morgan
/
isogenerator
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: morgan:main
Branches Tags
morgan:main
morgan:1.0.9
morgan:1.0.8
morgan:1.0.7
morgan:1.0.6
morgan:1.0.5
morgan:1.0.4
morgan:1.0.3
morgan:1.0.2
morgan:1.0.1
morgan:1.0.0
..
compare: morgan:1.0.8
Branches Tags
morgan:main
morgan:1.0.9
morgan:1.0.8
morgan:1.0.7
morgan:1.0.6
morgan:1.0.5
morgan:1.0.4
morgan:1.0.3
morgan:1.0.2
morgan:1.0.1
morgan:1.0.0

No commits in common. "main" and "1.0.8" have entirely different histories.
main ... 1.0.8

7 changed files with 39 additions and 193 deletions
Show Stats Expand all files Collapse all files

5
.dockerignore
View File

@ -1,5 +0,0 @@
.devcontainer
.git*
*.md
action.yml
LICENSE

2
.github/CODEOWNERS vendored Normal file
View File

@ -0,0 +1,2 @@
# Default owner of code within this repo
* @JasonN3

148
.github/workflows/build-container-image.yml vendored
View File

@ -13,9 +13,6 @@ on:
branches: branches:
- main - main
workflow_dispatch: workflow_dispatch:
env:
IMAGE_NAME: "isogenerator"
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
jobs: jobs:
push-image: push-image:
@ -33,144 +30,17 @@ jobs:
- 40 - 40
include: include:
- version: 39 - version: 39
is_latest_version: true support: latest
is_stable_version: true
steps: steps:
# Checkout push-to-registry action GitHub repository - name: Build image
- name: Checkout Push to Registry action uses: ublue-os/build-action@1.0.1
uses: actions/checkout@v4
- name: Generate tags
id: generate-tags
shell: bash
run: |
# Generate a timestamp for creating an image version history
TIMESTAMP="$(date +%Y%m%d)"
VARIANT="${{ matrix.version }}"
COMMIT_TAGS=()
BUILD_TAGS=()
# Have tags for tracking builds during pull request
SHA_SHORT="${GITHUB_SHA::7}"
COMMIT_TAGS+=("pr-${{ github.event.number }}-${VARIANT}")
COMMIT_TAGS+=("${SHA_SHORT}-${VARIANT}")
if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \
[[ "${{ matrix.is_stable_version }}" == "true" ]]; then
COMMIT_TAGS+=("pr-${{ github.event.number }}")
COMMIT_TAGS+=("${SHA_SHORT}")
fi
BUILD_TAGS=("${VARIANT}")
# Append matching timestamp tags to keep a version history
for TAG in "${BUILD_TAGS[@]}"; do
BUILD_TAGS+=("${TAG}-${TIMESTAMP}")
done
if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \
[[ "${{ matrix.is_stable_version }}" == "true" ]]; then
BUILD_TAGS+=("${TIMESTAMP}")
BUILD_TAGS+=("latest")
fi
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
echo "Generated the following commit tags: "
for TAG in "${COMMIT_TAGS[@]}"; do
echo "${TAG}"
done
alias_tags=("${COMMIT_TAGS[@]}")
else
alias_tags=("${BUILD_TAGS[@]}")
fi
echo "Generated the following build tags: "
for TAG in "${BUILD_TAGS[@]}"; do
echo "${TAG}"
done
echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT
- name: Get current version
id: labels
run: |
ver=$(skopeo inspect docker://ghcr.io/ublue-os/${{ env.IMAGE_NAME }}:${{ matrix.version }} | jq -r '.Labels["org.opencontainers.image.version"]')
echo "VERSION=$ver" >> $GITHUB_OUTPUT
# Build metadata
- name: Image Metadata
uses: docker/metadata-action@v5
id: meta
with: with:
images: | image_name: isogenerator
${{ env.IMAGE_NAME }} image_variant: main
version: ${{ matrix.version }}
labels: | support: ${{ matrix.support }}
io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md signing_key: ${{ secrets.SIGNING_SECRET }}
org.opencontainers.image.description=Used to generate ISO installers for OCI containers continue-on-error: false
org.opencontainers.image.title=${{ env.IMAGE_NAME }}
org.opencontainers.image.version=${{ steps.labels.outputs.VERSION }}
# Build image using Buildah action
- name: Build Image
id: build_image
uses: redhat-actions/buildah-build@v2
with:
containerfiles: |
./Containerfile
# Postfix image name with -custom to make it a little more descriptive
# Syntax: https://docs.github.com/en/actions/learn-github-actions/expressions#format
image: ${{ env.IMAGE_NAME }}
tags: |
${{ steps.generate-tags.outputs.alias_tags }}
build-args: |
VERSION=${{ matrix.version }}
labels: ${{ steps.meta.outputs.labels }}
oci: false
# Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR.
# https://github.com/macbre/push-to-ghcr/issues/12
- name: Lowercase Registry
id: registry_case
uses: ASzc/change-string-case-action@v6
with:
string: ${{ env.IMAGE_REGISTRY }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Push the image to GHCR (Image Registry)
- name: Push To GHCR
uses: redhat-actions/push-to-registry@v2
id: push
env:
REGISTRY_USER: ${{ github.actor }}
REGISTRY_PASSWORD: ${{ github.token }}
with:
image: ${{ steps.build_image.outputs.image }}
tags: ${{ steps.build_image.outputs.tags }}
registry: ${{ steps.registry_case.outputs.lowercase }}
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }}
extra-args: |
--disable-content-trust
# Sign container
- uses: sigstore/cosign-installer@v3.4.0
if: github.event_name != 'pull_request'
- name: Sign container image
if: github.event_name != 'pull_request'
run: |
cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}@${TAGS}
env:
TAGS: ${{ steps.push.outputs.digest }}
COSIGN_EXPERIMENTAL: false
COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}
check: check:
name: Check build successful name: Check build successful

21
.github/workflows/test-iso.yml vendored
View File

@ -15,7 +15,7 @@ on:
jobs: jobs:
build-and-push-iso: build-and-push-iso:
name: Build ISO name: Build ISO
runs-on: self-hosted runs-on: ubuntu-latest
container: container:
image: fedora:39 image: fedora:39
options: "--privileged" options: "--privileged"
@ -27,14 +27,18 @@ jobs:
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
version: [38, 39] version:
boot: [secureboot, insecure] - 38
- 39
secure_boot:
- true
- false
include: include:
- boot: secureboot - secure_boot: true
SECURE_BOOT_KEY_URL: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der' SECURE_BOOT_KEY_URL: 'https://github.com/ublue-os/akmods/raw/main/certs/public_key.der'
ENROLLMENT_PASSWORD: 'ublue-os' ENROLLMENT_PASSWORD: 'ublue-os'
SECURE_BOOT_STRING: '-secure' SECURE_BOOT_STRING: '-secure'
- boot: insecure - secure_boot: false
SECURE_BOOT_KEY_URL: '' SECURE_BOOT_KEY_URL: ''
ENROLLMENT_PASSWORD: '' ENROLLMENT_PASSWORD: ''
SECURE_BOOT_STRING: '' SECURE_BOOT_STRING: ''
@ -44,7 +48,6 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Build ISO - name: Build ISO
id: build-iso
uses: ./ uses: ./
with: with:
ARCH: 'x86_64' ARCH: 'x86_64'
@ -52,6 +55,8 @@ jobs:
IMAGE_REPO: 'ghcr.io/ublue-os' IMAGE_REPO: 'ghcr.io/ublue-os'
VARIANT: 'Kinoite' VARIANT: 'Kinoite'
VERSION: ${{ matrix.version }} VERSION: ${{ matrix.version }}
ACTION_REPO: ${{ github.repository }}
ACTION_REF: ${{ github.ref }}
SECURE_BOOT_KEY_URL: ${{ matrix.SECURE_BOOT_KEY_URL }} SECURE_BOOT_KEY_URL: ${{ matrix.SECURE_BOOT_KEY_URL }}
ENROLLMENT_PASSWORD: ${{ matrix.ENROLLMENT_PASSWORD }} ENROLLMENT_PASSWORD: ${{ matrix.ENROLLMENT_PASSWORD }}
@ -59,9 +64,7 @@ jobs:
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v4
with: with:
name: base-main-${{ matrix.version }}${{ matrix.SECURE_BOOT_STRING }}.iso name: base-main-${{ matrix.version }}${{ matrix.SECURE_BOOT_STRING }}.iso
path: | path: end_iso/*
${{ steps.build-iso.outputs.iso-path }}
${{ steps.build-iso.outputs.checksum-path }}
if-no-files-found: error if-no-files-found: error
retention-days: 0 retention-days: 0
compression-level: 0 compression-level: 0

8
Containerfile
View File

@ -4,7 +4,7 @@ ARG VERSION=39
FROM fedora:${VERSION} FROM fedora:${VERSION}
# Set version for the environment variables in the container. # Set version for the environment variables in the container.
ARG VERSION=${VERSION} ARG VERSION=39
ENV ARCH="x86_64" ENV ARCH="x86_64"
ENV IMAGE_NAME="base-main" ENV IMAGE_NAME="base-main"
@ -16,12 +16,10 @@ ENV WEB_UI="false"
ENV SECURE_BOOT_KEY_URL="" ENV SECURE_BOOT_KEY_URL=""
ENV ENROLLMENT_PASSWORD="ublue-os" ENV ENROLLMENT_PASSWORD="ublue-os"
COPY ./ /isogenerator COPY / /isogenerator
WORKDIR /isogenerator WORKDIR /isogenerator
RUN dnf install -y make && \ RUN dnf install -y make && make install-deps
make install-deps && \
dnf clean all
VOLUME /isogenerator/output VOLUME /isogenerator/output

13
README.md
View File

@ -35,9 +35,6 @@ sudo podman run --rm --privileged --volume .:/isogenerator/output -e VERSION=39
``` ```
## Customizing ## Customizing
### Inputs
The following variables can be used to customize the create image. The following variables can be used to customize the create image.
| Variable | Description | Default Value | | Variable | Description | Default Value |
@ -59,16 +56,6 @@ The following variables can be used to customize the create image.
Our public key for our kmods is located here: https://github.com/ublue-os/akmods/raw/main/certs/public_key.der Our public key for our kmods is located here: https://github.com/ublue-os/akmods/raw/main/certs/public_key.der
### Outputs
This action outputs some useful values for you to use further on in your workflow.
| Output | Description |
| ------ | ----------- |
| output-directory | The directory containing ISO and checksum files |
| iso-path | The full path to the ISO file |
| checksum-path | The full path to the checksum file |
## VSCode Dev Container ## VSCode Dev Container
There is a dev container configuration provided for development. By default it will use the existing container image available at `ghcr.io/ublue-os/isogenerator`, however, you can have it build a new image by editing `.devcontainer/devcontainer.json` and replacing `image` with `build`. `Ctrl+/` can be used to comment and uncomment blocks of code within VSCode. There is a dev container configuration provided for development. By default it will use the existing container image available at `ghcr.io/ublue-os/isogenerator`, however, you can have it build a new image by editing `.devcontainer/devcontainer.json` and replacing `image` with `build`. `Ctrl+/` can be used to comment and uncomment blocks of code within VSCode.

35
action.yml
View File

@ -35,24 +35,17 @@ inputs:
ENROLLMENT_PASSWORD: ENROLLMENT_PASSWORD:
description: Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) description: Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined)
required: false required: false
default: "ublue-os"
SECURE_BOOT_KEY_URL: SECURE_BOOT_KEY_URL:
description: Secure boot key that is installed from URL location description: Secure boot key that is installed from URL location
required: false required: false
ACTION_REPO: ACTION_REPO:
deprecationMessage: This variable is no longer used and will be removed in a future version description: Repository with the build action
required: false required: false
default: ${{ github.repository }}
ACTION_REF: ACTION_REF:
deprecationMessage: This variable is no longer used and will be removed in a future version description: Repository ref for the build action
required: false required: false
default: ${{ github.ref }}
outputs:
output-directory:
value: ${{ steps.final.outputs.OUTPUT_DIR }}
iso-path:
value: ${{ steps.final.outputs.ISO_PATH }}
checksum-path:
value: ${{ steps.final.outputs.CHECKSUM_PATH }}
runs: runs:
using: composite using: composite
@ -76,13 +69,19 @@ runs:
echo "Host must be mounted as /host in order to make more space" echo "Host must be mounted as /host in order to make more space"
fi fi
- name: Install Make - name: Install make and git
shell: bash shell: bash
run: dnf install -y make run: dnf install -y make git
- name: Checkout repository
uses: actions/checkout@v4
with:
repository: ${{ inputs.ACTION_REPO }}
ref: ${{ inputs.ACTION_REF }}
submodules: recursive
- name: Install dependencies - name: Install dependencies
shell: bash shell: bash
working-directory: ${{ github.action_path }}
run: make install-deps run: make install-deps
- name: Lowercase Registry - name: Lowercase Registry
@ -93,7 +92,6 @@ runs:
- name: Download image - name: Download image
shell: bash shell: bash
working-directory: ${{ github.action_path }}
run: | run: |
make container/${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }} \ make container/${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }} \
ARCH=${{ inputs.ARCH }} \ ARCH=${{ inputs.ARCH }} \
@ -106,7 +104,6 @@ runs:
- name: Create boot.iso - name: Create boot.iso
shell: bash shell: bash
working-directory: ${{ github.action_path }}
run: | run: |
make boot.iso \ make boot.iso \
ARCH=${{ inputs.ARCH }} \ ARCH=${{ inputs.ARCH }} \
@ -122,8 +119,6 @@ runs:
- name: Create deploy.iso and generate sha256 checksum - name: Create deploy.iso and generate sha256 checksum
shell: bash shell: bash
id: final
working-directory: ${{ github.action_path }}
run: | run: |
make ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso \ make ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso \
ARCH=${{ inputs.ARCH }} \ ARCH=${{ inputs.ARCH }} \
@ -136,7 +131,3 @@ runs:
mkdir end_iso mkdir end_iso
sha256sum ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso > ./end_iso/${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}-CHECKSUM sha256sum ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso > ./end_iso/${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}-CHECKSUM
mv ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso end_iso/ mv ${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso end_iso/
echo "OUTPUT_DIR=$(realpath ./end_iso)" >> $GITHUB_OUTPUT
echo "ISO_PATH=$(realpath ./end_iso/${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}.iso)" >> $GITHUB_OUTPUT
echo "CHECKSUM_PATH=$(realpath ./end_iso/${{ inputs.IMAGE_NAME }}-${{ inputs.IMAGE_TAG || inputs.VERSION }}-CHECKSUM)" >> $GITHUB_OUTPUT