - - main - - testing - paths-ignore: - - '**.md' - push: - branches: - - main - paths-ignore: - - '**.md' - schedule: - - cron: '40 4 * * *' # 4:40 UTC everyday - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: aurora - fedora_version: latest - rechunk: true diff --git a/.github/workflows/build-latest-bluefin.yml b/.github/workflows/build-latest-bluefin.yml deleted file mode 100644 index f7c26d09ab8..00000000000 --- a/.github/workflows/build-latest-bluefin.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: Bluefin Latest -on: - merge_group: - pull_request: - branches: - - main - - testing - paths-ignore: - - '**.md' - push: - branches: - - main - paths-ignore: - - '**.md' - schedule: - - cron: '40 4 * * *' # 4:40 UTC everyday - workflow_dispatch: - -jobs: - build: - name: build - uses: ./.github/workflows/reusable-build.yml - secrets: inherit - with: - brand_name: bluefin - fedora_version: latest - rechunk: true diff --git a/.github/workflows/generate-release.yml b/.github/workflows/generate-release.yml new file mode 100644 index 00000000000..eca774709b8 --- /dev/null +++ b/.github/workflows/generate-release.yml @@ -0,0 +1,75 @@ +on: + workflow_call: + inputs: + make_latest: + description: "Make latest for Release" + type: boolean + default: false + stream_name: + description: "Release Tag (e.g. gts, stable)" + type: string + required: true + workflow_dispatch: + inputs: + handwritten: + description: "Small Changelog about changes in this build" + make_latest: + description: "Make latest for Release" + type: choice + default: "false" + options: + - "false" + - "true" + stream_name: + description: "Release Tag (e.g. gts, stable)" + required: true + type: choice + options: + - '["gts"]' + - '["stable"]' + - '["latest"]' + - '["beta"]' + - '["gts", "stable"]' + - '["gts", "stable", "latest", "beta"]' + +permissions: + contents: write + +name: Generate Release +jobs: + generate-release: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + version: ${{ fromJson( inputs.stream_name ) }} + + steps: + - name: Checkout lass 500 commits (fot to work) + uses: actions/checkout@v4 + with: + fetch-depth: 500 + + - name: Generate Release Text + id: generate-release-text + shell: bash + run: | + python3 ./.github/changelog.py \ + "${{ matrix.version }}" \ + ./output.env \ + ./changelog.md \ + --workdir . \ + --handwritten "${{ github.event.inputs.handwritten }}" + + source ./output.env + echo "title=${TITLE}" >> $GITHUB_OUTPUT + echo "tag=${TAG}" >> $GITHUB_OUTPUT + + - name: Create Release + uses: softprops/action-gh-release@v2 + with: + name: ${{ steps.generate-release-text.outputs.title }} + tag_name: ${{ steps.generate-release-text.outputs.tag }} + body_path: ./changelog.md + make_latest: ${{ inputs.make_latest == true && matrix.version == 'stable' || false }} + prerelease: ${{ inputs.make_latest != false }} diff --git a/.github/workflows/reusable-build-iso.yml b/.github/workflows/reusable-build-iso.yml index 0ab045118e2..8f89f1ab22f 100644 --- a/.github/workflows/reusable-build-iso.yml +++ b/.github/workflows/reusable-build-iso.yml @@ -2,17 +2,21 @@ name: Reusable ISO on: workflow_call: inputs: + image_flavors: + description: "JSON string of flavors to build, '[main, nvidia, hwe, hwe-nvidia]'" + default: "['main', 'nvidia']" + type: string brand_name: - description: "'aurora' or 'bluefin'" + description: "The Brand Name: bluefin or aurora" required: true type: string - fedora_version: - description: "The Fedora release version: 38, 39, 40, etc" + stream_name: + description: "The Fedora Version: gts, stable, or latest" required: true type: string concurrency: - group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-iso + group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-${{ inputs.brand_name}}-${{ inputs.stream_name }}-iso cancel-in-progress: true jobs: @@ -25,31 +29,9 @@ jobs: strategy: fail-fast: false matrix: - image_flavor: - - main - - nvidia - - asus - - asus-nvidia - - surface - - surface-nvidia - base_name: - - ${{ inputs.brand_name }} - - ${{ inputs.brand_name }}-dx - fedora_version: - - ${{ inputs.fedora_version }} - exclude: - - fedora_version: gts - image_flavor: asus - - fedora_version: gts - image_flavor: asus-nvidia - - fedora_version: stable - image_flavor: asus - - fedora_version: stable - image_flavor: asus-nvidia - - fedora_version: stable - image_flavor: surface - - fedora_version: stable - image_flavor: surface-nvidia + image_flavor: ${{ fromJson(inputs.image_flavors) }} + base_name: ["${{ inputs.brand_name }}", "${{ inputs.brand_name }}-dx"] + stream_name: ["${{ inputs.stream_name }}"] steps: - name: Free Disk Space (Ubuntu) @@ -65,9 +47,9 @@ jobs: else echo "IMAGE_NAME=${{ format('{0}-{1}', matrix.base_name, matrix.image_flavor) }}" >> $GITHUB_ENV fi - if [[ ${{ inputs.brand_name }} == "bluefin" ]]; then + if [[ ${{ matrix.base_name }} =~ bluefin ]]; then echo "VARIANT=Silverblue" >> $GITHUB_ENV - elif [[ ${{ inputs.brand_name }} == "aurora" ]]; then + elif [[ ${{ matrix.base_name }} =~ aurora ]]; then echo "VARIANT=Kinoite" >> $GITHUB_ENV fi @@ -76,7 +58,7 @@ jobs: shell: bash run: | set -eo pipefail - kernel_release=$(skopeo inspect docker://ghcr.io/ublue-os/${{ env.IMAGE_NAME }}:${{ inputs.fedora_version }} | jq -r '.Labels["ostree.linux"] | split(".x86_64")[0]') + kernel_release=$(skopeo inspect docker://ghcr.io/ublue-os/${{ env.IMAGE_NAME }}:${{ matrix.stream_name }} | jq -r '.Labels["ostree.linux"] | split(".x86_64")[0]') fedora_version=$(echo $kernel_release | grep -oP 'fc\K[0-9]+') echo "kernel_release=$kernel_release" >> $GITHUB_OUTPUT echo "fedora_version=$fedora_version" >> $GITHUB_OUTPUT @@ -85,21 +67,15 @@ jobs: id: generate-tag shell: bash run: | - TAG="${{ inputs.fedora_version }}" + TAG="${{ matrix.stream_name }}" if [[ "${{ github.ref_name }}" == "testing" ]]; then - if [[ "${{ inputs.fedora_version }}" == "true" ]]; then - TAG="gts-testing" - elif [[ "${{ inputs.fedora_version }}" == "true" ]]; then - TAG="stable-testing" - elif [[ "${{ inputs.fedora_version }}" == "true" ]]; then - TAG="testing" - fi + TAG="testing-${TAG}" fi # Would like to implement in the future. This will allow us to support image tags from a PR. #if [[ github.event.number ]]; then - # TAG="pr-${{ github.event.number }}-${{ matrix.fedora_version }}" + # TAG="pr-${{ github.event.number }}-${{ matrix.stream_name }}" #fi echo "tag=${TAG}" >> $GITHUB_OUTPUT @@ -108,9 +84,9 @@ jobs: id: generate-flatpak-dir-shortname shell: bash run: | - if [[ ${{ inputs.brand_name }} = "bluefin" ]]; then + if [[ "${{ matrix.brand_name }}" =~ bluefin ]]; then FLATPAK_DIR_SHORTNAME="bluefin_flatpaks" - elif [[ ${{ inputs.brand_name }} = "aurora" ]]; then + elif [[ "${{ matrix.brand_name }}" =~ aurora ]]; then FLATPAK_DIR_SHORTNAME="aurora_flatpaks" fi echo "flatpak-dir-shortname=${FLATPAK_DIR_SHORTNAME}" >> $GITHUB_OUTPUT @@ -120,7 +96,7 @@ jobs: shell: bash run: | set -ex - image="ghcr.io/ublue-os/${{ env.IMAGE_NAME }}:${{ inputs.fedora_version }}" + image="ghcr.io/ublue-os/${{ env.IMAGE_NAME }}:${{ matrix.stream_name }}" # Make temp space TEMP_FLATPAK_INSTALL_DIR=$(mktemp -d -p ${{ github.workspace }} flatpak.XXX) # Get list of refs from directory @@ -191,7 +167,7 @@ jobs: overwrite: true - name: Upload ISOs and Checksum to R2 to Bluefin Bucket - if: github.ref_name == 'main' && inputs.brand_name == 'bluefin' + if: github.ref_name == 'main' && contains(matrix.brand_name,'bluefin') shell: bash env: RCLONE_CONFIG_R2_TYPE: s3 @@ -207,7 +183,7 @@ jobs: rclone copy $SOURCE_DIR R2:bluefin - name: Upload ISOs and Checksum to R2 to Aurora Bucket - if: github.ref_name == 'main' && inputs.brand_name == 'aurora' + if: github.ref_name == 'main' && contains(matrix.brand_name,'aurora') shell: bash env: RCLONE_CONFIG_R2_TYPE: s3 diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 9c9c4b16922..6fbfac31928 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -2,34 +2,21 @@ name: Reusable Build and Push on: workflow_call: inputs: - fedora_version: - description: "The Fedora Version: gts, stable, or latest" - required: true + image_flavors: + description: "JSON string of flavors to build, '[main, nvidia, hwe, hwe-nvidia]'" + default: "['main', 'nvidia']" type: string brand_name: - description: "'aurora' or 'bluefin'" + description: "The Brand Name: bluefin or aurora" + required: true + type: string + stream_name: + description: "The Fedora Version: gts, stable, or latest" required: true type: string - rechunk: - description: "Rechunk the image" - required: false - type: boolean - default: false - weekly_tag_day: - description: "Tag stable weekly on for example 'Tuesday'" - required: false + kernel_pin: + description: "The full kernel version to pin" type: string - default: Tuesday - build_stable_daily: - description: "Build with 'stable-daily' tag" - required: false - type: boolean - default: true - build_stable_weekly: - description: "Build with 'stable' tag" - required: false - type: boolean - default: true outputs: images: description: "An array of images built and pushed to the registry" @@ -38,7 +25,7 @@ env: IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} concurrency: - group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-${{ inputs.fedora_version }} + group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-${{ inputs.brand_name}}-${{ inputs.stream_name }} cancel-in-progress: true jobs: @@ -51,46 +38,18 @@ jobs: strategy: fail-fast: false matrix: - image_flavor: - - main - - nvidia - - asus - - asus-nvidia - - surface - - surface-nvidia - base_name: - - ${{ inputs.brand_name }} - - ${{ inputs.brand_name }}-dx - fedora_version: - - ${{ inputs.fedora_version }} - exclude: - - fedora_version: gts - image_flavor: asus - - fedora_version: gts - image_flavor: asus-nvidia - - fedora_version: stable - image_flavor: asus - - fedora_version: stable - image_flavor: asus-nvidia - - fedora_version: stable - image_flavor: surface - - fedora_version: stable - image_flavor: surface-nvidia - - fedora_version: beta - image_flavor: asus - - fedora_version: beta - image_flavor: asus-nvidia - - fedora_version: beta - image_flavor: surface - - fedora_version: beta - image_flavor: surface-nvidia + image_flavor: ${{ fromJson(inputs.image_flavors) }} + base_name: ["${{ inputs.brand_name }}", "${{ inputs.brand_name }}-dx"] + stream_name: ["${{ inputs.stream_name }}"] steps: - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Matrix Variables + shell: bash run: | + set -eoux pipefail # IMAGE_NAME if [[ "${{ matrix.image_flavor }}" == "main" ]]; then echo "IMAGE_NAME=${{ matrix.base_name }}" >> $GITHUB_ENV @@ -113,28 +72,16 @@ jobs: fi # AKMODS_FLAVOR - if [[ "${{ matrix.image_flavor }}" =~ "asus" ]]; then - echo "AKMODS_FLAVOR=asus" >> $GITHUB_ENV - elif [[ "${{ matrix.image_flavor }}" =~ "surface" ]]; then - echo "AKMODS_FLAVOR=surface" >> $GITHUB_ENV - elif [[ "${{ matrix.fedora_version }}" =~ stable|gts ]]; then + if [[ "${{ matrix.image_flavor }}" =~ "hwe" ]]; then + echo "AKMODS_FLAVOR=bazzite" >> $GITHUB_ENV + elif [[ "${{ matrix.stream_name }}" =~ stable|gts ]]; then echo "AKMODS_FLAVOR=coreos-stable" >> $GITHUB_ENV + elif [[ "${{ matrix.stream_name }}" =~ beta ]]; then + echo "AKMODS_FLAVOR=coreos-testing" >> $GITHUB_ENV else echo "AKMODS_FLAVOR=main" >> $GITHUB_ENV fi - # Env for matrix.image_flavor - if [[ "${{ matrix.image_flavor }}" == "nvidia" && \ - "${{ matrix.fedora_version }}" != "beta" ]]; then - echo "image_flavor=main" >> $GITHUB_ENV - echo "nvidia_type=nvidia" >> $GITHUB_ENV - elif [[ "${{ matrix.image_flavor }}" == "main" && \ - "${{ matrix.fedora_version }}" != "beta" ]]; then - echo "image_flavor=${{ matrix.image_flavor }}" >> $GITHUB_ENV - else - echo "image_flavor=${{ matrix.image_flavor }}" >> $GITHUB_ENV - fi - - name: Get Current Fedora Version id: labels uses: Wandalen/wretry.action@f8754f79743ba113fedbba4499593f7d73b458eb # v3.7.0 @@ -142,72 +89,74 @@ jobs: attempt_limit: 3 attempt_delay: 15000 command: | - set -eox pipefail - if [[ ${{ matrix.fedora_version }} == "stable" ]]; then - KERNEL_RELEASE=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"]') - elif [[ ${{ matrix.fedora_version }} == "gts" && ${{ env.AKMODS_FLAVOR }} != "surface" ]]; then - # always get base kernel release because we use it to get Fedora release not from CoreOS - base_kernel_release=$(skopeo inspect docker://ghcr.io/ublue-os/silverblue-${{ env.image_flavor }}:${{ matrix.fedora_version }} | jq -r '.Labels["ostree.linux"]') - coreos_kernel_release=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"]') - coreos_fedora_version=$(echo $coreos_kernel_release | grep -oP 'fc\K[0-9]+') - # this allows GTS to be same as CoreOS or earlier, depending on release cycle timing - fedora_version=$(echo $base_kernel_release | grep -oP 'fc\K[0-9]+') - KERNEL_RELEASE=$(skopeo inspect docker://ghcr.io/ublue-os/coreos-stable-kernel:${fedora_version} | jq -r '.Labels["ostree.linux"]') + set -eoux pipefail + + # Fedora Version + if [[ "${{ matrix.stream_name }}" =~ stable ]]; then + fedora_version=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"]' | grep -oP 'fc\K[0-9]+') + else + fedora_version=$(skopeo inspect docker://ghcr.io/ublue-os/base-main:${{ matrix.stream_name }} | jq -r '.Labels["ostree.linux"]' | grep -oP 'fc\K[0-9]+') + fi + + # Kernel Release for ostree.linux label + if [[ "${{ matrix.image_flavor }}" =~ hwe ]]; then + kernel_release=$(skopeo inspect docker://ghcr.io/ublue-os/bazzite-kernel:"${fedora_version}" | jq -r '.Labels["ostree.linux"]') + elif [[ "${{ matrix.stream_name }}" =~ latest|beta ]]; then + kernel_release=$(skopeo inspect docker://ghcr.io/ublue-os/main-kernel:"${fedora_version}" | jq -r '.Labels["ostree.linux"]') else - base_kernel_release=$(skopeo inspect docker://ghcr.io/ublue-os/silverblue-${{ env.image_flavor }}:${{ matrix.fedora_version }} | jq -r '.Labels["ostree.linux"]') - base_fedora_version=$(echo $base_kernel_release | grep -oP 'fc\K[0-9]+') - KERNEL_RELEASE=$(skopeo inspect docker://ghcr.io/ublue-os/${{ env.AKMODS_FLAVOR }}-kernel:${base_fedora_version} | jq -r '.Labels["ostree.linux"]') + kernel_release=$(skopeo inspect docker://ghcr.io/ublue-os/coreos-stable-kernel:"${fedora_version}" | jq -r '.Labels["ostree.linux"]') fi - fedora_version=$(echo $KERNEL_RELEASE | grep -oP 'fc\K[0-9]+') - echo "kernel_release=$KERNEL_RELEASE" >> $GITHUB_ENV - echo "fedora_version=$fedora_version" >> $GITHUB_ENV - ver=$(skopeo inspect docker://ghcr.io/ublue-os/${{ env.BASE_IMAGE_NAME }}-${{ env.image_flavor }}:$fedora_version | jq -r '.Labels["org.opencontainers.image.version"]') + + # Get Version + ver=$(skopeo inspect docker://ghcr.io/ublue-os/"${{ env.BASE_IMAGE_NAME }}"-main:"${fedora_version}" | jq -r '.Labels["org.opencontainers.image.version"]') if [ -z "$ver" ] || [ "null" = "$ver" ]; then echo "inspected image version must not be empty or null" exit 1 fi + + kernel_pin="${{ inputs.kernel_pin }}" + + if [[ -n "${kernel_pin:-}" ]]; then + kernel_release="${kernel_pin}" + fedora_version="$(grep -oP 'fc\K[0-9]+' <<< ${kernel_pin})" + + # check to make sure pin exists + if [[ $(skopeo inspect docker://ghcr.io/ublue-os/"${{ env.AKMODS_FLAVOR }}"-kernel:"${kernel_pin}" | jq -r '.Labels["ostree.linux"]') != "${kernel_pin}" ]]; then + echo "Kernel Pin does not exist" + exit 1 + fi + fi + + # Push into GITHUB ENV + echo "KERNEL_RELEASE=$kernel_release" >> $GITHUB_ENV + echo "FEDORA_VERSION=$fedora_version" >> $GITHUB_ENV echo "VERSION=$ver" >> $GITHUB_ENV - name: Verify base image uses: EyeCantCU/cosign-action/verify@58722a084c82190b57863002d494c91eabbe9e79 # v0.3.0 with: - containers: ${{ env.BASE_IMAGE_NAME}}-${{ env.image_flavor }}:${{ env.fedora_version }} + containers: ${{ env.BASE_IMAGE_NAME}}-main:${{ env.FEDORA_VERSION }} - name: Verify Akmods uses: EyeCantCU/cosign-action/verify@58722a084c82190b57863002d494c91eabbe9e79 # v0.3.0 with: - containers: akmods:${{ env.AKMODS_FLAVOR}}-${{ env.fedora_version }} + containers: akmods:${{ env.AKMODS_FLAVOR}}-${{ env.FEDORA_VERSION }}-${{ env.KERNEL_RELEASE }} - name: Verify Nvidia uses: EyeCantCU/cosign-action/verify@58722a084c82190b57863002d494c91eabbe9e79 # v0.3.0 with: - containers: akmods-nvidia:${{ env.AKMODS_FLAVOR}}-${{ env.fedora_version }} + containers: akmods-nvidia:${{ env.AKMODS_FLAVOR}}-${{ env.FEDORA_VERSION }}-${{ env.KERNEL_RELEASE }} - name: Verify ZFS uses: EyeCantCU/cosign-action/verify@58722a084c82190b57863002d494c91eabbe9e79 # v0.3.0 - if: inputs.fedora_version != 'beta' && inputs.fedora_version != 'latest' + if: contains(env.AKMODS_FLAVOR, 'coreos') with: - containers: akmods-zfs:coreos-stable-${{ env.fedora_version }} + containers: akmods-zfs:${{ env.AKMODS_FLAVOR }}-${{ env.FEDORA_VERSION }}-${{ env.KERNEL_RELEASE }} - name: Verify Kernel Cache uses: EyeCantCU/cosign-action/verify@58722a084c82190b57863002d494c91eabbe9e79 # v0.3.0 with: - containers: ${{ env.AKMODS_FLAVOR }}-kernel:${{ env.kernel_release }} - - - name: Verify Kernel Version Matches - uses: Wandalen/wretry.action@f8754f79743ba113fedbba4499593f7d73b458eb # v3.7.0 - with: - attempt_limit: 3 - attempt_delay: 15000 - command: | - set -x - akmods_version=$(skopeo inspect docker://ghcr.io/ublue-os/akmods:${{ env.AKMODS_FLAVOR }}-${{ env.fedora_version }} | jq -r '.Labels["ostree.linux"]') - if [[ "${akmods_version}" == "${{ env.kernel_release }}" ]]; then - echo "Kernel Versions Match" - else - echo "Kernel Version do Not Match" - exit 1 - fi + containers: ${{ env.AKMODS_FLAVOR }}-kernel:${{ env.KERNEL_RELEASE }} - name: Check just syntax uses: ublue-os/just-action@bda593098a84a84973b002b4377709166a68be52 # v2 @@ -218,117 +167,59 @@ jobs: run: | # Generate a timestamp for creating an image version history TIMESTAMP="$(date +%Y%m%d)" - FEDORA_VERSION="${{ matrix.fedora_version }}" - - if [[ "${{ matrix.fedora_version }}" == "stable" ]]; then - IS_LATEST_VERSION=false - IS_STABLE_VERSION=true - IS_GTS_VERSION=false - IS_BETA_VERSION=false - IS_COREOS=true - elif [[ "${{ matrix.fedora_version }}" == "gts" ]]; then - IS_LATEST_VERSION=false - IS_STABLE_VERSION=true - IS_GTS_VERSION=true - IS_BETA_VERSION=false - IS_COREOS=false - elif [[ "${{ matrix.fedora_version }}" == "latest" ]]; then - IS_LATEST_VERSION=true - IS_STABLE_VERSION=true - IS_GTS_VERSION=false - IS_BETA_VERSION=false - IS_COREOS=false - elif [[ "${{ matrix.fedora_version }}" == "beta" ]]; then - IS_LATEST_VERSION=false - IS_STABLE_VERSION=false - IS_GTS_VERSION=false - IS_BETA_VERSION=true - IS_COREOS=false - fi + TODAY="$(date +%A)" + WEEKLY="Sunday" + # Arrays for Tags COMMIT_TAGS=() BUILD_TAGS=() # Have tags for tracking builds during pull request SHA_SHORT="${GITHUB_SHA::7}" - COMMIT_TAGS+=("pr-${{ github.event.number }}-${FEDORA_VERSION}") - COMMIT_TAGS+=("${SHA_SHORT}-${FEDORA_VERSION}") - if [[ "$IS_LATEST_VERSION" == "true" ]] && \ - [[ "$IS_STABLE_VERSION" == "true" ]]; then - COMMIT_TAGS+=("pr-${{ github.event.number }}") - COMMIT_TAGS+=("${SHA_SHORT}") + COMMIT_TAGS+=("pr-${{ github.event.number }}-${{ matrix.stream_name }}") + COMMIT_TAGS+=("${SHA_SHORT}-${{ matrix.stream_name }}") + + # Convenience Tags + if [[ "${{ matrix.stream_name }}" =~ stable ]]; then + BUILD_TAGS+=("stable-daily" "stable-daily-${TIMESTAMP}") + else + BUILD_TAGS+=("${{ matrix.stream_name }}" "${{ matrix.stream_name }}-${TIMESTAMP}") fi - TODAY="$(date +%A)" - if [[ ${{ matrix.fedora_version }} == "stable" ]]; then - if [[ ${{ github.event_name }} == "schedule" ]] && \ - [[ "${{ inputs.weekly_tag_day }}" != "${TODAY}" ]]; then - BUILD_TAGS+=("stable-daily" "stable-daily-${TIMESTAMP}") - elif [[ ${{ inputs.build_stable_daily }} == "false" ]]; then + # Weekly Stable / Rebuild Stable on workflow_dispatch + if [[ "${{ matrix.stream_name }}" =~ "stable" && "${WEEKLY}" == "${TODAY}" && "${{ github.event_name }}" =~ scheduled ]]; then BUILD_TAGS+=("stable" "stable-${TIMESTAMP}") - elif [[ ${{ inputs.build_stable_weekly }} == "false" ]]; then - BUILD_TAGS+=("stable-daily" "stable-daily-${TIMESTAMP}") - else + elif [[ "${{ matrix.stream_name }}" =~ "stable" && "${{ github.event_name }}" =~ workflow_dispatch|workflow_call ]]; then BUILD_TAGS+=("stable" "stable-${TIMESTAMP}") - BUILD_TAGS+=("stable-daily" "stable-daily-${TIMESTAMP}") - fi - else - BUILD_TAGS=("${{ env.fedora_version }}" "${{ env.fedora_version }}-${TIMESTAMP}") + elif [[ ! "${{ matrix.stream_name}}" =~ "stable" ]]; then + BUILD_TAGS+=("${{ env.FEDORA_VERSION }}" "${{ env.FEDORA_VERSION }}-${TIMESTAMP}") fi - if [[ ${{ github.ref_name }} == "testing" ]]; then - if [[ ${{ matrix.fedora_version }} == "stable" ]]; then - BUILD_TAGS=("${FEDORA_VERSION}-testing" "${FEDORA_VERSION}-testing-${TIMESTAMP}") - else - BUILD_TAGS=("${{ env.fedora_version }}-testing" "${{ env.fedora_version }}-testing-${TIMESTAMP}") - fi - if [[ "$IS_LATEST_VERSION" == "true" ]] && \ - [[ "$IS_STABLE_VERSION" == "true" ]]; then - BUILD_TAGS+=("testing") - echo "DEFAULT_TAG=testing" >> $GITHUB_ENV - elif [[ "$IS_GTS_VERSION" == "true" ]]; then - BUILD_TAGS+=("gts-testing") - echo "DEFAULT_TAG=gts-testing" >> $GITHUB_ENV - elif [[ "$IS_BETA_VERSION" == "true" ]]; then - BUILD_TAGS+=("beta-testing") - echo "DEFAULT_TAG=beta-testing" >> $GITHUB_ENV - elif [[ "$IS_COREOS" == "true" ]]; then - echo "DEFAULT_TAG=stable-testing" >> $GITHUB_ENV - fi - else - if [[ "$IS_LATEST_VERSION" == "true" ]] && \ - [[ "$IS_STABLE_VERSION" == "true" ]]; then - BUILD_TAGS+=("latest") - echo "DEFAULT_TAG=latest" >> $GITHUB_ENV - elif [[ "$IS_GTS_VERSION" == "true" ]]; then - BUILD_TAGS+=("gts") - echo "DEFAULT_TAG=gts" >> $GITHUB_ENV - elif [[ "$IS_BETA_VERSION" == "true" ]]; then - BUILD_TAGS+=("beta") - echo "DEFAULT_TAG=beta" >> $GITHUB_ENV - elif [[ "$IS_COREOS" == "true" ]]; then - if [[ ${{ inputs.build_stable_daily }} == "true" ]]; then - echo "DEFAULT_TAG=stable-daily" >> $GITHUB_ENV - else - echo "DEFAULT_TAG=stable" >> $GITHUB_ENV - fi - fi + # Prepend testing if built on testing branch + if [[ "${{ github.ref_name }}" == "testing" ]]; then + temp=() + for TAG in "${BUILD_TAGS[@]}"; do + temp+=(testing-"$TAG") + done + BUILD_TAGS=(${temp[@]}) fi + # Use Commit Tags if PR / Use Build Tags if Not if [[ "${{ github.event_name }}" == "pull_request" ]]; then echo "Generated the following commit tags: " for TAG in "${COMMIT_TAGS[@]}"; do echo "${TAG}" done alias_tags=("${COMMIT_TAGS[@]}") - echo "DEFAULT_TAG=${SHA_SHORT}-${FEDORA_VERSION}" >> $GITHUB_ENV else + echo "Generated the following build tags: " + for TAG in "${BUILD_TAGS[@]}"; do + echo "${TAG}" + done alias_tags=("${BUILD_TAGS[@]}") fi - echo "Generated the following build tags: " - for TAG in "${BUILD_TAGS[@]}"; do - echo "${TAG}" - done + + echo "DEFAULT_TAG=${{ matrix.stream_name }}" >> $GITHUB_ENV echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT # Build metadata @@ -342,22 +233,20 @@ jobs: org.opencontainers.image.title=${{ env.IMAGE_NAME }} org.opencontainers.image.version=${{ env.VERSION }} org.opencontainers.image.description=An interpretation of the Ubuntu spirit built on Fedora technology - ostree.linux=${{ env.kernel_release }} + ostree.linux=${{ env.KERNEL_RELEASE }} io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/bluefin/bluefin/README.md io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4 - name: Define env.SHA_HEAD_SHORT run: | - echo "SHA_HEAD_SHORT=${GITHUB_SHA::7}" >> $GITHUB_ENV + echo "SHA_HEAD_SHORT=${GITHUB_SHA::7}" >> $GITHUB_ENV - name: Maximize build space - if: github.event_name == 'pull_request' && ( matrix.image_flavor == 'main' || matrix.image_flavor == 'nvidia' ) || github.event_name != 'pull_request' uses: ublue-os/remove-unwanted-software@517622d6452028f266b7ba4cc9a123b5f58a6b53 # v7 with: remove-codeql: true - name: Pull images - if: github.event_name == 'pull_request' && ( matrix.image_flavor == 'main' || matrix.image_flavor == 'nvidia' ) || github.event_name != 'pull_request' uses: Wandalen/wretry.action@f8754f79743ba113fedbba4499593f7d73b458eb # v3.7.0 with: attempt_limit: 3 @@ -365,29 +254,22 @@ jobs: command: | # pull the base image used for FROM in containerfile so # we can retry on that unfortunately common failure case - sudo podman pull ${{ env.IMAGE_REGISTRY }}/${{ env.BASE_IMAGE_NAME }}-${{ env.image_flavor }}:${{ env.fedora_version }} - sudo podman pull ${{ env.IMAGE_REGISTRY }}/akmods:${{ env.AKMODS_FLAVOR }}-${{ env.fedora_version }} - sudo podman pull ${{ env.IMAGE_REGISTRY }}/akmods-nvidia:${{ env.AKMODS_FLAVOR }}-${{ env.fedora_version }} - sudo podman pull ${{ env.IMAGE_REGISTRY }}/${{ env.AKMODS_FLAVOR }}-kernel:${{ env.kernel_release }} + sudo podman pull ${{ env.IMAGE_REGISTRY }}/${{ env.BASE_IMAGE_NAME }}-main:${{ env.FEDORA_VERSION }} - name: Build Image id: build_image - if: github.event_name == 'pull_request' && ( matrix.image_flavor == 'main' || matrix.image_flavor == 'nvidia' ) || github.event_name != 'pull_request' run: | set -euox pipefail BUILD_ARGS=() + BUILD_ARGS+=("--build-arg" "AKMODS_FLAVOR=${{ env.AKMODS_FLAVOR }}") BUILD_ARGS+=("--build-arg" "BASE_IMAGE_NAME=${{ env.BASE_IMAGE_NAME }}") + BUILD_ARGS+=("--build-arg" "FEDORA_MAJOR_VERSION=${{ env.FEDORA_VERSION }}") BUILD_ARGS+=("--build-arg" "IMAGE_NAME=${{ env.IMAGE_NAME }}") - BUILD_ARGS+=("--build-arg" "IMAGE_FLAVOR=${{ env.image_flavor }}") BUILD_ARGS+=("--build-arg" "IMAGE_VENDOR=${{ github.repository_owner }}") - BUILD_ARGS+=("--build-arg" "FEDORA_MAJOR_VERSION=${{ env.fedora_version }}") - BUILD_ARGS+=("--build-arg" "TARGET_BASE=${{ env.TARGET_BASE }}") - BUILD_ARGS+=("--build-arg" "AKMODS_FLAVOR=${{ env.AKMODS_FLAVOR }}") - BUILD_ARGS+=("--build-arg" "NVIDIA_TYPE=${{ env.nvidia_type }}") - BUILD_ARGS+=("--build-arg" "KERNEL=${{ env.kernel_release }}") - BUILD_ARGS+=("--build-arg" "UBLUE_IMAGE_TAG=${{ matrix.fedora_version }}") + BUILD_ARGS+=("--build-arg" "KERNEL=${{ env.KERNEL_RELEASE }}") BUILD_ARGS+=("--build-arg" "SHA_HEAD_SHORT=${{ env.SHA_HEAD_SHORT }}") + BUILD_ARGS+=("--build-arg" "UBLUE_IMAGE_TAG=${{ matrix.stream_name }}") TAG_ARGS=() IFS=' ' read -r -a tags_array <<< "${{ steps.generate-tags.outputs.alias_tags }}" @@ -403,8 +285,8 @@ jobs: sudo podman build --format docker --target ${{ env.TARGET_NAME }} \ "${BUILD_ARGS[@]}" \ - "${TAG_ARGS[@]}" \ "${LABEL_ARGS[@]}" \ + --tag raw-img \ . sudo podman image ls @@ -412,28 +294,6 @@ jobs: echo "image=${{ env.IMAGE_NAME }}" >> $GITHUB_OUTPUT echo "tags=${{ steps.generate-tags.outputs.alias_tags }}" >> $GITHUB_OUTPUT - - - name: Check Secureboot - if: github.event_name == 'pull_request' && ( matrix.image_flavor == 'main' || matrix.image_flavor == 'nvidia' ) || github.event_name != 'pull_request' - shell: bash - run: | - set -x - if [[ ! $(command -v sbverify) || ! $(command -v curl) || ! $(command -v openssl) ]]; then - sudo apt update - sudo apt install sbsigntool curl openssl - fi - sudo podman run -d --rm --name ${{env.IMAGE_NAME}}-$(echo "${{ steps.generate-tags.outputs.alias_tags }}" | cut -d " " -f 1) "${{ env.IMAGE_NAME }}":$(echo "${{ steps.generate-tags.outputs.alias_tags }}" | cut -d " " -f 1) sleep 1000 - sudo podman cp ${{env.IMAGE_NAME}}-$(echo "${{ steps.generate-tags.outputs.alias_tags }}" | cut -d " " -f 1):/usr/lib/modules/${{ env.kernel_release }}/vmlinuz . - sudo podman rm -f ${{env.IMAGE_NAME}}-$(echo "${{ steps.generate-tags.outputs.alias_tags }}" | cut -d " " -f 1) || true - sudo kill -9 $(sudo podman inspect --format '{{.State.Pid}}' ${{env.IMAGE_NAME}}-$(echo "${{ steps.generate-tags.outputs.alias_tags }}" | cut -d " " -f 1)) || true - sbverify --list vmlinuz - curl --retry 3 -Lo kernel-sign.der https://github.com/ublue-os/kernel-cache/raw/main/certs/public_key.der - curl --retry 3 -Lo akmods.der https://github.com/ublue-os/kernel-cache/raw/main/certs/public_key_2.der - openssl x509 -in kernel-sign.der -out kernel-sign.crt - openssl x509 -in akmods.der -out akmods.crt - sbverify --cert kernel-sign.crt vmlinuz || exit 1 - sbverify --cert akmods.crt vmlinuz || exit 1 - # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR. # https://github.com/macbre/push-to-ghcr/issues/12 - name: Lowercase Registry @@ -444,26 +304,61 @@ jobs: - name: Rechunk Image id: rechunk - if: inputs.rechunk == true && ( github.event_name == 'pull_request' && ( matrix.image_flavor == 'main' || matrix.image_flavor == 'nvidia' ) || github.event_name != 'pull_request' ) - uses: hhd-dev/rechunk@602e6d62558ab23e15e8764ce06e26c0f328da71 # v1.0.1 + uses: hhd-dev/rechunk@v1.0.1 with: rechunk: ghcr.io/hhd-dev/rechunk:v1.0.1 - ref: ${{ steps.build_image.outputs.image }}:${{ env.DEFAULT_TAG }} - skip_compression: 'true' + ref: "raw-img" + skip_compression: "true" labels: ${{ steps.meta.outputs.labels }} prev-ref: ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}:${{ env.DEFAULT_TAG }} - # Overwrite the image with the chuncked image + # Load Rechunked image and Tag them - name: Load Rechunked Image - if: inputs.rechunk == true && github.event_name != 'pull_request' + shell: bash run: | - sudo podman rmi $(sudo podman image ls -qa) --force - IMAGE=$(sudo podman pull ${{ steps.rechunk.outputs.ref }}) + set -eoux pipefail + IMAGE=$(podman pull ${{ steps.rechunk.outputs.ref }}) sudo rm -rf ${{ steps.rechunk.outputs.output }} + for tag in ${{ steps.build_image.outputs.tags }}; do - sudo podman tag $IMAGE ${{ env.IMAGE_NAME }}:${tag} + podman tag $IMAGE ${{ env.IMAGE_NAME }}:${tag} done + # HWE Tagging + if [[ "${{ matrix.image_flavor }}" =~ hwe ]]; then + + image_name="${{ env.IMAGE_NAME }}" + asus_name="${image_name/hwe/asus}" + surface_name="${image_name/hwe/surface}" + + for tag in ${{ steps.build_image.outputs.tags }}; do + podman tag "${IMAGE}" "${asus_name}":${tag} + podman tag "${IMAGE}" "${surface_name}":${tag} + done + fi + podman tag $IMAGE rechunked-img + podman images + + # Check that Kernel is signed with Secureboot Keys + - name: Check Secureboot + shell: bash + run: | + set -x + if [[ ! $(command -v sbverify) || ! $(command -v curl) || ! $(command -v openssl) ]]; then + sudo apt update + sudo apt install sbsigntool curl openssl + fi + TMP=$(podman create rechunked-img bash) + podman cp $TMP:/usr/lib/modules/${{ env.KERNEL_RELEASE }}/vmlinuz . + podman rm $TMP + sbverify --list vmlinuz + curl --retry 3 -Lo kernel-sign.der https://github.com/ublue-os/kernel-cache/raw/main/certs/public_key.der + curl --retry 3 -Lo akmods.der https://github.com/ublue-os/kernel-cache/raw/main/certs/public_key_2.der + openssl x509 -in kernel-sign.der -out kernel-sign.crt + openssl x509 -in akmods.der -out akmods.crt + sbverify --cert kernel-sign.crt vmlinuz || exit 1 + sbverify --cert akmods.crt vmlinuz || exit 1 + - name: Login to GitHub Container Registry if: github.event_name != 'pull_request' run: | @@ -481,8 +376,20 @@ jobs: set -euox pipefail for tag in ${{ steps.build_image.outputs.tags }}; do - sudo podman push ${{ env.IMAGE_NAME }}:${tag} ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}:${tag} + podman push ${{ env.IMAGE_NAME }}:${tag} ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}:${tag} done + + if [[ "${{ matrix.image_flavor }}" =~ hwe ]]; then + + image_name="${{ env.IMAGE_NAME }}" + asus_name="${image_name/hwe/asus}" + surface_name="${image_name/hwe/surface}" + + for tag in ${{ steps.build_image.outputs.tags }}; do + podman push ${asus_name}:${tag} ${{ steps.registry_case.outputs.lowercase }}/${asus_name}:${tag} + podman push ${surface_name}:${tag} ${{ steps.registry_case.outputs.lowercase }}/${surface_name}:${tag} + done + fi digest=$(skopeo inspect docker://${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}:${{ env.DEFAULT_TAG }} --format '{{.Digest}}') echo "digest=${digest}" >> $GITHUB_OUTPUT @@ -505,22 +412,21 @@ jobs: DIGEST: ${{ steps.push.outputs.outputs && fromJSON(steps.push.outputs.outputs).digest }} IMAGE_REGISTRY: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }} IMAGE_NAME: ${{ env.IMAGE_NAME }} - IMAGE_FLAVOR: ${{ env.image_flavor }} - FEDORA_VERSION: ${{ matrix.fedora_version }} - run: echo "${IMAGE_REGISTRY}@${DIGEST}" > "${IMAGE_NAME}-${IMAGE_FLAVOR}-${FEDORA_VERSION}.txt" + FEDORA_VERSION: ${{ matrix.stream_name }} + run: echo "${IMAGE_REGISTRY}@${DIGEST}" > "${IMAGE_NAME}-${FEDORA_VERSION}.txt" - name: Upload artifact if: github.event_name != 'pull_request' uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4 with: - name: image-${{ env.IMAGE_NAME }}-${{ env.image_flavor }}-${{ matrix.fedora_version }} + name: image-${{ env.IMAGE_NAME }}-${{ matrix.stream_name }} retention-days: 1 if-no-files-found: error path: | - ${{ env.IMAGE_NAME }}-${{ env.image_flavor }}-${{ matrix.fedora_version }}.txt + ${{ env.IMAGE_NAME }}-${{ matrix.stream_name }}.txt check: - name: Check all ${{ inputs.brand_name }} ${{ inputs.fedora_version }} builds successful + name: Check all ${{ inputs.stream_name }} builds successful if: always() runs-on: ubuntu-latest needs: [build_container] @@ -569,15 +475,3 @@ jobs: exit 1 fi done - - build_iso: - name: iso - needs: [check] - if: (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && (github.ref_name == 'main' || github.ref_name == 'testing') && inputs.fedora_version != 'beta' && inputs.fedora_version != 'latest' - # Eventually would be nice for building images in PRs - #if: ${{ endsWith(github.event.pull_request.title, '[ISO]') }} - uses: ./.github/workflows/reusable-build-iso.yml - secrets: inherit - with: - brand_name: ${{ inputs.brand_name }} - fedora_version: ${{ inputs.fedora_version }} diff --git a/.gitignore b/.gitignore index 213f9a5bc5c..c79db42080a 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,8 @@ flatpaks_with_deps flatpak.* -scripts/files/home/ublue-os/* +*_build +*_build.* +previous.manifest.json +changelog.md +output.env diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 00000000000..28f0bd0969c --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,11 @@ +# .pre-commit-config.yaml + +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.4.0 + hooks: + - id: check-json + - id: check-toml + - id: check-yaml + - id: end-of-file-fixer + - id: trailing-whitespace diff --git a/.vscode/tasks.json b/.vscode/tasks.json deleted file mode 100644 index d0c6bca0a1f..00000000000 --- a/.vscode/tasks.json +++ /dev/null @@ -1,108 +0,0 @@ -{ - "version": "2.0.0", - "tasks": [ - { - "label": "Connect to VM", - "dependsOn": [ - "Run-ISO", - "Open Browser" - ], - "problemMatcher": [] - }, - { - "label": "Open Browser", - "command": "${input:openSimpleBrowser}", - "problemMatcher": [] - }, - { - "label": "Build Container", - "command": "just", - "args": [ - "build", - "${input:outputChoice}" - ], - "problemMatcher": [], - "group": { - "kind": "build", - "isDefault": true - } - }, - { - "label": "Build ISO", - "command": "just", - "args": [ - "build-iso", - "${input:outputChoice}" - ], - "problemMatcher": [] - }, - { - "label": "Build ISO (testing)", - "command": "just", - "args": [ - "build-iso-installer-main", - "${input:outputChoice}" - ], - "problemMatcher": [] - }, - { - "label": "Run-ISO", - "command": "just", - "args": [ - "run-iso", - "${input:outputChoice}" - ], - "problemMatcher": [], - "isBackground": true - }, - { - "label": "List Images", - "command": "just", - "args": [ - "list-images" - ], - "problemMatcher": [] - }, - { - "label": "Check justfiles", - "command": "just", - "args": [ - "just-check" - ], - "problemMatcher": [] - }, - { - "label": "Run Container", - "command": "just", - "args": [ - "run-container", - "${input:outputChoice}" - ], - "problemMatcher": [] - } - ], - "inputs": [ - { - "id": "openSimpleBrowser", - "type": "command", - "command": "simpleBrowser.show", - "args": [ - "http://localhost:8006" - ] - }, - { - "id": "outputChoice", - "type": "pickString", - "description": "Choose which container to build", - "default": "bluefin", - "options": [ - "bluefin gts", - "bluefin-dx gts", - "bluefin stable", - "bluefin-dx stable", - "aurora stable", - "aurora-dx stable" - ] - } - ] -} diff --git a/Containerfile b/Containerfile index ffc45c0a12c..2f5257219cc 100644 --- a/Containerfile +++ b/Containerfile @@ -1,22 +1,7 @@ -ARG BASE_IMAGE_NAME="${BASE_IMAGE_NAME:-silverblue}" -ARG IMAGE_FLAVOR="${IMAGE_FLAVOR:-main}" -ARG AKMODS_FLAVOR="${AKMODS_FLAVOR:-main}" -ARG SOURCE_IMAGE="${SOURCE_IMAGE:-${BASE_IMAGE_NAME}-${IMAGE_FLAVOR}}" +ARG BASE_IMAGE_NAME="silverblue" +ARG FEDORA_MAJOR_VERSION="40" +ARG SOURCE_IMAGE="${BASE_IMAGE_NAME}-main" ARG BASE_IMAGE="ghcr.io/ublue-os/${SOURCE_IMAGE}" -ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-40}" -ARG TARGET_BASE="${TARGET_BASE:-bluefin}" -ARG NVIDIA_TYPE="${NVIDIA_TYPE:-}" -ARG KERNEL="${KERNEL:-6.10.10-200.fc40.x86_64}" -ARG UBLUE_IMAGE_TAG="${UBLUE_IMAGE_TAG:-latest}" -ARG SHA_HEAD_SHORT="${SHA_HEAD_SHORT}" - -# FROM's for Mounting -ARG KMOD_SOURCE_COMMON="ghcr.io/ublue-os/akmods:${AKMODS_FLAVOR}-${FEDORA_MAJOR_VERSION}" -ARG NVIDIA_CACHE="ghcr.io/ublue-os/akmods-nvidia:${AKMODS_FLAVOR}-${FEDORA_MAJOR_VERSION}" -ARG KERNEL_CACHE="ghcr.io/ublue-os/${AKMODS_FLAVOR}-kernel:${KERNEL}" -FROM ${KMOD_SOURCE_COMMON} AS akmods -FROM ${NVIDIA_CACHE} AS nvidia_cache -FROM ${KERNEL_CACHE} AS kernel_cache FROM scratch AS ctx COPY / / @@ -24,56 +9,33 @@ COPY / / ## bluefin image section FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS base -ARG IMAGE_NAME="${IMAGE_NAME}" -ARG IMAGE_VENDOR="${IMAGE_VENDOR}" -ARG IMAGE_FLAVOR="${IMAGE_FLAVOR}" -ARG AKMODS_FLAVOR="${AKMODS_FLAVOR}" -ARG BASE_IMAGE_NAME="${BASE_IMAGE_NAME}" -ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION}" -ARG NVIDIA_TYPE="${NVIDIA_TYPE:-}" -ARG KERNEL="${KERNEL:-6.10.10-200.fc40.x86_64}" -ARG UBLUE_IMAGE_TAG="${UBLUE_IMAGE_TAG:-latest}" -ARG SHA_HEAD_SHORT="${SHA_HEAD_SHORT}" +ARG AKMODS_FLAVOR="coreos-stable" +ARG BASE_IMAGE_NAME="silverblue" +ARG FEDORA_MAJOR_VERSION="40" +ARG IMAGE_NAME="bluefin" +ARG IMAGE_VENDOR="ublue-os" +ARG KERNEL="6.10.10-200.fc40.x86_64" +ARG SHA_HEAD_SHORT="dedbeef" +ARG UBLUE_IMAGE_TAG="stable" # Build, cleanup, commit. RUN --mount=type=cache,dst=/var/cache/rpm-ostree \ --mount=type=bind,from=ctx,source=/,target=/ctx \ - --mount=type=bind,from=akmods,source=/rpms,target=/tmp/akmods \ - --mount=type=bind,from=nvidia_cache,source=/rpms,target=/tmp/akmods-rpms \ - --mount=type=bind,from=kernel_cache,source=/tmp/rpms,target=/tmp/kernel-rpms \ - rpm-ostree cliwrap install-to-root / && \ - mkdir -p /var/lib/alternatives && \ - /ctx/build_files/build-base.sh && \ - mv /var/lib/alternatives /staged-alternatives && \ - /ctx/build_files/clean-stage.sh && \ - ostree container commit && \ - mkdir -p /var/lib && mv /staged-alternatives /var/lib/alternatives && \ - mkdir -p /var/tmp && \ - chmod -R 1777 /var/tmp + /ctx/build_files/shared/build-base.sh ## bluefin-dx developer edition image section FROM base AS dx -ARG IMAGE_NAME="${IMAGE_NAME}" -ARG IMAGE_VENDOR="${IMAGE_VENDOR}" -ARG BASE_IMAGE_NAME="${BASE_IMAGE_NAME}" -ARG IMAGE_FLAVOR="${IMAGE_FLAVOR}" -ARG AKMODS_FLAVOR="${AKMODS_FLAVOR}" -ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION}" -ARG NVIDIA_TYPE="${NVIDIA_TYPE:-}" -ARG KERNEL="${KERNEL:-6.10.10-200.fc40.x86_64}" -ARG UBLUE_IMAGE_TAG="${UBLUE_IMAGE_TAG:-latest}" +ARG AKMODS_FLAVOR="coreos-stable" +ARG BASE_IMAGE_NAME="silverblue" +ARG FEDORA_MAJOR_VERSION="40" +ARG IMAGE_NAME="bluefin-dx" +ARG IMAGE_VENDOR="ublue-os" +ARG KERNEL="6.10.10-200.fc40.x86_64" +ARG SHA_HEAD_SHORT="dedbeef" +ARG UBLUE_IMAGE_TAG="stable" # Build, Clean-up, Commit RUN --mount=type=cache,dst=/var/cache/rpm-ostree \ --mount=type=bind,from=ctx,source=/,target=/ctx \ - --mount=type=bind,from=akmods,source=/rpms,target=/tmp/akmods \ - mkdir -p /var/lib/alternatives && \ - /ctx/build_files/build-dx.sh && \ - fc-cache --system-only --really-force --verbose && \ - mv /var/lib/alternatives /staged-alternatives && \ - /ctx/build_files/clean-stage.sh \ - ostree container commit && \ - mkdir -p /var/lib && mv /staged-alternatives /var/lib/alternatives && \ - mkdir -p /var/tmp && \ - chmod -R 1777 /var/tmp + /ctx/build_files/shared/build-dx.sh diff --git a/Justfile b/Justfile index de88d174925..297c90a504c 100644 --- a/Justfile +++ b/Justfile @@ -1,122 +1,508 @@ -export project_root := `git rev-parse --show-toplevel` -export git_branch := ` git branch --show-current` +repo_organization := "ublue-os" +images := '( + [aurora]=aurora + [aurora-dx]=aurora-dx + [bluefin]=bluefin + [bluefin-dx]=bluefin-dx +)' +flavors := '( + [main]=main + [nvidia]=nvidia + [hwe]=hwe + [hwe-nvidia]=hwe-nvidia +)' +tags := '( + [gts]=gts + [stable]=stable + [latest]=latest + [beta]=beta +)' -alias run := run-container - -_default: - @just help - -_container_mgr: - @{{ project_root }}/scripts/container_mgr.sh - -_base_image image: - @{{ project_root }}/scripts/base-image.sh {{ image }} - -_tag image target: - @{{ project_root }}/scripts/make-tag.sh {{ image }} {{ target }} +[private] +default: + @just --list # Check Just Syntax -just-check: +check: #!/usr/bin/bash - find "${project_root}" -type f -name "*.just" | while read -r file; do + find . -type f -name "*.just" | while read -r file; do echo "Checking syntax: $file" - just --unstable --fmt --check -f $file + just --unstable --fmt --check -f $file done - echo "Checking syntax: ${project_root}/Justfile" - just --unstable --fmt --check -f ${project_root}/Justfile + echo "Checking syntax: Justfile" + just --unstable --fmt --check -f Justfile # Fix Just Syntax -just-fix: +fix: #!/usr/bin/bash - find "${project_root}" -type f -name "*.just" | while read -r file; do + find . -type f -name "*.just" | while read -r file; do echo "Checking syntax: $file" just --unstable --fmt -f $file done - echo "Checking syntax: ${project_root}/Justfile" - just --unstable --fmt -f ${project_root}/Justfile || { exit 1; } + echo "Checking syntax: Justfile" + just --unstable --fmt -f Justfile || { exit 1; } + +# Clean Repo +clean: + #!/usr/bin/bash + set -eoux pipefail + find *_build* -exec rm -rf {} \; + rm -f previous.manifest.json + +# Sudo Clean +sudo-clean: + #!/usr/bin/bash + set -eoux pipefail + just sudoif "find *_build* -exec rm -rf {} \;" + just sudoif "rm -f previous.manifest.json" + +# Check if valid combo +[private] +validate image="" tag="" flavor="": + #!/usr/bin/bash + set -eoux pipefail + declare -A images={{ images }} + declare -A tags={{ tags }} + declare -A flavors={{ flavors }} + image={{ image }} + tag={{ tag }} + flavor={{ flavor }} + checkimage="${images[${image}]-}" + checktag="${tags[${tag}]-}" + checkflavor="${flavors[${flavor}]-}" + + # Validity Checks + if [[ -z "$checkimage" ]]; then + echo "Invalid Image..." + exit 1 + fi + if [[ -z "$checktag" ]]; then + echo "Invalid tag..." + exit 1 + fi + if [[ "$checktag" =~ gts && "$checkimage" =~ aurora ]]; then + echo "Aurora Does not build GTS..." + exit 1 + fi + if [[ ! "$checktag" =~ latest && "$checkflavor" =~ hwe ]]; then + echo "HWE images are only built on latest..." + exit 1 + fi + +# sudoif bash function +[private] +sudoif command *args: + #!/usr/bin/bash + function sudoif(){ + if [[ "${UID}" -eq 0 ]]; then + "$@" + elif [[ "$(command -v sudo)" && -n "${SSH_ASKPASS:-}" ]] && [[ -n "${DISPLAY:-}" || -n "${WAYLAND_DISPLAY:-}" ]]; then + /usr/bin/sudo --askpass "$@" || exit 1 + elif [[ "$(command -v sudo)" ]]; then + /usr/bin/sudo "$@" || exit 1 + else + exit 1 + fi + } + sudoif {{ command }} {{ args }} # Build Image -build image="" target="" version="": - @{{ project_root }}/scripts/build-image.sh {{ image }} {{ target }} {{ version }} +build image="bluefin" tag="latest" flavor="main" rechunk="0": + #!/usr/bin/bash + set -eoux pipefail + image={{ image }} + tag={{ tag }} + flavor={{ flavor }} -# Run image -run-container image="" target="" version="": - @{{ project_root }}/scripts/run-image.sh {{ image }} {{ target }} {{ version }} + # Validate + just validate "${image}" "${tag}" "${flavor}" -# # Run Booted Image Session w/ Guest -# run-booted-guest image="" target="" version="": -# @{{ project_root }}/scripts/run-booted-guest.sh {{ image }} {{ target }} {{ version }} -# # Run Booted Image Session w/ mounted in $USER and $HOME -# run-booted-home image="" target="" version="": -# @{{ project_root }}/scripts/run-booted-home.sh {{ image }} {{ target }} {{ version }} + # Image Name + if [[ "${flavor}" =~ main ]]; then + image_name="${image}" + else + image_name="${image}-${flavor}" + fi -# Create ISO from local dev build image -build-iso image="" target="" version="": - @{{ project_root }}/scripts/build-iso.sh {{ image }} {{ target }} {{ version }} + # Base Image + if [[ "${image}" =~ bluefin ]]; then + base_image_name="silverblue" + elif [[ "${image}" =~ aurora ]]; then + base_image_name="kinoite" + fi -# Create ISO from local dev build image - use build-container-installer:main -build-iso-installer-main image="" target="" version="": - @{{ project_root }}/scripts/build-iso-installer-main.sh {{ image }} {{ target }} {{ version }} + # Target + if [[ "${image}" =~ dx ]]; then + target="dx" + else + target="base" + fi -# Run ISO from local dev build image -run-iso image="" target="" version="": - @{{ project_root }}/scripts/run-iso.sh {{ image }} {{ target }} {{ version }} + # Fedora Version + if [[ "${tag}" =~ stable ]]; then + fedora_version=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"]' | grep -oP 'fc\K[0-9]+') + else + fedora_version=$(skopeo inspect docker://ghcr.io/ublue-os/base-main:"${tag}" | jq -r '.Labels["ostree.linux"]' | grep -oP 'fc\K[0-9]+') + fi -# Create ISO from currenct ghcr image -build-iso-ghcr image="" target="" version="": - @{{ project_root }}/scripts/build-iso-ghcr.sh {{ image }} {{ target }} {{ version }} + # AKMODS Flavor and Kernel Version + if [[ "${flavor}" =~ hwe ]]; then + akmods_flavor="bazzite" + elif [[ "${tag}" =~ stable|gts ]]; then + akmods_flavor="coreos-stable" + elif [[ "${tag}" =~ beta ]]; then + akmods_flavor="coreos-testing" + else + akmods_flavor="main" + fi + kernel_release=$(skopeo inspect docker://ghcr.io/ublue-os/${akmods_flavor}-kernel:"${fedora_version}" | jq -r '.Labels["ostree.linux"]') -# Clean Directory. Remove ISOs and Build Files -clean: - @{{ project_root }}/scripts/cleanup-dir.sh + # Get Version + ver=$(skopeo inspect docker://ghcr.io/ublue-os/"${base_image_name}-main":"${fedora_version}" | jq -r '.Labels["org.opencontainers.image.version"]') + if [ -z "$ver" ] || [ "null" = "$ver" ]; then + echo "inspected image version must not be empty or null" + exit 1 + fi + + # Build Arguments + BUILD_ARGS=() + BUILD_ARGS+=("--build-arg" "AKMODS_FLAVOR=${akmods_flavor}") + BUILD_ARGS+=("--build-arg" "BASE_IMAGE_NAME=${base_image_name}") + BUILD_ARGS+=("--build-arg" "FEDORA_MAJOR_VERSION=${fedora_version}") + BUILD_ARGS+=("--build-arg" "IMAGE_NAME=${image_name}") + BUILD_ARGS+=("--build-arg" "IMAGE_VENDOR={{ repo_organization }}") + BUILD_ARGS+=("--build-arg" "KERNEL=${kernel_release}") + if ! git diff-index --quiet HEAD -- ; then + BUILD_ARGS+=("--build-arg" "SHA_HEAD_SHORT=$(git rev-parse --short HEAD)") + fi + BUILD_ARGS+=("--build-arg" "UBLUE_IMAGE_TAG=${tag}") + + # Labels + LABELS=() + LABELS+=("--label" "org.opencontainers.image.title=${image_name}") + LABELS+=("--label" "org.opencontainers.image.version=${ver}") + LABELS+=("--label" "ostree.linux=${kernel_release}") + LABELS+=("--label" "io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/bluefin/bluefin/README.md") + LABELS+=("--label" "io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4") + LABELS+=("--label" "org.opencontainers.image.description=An interpretation of the Ubuntu spirit built on Fedora technology") + + # Build Image + podman build \ + "${BUILD_ARGS[@]}" \ + "${LABELS[@]}" \ + --target "${target}" \ + --tag "${image_name}:${tag}" \ + . -# Remove built images -clean-images: - @{{ project_root }}/scripts/cleanup-images.sh + # Rechunk + if [[ "{{ rechunk }}" == "1" ]]; then + just rechunk "${image}" "${tag}" "${flavor}" + fi -# List Built Images -list-images: - @{{ project_root }}/scripts/list-images.sh +# Build Image and Rechunk +build-rechunk image="bluefin" tag="latest" flavor="main": + @just build {{ image }} {{ tag }} {{ flavor }} 1 +# Rechunk Image [private] -help: +rechunk image="bluefin" tag="latest" flavor="main": + #!/usr/bin/bash + set -eoux pipefail + + image={{ image }} + tag={{ tag }} + flavor={{ flavor }} + + # Validate + just validate "${image}" "${tag}" "${flavor}" + + # Image Name + if [[ "${flavor}" =~ main ]]; then + image_name="${image}" + else + image_name="${image}-${flavor}" + fi + + # Check if image is already built + ID=$(podman images --filter reference=localhost/"${image_name}":"${tag}" --format "'{{ '{{.ID}}' }}'") + if [[ -z "$ID" ]]; then + just build "${image}" "${tag}" "${flavor}" + fi + + # Load into Rootful Podman + ID=$(just sudoif podman images --filter reference=localhost/"${image_name}":"${tag}" --format "'{{ '{{.ID}}' }}'") + if [[ -z "$ID" ]]; then + just sudoif podman image scp ${UID}@localhost::localhost/"${image_name}":"${tag}" root@localhost::localhost/"${image_name}":"${tag}" + fi + + # Prep Container + CREF=$(just sudoif podman create localhost/"${image_name}":"${tag}" bash) + MOUNT=$(just sudoif podman mount "${CREF}") + OUT_NAME="${image_name}_build" + + # Run Rechunker's Prune + just sudoif podman run --rm \ + --pull=newer \ + --security-opt label=disable \ + --volume "$MOUNT":/var/tree \ + --env TREE=/var/tree \ + --user 0:0 \ + ghcr.io/hhd-dev/rechunk:latest \ + /sources/rechunk/1_prune.sh + + # Run Rechunker's Create + just sudoif podman run --rm \ + --security-opt label=disable \ + --volume "$MOUNT":/var/tree \ + --volume "cache_ostree:/var/ostree" \ + --env TREE=/var/tree \ + --env REPO=/var/ostree/repo \ + --env RESET_TIMESTAMP=1 \ + --user 0:0 \ + ghcr.io/hhd-dev/rechunk:latest \ + /sources/rechunk/2_create.sh + + # Cleanup Temp Container Reference + just sudoif podman unmount "$CREF" + just sudoif podman rm "$CREF" + + # Run Rechunker + just sudoif podman run --rm \ + --pull=newer \ + --security-opt label=disable \ + --volume "$PWD:/workspace" \ + --volume "$PWD:/var/git" \ + --volume cache_ostree:/var/ostree \ + --env REPO=/var/ostree/repo \ + --env PREV_REF=ghcr.io/ublue-os/"${image_name}":"${tag}" \ + --env OUT_NAME="$OUT_NAME" \ + --env LABELS="org.opencontainers.image.title=${image_name}$'\n'org.opencontainers.image.version=localbuild-$(date +%Y%m%d-%H:%M:%S)$'\n''io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/bluefin/refs/heads/main/README.md'$'\n''io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4'$'\n'" \ + --env "DESCRIPTION='An interpretation of the Ubuntu spirit built on Fedora technology'" \ + --env VERSION_FN=/workspace/version.txt \ + --env OUT_REF="oci:$OUT_NAME" \ + --env GIT_DIR="/var/git" \ + --user 0:0 \ + ghcr.io/hhd-dev/rechunk:latest \ + /sources/rechunk/3_chunk.sh + + # Cleanup + just sudoif "find ${OUT_NAME} -type d -exec chmod 0755 {} \;" || true + just sudoif "find ${OUT_NAME}* -type f -exec chmod 0644 {} \;" || true + if [[ "${UID}" -gt 0 ]]; then + just sudoif chown ${UID}:${GROUPS} -R "${PWD}" + fi + just sudoif podman volume rm cache_ostree + just sudoif podman rmi localhost/"${image_name}":"${tag}" + + # Load Image into Podman Store + IMAGE=$(podman pull oci:"${PWD}"/"${OUT_NAME}") + podman tag ${IMAGE} localhost/"${image_name}":"${tag}" + +# Run Container +run image="bluefin" tag="latest" flavor="main": + #!/usr/bin/bash + set -eoux pipefail + image={{ image }} + tag={{ tag }} + flavor={{ flavor }} + + # Validate + just validate "${image}" "${tag}" "${flavor}" + + # Image Name + if [[ "${flavor}" =~ main ]]; then + image_name="${image}" + else + image_name="${image}-${flavor}" + fi + + # Check if image exists + ID=$(podman images --filter reference=localhost/"${image_name}":"${tag}" --format "'{{ '{{.ID}}' }}'") + if [[ -z "$ID" ]]; then + just build "$image" "$tag" "$flavor" + fi + + # Run Container + podman run -it --rm localhost/"${image_name}":"${tag}" bash + +# Build ISO +build-iso image="bluefin" tag="latest" flavor="main" ghcr="0": + #!/usr/bin/bash + set -eoux pipefail + image={{ image }} + tag={{ tag }} + flavor={{ flavor }} + + # Validate + just validate "${image}" "${tag}" "${flavor}" + + # Image Name + if [[ "${flavor}" =~ main ]]; then + image_name="${image}" + else + image_name="${image}-${flavor}" + fi + + build_dir="${image_name}_build" + mkdir -p "$build_dir" + + if [[ -f "${build_dir}/${image_name}.iso" || -f "${build_dir}/${image_name}.iso-CHECKSUM" ]]; then + echo "ERROR - ISO or Checksum already exist. Please mv or rm to build new ISO" + exit 1 + fi + + # Local or Github Build + if [[ "{{ ghcr }}" == "1" ]]; then + IMAGE_FULL=ghcr.io/ublue-os/"${image_name}":"${tag}" + IMAGE_REPO=ghcr.io/ublue-os + podman pull "${IMAGE_FULL}" + else + IMAGE_FULL=localhost/"${image_name}":"${tag}" + IMAGE_REPO=localhost + ID=$(podman images --filter reference=localhost/"${image_name}":"${tag}" --format "'{{ '{{.ID}}' }}'") + if [[ -z "$ID" ]]; then + just build "$image" "$tag" "$flavor" + fi + fi + + # Load Image into rootful podman + if [[ "${UID}" -gt 0 ]]; then + just sudoif podman image scp "${UID}"@localhost::"${IMAGE_FULL}" root@localhost::"${IMAGE_FULL}" + fi + + # Flatpak list for bluefin/aurora + if [[ "${image_name}" =~ bluefin ]]; then + FLATPAK_DIR_SHORTNAME="bluefin_flatpaks" + elif [[ "${image_name}" =~ aurora ]]; then + FLATPAK_DIR_SHORTNAME="aurora_flatpaks" + fi + + # Generate Flatpak List + TEMP_FLATPAK_INSTALL_DIR="$(mktemp -d -p /tmp flatpak-XXXXX)" + flatpak_refs=() + while IFS= read -r line; do + flatpak_refs+=("$line") + done < "${FLATPAK_DIR_SHORTNAME}/flatpaks" + + # Add DX Flatpaks if needed + if [[ "${image_name}" =~ dx ]]; then + while IFS= read -r line; do + flatpak_refs+=("$line") + done < "dx_flatpaks/flatpaks" + fi + + echo "Flatpak refs: ${flatpak_refs[@]}" + + # Generate Install Script for Flatpaks + tee "${TEMP_FLATPAK_INSTALL_DIR}/install-flatpaks.sh"< /output/flatpaks-with-deps + EOF + + # Create Flatpak List with dependencies + flatpak_list_args=() + flatpak_list_args+=("--rm" "--privileged") + flatpak_list_args+=("--entrypoint" "/usr/bin/bash") + flatpak_list_args+=("--env" "FLATPAK_SYSTEM_DIR=/flatpak/flatpak") + flatpak_list_args+=("--env" "FLATPAK_TRIGGERSDIR=/flatpak/triggers") + flatpak_list_args+=("--volume" "$(realpath ./${build_dir}):/output") + flatpak_list_args+=("--volume" "${TEMP_FLATPAK_INSTALL_DIR}:/temp_flatpak_install_dir") + flatpak_list_args+=("${IMAGE_FULL}" /temp_flatpak_install_dir/install-flatpaks.sh) + + if [[ ! -f "${build_dir}/flatpaks-with-deps" ]]; then + podman run "${flatpak_list_args[@]}" + else + echo "WARNING - Reusing previous determined flatpaks-with-deps" + fi + + # List Flatpaks with Dependencies + cat "${build_dir}/flatpaks-with-deps" + + # Build ISO + iso_build_args=() + iso_build_args+=("--rm" "--privileged" "--pull=newer") + iso_build_args+=(--volume "/var/lib/containers/storage:/var/lib/containers/storage:ro") + iso_build_args+=(--volume "${PWD}:/github/workspace/") + iso_build_args+=(ghcr.io/jasonn3/build-container-installer:latest) + iso_build_args+=(ARCH="x86_64") + iso_build_args+=(ENROLLMENT_PASSWORD="universalblue") + iso_build_args+=(FLATPAK_REMOTE_REFS_DIR="/github/workspace/${build_dir}") + iso_build_args+=(IMAGE_NAME="${image_name}") + iso_build_args+=(IMAGE_REPO="${IMAGE_REPO}") + iso_build_args+=(IMAGE_SIGNED="true") + iso_build_args+=(IMAGE_SRC="containers-storage:${IMAGE_FULL}") + iso_build_args+=(IMAGE_TAG="${tag}") + iso_build_args+=(ISO_NAME="/github/workspace/${build_dir}/${image_name}.iso") + iso_build_args+=(SECURE_BOOT_KEY_URL="https://github.com/ublue-os/akmods/raw/main/certs/public_key.der") + if [[ "${image_name}" =~ bluefin ]]; then + iso_build_args+=(VARIANT="Silverblue") + else + iso_build_args+=(VARIANT="Kinoite") + fi + iso_build_args+=(VERSION="$(skopeo inspect containers-storage:${IMAGE_FULL} | jq -r '.Labels["ostree.linux"]' | grep -oP 'fc\K[0-9]+')") + iso_build_args+=(WEBUI="false") + + just sudoif podman run "${iso_build_args[@]}" + just sudoif chown "${UID}:${GROUPS}" -R "${PWD}" + +# Build ISO using GHCR Image +build-iso-ghcr image="bluefin" tag="latest" flavor="main": + @just build-iso {{ image }} {{ tag }} {{ flavor }} ghcr + +# Run ISO +run-iso image="bluefin" tag="latest" flavor="main": + #!/usr/bin/bash + set -eoux pipefail + image={{ image }} + tag={{ tag }} + flavor={{ flavor }} + + # Validate + just validate "${image}" "${tag}" "${flavor}" + + # Image Name + if [[ "${flavor}" =~ main ]]; then + image_name="${image}" + else + image_name="${image}-${flavor}" + fi + + # Check if ISO Exists + if [[ ! -f "${image_name}_build/${image_name}.iso" ]]; then + just build-iso "$image" "$tag" "$flavor" + fi + + # Determine which port to use + port=8006; + while grep -q :${port} <<< $(ss -tunalp); do + port=$(( port + 1 )) + done + echo "Using Port: ${port}" + echo "Connect to http://localhost:${port}" + run_args=() + run_args+=(--rm --privileged) + run_args+=(--pull=newer) + run_args+=(--publish "127.0.0.1:${port}:8006") + run_args+=(--env "CPU_CORES=4") + run_args+=(--env "RAM_SIZE=8G") + run_args+=(--env "DISK_SIZE=64G") + run_args+=(--env "BOOT_MODE=windows_secure") + run_args+=(--env "TPM=Y") + run_args+=(--env "GPU=Y") + run_args+=(--device=/dev/kvm) + run_args+=(--volume "${PWD}/${image_name}_build/${image_name}.iso":"/boot.iso") + run_args+=(docker.io/qemux/qemu-docker) + podman run "${run_args[@]}" & + xdg-open http://localhost:${port} + fg "%podman" + +# Test Changelogs +changelogs branch="stable": #!/usr/bin/bash - echo " " - echo "These are helper scripts for building and testing development images " - echo " " - echo "You can run dev images either in 'booted like' setup with 'just run-booted' " - echo "Or in a more stripped down version with 'just run' " - echo "Specify which image you wish to build and run by name. " - echo "Example: 'just run-container aurora' -> runs aurora without systemd " - echo " " - echo "Helper scripts are in 'project_root/scripts'. " - echo " " - echo "Modify the 'devcontainer.json' in 'project_root/.devcontainer' to support " - echo "Running the devcontainer with podman or docker " - echo "Manually specify container manager with '$CONTAINER_MGR' enviornment variable " - echo " " - just --list - -# Build Bluefin GTS -bluefin: (build "bluefin" "base" "gts") - -# Build Bluefin-DX GTS -bluefin-dx: (build "bluefin" "dx" "gts") - -# Build Bluefin GTS ISO -bluefin-iso: (build-iso "bluefin" "base" "gts") - -# Build Bluefin-DX GTS ISO -bluefin-dx-iso: (build-iso "bluefin" "dx" "gts") - -# Build Aurora -aurora: (build "aurora" "base" "stable") - -# Builed Aurora-DX -aurora-dx: (build "aurora" "dx" "stable") - -# Build Aurora ISO -aurora-iso: (build-iso "aurora" "base" "stable") - -# Builed Aurora-DX ISO -aurora-dx-iso: (build-iso "aurora" "dx" "stable") + set -eoux pipefail + python3 ./.github/changelogs.py {{ branch }} ./output.env ./changelog.md --workdir . diff --git a/README.md b/README.md index 489f5ace740..055a07e32f0 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ # bluefin and aurora -[![Codacy Badge](https://app.codacy.com/project/badge/Grade/2503a44c1105456483517f793af75ee7)](https://app.codacy.com/gh/ublue-os/bluefin/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) +[![Codacy Badge](https://app.codacy.com/project/badge/Grade/2503a44c1105456483517f793af75ee7)](https://app.codacy.com/gh/ublue-os/bluefin/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) -[![Aurora Stable](https://github.com/ublue-os/bluefin/actions/workflows/build-coreos-aurora.yml/badge.svg)](https://github.com/ublue-os/bluefin/actions/workflows/build-coreos-aurora.yml) [![Aurora Latest](https://github.com/ublue-os/bluefin/actions/workflows/build-latest-aurora.yml/badge.svg)](https://github.com/ublue-os/bluefin/actions/workflows/build-latest-aurora.yml) +[![Aurora Stable](https://github.com/ublue-os/bluefin/actions/workflows/build-coreos-aurora.yml/badge.svg)](https://github.com/ublue-os/bluefin/actions/workflows/build-coreos-aurora.yml) [![Aurora Latest](https://github.com/ublue-os/bluefin/actions/workflows/build-latest-aurora.yml/badge.svg)](https://github.com/ublue-os/bluefin/actions/workflows/build-latest-aurora.yml) -[![Bluefin GTS](https://github.com/ublue-os/bluefin/actions/workflows/build-gts-bluefin.yml/badge.svg)](https://github.com/ublue-os/bluefin/actions/workflows/build-gts-bluefin.yml) [![Bluefin Stable](https://github.com/ublue-os/bluefin/actions/workflows/build-coreos-bluefin.yml/badge.svg)](https://github.com/ublue-os/bluefin/actions/workflows/build-coreos-bluefin.yml) [![Bluefin Latest](https://github.com/ublue-os/bluefin/actions/workflows/build-latest-bluefin.yml/badge.svg)](https://github.com/ublue-os/bluefin/actions/workflows/build-latest-bluefin.yml) +[![Bluefin GTS](https://github.com/ublue-os/bluefin/actions/workflows/build-gts-bluefin.yml/badge.svg)](https://github.com/ublue-os/bluefin/actions/workflows/build-gts-bluefin.yml) [![Bluefin Stable](https://github.com/ublue-os/bluefin/actions/workflows/build-coreos-bluefin.yml/badge.svg)](https://github.com/ublue-os/bluefin/actions/workflows/build-coreos-bluefin.yml) [![Bluefin Latest](https://github.com/ublue-os/bluefin/actions/workflows/build-latest-bluefin.yml/badge.svg)](https://github.com/ublue-os/bluefin/actions/workflows/build-latest-bluefin.yml) ## Bluefin - [projectbluefin.io](https://projectbluefin.io) @@ -12,7 +12,7 @@ > "Evolution is a process of constant branching and expansion." - Stephen Jay Gould -Bluefin strives to cover these two use cases. For end users it provides a system as reliable as a Chromebook with near-zero maintainance, with the power of homebrew, flathub, and a container runtime to give you access to all the best software Open Source has to offer. Check [Introduction to Bluefin](https://universal-blue.discourse.group/t/introduction-to-bluefin/41) for a feature walkthrough. +Bluefin strives to cover these two use cases. For end users it provides a system as reliable as a Chromebook with near-zero maintainance, with the power of homebrew, flathub, and a container runtime to give you access to all the best software Open Source has to offer. Check [Introduction to Bluefin](https://universal-blue.discourse.group/t/introduction-to-bluefin/41) for a feature walkthrough. - [Download Bluefin](https://projectbluefin.io/#scene-picker) @@ -26,7 +26,7 @@ Aurora is a delightful KDE desktop experience for end-users that are looking for ### What's the relationship between Aurora and Bluefin? -Both Aurora and Bluefin strive to offer a curated out of the box experience for users, they only differ in the default desktop and recommended applications: Bluefin uses GNOME, Aurora uses KDE. They are both maintained and built in this repository. +Both Aurora and Bluefin strive to offer a curated out of the box experience for users, they only differ in the default desktop and recommended applications: Bluefin uses GNOME, Aurora uses KDE. They are both maintained and built in this repository. ## Documentation @@ -38,7 +38,7 @@ Both Aurora and Bluefin strive to offer a curated out of the box experience for Secure Boot is supported by default on our systems, providing an additional layer of security. After the first installation, you will be prompted to enroll the secure boot key in the BIOS. -Enter the password `universalblue` +Enter the password `universalblue` when prompted to enroll our key. If this step is not completed during the initial setup, you can manually enroll the key by running the following command in the terminal: @@ -68,4 +68,3 @@ sudo mokutil --import public_key.der Star History Chart - diff --git a/artifacthub-repo.yml b/artifacthub-repo.yml index 33811d72182..a43510cf17a 100644 --- a/artifacthub-repo.yml +++ b/artifacthub-repo.yml @@ -5,4 +5,3 @@ owners: # (optional, used to claim repository ownership) #ignore: # (optional, packages that should not be indexed by Artifact Hub) # - name: package1 # - name: package2 # Exact match - diff --git a/build_files/aurora-changes.sh b/build_files/aurora-changes.sh deleted file mode 100755 index 9520dbb5362..00000000000 --- a/build_files/aurora-changes.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -if [[ "${BASE_IMAGE_NAME}" = "kinoite" ]]; then - ln -sf ../places/distributor-logo.svg /usr/share/icons/hicolor/scalable/apps/start-here.svg - ln -sf /usr/share/wallpapers/jonatan-pie-aurora/contents/images/3944x2770.jxl /usr/share/backgrounds/default.png - ln -sf /usr/share/wallpapers/greg-rakozy-aurora/contents/images/5616x3744.jxl /usr/share/backgrounds/default-dark.png - ln -sf aurora.xml /usr/share/backgrounds/default.xml - sed -i '//,/<\/entry>/ s/[^<]*<\/default>/preferred:\/\/browser,applications:org.gnome.Ptyxis.desktop,applications:org.kde.discover.desktop,preferred:\/\/filemanager<\/default>/' /usr/share/plasma/plasmoids/org.kde.plasma.taskmanager/contents/config/main.xml - sed -i '//,/<\/entry>/ s/[^<]*<\/default>/preferred:\/\/browser,systemsettings.desktop,org.kde.dolphin.desktop,org.kde.kate.desktop,org.gnome.Ptyxis.desktop,org.kde.discover.desktop<\/default>/' /usr/share/plasma/plasmoids/org.kde.plasma.kickoff/contents/config/main.xml - sed -i 's@\[Desktop Action new-window\]@\[Desktop Action new-window\]\nX-KDE-Shortcuts=Ctrl+Alt+T@g' /usr/share/applications/org.gnome.Ptyxis.desktop - sed -i 's@Exec=ptyxis@Exec=kde-ptyxis@g' /usr/share/applications/org.gnome.Ptyxis.desktop - sed -i 's@Keywords=@Keywords=konsole;console;@g' /usr/share/applications/org.gnome.Ptyxis.desktop - cp /usr/share/applications/org.gnome.Ptyxis.desktop /usr/share/kglobalaccel/org.gnome.Ptyxis.desktop - sed -i 's@\[Desktop Entry\]@\[Desktop Entry\]\nNoDisplay=true@g' /usr/share/applications/org.kde.konsole.desktop - sed -i 's@Bluefin@Aurora@g' /usr/share/applications/system-update.desktop - sed -i 's@Bluefin@Aurora@g' /usr/share/ublue-os/motd/tips/10-tips.md - sed -i 's@Bluefin@Aurora@g' /usr/libexec/ublue-flatpak-manager - rm -f /etc/profile.d/gnome-ssh-askpass.{csh,sh} # This shouldn't be pulled in - rm -f /usr/share/kglobalaccel/org.kde.konsole.desktop - systemctl enable kde-sysmonitor-workaround.service - # Test aurora gschema override for errors. If there are no errors, proceed with compiling aurora gschema, which includes setting overrides. - mkdir -p /tmp/aurora-schema-test - find /usr/share/glib-2.0/schemas/ -type f ! -name "*.gschema.override" -exec cp {} /tmp/aurora-schema-test/ \; - cp /usr/share/glib-2.0/schemas/zz0-aurora-modifications.gschema.override /tmp/aurora-schema-test/ - echo "Running error test for aurora gschema override. Aborting if failed." - glib-compile-schemas --strict /tmp/aurora-schema-test - echo "Compiling gschema to include aurora setting overrides" - glib-compile-schemas /usr/share/glib-2.0/schemas &>/dev/null -fi \ No newline at end of file diff --git a/build_files/image-info.sh b/build_files/base/00-image-info.sh similarity index 93% rename from build_files/image-info.sh rename to build_files/base/00-image-info.sh index ebae9fba764..e7adda63bc3 100755 --- a/build_files/image-info.sh +++ b/build_files/base/00-image-info.sh @@ -13,16 +13,15 @@ CODE_NAME="Archaeopteryx" IMAGE_INFO="/usr/share/ublue-os/image-info.json" IMAGE_REF="ostree-image-signed:docker://ghcr.io/$IMAGE_VENDOR/$IMAGE_NAME" -#shellcheck disable=SC2153 -image_flavor="${IMAGE_FLAVOR}" - # Aurora -if [[ "${BASE_IMAGE_NAME}" == "kinoite" ]]; then +if [[ "${BASE_IMAGE_NAME}" =~ kinoite ]]; then IMAGE_PRETTY_NAME="Aurora" HOME_URL="https://getaurora.dev/" fi -if [[ "${NVIDIA_TYPE}" == "nvidia" ]]; then +# Image Flavor +image_flavor="main" +if [[ "${IMAGE_NAME}" =~ nvidia ]]; then image_flavor="nvidia" fi diff --git a/build_files/build-fix.sh b/build_files/base/01-build-fix.sh similarity index 53% rename from build_files/build-fix.sh rename to build_files/base/01-build-fix.sh index 88ff5557a2f..09c2ae0a465 100755 --- a/build_files/build-fix.sh +++ b/build_files/base/01-build-fix.sh @@ -12,14 +12,25 @@ repos=( ) for repo in "${repos[@]}"; do - if [ $(grep -c "enabled=1" /etc/yum.repos.d/${repo}) -eq 0 ]; then - sed -i "0,/enabled=0/{s/enabled=0/enabled=1/}" /etc/yum.repos.d/${repo} + if [[ "$(grep -c "enabled=1" /etc/yum.repos.d/"${repo}")" -eq 0 ]]; then + sed -i "0,/enabled=0/{s/enabled=0/enabled=1/}" /etc/yum.repos.d/"${repo}" fi done +if grep -q "kinoite" <<<"${BASE_IMAGE_NAME}"; then + rpm-ostree override replace \ + --experimental \ + --from repo=updates \ + qt6-qtbase \ + qt6-qtbase-common \ + qt6-qtbase-mysql \ + qt6-qtbase-gui || + true +fi + rpm-ostree override replace \ --experimental \ --from repo=updates \ - elfutils-libelf \ - elfutils-libs \ - || true + elfutils-libelf \ + elfutils-libs || + true diff --git a/build_files/base/02-install-copr-repos.sh b/build_files/base/02-install-copr-repos.sh new file mode 100755 index 00000000000..868885bd313 --- /dev/null +++ b/build_files/base/02-install-copr-repos.sh @@ -0,0 +1,15 @@ + +#!/usr/bin/bash + +set -eoux pipefail + +# Add Staging repo +curl -Lo /etc/yum.repos.d/ublue-os-staging-fedora-"$(rpm -E %fedora)".repo \ + https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-"$(rpm -E %fedora)"/ublue-os-staging-fedora-"$(rpm -E %fedora)".repo + +# Add Switcheroo Repo +curl -Lo /etc/yum.repos.d/_copr_sentry-switcheroo-control_discrete.repo \ + https://copr.fedorainfracloud.org/coprs/sentry/switcheroo-control_discrete/repo/fedora-"$(rpm -E %fedora)"/sentry-switcheroo-control_discrete-fedora-"$(rpm -E %fedora)".repo + +# Add Nerd Fonts Repo +curl -Lo /etc/yum.repos.d/_copr_che-nerd-fonts-"$(rpm -E %fedora)".repo https://copr.fedorainfracloud.org/coprs/che/nerd-fonts/repo/fedora-"$(rpm -E %fedora)"/che-nerd-fonts-fedora-"$(rpm -E %fedora)".repo diff --git a/build_files/base/03-install-kernel-akmods.sh b/build_files/base/03-install-kernel-akmods.sh new file mode 100755 index 00000000000..032ea467500 --- /dev/null +++ b/build_files/base/03-install-kernel-akmods.sh @@ -0,0 +1,90 @@ +#!/usr/bin/bash + +set -eoux pipefail + +# Remove Existing Kernel +for pkg in kernel kernel-core kernel-modules kernel-modules-core kernel-modules-extra +do + rpm --erase $pkg --nodeps +done + +# Fetch Kernel +skopeo copy docker://ghcr.io/ublue-os/"${AKMODS_FLAVOR}"-kernel:"$(rpm -E %fedora)"-"${KERNEL}" dir:/tmp/kernel-rpms +KERNEL_TARGZ=$(jq -r '.layers[].digest' < /tmp/kernel-rpms/manifest.json | cut -d : -f 2) +tar -xvzf /tmp/kernel-rpms/"$KERNEL_TARGZ" -C / +mv /tmp/rpms/* /tmp/kernel-rpms/ + +# Install Kernel +rpm-ostree install \ + /tmp/kernel-rpms/kernel-[0-9]*.rpm \ + /tmp/kernel-rpms/kernel-core-*.rpm \ + /tmp/kernel-rpms/kernel-modules-*.rpm + +# Fetch Common AKMODS +skopeo copy docker://ghcr.io/ublue-os/akmods:"${AKMODS_FLAVOR}"-"$(rpm -E %fedora)"-"${KERNEL}" dir:/tmp/akmods +AKMODS_TARGZ=$(jq -r '.layers[].digest' < /tmp/akmods/manifest.json | cut -d : -f 2) +tar -xvzf /tmp/akmods/"$AKMODS_TARGZ" -C /tmp/ +mv /tmp/rpms/* /tmp/akmods/ + +# Everyone +sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_ublue-os-akmods.repo +rpm-ostree install \ + /tmp/akmods/kmods/*xone*.rpm \ + /tmp/akmods/kmods/*openrazer*.rpm + +if [[ -f $(find /tmp/akmods-rpms/kmods/*framework-laptop*.rpm) ]]; then + rpm-ostree install \ + /tmp/akmods-rpms/kmods/*framework-laptop*.rpm +fi + +# RPMFUSION Dependent AKMODS +rpm-ostree install \ + https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm \ + https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm +rpm-ostree install \ + broadcom-wl /tmp/akmods/kmods/*wl*.rpm \ + v4l2loopback /tmp/akmods/kmods/*v4l2loopback*.rpm +rpm-ostree uninstall rpmfusion-free-release rpmfusion-nonfree-release + +# Nvidia AKMODS +if [[ "${IMAGE_NAME}" =~ nvidia ]]; then + # Fetch Nvidia RPMs + skopeo copy docker://ghcr.io/ublue-os/akmods-nvidia:"${AKMODS_FLAVOR}"-"$(rpm -E %fedora)"-"${KERNEL}" dir:/tmp/akmods-rpms + NVIDIA_TARGZ=$(jq -r '.layers[].digest' < /tmp/akmods-rpms/manifest.json | cut -d : -f 2) + tar -xvzf /tmp/akmods-rpms/"$NVIDIA_TARGZ" -C /tmp/ + mv /tmp/rpms/* /tmp/akmods-rpms/ + + # Install Nvidia RPMs + curl -Lo /tmp/nvidia-install.sh https://raw.githubusercontent.com/ublue-os/hwe/main/nvidia-install.sh + chmod +x /tmp/nvidia-install.sh + IMAGE_NAME="${BASE_IMAGE_NAME}" RPMFUSION_MIRROR="" /tmp/nvidia-install.sh + rm -f /usr/share/vulkan/icd.d/nouveau_icd.*.json +fi + +# ZFS for gts/stable +if [[ ${AKMODS_FLAVOR} =~ coreos ]]; then + # Fetch ZFS RPMs + skopeo copy docker://ghcr.io/ublue-os/akmods-zfs:"${AKMODS_FLAVOR}"-"$(rpm -E %fedora)"-"${KERNEL}" dir:/tmp/akmods-zfs + ZFS_TARGZ=$(jq -r '.layers[].digest' < /tmp/akmods-zfs/manifest.json | cut -d : -f 2) + tar -xvzf /tmp/akmods-zfs/"$ZFS_TARGZ" -C /tmp/ + mv /tmp/rpms/* /tmp/akmods-zfs/ + + # Declare ZFS RPMs + ZFS_RPMS=( + /tmp/akmods-zfs/kmods/zfs/kmod-zfs-"${KERNEL}"-*.rpm + /tmp/akmods-zfs/kmods/zfs/libnvpair3-*.rpm + /tmp/akmods-zfs/kmods/zfs/libuutil3-*.rpm + /tmp/akmods-zfs/kmods/zfs/libzfs5-*.rpm + /tmp/akmods-zfs/kmods/zfs/libzpool5-*.rpm + /tmp/akmods-zfs/kmods/zfs/python3-pyzfs-*.rpm + /tmp/akmods-zfs/kmods/zfs/zfs-*.rpm + pv + ) + + # Install + rpm-ostree install "${ZFS_RPMS[@]}" + + # Depmod and autoload + depmod -a -v "${KERNEL}" + echo "zfs" > /usr/lib/modules-load.d/zfs.conf +fi diff --git a/build_files/packages.sh b/build_files/base/04-packages.sh similarity index 100% rename from build_files/packages.sh rename to build_files/base/04-packages.sh diff --git a/build_files/base/05-override-install.sh b/build_files/base/05-override-install.sh new file mode 100755 index 00000000000..f84b64b004a --- /dev/null +++ b/build_files/base/05-override-install.sh @@ -0,0 +1,74 @@ +#!/usr/bin/bash + +set -eoux pipefail + +# Patched shells +if [[ "${BASE_IMAGE_NAME}" =~ silverblue ]]; then + rpm-ostree override replace \ + --experimental \ + --from repo=copr:copr.fedorainfracloud.org:ublue-os:staging \ + gnome-shell +elif [[ "${BASE_IMAGE_NAME}" =~ kinoite ]]; then + rpm-ostree override replace \ + --experimental \ + --from repo=copr:copr.fedorainfracloud.org:ublue-os:staging \ + kf6-kio-doc \ + kf6-kio-widgets-libs \ + kf6-kio-core-libs \ + kf6-kio-widgets \ + kf6-kio-file-widgets \ + kf6-kio-core \ + kf6-kio-gui +fi + +# GNOME Triple Buffering +if [[ "${BASE_IMAGE_NAME}" =~ silverblue && "${FEDORA_MAJOR_VERSION}" -lt "41" ]]; then + rpm-ostree override replace \ + --experimental \ + --from repo=copr:copr.fedorainfracloud.org:ublue-os:staging \ + mutter \ + mutter-common +fi + +# Fix for ID in fwupd +rpm-ostree override replace \ + --experimental \ + --from repo=copr:copr.fedorainfracloud.org:ublue-os:staging \ + fwupd \ + fwupd-plugin-flashrom \ + fwupd-plugin-modem-manager \ + fwupd-plugin-uefi-capsule-data + +# Switcheroo patch +rpm-ostree override replace \ + --experimental \ + --from repo=copr:copr.fedorainfracloud.org:sentry:switcheroo-control_discrete \ + switcheroo-control + +rm /etc/yum.repos.d/_copr_sentry-switcheroo-control_discrete.repo + +# Starship Shell Prompt +curl -Lo /tmp/starship.tar.gz "https://github.com/starship/starship/releases/latest/download/starship-x86_64-unknown-linux-gnu.tar.gz" +tar -xzf /tmp/starship.tar.gz -C /tmp +install -c -m 0755 /tmp/starship /usr/bin +# shellcheck disable=SC2016 +echo 'eval "$(starship init bash)"' >> /etc/bashrc + +# Bash Prexec +curl -Lo /usr/share/bash-prexec https://raw.githubusercontent.com/rcaloras/bash-preexec/master/bash-preexec.sh + +# Topgrade Install +pip install --prefix=/usr topgrade + +# Install ublue-update -- breaks with packages.json due to missing topgrade +rpm-ostree install ublue-update + +# Consolidate Just Files +find /tmp/just -iname '*.just' -exec printf "\n\n" \; -exec cat {} \; >> /usr/share/ublue-os/just/60-custom.just + +# Move over ublue-update config +mv -f /tmp/ublue-update.toml /usr/etc/ublue-update/ublue-update.toml + +# Register Fonts +fc-cache -f /usr/share/fonts/ubuntu +fc-cache -f /usr/share/fonts/inter diff --git a/build_files/fetch-quadlets.sh b/build_files/base/06-fetch-quadlets.sh similarity index 93% rename from build_files/fetch-quadlets.sh rename to build_files/base/06-fetch-quadlets.sh index 93689f5c2da..57eef59dfc4 100755 --- a/build_files/fetch-quadlets.sh +++ b/build_files/base/06-fetch-quadlets.sh @@ -6,19 +6,19 @@ set -ouex pipefail mkdir -p /etc/containers/systemd/users # bluefin-cli -curl -Lo /etc/containers/systemd/users/bluefin-cli.container https://raw.githubusercontent.com/ublue-os/toolboxes/main/quadlets/bluefin-cli/bluefin-cli.container +curl -Lo /etc/containers/systemd/users/bluefin-cli.container https://raw.githubusercontent.com/ublue-os/toolboxes/main/quadlets/bluefin-cli/bluefin-cli.container sed -i 's/ContainerName=bluefin/ContainerName=bluefin-cli/' /etc/containers/systemd/users/bluefin-cli.container # bluefin-dx-cli -curl -Lo /etc/containers/systemd/users/bluefin-dx-cli.container https://raw.githubusercontent.com/ublue-os/toolboxes/main/quadlets/bluefin-cli/bluefin-dx-cli.container +curl -Lo /etc/containers/systemd/users/bluefin-dx-cli.container https://raw.githubusercontent.com/ublue-os/toolboxes/main/quadlets/bluefin-cli/bluefin-dx-cli.container sed -i 's/ContainerName=bluefin/ContainerName=bluefin-dx-cli/' /etc/containers/systemd/users/bluefin-dx-cli.container # fedora-toolbox -curl -Lo /etc/containers/systemd/users/fedora-toolbox.container https://raw.githubusercontent.com/ublue-os/toolboxes/main/quadlets/fedora-toolbox/fedora-distrobox-quadlet.container +curl -Lo /etc/containers/systemd/users/fedora-toolbox.container https://raw.githubusercontent.com/ublue-os/toolboxes/main/quadlets/fedora-toolbox/fedora-distrobox-quadlet.container sed -i 's/ContainerName=fedora-distrobox-quadlet/ContainerName=fedora-toolbox/' /etc/containers/systemd/users/fedora-toolbox.container # ubuntu-toolbox -curl -Lo /etc/containers/systemd/users/ubuntu-toolbox.container https://raw.githubusercontent.com/ublue-os/toolboxes/main/quadlets/ubuntu-toolbox/ubuntu-distrobox-quadlet.container +curl -Lo /etc/containers/systemd/users/ubuntu-toolbox.container https://raw.githubusercontent.com/ublue-os/toolboxes/main/quadlets/ubuntu-toolbox/ubuntu-distrobox-quadlet.container sed -i 's/ContainerName=ubuntu-distrobox-quadlet/ContainerName=ubuntu-toolbox/' /etc/containers/systemd/users/ubuntu-toolbox.container # wolfi-toolbox @@ -33,7 +33,7 @@ sed -i 's/ContainerName=wolfi-quadlet/ContainerName=wolfi-dx-toolbox/' /etc/cont printf "\nVolume=/home/linuxbrew:/home/linuxbrew:rslave\nVolume=/etc/profile.d/brew.sh:/etc/profile.d/brew.sh:ro\nVolume=/usr/share/fish/vendor_conf.d/brew.fish:/usr/share/fish/vendor_conf.d/brew.fish:ro\n" >> /etc/containers/systemd/users/ubuntu-toolbox.container printf "\nVolume=/home/linuxbrew:/home/linuxbrew:rslave\nVolume=/etc/profile.d/brew.sh:/etc/profile.d/brew.sh:ro\nVolume=/usr/share/fish/vendor_conf.d/brew.fish:/usr/share/fish/vendor_conf.d/brew.fish:ro\n" >> /etc/containers/systemd/users/fedora-toolbox.container -# Make systemd targets +# Make systemd targets mkdir -p /usr/lib/systemd/user QUADLET_TARGETS=( "bluefin-cli" diff --git a/build_files/base/07-base-image-changes.sh b/build_files/base/07-base-image-changes.sh new file mode 100755 index 00000000000..4b2bbc7ca30 --- /dev/null +++ b/build_files/base/07-base-image-changes.sh @@ -0,0 +1,95 @@ +#!/usr/bin/bash + +set -ouex pipefail + +if [[ "${BASE_IMAGE_NAME}" = "kinoite" ]]; then + # Branding for flatpak manager + sed -i 's/Bluefin/Aurora/' /usr/libexec/ublue-flatpak-manager + + # Restore x11 for Nvidia Images + if [[ "${FEDORA_MAJOR_VERSION}" -eq "40" ]]; then + rpm-ostree install plasma-workspace-x11 + fi + + # Branding for Images + ln -sf ../places/distributor-logo.svg /usr/share/icons/hicolor/scalable/apps/start-here.svg + ln -sf /usr/share/wallpapers/jonatan-pie-aurora/contents/images/3944x2770.jxl /usr/share/backgrounds/default.png + ln -sf /usr/share/wallpapers/greg-rakozy-aurora/contents/images/5616x3744.jxl /usr/share/backgrounds/default-dark.png + ln -sf aurora.xml /usr/share/backgrounds/default.xml + + # Favorites in Kickoff + sed -i '//,/<\/entry>/ s/[^<]*<\/default>/preferred:\/\/browser,applications:org.gnome.Ptyxis.desktop,applications:org.kde.discover.desktop,preferred:\/\/filemanager<\/default>/' /usr/share/plasma/plasmoids/org.kde.plasma.taskmanager/contents/config/main.xml + sed -i '//,/<\/entry>/ s/[^<]*<\/default>/preferred:\/\/browser,systemsettings.desktop,org.kde.dolphin.desktop,org.kde.kate.desktop,org.gnome.Ptyxis.desktop,org.kde.discover.desktop<\/default>/' /usr/share/plasma/plasmoids/org.kde.plasma.kickoff/contents/config/main.xml + + # Ptyxis Terminal + sed -i 's@\[Desktop Action new-window\]@\[Desktop Action new-window\]\nX-KDE-Shortcuts=Ctrl+Alt+T@g' /usr/share/applications/org.gnome.Ptyxis.desktop + sed -i 's@Exec=ptyxis@Exec=kde-ptyxis@g' /usr/share/applications/org.gnome.Ptyxis.desktop + sed -i 's@Keywords=@Keywords=konsole;console;@g' /usr/share/applications/org.gnome.Ptyxis.desktop + cp /usr/share/applications/org.gnome.Ptyxis.desktop /usr/share/kglobalaccel/org.gnome.Ptyxis.desktop + sed -i 's@\[Desktop Entry\]@\[Desktop Entry\]\nNoDisplay=true@g' /usr/share/applications/org.kde.konsole.desktop + + # Rebrand to Aurora + sed -i 's@Bluefin@Aurora@g' /usr/share/applications/system-update.desktop + sed -i 's@Bluefin@Aurora@g' /usr/share/ublue-os/motd/tips/10-tips.md + sed -i 's@Bluefin@Aurora@g' /usr/libexec/ublue-flatpak-manager + + rm -f /etc/profile.d/gnome-ssh-askpass.{csh,sh} # This shouldn't be pulled in + rm -f /usr/share/kglobalaccel/org.kde.konsole.desktop + systemctl enable kde-sysmonitor-workaround.service + + # Get Default Font since font fallback doesn't work + curl --output-dir /tmp -LO https://github.com/ryanoasis/nerd-fonts/releases/download/v3.2.1/FiraCode.zip + mkdir -p /usr/share/fonts/fira-nf + unzip /tmp/FiraCode.zip -d /usr/share/fonts/fira-nf + fc-cache -f /usr/share/fonts/fira-nf + + # Test aurora gschema override for errors. If there are no errors, proceed with compiling aurora gschema, which includes setting overrides. + mkdir -p /tmp/aurora-schema-test + find /usr/share/glib-2.0/schemas/ -type f ! -name "*.gschema.override" -exec cp {} /tmp/aurora-schema-test/ \; + cp /usr/share/glib-2.0/schemas/zz0-aurora-modifications.gschema.override /tmp/aurora-schema-test/ + echo "Running error test for aurora gschema override. Aborting if failed." + glib-compile-schemas --strict /tmp/aurora-schema-test + echo "Compiling gschema to include aurora setting overrides" + glib-compile-schemas /usr/share/glib-2.0/schemas &>/dev/null + +elif [[ "${BASE_IMAGE_NAME}" = "silverblue" ]]; then + + # Remove desktop entries + if [[ -f /usr/share/applications/gnome-system-monitor.desktop ]]; then + sed -i 's@\[Desktop Entry\]@\[Desktop Entry\]\nHidden=true@g' /usr/share/applications/gnome-system-monitor.desktop + fi + if [[ -f /usr/share/applications/org.gnome.SystemMonitor.desktop ]]; then + sed -i 's@\[Desktop Entry\]@\[Desktop Entry\]\nHidden=true@g' /usr/share/applications/org.gnome.SystemMonitor.desktop + fi + + # GNOME Terminal is replaced with Ptyxis in F41+ + if [[ "${FEDORA_MAJOR_VERSION}" -lt "41" ]]; then + sed -i 's@\[Desktop Entry\]@\[Desktop Entry\]\nNoDisplay=true@g' /usr/share/applications/org.gnome.Terminal.desktop + sed -i 's@accent-color="slate"@@g' /usr/share/glib-2.0/schemas/zz0-bluefin-modifications.gschema.override + sed -i 's@'", "\''xwayland-native-scaling'\''@@g' /usr/share/glib-2.0/schemas/zz0-bluefin-modifications.gschema.override + fi + + # Create symlinks from old to new wallpaper names for backwards compatibility + ln -s "/usr/share/backgrounds/bluefin/01-bluefin.xml" "/usr/share/backgrounds/bluefin/bluefin-winter-dynamic.xml" + ln -s "/usr/share/backgrounds/bluefin/04-bluefin.xml" "/usr/share/backgrounds/bluefin/bluefin-spring-dynamic.xml" + ln -s "/usr/share/backgrounds/bluefin/08-bluefin.xml" "/usr/share/backgrounds/bluefin/bluefin-summer-dynamic.xml" + ln -s "/usr/share/backgrounds/bluefin/11-bluefin.xml" "/usr/share/backgrounds/bluefin/bluefin-autumn-dynamic.xml" + ln -s "/usr/share/backgrounds/xe_clouds.jxl" "/usr/share/backgrounds/xe_clouds.jpeg" + ln -s "/usr/share/backgrounds/xe_foothills.jxl" "/usr/share/backgrounds/xe_foothills.jpeg" + ln -s "/usr/share/backgrounds/xe_space_needle.jxl" "/usr/share/backgrounds/xe_space_needle.jpeg" + ln -s "/usr/share/backgrounds/xe_sunset.jxl" "/usr/share/backgrounds/xe_sunset.jpeg" + + # Test bluefin gschema override for errors. If there are no errors, proceed with compiling bluefin gschema, which includes setting overrides. + mkdir -p /tmp/bluefin-schema-test + find /usr/share/glib-2.0/schemas/ -type f ! -name "*.gschema.override" -exec cp {} /tmp/bluefin-schema-test/ \; + cp /usr/share/glib-2.0/schemas/zz0-bluefin-modifications.gschema.override /tmp/bluefin-schema-test/ + echo "Running error test for bluefin gschema override. Aborting if failed." + # We are omitting "--strict" from the schema validation since GNOME <47 do not contain the accent-color keys. + # We should ideally refactor this to handle multiple GNOME version schemas better + glib-compile-schemas --strict /tmp/bluefin-schema-test + echo "Compiling gschema to include bluefin setting overrides" + glib-compile-schemas /usr/share/glib-2.0/schemas &>/dev/null +fi + +# Watermark for Plymouth +cp /usr/share/plymouth/themes/spinner/{"$BASE_IMAGE_NAME"-,}watermark.png diff --git a/build_files/firmware.sh b/build_files/base/08-firmware.sh similarity index 97% rename from build_files/firmware.sh rename to build_files/base/08-firmware.sh index 572dde0bfaa..0dca6ac801a 100755 --- a/build_files/firmware.sh +++ b/build_files/base/08-firmware.sh @@ -1,6 +1,6 @@ #!/usr/bin/bash -set -xeuo pipefail +set -eoux pipefail mkdir -p /tmp/mediatek-firmware curl -Lo /tmp/mediatek-firmware/WIFI_MT7922_patch_mcu_1_1_hdr.bin https://gitlab.com/kernel-firmware/linux-firmware/-/raw/8f08053b2a7474e210b03dbc2b4ba59afbe98802/mediatek/WIFI_MT7922_patch_mcu_1_1_hdr.bin?inline=false diff --git a/build_files/base/09-hwe-additions.sh b/build_files/base/09-hwe-additions.sh new file mode 100755 index 00000000000..3bbd4e1e774 --- /dev/null +++ b/build_files/base/09-hwe-additions.sh @@ -0,0 +1,40 @@ +#!/usr/bin/bash + +set -eoux pipefail + +if [[ "${IMAGE_NAME}" =~ hwe ]]; then + echo "HWE image detected, installing HWE packages" +else + echo "Standard image detected, skipping HWE packages" + exit 0 +fi + +# Asus/Surface for HWE +curl -Lo /etc/yum.repos.d/_copr_lukenukem-asus-linux.repo \ + https://copr.fedorainfracloud.org/coprs/lukenukem/asus-linux/repo/fedora-$(rpm -E %fedora)/lukenukem-asus-linux-fedora-$(rpm -E %fedora).repo + +curl -Lo /etc/yum.repos.d/linux-surface.repo \ + https://pkg.surfacelinux.com/fedora/linux-surface.repo + +# Asus Firmware +git clone https://gitlab.com/asus-linux/firmware.git --depth 1 /tmp/asus-firmware +cp -rf /tmp/asus-firmware/* /usr/lib/firmware/ +rm -rf /tmp/asus-firmware + +ASUS_PACKAGES=( + asusctl + asusctl-rog-gui +) + +SURFACE_PACKAGES=( + iptsd + libcamera + libcamera-tools + libcamera-gstreamer + libcamera-ipa + pipewire-plugin-libcamera +) + +rpm-ostree install \ + "${ASUS_PACKAGES[@]}" \ + "${SURFACE_PACKAGES[@]}" diff --git a/build_files/brew.sh b/build_files/base/10-brew.sh similarity index 100% rename from build_files/brew.sh rename to build_files/base/10-brew.sh diff --git a/build_files/bootc.sh b/build_files/base/16-bootc.sh similarity index 100% rename from build_files/bootc.sh rename to build_files/base/16-bootc.sh diff --git a/build_files/cleanup.sh b/build_files/base/17-cleanup.sh similarity index 68% rename from build_files/cleanup.sh rename to build_files/base/17-cleanup.sh index b4cc3138a99..aa9df2cc75d 100755 --- a/build_files/cleanup.sh +++ b/build_files/base/17-cleanup.sh @@ -1,6 +1,21 @@ #!/usr/bin/bash -set -ouex pipefail +set -eoux pipefail + +# Setup Systemd +systemctl enable rpm-ostree-countme.service +systemctl enable tailscaled.service +systemctl enable dconf-update.service +systemctl --global enable ublue-flatpak-manager.service +systemctl enable ublue-update.timer +systemctl enable ublue-system-setup.service +systemctl enable ublue-guest-user.service +systemctl enable brew-setup.service +systemctl enable brew-upgrade.timer +systemctl enable brew-update.timer +systemctl --global enable ublue-user-setup.service +systemctl --global enable podman-auto-update.timer +systemctl enable check-sb-key.service # Hide Desktop Files. Hidden removes mime associations sed -i 's@\[Desktop Entry\]@\[Desktop Entry\]\nHidden=true@g' /usr/share/applications/fish.desktop @@ -14,7 +29,6 @@ rm -f /etc/xdg/autostart/solaar.desktop sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/negativo17-fedora-multimedia.repo sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/tailscale.repo sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/charm.repo -sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/ublue-os-bling-fedora-"${FEDORA_MAJOR_VERSION}".repo sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_che-nerd-fonts-"${FEDORA_MAJOR_VERSION}".repo sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/_copr_ublue-os-akmods.repo diff --git a/build_files/base/18-workarounds.sh b/build_files/base/18-workarounds.sh new file mode 100755 index 00000000000..d8158777a08 --- /dev/null +++ b/build_files/base/18-workarounds.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +set -eoux pipefail + +# alternatives cannot create symlinks on its own during a container build +if [[ -f /usr/bin/ld.bfd ]]; then + ln -sf /usr/bin/ld.bfd /etc/alternatives/ld && ln -sf /etc/alternatives/ld /usr/bin/ld +fi diff --git a/build_files/initramfs.sh b/build_files/base/19-initramfs.sh similarity index 100% rename from build_files/initramfs.sh rename to build_files/base/19-initramfs.sh diff --git a/build_files/bluefin-changes.sh b/build_files/bluefin-changes.sh deleted file mode 100755 index fab72c75df6..00000000000 --- a/build_files/bluefin-changes.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -if [[ "${BASE_IMAGE_NAME}" = "silverblue" ]]; then - # Remove desktop entries - if [[ -f /usr/share/applications/gnome-system-monitor.desktop ]]; then - sed -i 's@\[Desktop Entry\]@\[Desktop Entry\]\nHidden=true@g' /usr/share/applications/gnome-system-monitor.desktop - fi - if [[ -f /usr/share/applications/org.gnome.SystemMonitor.desktop ]]; then - sed -i 's@\[Desktop Entry\]@\[Desktop Entry\]\nHidden=true@g' /usr/share/applications/org.gnome.SystemMonitor.desktop - fi - - # Workarounds for versions pre F41 - if [[ "${FEDORA_MAJOR_VERSION}" -lt "41" ]]; then - # GNOME Terminal is replaced with Ptyxis in F41+ - sed -i 's@\[Desktop Entry\]@\[Desktop Entry\]\nNoDisplay=true@g' /usr/share/applications/org.gnome.Terminal.desktop - - # Remove incompatible schema modifications - sed -i 's@accent-color="slate"@@g' /usr/share/glib-2.0/schemas/zz0-bluefin-modifications.gschema.override - sed -i 's@'", "\''xwayland-native-scaling'\''@@g' /usr/share/glib-2.0/schemas/zz0-bluefin-modifications.gschema.override - fi - - # Create symlinks from old to new wallpaper names for backwards compatibility - ln -s "/usr/share/backgrounds/bluefin/01-bluefin.xml" "/usr/share/backgrounds/bluefin/bluefin-winter-dynamic.xml" - ln -s "/usr/share/backgrounds/bluefin/04-bluefin.xml" "/usr/share/backgrounds/bluefin/bluefin-spring-dynamic.xml" - ln -s "/usr/share/backgrounds/bluefin/08-bluefin.xml" "/usr/share/backgrounds/bluefin/bluefin-summer-dynamic.xml" - ln -s "/usr/share/backgrounds/bluefin/11-bluefin.xml" "/usr/share/backgrounds/bluefin/bluefin-autumn-dynamic.xml" - ln -s "/usr/share/backgrounds/xe_clouds.jxl" "/usr/share/backgrounds/xe_clouds.jpeg" - ln -s "/usr/share/backgrounds/xe_foothills.jxl" "/usr/share/backgrounds/xe_foothills.jpeg" - ln -s "/usr/share/backgrounds/xe_space_needle.jxl" "/usr/share/backgrounds/xe_space_needle.jpeg" - ln -s "/usr/share/backgrounds/xe_sunset.jxl" "/usr/share/backgrounds/xe_sunset.jpeg" - - # Test bluefin gschema override for errors. If there are no errors, proceed with compiling bluefin gschema, which includes setting overrides. - mkdir -p /tmp/bluefin-schema-test - find /usr/share/glib-2.0/schemas/ -type f ! -name "*.gschema.override" -exec cp {} /tmp/bluefin-schema-test/ \; - cp /usr/share/glib-2.0/schemas/zz0-bluefin-modifications.gschema.override /tmp/bluefin-schema-test/ - echo "Running error test for bluefin gschema override. Aborting if failed." - # We are omitting "--strict" from the schema validation since GNOME <47 do not contain the accent-color keys. - # We should ideally refactor this to handle multiple GNOME version schemas better - glib-compile-schemas --strict /tmp/bluefin-schema-test - echo "Compiling gschema to include bluefin setting overrides" - glib-compile-schemas /usr/share/glib-2.0/schemas &>/dev/null -fi diff --git a/build_files/branding-dx.sh b/build_files/branding-dx.sh deleted file mode 100755 index 7a99b83ce06..00000000000 --- a/build_files/branding-dx.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -if test "$BASE_IMAGE_NAME" = "silverblue"; then - sed -i '/^PRETTY_NAME/s/Bluefin/Bluefin-dx/' /usr/lib/os-release - sed -i 's/Bluefin/Bluefin-dx/' /etc/yafti.yml -elif test "$BASE_IMAGE_NAME" = "kinoite"; then - sed -i '/^PRETTY_NAME/s/Aurora/Aurora-dx/' /usr/lib/os-release - sed -i 's/Aurora/Aurora-dx/' /etc/yafti.yml - sed -i 's/Aurora/Aurora-DX/' /usr/share/kde-settings/kde-profile/default/xdg/kcm-about-distrorc -fi diff --git a/build_files/branding.sh b/build_files/branding.sh deleted file mode 100755 index 52e110153b3..00000000000 --- a/build_files/branding.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -# Branding for Bluefin/Aurora -if test "$BASE_IMAGE_NAME" = "kinoite"; then - sed -i 's/Bluefin/Aurora/g' /etc/yafti.yml - sed -i 's/Aurora (Beta)/Aurora \- Bluefin\-KDE (Alpha)/' /etc/yafti.yml - sed -i 's/Bluefin/Aurora/' /usr/libexec/ublue-flatpak-manager -fi - -# Watermark for Plymouth -cp /usr/share/plymouth/themes/spinner/{"$BASE_IMAGE_NAME"-,}watermark.png diff --git a/build_files/build-base.sh b/build_files/build-base.sh deleted file mode 100755 index be17db91519..00000000000 --- a/build_files/build-base.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/bash -# shellcheck disable=SC1091 - -set -ouex pipefail - -cp -r /ctx/just /tmp/just -cp /ctx/packages.json /tmp/packages.json -cp /ctx/system_files/shared/etc/ublue-update/ublue-update.toml /tmp/ublue-update.toml - -rsync -rvK /ctx/system_files/shared/ / -rsync -rvK /ctx/system_files/"${BASE_IMAGE_NAME}"/ / - -/ctx/build_files/build-fix.sh -/ctx/build_files/firmware.sh -/ctx/build_files/cache_kernel.sh -/ctx/build_files/copr-repos.sh -/ctx/build_files/install-akmods.sh -/ctx/build_files/packages.sh -/ctx/build_files/nvidia.sh -/ctx/build_files/image-info.sh -/ctx/build_files/fetch-install.sh -/ctx/build_files/brew.sh -/ctx/build_files/fetch-quadlets.sh -/ctx/build_files/font-install.sh -/ctx/build_files/systemd.sh -/ctx/build_files/bluefin-changes.sh -/ctx/build_files/aurora-changes.sh -/ctx/build_files/branding.sh -/ctx/build_files/initramfs.sh -/ctx/build_files/bootc.sh -/ctx/build_files/cleanup.sh diff --git a/build_files/build-dx.sh b/build_files/build-dx.sh deleted file mode 100755 index c97e934abd7..00000000000 --- a/build_files/build-dx.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/usr/bin/bash -# shellcheck disable=SC1091 - -set -ouex pipefail - -# Apply IP Forwarding before installing Docker to prevent messing with LXC networking -sysctl -p - -cp /ctx/packages.json /tmp/packages.json -rsync -rvK /ctx/system_files/dx/ / - -/ctx/build_files/copr-repos-dx.sh -/ctx/build_files/install-akmods-dx.sh -/ctx/build_files/packages-dx.sh -/ctx/build_files/image-info.sh -/ctx/build_files/fetch-install-dx.sh -/ctx/build_files/fonts-dx.sh -/ctx/build_files/workarounds.sh -/ctx/build_files/systemd-dx.sh -/ctx/build_files/branding-dx.sh -/ctx/build_files/cleanup-dx.sh diff --git a/build_files/cache_kernel.sh b/build_files/cache_kernel.sh deleted file mode 100755 index 49a764a73dd..00000000000 --- a/build_files/cache_kernel.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/bash - -set -eoux pipefail - -if [[ "${AKMODS_FLAVOR}" == "main" || "${AKMODS_FLAVOR}" =~ "coreos-" ]]; then - for pkg in kernel kernel-core kernel-modules kernel-modules-core kernel-modules-extra - do - rpm --erase $pkg --nodeps - done - - rpm-ostree install \ - /tmp/kernel-rpms/kernel-[0-9]*.rpm \ - /tmp/kernel-rpms/kernel-core-*.rpm \ - /tmp/kernel-rpms/kernel-modules-*.rpm -fi diff --git a/build_files/copr-repos-dx.sh b/build_files/copr-repos-dx.sh deleted file mode 100755 index b7ee7088e32..00000000000 --- a/build_files/copr-repos-dx.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -#incus, lxc, lxd -curl -Lo /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo https://copr.fedorainfracloud.org/coprs/ganto/lxc4/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo - -#umoci -curl -Lo /etc/yum.repos.d/ganto-umoci-fedora-"${FEDORA_MAJOR_VERSION}".repo https://copr.fedorainfracloud.org/coprs/ganto/umoci/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ganto-umoci-fedora-"${FEDORA_MAJOR_VERSION}".repo - - -#ublue-os staging -curl -Lo /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo - -#karmab-kcli -curl -Lo /etc/yum.repos.d/karmab-kcli-fedora-"${FEDORA_MAJOR_VERSION}".repo https://copr.fedorainfracloud.org/coprs/karmab/kcli/repo/fedora-"${FEDORA_MAJOR_VERSION}"/karmab-kcli-fedora-"${FEDORA_MAJOR_VERSION}".repo - -# Fonts -curl -Lo /etc/yum.repos.d/atim-ubuntu-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo https://copr.fedorainfracloud.org/coprs/atim/ubuntu-fonts/repo/fedora-"${FEDORA_MAJOR_VERSION}"/atim-ubuntu-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo - -# Kvmfr module -curl -Lo /etc/yum.repos.d/hikariknight-looking-glass-kvmfr-fedora-"${FEDORA_MAJOR_VERSION}".repo https://copr.fedorainfracloud.org/coprs/hikariknight/looking-glass-kvmfr/repo/fedora-"${FEDORA_MAJOR_VERSION}"/hikariknight-looking-glass-kvmfr-fedora-"${FEDORA_MAJOR_VERSION}".repo diff --git a/build_files/copr-repos.sh b/build_files/copr-repos.sh deleted file mode 100755 index dc59225d0ee..00000000000 --- a/build_files/copr-repos.sh +++ /dev/null @@ -1,90 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -# Add Staging repo -curl -Lo /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo - -# Add Bling repo -curl -Lo /etc/yum.repos.d/ublue-os-bling-fedora-"${FEDORA_MAJOR_VERSION}".repo https://copr.fedorainfracloud.org/coprs/ublue-os/bling/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ublue-os-bling-fedora-"${FEDORA_MAJOR_VERSION}".repo - -# 39 Ptyxis -if [ "${FEDORA_MAJOR_VERSION}" -eq "39" ]; then - rpm-ostree override replace \ - --experimental \ - --from repo=copr:copr.fedorainfracloud.org:ublue-os:staging \ - gtk4 \ - vte291 \ - libadwaita \ - mutter \ - mutter-common \ - gnome-control-center \ - gnome-control-center-filesystem - rpm-ostree install ptyxis -fi - -# Patched switcheroo -# Add repo -curl -Lo /etc/yum.repos.d/_copr_sentry-switcheroo-control_discrete.repo https://copr.fedorainfracloud.org/coprs/sentry/switcheroo-control_discrete/repo/fedora-"${FEDORA_MAJOR_VERSION}"/sentry-switcheroo-control_discrete-fedora-"${FEDORA_MAJOR_VERSION}".repo - -# Patched shells -if [[ "${BASE_IMAGE_NAME}" = "silverblue" ]]; then - rpm-ostree override replace \ - --experimental \ - --from repo=copr:copr.fedorainfracloud.org:ublue-os:staging \ - gnome-shell -elif [[ "${BASE_IMAGE_NAME}" = "kinoite" && "${FEDORA_MAJOR_VERSION}" -gt "39" ]]; then - rpm-ostree override replace \ - --experimental \ - --from repo=copr:copr.fedorainfracloud.org:ublue-os:staging \ - kf6-kio-doc \ - kf6-kio-widgets-libs \ - kf6-kio-core-libs \ - kf6-kio-widgets \ - kf6-kio-file-widgets \ - kf6-kio-core \ - kf6-kio-gui -elif [[ "${BASE_IMAGE_NAME}" = "kinoite" ]]; then - rpm-ostree override replace \ - --experimental \ - --from repo=copr:copr.fedorainfracloud.org:ublue-os:staging \ - kf5-kio-ntlm \ - kf5-kio-doc \ - kf5-kio-widgets-libs \ - kf5-kio-core-libs \ - kf5-kio-widgets \ - kf5-kio-file-widgets \ - kf5-kio-core \ - kf5-kio-gui -fi - -# GNOME Triple Buffering -if [[ "${BASE_IMAGE_NAME}" = "silverblue" && "${FEDORA_MAJOR_VERSION}" -gt "39" && "${FEDORA_MAJOR_VERSION}" -ne "41" ]]; then - rpm-ostree override replace \ - --experimental \ - --from repo=copr:copr.fedorainfracloud.org:ublue-os:staging \ - mutter \ - mutter-common -fi - -# Fix for ID in fwupd -if [[ "${FEDORA_MAJOR_VERSION}" -gt "39" ]]; then - rpm-ostree override replace \ - --experimental \ - --from repo=copr:copr.fedorainfracloud.org:ublue-os:staging \ - fwupd \ - fwupd-plugin-flashrom \ - fwupd-plugin-modem-manager \ - fwupd-plugin-uefi-capsule-data -fi - -# Switcheroo patch -rpm-ostree override replace \ - --experimental \ - --from repo=copr:copr.fedorainfracloud.org:sentry:switcheroo-control_discrete \ - switcheroo-control - -rm /etc/yum.repos.d/_copr_sentry-switcheroo-control_discrete.repo - -# Add Nerd Fonts -curl -Lo /etc/yum.repos.d/_copr_che-nerd-fonts-"${FEDORA_MAJOR_VERSION}".repo https://copr.fedorainfracloud.org/coprs/che/nerd-fonts/repo/fedora-"${FEDORA_MAJOR_VERSION}"/che-nerd-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo diff --git a/build_files/dx/01-install-copr-repos-dx.sh b/build_files/dx/01-install-copr-repos-dx.sh new file mode 100755 index 00000000000..c2ff4a4c591 --- /dev/null +++ b/build_files/dx/01-install-copr-repos-dx.sh @@ -0,0 +1,29 @@ +#!/usr/bin/bash + +set -eoux pipefail + +#incus, lxc, lxd +if [[ "${FEDORA_MAJOR_VERSION}" -lt "41" ]]; then + curl -Lo /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo \ + https://copr.fedorainfracloud.org/coprs/ganto/lxc4/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo +fi + +#umoci +curl -Lo /etc/yum.repos.d/ganto-umoci-fedora-"${FEDORA_MAJOR_VERSION}".repo \ + https://copr.fedorainfracloud.org/coprs/ganto/umoci/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ganto-umoci-fedora-"${FEDORA_MAJOR_VERSION}".repo + +#ublue-os staging +curl -Lo /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo \ + https://copr.fedorainfracloud.org/coprs/ublue-os/staging/repo/fedora-"${FEDORA_MAJOR_VERSION}"/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo + +#karmab-kcli +curl -Lo /etc/yum.repos.d/karmab-kcli-fedora-"${FEDORA_MAJOR_VERSION}".repo \ + https://copr.fedorainfracloud.org/coprs/karmab/kcli/repo/fedora-"${FEDORA_MAJOR_VERSION}"/karmab-kcli-fedora-"${FEDORA_MAJOR_VERSION}".repo + +# Fonts +curl -Lo /etc/yum.repos.d/atim-ubuntu-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo \ + https://copr.fedorainfracloud.org/coprs/atim/ubuntu-fonts/repo/fedora-"${FEDORA_MAJOR_VERSION}"/atim-ubuntu-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo + +# Kvmfr module +curl -Lo /etc/yum.repos.d/hikariknight-looking-glass-kvmfr-fedora-"${FEDORA_MAJOR_VERSION}".repo \ + https://copr.fedorainfracloud.org/coprs/hikariknight/looking-glass-kvmfr/repo/fedora-"${FEDORA_MAJOR_VERSION}"/hikariknight-looking-glass-kvmfr-fedora-"${FEDORA_MAJOR_VERSION}".repo diff --git a/build_files/dx/02-install-kernel-akmods-dx.sh b/build_files/dx/02-install-kernel-akmods-dx.sh new file mode 100755 index 00000000000..5cc8d11b5ad --- /dev/null +++ b/build_files/dx/02-install-kernel-akmods-dx.sh @@ -0,0 +1,22 @@ +#!/usr/bin/bash + +set -ouex pipefail + +sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_ublue-os-akmods.repo + +# Fetch Kernel RPMS +skopeo copy docker://ghcr.io/ublue-os/"${AKMODS_FLAVOR}"-kernel:"$(rpm -E %fedora)"-"${KERNEL}" dir:/tmp/kernel-rpms +KERNEL_TARGZ=$(jq -r '.layers[].digest' < /tmp/kernel-rpms/manifest.json | cut -d : -f 2) +tar -xvzf /tmp/kernel-rpms/"$KERNEL_TARGZ" -C / +mv /tmp/rpms/* /tmp/kernel-rpms/ + +rpm-ostree install /tmp/kernel-rpms/kernel-devel-*.rpm + +# Fetch AKMODS RPMS +skopeo copy docker://ghcr.io/ublue-os/akmods:"${AKMODS_FLAVOR}"-"$(rpm -E %fedora)"-"${KERNEL}" dir:/tmp/akmods +AKMODS_TARGZ=$(jq -r '.layers[].digest' < /tmp/akmods/manifest.json | cut -d : -f 2) +tar -xvzf /tmp/akmods/"$AKMODS_TARGZ" -C /tmp/ +mv /tmp/rpms/* /tmp/akmods/ + +# Install RPMS +rpm-ostree install /tmp/akmods/kmods/*kvmfr*.rpm diff --git a/build_files/packages-dx.sh b/build_files/dx/03-packages-dx.sh similarity index 100% rename from build_files/packages-dx.sh rename to build_files/dx/03-packages-dx.sh diff --git a/build_files/fonts-dx.sh b/build_files/dx/04-override-install-dx.sh similarity index 65% rename from build_files/fonts-dx.sh rename to build_files/dx/04-override-install-dx.sh index 1e68f9423f1..24426551caa 100755 --- a/build_files/fonts-dx.sh +++ b/build_files/dx/04-override-install-dx.sh @@ -1,8 +1,12 @@ #!/usr/bin/bash -set -ouex pipefail +set -eoux pipefail -# GitHub Monaspace +curl -Lo /tmp/kind "https://github.com/kubernetes-sigs/kind/releases/latest/download/kind-$(uname)-amd64" +chmod +x /tmp/kind +mv /tmp/kind /usr/bin/kind + +# GitHub Monaspace Font DOWNLOAD_URL=$(curl https://api.github.com/repos/githubnext/monaspace/releases/latest | jq -r '.assets[] | select(.name| test(".*.zip$")).browser_download_url') curl -Lo /tmp/monaspace-font.zip "$DOWNLOAD_URL" @@ -12,3 +16,4 @@ mv /tmp/monaspace-font/monaspace-v*/fonts/variable/* /usr/share/fonts/monaspace/ rm -rf /tmp/monaspace-font* fc-cache -f /usr/share/fonts/monaspace +fc-cache --system-only --really-force --verbose diff --git a/build_files/cleanup-dx.sh b/build_files/dx/09-cleanup-dx.sh similarity index 66% rename from build_files/cleanup-dx.sh rename to build_files/dx/09-cleanup-dx.sh index cc921aa33c2..168e140cd2b 100755 --- a/build_files/cleanup-dx.sh +++ b/build_files/dx/09-cleanup-dx.sh @@ -1,10 +1,20 @@ #!/usr/bin/bash -set -ouex pipefail +set -eoux pipefail + +systemctl enable docker.socket +systemctl enable podman.socket +systemctl enable swtpm-workaround.service +systemctl enable libvirt-workaround.service +systemctl enable bluefin-dx-groups.service +systemctl enable --global bluefin-dx-user-vscode.service +systemctl disable pmie.service +systemctl disable pmlogger.service -sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/ublue-os-bling-fedora-"${FEDORA_MAJOR_VERSION}".repo sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo -sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo +if [[ -f /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo ]]; then + sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/ganto-lxc4-fedora-"${FEDORA_MAJOR_VERSION}".repo +fi sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/ganto-umoci-fedora-"${FEDORA_MAJOR_VERSION}".repo sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/karmab-kcli-fedora-"${FEDORA_MAJOR_VERSION}".repo sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/atim-ubuntu-fonts-fedora-"${FEDORA_MAJOR_VERSION}".repo diff --git a/build_files/fetch-install-dx.sh b/build_files/fetch-install-dx.sh deleted file mode 100755 index 564288f8dcc..00000000000 --- a/build_files/fetch-install-dx.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -curl -Lo ./kind "https://github.com/kubernetes-sigs/kind/releases/latest/download/kind-$(uname)-amd64" -chmod +x ./kind -mv ./kind /usr/bin/kind diff --git a/build_files/fetch-install.sh b/build_files/fetch-install.sh deleted file mode 100755 index f0b8300a22c..00000000000 --- a/build_files/fetch-install.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -# Starship Shell Prompt -curl -Lo /tmp/starship.tar.gz "https://github.com/starship/starship/releases/latest/download/starship-x86_64-unknown-linux-gnu.tar.gz" -tar -xzf /tmp/starship.tar.gz -C /tmp -install -c -m 0755 /tmp/starship /usr/bin -# shellcheck disable=SC2016 -echo 'eval "$(starship init bash)"' >> /etc/bashrc - -# Bash Prexec -curl -Lo /usr/share/bash-prexec https://raw.githubusercontent.com/rcaloras/bash-preexec/master/bash-preexec.sh - -# Topgrade Install -pip install --prefix=/usr topgrade - -# Install ublue-update -- breaks with packages.json disable staging to use bling. -sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/ublue-os-staging-fedora-"${FEDORA_MAJOR_VERSION}".repo -rpm-ostree install ublue-update - -# Consolidate Just Files -find /tmp/just -iname '*.just' -exec printf "\n\n" \; -exec cat {} \; >> /usr/share/ublue-os/just/60-custom.just - -# Move over ublue-update config -mv -f /tmp/ublue-update.toml /usr/etc/ublue-update/ublue-update.toml diff --git a/build_files/font-install.sh b/build_files/font-install.sh deleted file mode 100755 index 0e0f0b094fe..00000000000 --- a/build_files/font-install.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -if [[ "${BASE_IMAGE_NAME}" =~ "kinoite" ]]; then - curl --output-dir /tmp -LO https://github.com/ryanoasis/nerd-fonts/releases/download/v3.2.1/FiraCode.zip - mkdir -p /usr/share/fonts/fira-nf - unzip /tmp/FiraCode.zip -d /usr/share/fonts/fira-nf - fc-cache -f /usr/share/fonts/fira-nf -fi - -fc-cache -f /usr/share/fonts/ubuntu -fc-cache -f /usr/share/fonts/inter diff --git a/build_files/install-akmods-dx.sh b/build_files/install-akmods-dx.sh deleted file mode 100755 index b7167a81b48..00000000000 --- a/build_files/install-akmods-dx.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_ublue-os-akmods.repo -if [[ "${FEDORA_MAJOR_VERSION}" -ge "39" ]]; then - rpm-ostree install \ - /tmp/akmods/kmods/*kvmfr*.rpm -fi diff --git a/build_files/install-akmods.sh b/build_files/install-akmods.sh deleted file mode 100755 index dace2a2ddc3..00000000000 --- a/build_files/install-akmods.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash - -set -ouex pipefail - -# Nvidia for gts/stable - nvidia -if [[ "${NVIDIA_TYPE}" == "nvidia" ]]; then - curl -Lo /tmp/nvidia-install.sh https://raw.githubusercontent.com/ublue-os/hwe/main/nvidia-install.sh && \ - chmod +x /tmp/nvidia-install.sh && \ - IMAGE_NAME="${BASE_IMAGE_NAME}" RPMFUSION_MIRROR="" /tmp/nvidia-install.sh - rm -f /usr/share/vulkan/icd.d/nouveau_icd.*.json -fi - -sed -i 's@enabled=0@enabled=1@g' /etc/yum.repos.d/_copr_ublue-os-akmods.repo - -# Everyone -rpm-ostree install \ - /tmp/akmods/kmods/*xone*.rpm \ - /tmp/akmods/kmods/*openrazer*.rpm \ - /tmp/akmods/kmods/*framework-laptop*.rpm - -# rpmfusion dependent kmods -rpm-ostree install \ - https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm \ - https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm -rpm-ostree install \ - broadcom-wl /tmp/akmods/kmods/*wl*.rpm \ - v4l2loopback /tmp/akmods/kmods/*v4l2loopback*.rpm -rpm-ostree uninstall rpmfusion-free-release rpmfusion-nonfree-release - -# ZFS for gts/stable -if [[ ${AKMODS_FLAVOR} =~ "coreos" ]]; then - skopeo copy docker://ghcr.io/ublue-os/akmods-zfs:coreos-stable-"$(rpm -E %fedora)"-"${KERNEL}" dir:/tmp/akmods-zfs - ZFS_TARGZ=$(jq -r '.layers[].digest' < /tmp/akmods-zfs/manifest.json | cut -d : -f 2) - tar -xvzf /tmp/akmods-zfs/"$ZFS_TARGZ" -C /tmp/ - mv /tmp/rpms/* /tmp/akmods-zfs/ - ZFS_RPMS=( - /tmp/akmods-zfs/kmods/zfs/kmod-zfs-"${KERNEL}"-*.rpm - /tmp/akmods-zfs/kmods/zfs/libnvpair3-*.rpm - /tmp/akmods-zfs/kmods/zfs/libuutil3-*.rpm - /tmp/akmods-zfs/kmods/zfs/libzfs5-*.rpm - /tmp/akmods-zfs/kmods/zfs/libzpool5-*.rpm - /tmp/akmods-zfs/kmods/zfs/python3-pyzfs-*.rpm - /tmp/akmods-zfs/kmods/zfs/zfs-*.rpm - pv - ) - rpm-ostree install "${ZFS_RPMS[@]}" - depmod -a -v "${KERNEL}" - echo "zfs" > /usr/lib/modules-load.d/zfs.conf -fi diff --git a/build_files/nvidia.sh b/build_files/nvidia.sh deleted file mode 100755 index 9462f8e5128..00000000000 --- a/build_files/nvidia.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -# Nvidia Configurations -if [[ "${IMAGE_FLAVOR}" =~ "nvidia" || "${NVIDIA_TYPE}" =~ "nvidia" ]]; then - # Restore x11 for Nvidia Images - if [[ "${BASE_IMAGE_NAME}" =~ "kinoite" && "${FEDORA_MAJOR_VERSION}" -gt "39" ]]; then - rpm-ostree install plasma-workspace-x11 - fi -fi diff --git a/build_files/shared/build-base.sh b/build_files/shared/build-base.sh new file mode 100755 index 00000000000..98fe0dbb10a --- /dev/null +++ b/build_files/shared/build-base.sh @@ -0,0 +1,69 @@ +#!/usr/bin/bash + +set -eoux pipefail + +# Make Alternatives Directory +mkdir -p /var/lib/alternatives + +# Copy Files to Container +cp -r /ctx/just /tmp/just +cp /ctx/packages.json /tmp/packages.json +cp /ctx/system_files/shared/etc/ublue-update/ublue-update.toml /tmp/ublue-update.toml +rsync -rvK /ctx/system_files/shared/ / +rsync -rvK /ctx/system_files/"${BASE_IMAGE_NAME}"/ / + +# Generate image-info.json +/ctx/build_files/base/00-image-info.sh + +# Build Fix - Fix known skew offenders +/ctx/build_files/base/01-build-fix.sh + +# Get COPR Repos +/ctx/build_files/base/02-install-copr-repos.sh + +# Install Kernel and Akmods +/ctx/build_files/base/03-install-kernel-akmods.sh + +# Install Additional Packages +/ctx/build_files/base/04-packages.sh + +# Install Overrides and Fetch Install +/ctx/build_files/base/05-override-install.sh + +# Get Quadlets +/ctx/build_files/base/06-fetch-quadlets.sh + +# Base Image Changes +/ctx/build_files/base/07-base-image-changes.sh + +# Get Firmare for Framework +/ctx/build_files/base/08-firmware.sh + +# Make HWE changes +/ctx/build_files/base/09-hwe-additions.sh + +# Install Brew +/ctx/build_files/base/10-brew.sh + + +## late stage changes + +# Make sure Bootc works +/ctx/build_files/base/16-bootc.sh + +# Systemd and Remove Items +/ctx/build_files/base/17-cleanup.sh + +# Run workarounds for lf (Likely not needed) +/ctx/build_files/base/18-workarounds.sh + +# Regenerate initramfs +/ctx/build_files/base/19-initramfs.sh + +# Clean Up +mv /var/lib/alternatives /staged-alternatives +/ctx/build_files/shared/clean-stage.sh +mkdir -p /var/lib && mv /staged-alternatives /var/lib/alternatives && \ +mkdir -p /var/tmp && \ +chmod -R 1777 /var/tmp +ostree container commit diff --git a/build_files/shared/build-dx.sh b/build_files/shared/build-dx.sh new file mode 100755 index 00000000000..b095b31afde --- /dev/null +++ b/build_files/shared/build-dx.sh @@ -0,0 +1,47 @@ +#!/usr/bin/bash + +set -eoux pipefail + +# Make Alternatives Directory +mkdir -p /var/lib/alternatives + +# Copy Files to Image +cp /ctx/packages.json /tmp/packages.json +rsync -rvK /ctx/system_files/dx/ / + +# Apply IP Forwarding before installing Docker to prevent messing with LXC networking +sysctl -p + +# Generate image-info.json (Not Needed?) +# /ctx/build_files/shared/image-info.sh + +# COPR Repos +/ctx/build_files/dx/01-install-copr-repos-dx.sh + +# Install AKMODS +/ctx/build_files/dx/02-install-kernel-akmods-dx.sh + +# Install Packages +/ctx/build_files/dx/03-packages-dx.sh + +# Fetch Install +/ctx/build_files/dx/04-override-install-dx.sh + +# Branding Changes +if test "$BASE_IMAGE_NAME" = "silverblue"; then + sed -i '/^PRETTY_NAME/s/Bluefin/Bluefin-dx/' /usr/lib/os-release +elif test "$BASE_IMAGE_NAME" = "kinoite"; then + sed -i '/^PRETTY_NAME/s/Aurora/Aurora-dx/' /usr/lib/os-release + sed -i 's/Aurora/Aurora-DX/' /usr/share/kde-settings/kde-profile/default/xdg/kcm-about-distrorc +fi + +# Systemd and Disable Repos +/ctx/build_files/dx/09-cleanup-dx.sh + +# Clean Up +mv /var/lib/alternatives /staged-alternatives +/ctx/build_files/shared/clean-stage.sh +mkdir -p /var/lib && mv /staged-alternatives /var/lib/alternatives && \ +mkdir -p /var/tmp && \ +chmod -R 1777 /var/tmp +ostree container commit diff --git a/build_files/clean-stage.sh b/build_files/shared/clean-stage.sh similarity index 100% rename from build_files/clean-stage.sh rename to build_files/shared/clean-stage.sh diff --git a/build_files/systemd-dx.sh b/build_files/systemd-dx.sh deleted file mode 100755 index 53595bb0c44..00000000000 --- a/build_files/systemd-dx.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -systemctl enable docker.socket -systemctl enable podman.socket -systemctl enable swtpm-workaround.service -systemctl enable libvirt-workaround.service -systemctl enable bluefin-dx-groups.service -systemctl enable --global bluefin-dx-user-vscode.service -systemctl disable pmie.service -systemctl disable pmlogger.service diff --git a/build_files/systemd.sh b/build_files/systemd.sh deleted file mode 100755 index 9055c3abe6e..00000000000 --- a/build_files/systemd.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/bash - -set -ouex pipefail - -systemctl enable rpm-ostree-countme.service -systemctl enable tailscaled.service -systemctl enable dconf-update.service -systemctl --global enable ublue-flatpak-manager.service -systemctl enable ublue-update.timer -systemctl enable ublue-system-setup.service -systemctl enable ublue-guest-user.service -systemctl enable brew-setup.service -systemctl enable brew-upgrade.timer -systemctl enable brew-update.timer -systemctl --global enable ublue-user-setup.service -systemctl --global enable podman-auto-update.timer -systemctl enable check-sb-key.service diff --git a/build_files/workarounds.sh b/build_files/workarounds.sh deleted file mode 100755 index 6b469a3b130..00000000000 --- a/build_files/workarounds.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -set -oeux pipefail - -# alternatives cannot create symlinks on its own during a container build -ln -sf /usr/bin/ld.bfd /etc/alternatives/ld && ln -sf /etc/alternatives/ld /usr/bin/ld diff --git a/just/bluefin-system.just b/just/bluefin-system.just index ce59b5d540c..b7d633d5c91 100644 --- a/just/bluefin-system.just +++ b/just/bluefin-system.just @@ -192,7 +192,7 @@ configure-vfio ACTION="": if [[ ${CPU_VENDOR} == "AuthenticAMD" ]]; then VENDOR_KARG="amd_iommu=on" elif [[ ${CPU_VENDOR} == "GenuineIntel" ]]; then - VENDOR_KARG="intel_iommu=on" + VENDOR_KARG="intel_iommu=on" fi if [[ ${VENDOR_KARG} == "unset" ]]; then echo "Failed to get CPU vendor, exiting..." @@ -266,7 +266,7 @@ rebase-helper: @/usr/bin/ublue-rollback-helper update-ng: - echo "Note: This command doesn't work if you have locally layered packages" + echo "Note: This command doesn't work if you have locally layered packages" sudo bootc upgrade flatpak update -y brew upgrade @@ -282,7 +282,7 @@ toggle-tailscale: if [ "$TAILSCALED_STATUS" == "enabled" ] || [ "$TAILSCALED_STATUS" == "disabled" ]; then TAILSCALED="Installed" - else + else TAILSCALED="Not Found" echo "${b}${red}Unable to enable or disable Tailscale.${n}" echo "The tailscaled service must be present and either enabled or disabled to run this script." diff --git a/scripts/base-image.sh b/scripts/base-image.sh deleted file mode 100755 index f0cc13e4fc3..00000000000 --- a/scripts/base-image.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/bash -set -euo pipefail - -image=$1 - -if [[ ${image} =~ "bluefin" ]]; then - echo silverblue -elif [[ ${image} =~ "aurora" ]]; then - echo kinoite -else - exit 1 -fi diff --git a/scripts/build-image.sh b/scripts/build-image.sh deleted file mode 100755 index 63c1234c55c..00000000000 --- a/scripts/build-image.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/usr/bin/bash -set -eo pipefail -if [[ -z ${project_root} ]]; then - project_root=$(git rev-parse --show-toplevel) -fi -if [[ -z ${git_branch} ]]; then - git_branch=$(git branch --show-current) -fi - -# Get Inputs -image=$1 -target=$2 -version=$3 - -# Set image/target/version based on inputs -# shellcheck disable=SC2154,SC1091 -. "${project_root}/scripts/get-defaults.sh" - -# Get Fedora Version and Kernel Info -if [[ "${version}" == "stable" ]]; then - KERNEL_RELEASE=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"]') - fedora_version=$(echo "$KERNEL_RELEASE" | grep -oP 'fc\K[0-9]+') -elif [[ ${version} == "gts" ]]; then - coreos_kernel_release=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"]') - major_minor_patch=$(echo "$coreos_kernel_release" | cut -d '-' -f 1) - coreos_fedora_version=$(echo "$coreos_kernel_release" | grep -oP 'fc\K[0-9]+') - KERNEL_RELEASE="${major_minor_patch}-200.fc$(("$coreos_fedora_version" - 1)).$(uname -m)" -else - KERNEL_RELEASE=$(skopeo inspect docker://ghcr.io/ublue-os/silverblue-main:"${version}" | jq -r '.Labels["ostree.linux"]') -fi - -fedora_version=$(echo "$KERNEL_RELEASE" | grep -oP 'fc\K[0-9]+') - -# Get info -container_mgr=$(just _container_mgr) -base_image=$(just _base_image "${image}") -tag=$(just _tag "${image}" "${target}") - -akmods_flavor=main -if [[ "${version}" == "gts" || \ - "${version}" == "stable" ]]; then - nvidia_type="main" - akmods_flavor=coreos-stable -fi - - -# Build Command -command=( build -f Containerfile ) -if [[ ${container_mgr} == "docker" && ${TERM} == "dumb" ]]; then - command+=(--progress=plain) -fi -command+=( --build-arg="BASE_IMAGE_NAME=${base_image}" ) -command+=( --build-arg="IMAGE_NAME=${tag}" ) -command+=( --build-arg="IMAGE_FLAVOR=main" ) -command+=( --build-arg="IMAGE_VENDOR=localhost" ) -command+=( --build-arg="FEDORA_MAJOR_VERSION=${fedora_version}" ) -command+=( --build-arg="AKMODS_FLAVOR=${akmods_flavor}" ) -command+=( --build-arg="NVIDIA_TYPE=${nvidia_type:-}" ) -command+=( --build-arg="KERNEL=${KERNEL_RELEASE:-}" ) -command+=( --build-arg="UBLUE_IMAGE_TAG=${version}" ) -command+=( --build-arg="SOURCE_IMAGE=${base_image}-main" ) -command+=( --tag localhost/"${tag}:${version}-${git_branch}" ) -command+=( --target "${target}" ) -command+=( "${project_root}" ) - -# Build Image -$container_mgr ${command[@]} diff --git a/scripts/build-iso-ghcr.sh b/scripts/build-iso-ghcr.sh deleted file mode 100755 index 7dad1bafeb3..00000000000 --- a/scripts/build-iso-ghcr.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/usr/bin/bash -#shellcheck disable=SC2154 - -if [[ -z ${project_root} ]]; then - project_root=$(git rev-parse --show-toplevel) -fi - -# Common Build ISO -# shellcheck disable=SC2154,SC1091 -. "${project_root}/scripts/common-build-iso.sh" - -# Make ISO -${container_mgr} run --rm --privileged \ - --volume "${workspace}"/scripts/files/output:/build-container-installer/build \ - --volume "${workspace}/${flatpak_dir_shortname}":"/build-container-installer/${flatpak_dir_shortname}" \ - ghcr.io/jasonn3/build-container-installer:latest \ - ARCH="x86_64" \ - ENABLE_CACHE_DNF="false" \ - ENABLE_CACHE_SKOPEO="false" \ - ENABLE_FLATPAK_DEPENDENCIES="false" \ - ENROLLMENT_PASSWORD="universalblue" \ - FLATPAK_REMOTE_REFS_DIR="${flatpak_dir_shortname}" \ - IMAGE_NAME="${ghcr_tag}" \ - IMAGE_REPO="ghcr.io/ublue-os" \ - IMAGE_TAG="${version}" \ - ISO_NAME="build/${ghcr_tag}-${version}-ghcr.iso" \ - SECURE_BOOT_KEY_URL='https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' \ - VARIANT="${variant}" \ - VERSION="${fedora_version}" diff --git a/scripts/build-iso-installer-main.sh b/scripts/build-iso-installer-main.sh deleted file mode 100755 index 34def7151f9..00000000000 --- a/scripts/build-iso-installer-main.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/bash -#shellcheck disable=SC2154 - -if [[ -z ${project_root} ]]; then - project_root=$(git rev-parse --show-toplevel) -fi -if [[ -z ${git_branch} ]]; then - git_branch=$(git branch --show-current) -fi - -# Common Build ISO -# shellcheck disable=SC1091 -. "${project_root}/scripts/common-build-iso.sh" - -if [[ ${container_mgr} =~ "podman" ]]; then - api_socket=/run/podman/podman.sock -elif [[ ${container_mgr} =~ "docker" ]]; then - api_socket=/var/run/docker.sock -fi - -# Make ISO -${container_mgr} run --rm --privileged \ - --volume "${api_socket}":/var/run/docker.sock \ - --volume "${workspace}"/scripts/files/build-iso-makefile-patch:/build-container-installer/container/Makefile \ - --volume "${workspace}/${flatpak_dir_shortname}":"/build-container-installer/${flatpak_dir_shortname}" \ - --volume "${workspace}"/scripts/files/output:/build-container-installer/build \ - ghcr.io/jasonn3/build-container-installer:main \ - ARCH="x86_64" \ - ENABLE_CACHE_DNF="false" \ - ENABLE_CACHE_SKOPEO="false" \ - ENABLE_FLATPAK_DEPENDENCIES="false" \ - ENROLLMENT_PASSWORD="universalblue" \ - FLATPAK_REMOTE_REFS_DIR="${flatpak_dir_shortname}" \ - IMAGE_NAME="${tag}" \ - IMAGE_REPO="localhost" \ - IMAGE_TAG="${version}-${git_branch}" \ - ISO_NAME="build/${tag}-${version}-${git_branch}.iso" \ - SECURE_BOOT_KEY_URL='https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' \ - VARIANT="${variant}" \ - VERSION="${fedora_version}" diff --git a/scripts/build-iso.sh b/scripts/build-iso.sh deleted file mode 100755 index 96fd0eda51a..00000000000 --- a/scripts/build-iso.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/bash -#shellcheck disable=SC2154 - -if [[ -z ${project_root} ]]; then - project_root=$(git rev-parse --show-toplevel) -fi -if [[ -z ${git_branch} ]]; then - git_branch=$(git branch --show-current) -fi - -# Common Build ISO -# shellcheck disable=SC1091 -. "${project_root}/scripts/common-build-iso.sh" - -if [[ ${container_mgr} =~ "podman" ]]; then - api_socket=/run/podman/podman.sock -elif [[ ${container_mgr} =~ "docker" ]]; then - api_socket=/var/run/docker.sock -fi - -# Make ISO -${container_mgr} run --rm --privileged \ - --volume "${api_socket}":/var/run/docker.sock \ - --volume "${workspace}"/scripts/files/build-iso-makefile-patch:/build-container-installer/container/Makefile \ - --volume "${workspace}/${flatpak_dir_shortname}":"/build-container-installer/${flatpak_dir_shortname}" \ - --volume "${workspace}"/scripts/files/output:/build-container-installer/build \ - ghcr.io/jasonn3/build-container-installer:latest \ - ARCH="x86_64" \ - ENABLE_CACHE_DNF="false" \ - ENABLE_CACHE_SKOPEO="false" \ - ENABLE_FLATPAK_DEPENDENCIES="false" \ - ENROLLMENT_PASSWORD="universalblue" \ - FLATPAK_REMOTE_REFS_DIR="${flatpak_dir_shortname}" \ - IMAGE_NAME="${tag}" \ - IMAGE_REPO="localhost" \ - IMAGE_TAG="${version}-${git_branch}" \ - ISO_NAME="build/${tag}-${version}-${git_branch}.iso" \ - SECURE_BOOT_KEY_URL='https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' \ - VARIANT="${variant}" \ - VERSION="${fedora_version}" diff --git a/scripts/cleanup-dir.sh b/scripts/cleanup-dir.sh deleted file mode 100755 index 741d8683348..00000000000 --- a/scripts/cleanup-dir.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/bash -if [[ -z ${project_root} ]]; then - project_root=$(git rev-parse --show-toplevel) -fi -# shellcheck disable=SC1091 -. "${project_root}/scripts/sudoif.sh" - -set -euox pipefail - -#shellcheck disable=SC2154 -sudoif rm -f "${project_root}"/scripts/files/output/* #ISOs -rm -f "${project_root}"/*_flatapks/flatpaks_with_deps #Flatpak Deps -rm -rf "${project_root}"/flatpak.* #Flatpak Tempdir -sudoif rm -rf "${project_root}"/scripts/files/home/ublue-os/* #Test User Home diff --git a/scripts/cleanup-images.sh b/scripts/cleanup-images.sh deleted file mode 100755 index 9b66d614b9d..00000000000 --- a/scripts/cleanup-images.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/bash -set -euox pipefail -container_mgr=( - docker - podman - podman-remote -) -for i in "${container_mgr[@]}"; do - if [[ $(command -v "$i") ]]; then - echo "Container Manager: ${i}" - ID=$(${i} images --filter "reference=localhost/bluefin*-build*" --filter "reference=localhost/aurora*-build*" --format "{{.ID}}") - xargs -I {} "${i}" image rm {} <<< "$ID" - echo "" - fi -done diff --git a/scripts/common-build-iso.sh b/scripts/common-build-iso.sh deleted file mode 100644 index 8f61c7a0b3b..00000000000 --- a/scripts/common-build-iso.sh +++ /dev/null @@ -1,115 +0,0 @@ -#!/usr/bin/bash -#shellcheck disable=SC2154,SC2034 - -# shellcheck disable=SC1091 -. "${project_root}/scripts/sudoif.sh" - -# Check if inside rootless container -if [[ -f /run/.containerenv ]]; then - #shellcheck disable=SC1091 - source /run/.containerenv - #shellcheck disable=SC2154 - if [[ "${rootless}" -eq "1" ]]; then - echo "Cannot build ISO inside rootless podman container... Exiting..." - exit 1 - fi -fi -container_mgr=$(just _container_mgr) -# If using rootless container manager, exit. Might not be best check -if "${container_mgr}" info | grep Root | grep -q /home; then - echo "Cannot build ISO with rootless container..." - exit 1 -fi - -# Get Inputs -image=$1 -target=$2 -version=$3 - -# Set image/target/version based on inputs -# shellcheck disable=SC2154,SC1091 -. "${project_root}/scripts/get-defaults.sh" - -# Set Container tag name -tag=$(just _tag "${image}" "${target}") - -# Don't use -build suffix, flatpak dependency using ghcr -ghcr_tag=${tag::-6} - -# Remove old ISO if present -sudoif rm -f "${project_root}/scripts/files/output/${tag}-${version}-${git_branch}.iso" -sudoif rm -f "${project_root}/scripts/files/output/${tag}-${version}-${git_branch}.iso-CHECKSUM" - -# Set Base Image -base_image=$(just _base_image "${image}") - -if [[ "${version}" == "stable" ]]; then - KERNEL_RELEASE=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"] | split(".x86_64")[0]') -elif [[ "${version}" == "gts" ]]; then - coreos_kernel_release=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"] | split(".x86_64")[0]') - major_minor_patch=$(echo "$coreos_kernel_release" | cut -d '-' -f 1) - coreos_fedora_version=$(echo "$coreos_kernel_release" | grep -oP 'fc\K[0-9]+') - KERNEL_RELEASE="${major_minor_patch}-200.fc$(("$coreos_fedora_version" - 1))" -else - KERNEL_RELEASE=$(skopeo inspect docker://ghcr.io/ublue-os/silverblue-main:"$version" | jq -r '.Labels["ostree.linux"] | split(".x86_64")[0]') -fi -fedora_version=$(echo "$KERNEL_RELEASE" | grep -oP 'fc\K[0-9]+') - -# Set variant and flatpak dir -if [[ "${base_image}" =~ "silverblue" ]]; then - variant=Silverblue - flatpak_dir_shortname="bluefin_flatpaks" -elif [[ "${base_image}" =~ "kinoite" ]]; then - variant=Kinoite - flatpak_dir_shortname="aurora_flatpaks" -else - exit 1 -fi - -# Make sure image actually exists, build if it doesn't -ID=$(${container_mgr} images --filter reference=localhost/"${tag}:${version}-${git_branch}" --format "{{.ID}}") -if [[ -z ${ID} ]]; then - just build "${image}" "${target}" "${version}" -fi - -# Make temp space -TEMP_FLATPAK_INSTALL_DIR=$(mktemp -d -p "${project_root}" flatpak.XXX) -# Get list of refs from directory -FLATPAK_REFS_DIR=${project_root}/${flatpak_dir_shortname} -FLATPAK_REFS_DIR_LIST=$(tr '\n' ' ' < "${FLATPAK_REFS_DIR}/flatpaks") - -# Generate install script -cat << EOF > "${TEMP_FLATPAK_INSTALL_DIR}/script.sh" -cat /temp_flatpak_install_dir/script.sh -mkdir -p /flatpak/flatpak /flatpak/triggers -mkdir /var/tmp || true -chmod -R 1777 /var/tmp -flatpak config --system --set languages "*" -flatpak remote-add --system flathub https://flathub.org/repo/flathub.flatpakrepo -flatpak install --system -y ${FLATPAK_REFS_DIR_LIST} -ostree refs --repo=\${FLATPAK_SYSTEM_DIR}/repo | grep '^deploy/' | grep -v 'org\.freedesktop\.Platform\.openh264' | sed 's/^deploy\///g' > /output/flatpaks_with_deps -EOF - -workspace=${project_root} -if [[ -f /.dockerenv || -f /run/.containerenv ]]; then - FLATPAK_REFS_DIR=${LOCAL_WORKSPACE_FOLDER}/${flatpak_dir_shortname} - TEMP_FLATPAK_INSTALL_DIR="${LOCAL_WORKSPACE_FOLDER}/$(echo "${TEMP_FLATPAK_INSTALL_DIR}" | rev | cut -d / -f 1 | rev)" - workspace=${LOCAL_WORKSPACE_FOLDER} -fi - -# Generate Flatpak Dependency List -if [[ ! -f ${project_root}/${flatpak_dir_shortname}/flatpaks_with_deps ]]; then - "${container_mgr}" run --rm --privileged \ - --entrypoint bash \ - -e FLATPAK_SYSTEM_DIR=/flatpak/flatpak \ - -e FLATPAK_TRIGGERSDIR=/flatpak/triggers \ - --volume "${FLATPAK_REFS_DIR}":/output \ - --volume "${TEMP_FLATPAK_INSTALL_DIR}":/temp_flatpak_install_dir \ - "ghcr.io/ublue-os/${base_image}-main:${version}" /temp_flatpak_install_dir/script.sh -fi - -# Remove Temp Directory -if [[ -f /.dockerenv ]]; then - TEMP_FLATPAK_INSTALL_DIR=${project_root}/$(echo "${TEMP_FLATPAK_INSTALL_DIR}" | rev | cut -d / -f 1 | rev) -fi -rm -rf "${TEMP_FLATPAK_INSTALL_DIR}" diff --git a/scripts/container_mgr.sh b/scripts/container_mgr.sh deleted file mode 100755 index 2b41042a459..00000000000 --- a/scripts/container_mgr.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/usr/bin/bash -valid_manager=( - docker - podman - podman-remote -) -if [[ -n ${CONTAINER_MGR} ]]; then - if [[ "${valid_manager[*]}" =~ ${CONTAINER_MGR} ]]; then - echo "${CONTAINER_MGR}" - else - exit 1 - fi -elif [[ $(command -v docker) ]]; then - echo docker -elif [[ $(command -v podman) ]]; then - echo podman -elif [[ $(command -v podman-remote) ]];then - echo podman-remote -else - exit 1 -fi diff --git a/scripts/files/build-iso-makefile-patch b/scripts/files/build-iso-makefile-patch deleted file mode 100644 index bb8d7d9d35c..00000000000 --- a/scripts/files/build-iso-makefile-patch +++ /dev/null @@ -1,11 +0,0 @@ -$(IMAGE_NAME)-$(IMAGE_TAG): - skopeo copy docker-daemon:$(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) oci:$(IMAGE_NAME)-$(IMAGE_TAG) - -install-deps: - $(install_pkg) skopeo - -FILES=$(filter-out Makefile,$(wildcard *)) -clean: -ifneq ($(FILES),) - rm -Rf $(FILES) -endif diff --git a/scripts/files/etc/group b/scripts/files/etc/group deleted file mode 100644 index efe7aef409b..00000000000 --- a/scripts/files/etc/group +++ /dev/null @@ -1,22 +0,0 @@ -root:x:0: -wheel:x:10:ublue-os -adbusers:x:968: -plugdev:x:967: -wbpriv:x:88: -clevis:x:966: -gluster:x:965: -unbound:x:964: -setroubleshoot:x:963: -qemu:x:107: -saslauth:x:76:saslauth -libvirt:x:962:ublue-os -libvirtdbus:x:961: -stapusr:x:156: -stapsys:x:157: -stapdev:x:158: -pcp:x:960: -docker:x:959:ublue-os -lxd:x:958:ublue-os -incus:x:251: -incus-admin:x:250:ublue-os -ublue-os:x:1000: diff --git a/scripts/files/etc/hostname b/scripts/files/etc/hostname deleted file mode 100644 index 334880b3bf4..00000000000 --- a/scripts/files/etc/hostname +++ /dev/null @@ -1 +0,0 @@ -ContainerTestUblueOS diff --git a/scripts/files/etc/passwd b/scripts/files/etc/passwd deleted file mode 100644 index 1d9d39d78ba..00000000000 --- a/scripts/files/etc/passwd +++ /dev/null @@ -1,10 +0,0 @@ -root:x:0:0:root:/root:/bin/bash -clevis:x:992:966:Clevis Decryption Framework unprivileged user:/var/cache/clevis:/usr/sbin/nologin -gluster:x:977:965:GlusterFS daemons:/run/gluster:/sbin/nologin -unbound:x:976:964:Unbound DNS resolver:/var/lib/unbound:/sbin/nologin -setroubleshoot:x:975:963:SELinux troubleshoot server:/var/lib/setroubleshoot:/usr/sbin/nologin -saslauth:x:974:76:Saslauthd user:/run/saslauthd:/sbin/nologin -libvirtdbus:x:973:961:Libvirt D-Bus bridge:/:/sbin/nologin -qemu:x:107:107:qemu user:/:/usr/sbin/nologin -pcp:x:960:960:Performance Co-Pilot:/var/lib/pcp:/usr/sbin/nologin -ublue-os:x:1000:1000:ublue-os:/home/ublue-os:/usr/bin/bash diff --git a/scripts/files/etc/shadow b/scripts/files/etc/shadow deleted file mode 100644 index 77a5fe49ec5..00000000000 --- a/scripts/files/etc/shadow +++ /dev/null @@ -1,59 +0,0 @@ -root:!::0:99999:7::: -bin:*::0:99999:7::: -daemon:*::0:99999:7::: -adm:*::0:99999:7::: -lp:*::0:99999:7::: -sync:*::0:99999:7::: -shutdown:*::0:99999:7::: -halt:*::0:99999:7::: -mail:*::0:99999:7::: -operator:*::0:99999:7::: -games:*::0:99999:7::: -ftp:*::0:99999:7::: -nobody:*::0:99999:7::: -dbus:*::0:99999:7::: -polkitd:*::0:99999:7::: -etcd:*::0:99999:7::: -tss:*::0:99999:7::: -avahi-autoipd:*::0:99999:7::: -rpc:*::0:99999:7::: -sssd:*::0:99999:7::: -dockerroot:*::0:99999:7::: -rpcuser:*::0:99999:7::: -nfsnobody:*::0:99999:7::: -kube:*::0:99999:7::: -sshd:*::0:99999:7::: -chrony:*::0:99999:7::: -tcpdump:*::0:99999:7::: -systemd-timesync:*::0:99999:7::: -systemd-network:*::0:99999:7::: -systemd-resolve:*::0:99999:7::: -systemd-bus-proxy:*::0:99999:7::: -cockpit-ws:*::0:99999:7::: -apache:!::::::: -avahi:!::::::: -geoclue:!::::::: -usbmuxd:!::::::: -rtkit:!::::::: -pipewire:!::::::: -openvpn:!::::::: -nm-openvpn:!::::::: -colord:!::::::: -nm-openconnect:!::::::: -flatpak:!::::::: -gdm:!::::::: -gnome-initial-setup:!::::::: -vboxadd:!::::::: -dnsmasq:!::::::: -systemd-coredump:!*::::::: -systemd-oom:!*::::::: -clevis:!:19686:::::: -gluster:!:19686:::::: -unbound:!:19686:::::: -setroubleshoot:!:19686:::::: -saslauth:!:19686:::::: -libvirtdbus:!:19686:::::: -qemu:!*:19686:::::: -pcp:!*:19686:::::: -sddm:!::::::: -ublue-os:$y$j9T$uQkZGY3QpPmddmtkavB0Z/$c2rwYgbGPq6lcdpTeof0S7YjOGgfKaKXWxoKy3HjKhC:19816:0:99999:7::: diff --git a/scripts/get-defaults.sh b/scripts/get-defaults.sh deleted file mode 100755 index 35787f167e2..00000000000 --- a/scripts/get-defaults.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/bash -#shellcheck disable=SC2154 - -# If image has -dx, assume they want the target to be dx and that version might be $2 -if [[ ${image} =~ "-dx" ]]; then - image=$(cut -d - -f 1 <<< "${image}") - version=${target} - target="dx" -fi - -# if no image, bluefin -if [[ -z "${image}" ]]; then - image="bluefin" -fi - -# if no target, base -if [[ -z "${target}" ]]; then - target="base" -# if $2 is version, assume that is version and target is base -elif [[ ${target} =~ beta ]]; then - version=${target} - target="base" -elif [[ ${target} =~ stable ]]; then - version=${target} - target="base" -elif [[ ${target} =~ latest ]]; then - version=${target} - target="base" -elif [[ ${target} =~ gts ]]; then - version=${target} - target="base" -fi - -# if no version, bluefin is GTS, Aurora is Latest -if [[ -z "${version}" ]]; then - if [[ "${image}" =~ "bluefin" ]]; then - version="gts" - elif [[ "${image}" =~ "aurora" ]]; then - version="stable" - fi -fi diff --git a/scripts/list-images.sh b/scripts/list-images.sh deleted file mode 100755 index ab527f69998..00000000000 --- a/scripts/list-images.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/bash -set -euo pipefail -container_mgr=( - docker - podman - podman-remote -) -for i in "${container_mgr[@]}"; do - if [[ $(command -v "$i") ]]; then - echo "Container Manager: ${i}" - ${i} images --filter "reference=localhost/bluefin*-build*" --filter "reference=localhost/aurora*-build*" - echo "" - fi -done diff --git a/scripts/make-tag.sh b/scripts/make-tag.sh deleted file mode 100755 index fa196ed931e..00000000000 --- a/scripts/make-tag.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/bash -set -euo pipefail - -image=$1 -target=$2 - -# Add build to images to distinguish from ghcr -if [[ "${target}" =~ "base" ]]; then - echo "${image}-build" -elif [[ "${target}" =~ "dx" ]]; then - echo "${image}-${target}-build" -fi diff --git a/scripts/run-booted-guest.sh b/scripts/run-booted-guest.sh deleted file mode 100755 index 2d7abd12a32..00000000000 --- a/scripts/run-booted-guest.sh +++ /dev/null @@ -1,95 +0,0 @@ -#!/usr/bin/bash -if [[ -z ${project_root} ]]; then - project_root=$(git rev-parse --show-toplevel) -fi -if [[ -z ${git_branch} ]]; then - git_branch=$(git branch --show-current) -fi -# shellcheck disable=SC2154,SC1091 -. "${project_root}/scripts/sudoif.sh" - -# Get inputs -image=$1 -target=$2 -version=$3 - -# Set image/target/version based on inputs -# shellcheck disable=SC2154,SC1091 -. "${project_root}/scripts/get-defaults.sh" - -# Get items -container_mgr=$(just _container_mgr) -tag=$(just _tag "${image}" "${target}") - -# Graphical Warning -if "${container_mgr}" info | grep Root | grep -q /home; then - echo "Cannot run Graphical Session wiht rootless container..." - secs=5 - while [ $secs -gt 0 ] - do - printf "\r\033[KWaiting %.d seconds." $((secs--)) - sleep 1 - done -fi - -# Check to see if image exists, build it if it doesn't -ID=$(${container_mgr} images --filter reference=localhost/"${tag}:${version}-${git_branch}" --format "{{.ID}}") -if [[ -z ${ID} ]]; then - just build "${image}" "${target}" "${version}" -fi - -# Set workspace variable -workspace=${project_root} -if [[ -f /.dockerenv ]]; then - workspace=${LOCAL_WORKSPACE_FOLDER} -fi -workspace_files=${workspace}/scripts/files - -# Start building run command -run_cmd+=(run -it --rm --privileged) - -# Mount in $HOME. -run_cmd+=(-v /var/home) -mkdir -p "${project_root}"/scripts/files/home/ublue-os -if [[ -n "${SUDO_USER}" ]]; then - chown "${SUDO_USER}:${SUDO_GID}" "${project_root}"/scripts/files/home/ublue-os -fi -run_cmd+=(-v "${workspace_files}"/home/ublue-os:/var/home/ublue-os:rslave) - -# Mount in System Flatpaks and TMP -run_cmd+=(-v /tmp:/tmp:rslave) -run_cmd+=(-v /var/lib/flatpak:/var/lib/flatpak:rslave) - -# Blank out items SystemD units / don't mess with journal/selinux -run_cmd+=(-v /dev/null:/usr/lib/systemd/system/auditd.service) -run_cmd+=(-v /dev/null:/usr/lib/systemd/system/cups.path) -run_cmd+=(-v /dev/null:/usr/lib/systemd/system/cups.service) -run_cmd+=(-v /dev/null:/usr/lib/systemd/system/cups.socket) -run_cmd+=(-v /dev/null:/usr/lib/systemd/system/rtkit-daemon.service) -run_cmd+=(-v /var/log/journal) -run_cmd+=(-v /sys/fs/selinux) - -# Mount in passwd/group for user account to work -run_cmd+=(-v "${workspace_files}"/etc/passwd:/etc/passwd:ro) -run_cmd+=(-v "${workspace_files}"/etc/group:/etc/group:ro) -run_cmd+=(-v "${workspace_files}"/etc/shadow:/etc/shadow:ro) - -# Set Hostname -run_cmd+=(-v "${workspace_files}"/etc/hostname:/etc/hostname) - -# Host Network Option -if [[ -n ${HOST_NETWORK} ]]; then - run_cmd+=(--network host) - run_cmd+=(-v /etc/NetworkManager:/etc/NetworkManager) - run_cmd+=(-v /etc/hosts:/etc/hosts) - run_cmd+=(-v /etc/resolv.conf:/etc/resolv.conf) -fi - -# Boot the container -"$container_mgr" "${run_cmd[@]}" "localhost/${tag}:${version}" /sbin/init - -# Clean Up -if [[ -z ${project_root} ]]; then - project_root=$(git rev-parse --show-toplevel) -fi -sudoif rm -rf "${project_root}/scripts/files/home/ublue-os" diff --git a/scripts/run-booted-home.sh b/scripts/run-booted-home.sh deleted file mode 100755 index 44eac5ae6d2..00000000000 --- a/scripts/run-booted-home.sh +++ /dev/null @@ -1,78 +0,0 @@ -#!/usr/bin/bash -if [[ -z ${project_root} ]]; then - project_root=$(git rev-parse --show-toplevel) -fi -if [[ -z ${git_branch} ]]; then - git_branch=$(git branch --show-current) -fi - -# Get inputs -image=$1 -target=$2 -version=$3 - -# Set image/target/version based on inputs -# shellcheck disable=SC2154,SC1091 -. "${project_root}/scripts/get-defaults.sh" - -# Get items -container_mgr=$(just _container_mgr) -tag=$(just _tag "${image}" "${target}") - -# Graphical Warning -if "${container_mgr}" info | grep Root | grep -q /home; then - echo "Cannot run Graphical Session with rootless container..." - secs=5 - while [ $secs -gt 0 ] - do - printf "\r\033[KWaiting %.d seconds." $((secs--)) - sleep 1 - done -fi - -# Check to see if image exists, build it if it doesn't -ID=$(${container_mgr} images --filter reference=localhost/"${tag}:${version}-${git_branch}" --format "{{.ID}}") -if [[ -z ${ID} ]]; then - just build "${image}" "${target}" "${version}" -fi - -# Start building run command -run_cmd+=(run -it --rm --privileged) - -# Mount in passwd/group for user account to work -run_cmd+=(-v /etc/passwd:/etc/passwd:ro) -run_cmd+=(-v /etc/group:/etc/group:ro) -run_cmd+=(-v /etc/shadow:/etc/shadow:ro) - -# Mount in System Flatpaks and TMP -run_cmd+=(-v /tmp:/tmp:rslave) -run_cmd+=(-v /var/lib/flatpak:/var/lib/flatpak:rslave) - -# Mount in $HOME. -home_location=/home -if [[ -L /home ]]; then - home_location=/$(readlink /home) -fi -run_cmd+=(-v "${home_location}":/var/home:rslave) - -# Blank out items -run_cmd+=(-v /dev/null:/usr/lib/systemd/system/auditd.service) -run_cmd+=(-v /dev/null:/usr/lib/systemd/system/cups.path) -run_cmd+=(-v /dev/null:/usr/lib/systemd/system/cups.service) -run_cmd+=(-v /dev/null:/usr/lib/systemd/system/cups.socket) -run_cmd+=(-v /dev/null:/usr/lib/systemd/system/rtkit-daemon.service) -run_cmd+=(-v /var/log/journal) -run_cmd+=(-v /sys/fs/selinux) - -# Host Network Option -if [[ -n ${HOST_NETWORK} ]]; then - run_cmd+=(--network host) - run_cmd+=(-v /etc/NetworkManager:/etc/NetworkManager) - run_cmd+=(-v /etc/hosts:/etc/hosts) - run_cmd+=(-v /etc/resolv.conf:/etc/resolv.conf) -fi - -# Boot the container -"$container_mgr" "${run_cmd[@]}" "localhost/${tag}:${version}" /sbin/init - -exit 0 diff --git a/scripts/run-image.sh b/scripts/run-image.sh deleted file mode 100755 index c56aa650a43..00000000000 --- a/scripts/run-image.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/usr/bin/bash -if [[ -z ${project_root} ]]; then - project_root=$(git rev-parse --show-toplevel) -fi -if [[ -z ${git_branch} ]]; then - git_branch=$(git branch --show-current) -fi -set -eo pipefail - -# Get Inputs -image=$1 -target=$2 -version=$3 - -# Get image/target/version based on inputs -# shellcheck disable=SC2154,SC1091 -. "${project_root}/scripts/get-defaults.sh" - -# Get variables -container_mgr=$(just _container_mgr) -tag=$(just _tag "${image}" "${target}") - -# Check if requested image exist, if it doesn't build it -ID=$(${container_mgr} images --filter reference=localhost/"${tag}":"${version}-${git_branch}" --format "{{.ID}}") -if [[ -z ${ID} ]]; then - just build "${image}" "${target}" "${version}" -fi - -# Run image -"${container_mgr}" run -it --rm localhost/"${tag}:${version}-${git_branch}" /usr/bin/bash diff --git a/scripts/run-iso.sh b/scripts/run-iso.sh deleted file mode 100755 index 7edcd156f45..00000000000 --- a/scripts/run-iso.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/bash -if [[ -z ${project_root} ]]; then - project_root=$(git rev-parse --show-toplevel) -fi -if [[ -z ${git_branch} ]]; then - git_branch=$(git branch --show-current) -fi -set -eo pipefail - -# Get Inputs -image=$1 -target=$2 -version=$3 - -# Get image/target/version based on inputs -# shellcheck disable=SC2154,SC1091 -. "${project_root}/scripts/get-defaults.sh" - -# Get variables -container_mgr=$(just _container_mgr) -tag=$(just _tag "${image}" "${target}") - -#check if ISO exists. Create if it doesn't -if [[ ! -f "${project_root}/scripts/files/output/${tag}-${version}-${git_branch}.iso" ]]; then - just build-iso "$image" "$target" "$version" -fi - -workspace=${project_root} -if [[ -f /.dockerenv ]]; then - workspace=${LOCAL_WORKSPACE_FOLDER} -fi - -${container_mgr} run --rm --cap-add NET_ADMIN \ - --publish 127.0.0.1:8006:8006 \ - --env "CPU_CORES=2" \ - --env "RAM_SIZE=4G" \ - --env "DISK_SIZE=64G" \ - --env "BOOT_MODE=uefi" \ - --device=/dev/kvm \ - --volume "${workspace}/scripts/files/output/${tag}-${version}-${git_branch}.iso":/boot.iso \ - docker.io/qemux/qemu-docker diff --git a/scripts/sudoif.sh b/scripts/sudoif.sh deleted file mode 100644 index 75d825c3aa8..00000000000 --- a/scripts/sudoif.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/usr/bin/bash -function sudoif(){ - if [[ "${TERM_PROGRAM:-}" == "vscode" && \ - ! -f /run/.containerenv && \ - ! -f /.dockerenv ]]; then - [[ $(command -v systemd-run) ]] && \ - /usr/bin/systemd-run --uid=0 --gid=0 -d -E TERM="$TERM" -t -q -P -G "$@" \ - || exit 1 - elif [[ $(command -v sudo) && -n ${SSH_ASKPASS:-} && ${DISPLAY:-} ]]; then - /usr/bin/sudo --askpass "$@" || exit 1 - elif [[ $(command -v sudo) ]]; then - /usr/bin/sudo "$@" || exit 1 - else - exit 1 - fi -} diff --git a/system_files/kinoite/etc/xdg/kcm-about-distrorc b/system_files/kinoite/etc/xdg/kcm-about-distrorc index 1a118ea4318..e03c6fe92b5 120000 --- a/system_files/kinoite/etc/xdg/kcm-about-distrorc +++ b/system_files/kinoite/etc/xdg/kcm-about-distrorc @@ -1 +1 @@ -../../../usr/share/kde-settings/kde-profile/default/xdg/kcm-about-distrorc \ No newline at end of file +../../usr/share/kde-settings/kde-profile/default/xdg/kcm-about-distrorc \ No newline at end of file diff --git a/system_files/kinoite/etc/xdg/kdeglobals b/system_files/kinoite/etc/xdg/kdeglobals index 600040e6052..4411df9b6dc 120000 --- a/system_files/kinoite/etc/xdg/kdeglobals +++ b/system_files/kinoite/etc/xdg/kdeglobals @@ -1 +1 @@ -../../../usr/share/kde-settings/kde-profile/default/xdg/kdeglobals \ No newline at end of file +../../usr/share/kde-settings/kde-profile/default/xdg/kdeglobals \ No newline at end of file diff --git a/system_files/kinoite/etc/xdg/krunnerrc b/system_files/kinoite/etc/xdg/krunnerrc index 9b7fc3539ed..5b46eae7456 120000 --- a/system_files/kinoite/etc/xdg/krunnerrc +++ b/system_files/kinoite/etc/xdg/krunnerrc @@ -1 +1 @@ -../../../usr/share/kde-settings/kde-profile/default/xdg/krunnerrc \ No newline at end of file +../../usr/share/kde-settings/kde-profile/default/xdg/krunnerrc \ No newline at end of file diff --git a/system_files/kinoite/etc/xdg/kwinrc b/system_files/kinoite/etc/xdg/kwinrc index e73cd8aa29f..296da6218cf 120000 --- a/system_files/kinoite/etc/xdg/kwinrc +++ b/system_files/kinoite/etc/xdg/kwinrc @@ -1 +1 @@ -../../../usr/share/kde-settings/kde-profile/default/xdg/kwinrc \ No newline at end of file +../../usr/share/kde-settings/kde-profile/default/xdg/kwinrc \ No newline at end of file