Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

install ZFS from ucore-kmods #60

Merged
merged 4 commits into from
Aug 9, 2023
Merged

install ZFS from ucore-kmods #60

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
adc913f
refactor: simplify build by using ucore-kmods RPMs
bsherman Aug 9, 2023
fabc5ba
refactor: change build time to follow ucore-kmods
bsherman Aug 9, 2023
b92981c
feat: build Fedora CoreOS ZFS OCI image
bsherman Aug 9, 2023
edc5ac9
docs: add fedora-coreos-zfs to README
bsherman Aug 9, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
250 changes: 142 additions & 108 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ on:
- '**.md'
- '**.txt'
schedule:
- cron: '20 23 * * *' # 11:20PM UTC everyday (approx 1 hour after coreos images publish)
- cron: '45 23 * * *' # 11:45PM UTC everyday (approx 1.5 hours after coreos images publish)
push:
branches:
- main
Expand Down Expand Up @@ -68,118 +68,158 @@ jobs:
echo "${{ toJSON(steps.stable.outputs) }}"
echo "${{ toJSON(steps.testing.outputs) }}"

zfs_versions:
name: Get ZFS versions
runs-on: ubuntu-latest
outputs:
latest: ${{ steps.latest.outputs.version }}
previous: ${{ steps.previous.outputs.version }}
build_fcos_zfs:
name: Build CoreOS ZFS
runs-on: ubuntu-22.04
if: always() && !cancelled()
needs: [ build_info, coreos_versions]
permissions:
contents: read
packages: write
id-token: write
strategy:
fail-fast: false
matrix:
image_name:
- fedora-coreos-zfs
coreos_version:
- stable
- testing
pr_prefix:
- ${{ needs.build_info.outputs.pr_prefix }}
include:
- coreos_version: stable
image_version: ${{ needs.coreos_versions.outputs.stable_version }}
- coreos_version: testing
image_version: ${{ needs.coreos_versions.outputs.testing_version }}
steps:
# Use cURL to fetch the given URL, saving the response to `data.json`
- name: Fetch zfs versions
run: curl "https://api.github.com/repos/openzfs/zfs/releases" -o data.json
- name: Get latest zfs version
id: latest
run: echo "version=$(jq -r '[ .[] | select(.prerelease==false and .draft==false) ][0].name' data.json|cut -f2- -d-)" >> $GITHUB_OUTPUT
- name: Get previous zfs version
id: previous
run: echo "version=$(jq -r '[ .[] | select(.prerelease==false and .draft==false) ][1].name' data.json|cut -f2- -d-)" >> $GITHUB_OUTPUT
- name: Echo outputs
run: |
echo "${{ toJSON(steps.latest.outputs) }}"
echo "${{ toJSON(steps.previous.outputs) }}"
# Checkout push-to-registry action GitHub repository
- name: Checkout Push to Registry action
uses: actions/checkout@v3

zfs_rpms_required:
name: Is zfs build required
runs-on: ubuntu-latest
needs: [build_info, coreos_versions, zfs_versions]
outputs:
build_stable: ${{ steps.stable.outputs.build }}
build_testing: ${{ steps.testing.outputs.build }}
steps:
# check if existing ucore-zfs-rpm images match requested kernel/zfs/stream combination
- name: Check stable ucore-zfs-rpm images
id: stable
continue-on-error: true
- name: Generate tags
id: generate-tags
shell: bash
run: |
BUILD_IT=true
TAG="${{ needs.build_info.outputs.pr_prefix }}stable"
LINUX=${{ needs.coreos_versions.outputs.stable_linux }}
VERSION=${{ needs.coreos_versions.outputs.stable_version }}
ZFS=${{ needs.zfs_versions.outputs.latest }}

skopeo inspect docker://ghcr.io/ublue-os/ucore-zfs-rpm:$TAG > inspect.json || echo "ucore-zfs-rpm:$TAG does not exist"
if [ -n "$(cat inspect.json)" ]; then
set -x
OLD_LINUX=$(jq -r '.["Labels"]["ostree.linux"]' inspect.json)
OLD_VERSION=$(jq -r '.["Labels"]["version"]' inspect.json)
OLD_ZFS=$(jq -r '.["Labels"]["zfs.version"]' inspect.json)
if [ "$OLD_LINUX" = "$LINUX" ] && [ "$OLD_VERSION" = "$VERSION" ] && [ "$OLD_ZFS" = "$ZFS" ]; then
BUILD_IT=false
fi
set +x
# Generate a timestamp for creating an image version history
TIMESTAMP="$(date +%Y%m%d)"
COREOS_VERSION="${{ matrix.coreos_version }}"

COMMIT_TAGS=()
BUILD_TAGS=()

# Have tags for tracking builds during pull request
SHA_SHORT="${GITHUB_SHA::7}"
COMMIT_TAGS+=("pr-${{ github.event.number }}-${COREOS_VERSION}")
COMMIT_TAGS+=("${SHA_SHORT}-${COREOS_VERSION}")

BUILD_TAGS=("${COREOS_VERSION}" "${COREOS_VERSION}-${TIMESTAMP}")

if [[ "${{ github.event_name }}" == "pull_request" ]]; then
echo "Generated the following commit tags: "
for TAG in "${COMMIT_TAGS[@]}"; do
echo "${TAG}"
done

alias_tags=("${COMMIT_TAGS[@]}")
else
alias_tags=("${BUILD_TAGS[@]}")
fi
echo "build=$BUILD_IT" >> $GITHUB_OUTPUT
- name: Check testing ucore-zfs-rpm images
id: testing
continue-on-error: true

echo "Generated the following build tags: "
for TAG in "${BUILD_TAGS[@]}"; do
echo "${TAG}"
done

echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT

# Build metadata
- name: Image Metadata
uses: docker/metadata-action@v4
id: meta
with:
images: |
${{ matrix.image_name }}
labels: |
io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4
io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/ucore/main/README.md
org.opencontainers.image.description=An OCI image of Fedora CoreOS with ZFS pre-installed
org.opencontainers.image.title=${{ matrix.image_name }}
org.opencontainers.image.version=${{ matrix.image_version }}

# Build image using Buildah action
- name: Build Image
id: build_image
uses: redhat-actions/buildah-build@v2
with:
containerfiles: |
./main/Containerfile
context: ./main
image: ${{ matrix.image_name }}
tags: |
${{ steps.generate-tags.outputs.alias_tags }}
build-args: |
COREOS_VERSION=${{ matrix.coreos_version }}
PR_PREFIX=${{ matrix.pr_prefix }}
labels: ${{ steps.meta.outputs.labels }}
oci: false

# Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR.
# https://github.com/macbre/push-to-ghcr/issues/12
- name: Lowercase Registry
id: registry_case
uses: ASzc/change-string-case-action@v5
with:
string: ${{ env.IMAGE_REGISTRY }}

# Push the image to GHCR (Image Registry)
- name: Push To GHCR
uses: redhat-actions/push-to-registry@v2
id: push
#if: github.event_name != 'pull_request'
env:
REGISTRY_USER: ${{ github.actor }}
REGISTRY_PASSWORD: ${{ github.token }}
with:
image: ${{ steps.build_image.outputs.image }}
tags: ${{ steps.build_image.outputs.tags }}
registry: ${{ steps.registry_case.outputs.lowercase }}
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }}
extra-args: |
--disable-content-trust

- name: Login to GitHub Container Registry
uses: docker/login-action@v2
if: github.event_name != 'pull_request'
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

# Sign container
- uses: sigstore/[email protected]
if: github.event_name != 'pull_request'

- name: Sign container image
if: github.event_name != 'pull_request'
run: |
BUILD_IT=true
TAG="${{ needs.build_info.outputs.pr_prefix }}testing"
LINUX=${{ needs.coreos_versions.outputs.testing_linux }}
VERSION=${{ needs.coreos_versions.outputs.testing_version }}
ZFS=${{ needs.zfs_versions.outputs.latest }}

skopeo inspect docker://ghcr.io/ublue-os/ucore-zfs-rpm:$TAG > inspect.json || echo "ucore-zfs-rpm:$TAG does not exist"
if [ -n "$(cat inspect.json)" ]; then
set -x
OLD_LINUX=$(jq -r '.["Labels"]["ostree.linux"]' inspect.json)
OLD_VERSION=$(jq -r '.["Labels"]["version"]' inspect.json)
OLD_ZFS=$(jq -r '.["Labels"]["zfs.version"]' inspect.json)
if [ "$OLD_LINUX" = "$LINUX" ] && [ "$OLD_VERSION" = "$VERSION" ] && [ "$OLD_ZFS" = "$ZFS" ]; then
BUILD_IT=false
fi
set +x
fi
echo "build=$BUILD_IT" >> $GITHUB_OUTPUT
cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}@${TAGS}
env:
TAGS: ${{ steps.push.outputs.digest }}
COSIGN_EXPERIMENTAL: false
COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}

- name: Echo outputs
#if: github.event_name != 'pull_request'
run: |
echo "${{ toJSON(steps.stable.outputs) }}"
echo "${{ toJSON(steps.testing.outputs) }}"

build_zfs:
name: Build ZFS
needs: [coreos_versions, zfs_versions, zfs_rpms_required]
strategy:
matrix:
build_config:
- coreos_version: stable
zfs_version: ${{ needs.zfs_versions.outputs.latest }}
image_linux: ${{ needs.coreos_versions.outputs.stable_linux }}
image_version: ${{ needs.coreos_versions.outputs.stable_version }}
image_name: ucore-zfs-rpm
build: ${{ needs.zfs_rpms_required.outputs.build_stable }}
- coreos_version: testing
zfs_version: ${{ needs.zfs_versions.outputs.latest }}
image_linux: ${{ needs.coreos_versions.outputs.testing_linux }}
image_version: ${{ needs.coreos_versions.outputs.testing_version }}
image_name: ucore-zfs-rpm
build: ${{ needs.zfs_rpms_required.outputs.build_testing }}
uses: ./.github/workflows/reusable-zfs-build.yml
with:
if_build: ${{ matrix.build_config.build }}
coreos_version: ${{ matrix.build_config.coreos_version }}
image_linux: ${{ matrix.build_config.image_linux }}
image_name: ${{ matrix.build_config.image_name }}
image_version: ${{ matrix.build_config.image_version }}
zfs_version: ${{ matrix.build_config.zfs_version }}
secrets: inherit
echo "${{ toJSON(steps.push.outputs) }}"

build_main:
name: Build uCore
runs-on: ubuntu-22.04
if: always() && !cancelled()
needs: [ build_info, build_zfs, coreos_versions, zfs_versions]
needs: [ build_info, coreos_versions]
permissions:
contents: read
packages: write
Expand All @@ -194,8 +234,6 @@ jobs:
- testing
pr_prefix:
- ${{ needs.build_info.outputs.pr_prefix }}
zfs_version:
- ${{ needs.zfs_versions.outputs.latest }}
include:
- coreos_version: stable
image_version: ${{ needs.coreos_versions.outputs.stable_version }}
Expand Down Expand Up @@ -255,7 +293,6 @@ jobs:
org.opencontainers.image.description=An OCI image of Fedora CoreOS with batteries included
org.opencontainers.image.title=${{ matrix.image_name }}
org.opencontainers.image.version=${{ matrix.image_version }}
zfs.version=${{ matrix.zfs_version }}

# Build image using Buildah action
- name: Build Image
Expand Down Expand Up @@ -329,7 +366,7 @@ jobs:
name: Build HCI
runs-on: ubuntu-22.04
if: always() && !cancelled()
needs: [ build_info, build_main, coreos_versions, zfs_versions]
needs: [ build_info, build_main, coreos_versions]
permissions:
contents: read
packages: write
Expand All @@ -344,8 +381,6 @@ jobs:
- testing
pr_prefix:
- ${{ needs.build_info.outputs.pr_prefix }}
zfs_version:
- ${{ needs.zfs_versions.outputs.latest }}
include:
- coreos_version: stable
image_version: ${{ needs.coreos_versions.outputs.stable_version }}
Expand Down Expand Up @@ -405,7 +440,6 @@ jobs:
org.opencontainers.image.description=A hyper-converged infrastructure Fedora CoreOS OCI with batteries included
org.opencontainers.image.title=${{ format('{0}-hci', matrix.image_name) }}
org.opencontainers.image.version=${{ matrix.image_version }}
zfs.version=${{ matrix.zfs_version }}

# Build image using Buildah action
- name: Build Image
Expand Down
Loading