feat: Cache all the kernels. No Akmods Bootstrap (#5)

* feat: Cache all the kernels. No Akmods Bootstrap fix: headers only exist for fsync fix: typo for download fix: no kernel-surface-uki * chore: missing surface packages, use exclude * chore: try different github context * chore: change build time to be earlier * chore: only setup container when needed * chore: if coreos version doesn't match, use matrix variable * chore: missing $
ublue-os · Jul 10, 2024 · 83fa7e7 · 83fa7e7
1 parent ffc1df1
commit 83fa7e7
Show file tree

Hide file tree

Showing 4 changed files with 162 additions and 65 deletions.
diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml
@@ -2,14 +2,13 @@ name: Cache Fsync
 on:
   merge_group:
   schedule:
-    - cron: "45 2 * * *" # 0245 UTC everyday
+    - cron: "5 0 * * *" # 0005 UTC everyday
   workflow_dispatch:
   pull_request:
     branches:
       - main
 
 env:
-  IMAGE_NAME: fsync
   IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
 
 concurrency:
@@ -18,7 +17,7 @@ concurrency:
 
 jobs:
   build:
-    name: fsync
+    name: kernel-cache
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -27,58 +26,114 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
+        kernel_flavor:
+          - asus
+          - fsync
+          - surface
+          - main
+          - coreos-stable
+          - coreos-testing
         fedora_version:
-          # - 39
+          - 39
           - 40
+        exclude:
+          - fedora_version: 39
+            kernel_flavor: asus
+          - fedora_version: 39
+            kernel_flavor: coreos-testing
+          - fedora_version: 39
+            kernel_flavor: fsync
+
     steps:
       - name: Checkout Push to Registry action
         uses: actions/checkout@v4
 
-      - name: Verify Akmods Image
-        uses: EyeCantCU/cosign-action/[email protected]
+      - name: Pull Image
+        uses: Wandalen/wretry.action@v3.5.0
         with:
-          containers: akmods:fsync-40
-          pubkey: https://raw.githubusercontent.com/ublue-os/akmods/main/cosign.pub
-          registry: ghcr.io/ublue-os
+          attempt_limit: 3
+          attempt_delay: 15000
+          command: |
+            build_image="quay.io/fedora/fedora:${{ matrix.fedora_version }}"
+            echo "build_image=$build_image" >> "$GITHUB_ENV"
+            podman pull "$build_image"
 
-      - name: Get Fsync Kernel Version
+      - name: Get Kernel Version
         id: Version
         uses: Wandalen/[email protected]
         with:
           attempt_limit: 3
           attempt_delay: 15000
           command: |
-            kernel_release=$(skopeo inspect docker://ghcr.io/ublue-os/akmods:fsync-40 | jq -r '.Labels["ostree.linux"] | split(".fc")[0]')
-            major=$(echo "$kernel_release" | cut -d '.' -f 1)
-            minor=$(echo "$kernel_release" | cut -d '.' -f 2)
-            patch=$(echo "$kernel_release" | cut -d '.' -f 3)
-            kernel_major_minor_patch="${major}.${minor}.${patch}"
-            ver=$(skopeo inspect docker://quay.io/fedora-ostree-desktops/base:${{ matrix.fedora_version }} | jq -r '.Labels["org.opencontainers.image.version"]')
-            if [ -z "$ver" ] || [ "null" = "$ver" ]; then
-              echo "inspected image version must not be empty or null"
-              exit 1
+            if [[ ${{ matrix.kernel_flavor }} =~ asus|fsync|surface ]]; then
+              container_name="fq-$(uuidgen)"
+              dnf="podman exec $container_name dnf"
+
+              podman run --entrypoint /bin/bash --name "$container_name" -dt "${{ env.build_image }}"
+              $dnf install -y dnf-plugins-core
             fi
-            echo "version=$ver" >> $GITHUB_ENV
-            echo "kernel_release=${kernel_release}" >> $GITHUB_ENV
-            echo "kernel_major_minor_patch=${kernel_major_minor_patch}" >> $GITHUB_ENV
 
-      - name: Checkout Push to Registry Action
-        uses: actions/checkout@v4
+            case ${{ matrix.kernel_flavor }} in
+              "asus")
+                $dnf copr enable -y lukenukem/asus-kernel
+                linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:lukenukem:asus-kernel --whatprovides kernel | tail -n1 | sed 's/.*://')
+                ;;
+              "fsync")
+                $dnf copr enable -y sentry/kernel-fsync
+                linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:sentry:kernel-fsync --whatprovides kernel | tail -n1 | sed 's/.*://')
+                ;;
+              "surface")
+                $dnf config-manager --add-repo=https://pkg.surfacelinux.com/fedora/linux-surface.repo
+                linux=$($dnf repoquery --repoid linux-surface --whatprovides kernel-surface | tail -n1 | sed 's/.*://')
+                ;;
+              "main")
+                linux=$(skopeo inspect docker://quay.io/fedora-ostree-desktops/base:${{ matrix.fedora_version }} | jq -r '.Labels["ostree.linux"]' )
+                ;;
+              "coreos-stable")
+                linux=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"]' )
+                coreos_fedora_version=$(echo $linux | grep -oP 'fc\K[0-9]+')
+                if [[ "${{ matrix.fedora_version }}" != "$coreos_fedora_version" ]]; then
+                   major_minor_patch=$(echo $linux | cut -d - -f 1)
+                   linux="${major_minor_patch}-200.fc${{ matrix.fedora_version }}.$(uname -m)"
+                fi
+                ;;
+              "coreos-testing")
+                linux=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:testing | jq -r '.Labels["ostree.linux"]' )
+                ;;
+              *)
+                echo "unexpected kernel_flavor '${{ matrix.kernel_flavor }}' for query"
+                ;;
+              esac
+              if [ -z "$linux" ] || [ "null" = "$linux" ]; then
+                echo "inspected image linux version must not be empty or null"
+                exit 1
+              fi
+              major=$(echo "$linux" | cut -d '.' -f 1)
+              minor=$(echo "$linux" | cut -d '.' -f 2)
+              patch=$(echo "$linux" | cut -d '.' -f 3)
+              kernel_major_minor_patch="${major}.${minor}.${patch}"
+              echo "kernel_release=${linux}" >> $GITHUB_ENV
+              echo "kernel_major_minor_patch=${kernel_major_minor_patch}" >> $GITHUB_ENV
 
       - name: Generate Tags
         id: generate_tags
         shell: bash
         run: |
-          tag="${{ env.kernel_major_minor_patch }}.fsync.fc${{ matrix.fedora_version }}.x86_64"
+          tag="${{ env.kernel_release }}"
           short_tag=$(echo ${{ env.kernel_major_minor_patch  }} | cut -d "-" -f 1)
           COMMIT_TAGS=()
-          COMMIT_TAGS+=("pr-${{ github.event_number }}-${tag}")
+          COMMIT_TAGS+=("pr-${{ github.event.number }}-${tag}")
           COMMIT_TAGS+=("${GITHUB_SHA::7}-${tag}")
 
           BUILD_TAGS=()
           BUILD_TAGS+=(${tag})
-          BUILD_TAGS+=(${short_tag})
-          BUILD_TAGS+=("latest")
+          if [[ ${{ matrix.kernel_flavor }} =~ main|coreos-stable|surface ]]; then
+            BUILD_TAGS+=("${{ matrix.fedora_version }}-latest")
+            BUILD_TAGS+=(${{ matrix.fedora_version }}-${short_tag})
+          else
+            BUILD_TAGS+=("latest")
+            BUILD_TAGS+=(${short_tag})
+          fi
           if [[ "${{ github.event_name }}" == "pull_request" ]]; then
               echo "Generated the following commit tags: "
               for TAG in "${COMMIT_TAGS[@]}"; do
@@ -96,26 +151,19 @@ jobs:
           done
 
           echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT
-
-      - name: Pull Image
-        uses: Wandalen/[email protected]
-        with:
-          attempt_limit: 3
-          attempt_delay: 15000
-          command: |
-            podman pull quay.io/fedora-ostree-desktops/base:${{ matrix.fedora_version }}
+          echo "date=$(date '+%Y%m%d.0')" >> $GITHUB_ENV
 
       - name: Build Metadata
         uses: docker/metadata-action@v5
         id: meta
         with:
           images: |
-            ${{ env.IMAGE_NAME }}
+            ${{ matrix.kernel_flavor }}-kernel
           labels: |
-            org.opencontainers.image.title=${{ env.IMAGE_NAME }}
-            org.opencontainers.image.description=A caching layer for sentry/kernel-fsync fsync kernel's
-            org.opencontainers.image.version=${{ env.version }}
-            ostree.linux="${{ env.kernel_major_minor_patch }}.fc${{ matrix.fedora_version }}.x86_64"
+            org.opencontainers.image.title=${{ matrix.kernel_flavor }} cached kernel
+            org.opencontainers.image.description=A caching layer for kernels. Contains ${{ matrix.kernel_flavor }} kernel.
+            org.opencontainers.image.version=${{ env.linux }}.${{ env.date }}
+            ostree.linux="${{ env.kernel_release }}"
             io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md
             io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/1728152?s=200&v=4
 
@@ -125,11 +173,12 @@ jobs:
         with:
           containerfiles: |
             ./Containerfile
-          image: ${{ env.IMAGE_NAME }}
+          image: ${{ matrix.kernel_flavor }}-kernel
           tags: ${{ steps.generate_tags.outputs.alias_tags }}
           build-args: |
             FEDORA_VERSION=${{ matrix.fedora_version }}
-            KERNEL_VERSION=${{ env.kernel_major_minor_patch }}
+            KERNEL_VERSION=${{ env.kernel_release }}
+            KERNEL_FLAVOR=${{ matrix.kernel_flavor }}
           labels: ${{ steps.meta.outputs.labels }}
           oci: false
 

diff --git a/Containerfile b/Containerfile
@@ -1,12 +1,11 @@
-ARG SOURCE_IMAGE=${SOURCE_IMAGE:-base}
-ARG SOURCE_REPO=${SOURCE_REPO:-fedora-ostree-desktops}
-ARG BASE_IMAGE=quay.io/${SOURCE_REPO}/${SOURCE_IMAGE}
+ARG BASE_IMAGE=quay.io/fedora/fedora
 ARG FEDORA_VERSION=${FEDORA_VERSION:-40}
 
 # Build from base-main since its our smallest image and we control the tags
 FROM ${BASE_IMAGE}:${FEDORA_VERSION} as builder
 ARG KERNEL_VERSION=${:-}
 ARG FEDORA_VERSION=${FEDORA_VERSION:-}
+ARG KERNEL_FLAVOR=${:-}
 
 COPY fetch.sh /
 

diff --git a/README.md b/README.md
@@ -1,5 +1,5 @@
-# fsync
+# Kernel Cache
 
 [![Cache Fsync](https://github.com/ublue-os/fsync/actions/workflows/reusable-build.yml/badge.svg)](https://github.com/ublue-os/fsync/actions/workflows/reusable-build.yml)
 
-A caching layer for the fsync kernel from sentry/kernel-fsync
+A caching layer for the different kernels used by the Universal Blue Project
diff --git a/fetch.sh b/fetch.sh
@@ -2,23 +2,72 @@
 
 set -eoux pipefail
 
-kernel_version="${KERNEL_VERSION}".fsync.fc"${FEDORA_VERSION}".x86_64
-
-curl -LsSf -o /etc/yum.repos.d/_copr_sentry-kernel-ba.repo \
-    https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync/repo/fedora-"$(rpm -E %fedora)"/sentry-kernel-fsync-fedora-"$(rpm -E %fedora)".repo
-
-rpm-ostree install -y dnf dnf-plugins-core
-
-dnf download -y \
-    kernel-"${kernel_version}" \
-    kernel-core-"${kernel_version}" \
-    kernel-devel-matched-"${kernel_version}" \
-    kernel-modules-"${kernel_version}" \
-    kernel-modules-core-"${kernel_version}" \
-    kernel-modules-extra-"${kernel_version}" \
-    kernel-headers-"${kernel_version}" \
-    kernel-devel-"${kernel_version}" \
-    kernel-uki-virt-"${kernel_version}"
+kernel_version="${KERNEL_VERSION}"
+kernel_flavor="${KERNEL_FLAVOR}"
+
+dnf install -y dnf-plugins-core
+
+case "$kernel_flavor" in
+    "asus")
+        dnf copr enable -y lukenukem/asus-kernel
+        ;;
+    "fsync")
+        dnf copr enable -y sentry/kernel-fsync
+        ;;
+    "surface")
+        dnf config-manager --add-repo=https://pkg.surfacelinux.com/fedora/linux-surface.repo
+        ;;
+    "coreos-stable")
+        ;;
+    "coreos-testing")
+        ;;
+    "main")
+        ;;
+    *)
+        echo "unexpected kernel_flavor ${kernel_flavor} for query"
+        ;;
+esac
+
+if [[ "${kernel_flavor}" =~ asus|fsync ]]; then
+    dnf download -y \
+        kernel-"${kernel_version}" \
+        kernel-core-"${kernel_version}" \
+        kernel-modules-"${kernel_version}" \
+        kernel-modules-core-"${kernel_version}" \
+        kernel-modules-extra-"${kernel_version}" \
+        kernel-devel-"${kernel_version}" \
+        kernel-devel-matched-"${kernel_version}" \
+        kernel-uki-virt-"${kernel_version}"
+elif [[ "${kernel_flavor}" == "surface" ]]; then
+    dnf download -y \
+        kernel-surface-"${kernel_version}" \
+        kernel-surface-core-"${kernel_version}" \
+        kernel-surface-modules-"${kernel_version}" \
+        kernel-surface-modules-core-"${kernel_version}" \
+        kernel-surface-modules-extra-"${kernel_version}" \
+        kernel-surface-devel-"${kernel_version}" \
+        kernel-surface-devel-matched-"${kernel_version}" \
+        kernel-surface-default-watchdog-"${kernel_version}" \
+        iptsd
+else
+    KERNEL_MAJOR_MINOR_PATCH=$(echo "$kernel_version" | cut -d '-' -f 1)
+    KERNEL_RELEASE="$(echo "$kernel_version" | cut -d - -f 2 | cut -d . -f 1).$(echo "$kernel_version" | cut -d - -f 2 | cut -d . -f 2)"
+    ARCH=$(uname -m)
+    dnf download -y \
+        https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-"$kernel_version".rpm \
+        https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-core-"$kernel_version".rpm \
+        https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-modules-"$kernel_version".rpm \
+        https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-modules-core-"$kernel_version".rpm \
+        https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-modules-extra-"$kernel_version".rpm \
+        https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-devel-"$kernel_version".rpm \
+        https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-devel-matched-"$kernel_version".rpm \
+        https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-uki-virt-"$kernel_version".rpm
+fi
+
+if [[ "${kernel_flavor}" =~ fsync ]]; then
+    dnf download -y \
+        kernel-headers-"${kernel_version}"
+fi
 
 mkdir -p /tmp/rpms