diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 47eb3f8e..d6dcfe40 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -7,7 +7,7 @@ on: required: true type: string env: - IMAGE_NAME: akmods + IMAGE_BASE_NAME: akmods IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} concurrency: @@ -31,27 +31,24 @@ jobs: - main - asus - fsync + - fsync-lts - surface cfile_suffix: - common - nvidia - nvidia_version: - - 0 - - 550 exclude: - - cfile_suffix: common - nvidia_version: 550 - - cfile_suffix: nvidia - nvidia_version: 0 - kernel_flavor: asus fedora_version: 38 - kernel_flavor: surface fedora_version: 38 - fedora_version: 38 kernel_flavor: fsync # kernel-fsync not required for ublue-os F38 + - fedora_version: 38 + kernel_flavor: fsync-lts - fedora_version: 40 kernel_flavor: fsync # kernel-fsync packages are not being built for F40 yet. - + - fedora_version: 40 + kernel_flavor: fsync-lts steps: # Checkout push-to-registry action GitHub repository - name: Checkout Push to Registry action @@ -60,14 +57,17 @@ jobs: - name: Matrix Variables shell: bash run: | - if [[ "${{ matrix.fedora_version }}" -ge "41" ]]; then - # when we are confident of official fedora images we can switch to them - echo "SOURCE_IMAGE=fedora-silverblue" >> $GITHUB_ENV - echo "SOURCE_ORG=fedora" >> $GITHUB_ENV + if [ "common" == "${{ matrix.cfile_suffix }}" ]; then + echo "IMAGE_NAME=${{ env.IMAGE_BASE_NAME }}" >> $GITHUB_ENV else - echo "SOURCE_IMAGE=base" >> $GITHUB_ENV - echo "SOURCE_ORG=fedora-ostree-desktops" >> $GITHUB_ENV + echo "IMAGE_NAME=${{ env.IMAGE_BASE_NAME }}-${{ matrix.cfile_suffix }}" >> $GITHUB_ENV fi + export SOURCE_IMAGE=base + export SOURCE_ORG=fedora-ostree-desktops + echo "SOURCE_IMAGE=${SOURCE_IMAGE}" >> $GITHUB_ENV + echo "SOURCE_ORG=${SOURCE_ORG}" >> $GITHUB_ENV + echo "FQ_SOURCE_IMAGE=quay.io/${SOURCE_ORG}/${SOURCE_IMAGE}:${{ matrix.fedora_version }}" >> $GITHUB_ENV + - name: Generate tags id: generate-tags @@ -75,11 +75,7 @@ jobs: run: | # Generate a timestamp for creating an image version history TIMESTAMP="$(date +%Y%m%d)" - if [[ "${{ matrix.cfile_suffix }}" == "nvidia" ]]; then - VARIANT="${{ matrix.kernel_flavor }}-${{ matrix.fedora_version }}-${{ matrix.nvidia_version }}" - else - VARIANT="${{ matrix.kernel_flavor }}-${{ matrix.fedora_version }}" - fi + VARIANT="${{ matrix.kernel_flavor }}-${{ matrix.fedora_version }}" COMMIT_TAGS=() BUILD_TAGS=() @@ -120,27 +116,71 @@ jobs: # DEBUG: get character count of key wc -c certs/private_key.priv - - name: Get current version - id: labels - uses: Wandalen/wretry.action@v2.1.0 + - name: Pull build image + uses: Wandalen/wretry.action@v3.4.0 with: attempt_limit: 3 attempt_delay: 15000 command: | - set -eo pipefail - skopeo inspect docker://quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }} > inspect.json - ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json) + # pull the base image used for FROM in containerfile so + # we can retry on that unfortunately common failure case + podman pull ${{ env.FQ_SOURCE_IMAGE }} + + - name: Get current version + run: | + set -eo pipefail + + # skopeo must always run to inspect image labels for build version + skopeo inspect docker://${{ env.FQ_SOURCE_IMAGE }} > inspect.json + ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json) + if [ -z "$ver" ] || [ "null" = "$ver" ]; then + echo "inspected image version must not be empty or null" + exit 1 + fi + + if [ "main" == "${{ matrix.kernel_flavor }}" ]; then + # main kernel_flavor: use ostree.linux to determine kernel version linux=$(jq -r '.Labels["ostree.linux"]' inspect.json) - if [ -z "$ver" ] || [ "null" = "$ver" ]; then - echo "inspected image version must not be empty or null" - exit 1 - fi - if [ -z "$linux" ] || [ "null" = "$linux" ]; then - echo "inspected image linux version must not be empty or null" - exit 1 - fi - echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV - echo "SOURCE_IMAGE_LINUX=$linux" >> $GITHUB_ENV + else + # other kernel_flavor: start container use dnf to find kernel version + container_name="fq-$(uuidgen)" + podman run --entrypoint /bin/bash --name "$container_name" -dt "${{ env.FQ_SOURCE_IMAGE }}" + podman exec $container_name rpm-ostree install dnf dnf-plugins-core + + # Fetch kernel version + dnf="podman exec $container_name dnf" + case "${{ matrix.kernel_flavor }}" in + "asus") + $dnf copr enable -y lukenukem/asus-kernel + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:lukenukem:asus-kernel --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "fsync") + $dnf copr enable -y sentry/kernel-fsync + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:sentry:kernel-fsync --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "fsync-lts") + $dnf copr enable -y sentry/kernel-ba + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:sentry:kernel-ba --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "main") + linux=$($dnf repoquery --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "surface") + $dnf config-manager --add-repo=https://pkg.surfacelinux.com/fedora/linux-surface.repo + linux=$($dnf repoquery --repoid linux-surface --whatprovides kernel-surface | tail -n1 | sed 's/.*://') + ;; + *) + echo "unexpected kernel_flavor '${{ matrix.kernel_flavor }}' for dnf repoquery" + ;; + esac + fi + + if [ -z "$linux" ] || [ "null" = "$linux" ]; then + echo "inspected image linux version must not be empty or null" + exit 1 + fi + echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV + echo "KERNEL_VERSION=$linux" >> $GITHUB_ENV # Build metadata - name: Image Metadata @@ -148,25 +188,15 @@ jobs: id: meta with: images: | - ${{ 'nvidia' == matrix.cfile_suffix && format('{0}-nvidia', env.IMAGE_NAME) || format('{0}', env.IMAGE_NAME) }} + ${{ env.IMAGE_NAME }} labels: | - org.opencontainers.image.title=${{ env.IMAGE_NAME }} + org.opencontainers.image.title=${{ env.IMAGE_BASE_NAME }} org.opencontainers.image.description=A caching layer for pre-built akmod RPMs org.opencontainers.image.version=${{ env.SOURCE_IMAGE_VERSION }} - ostree.linux=${{ env.SOURCE_IMAGE_LINUX }} + ostree.linux=${{ env.KERNEL_VERSION }} io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/1728152?s=200&v=4 - - name: Pull build image - uses: Wandalen/wretry.action@v2.1.0 - with: - attempt_limit: 3 - attempt_delay: 15000 - command: | - # pull the base image used for FROM in containerfile so - # we can retry on that unfortunately common failure case - podman pull quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }} - # Build image using Buildah action - name: Build Image id: build_image @@ -174,15 +204,15 @@ jobs: with: containerfiles: | ./Containerfile.${{ matrix.cfile_suffix }} - image: ${{ 'nvidia' == matrix.cfile_suffix && format('{0}-nvidia', env.IMAGE_NAME) || format('{0}', env.IMAGE_NAME) }} + image: ${{ env.IMAGE_NAME }} tags: | ${{ steps.generate-tags.outputs.alias_tags }} build-args: | SOURCE_IMAGE=${{ env.SOURCE_IMAGE }} SOURCE_ORG=${{ env.SOURCE_ORG }} KERNEL_FLAVOR=${{ matrix.kernel_flavor }} + KERNEL_VERSION=${{ env.KERNEL_VERSION }} FEDORA_MAJOR_VERSION=${{ matrix.fedora_version }} - NVIDIA_MAJOR_VERSION=${{ matrix.nvidia_version }} RPMFUSION_MIRROR=${{ vars.RPMFUSION_MIRROR }} labels: ${{ steps.meta.outputs.labels }} oci: false @@ -197,7 +227,7 @@ jobs: - name: Push To GHCR - uses: Wandalen/wretry.action@v2.1.0 + uses: Wandalen/wretry.action@v3.4.0 id: push if: github.event_name != 'pull_request' env: diff --git a/Containerfile.common b/Containerfile.common index aa11d52b..0c6cdf21 100644 --- a/Containerfile.common +++ b/Containerfile.common @@ -11,6 +11,7 @@ ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}" FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS builder ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}" ARG KERNEL_FLAVOR="{KERNEL_FLAVOR:-main}" +ARG KERNEL_VERSION="" ARG RPMFUSION_MIRROR="" COPY build*.sh /tmp diff --git a/Containerfile.nvidia b/Containerfile.nvidia index be0fad5f..fffeb0b8 100644 --- a/Containerfile.nvidia +++ b/Containerfile.nvidia @@ -1,8 +1,8 @@ ### -### Containerfile.nvidia - used to build ONLY NVIDIA kmods (one driver version per build) +### Containerfile.nvidia - used to build ONLY NVIDIA kmods ### -#Build from base, simpley because it's the smallest image +#Build from base, simply because it's the smallest image ARG SOURCE_IMAGE="${SOURCE_IMAGE:-base}" ARG SOURCE_ORG="${SOURCE_ORG:-fedora-ostree-desktops}" ARG BASE_IMAGE="quay.io/${SOURCE_ORG}/${SOURCE_IMAGE}" @@ -10,8 +10,8 @@ ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}" FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS builder ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}" -ARG NVIDIA_MAJOR_VERSION="${NVIDIA_MAJOR_VERSION:-550}" ARG KERNEL_FLAVOR="{KERNEL_FLAVOR:-main}" +ARG KERNEL_VERSION="" ARG RPMFUSION_MIRROR="" COPY build*.sh /tmp @@ -39,7 +39,7 @@ RUN if grep -qv "surface" <<< "${KERNEL_FLAVOR}"; then \ ; else \ export KERNEL_NAME="kernel-surface" \ ; fi && \ - /tmp/build-kmod-nvidia.sh ${NVIDIA_MAJOR_VERSION} + /tmp/build-kmod-nvidia.sh 550 RUN cp /tmp/ublue-os-nvidia-addons/rpmbuild/RPMS/noarch/ublue-os-nvidia-addons*.rpm \ /var/cache/rpms/ublue-os/ diff --git a/README.md b/README.md index 1e357bc5..06067248 100644 --- a/README.md +++ b/README.md @@ -41,21 +41,21 @@ The [`akmods` image](https://github.com/orgs/ublue-os/packages/container/package Here's a rundown on how it's organized. -We do our best to support all current builds of Fedora, current versions of the kernel modules listed, and in the case of NVIDIA current (550). -**Note: NVIDIA legacy driver version 470 is no longer provided as RPMfusion has ceased updates to the package and it no longer builds with kernel 6.8 which has now released for Fedora 38 and 39.** +We do our best to support all current builds of Fedora, current versions of the kernel modules listed, and the latest NVIDIA driver. +**Note: NVIDIA legacy driver version 470 is no longer provided as RPMfusion has ceased updates to the package and it no longer builds with kernel 6.8 which has now released for Fedora 38 and 39. Also the `-550` extra driver version tag has been removed as the latest driver will always be included.** The majority of the drivers are tagged with `KERNEL_TYPE-FEDORA_RELEASE`. NVIDIA drivers are bundled distinctly with tag `KERNEL_TYPE-FEDORA_RELEASE-NVIDIA_VERSION`. | KERNEL_TYPE | FEDORA_RELEASE | TAG | | - | - | - | -| Fedora stock kernel | 38 | `main-38`, `main-38-550` | -| | 39 | `main-39`, `main-39-550` | -| | 40 | `main-40`, `main-40-550` | -| [patched for ASUS devices](https://copr.fedorainfracloud.org/coprs/lukenukem/asus-kernel) | 39 | `asus-39`, `asus-39-550` | -| | 40 | `asus-40`, `asus-40-550` | -| [patched fsync](https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync) | 39 | `fsync-39`, `fsync-39-550` | -| [patched Microsoft Surface devices](https://github.com/linux-surface/linux-surface/) | 39 | `surface-39`, `surface-39-550` | -| | 40 | `surface-40`, `surface-40-550` | +| Fedora stock kernel | 38 | `main-38` | +| | 39 | `main-39` | +| | 40 | `main-40` | +| [patched for ASUS devices](https://copr.fedorainfracloud.org/coprs/lukenukem/asus-kernel) | 39 | `asus-39`| +| | 40 | `asus-40` | +| [patched fsync](https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync) | 39 | `fsync-39` | +| [patched Microsoft Surface devices](https://github.com/linux-surface/linux-surface/) | 39 | `surface-39` | +| | 40 | `surface-40` | diff --git a/build-kmod-nvidia.sh b/build-kmod-nvidia.sh index 2948701e..0113481c 100755 --- a/build-kmod-nvidia.sh +++ b/build-kmod-nvidia.sh @@ -34,7 +34,7 @@ akmods --force --kernels "${KERNEL_VERSION}" --kmod "${NVIDIA_PACKAGE_NAME}" modinfo /usr/lib/modules/${KERNEL_VERSION}/extra/${NVIDIA_PACKAGE_NAME}/nvidia{,-drm,-modeset,-peermem,-uvm}.ko.xz > /dev/null || \ (cat /var/cache/akmods/${NVIDIA_PACKAGE_NAME}/${NVIDIA_AKMOD_VERSION}-for-${KERNEL_VERSION}.failed.log && exit 1) -cat < /var/cache/rpms/kmods/nvidia-vars.${NVIDIA_MAJOR_VERSION} +cat < /var/cache/rpms/kmods/nvidia-vars KERNEL_VERSION=${KERNEL_VERSION} RELEASE=${RELEASE} NVIDIA_PACKAGE_NAME=${NVIDIA_PACKAGE_NAME} diff --git a/build-kmod-v4l2loopback.sh b/build-kmod-v4l2loopback.sh index ed55af51..3120f73a 100755 --- a/build-kmod-v4l2loopback.sh +++ b/build-kmod-v4l2loopback.sh @@ -7,11 +7,6 @@ ARCH="$(rpm -E '%_arch')" KERNEL="$(rpm -q "${KERNEL_NAME}" --queryformat '%{VERSION}-%{RELEASE}.%{ARCH}')" RELEASE="$(rpm -E '%fedora')" -if [[ "${RELEASE}" -lt "40" ]]; then - echo "SKIPPED BUILD of v4l2loopback: compile failure on 6.8 kernels in F38/F39 as of 2024-03-27" - exit 0 -fi - ### BUILD v4l2loopbak (succeed or fail-fast with debug output) rpm-ostree install \ akmod-v4l2loopback-*.fc${RELEASE}.${ARCH} diff --git a/build-prep.sh b/build-prep.sh index bf228967..e1b5be00 100755 --- a/build-prep.sh +++ b/build-prep.sh @@ -42,10 +42,15 @@ if [ -n "${RPMFUSION_MIRROR}" ]; then sed -i "s%^#baseurl=http://download1.rpmfusion.org%baseurl=${RPMFUSION_MIRROR}%" /etc/yum.repos.d/rpmfusion-*.repo fi +# required for main and surface when fedora repo has updated kernel beyond what was in the image +curl -L -o /etc/yum.repos.d/fedora-coreos-pool.repo \ + https://raw.githubusercontent.com/coreos/fedora-coreos-config/testing-devel/fedora-coreos-pool.repo + ### PREPARE CUSTOM KERNEL SUPPORT if [[ "asus" == "${KERNEL_FLAVOR}" ]]; then echo "Installing ASUS Kernel:" - wget https://copr.fedorainfracloud.org/coprs/lukenukem/asus-kernel/repo/fedora-$(rpm -E %fedora)/lukenukem-asus-kernel-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_lukenukem-asus-kernel.repo + curl -L -o /etc/yum.repos.d/_copr_lukenukem-asus-kernel.repo \ + https://copr.fedorainfracloud.org/coprs/lukenukem/asus-kernel/repo/fedora-$(rpm -E %fedora)/lukenukem-asus-kernel-fedora-$(rpm -E %fedora).repo rpm-ostree cliwrap install-to-root / rpm-ostree override replace \ --experimental \ @@ -57,9 +62,25 @@ if [[ "asus" == "${KERNEL_FLAVOR}" ]]; then kernel-modules \ kernel-modules-core \ kernel-modules-extra +elif [[ "fsync-lts" == "${KERNEL_FLAVOR}" ]]; then + echo "Installing fsync-lts kernel:" + curl -L -o /etc/yum.repos.d/_copr_sentry-kernel-ba.repo \ + https://copr.fedorainfracloud.org/coprs/sentry/kernel-ba/repo/fedora-$(rpm -E %fedora)/sentry-kernel-ba-fedora-$(rpm -E %fedora).repo + rpm-ostree cliwrap install-to-root / + rpm-ostree override replace \ + --experimental \ + --from repo=copr:copr.fedorainfracloud.org:sentry:kernel-ba \ + kernel \ + kernel-core \ + kernel-devel \ + kernel-devel-matched \ + kernel-modules \ + kernel-modules-core \ + kernel-modules-extra elif [[ "fsync" == "${KERNEL_FLAVOR}" ]]; then echo "Installing fsync kernel:" - wget https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync/repo/fedora-$(rpm -E %fedora)/sentry-kernel-fsync-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_sentry-kernel-fsync.repo + curl -L -o /etc/yum.repos.d/_copr_sentry-kernel-fsync.repo \ + https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync/repo/fedora-$(rpm -E %fedora)/sentry-kernel-fsync-fedora-$(rpm -E %fedora).repo rpm-ostree cliwrap install-to-root / rpm-ostree override replace \ --experimental \ @@ -74,9 +95,10 @@ elif [[ "fsync" == "${KERNEL_FLAVOR}" ]]; then elif [[ "surface" == "${KERNEL_FLAVOR}" ]]; then echo "Installing Surface Kernel:" # Add Linux Surface repo - wget https://pkg.surfacelinux.com/fedora/linux-surface.repo -P /etc/yum.repos.d - wget https://github.com/linux-surface/linux-surface/releases/download/silverblue-20201215-1/kernel-20201215-1.x86_64.rpm -O \ - /tmp/surface-kernel.rpm + curl -L -o /etc/yum.repos.d/linux-surface.repo \ + https://pkg.surfacelinux.com/fedora/linux-surface.repo + curl -L -o /tmp/surface-kernel.rpm \ + https://github.com/linux-surface/linux-surface/releases/download/silverblue-20201215-1/kernel-20201215-1.x86_64.rpm rpm-ostree cliwrap install-to-root / rpm-ostree override replace /tmp/surface-kernel.rpm \ --remove kernel-core \ @@ -89,8 +111,18 @@ elif [[ "surface" == "${KERNEL_FLAVOR}" ]]; then --install kernel-surface-modules \ --install kernel-surface-modules-core \ --install kernel-surface-modules-extra +elif [[ "main" == "${KERNEL_FLAVOR}" ]] && \ + [[ "" != "${KERNEL_VERSION}" ]]; then + echo "main kernel version ${KERNEL_VERSION} to avoid upgrading kernel beyond what is in the image." + rpm-ostree cliwrap install-to-root / + rpm-ostree install \ + kernel-devel-${KERNEL_VERSION} \ + kernel-devel-matched-${KERNEL_VERSION} else - echo "Default main kernel needs no customization." + echo "Default main kernel without a specific version." + rpm-ostree install \ + kernel-devel \ + kernel-devel-matched fi