add and enable terra-mesa for images #527
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build images (with Katsu) | |
env: | |
KATSU_BUILD_TASK_NAME: "Build image" | |
DNF_PKGS: | | |
git | |
xorriso | |
rpm | |
limine | |
systemd | |
btrfs-progs | |
e2fsprogs | |
xfsprogs | |
dosfstools | |
grub2 | |
parted | |
util-linux-core | |
systemd-container | |
grub2-efi | |
uboot-images-armv8 | |
uboot-tools | |
rustc | |
qemu-user-static-aarch64 | |
qemu-user-binfmt | |
qemu-kvm | |
qemu-img | |
cargo | |
systemd-devel | |
mkpasswd | |
clang-devel | |
moby-engine | |
squashfs-tools | |
erofs-utils | |
grub2-tools | |
grub2-tools-extra | |
isomd5sum | |
moby-engine | |
podman | |
buildah | |
katsu | |
https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-41.noarch.rpm | |
https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-41.noarch.rpm | |
on: | |
push: | |
branches: ["um41"] | |
workflow_dispatch: | |
pull_request: | |
branches: ["um41"] | |
jobs: | |
#### BASE IMAGES #### | |
image: | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: | |
- x86_64 | |
- aarch64 | |
variant: | |
- base/base-disk | |
- flagship/base-disk | |
- gnome/base-disk | |
- plasma/base-disk | |
- xfce/base-disk | |
- ports/chromebook/x86_64/flagship | |
- ports/chromebook/x86_64/gnome | |
- ports/chromebook/x86_64/plasma | |
- ports/chromebook/x86_64/xfce | |
- ports/chromebook/mt8183/flagship | |
- ports/chromebook/mt8183/gnome | |
- ports/chromebook/mt8183/plasma | |
- ports/chromebook/mt8183/xfce | |
- ports/chromebook/mt8192/flagship | |
- ports/chromebook/mt8192/gnome | |
- ports/chromebook/mt8192/plasma | |
- ports/chromebook/mt8192/xfce | |
- ports/chromebook/sc7180/flagship | |
- ports/chromebook/sc7180/gnome | |
- ports/chromebook/sc7180/plasma | |
- ports/chromebook/sc7180/xfce | |
# TODO: figure out how to get loop devices to work on our ARM runners | |
exclude: | |
- arch: aarch64 | |
variant: ports/chromebook/x86_64/flagship | |
- arch: aarch64 | |
variant: ports/chromebook/x86_64/gnome | |
- arch: aarch64 | |
variant: ports/chromebook/x86_64/plasma | |
- arch: aarch64 | |
variant: ports/chromebook/x86_64/xfce | |
- arch: x86_64 | |
variant: ports/chromebook/mt8183/flagship | |
- arch: x86_64 | |
variant: ports/chromebook/mt8183/gnome | |
- arch: x86_64 | |
variant: ports/chromebook/mt8183/plasma | |
- arch: x86_64 | |
variant: ports/chromebook/mt8183/xfce | |
- arch: x86_64 | |
variant: ports/chromebook/mt8192/flagship | |
- arch: x86_64 | |
variant: ports/chromebook/mt8192/gnome | |
- arch: x86_64 | |
variant: ports/chromebook/mt8192/plasma | |
- arch: x86_64 | |
variant: ports/chromebook/mt8192/xfce | |
- arch: x86_64 | |
variant: ports/chromebook/sc7180/flagship | |
- arch: x86_64 | |
variant: ports/chromebook/sc7180/gnome | |
- arch: x86_64 | |
variant: ports/chromebook/sc7180/plasma | |
- arch: x86_64 | |
variant: ports/chromebook/sc7180/xfce | |
runs-on: ${{ matrix.arch == 'x86_64' && 'ubuntu-latest' || 'arm64' }} | |
container: | |
image: ghcr.io/terrapkg/builder:f41 | |
# Pass /dev from host to container | |
# Very hacky, but it works | |
# Microsoft/Github, if you're reading this, | |
# I'm sorry. | |
options: --privileged -v /dev:/dev | |
steps: | |
- name: Install dependencies | |
run: | | |
dnf up -y | |
dnf install -y $DNF_PKGS | |
dnf clean all | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: sanitize artifact name | |
run: | | |
name=$(echo ${{ matrix.variant }} | sed 's/\//-/g') | |
name=$name-${{ matrix.arch }} | |
# set github variable | |
echo artifact=$name >> $GITHUB_ENV | |
# Get architecture | |
# e.g. base/base-disk-x86_64 -> x86_64 | |
echo arch=$(echo ${{ matrix.variant }} | cut -d'-' -f3) >> $GITHUB_ENV | |
- name: ${{ env.KATSU_BUILD_TASK_NAME }} | |
run: | | |
rm -rf /etc/rpm/macros.image-language-conf | |
chcon system_u:object_r:install_exec_t:s0 "$(which katsu)" | |
pushd katsu | |
KATSU_LOG=trace katsu -v --output=disk-image "modules/${{ matrix.variant }}-${{ matrix.arch }}.yaml" | |
mv katsu-work/image/katsu.img katsu-work/image/${{ env.artifact }}.img | |
# compress image as zst, output as .img.zst | |
zstd -T0 -19 katsu-work/image/${{ env.artifact }}.img -o katsu-work/image/${{ env.artifact }}.img.zst | |
popd | |
- name: Upload Artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.artifact }}-image | |
path: katsu/katsu-work/image/*.img.zst | |
compression-level: 0 | |
live-iso: | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: | |
- x86_64 | |
- aarch64 | |
variant: | |
- flagship/flagship-live | |
- gnome/gnome-live | |
- plasma/plasma-live | |
- xfce/xfce-live | |
- flagship/flagship-live-anaconda | |
- gnome/gnome-live-anaconda | |
- plasma/plasma-live-anaconda | |
- xfce/xfce-live-anaconda | |
- ports/chromebook/x86_64/flagship | |
- ports/chromebook/x86_64/gnome | |
- ports/chromebook/x86_64/plasma | |
- ports/chromebook/x86_64/xfce | |
runs-on: ${{ matrix.arch == 'x86_64' && 'ubuntu-latest' || 'arm64' }} | |
container: | |
image: ghcr.io/terrapkg/builder:f41 | |
# Pass /dev from host to container | |
# Very hacky, but it works | |
# Microsoft/Github, if you're reading this, | |
# I'm sorry. | |
options: --privileged -v /dev:/dev | |
steps: | |
- name: Install dependencies | |
run: | | |
dnf up -y | |
dnf install -y $DNF_PKGS | |
dnf clean all | |
- name: sanitize artifact name | |
run: | | |
name=$(echo ${{ matrix.variant }} | sed 's/\//-/g') | |
# set github variable | |
echo artifact=$name-${{ matrix.arch }} >> $GITHUB_ENV | |
# Get variant name from path | |
# e.g. flagship/flagship-live -> flagship | |
echo variant=$(echo ${{ matrix.variant }} | cut -d'/' -f1) >> $GITHUB_ENV | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: ${{ env.KATSU_BUILD_TASK_NAME }} | |
run: | | |
# loop device fix | |
if [ "$(df -T /dev | tail -1 |cut -f 1 -d ' ')" = "tmpfs" ]; then | |
mount -t devtmpfs none /dev | |
fi | |
rm -rf /etc/rpm/macros.image-language-conf | |
chcon system_u:object_r:install_exec_t:s0 "$(which katsu)" | |
pushd katsu | |
KATSU_KEEP_CHROOT=1 KATSU_LOG=trace katsu -v --output=iso "modules/${{ matrix.variant }}.yaml" | |
# get the ISO name, and then append the arch | |
# e.g. flagship-live.iso -> flagship-live-x86_64.iso | |
# get the ISO name | |
iso=$(ls *.iso) | |
# append the arch | |
mv $iso $(echo $iso | sed "s/.iso/-${{ matrix.arch }}.iso/") | |
rm -rf katsu-work/ | |
popd | |
- name: Upload Artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.artifact }}-iso | |
path: katsu/*.iso | |
compression-level: 0 | |
tar: | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: | |
- x86_64 | |
- aarch64 | |
variant: | |
- wsl/wsl | |
runs-on: ${{ matrix.arch == 'x86_64' && 'ubuntu-latest' || 'arm64' }} | |
container: | |
image: ghcr.io/terrapkg/builder:f41 | |
# Pass /dev from host to container | |
# Very hacky, but it works | |
# Microsoft/Github, if you're reading this, | |
# I'm sorry. | |
options: --privileged -v /dev:/dev | |
steps: | |
- name: Install dependencies | |
run: | | |
dnf up -y | |
dnf install -y $DNF_PKGS | |
dnf clean all | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: sanitize artifact name | |
run: | | |
name=$(echo ${{ matrix.variant }} | sed 's/\//-/g') | |
name=$name-${{ matrix.arch }} | |
# set github variable | |
echo artifact=$name >> $GITHUB_ENV | |
# Get architecture | |
# e.g. base/base-disk-x86_64 -> x86_64 | |
echo arch=$(echo ${{ matrix.variant }} | cut -d'-' -f3) >> $GITHUB_ENV | |
- name: ${{ env.KATSU_BUILD_TASK_NAME }} | |
run: | | |
rm -rf /etc/rpm/macros.image-language-conf | |
chcon system_u:object_r:install_exec_t:s0 "$(which katsu)" | |
pushd katsu | |
KATSU_LOG=trace katsu -v --output=folder "modules/${{ matrix.variant }}.yaml" | |
pushd katsu-work/chroot | |
tar -cf ../chroot.tar . | |
popd | |
mv katsu-work/chroot.tar katsu-work/${{ env.artifact }}.tar | |
# compress tar as zst, output as .tar.zst | |
# have an exception for WSL, as it doesn't support zstd | |
if [ "${{ matrix.variant }}" = "wsl/wsl" ]; then | |
gzip -9 -c katsu-work/${{ env.artifact }}.tar > katsu-work/${{ env.artifact }}.tar.gz | |
else | |
zstd -T0 -19 katsu-work/${{ env.artifact }}.tar -o katsu-work/${{ env.artifact }}.tar.zst | |
fi | |
popd | |
- name: Upload Artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.artifact }}-tar | |
path: | | |
katsu/katsu-work/*.tar.zst | |
katsu/katsu-work/*.tar.gz | |
compression-level: 0 | |
#### LIVE ISO PUSH #### | |
push-image: | |
runs-on: arm64 | |
container: | |
image: ghcr.io/terrapkg/builder:f41 | |
environment: production | |
needs: | |
- live-iso | |
- image | |
- tar | |
if: github.event_name != 'pull_request' | |
steps: | |
- name: Install dependencies | |
run: | | |
dnf install -y wget | |
dnf clean all | |
- name: Download artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
path: artifacts | |
- name: Generate artifact tree | |
run: | | |
set | |
ls -lR | |
mkdir -p images | |
# for folder in artifacts | |
pack_image() { | |
file=$1 | |
type=$2 | |
IMAGEDIR=images/$type/ultramarine/41/ | |
mkdir -p $IMAGEDIR | |
filename=$(basename -- "$file") | |
# create sha256sum | |
sha256sum $file > $IMAGEDIR/$filename.sha256sum | |
mv $file $IMAGEDIR | |
} | |
for file in artifacts/*-iso/*; do | |
# if is file | |
if [ -f "$file" ]; then | |
pack_image $file isos | |
fi | |
done | |
for file in artifacts/*-image/*; do | |
# if is file | |
if [ -f "$file" ]; then | |
pack_image $file images | |
fi | |
done | |
for file in artifacts/*-tar/*; do | |
# if is file | |
if [ -f "$file" ]; then | |
pack_image $file images | |
fi | |
done | |
- name: Upload to R2 | |
run: | | |
wget https://dl.min.io/client/mc/release/linux-arm64/mc | |
chmod +x ./mc | |
./mc alias set r2 '${{ secrets.S3_ENDPOINT }}' '${{ secrets.S3_KEY_ID }}' '${{ secrets.S3_SECRET_KEY }}' | |
./mc mirror --overwrite images 'r2/images' |