From 9000df92242b96dcf1754541584c429ef7dd68f0 Mon Sep 17 00:00:00 2001 From: xyny <60004820+xynydev@users.noreply.github.com> Date: Wed, 22 Nov 2023 12:23:15 +0000 Subject: [PATCH 01/30] fix: use -R flag to select repo on iso-deleting `gh` commands --- .github/workflows/release-iso.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-iso.yml b/.github/workflows/release-iso.yml index a913affc40..4b17e8d8fe 100644 --- a/.github/workflows/release-iso.yml +++ b/.github/workflows/release-iso.yml @@ -35,7 +35,7 @@ jobs: GITHUB_TOKEN: ${{ github.token }} run: | if gh release list -R ${{ github.repository_owner }}/${{ github.event.repository.name }} | grep "auto-iso"; then - gh release view auto-iso --json assets -q .assets[].name | xargs -L 1 gh release delete-asset auto-iso + gh release view auto-iso -R ${{ github.repository_owner }}/${{ github.event.repository.name }} --json assets -q .assets[].name | xargs -L 1 gh release delete-asset auto-iso -R ${{ github.repository_owner }}/${{ github.event.repository.name }} gh release upload auto-iso ${{ steps.isogenerator.outputs.iso-path }} -R ${{ github.repository_owner }}/${{ github.event.repository.name }} --clobber else gh release create auto-iso ${{ steps.isogenerator.outputs.iso-path }} -t ISO -n "This is an automatically generated ISO release." -R ${{ github.repository_owner }}/${{ github.event.repository.name }} From 9b3db9c3ac3f4615ada73f027e252ec746bce5cb Mon Sep 17 00:00:00 2001 From: ArtikusHG <24320212+ArtikusHG@users.noreply.github.com> Date: Wed, 22 Nov 2023 15:26:27 +0000 Subject: [PATCH 02/30] feat: add just syntax checker (#194) * feat: add just syntax checker * fix: create empty file to pass just syntax check * fix: use relative path to pass just syntax check * fix: justfiles cannot be empty to pass the syntax check * fix: format justfiles * docs: 100-bling.just explain purpose --------- Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com> --- .github/workflows/build.yml | 3 +++ config/files/usr/share/ublue-os/just/100-bling.just | 2 ++ config/files/usr/share/ublue-os/just/60-custom.just | 3 +-- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 config/files/usr/share/ublue-os/just/100-bling.just diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b428c6e9d7..01767d0491 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -54,6 +54,9 @@ jobs: - name: Checkout Push to Registry action uses: actions/checkout@v4 + - name: Check just syntax + uses: ublue-os/just-action@v1 + - name: Add yq (for reading recipe.yml) uses: mikefarah/yq@v4.40.2 diff --git a/config/files/usr/share/ublue-os/just/100-bling.just b/config/files/usr/share/ublue-os/just/100-bling.just new file mode 100644 index 0000000000..9e3a89ba4b --- /dev/null +++ b/config/files/usr/share/ublue-os/just/100-bling.just @@ -0,0 +1,2 @@ +# this file is a placeholder, +# making changes here is not supported diff --git a/config/files/usr/share/ublue-os/just/60-custom.just b/config/files/usr/share/ublue-os/just/60-custom.just index f1dd14804d..bd38c97020 100644 --- a/config/files/usr/share/ublue-os/just/60-custom.just +++ b/config/files/usr/share/ublue-os/just/60-custom.just @@ -1,3 +1,2 @@ -!include /usr/share/ublue-os/just/100-bling.just - +!include 100-bling.just # Include some of your custom scripts here! From a0bff9f33e7f2291b763fb10d1c8754d7fda39c8 Mon Sep 17 00:00:00 2001 From: Jakub Kujawa Date: Thu, 23 Nov 2023 15:01:06 +0100 Subject: [PATCH 03/30] =?UTF-8?q?=F0=9F=90=9E=20fix(just):=20fix=20script?= =?UTF-8?q?=20commands?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config/files/usr/share/ublue-os/just/60-custom.just | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/config/files/usr/share/ublue-os/just/60-custom.just b/config/files/usr/share/ublue-os/just/60-custom.just index 9bf34e95e4..bc43448d01 100644 --- a/config/files/usr/share/ublue-os/just/60-custom.just +++ b/config/files/usr/share/ublue-os/just/60-custom.just @@ -4,19 +4,19 @@ # Install JetBrains Toolbox | https://www.jetbrains.com/toolbox-app/ jetbrains-toolbox: #!/usr/bin/env bash - @pushd "$(mktemp -d)" - @echo "Get latest JetBrains Toolbox version" + pushd "$(mktemp -d)" + echo "Get latest JetBrains Toolbox version" # Get the json with latest releases curl -sSfL -o releases.json "https://data.services.jetbrains.com/products/releases?code=TBA&latest=true&type=release" # Extract information BUILD_VERSION=$(jq -r '.TBA[0].build' ./releases.json) DOWNLOAD_LINK=$(jq -r '.TBA[0].downloads.linux.link' ./releases.json) CHECKSUM_LINK=$(jq -r '.TBA[0].downloads.linux.checksumLink' ./releases.json) - @echo "Installing JetBrains Toolbox ${BUILD_VERSION}" + echo "Installing JetBrains Toolbox ${BUILD_VERSION}" curl -sSfL -O "${DOWNLOAD_LINK}" curl -sSfL "${CHECKSUM_LINK}" | sha256sum -c tar zxf jetbrains-toolbox-"${BUILD_VERSION}".tar.gz - @echo "Launching JetBrains Toolbox" + echo "Launching JetBrains Toolbox" ./jetbrains-toolbox-"${BUILD_VERSION}"/jetbrains-toolbox # Run the yafti setup tool @@ -27,7 +27,7 @@ yafti: mamba: #!/usr/bin/env bash pushd "$(mktemp -d)" - @echo "Get latest Miniforge3 version" + echo "Get latest Miniforge3 version" curl -L -O "https://github.com/conda-forge/miniforge/releases/latest/download/Miniforge3-$(uname)-$(uname -m).sh" HOMEDIR=$( getent passwd "$USER" | cut -d: -f6 ) bash Miniforge3-$(uname)-$(uname -m).sh -b -p "${HOMEDIR}/mambaforge/" From 73759cec5936ade436b53a844bc206849aeb0cdd Mon Sep 17 00:00:00 2001 From: Jakub Kujawa Date: Thu, 23 Nov 2023 19:28:14 +0100 Subject: [PATCH 04/30] =?UTF-8?q?=F0=9F=8C=88=20style(just):=20format=20ju?= =?UTF-8?q?stfile?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../usr/share/ublue-os/just/60-custom.just | 46 ++++++++++--------- 1 file changed, 24 insertions(+), 22 deletions(-) diff --git a/config/files/usr/share/ublue-os/just/60-custom.just b/config/files/usr/share/ublue-os/just/60-custom.just index bc43448d01..cdee7959f8 100644 --- a/config/files/usr/share/ublue-os/just/60-custom.just +++ b/config/files/usr/share/ublue-os/just/60-custom.just @@ -3,31 +3,33 @@ # Install JetBrains Toolbox | https://www.jetbrains.com/toolbox-app/ jetbrains-toolbox: - #!/usr/bin/env bash - pushd "$(mktemp -d)" - echo "Get latest JetBrains Toolbox version" - # Get the json with latest releases - curl -sSfL -o releases.json "https://data.services.jetbrains.com/products/releases?code=TBA&latest=true&type=release" - # Extract information - BUILD_VERSION=$(jq -r '.TBA[0].build' ./releases.json) - DOWNLOAD_LINK=$(jq -r '.TBA[0].downloads.linux.link' ./releases.json) - CHECKSUM_LINK=$(jq -r '.TBA[0].downloads.linux.checksumLink' ./releases.json) - echo "Installing JetBrains Toolbox ${BUILD_VERSION}" - curl -sSfL -O "${DOWNLOAD_LINK}" - curl -sSfL "${CHECKSUM_LINK}" | sha256sum -c - tar zxf jetbrains-toolbox-"${BUILD_VERSION}".tar.gz - echo "Launching JetBrains Toolbox" - ./jetbrains-toolbox-"${BUILD_VERSION}"/jetbrains-toolbox + #!/usr/bin/env bash + pushd "$(mktemp -d)" + echo "Get latest JetBrains Toolbox version" + + # Get the json with latest releases + curl -sSfL -o releases.json "https://data.services.jetbrains.com/products/releases?code=TBA&latest=true&type=release" + + # Extract information + BUILD_VERSION=$(jq -r '.TBA[0].build' ./releases.json) + DOWNLOAD_LINK=$(jq -r '.TBA[0].downloads.linux.link' ./releases.json) + CHECKSUM_LINK=$(jq -r '.TBA[0].downloads.linux.checksumLink' ./releases.json) + echo "Installing JetBrains Toolbox ${BUILD_VERSION}" + curl -sSfL -O "${DOWNLOAD_LINK}" + curl -sSfL "${CHECKSUM_LINK}" | sha256sum -c + tar zxf jetbrains-toolbox-"${BUILD_VERSION}".tar.gz + echo "Launching JetBrains Toolbox" + ./jetbrains-toolbox-"${BUILD_VERSION}"/jetbrains-toolbox # Run the yafti setup tool yafti: - yafti /usr/share/ublue-os/firstboot/yafti.yml -f + yafti /usr/share/ublue-os/firstboot/yafti.yml -f # Install mamba | https://github.com/conda-forge/miniforge mamba: - #!/usr/bin/env bash - pushd "$(mktemp -d)" - echo "Get latest Miniforge3 version" - curl -L -O "https://github.com/conda-forge/miniforge/releases/latest/download/Miniforge3-$(uname)-$(uname -m).sh" - HOMEDIR=$( getent passwd "$USER" | cut -d: -f6 ) - bash Miniforge3-$(uname)-$(uname -m).sh -b -p "${HOMEDIR}/mambaforge/" + #!/usr/bin/env bash + pushd "$(mktemp -d)" + echo "Get latest Miniforge3 version" + curl -L -O "https://github.com/conda-forge/miniforge/releases/latest/download/Miniforge3-$(uname)-$(uname -m).sh" + HOMEDIR=$( getent passwd "$USER" | cut -d: -f6 ) + bash Miniforge3-$(uname)-$(uname -m).sh -b -p "${HOMEDIR}/mambaforge/" From 5b06e250fbe5b83cb437d95d849a225f00119eaa Mon Sep 17 00:00:00 2001 From: Jakub Kujawa Date: Thu, 23 Nov 2023 19:31:51 +0100 Subject: [PATCH 05/30] =?UTF-8?q?=F0=9F=90=9E=20fix(just):=20try=20to=20fi?= =?UTF-8?q?x=20just=20syntax=20(part=202)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config/files/usr/share/ublue-os/just/60-custom.just | 4 ---- 1 file changed, 4 deletions(-) diff --git a/config/files/usr/share/ublue-os/just/60-custom.just b/config/files/usr/share/ublue-os/just/60-custom.just index cdee7959f8..c34d4f175e 100644 --- a/config/files/usr/share/ublue-os/just/60-custom.just +++ b/config/files/usr/share/ublue-os/just/60-custom.just @@ -6,11 +6,7 @@ jetbrains-toolbox: #!/usr/bin/env bash pushd "$(mktemp -d)" echo "Get latest JetBrains Toolbox version" - - # Get the json with latest releases curl -sSfL -o releases.json "https://data.services.jetbrains.com/products/releases?code=TBA&latest=true&type=release" - - # Extract information BUILD_VERSION=$(jq -r '.TBA[0].build' ./releases.json) DOWNLOAD_LINK=$(jq -r '.TBA[0].downloads.linux.link' ./releases.json) CHECKSUM_LINK=$(jq -r '.TBA[0].downloads.linux.checksumLink' ./releases.json) From 8fafec97d9c59cfca3f84d6eec6a9ad7655d6f24 Mon Sep 17 00:00:00 2001 From: Jakub Kujawa Date: Thu, 23 Nov 2023 19:33:46 +0100 Subject: [PATCH 06/30] =?UTF-8?q?=F0=9F=90=9E=20fix(just):=20try=20to=20fi?= =?UTF-8?q?x=20just=20syntax=20(part=203)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config/files/usr/share/ublue-os/just/60-custom.just | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/files/usr/share/ublue-os/just/60-custom.just b/config/files/usr/share/ublue-os/just/60-custom.just index c34d4f175e..4a89c10773 100644 --- a/config/files/usr/share/ublue-os/just/60-custom.just +++ b/config/files/usr/share/ublue-os/just/60-custom.just @@ -17,10 +17,12 @@ jetbrains-toolbox: echo "Launching JetBrains Toolbox" ./jetbrains-toolbox-"${BUILD_VERSION}"/jetbrains-toolbox + # Run the yafti setup tool yafti: yafti /usr/share/ublue-os/firstboot/yafti.yml -f + # Install mamba | https://github.com/conda-forge/miniforge mamba: #!/usr/bin/env bash From d3818c7f76b55049348e6a9641fae09419c5444e Mon Sep 17 00:00:00 2001 From: Jakub Kujawa Date: Thu, 23 Nov 2023 19:36:50 +0100 Subject: [PATCH 07/30] =?UTF-8?q?=F0=9F=90=8E=20ci(build):=20remove=20chec?= =?UTF-8?q?king=20just=20syntax?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/build.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8d227307a2..58b1887622 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -41,9 +41,6 @@ jobs: - name: Checkout Push to Registry action uses: actions/checkout@v4 - - name: Check just syntax - uses: ublue-os/just-action@v1 - - name: Add yq (for reading recipe.yml) uses: mikefarah/yq@v4.40.2 From 9c9907d752eba5fabc54fe2683c3ecb80146e5b4 Mon Sep 17 00:00:00 2001 From: Jakub Kujawa Date: Fri, 24 Nov 2023 21:30:27 +0100 Subject: [PATCH 08/30] feat: Update 60-custom.just file This commit adds a new script `install-pdm` to the `60-custom.just` file. The `install-pdm` script installs pdm, a modern Python package and dependency manager, by downloading and executing a Python script. The script also checks the integrity of the downloaded file using its SHA256 hash. The installation path for pdm is set to the user's home directory. --- .../usr/share/ublue-os/just/60-custom.just | 32 +++++-------------- 1 file changed, 8 insertions(+), 24 deletions(-) diff --git a/config/files/usr/share/ublue-os/just/60-custom.just b/config/files/usr/share/ublue-os/just/60-custom.just index 4a89c10773..1b51fecfe5 100644 --- a/config/files/usr/share/ublue-os/just/60-custom.just +++ b/config/files/usr/share/ublue-os/just/60-custom.just @@ -1,33 +1,17 @@ !include 100-bling.just # Include some of your custom scripts here! -# Install JetBrains Toolbox | https://www.jetbrains.com/toolbox-app/ -jetbrains-toolbox: - #!/usr/bin/env bash - pushd "$(mktemp -d)" - echo "Get latest JetBrains Toolbox version" - curl -sSfL -o releases.json "https://data.services.jetbrains.com/products/releases?code=TBA&latest=true&type=release" - BUILD_VERSION=$(jq -r '.TBA[0].build' ./releases.json) - DOWNLOAD_LINK=$(jq -r '.TBA[0].downloads.linux.link' ./releases.json) - CHECKSUM_LINK=$(jq -r '.TBA[0].downloads.linux.checksumLink' ./releases.json) - echo "Installing JetBrains Toolbox ${BUILD_VERSION}" - curl -sSfL -O "${DOWNLOAD_LINK}" - curl -sSfL "${CHECKSUM_LINK}" | sha256sum -c - tar zxf jetbrains-toolbox-"${BUILD_VERSION}".tar.gz - echo "Launching JetBrains Toolbox" - ./jetbrains-toolbox-"${BUILD_VERSION}"/jetbrains-toolbox - - # Run the yafti setup tool yafti: yafti /usr/share/ublue-os/firstboot/yafti.yml -f - -# Install mamba | https://github.com/conda-forge/miniforge -mamba: + +# Install pdm (modern Python package and dependency manager) | https://pdm-project.org/latest/ +install-pdm: #!/usr/bin/env bash - pushd "$(mktemp -d)" - echo "Get latest Miniforge3 version" - curl -L -O "https://github.com/conda-forge/miniforge/releases/latest/download/Miniforge3-$(uname)-$(uname -m).sh" + cd ~/Downloads || exit + curl -sSLO https://pdm-project.org/install-pdm.py + curl -sSL https://pdm-project.org/install-pdm.py.sha256 | sha256sum -c - HOMEDIR=$( getent passwd "$USER" | cut -d: -f6 ) - bash Miniforge3-$(uname)-$(uname -m).sh -b -p "${HOMEDIR}/mambaforge/" + python3 install-pdm.py --path "${HOMEDIR}/pdm" + rm install-pdm.py \ No newline at end of file From d0af9ce748267b854a9d6ae524285ef40322c0da Mon Sep 17 00:00:00 2001 From: qoijjj <129108030+qoijjj@users.noreply.github.com> Date: Sat, 25 Nov 2023 23:57:43 -0800 Subject: [PATCH 09/30] fix: typo (#199) --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 01767d0491..20e5d875a8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,5 +1,5 @@ # This workflow builds every branch of the repository daily at 16:30 UTC, one hour after ublue-os/nvidia builds. -# The images are also built after pushuing changes or pull requests. +# The images are also built after pushing changes or pull requests. # The builds can also be triggered manually in the Actions tab thanks to workflow dispatch. # Only the branch called `live` is published. From f9815500095d8edb8f0cb31f4fc6af1505de982e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 28 Nov 2023 17:37:16 +0000 Subject: [PATCH 10/30] build(deps): bump mikefarah/yq from 4.40.2 to 4.40.3 (#200) Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.40.2 to 4.40.3. - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](https://github.com/mikefarah/yq/compare/v4.40.2...v4.40.3) --- updated-dependencies: - dependency-name: mikefarah/yq dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 20e5d875a8..33fd6933e1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -58,7 +58,7 @@ jobs: uses: ublue-os/just-action@v1 - name: Add yq (for reading recipe.yml) - uses: mikefarah/yq@v4.40.2 + uses: mikefarah/yq@v4.40.3 - name: Gather image data from recipe run: | From 6bd56ddc920f0ea85a7012c5a25bba46916e8805 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Dec 2023 21:44:01 +0000 Subject: [PATCH 11/30] build(deps): bump mikefarah/yq from 4.40.3 to 4.40.4 Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.40.3 to 4.40.4. - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](https://github.com/mikefarah/yq/compare/v4.40.3...v4.40.4) --- updated-dependencies: - dependency-name: mikefarah/yq dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9174381c56..5e80af0d9a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -42,7 +42,7 @@ jobs: uses: actions/checkout@v4 - name: Add yq (for reading recipe.yml) - uses: mikefarah/yq@v4.40.3 + uses: mikefarah/yq@v4.40.4 - name: Gather image data from recipe run: | From 525412fcf254a4251a47f3e32390e51066658f0c Mon Sep 17 00:00:00 2001 From: David Personette Date: Sun, 10 Dec 2023 01:24:26 -0500 Subject: [PATCH 12/30] Fix: release-iso.yml to not fail if no images are returned (#202) Builds started failing once #195 was merged. This fixed the release-iso workflow for me. --- .github/workflows/release-iso.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-iso.yml b/.github/workflows/release-iso.yml index 4b17e8d8fe..90afd21cf5 100644 --- a/.github/workflows/release-iso.yml +++ b/.github/workflows/release-iso.yml @@ -35,7 +35,7 @@ jobs: GITHUB_TOKEN: ${{ github.token }} run: | if gh release list -R ${{ github.repository_owner }}/${{ github.event.repository.name }} | grep "auto-iso"; then - gh release view auto-iso -R ${{ github.repository_owner }}/${{ github.event.repository.name }} --json assets -q .assets[].name | xargs -L 1 gh release delete-asset auto-iso -R ${{ github.repository_owner }}/${{ github.event.repository.name }} + gh release view auto-iso -R ${{ github.repository_owner }}/${{ github.event.repository.name }} --json assets -q .assets[].name | xargs --no-run-if-empty -L 1 gh release delete-asset auto-iso -R ${{ github.repository_owner }}/${{ github.event.repository.name }} gh release upload auto-iso ${{ steps.isogenerator.outputs.iso-path }} -R ${{ github.repository_owner }}/${{ github.event.repository.name }} --clobber else gh release create auto-iso ${{ steps.isogenerator.outputs.iso-path }} -t ISO -n "This is an automatically generated ISO release." -R ${{ github.repository_owner }}/${{ github.event.repository.name }} From 9aa7bb27404d97e862eb6065096a23ad2b6ea7f7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 10 Dec 2023 15:58:59 +0000 Subject: [PATCH 13/30] build(deps): bump mikefarah/yq from 4.40.3 to 4.40.4 (#201) Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.40.3 to 4.40.4. - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](https://github.com/mikefarah/yq/compare/v4.40.3...v4.40.4) --- updated-dependencies: - dependency-name: mikefarah/yq dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 33fd6933e1..61f22e97e3 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -58,7 +58,7 @@ jobs: uses: ublue-os/just-action@v1 - name: Add yq (for reading recipe.yml) - uses: mikefarah/yq@v4.40.3 + uses: mikefarah/yq@v4.40.4 - name: Gather image data from recipe run: | From f432ff4accc5a30eea7b31912aaafa9942b62f7e Mon Sep 17 00:00:00 2001 From: plata Date: Wed, 13 Dec 2023 20:10:52 +0100 Subject: [PATCH 14/30] fix: do not format just files in CI (#205) --- .github/workflows/build.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 61f22e97e3..e35cdc0fae 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -54,9 +54,6 @@ jobs: - name: Checkout Push to Registry action uses: actions/checkout@v4 - - name: Check just syntax - uses: ublue-os/just-action@v1 - - name: Add yq (for reading recipe.yml) uses: mikefarah/yq@v4.40.4 From d124a99d38549f8aaa0d4722f69f9a40dbd43ca5 Mon Sep 17 00:00:00 2001 From: Menno Finlay-Smits Date: Sun, 17 Dec 2023 23:31:35 +1300 Subject: [PATCH 15/30] feat: Check that cosign.pub matches private key (#193) This avoids images which can't be updated due to `invalid signature` errors because cosign.pub doesn't match the private key actually used for signing. The error is caught early in the build process as there's no point creating an image if cosign.pub is wrong. Co-authored-by: mjs --- .github/workflows/build.yml | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e35cdc0fae..ec476cbe68 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -54,6 +54,28 @@ jobs: - name: Checkout Push to Registry action uses: actions/checkout@v4 + # Confirm that cosign.pub matches SIGNING_SECRET + - uses: sigstore/cosign-installer@v3.2.0 + if: github.event_name != 'pull_request' && github.ref == 'refs/heads/live' + + - name: Check SIGNING_SECRET matches cosign.pub + if: github.event_name != 'pull_request' && github.ref == 'refs/heads/live' + env: + COSIGN_EXPERIMENTAL: false + COSIGN_PASSWORD: "" + COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }} + shell: bash + run: | + echo "Checking for difference between public key from SIGNING_SECRET and cosign.pub" + delta=$(diff -u <(cosign public-key --key env://COSIGN_PRIVATE_KEY) cosign.pub) + if [ -z "$delta" ]; then + echo "cosign.pub matches SIGNING_SECRET" + else + echo "cosign.pub does not match SIGNING_SECRET" + echo "$delta" + exit 1 + fi + - name: Add yq (for reading recipe.yml) uses: mikefarah/yq@v4.40.4 @@ -180,9 +202,6 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} # Sign container - - uses: sigstore/cosign-installer@v3.2.0 - if: github.event_name != 'pull_request' && github.ref == 'refs/heads/live' - - name: Sign container image if: github.event_name != 'pull_request' && github.ref == 'refs/heads/live' run: | From be8810523e2b8e0c2cc5ae46281014e9f910c9d0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Dec 2023 17:51:00 +0000 Subject: [PATCH 16/30] build(deps): bump mikefarah/yq from 4.40.4 to 4.40.5 (#207) Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.40.4 to 4.40.5. - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](https://github.com/mikefarah/yq/compare/v4.40.4...v4.40.5) --- updated-dependencies: - dependency-name: mikefarah/yq dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ec476cbe68..744920686a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -77,7 +77,7 @@ jobs: fi - name: Add yq (for reading recipe.yml) - uses: mikefarah/yq@v4.40.4 + uses: mikefarah/yq@v4.40.5 - name: Gather image data from recipe run: | From b597ecd833fb2a477fee8d6d1ca26ca9ec4ce795 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Dec 2023 17:59:24 +0000 Subject: [PATCH 17/30] build(deps): bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (#208) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 744920686a..2f961cf1f4 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -55,7 +55,7 @@ jobs: uses: actions/checkout@v4 # Confirm that cosign.pub matches SIGNING_SECRET - - uses: sigstore/cosign-installer@v3.2.0 + - uses: sigstore/cosign-installer@v3.3.0 if: github.event_name != 'pull_request' && github.ref == 'refs/heads/live' - name: Check SIGNING_SECRET matches cosign.pub From d6806f9327c84406d4f63c3d7c533b55c858e589 Mon Sep 17 00:00:00 2001 From: xyny <60004820+xynydev@users.noreply.github.com> Date: Wed, 27 Dec 2023 10:20:53 +0000 Subject: [PATCH 18/30] chore: migrate justfile to import https://github.com/ublue-os/config/issues/178 --- config/files/usr/share/ublue-os/just/60-custom.just | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/files/usr/share/ublue-os/just/60-custom.just b/config/files/usr/share/ublue-os/just/60-custom.just index bd38c97020..b077bd3224 100644 --- a/config/files/usr/share/ublue-os/just/60-custom.just +++ b/config/files/usr/share/ublue-os/just/60-custom.just @@ -1,2 +1,2 @@ -!include 100-bling.just +import 100-bling.just # Include some of your custom scripts here! From f35d3c25445c4963e99c35b043d154a68998f971 Mon Sep 17 00:00:00 2001 From: xyny <60004820+xynydev@users.noreply.github.com> Date: Sun, 31 Dec 2023 10:39:17 +0000 Subject: [PATCH 19/30] fix: add single quotes for paths --- config/files/usr/share/ublue-os/just/60-custom.just | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/files/usr/share/ublue-os/just/60-custom.just b/config/files/usr/share/ublue-os/just/60-custom.just index b077bd3224..9fbf49282e 100644 --- a/config/files/usr/share/ublue-os/just/60-custom.just +++ b/config/files/usr/share/ublue-os/just/60-custom.just @@ -1,2 +1,2 @@ -import 100-bling.just +import '100-bling.just' # Include some of your custom scripts here! From 52e6a456ad47d52ccd45b10a5164e8d6359b725a Mon Sep 17 00:00:00 2001 From: RJ Trujillo Date: Sun, 31 Dec 2023 03:41:45 -0700 Subject: [PATCH 20/30] feat(ci): Verify base image with cosign before building (#211) * feat(ci): Verify base image with cosign before building Validates the integrity of the base image being built from via cosign before continuing to build. Ensures we only build with signed images * fix(ci): Extract base image name from base image URL for verification --- .github/workflows/build.yml | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2f961cf1f4..34638af9d7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,13 +43,6 @@ jobs: # !!! steps: - - name: Maximize build space - uses: AdityaGarg8/remove-unwanted-software@v1 - with: - remove-dotnet: 'true' - remove-android: 'true' - remove-haskell: 'true' - # Checkout push-to-registry action GitHub repository - name: Checkout Push to Registry action uses: actions/checkout@v4 @@ -84,7 +77,14 @@ jobs: echo "IMAGE_NAME=$(yq '.name' ./config/${{ matrix.recipe }})" >> $GITHUB_ENV echo "IMAGE_DESCRIPTION=$(yq '.description' ./config/${{ matrix.recipe }})" >> $GITHUB_ENV echo "IMAGE_MAJOR_VERSION=$(yq '.image-version' ./config/${{ matrix.recipe }})" >> $GITHUB_ENV - echo "BASE_IMAGE_URL=$(yq '.base-image' ./config/${{ matrix.recipe }})" >> $GITHUB_ENV + BASE_IMAGE=$(yq '.base-image' ./config/${{ matrix.recipe }}) + echo "BASE_IMAGE_URL=$BASE_IMAGE" >> $GITHUB_ENV + echo "BASE_IMAGE_NAME=$(echo $BASE_IMAGE | sed 's/.*\/.*\///')" >> $GITHUB_ENV + + - name: Verify base image + uses: EyeCantCU/cosign-action/verify@v0.2.1 + with: + containers: ${{ env.BASE_IMAGE_NAME }}:${{ env.IMAGE_MAJOR_VERSION }} - name: Get current version id: labels @@ -158,6 +158,13 @@ jobs: with: string: ${{ env.IMAGE_NAME }} + - name: Maximize build space + uses: AdityaGarg8/remove-unwanted-software@v1 + with: + remove-dotnet: 'true' + remove-android: 'true' + remove-haskell: 'true' + # Build image using Buildah action - name: Build Image id: build_image From 4963395cd11a91753ae5c356f35a4614da4cf9d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Jan 2024 18:25:34 +0000 Subject: [PATCH 21/30] build(deps): bump EyeCantCU/cosign-action from 0.2.1 to 0.2.2 (#220) Bumps [EyeCantCU/cosign-action](https://github.com/eyecantcu/cosign-action) from 0.2.1 to 0.2.2. - [Release notes](https://github.com/eyecantcu/cosign-action/releases) - [Changelog](https://github.com/EyeCantCU/cosign-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/eyecantcu/cosign-action/compare/v0.2.1...v0.2.2) --- updated-dependencies: - dependency-name: EyeCantCU/cosign-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 34638af9d7..e8f2c16368 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,7 +82,7 @@ jobs: echo "BASE_IMAGE_NAME=$(echo $BASE_IMAGE | sed 's/.*\/.*\///')" >> $GITHUB_ENV - name: Verify base image - uses: EyeCantCU/cosign-action/verify@v0.2.1 + uses: EyeCantCU/cosign-action/verify@v0.2.2 with: containers: ${{ env.BASE_IMAGE_NAME }}:${{ env.IMAGE_MAJOR_VERSION }} From 6b2584ff0cc73b82984bbc3b5ed7ce2cd5f5add6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Jan 2024 18:32:57 +0000 Subject: [PATCH 22/30] build(deps): bump AdityaGarg8/remove-unwanted-software from 1 to 2 (#219) Bumps [AdityaGarg8/remove-unwanted-software](https://github.com/adityagarg8/remove-unwanted-software) from 1 to 2. - [Release notes](https://github.com/adityagarg8/remove-unwanted-software/releases) - [Commits](https://github.com/adityagarg8/remove-unwanted-software/compare/v1...v2) --- updated-dependencies: - dependency-name: AdityaGarg8/remove-unwanted-software dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e8f2c16368..74d86e1419 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -159,7 +159,7 @@ jobs: string: ${{ env.IMAGE_NAME }} - name: Maximize build space - uses: AdityaGarg8/remove-unwanted-software@v1 + uses: AdityaGarg8/remove-unwanted-software@v2 with: remove-dotnet: 'true' remove-android: 'true' From 80b3ac0ffdf8624086ea95ce7a1181a1bc5f08ce Mon Sep 17 00:00:00 2001 From: fiftydinar <65243233+fiftydinar@users.noreply.github.com> Date: Fri, 12 Jan 2024 12:23:15 +0100 Subject: [PATCH 23/30] feat: Bump ISO generator to v2.3.0 (#221) Installs secure boot/akmod key on all images --- .github/workflows/release-iso.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-iso.yml b/.github/workflows/release-iso.yml index 90afd21cf5..4ad0a4fbf9 100644 --- a/.github/workflows/release-iso.yml +++ b/.github/workflows/release-iso.yml @@ -18,7 +18,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Generate ISO - uses: ublue-os/isogenerator@v2.2.0 + uses: ublue-os/isogenerator@v2.3.0 id: isogenerator with: image-name: ${{ github.event.repository.name }} From df4f3301ae1f8ef7da1a8970895680b64e014866 Mon Sep 17 00:00:00 2001 From: fiftydinar <65243233+fiftydinar@users.noreply.github.com> Date: Sun, 14 Jan 2024 18:24:03 +0100 Subject: [PATCH 24/30] feat: Add akmods module (#212) * feat: Add kmods installer module Credits: @C0dePlayer This is not ideal as it does not support custom kernels & it involves editing Containerfile. I believe there is no other way but to make users edit Containerfile for those files to be even pulled of. I would like this to be through the recipe only, so I will put this as a draft until some better ideas come. * Update Containerfile Related to this: https://github.com/ublue-os/bling/blob/d76cca4f3abc7e0730c45e3d820d36b236194c89/modules/akmods/README.md * Clarify change of akmod version better Part of adding support for Surface & Asus images. --- Containerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Containerfile b/Containerfile index 735aa5d1e1..645cfab205 100644 --- a/Containerfile +++ b/Containerfile @@ -42,6 +42,9 @@ COPY modules /tmp/modules/ # It is copied from the official container image since it's not available as an RPM. COPY --from=docker.io/mikefarah/yq /usr/bin/yq /usr/bin/yq +# Change this if you want different version/tag of akmods. +COPY --from=ghcr.io/ublue-os/akmods:main-39 /rpms /tmp/rpms + # Run the build script, then clean up temp files and finalize container build. RUN chmod +x /tmp/build.sh && /tmp/build.sh && \ rm -rf /tmp/* /var/* && ostree container commit From 5cf7429540ffe2fe3fae5d712c70e03f93cfc00b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Jan 2024 16:04:37 +0000 Subject: [PATCH 25/30] build(deps): bump ublue-os/isogenerator from 2.3.0 to 2.3.1 (#227) Bumps [ublue-os/isogenerator](https://github.com/ublue-os/isogenerator) from 2.3.0 to 2.3.1. - [Release notes](https://github.com/ublue-os/isogenerator/releases) - [Changelog](https://github.com/ublue-os/isogenerator/blob/main/CHANGELOG.md) - [Commits](https://github.com/ublue-os/isogenerator/compare/v2.3.0...v2.3.1) --- updated-dependencies: - dependency-name: ublue-os/isogenerator dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/release-iso.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-iso.yml b/.github/workflows/release-iso.yml index 4ad0a4fbf9..899f934cfe 100644 --- a/.github/workflows/release-iso.yml +++ b/.github/workflows/release-iso.yml @@ -18,7 +18,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Generate ISO - uses: ublue-os/isogenerator@v2.3.0 + uses: ublue-os/isogenerator@v2.3.1 id: isogenerator with: image-name: ${{ github.event.repository.name }} From dfb6abffa168d0dd227dc9d3a5a8bd9274f63c57 Mon Sep 17 00:00:00 2001 From: xyny <60004820+xynydev@users.noreply.github.com> Date: Wed, 24 Jan 2024 17:10:17 +0000 Subject: [PATCH 26/30] docs: improve modules section in config readme (#209) (#217) --- config/README.md | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/config/README.md b/config/README.md index 946c73f133..53892ed462 100644 --- a/config/README.md +++ b/config/README.md @@ -22,7 +22,7 @@ This repository fetches some useful default modules from [`ublue-os/bling`](http For a comprehensive list of modules, their in-depth documentation and example configuration, check out [the Modules page on the website](https://universal-blue.org/tinker/modules/). -### Building multiple images and including module configuration from other files and +### Building multiple images and including module configuration from other files To build multiple images, you need to create another recipe.yml file, which you should name based on what kind of image you want it to build. Then, edit the [`build.yml`](../.github/workflows/build.yml) file. Inside the file, under `jobs: strategy: matrix:`, there's a list of recipe files to build images, which you need to add your new recipe file to. These should be paths to files inside the `config` directory. @@ -39,4 +39,18 @@ install: - dunst - rofi - kitty -``` \ No newline at end of file +``` +An external module can also include multiple modules. +```yaml +# config/common.yml +modules: + - type: files + files: + - usr: /usr + - type: rpm-ostree + install: + - i3 + - dunst + - rofi + - kitty +``` From 535ed937abfa47a47d3c0198792906cae7a60fbb Mon Sep 17 00:00:00 2001 From: xyny <60004820+xynydev@users.noreply.github.com> Date: Wed, 24 Jan 2024 17:14:18 +0000 Subject: [PATCH 27/30] docs: change outdated info about minor module envvar (#216) --- modules/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/README.md b/modules/README.md index 9aac8899e1..40a8bc8f73 100644 --- a/modules/README.md +++ b/modules/README.md @@ -6,7 +6,7 @@ Each module intended for public usage should include a `README.md` file inside i Modules get only the configuration options given to them in the recipe.yml, not the configuration of other modules or any top-level keys. The configuration is given as the first argument as a single-line json string. You can check out the default modules for examples on how to parse such string using `yq` or `jq`. -Additionally, each module has access to four environment variables, `CONFIG_DIRECTORY` pointing to the Startingpoint directory in `/usr/share/ublue-os/`, `IMAGE_NAME` being the name of the image as declared in the recipe, `BASE_IMAGE` being the URL of the container image used as the base (FROM) in the image, and `OS_VERSION` being the `VERSION_ID` from `/usr/lib/os-release`. +Additionally, each module has access to four environment variables, `CONFIG_DIRECTORY` pointing to the directory containing the confiuration files for the build (`/tmp/config`), `IMAGE_NAME` being the name of the image as declared in the recipe, `BASE_IMAGE` being the URL of the container image used as the base (FROM) in the image, and `OS_VERSION` being the `VERSION_ID` from `/usr/lib/os-release`. When running modules, the working directory is the `CONFIG_DIRECTORY`. From d2fe7e68eb5b44ccf0adf6e1b0d70fc646bb9aea Mon Sep 17 00:00:00 2001 From: Jakub Kujawa Date: Wed, 24 Jan 2024 19:16:36 +0100 Subject: [PATCH 28/30] Remove silverflow-nvidia-38.yml from build matrix --- .github/workflows/build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 21389000ff..94ca058b07 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -30,7 +30,6 @@ jobs: matrix: recipe: - - silverflow-nvidia-38.yml - silverflow-nvidia-39.yml steps: From 496d547357319971acc992e52dd5b458494ccb00 Mon Sep 17 00:00:00 2001 From: Jakub Kujawa Date: Wed, 24 Jan 2024 19:26:17 +0100 Subject: [PATCH 29/30] Update cosign public key --- cosign.pub | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cosign.pub b/cosign.pub index 94dbca0eac..ec2a2c65c3 100644 --- a/cosign.pub +++ b/cosign.pub @@ -1,4 +1,4 @@ -----BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXYzStePguRGhjLNuWA9i5YNlW6JN -8l+feUSk8ItS8bbgpzaVexBEawOS+0td2YA2svct01p7LKWaggywLMFXBQ== +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMHM7/qr9HTYvKHqBliMZsThvkiUE +htJYXuleEJmQP7FJZWUd+Z6Eui+io/ZjV54jJSkg3r1eFap5tKwiuwTTmA== -----END PUBLIC KEY----- \ No newline at end of file From ea3126aa03c8b44d8cab08ba22b3dbdef041ff9b Mon Sep 17 00:00:00 2001 From: Jakub Kujawa Date: Wed, 24 Jan 2024 19:29:14 +0100 Subject: [PATCH 30/30] Update cosign.pub public key --- cosign.pub | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cosign.pub b/cosign.pub index ec2a2c65c3..ae827c3895 100644 --- a/cosign.pub +++ b/cosign.pub @@ -1,4 +1,4 @@ -----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMHM7/qr9HTYvKHqBliMZsThvkiUE htJYXuleEJmQP7FJZWUd+Z6Eui+io/ZjV54jJSkg3r1eFap5tKwiuwTTmA== ------END PUBLIC KEY----- \ No newline at end of file +-----END PUBLIC KEY-----