-
-
Notifications
You must be signed in to change notification settings - Fork 131
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add elementary 7 daily images #565
Changes from all commits
e58cfd9
17ea6e7
4eec094
b8d8856
781a3ce
380af7c
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
name: daily-7.0 | ||
|
||
on: | ||
push: | ||
branches: | ||
- master | ||
schedule: | ||
- cron: "0 0 * * *" | ||
workflow_dispatch: {} | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
|
||
container: | ||
image: debian:latest | ||
volumes: | ||
- /proc:/proc | ||
options: --privileged | ||
|
||
steps: | ||
- name: Clone build scripts | ||
uses: actions/checkout@v1 | ||
|
||
- name: Build and upload daily .iso | ||
run: | | ||
./workflows.sh etc/terraform-daily-7.0-azure.conf "${{ secrets.key }}" "${{ secrets.secret }}" "${{ secrets.endpoint }}" "${{ secrets.bucket }}" |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -24,20 +24,26 @@ echo -e " | |
" | ||
|
||
apt-get update | ||
apt-get install -y live-build patch ubuntu-keyring | ||
apt-get install -y live-build patch gnupg2 binutils zstd | ||
|
||
# TODO: Remove once live-build is able to acommodate for cases where LB_INITRAMFS is not live-boot: | ||
# https://salsa.debian.org/live-team/live-build/merge_requests/31 | ||
patch -d /usr/lib/live/build/ < live-build-fix-syslinux.patch | ||
# The Debian repositories don't seem to have the `ubuntu-keyring` or `ubuntu-archive-keyring` packages | ||
# anymore, so we add the archive keys manually. This may need to be updated if Ubuntu changes their signing keys | ||
# To get the current key ID, find `ubuntu-keyring-xxxx-archive.gpg` in /etc/apt/trusted.gpg.d on a running | ||
# system and run `gpg --keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-xxxx-archive.gpg --list-public-keys ` | ||
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com F6ECB3762474EDA9D21B7022871920D1991BC93C | ||
|
||
# TODO: This patch was submitted upstream at: | ||
# https://salsa.debian.org/live-team/live-build/-/merge_requests/255 | ||
# This can be removed when our Debian container has a version containing this fix | ||
patch -d /usr/lib/live/build/ < live-build-fix-shim-remove.patch | ||
|
||
# TODO: Remove this once debootstrap 1.0.117 or newer is released and available: | ||
# TODO: This can be removed when our Debian container has debootstrap 1.0.124 or later | ||
# It's needed to support the new zstd .deb package compression that Ubuntu is doing | ||
patch -d /usr/share/debootstrap/ < debootstrap-backport-zstd-support.patch | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Ubuntu have switched to using zstd compression for .deb packages in |
||
|
||
# TODO: Remove this once debootstrap has a script to build jammy images in our container: | ||
# https://salsa.debian.org/installer-team/debootstrap/blob/master/debian/changelog | ||
ln -sfn /usr/share/debootstrap/scripts/gutsy /usr/share/debootstrap/scripts/focal | ||
ln -sfn /usr/share/debootstrap/scripts/gutsy /usr/share/debootstrap/scripts/jammy | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The
|
||
|
||
build () { | ||
BUILD_ARCH="$1" | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
--- /usr/share/debootstrap/functions.orig 2021-10-23 23:13:10.576805331 +0000 | ||
+++ /usr/share/debootstrap/functions 2021-10-23 23:14:05.465350379 +0000 | ||
@@ -974,6 +974,7 @@ | ||
case "$tarball" in | ||
control.tar.gz) cat_cmd=zcat ;; | ||
control.tar.xz) cat_cmd=xzcat ;; | ||
+ control.tar.zst) cat_cmd=zstdcat ;; | ||
control.tar) cat_cmd=cat ;; | ||
*) error 1 UNKNOWNCONTROLCOMP "Unknown compression type for %s in %s" "$tarball" "$pkg" ;; | ||
esac | ||
@@ -996,6 +997,7 @@ | ||
data.tar.gz) cat_cmd=zcat ;; | ||
data.tar.bz2) cat_cmd=bzcat ;; | ||
data.tar.xz) cat_cmd=xzcat ;; | ||
+ data.tar.zst) cat_cmd=zstdcat ;; | ||
data.tar) cat_cmd=cat ;; | ||
*) error 1 UNKNOWNDATACOMP "Unknown compression type for %s in %s" "$tarball" "$pkg" ;; | ||
esac | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -25,6 +25,8 @@ lb config noauto \ | |
--linux-packages linux-image \ | ||
--linux-flavours "$KERNEL_FLAVORS" \ | ||
--bootappend-live "boot=casper maybe-ubiquity quiet splash" \ | ||
--debootstrap-options="--extractor=ar --keyring=/etc/apt/trusted.gpg" \ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Use Have |
||
--checksums md5 \ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
The Ubuntu live iso integrity check on booting the live CD still uses MD5, so switch that over here or else we don't get the integrity check on startup. |
||
--mirror-bootstrap "$MIRROR_URL" \ | ||
--parent-mirror-bootstrap "$MIRROR_URL" \ | ||
--mirror-chroot-security "http://security.ubuntu.com/ubuntu/" \ | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,12 +4,10 @@ dkms | |
intel-microcode | ||
iucode-tool | ||
lupin-support | ||
mouseemu | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. No longer exists in Packages in this list aren't even installed anyway, they're just put on the pool on the |
||
setserial | ||
user-setup | ||
|
||
efibootmgr | ||
grub-efi | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We have the architecture specific version of |
||
secureboot-db | ||
|
||
#if ARCHITECTURES amd64 | ||
|
@@ -19,10 +17,3 @@ grub-efi-amd64-signed | |
shim | ||
shim-signed | ||
#endif | ||
|
||
#if ARCHITECTURES i386 | ||
grub-efi-ia32 | ||
grub-efi-ia32-bin | ||
sl-modem-daemon | ||
#endif | ||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We don't build i386 images. |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
# target architecture - i386, amd64 or all | ||
ARCH="amd64" | ||
|
||
# base codename | ||
BASECODENAME="jammy" | ||
|
||
# base version | ||
BASEVERSION="22.04" | ||
|
||
# distribution codename | ||
CODENAME="next" | ||
|
||
# distribution version | ||
VERSION="7.0" | ||
|
||
# distribution channel | ||
CHANNEL="daily" | ||
|
||
# distribution name | ||
NAME="elementary OS" | ||
|
||
# mirror to fetch packages from | ||
MIRROR_URL="http://azure.archive.ubuntu.com/ubuntu/" | ||
|
||
# use HWE kernel and packages? | ||
HWE_KERNEL="no" | ||
HWE_X11="no" | ||
|
||
# use appcenter ppa | ||
INCLUDE_APPCENTER="" | ||
|
||
# suffix for generated .iso files | ||
OUTPUT_SUFFIX="" | ||
|
||
# folder suffix for the package lists to use | ||
PACKAGE_LISTS_SUFFIX="default" |
This file was deleted.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updating to the latest stable release of Debian lets us drop a couple of patches that I'd upstreamed against
live-build
. Because these patches are dropped from thebuild.sh
script, which is used for building all versions of the ISO, we need to use this newer container everywhere.