From 287bc4f23b1625bcae0b008edfcc26b02469828d Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Mon, 8 Apr 2024 15:16:42 -0500 Subject: [PATCH 1/8] chore: add proper kernel version to ostree.linux label --- .github/workflows/build-38.yml | 2 +- .github/workflows/build-39.yml | 2 +- .github/workflows/reusable-build.yml | 52 ++++++++++++++-------------- 3 files changed, 28 insertions(+), 28 deletions(-) diff --git a/.github/workflows/build-38.yml b/.github/workflows/build-38.yml index 0496f426..3242085d 100644 --- a/.github/workflows/build-38.yml +++ b/.github/workflows/build-38.yml @@ -1,6 +1,6 @@ name: ublue akmods 38 on: - pull_request: + #pull_request: merge_group: schedule: - cron: '10 14 * * *' # 2pm-ish UTC everyday (timed against official fedora container pushes, and after 'config') diff --git a/.github/workflows/build-39.yml b/.github/workflows/build-39.yml index 11ad11f8..90596696 100644 --- a/.github/workflows/build-39.yml +++ b/.github/workflows/build-39.yml @@ -1,6 +1,6 @@ name: ublue akmods 39 on: - pull_request: + #pull_request: merge_group: schedule: - cron: '0 14 * * *' # 2pm-ish UTC everyday (timed against official fedora container pushes, and after 'config') diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 57047d10..4e0a6ed5 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -73,6 +73,8 @@ jobs: echo "SOURCE_IMAGE=base" >> $GITHUB_ENV echo "SOURCE_ORG=fedora-ostree-desktops" >> $GITHUB_ENV fi + echo "FQ_SOURCE_IMAGE=quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }}" >> $GITHUB_ENV + - name: Generate tags id: generate-tags @@ -125,27 +127,35 @@ jobs: # DEBUG: get character count of key wc -c certs/private_key.priv - - name: Get current version - id: labels + - name: Pull build image uses: Wandalen/wretry.action@v2.1.0 with: attempt_limit: 3 attempt_delay: 15000 command: | - set -eo pipefail - skopeo inspect docker://quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }} > inspect.json - ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json) - linux=$(jq -r '.Labels["ostree.linux"]' inspect.json) - if [ -z "$ver" ] || [ "null" = "$ver" ]; then - echo "inspected image version must not be empty or null" - exit 1 - fi - if [ -z "$linux" ] || [ "null" = "$linux" ]; then - echo "inspected image linux version must not be empty or null" - exit 1 - fi - echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV - echo "SOURCE_IMAGE_LINUX=$linux" >> $GITHUB_ENV + # pull the base image used for FROM in containerfile so + # we can retry on that unfortunately common failure case + podman pull ${{ env.FQ_SOURCE_IMAGE }} + + - name: Get current version + id: labels + uses: docker://${{ FQ_SOURCE_IMAGE }} + shell: bash + run: | + set -eo pipefail + skopeo inspect docker://${{ env.FQ_SOURCE_IMAGE }} > inspect.json + ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json) + linux=$(jq -r '.Labels["ostree.linux"]' inspect.json) + if [ -z "$ver" ] || [ "null" = "$ver" ]; then + echo "inspected image version must not be empty or null" + exit 1 + fi + if [ -z "$linux" ] || [ "null" = "$linux" ]; then + echo "inspected image linux version must not be empty or null" + exit 1 + fi + echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV + echo "SOURCE_IMAGE_LINUX=$linux" >> $GITHUB_ENV # Build metadata - name: Image Metadata @@ -162,16 +172,6 @@ jobs: io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/1728152?s=200&v=4 - - name: Pull build image - uses: Wandalen/wretry.action@v2.1.0 - with: - attempt_limit: 3 - attempt_delay: 15000 - command: | - # pull the base image used for FROM in containerfile so - # we can retry on that unfortunately common failure case - podman pull quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }} - # Build image using Buildah action - name: Build Image id: build_image From 98aa72398428be053b28b72386ddaa9240293fb8 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Tue, 9 Apr 2024 09:20:03 -0500 Subject: [PATCH 2/8] chore: use docker-run-action --- .github/workflows/reusable-build.yml | 36 +++++++++++++++------------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 4e0a6ed5..767fe190 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -139,23 +139,25 @@ jobs: - name: Get current version id: labels - uses: docker://${{ FQ_SOURCE_IMAGE }} - shell: bash - run: | - set -eo pipefail - skopeo inspect docker://${{ env.FQ_SOURCE_IMAGE }} > inspect.json - ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json) - linux=$(jq -r '.Labels["ostree.linux"]' inspect.json) - if [ -z "$ver" ] || [ "null" = "$ver" ]; then - echo "inspected image version must not be empty or null" - exit 1 - fi - if [ -z "$linux" ] || [ "null" = "$linux" ]; then - echo "inspected image linux version must not be empty or null" - exit 1 - fi - echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV - echo "SOURCE_IMAGE_LINUX=$linux" >> $GITHUB_ENV + uses: addnab/docker-run-action@v3 + with: + image: ${{ FQ_SOURCE_IMAGE }} + shell: bash + run: | + set -eo pipefail + skopeo inspect docker://${{ env.FQ_SOURCE_IMAGE }} > inspect.json + ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json) + linux=$(jq -r '.Labels["ostree.linux"]' inspect.json) + if [ -z "$ver" ] || [ "null" = "$ver" ]; then + echo "inspected image version must not be empty or null" + exit 1 + fi + if [ -z "$linux" ] || [ "null" = "$linux" ]; then + echo "inspected image linux version must not be empty or null" + exit 1 + fi + echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV + echo "SOURCE_IMAGE_LINUX=$linux" >> $GITHUB_ENV # Build metadata - name: Image Metadata From 0fd13c4c2f7e9cb664777b6021b47b204f8d8e29 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Tue, 9 Apr 2024 09:26:53 -0500 Subject: [PATCH 3/8] fix: typo on env FQ_SOURCE_IMAGE --- .github/workflows/reusable-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 767fe190..858ab3e2 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -141,7 +141,7 @@ jobs: id: labels uses: addnab/docker-run-action@v3 with: - image: ${{ FQ_SOURCE_IMAGE }} + image: ${{ env.FQ_SOURCE_IMAGE }} shell: bash run: | set -eo pipefail From 5614747d1460ea0adb078fa797c735ad73200499 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Tue, 9 Apr 2024 09:30:24 -0500 Subject: [PATCH 4/8] fix: context of env vars --- .github/workflows/reusable-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 858ab3e2..db8dacb2 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -73,7 +73,7 @@ jobs: echo "SOURCE_IMAGE=base" >> $GITHUB_ENV echo "SOURCE_ORG=fedora-ostree-desktops" >> $GITHUB_ENV fi - echo "FQ_SOURCE_IMAGE=quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }}" >> $GITHUB_ENV + echo "FQ_SOURCE_IMAGE=quay.io/${{ SOURCE_ORG }}/${{ SOURCE_IMAGE }}:${{ matrix.fedora_version }}" >> $GITHUB_ENV - name: Generate tags From e5fae74efac9d2a7e3fceaeddd6e9362ff5d1200 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Tue, 9 Apr 2024 09:31:16 -0500 Subject: [PATCH 5/8] fix: bash not GH vars --- .github/workflows/reusable-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index db8dacb2..95d3f49a 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -73,7 +73,7 @@ jobs: echo "SOURCE_IMAGE=base" >> $GITHUB_ENV echo "SOURCE_ORG=fedora-ostree-desktops" >> $GITHUB_ENV fi - echo "FQ_SOURCE_IMAGE=quay.io/${{ SOURCE_ORG }}/${{ SOURCE_IMAGE }}:${{ matrix.fedora_version }}" >> $GITHUB_ENV + echo "FQ_SOURCE_IMAGE=quay.io/${SOURCE_ORG}/${SOURCE_IMAGE}:${{ matrix.fedora_version }}" >> $GITHUB_ENV - name: Generate tags From 55854319e8003086ad45d823712ac90264253227 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Tue, 9 Apr 2024 09:37:53 -0500 Subject: [PATCH 6/8] fix: vars are funny --- .github/workflows/reusable-build.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 95d3f49a..295a5ef4 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -67,13 +67,15 @@ jobs: run: | if [[ "${{ matrix.fedora_version }}" -ge "41" ]]; then # when we are confident of official fedora images we can switch to them - echo "SOURCE_IMAGE=fedora-silverblue" >> $GITHUB_ENV - echo "SOURCE_ORG=fedora" >> $GITHUB_ENV + export SOURCE_IMAGE=fedora-silverblue + export SOURCE_ORG=fedora else - echo "SOURCE_IMAGE=base" >> $GITHUB_ENV - echo "SOURCE_ORG=fedora-ostree-desktops" >> $GITHUB_ENV + export SOURCE_IMAGE=base + export SOURCE_ORG=fedora-ostree-desktops fi echo "FQ_SOURCE_IMAGE=quay.io/${SOURCE_ORG}/${SOURCE_IMAGE}:${{ matrix.fedora_version }}" >> $GITHUB_ENV + echo "SOURCE_IMAGE=${SOURCE_IMAGE}" >> $GITHUB_ENV + echo "SOURCE_ORG=${SOURCE_ORG}" >> $GITHUB_ENV - name: Generate tags From e21e235b10f1b80c25cd9540bed7762bf279f040 Mon Sep 17 00:00:00 2001 From: RJ Trujillo Date: Sat, 13 Apr 2024 17:08:37 -0600 Subject: [PATCH 7/8] fix(ci): Use podman to retrieve kernel Signed-off-by: RJ Trujillo --- .github/workflows/reusable-build.yml | 43 ++++++++++++++-------------- 1 file changed, 22 insertions(+), 21 deletions(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 295a5ef4..04bf1f8b 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -56,7 +56,6 @@ jobs: kernel_flavor: fsync # kernel-fsync packages are not being built for F40 yet. - fedora_version: 40 kernel_flavor: fsync-lts - steps: # Checkout push-to-registry action GitHub repository - name: Checkout Push to Registry action @@ -140,26 +139,28 @@ jobs: podman pull ${{ env.FQ_SOURCE_IMAGE }} - name: Get current version - id: labels - uses: addnab/docker-run-action@v3 - with: - image: ${{ env.FQ_SOURCE_IMAGE }} - shell: bash - run: | - set -eo pipefail - skopeo inspect docker://${{ env.FQ_SOURCE_IMAGE }} > inspect.json - ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json) - linux=$(jq -r '.Labels["ostree.linux"]' inspect.json) - if [ -z "$ver" ] || [ "null" = "$ver" ]; then - echo "inspected image version must not be empty or null" - exit 1 - fi - if [ -z "$linux" ] || [ "null" = "$linux" ]; then - echo "inspected image linux version must not be empty or null" - exit 1 - fi - echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV - echo "SOURCE_IMAGE_LINUX=$linux" >> $GITHUB_ENV + run: | + set -eo pipefail + + # Get kernel version with podman + container_name="fq-$(uuidgen)" + podman run --entrypoint /bin/bash --name "$container_name" -dt "${{ env.FQ_SOURCE_IMAGE }}" + installed_packages=$(podman exec "$container_name" rpm -qa) + kernel_suffix="linux" + linux=$(echo $installed_packages | grep -P 'kernel-(|'"$kernel_suffix"'-)(\d+\.\d+\.\d+)' | sed -E 's/kernel-(|'"$kernel_suffix"'-)//') + + skopeo inspect docker://${{ env.FQ_SOURCE_IMAGE }} > inspect.json + ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json) + if [ -z "$ver" ] || [ "null" = "$ver" ]; then + echo "inspected image version must not be empty or null" + exit 1 + fi + if [ -z "$linux" ] || [ "null" = "$linux" ]; then + echo "inspected image linux version must not be empty or null" + exit 1 + fi + echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV + echo "SOURCE_IMAGE_LINUX=$linux" >> $GITHUB_ENV # Build metadata - name: Image Metadata From b2d55f49549a5ca8085136629d9f598f7cd319e4 Mon Sep 17 00:00:00 2001 From: RJ Trujillo Date: Sun, 14 Apr 2024 12:22:11 -0600 Subject: [PATCH 8/8] fix(ci): Support version retrieval across kernel variants Signed-off-by: RJ Trujillo --- .github/workflows/reusable-build.yml | 30 ++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 04bf1f8b..2bab2787 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -142,12 +142,34 @@ jobs: run: | set -eo pipefail - # Get kernel version with podman + # Start container and install dnf container_name="fq-$(uuidgen)" podman run --entrypoint /bin/bash --name "$container_name" -dt "${{ env.FQ_SOURCE_IMAGE }}" - installed_packages=$(podman exec "$container_name" rpm -qa) - kernel_suffix="linux" - linux=$(echo $installed_packages | grep -P 'kernel-(|'"$kernel_suffix"'-)(\d+\.\d+\.\d+)' | sed -E 's/kernel-(|'"$kernel_suffix"'-)//') + podman exec $container_name rpm-ostree install dnf dnf-plugins-core + + # Fetch kernel version + dnf="podman exec $container_name dnf" + case "${{ matrix.kernel_flavor }}" in + "asus") + $dnf copr enable -y lukenukem/asus-kernel + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:lukenukem:asus-kernel --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "fsync") + $dnf copr enable -y sentry/kernel-fsync + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:sentry:kernel-fsync --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "fsync-lts") + $dnf copr enable -y sentry/kernel-fsync-lts + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:sentry:kernel-fsync-lts --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "surface") + $dnf config-manager --add-repo=https://pkg.surfacelinux.com/fedora/linux-surface.repo + linux=$($dnf repoquery --repoid linux-surface --whatprovides kernel-surface | tail -n1 | sed 's/.*://') + ;; + *) + linux=$($dnf repoquery --installed --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + esac skopeo inspect docker://${{ env.FQ_SOURCE_IMAGE }} > inspect.json ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json)