From 5d3b3876695408b2096c587b9f6da366a9752e46 Mon Sep 17 00:00:00 2001 From: m2Giles <69128853+m2Giles@users.noreply.github.com> Date: Tue, 9 Jul 2024 15:18:16 -0400 Subject: [PATCH 1/7] feat: Cache all the kernels. No Akmods Bootstrap fix: headers only exist for fsync fix: typo for download fix: no kernel-surface-uki --- .github/workflows/reusable-build.yml | 132 ++++++++++++++++++--------- Containerfile | 5 +- README.md | 4 +- fetch.sh | 81 ++++++++++++---- 4 files changed, 157 insertions(+), 65 deletions(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index c59144f..5af012d 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -9,7 +9,6 @@ on: - main env: - IMAGE_NAME: fsync IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} concurrency: @@ -18,7 +17,7 @@ concurrency: jobs: build: - name: fsync + name: kernel-cache runs-on: ubuntu-latest permissions: contents: read @@ -27,49 +26,97 @@ jobs: strategy: fail-fast: false matrix: + kernel_flavor: + - main + - coreos-stable + - coreos-testing + - asus + - surface + - fsync fedora_version: - # - 39 - 40 + include: + - fedora_version: 39 + kernel_flavor: main + - fedora_version: 39 + kernel_flavor: coreos-stable + - fedora_version: 39 + kernel_flavor: surface + steps: - name: Checkout Push to Registry action uses: actions/checkout@v4 - - name: Verify Akmods Image - uses: EyeCantCU/cosign-action/verify@v0.2.2 + - name: Pull Image + uses: Wandalen/wretry.action@v3.5.0 with: - containers: akmods:fsync-40 - pubkey: https://raw.githubusercontent.com/ublue-os/akmods/main/cosign.pub - registry: ghcr.io/ublue-os + attempt_limit: 3 + attempt_delay: 15000 + command: | + build_image="quay.io/fedora/fedora:${{ matrix.fedora_version }}" + echo "build_image=$build_image" >> "$GITHUB_ENV" + podman pull "$build_image" - - name: Get Fsync Kernel Version + - name: Get Kernel Version id: Version uses: Wandalen/wretry.action@v3.5.0 with: attempt_limit: 3 attempt_delay: 15000 command: | - kernel_release=$(skopeo inspect docker://ghcr.io/ublue-os/akmods:fsync-40 | jq -r '.Labels["ostree.linux"] | split(".fc")[0]') - major=$(echo "$kernel_release" | cut -d '.' -f 1) - minor=$(echo "$kernel_release" | cut -d '.' -f 2) - patch=$(echo "$kernel_release" | cut -d '.' -f 3) - kernel_major_minor_patch="${major}.${minor}.${patch}" - ver=$(skopeo inspect docker://quay.io/fedora-ostree-desktops/base:${{ matrix.fedora_version }} | jq -r '.Labels["org.opencontainers.image.version"]') - if [ -z "$ver" ] || [ "null" = "$ver" ]; then - echo "inspected image version must not be empty or null" - exit 1 - fi - echo "version=$ver" >> $GITHUB_ENV - echo "kernel_release=${kernel_release}" >> $GITHUB_ENV - echo "kernel_major_minor_patch=${kernel_major_minor_patch}" >> $GITHUB_ENV - - - name: Checkout Push to Registry Action - uses: actions/checkout@v4 + container_name="fq-$(uuidgen)" + dnf="podman exec $container_name dnf" + + podman run --entrypoint /bin/bash --name "$container_name" -dt "${{ env.build_image }}" + $dnf install -y dnf-plugins-core + + case ${{ matrix.kernel_flavor }} in + "asus") + $dnf copr enable -y lukenukem/asus-kernel + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:lukenukem:asus-kernel --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "fsync") + $dnf copr enable -y sentry/kernel-fsync + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:sentry:kernel-fsync --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "surface") + $dnf config-manager --add-repo=https://pkg.surfacelinux.com/fedora/linux-surface.repo + linux=$($dnf repoquery --repoid linux-surface --whatprovides kernel-surface | tail -n1 | sed 's/.*://') + ;; + "main") + linux=$(skopeo inspect docker://quay.io/fedora-ostree-desktops/base:${{ matrix.fedora_version }} | jq -r '.Labels["ostree.linux"]' ) + ;; + "coreos-stable") + linux=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"]' ) + coreos_fedora_version=$(echo $linux | grep -oP 'fc\K[0-9]+') + if [[ "${{ matrix.fedora_version }}" != coreos_fedora_version ]]; then + major_minor_patch=$(echo $linux | cut -d - -f 1) + linux="${major_minor_patch}-200.fc$(($coreos_fedora_version - 1)).$(uname -m)" + fi + ;; + "coreos-testing") + linux=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:testing | jq -r '.Labels["ostree.linux"]' ) + ;; + *) + echo "unexpected kernel_flavor '${{ matrix.kernel_flavor }}' for query" + ;; + esac + if [ -z "$linux" ] || [ "null" = "$linux" ]; then + echo "inspected image linux version must not be empty or null" + exit 1 + fi + major=$(echo "$linux" | cut -d '.' -f 1) + minor=$(echo "$linux" | cut -d '.' -f 2) + patch=$(echo "$linux" | cut -d '.' -f 3) + kernel_major_minor_patch="${major}.${minor}.${patch}" + echo "kernel_release=${linux}" >> $GITHUB_ENV + echo "kernel_major_minor_patch=${kernel_major_minor_patch}" >> $GITHUB_ENV - name: Generate Tags id: generate_tags shell: bash run: | - tag="${{ env.kernel_major_minor_patch }}.fsync.fc${{ matrix.fedora_version }}.x86_64" + tag="${{ env.kernel_release }}" short_tag=$(echo ${{ env.kernel_major_minor_patch }} | cut -d "-" -f 1) COMMIT_TAGS=() COMMIT_TAGS+=("pr-${{ github.event_number }}-${tag}") @@ -77,8 +124,13 @@ jobs: BUILD_TAGS=() BUILD_TAGS+=(${tag}) - BUILD_TAGS+=(${short_tag}) - BUILD_TAGS+=("latest") + if [[ ${{ matrix.kernel_flavor }} =~ main|coreos-stable|surface ]]; then + BUILD_TAGS+=("${{ matrix.fedora_version }}-latest") + BUILD_TAGS+=(${{ matrix.fedora_version }}-${short_tag}) + else + BUILD_TAGS+=("latest") + BUILD_TAGS+=(${short_tag}) + fi if [[ "${{ github.event_name }}" == "pull_request" ]]; then echo "Generated the following commit tags: " for TAG in "${COMMIT_TAGS[@]}"; do @@ -96,26 +148,19 @@ jobs: done echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT - - - name: Pull Image - uses: Wandalen/wretry.action@v3.5.0 - with: - attempt_limit: 3 - attempt_delay: 15000 - command: | - podman pull quay.io/fedora-ostree-desktops/base:${{ matrix.fedora_version }} + echo "date=$(date '+%Y%m%d.0')" >> $GITHUB_ENV - name: Build Metadata uses: docker/metadata-action@v5 id: meta with: images: | - ${{ env.IMAGE_NAME }} + ${{ matrix.kernel_flavor }}-kernel labels: | - org.opencontainers.image.title=${{ env.IMAGE_NAME }} - org.opencontainers.image.description=A caching layer for sentry/kernel-fsync fsync kernel's - org.opencontainers.image.version=${{ env.version }} - ostree.linux="${{ env.kernel_major_minor_patch }}.fc${{ matrix.fedora_version }}.x86_64" + org.opencontainers.image.title=${{ matrix.kernel_flavor }} cached kernel + org.opencontainers.image.description=A caching layer for kernels. Contains ${{ matrix.kernel_flavor }} kernel. + org.opencontainers.image.version=${{ env.linux }}.${{ env.date }} + ostree.linux="${{ env.kernel_release }}" io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/1728152?s=200&v=4 @@ -125,11 +170,12 @@ jobs: with: containerfiles: | ./Containerfile - image: ${{ env.IMAGE_NAME }} + image: ${{ matrix.kernel_flavor }}-kernel tags: ${{ steps.generate_tags.outputs.alias_tags }} build-args: | FEDORA_VERSION=${{ matrix.fedora_version }} - KERNEL_VERSION=${{ env.kernel_major_minor_patch }} + KERNEL_VERSION=${{ env.kernel_release }} + KERNEL_FLAVOR=${{ matrix.kernel_flavor }} labels: ${{ steps.meta.outputs.labels }} oci: false diff --git a/Containerfile b/Containerfile index 6374f80..44d9c93 100644 --- a/Containerfile +++ b/Containerfile @@ -1,12 +1,11 @@ -ARG SOURCE_IMAGE=${SOURCE_IMAGE:-base} -ARG SOURCE_REPO=${SOURCE_REPO:-fedora-ostree-desktops} -ARG BASE_IMAGE=quay.io/${SOURCE_REPO}/${SOURCE_IMAGE} +ARG BASE_IMAGE=quay.io/fedora/fedora ARG FEDORA_VERSION=${FEDORA_VERSION:-40} # Build from base-main since its our smallest image and we control the tags FROM ${BASE_IMAGE}:${FEDORA_VERSION} as builder ARG KERNEL_VERSION=${:-} ARG FEDORA_VERSION=${FEDORA_VERSION:-} +ARG KERNEL_FLAVOR=${:-} COPY fetch.sh / diff --git a/README.md b/README.md index b8bfd81..66c4abf 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ -# fsync +# Kernel Cache [![Cache Fsync](https://github.com/ublue-os/fsync/actions/workflows/reusable-build.yml/badge.svg)](https://github.com/ublue-os/fsync/actions/workflows/reusable-build.yml) -A caching layer for the fsync kernel from sentry/kernel-fsync +A caching layer for the different kernels used by the Universal Blue Project diff --git a/fetch.sh b/fetch.sh index 3bbd8f2..156e582 100755 --- a/fetch.sh +++ b/fetch.sh @@ -2,23 +2,70 @@ set -eoux pipefail -kernel_version="${KERNEL_VERSION}".fsync.fc"${FEDORA_VERSION}".x86_64 - -curl -LsSf -o /etc/yum.repos.d/_copr_sentry-kernel-ba.repo \ - https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync/repo/fedora-"$(rpm -E %fedora)"/sentry-kernel-fsync-fedora-"$(rpm -E %fedora)".repo - -rpm-ostree install -y dnf dnf-plugins-core - -dnf download -y \ - kernel-"${kernel_version}" \ - kernel-core-"${kernel_version}" \ - kernel-devel-matched-"${kernel_version}" \ - kernel-modules-"${kernel_version}" \ - kernel-modules-core-"${kernel_version}" \ - kernel-modules-extra-"${kernel_version}" \ - kernel-headers-"${kernel_version}" \ - kernel-devel-"${kernel_version}" \ - kernel-uki-virt-"${kernel_version}" +kernel_version="${KERNEL_VERSION}" +kernel_flavor="${KERNEL_FLAVOR}" + +dnf install -y dnf-plugins-core + +case "$kernel_flavor" in + "asus") + dnf copr enable -y lukenukem/asus-kernel + ;; + "fsync") + dnf copr enable -y sentry/kernel-fsync + ;; + "surface") + dnf config-manager --add-repo=https://pkg.surfacelinux.com/fedora/linux-surface.repo + ;; + "coreos-stable") + ;; + "coreos-testing") + ;; + "main") + ;; + *) + echo "unexpected kernel_flavor ${kernel_flavor} for query" + ;; +esac + +if [[ "${kernel_flavor}" =~ asus|fsync ]]; then + dnf download -y \ + kernel-"${kernel_version}" \ + kernel-core-"${kernel_version}" \ + kernel-modules-"${kernel_version}" \ + kernel-modules-core-"${kernel_version}" \ + kernel-modules-extra-"${kernel_version}" \ + kernel-devel-"${kernel_version}" \ + kernel-devel-matched-"${kernel_version}" \ + kernel-uki-virt-"${kernel_version}" +elif [[ "${kernel_flavor}" == "surface" ]]; then + dnf download -y \ + kernel-surface-"${kernel_version}" \ + kernel-surface-core-"${kernel_version}" \ + kernel-surface-modules-"${kernel_version}" \ + kernel-surface-modules-core-"${kernel_version}" \ + kernel-surface-modules-extra-"${kernel_version}" \ + kernel-surface-devel-"${kernel_version}" \ + kernel-surface-devel-matched-"${kernel_version}" +else + KERNEL_MAJOR_MINOR_PATCH=$(echo "$kernel_version" | cut -d '-' -f 1) + KERNEL_RELEASE="$(echo "$kernel_version" | cut -d - -f 2 | cut -d . -f 1).$(echo "$kernel_version" | cut -d - -f 2 | cut -d . -f 2)" + ARCH=$(uname -m) + dnf download -y \ + https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-"$kernel_version".rpm \ + https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-core-"$kernel_version".rpm \ + https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-modules-"$kernel_version".rpm \ + https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-modules-core-"$kernel_version".rpm \ + https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-modules-extra-"$kernel_version".rpm \ + https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-devel-"$kernel_version".rpm \ + https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-devel-matched-"$kernel_version".rpm \ + https://kojipkgs.fedoraproject.org//packages/kernel/"$KERNEL_MAJOR_MINOR_PATCH"/"$KERNEL_RELEASE"/"$ARCH"/kernel-uki-virt-"$kernel_version".rpm +fi + +if [[ "${kernel_flavor}" =~ fsync ]]; then + dnf download -y \ + kernel-headers-"${kernel_version}" +fi mkdir -p /tmp/rpms From 368a3e16efea1193ae68f2dce20cd82d46d24c92 Mon Sep 17 00:00:00 2001 From: m2Giles <69128853+m2Giles@users.noreply.github.com> Date: Tue, 9 Jul 2024 15:48:36 -0400 Subject: [PATCH 2/7] chore: missing surface packages, use exclude --- .github/workflows/reusable-build.yml | 15 ++++++++------- fetch.sh | 4 +++- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 5af012d..8cd7325 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -27,21 +27,22 @@ jobs: fail-fast: false matrix: kernel_flavor: + - asus + - fsync + - surface - main - coreos-stable - coreos-testing - - asus - - surface - - fsync fedora_version: + - 39 - 40 - include: + exclude: - fedora_version: 39 - kernel_flavor: main + kernel_flavor: asus - fedora_version: 39 - kernel_flavor: coreos-stable + kernel_flavor: coreos-testing - fedora_version: 39 - kernel_flavor: surface + kernel_flavor: fsync steps: - name: Checkout Push to Registry action diff --git a/fetch.sh b/fetch.sh index 156e582..a42a8ec 100755 --- a/fetch.sh +++ b/fetch.sh @@ -46,7 +46,9 @@ elif [[ "${kernel_flavor}" == "surface" ]]; then kernel-surface-modules-core-"${kernel_version}" \ kernel-surface-modules-extra-"${kernel_version}" \ kernel-surface-devel-"${kernel_version}" \ - kernel-surface-devel-matched-"${kernel_version}" + kernel-surface-devel-matched-"${kernel_version}" \ + kernel-surface-default-watchdog-"${kernel_version}" \ + iptsd else KERNEL_MAJOR_MINOR_PATCH=$(echo "$kernel_version" | cut -d '-' -f 1) KERNEL_RELEASE="$(echo "$kernel_version" | cut -d - -f 2 | cut -d . -f 1).$(echo "$kernel_version" | cut -d - -f 2 | cut -d . -f 2)" From 03c2da685cf9d93b7399bfa1dd86f33b50491f4f Mon Sep 17 00:00:00 2001 From: m2Giles <69128853+m2Giles@users.noreply.github.com> Date: Tue, 9 Jul 2024 15:59:49 -0400 Subject: [PATCH 3/7] chore: try different github context --- .github/workflows/reusable-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 8cd7325..cc80cbe 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -120,7 +120,7 @@ jobs: tag="${{ env.kernel_release }}" short_tag=$(echo ${{ env.kernel_major_minor_patch }} | cut -d "-" -f 1) COMMIT_TAGS=() - COMMIT_TAGS+=("pr-${{ github.event_number }}-${tag}") + COMMIT_TAGS+=("pr-${{ github.event.number }}-${tag}") COMMIT_TAGS+=("${GITHUB_SHA::7}-${tag}") BUILD_TAGS=() From 7c69b9bb954cce912825a45a05596cecca287268 Mon Sep 17 00:00:00 2001 From: m2Giles <69128853+m2Giles@users.noreply.github.com> Date: Tue, 9 Jul 2024 16:04:47 -0400 Subject: [PATCH 4/7] chore: change build time to be earlier --- .github/workflows/reusable-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index cc80cbe..99b6290 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -2,7 +2,7 @@ name: Cache Fsync on: merge_group: schedule: - - cron: "45 2 * * *" # 0245 UTC everyday + - cron: "5 0 * * *" # 0005 UTC everyday workflow_dispatch: pull_request: branches: From 6b8167ca2269a1f0e73cad99eb9f9405c99effa6 Mon Sep 17 00:00:00 2001 From: m2Giles <69128853+m2Giles@users.noreply.github.com> Date: Tue, 9 Jul 2024 16:09:02 -0400 Subject: [PATCH 5/7] chore: only setup container when needed --- .github/workflows/reusable-build.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 99b6290..e1229a1 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -65,11 +65,13 @@ jobs: attempt_limit: 3 attempt_delay: 15000 command: | - container_name="fq-$(uuidgen)" - dnf="podman exec $container_name dnf" + if [[ ${{ matrix.kernel_flavor }} =~ asus|fsync|surface ]]; then + container_name="fq-$(uuidgen)" + dnf="podman exec $container_name dnf" - podman run --entrypoint /bin/bash --name "$container_name" -dt "${{ env.build_image }}" - $dnf install -y dnf-plugins-core + podman run --entrypoint /bin/bash --name "$container_name" -dt "${{ env.build_image }}" + $dnf install -y dnf-plugins-core + fi case ${{ matrix.kernel_flavor }} in "asus") From 0c5d833e6071fdd9c4348f1720363cc325ca78e0 Mon Sep 17 00:00:00 2001 From: m2Giles <69128853+m2Giles@users.noreply.github.com> Date: Tue, 9 Jul 2024 16:17:34 -0400 Subject: [PATCH 6/7] chore: if coreos version doesn't match, use matrix variable --- .github/workflows/reusable-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index e1229a1..b21ac55 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -94,7 +94,7 @@ jobs: coreos_fedora_version=$(echo $linux | grep -oP 'fc\K[0-9]+') if [[ "${{ matrix.fedora_version }}" != coreos_fedora_version ]]; then major_minor_patch=$(echo $linux | cut -d - -f 1) - linux="${major_minor_patch}-200.fc$(($coreos_fedora_version - 1)).$(uname -m)" + linux="${major_minor_patch}-200.fc${{ matrix.fedora_version }}.$(uname -m)" fi ;; "coreos-testing") From 6fc4e7594bec31786f654bd219a0fa0ae01db52b Mon Sep 17 00:00:00 2001 From: m2Giles <69128853+m2Giles@users.noreply.github.com> Date: Tue, 9 Jul 2024 16:20:40 -0400 Subject: [PATCH 7/7] chore: missing $ --- .github/workflows/reusable-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index b21ac55..c68fc34 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -92,7 +92,7 @@ jobs: "coreos-stable") linux=$(skopeo inspect docker://quay.io/fedora/fedora-coreos:stable | jq -r '.Labels["ostree.linux"]' ) coreos_fedora_version=$(echo $linux | grep -oP 'fc\K[0-9]+') - if [[ "${{ matrix.fedora_version }}" != coreos_fedora_version ]]; then + if [[ "${{ matrix.fedora_version }}" != "$coreos_fedora_version" ]]; then major_minor_patch=$(echo $linux | cut -d - -f 1) linux="${major_minor_patch}-200.fc${{ matrix.fedora_version }}.$(uname -m)" fi