Skip to content

Commit

Permalink
Add Fedora Kinoite with Calamres for first boot
Browse files Browse the repository at this point in the history
The same logic will be used to produce the Asahi remix images.
  • Loading branch information
travier committed Jun 4, 2024
1 parent 2cd1eca commit 1fe2754
Show file tree
Hide file tree
Showing 2 changed files with 124 additions and 0 deletions.
107 changes: 107 additions & 0 deletions .github/workflows/fedora-kinoite-calamares.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
name: "Build Fedora Kinoite Calamares image"

env:
NAME: "fedora-kinoite-calamares"
REGISTRY: "quay.io/travier"
BASEIMAGE: "quay.io/fedora-ostree-desktops/kinoite:rawhide"

on:
pull_request:
branches:
- main
paths:
- 'fedora-kinoite-calamares/**'
- '.github/workflows/fedora-kinoite-calamares.yml'
push:
branches:
- main
paths:
- 'fedora-kinoite-calamares/**'
- '.github/workflows/fedora-kinoite-calamares.yml'
# schedule:
# - cron: '0 4 * * *'
workflow_dispatch:
inputs:
version:
description: 'Override version label (org.opencontainers.image.version)'
required: false
default: ''

permissions: read-all

# Prevent multiple workflow runs from racing to ensure that pushes are made
# sequentialy for the main branch. Also cancel in progress workflow runs for
# pull requests only.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}

jobs:
build-push-image:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4

- name: Figure out version
id: version
run: |
set -exo pipefail
if [[ -n ${VERSION} ]]; then
version="${VERSION}"
else
version_base="$(skopeo inspect docker://${BASEIMAGE} | jq -r '.Labels."org.opencontainers.image.version"')"
version_derived="$(skopeo inspect docker://${REGISTRY}/${NAME} | jq -r '.Labels."org.opencontainers.image.version"')"
if [[ "${version_base}" == "${version_derived}" ]]; then
patch="${version_base##*\.}"
((patch++)) || true
version="${version_base%\.*}.${patch}"
else
version="${version_base}"
fi
fi
echo "Using version: ${version}"
echo "version=${version}" >> "$GITHUB_OUTPUT"
env:
VERSION: ${{ inputs.version }}

- name: Build container image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.NAME }}
tags: latest
containerfiles: ${{ env.NAME }}/Containerfile
context: ${{ env.NAME }}
layers: false
oci: true
labels: org.opencontainers.image.version=${{ steps.version.outputs.version }}

- name: Push to Container Registry
uses: redhat-actions/push-to-registry@v2
id: push
if: (github.event_name == 'push' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
with:
username: ${{ secrets.BOT_USERNAME }}
password: ${{ secrets.BOT_SECRET }}
image: ${{ env.NAME }}
registry: ${{ env.REGISTRY }}
tags: latest

- name: Login to Container Registry
uses: redhat-actions/podman-login@v1
if: (github.event_name == 'push' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.BOT_USERNAME }}
password: ${{ secrets.BOT_SECRET }}

- uses: sigstore/[email protected]
if: (github.event_name == 'push' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'

- name: Sign container image
if: (github.event_name == 'push' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main'
run: |
cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY }}/${{ env.NAME }}@${{ steps.push.outputs.digest }}
env:
COSIGN_EXPERIMENTAL: false
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
17 changes: 17 additions & 0 deletions fedora-kinoite-calamares/Containerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Location not final and subject to change!
# FROM quay.io/travier-redhat/kinoite-asahi:40
FROM quay.io/quay.io/fedora-ostree-desktops/kinoite:40

LABEL org.opencontainers.image.title="Fedora Kinoite Calamares"
LABEL org.opencontainers.image.description="Fedora Kinoite Calamares (First Boot)"
LABEL org.opencontainers.image.source="https://github.com/travier/fedora-kinoite"
LABEL org.opencontainers.image.licenses="MIT"
LABEL quay.expires-after=""

# Missing anaconda-tools
RUN rpm-ostree install \
calamares-firstboot-config
&& \
systemctl enable calamares-firstboot.service \
&& \
ostree container commit

0 comments on commit 1fe2754

Please sign in to comment.