From dbc698475433375763bef4c4e69c1341f4de10a1 Mon Sep 17 00:00:00 2001 From: Noel Miller Date: Tue, 5 Mar 2024 08:09:52 -0600 Subject: [PATCH] fix: fixed up action and combined build-container and test-iso workflows --- ...e.yml => build-container-and-test-iso.yml} | 56 +++++++++++- .github/workflows/test-iso.yml | 89 ------------------ action.yml | 91 ++++--------------- 3 files changed, 69 insertions(+), 167 deletions(-) rename .github/workflows/{build-container-image.yml => build-container-and-test-iso.yml} (76%) delete mode 100644 .github/workflows/test-iso.yml diff --git a/.github/workflows/build-container-image.yml b/.github/workflows/build-container-and-test-iso.yml similarity index 76% rename from .github/workflows/build-container-image.yml rename to .github/workflows/build-container-and-test-iso.yml index 0a360dcb..7090b695 100644 --- a/.github/workflows/build-container-image.yml +++ b/.github/workflows/build-container-and-test-iso.yml @@ -16,9 +16,10 @@ on: env: IMAGE_NAME: "isogenerator" IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} + FLATPAK_REFS: app/org.videolan.VLC/x86_64/stable runtime/org.kde.Platform/x86_64/5.15-23.08 jobs: - push-image: + build-image: name: Build and push container image runs-on: ubuntu-22.04 permissions: @@ -27,7 +28,7 @@ jobs: strategy: fail-fast: false matrix: - version: + version: - 38 - 39 - 40 @@ -174,15 +175,64 @@ jobs: COSIGN_EXPERIMENTAL: false COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }} + build-and-push-iso: + name: Build ISO + runs-on: ubuntu-latest + needs: build-image + permissions: + contents: read + packages: write + strategy: + fail-fast: false + matrix: + version: [38, 39] + boot: [secureboot, insecure] + include: + - boot: secureboot + SECURE_BOOT_KEY_URL: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' + ENROLLMENT_PASSWORD: 'ublue-os' + SECURE_BOOT_STRING: '-secure' + - boot: insecure + SECURE_BOOT_KEY_URL: '' + ENROLLMENT_PASSWORD: '' + SECURE_BOOT_STRING: '' + + steps: + - name: Build ISO + id: build-iso + uses: ./ + with: + ARCH: 'x86_64' + IMAGE_NAME: 'base-main' + IMAGE_REPO: 'ghcr.io/ublue-os' + VARIANT: 'Kinoite' + VERSION: ${{ matrix.version }} + SECURE_BOOT_KEY_URL: ${{ matrix.SECURE_BOOT_KEY_URL }} + ENROLLMENT_PASSWORD: ${{ matrix.ENROLLMENT_PASSWORD }} + FLATPAK_REMOTE_REFS: ${{ env.FLATPAK_REFS }} + + - name: Upload ISO as artifact + uses: actions/upload-artifact@v4 + with: + name: base-main-${{ matrix.version }}${{ matrix.SECURE_BOOT_STRING }}.iso + path: | + ${{ steps.build-iso.outputs.iso-path }} + ${{ steps.build-iso.outputs.checksum-path }} + if-no-files-found: error + retention-days: 0 + compression-level: 0 + overwrite: true + check: name: Check build successful if: ${{ !cancelled() }} runs-on: ubuntu-latest needs: - push-image + - build-and-push-iso steps: - name: Exit on failure for main - if: ${{ needs.push-image.result == 'failure' || needs.push-image.result == 'skipped' }} + if: ${{ needs.build-image.result == 'failure' || needs.build-image.result == 'skipped' || needs.build-and-push-iso.result == 'failure' || needs.build-and-push-iso.result == 'skipped' }} shell: bash run: exit 1 - name: Exit diff --git a/.github/workflows/test-iso.yml b/.github/workflows/test-iso.yml deleted file mode 100644 index 77b896b5..00000000 --- a/.github/workflows/test-iso.yml +++ /dev/null @@ -1,89 +0,0 @@ -name: Test Generate ISO - -on: - merge_group: - pull_request: - branches: - - main - paths-ignore: - - 'Containerfile' - - '*.md' - - 'LICENSE' - - 'CODEOWNERS' - workflow_dispatch: - -env: - FLATPAK_REFS: app/org.videolan.VLC/x86_64/stable runtime/org.kde.Platform/x86_64/5.15-23.08 - -jobs: - build-and-push-iso: - name: Build ISO - runs-on: ubuntu-latest - container: - image: fedora:39 - options: "--privileged" - volumes: - - "/:/host" - permissions: - contents: read - packages: write - strategy: - fail-fast: false - matrix: - version: [38, 39] - boot: [secureboot, insecure] - include: - - boot: secureboot - SECURE_BOOT_KEY_URL: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' - ENROLLMENT_PASSWORD: 'ublue-os' - SECURE_BOOT_STRING: '-secure' - - boot: insecure - SECURE_BOOT_KEY_URL: '' - ENROLLMENT_PASSWORD: '' - SECURE_BOOT_STRING: '' - - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - submodules: recursive - - - name: Build ISO - id: build-iso - uses: ./ - with: - ARCH: 'x86_64' - IMAGE_NAME: 'base-main' - IMAGE_REPO: 'ghcr.io/ublue-os' - VARIANT: 'Kinoite' - VERSION: ${{ matrix.version }} - SECURE_BOOT_KEY_URL: ${{ matrix.SECURE_BOOT_KEY_URL }} - ENROLLMENT_PASSWORD: ${{ matrix.ENROLLMENT_PASSWORD }} - FLATPAK_REMOTE_REFS: ${{ env.FLATPAK_REFS }} - - - name: Upload ISO as artifact - uses: actions/upload-artifact@v4 - with: - name: base-main-${{ matrix.version }}${{ matrix.SECURE_BOOT_STRING }}.iso - path: | - ${{ steps.build-iso.outputs.iso-path }} - ${{ steps.build-iso.outputs.checksum-path }} - if-no-files-found: error - retention-days: 0 - compression-level: 0 - overwrite: true - - check: - name: Check build successful - if: ${{ !cancelled() }} - runs-on: ubuntu-latest - needs: - - build-and-push-iso - steps: - - name: Exit on failure for main - if: ${{ needs.build-and-push-iso.result == 'failure' || needs.build-and-push-iso.result == 'skipped' }} - shell: bash - run: exit 1 - - name: Exit - shell: bash - run: exit 0 diff --git a/action.yml b/action.yml index 3bc7f309..419d2a13 100644 --- a/action.yml +++ b/action.yml @@ -69,85 +69,26 @@ outputs: runs: using: composite steps: - - name: Cleanup host - shell: bash - run: | - if [[ -d /host ]] - then - df -h /host - # Remove Android Library - rm -Rf /host/usr/local/lib/android - # Remove .NET runtime - rm -Rf /host/usr/share/dotnet - # Remove Haskell runtime - rm -rf /host/opt/ghc - rm -rf /host/usr/local/.ghcup - chroot /host docker image prune --all --force - df -h /host - else - echo "Host must be mounted as /host in order to make more space" - fi - - - name: Install Make - shell: bash - run: dnf install -y make - - - name: Install dependencies - shell: bash - working-directory: ${{ github.action_path }} - run: make install-deps - - - name: Lowercase Registry - id: registry_case - uses: ASzc/change-string-case-action@v6 - with: - string: ${{ inputs.IMAGE_REPO }} - - - name: Download image - shell: bash - working-directory: ${{ github.action_path }} - run: | - make container/${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }} \ - ARCH=${{ inputs.ARCH }} \ - IMAGE_NAME=${{ inputs.IMAGE_NAME }} \ - IMAGE_REPO=${{ steps.registry_case.outputs.lowercase }} \ - IMAGE_TAG=${{ inputs.IMAGE_TAG || inputs.VERSION }} \ - VARIANT=${{ inputs.VARIANT }} \ - VERSION=${{ inputs.VERSION }} \ - WEB_UI=${{ inputs.WEB_UI }} - - - name: Create boot.iso - shell: bash - working-directory: ${{ github.action_path }} - run: | - make boot.iso \ - ARCH=${{ inputs.ARCH }} \ - IMAGE_NAME=${{ inputs.IMAGE_NAME }} \ - IMAGE_REPO=${{ steps.registry_case.outputs.lowercase }} \ - IMAGE_TAG=${{ inputs.IMAGE_TAG || inputs.VERSION }} \ - VARIANT=${{ inputs.VARIANT }} \ - VERSION=${{ inputs.VERSION }} \ - WEB_UI=${{ inputs.WEB_UI }} \ - EXTRA_BOOT_PARAMS=${{ inputs.EXTRA_BOOT_PARAMS }} \ - SECURE_BOOT_KEY_URL=${{ inputs.SECURE_BOOT_KEY_URL }} \ - ENROLLMENT_PASSWORD=${{ inputs.ENROLLMENT_PASSWORD }} \ - FLATPAK_REMOTE_NAME=${{ inputs.FLATPAK_REMOTE_NAME }} \ - FLATPAK_REMOTE_URL=${{ inputs.FLATPAK_REMOTE_URL }} \ - FLATPAK_REMOTE_REFS="${{ inputs.FLATPAK_REMOTE_REFS }}" - - - name: Create deploy.iso and generate sha256 checksum + - name: Run docker image and generate sha256 checksum shell: bash id: final working-directory: ${{ github.action_path }} run: | - make ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso \ - ARCH=${{ inputs.ARCH }} \ - IMAGE_NAME=${{ inputs.IMAGE_NAME }} \ - IMAGE_REPO=${{ steps.registry_case.outputs.lowercase }} \ - IMAGE_TAG=${{ inputs.IMAGE_TAG || inputs.VERSION }} \ - VARIANT=${{ inputs.VARIANT }} \ - VERSION=${{ inputs.VERSION }} \ - WEB_UI=${{ inputs.WEB_UI }} + # Check if running inside of the action repo + if [[ -z "${{ github.action_ref }}" ]]; then if [[ "${{ github.ref_name }}" =~ (.*)/merge ]]; then tag=pr-${BASH_REMATCH[1]}; else tag=${{ github.ref_name }}; fi; fi + if [[ -z "${tag}" ]]; then tag=${{ github.action_ref }}; fi + docker run --privileged --volume .:/isogenerator/output \ + -e ARCH=${{ inputs.arch }} \ + -e IMAGE_NAME=${{ inputs.image_name }} \ + -e IMAGE_REPO=${{ inputs.image_repo }} \ + -e VARIANT=${{ inputs.variant }} \ + -e VERSION=${{ inputs.version }} \ + -e IMAGE_TAG=${{ inputs.image_tag || inputs.version }} \ + -e WEB_UI=${{ inputs.web_ui }} \ + -e FLATPAK_REMOTE_NAME=${{ inputs.flatpak_remote_name }} \ + -e FLATPAK_REMOTE_URL=${{ inputs.flatpak_remote_url }} \ + -e FLATPAK_REMOTE_REFS="${{ inputs.flatpak_remote_refs }}" \ + ghcr.io/jasonn3/build-container-installer:${tag} mkdir end_iso sha256sum ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso > ./end_iso/${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}-CHECKSUM mv ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso end_iso/