ci: install mkosi from repository for x86_64

Install mkosi from the upstream project to align s390x and amd64 builds.

Signed-off-by: Magnus Kulke <magnuskulke@microsoft.com>

.github/workflows/azure-podvm-image-build.yml

@@ -49,9 +49,29 @@ jobs:
         path: cloud-api-adaptor
         ref: "${{ inputs.git-ref || 'main' }}"
 
-    - uses: cachix/install-nix-action@v30
-      with:
-        nix_path: nixpkgs=channel:nixos-unstable
+    - name: Install build dependencies
+      run: |
+        sudo apt-get update -y
+        sudo apt-get install -y \
+          alien \
+          bubblewrap \
+          dnf \
+          mtools \
+          qemu-utils \
+          systemd-ukify \
+          uidmap
+        sudo snap install yq
+
+    - name: Read properties from versions.yaml
+      run: |
+        echo "MKOSI_VERSION=$(yq -e '.tools.mkosi' versions.yaml)" >> "$GITHUB_ENV"
+
+    - name: Setup mkosi
+      run: |
+        git clone -b "$MKOSI_VERSION" https://github.com/systemd/mkosi
+        PATH="$PWD/mkosi/bin:$PATH"
+        mkosi --version
+        echo "PATH=$PWD/mkosi/bin:$PATH" >> "$GITHUB_ENV"
 
     - name: Install uplosi
       run: |
@@ -67,11 +87,6 @@ jobs:
       run: |
         make binaries
 
-    - name: Install build dependencies
-      run: |
-        sudo apt-get update -y
-        sudo apt-get install -y qemu-utils
-
     - name: Build image
       run: make image
 

.github/workflows/podvm_mkosi.yaml

@@ -114,17 +114,30 @@ jobs:
       - name: Install build dependencies
         run: |
           sudo apt-get update -y
-          sudo apt-get install -y bubblewrap alien dnf qemu-utils uidmap
+          sudo apt-get install -y \
+            alien \
+            bubblewrap \
+            dnf \
+            mtools \
+            qemu-utils \
+            systemd-ukify \
+            uidmap
           sudo snap install yq
 
       - name: Read properties from versions.yaml
         run: |
+          echo "MKOSI_VERSION=$(yq -e '.tools.mkosi' versions.yaml)" >> "$GITHUB_ENV"
           echo "ORAS_VERSION=$(yq -e '.tools.oras' versions.yaml)" >> "$GITHUB_ENV"
-
       - uses: oras-project/setup-oras@v1
         with:
           version: ${{ env.ORAS_VERSION }}
 
+      - name: Setup mkosi
+        run: |
+          git clone -b "$MKOSI_VERSION" https://github.com/systemd/mkosi
+          PATH="$PWD/mkosi/bin:$PATH"
+          mkosi --version
+          echo "PATH=$PWD/mkosi/bin:$PATH" >> "$GITHUB_ENV"
 
       - name: Build binaries
         id: build_binaries
@@ -133,22 +146,6 @@ jobs:
         env:
           ARCH: ${{ inputs.arch }}
 
-      - name: Install mkosi
-        if: ${{ inputs.arch == 's390x' }}
-        run: |
-          git clone -b v22 https://github.com/systemd/mkosi
-          sudo rm -f /usr/local/bin/mkosi
-          sudo ln -s "$PWD/mkosi/bin/mkosi" /usr/local/bin/mkosi
-          mkosi --version
-
-      - name: Install Nix
-        if: ${{ inputs.arch == 'amd64' }}
-        uses: cachix/install-nix-action@v30
-
-      - name: Build nix shell to cache dependencies
-        if: ${{ inputs.arch == 'amd64' }}
-        run: nix build .#devShells.x86_64-linux.podvm-mkosi
-
       - name: Build mkosi debug image
         if: ${{ inputs.debug == 'true' }}
         working-directory: src/cloud-api-adaptor/podvm-mkosi
@@ -192,7 +189,6 @@ jobs:
           subject-digest: ${{ steps.publish_oras_qcow2.outputs.digest }}
           push-to-registry: true
 
-
       - name: Clean up some space for the docker provider build
         working-directory: src/cloud-api-adaptor/podvm-mkosi
         run: |

src/cloud-api-adaptor/podvm-mkosi/Makefile

@@ -74,7 +74,7 @@ else ifeq ($(ARCH),s390x)
 	sudo -E ../hack/build-s390x-image.sh
 else
 	touch resources/buildBootableImage
-	nix develop ..#podvm-mkosi --command mkosi --environment=VARIANT_ID=production
+	mkosi --profile production.conf
 	qemu-img convert -f raw -O qcow2 build/system.raw build/podvm-$(PODVM_DISTRO)-$(ARCH).qcow2
 endif
 
@@ -95,7 +95,7 @@ else ifeq ($(ARCH),s390x)
 	sudo -E ../hack/build-s390x-image.sh
 else
 	touch resources/buildBootableImage
-	nix develop ..#podvm-mkosi --command mkosi --environment=VARIANT_ID=debug
+	mkosi --profile debug.conf
 	qemu-img convert -f raw -O qcow2 build/system.raw build/podvm-$(PODVM_DISTRO)-$(ARCH).qcow2
 endif
 

src/cloud-api-adaptor/podvm-mkosi/README.md

@@ -4,7 +4,9 @@
 
 ## Prerequisites
 
-Currently, mksoi and other related tools are provided through a [Nix](https://nixos.org/) flake. Nix ensures all tools used in the build of the image are itself reproducible and pinned. mkosi requires a very recent systemd version, so using tools installed on the host is usually not possible. Nix needs to be configured to enable `flakes` and `nix command`. It is recommended to install Nix with the `DeterminateSystems nix-installer`, which comes with a configuration that is ready to use.
+There are various ways to install mkosi documented on the [project page](https://github.com/systemd/mkosi). Different distributions also package mkosi in their repositories, alongside the dependencies.
+
+Refer to the [CI workflow](../../../.github/workflows/podvm_mkosi.yaml) to see which additional tools are required to build an image.
 
 ### Building the image
 
@@ -77,7 +79,7 @@ reduce complexity of configuration and CI and shall not be seen as open to-dos.
   from IMDS via the project's `process-user-data` tool.
 
 ## Build s390x image
-Since the [nix OS](https://nixos.org/download/#download-nix) does not support s390x, we can use the mkosi **ToolsTree** feature defined in `mkosi.conf` to download latest tools automatically:
+We can use the mkosi **ToolsTree** feature defined in `mkosi.conf` to download latest tools automatically:
 ```
 [Host]
 ToolsTree=default

src/cloud-api-adaptor/versions.yaml

@@ -23,11 +23,12 @@ cloudimg:
 
 tools:
   bats: 1.10.0
+  iptables-wrapper: v0.0.0-20240819165702-06cad2ec6cb5
   golang: 1.22.7
+  kcli: 99.0.202408152044
+  mkosi: v22
   protoc: 3.15.0
   packer: v1.9.4
-  kcli: 99.0.202408152044
-  iptables-wrapper: v0.0.0-20240819165702-06cad2ec6cb5
   oras: 1.2.0
 # Referenced Git repositories
 git: