elementary · danirabbit · Nov 4, 2021 · Oct 25, 2021 · Oct 25, 2021 · Oct 25, 2021
diff --git a/.github/workflows/daily-6.0.yml b/.github/workflows/daily-6.0.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
 
     container:
-      image: debian:buster
+      image: debian:latest
       volumes:
         - /proc:/proc
       options: --privileged

diff --git a/.github/workflows/daily-7.0.yml b/.github/workflows/daily-7.0.yml
@@ -0,0 +1,27 @@
+name: daily-7.0
+
+on:
+  push:
+    branches:
+      - master
+  schedule:
+    - cron: "0 0 * * *"
+  workflow_dispatch: {}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    container:
+      image: debian:latest
+      volumes:
+        - /proc:/proc
+      options: --privileged
+
+    steps:
+    - name: Clone build scripts
+      uses: actions/checkout@v1
+
+    - name: Build and upload daily .iso
+      run: |
+        ./workflows.sh etc/terraform-daily-7.0-azure.conf "${{ secrets.key }}" "${{ secrets.secret }}" "${{ secrets.endpoint }}" "${{ secrets.bucket }}"
diff --git a/.github/workflows/stable.yml b/.github/workflows/stable.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
 
     container:
-      image: debian:buster
+      image: debian:latest
       volumes:
         - /proc:/proc
       options: --privileged

diff --git a/README.md b/README.md
@@ -33,7 +33,7 @@ Configure the channel in the `etc/terraform.conf` (stable, daily), then run:
 docker run --privileged -i -v /proc:/proc \
     -v ${PWD}:/working_dir \
     -w /working_dir \
-    debian:buster \
+    debian:latest \
     /bin/bash -s etc/terraform.conf < build.sh
 ```
 

diff --git a/build.sh b/build.sh
@@ -24,20 +24,26 @@ echo -e "
 "
 
 apt-get update
-apt-get install -y live-build patch ubuntu-keyring
+apt-get install -y live-build patch gnupg2 binutils zstd
 
-# TODO: Remove once live-build is able to acommodate for cases where LB_INITRAMFS is not live-boot:
-# https://salsa.debian.org/live-team/live-build/merge_requests/31
-patch -d /usr/lib/live/build/ < live-build-fix-syslinux.patch
+# The Debian repositories don't seem to have the `ubuntu-keyring` or `ubuntu-archive-keyring` packages
+# anymore, so we add the archive keys manually. This may need to be updated if Ubuntu changes their signing keys
+# To get the current key ID, find `ubuntu-keyring-xxxx-archive.gpg` in /etc/apt/trusted.gpg.d on a running
+# system and run `gpg --keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-xxxx-archive.gpg --list-public-keys `
+apt-key adv --recv-keys --keyserver keyserver.ubuntu.com F6ECB3762474EDA9D21B7022871920D1991BC93C
 
 # TODO: This patch was submitted upstream at:
 # https://salsa.debian.org/live-team/live-build/-/merge_requests/255
 # This can be removed when our Debian container has a version containing this fix
 patch -d /usr/lib/live/build/ < live-build-fix-shim-remove.patch
 
-# TODO: Remove this once debootstrap 1.0.117 or newer is released and available:
+# TODO: This can be removed when our Debian container has debootstrap 1.0.124 or later
+# It's needed to support the new zstd .deb package compression that Ubuntu is doing
+patch -d /usr/share/debootstrap/ < debootstrap-backport-zstd-support.patch
+
+# TODO: Remove this once debootstrap has a script to build jammy images in our container:
 # https://salsa.debian.org/installer-team/debootstrap/blob/master/debian/changelog
-ln -sfn /usr/share/debootstrap/scripts/gutsy /usr/share/debootstrap/scripts/focal
+ln -sfn /usr/share/debootstrap/scripts/gutsy /usr/share/debootstrap/scripts/jammy
 
 build () {
   BUILD_ARCH="$1"

diff --git a/debootstrap-backport-zstd-support.patch b/debootstrap-backport-zstd-support.patch
@@ -0,0 +1,19 @@
+--- /usr/share/debootstrap/functions.orig	2021-10-23 23:13:10.576805331 +0000
++++ /usr/share/debootstrap/functions	2021-10-23 23:14:05.465350379 +0000
+@@ -974,6 +974,7 @@
+ 	case "$tarball" in
+ 		control.tar.gz) cat_cmd=zcat ;;
+ 		control.tar.xz) cat_cmd=xzcat ;;
++		control.tar.zst) cat_cmd=zstdcat ;;
+ 		control.tar)    cat_cmd=cat ;;
+ 		*) error 1 UNKNOWNCONTROLCOMP "Unknown compression type for %s in %s" "$tarball" "$pkg" ;;
+ 	esac
+@@ -996,6 +997,7 @@
+ 		data.tar.gz)  cat_cmd=zcat ;;
+ 		data.tar.bz2) cat_cmd=bzcat ;;
+ 		data.tar.xz)  cat_cmd=xzcat ;;
++		data.tar.zst) cat_cmd=zstdcat ;;
+ 		data.tar)     cat_cmd=cat ;;
+ 		*) error 1 UNKNOWNDATACOMP "Unknown compression type for %s in %s" "$tarball" "$pkg" ;;
+ 	esac
+
diff --git a/etc/auto/config b/etc/auto/config
@@ -25,6 +25,8 @@ lb config noauto \
     --linux-packages linux-image \
     --linux-flavours "$KERNEL_FLAVORS" \
     --bootappend-live "boot=casper maybe-ubiquity quiet splash" \
+    --debootstrap-options="--extractor=ar --keyring=/etc/apt/trusted.gpg" \
+    --checksums md5 \
     --mirror-bootstrap "$MIRROR_URL" \
     --parent-mirror-bootstrap "$MIRROR_URL" \
     --mirror-chroot-security "http://security.ubuntu.com/ubuntu/" \

diff --git a/etc/config/package-lists.default/pool.list.binary b/etc/config/package-lists.default/pool.list.binary
@@ -4,12 +4,10 @@ dkms
 intel-microcode
 iucode-tool
 lupin-support
-mouseemu
 setserial
 user-setup
 
 efibootmgr
-grub-efi
 secureboot-db
 
 #if ARCHITECTURES amd64
@@ -19,10 +17,3 @@ grub-efi-amd64-signed
 shim
 shim-signed
 #endif
-
-#if ARCHITECTURES i386
-grub-efi-ia32
-grub-efi-ia32-bin
-sl-modem-daemon
-#endif
-
diff --git a/etc/terraform-daily-7.0-azure.conf b/etc/terraform-daily-7.0-azure.conf
@@ -0,0 +1,36 @@
+# target architecture - i386, amd64 or all
+ARCH="amd64"
+
+# base codename
+BASECODENAME="jammy"
+
+# base version
+BASEVERSION="22.04"
+
+# distribution codename
+CODENAME="next"
+
+# distribution version
+VERSION="7.0"
+
+# distribution channel
+CHANNEL="daily"
+
+# distribution name
+NAME="elementary OS"
+
+# mirror to fetch packages from
+MIRROR_URL="http://azure.archive.ubuntu.com/ubuntu/"
+
+# use HWE kernel and packages?
+HWE_KERNEL="no"
+HWE_X11="no"
+
+# use appcenter ppa
+INCLUDE_APPCENTER=""
+
+# suffix for generated .iso files
+OUTPUT_SUFFIX=""
+
+# folder suffix for the package lists to use
+PACKAGE_LISTS_SUFFIX="default"
diff --git a/live-build-fix-shim-remove.patch b/live-build-fix-shim-remove.patch
@@ -1,16 +1,15 @@
---- /usr/lib/live/build/binary_grub-efi	2019-03-11 10:05:40.000000000 +0000
-+++ /usr/lib/live/build/binary_grub-efi_v2	2021-08-04 13:37:20.064547041 +0000
-@@ -267,8 +267,12 @@
+--- binary_grub-efi	2021-04-02 15:43:54.000000000 +0000
++++ binary_grub-efi_v2	2021-10-23 22:43:57.314540341 +0000
+@@ -280,8 +280,12 @@
  		# Saving cache
- 		Save_cache cache/packages.binary
+ 		Save_package_cache binary
 
 -		# Removing depends
--		Remove_package
 +		# Removing depends, some bootloader packages are marked as Protected/Important
 +		# in Ubuntu, so temporarily add an apt flag to allow them to be removed
 +		PRE_APT_OPTIONS="${APT_OPTIONS}"
 +		APT_OPTIONS="${APT_OPTIONS} --allow-remove-essential"
-+		Remove_package
+ 		Remove_packages
 +		APT_OPTIONS="${PRE_APT_OPTIONS}"
  		;;
 

diff --git a/live-build-fix-syslinux.patch b/live-build-fix-syslinux.patch