diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index 57047d10..64f5fc0a 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -7,7 +7,7 @@ on: required: true type: string env: - IMAGE_NAME: akmods + IMAGE_BASE_NAME: akmods IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} concurrency: @@ -36,14 +36,7 @@ jobs: cfile_suffix: - common - nvidia - nvidia_version: - - 0 - - 550 exclude: - - cfile_suffix: common - nvidia_version: 550 - - cfile_suffix: nvidia - nvidia_version: 0 - kernel_flavor: asus fedora_version: 38 - kernel_flavor: surface @@ -56,7 +49,6 @@ jobs: kernel_flavor: fsync # kernel-fsync packages are not being built for F40 yet. - fedora_version: 40 kernel_flavor: fsync-lts - steps: # Checkout push-to-registry action GitHub repository - name: Checkout Push to Registry action @@ -65,14 +57,23 @@ jobs: - name: Matrix Variables shell: bash run: | + if [ "common" == "${{ matrix.cfile_suffix }}" ]; then + echo "IMAGE_NAME=${{ env.IMAGE_BASE_NAME }}" >> $GITHUB_ENV + else + echo "IMAGE_NAME=${{ env.IMAGE_BASE_NAME }}-${{ matrix.cfile_suffix }}" >> $GITHUB_ENV + fi if [[ "${{ matrix.fedora_version }}" -ge "41" ]]; then # when we are confident of official fedora images we can switch to them - echo "SOURCE_IMAGE=fedora-silverblue" >> $GITHUB_ENV - echo "SOURCE_ORG=fedora" >> $GITHUB_ENV + export SOURCE_IMAGE=fedora-silverblue + export SOURCE_ORG=fedora else - echo "SOURCE_IMAGE=base" >> $GITHUB_ENV - echo "SOURCE_ORG=fedora-ostree-desktops" >> $GITHUB_ENV + export SOURCE_IMAGE=base + export SOURCE_ORG=fedora-ostree-desktops fi + echo "FQ_SOURCE_IMAGE=quay.io/${SOURCE_ORG}/${SOURCE_IMAGE}:${{ matrix.fedora_version }}" >> $GITHUB_ENV + echo "SOURCE_IMAGE=${SOURCE_IMAGE}" >> $GITHUB_ENV + echo "SOURCE_ORG=${SOURCE_ORG}" >> $GITHUB_ENV + - name: Generate tags id: generate-tags @@ -80,11 +81,7 @@ jobs: run: | # Generate a timestamp for creating an image version history TIMESTAMP="$(date +%Y%m%d)" - if [[ "${{ matrix.cfile_suffix }}" == "nvidia" ]]; then - VARIANT="${{ matrix.kernel_flavor }}-${{ matrix.fedora_version }}-${{ matrix.nvidia_version }}" - else - VARIANT="${{ matrix.kernel_flavor }}-${{ matrix.fedora_version }}" - fi + VARIANT="${{ matrix.kernel_flavor }}-${{ matrix.fedora_version }}" COMMIT_TAGS=() BUILD_TAGS=() @@ -125,27 +122,71 @@ jobs: # DEBUG: get character count of key wc -c certs/private_key.priv - - name: Get current version - id: labels + - name: Pull build image uses: Wandalen/wretry.action@v2.1.0 with: attempt_limit: 3 attempt_delay: 15000 command: | - set -eo pipefail - skopeo inspect docker://quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }} > inspect.json - ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json) + # pull the base image used for FROM in containerfile so + # we can retry on that unfortunately common failure case + podman pull ${{ env.FQ_SOURCE_IMAGE }} + + - name: Get current version + run: | + set -eo pipefail + + # skopeo must always run to inspect image labels for build version + skopeo inspect docker://${{ env.FQ_SOURCE_IMAGE }} > inspect.json + ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json) + if [ -z "$ver" ] || [ "null" = "$ver" ]; then + echo "inspected image version must not be empty or null" + exit 1 + fi + + if [ "main" == "${{ matrix.kernel_flavor }}" ]; then + # main kernel_flavor: use ostree.linux to determine kernel version linux=$(jq -r '.Labels["ostree.linux"]' inspect.json) - if [ -z "$ver" ] || [ "null" = "$ver" ]; then - echo "inspected image version must not be empty or null" - exit 1 - fi - if [ -z "$linux" ] || [ "null" = "$linux" ]; then - echo "inspected image linux version must not be empty or null" - exit 1 - fi - echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV - echo "SOURCE_IMAGE_LINUX=$linux" >> $GITHUB_ENV + else + # other kernel_flavor: start container use dnf to find kernel version + container_name="fq-$(uuidgen)" + podman run --entrypoint /bin/bash --name "$container_name" -dt "${{ env.FQ_SOURCE_IMAGE }}" + podman exec $container_name rpm-ostree install dnf dnf-plugins-core + + # Fetch kernel version + dnf="podman exec $container_name dnf" + case "${{ matrix.kernel_flavor }}" in + "asus") + $dnf copr enable -y lukenukem/asus-kernel + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:lukenukem:asus-kernel --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "fsync") + $dnf copr enable -y sentry/kernel-fsync + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:sentry:kernel-fsync --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "fsync-lts") + $dnf copr enable -y sentry/kernel-ba + linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:sentry:kernel-ba --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "main") + linux=$($dnf repoquery --whatprovides kernel | tail -n1 | sed 's/.*://') + ;; + "surface") + $dnf config-manager --add-repo=https://pkg.surfacelinux.com/fedora/linux-surface.repo + linux=$($dnf repoquery --repoid linux-surface --whatprovides kernel-surface | tail -n1 | sed 's/.*://') + ;; + *) + echo "unexpected kernel_flavor '${{ matrix.kernel_flavor }}' for dnf repoquery" + ;; + esac + fi + + if [ -z "$linux" ] || [ "null" = "$linux" ]; then + echo "inspected image linux version must not be empty or null" + exit 1 + fi + echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV + echo "KERNEL_VERSION=$linux" >> $GITHUB_ENV # Build metadata - name: Image Metadata @@ -153,25 +194,15 @@ jobs: id: meta with: images: | - ${{ 'nvidia' == matrix.cfile_suffix && format('{0}-nvidia', env.IMAGE_NAME) || format('{0}', env.IMAGE_NAME) }} + ${{ env.IMAGE_NAME }} labels: | - org.opencontainers.image.title=${{ env.IMAGE_NAME }} + org.opencontainers.image.title=${{ env.IMAGE_BASE_NAME }} org.opencontainers.image.description=A caching layer for pre-built akmod RPMs org.opencontainers.image.version=${{ env.SOURCE_IMAGE_VERSION }} - ostree.linux=${{ env.SOURCE_IMAGE_LINUX }} + ostree.linux=${{ env.KERNEL_VERSION }} io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/1728152?s=200&v=4 - - name: Pull build image - uses: Wandalen/wretry.action@v2.1.0 - with: - attempt_limit: 3 - attempt_delay: 15000 - command: | - # pull the base image used for FROM in containerfile so - # we can retry on that unfortunately common failure case - podman pull quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }} - # Build image using Buildah action - name: Build Image id: build_image @@ -179,15 +210,15 @@ jobs: with: containerfiles: | ./Containerfile.${{ matrix.cfile_suffix }} - image: ${{ 'nvidia' == matrix.cfile_suffix && format('{0}-nvidia', env.IMAGE_NAME) || format('{0}', env.IMAGE_NAME) }} + image: ${{ env.IMAGE_NAME }} tags: | ${{ steps.generate-tags.outputs.alias_tags }} build-args: | SOURCE_IMAGE=${{ env.SOURCE_IMAGE }} SOURCE_ORG=${{ env.SOURCE_ORG }} KERNEL_FLAVOR=${{ matrix.kernel_flavor }} + KERNEL_VERSION=${{ env.KERNEL_VERSION }} FEDORA_MAJOR_VERSION=${{ matrix.fedora_version }} - NVIDIA_MAJOR_VERSION=${{ matrix.nvidia_version }} RPMFUSION_MIRROR=${{ vars.RPMFUSION_MIRROR }} labels: ${{ steps.meta.outputs.labels }} oci: false diff --git a/Containerfile.common b/Containerfile.common index 755faee3..91ac3955 100644 --- a/Containerfile.common +++ b/Containerfile.common @@ -11,6 +11,7 @@ ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}" FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS builder ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}" ARG KERNEL_FLAVOR="{KERNEL_FLAVOR:-main}" +ARG KERNEL_VERSION="" ARG RPMFUSION_MIRROR="" COPY build*.sh /tmp diff --git a/Containerfile.nvidia b/Containerfile.nvidia index be0fad5f..fffeb0b8 100644 --- a/Containerfile.nvidia +++ b/Containerfile.nvidia @@ -1,8 +1,8 @@ ### -### Containerfile.nvidia - used to build ONLY NVIDIA kmods (one driver version per build) +### Containerfile.nvidia - used to build ONLY NVIDIA kmods ### -#Build from base, simpley because it's the smallest image +#Build from base, simply because it's the smallest image ARG SOURCE_IMAGE="${SOURCE_IMAGE:-base}" ARG SOURCE_ORG="${SOURCE_ORG:-fedora-ostree-desktops}" ARG BASE_IMAGE="quay.io/${SOURCE_ORG}/${SOURCE_IMAGE}" @@ -10,8 +10,8 @@ ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}" FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS builder ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}" -ARG NVIDIA_MAJOR_VERSION="${NVIDIA_MAJOR_VERSION:-550}" ARG KERNEL_FLAVOR="{KERNEL_FLAVOR:-main}" +ARG KERNEL_VERSION="" ARG RPMFUSION_MIRROR="" COPY build*.sh /tmp @@ -39,7 +39,7 @@ RUN if grep -qv "surface" <<< "${KERNEL_FLAVOR}"; then \ ; else \ export KERNEL_NAME="kernel-surface" \ ; fi && \ - /tmp/build-kmod-nvidia.sh ${NVIDIA_MAJOR_VERSION} + /tmp/build-kmod-nvidia.sh 550 RUN cp /tmp/ublue-os-nvidia-addons/rpmbuild/RPMS/noarch/ublue-os-nvidia-addons*.rpm \ /var/cache/rpms/ublue-os/ diff --git a/README.md b/README.md index 96f82e6f..76ea0f59 100644 --- a/README.md +++ b/README.md @@ -40,21 +40,21 @@ The [`akmods` image](https://github.com/orgs/ublue-os/packages/container/package Here's a rundown on how it's organized. -We do our best to support all current builds of Fedora, current versions of the kernel modules listed, and in the case of NVIDIA current (550). -**Note: NVIDIA legacy driver version 470 is no longer provided as RPMfusion has ceased updates to the package and it no longer builds with kernel 6.8 which has now released for Fedora 38 and 39.** +We do our best to support all current builds of Fedora, current versions of the kernel modules listed, and the latest NVIDIA driver. +**Note: NVIDIA legacy driver version 470 is no longer provided as RPMfusion has ceased updates to the package and it no longer builds with kernel 6.8 which has now released for Fedora 38 and 39. Also the `-550` extra driver version tag has been removed as the latest driver will always be included.** The majority of the drivers are tagged with `KERNEL_TYPE-FEDORA_RELEASE`. NVIDIA drivers are bundled distinctly with tag `KERNEL_TYPE-FEDORA_RELEASE-NVIDIA_VERSION`. | KERNEL_TYPE | FEDORA_RELEASE | TAG | | - | - | - | -| Fedora stock kernel | 38 | `main-38`, `main-38-550` | -| | 39 | `main-39`, `main-39-550` | -| | 40 | `main-40`, `main-40-550` | -| [patched for ASUS devices](https://copr.fedorainfracloud.org/coprs/lukenukem/asus-kernel) | 39 | `asus-39`, `asus-39-550` | -| | 40 | `asus-40`, `asus-40-550` | -| [patched fsync](https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync) | 39 | `fsync-39`, `fsync-39-550` | -| [patched Microsoft Surface devices](https://github.com/linux-surface/linux-surface/) | 39 | `surface-39`, `surface-39-550` | -| | 40 | `surface-40`, `surface-40-550` | +| Fedora stock kernel | 38 | `main-38` | +| | 39 | `main-39` | +| | 40 | `main-40` | +| [patched for ASUS devices](https://copr.fedorainfracloud.org/coprs/lukenukem/asus-kernel) | 39 | `asus-39`| +| | 40 | `asus-40` | +| [patched fsync](https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync) | 39 | `fsync-39` | +| [patched Microsoft Surface devices](https://github.com/linux-surface/linux-surface/) | 39 | `surface-39` | +| | 40 | `surface-40` | diff --git a/build-kmod-nvidia.sh b/build-kmod-nvidia.sh index 2948701e..0113481c 100755 --- a/build-kmod-nvidia.sh +++ b/build-kmod-nvidia.sh @@ -34,7 +34,7 @@ akmods --force --kernels "${KERNEL_VERSION}" --kmod "${NVIDIA_PACKAGE_NAME}" modinfo /usr/lib/modules/${KERNEL_VERSION}/extra/${NVIDIA_PACKAGE_NAME}/nvidia{,-drm,-modeset,-peermem,-uvm}.ko.xz > /dev/null || \ (cat /var/cache/akmods/${NVIDIA_PACKAGE_NAME}/${NVIDIA_AKMOD_VERSION}-for-${KERNEL_VERSION}.failed.log && exit 1) -cat < /var/cache/rpms/kmods/nvidia-vars.${NVIDIA_MAJOR_VERSION} +cat < /var/cache/rpms/kmods/nvidia-vars KERNEL_VERSION=${KERNEL_VERSION} RELEASE=${RELEASE} NVIDIA_PACKAGE_NAME=${NVIDIA_PACKAGE_NAME} diff --git a/build-prep.sh b/build-prep.sh index d29f186d..e1b5be00 100755 --- a/build-prep.sh +++ b/build-prep.sh @@ -42,10 +42,15 @@ if [ -n "${RPMFUSION_MIRROR}" ]; then sed -i "s%^#baseurl=http://download1.rpmfusion.org%baseurl=${RPMFUSION_MIRROR}%" /etc/yum.repos.d/rpmfusion-*.repo fi +# required for main and surface when fedora repo has updated kernel beyond what was in the image +curl -L -o /etc/yum.repos.d/fedora-coreos-pool.repo \ + https://raw.githubusercontent.com/coreos/fedora-coreos-config/testing-devel/fedora-coreos-pool.repo + ### PREPARE CUSTOM KERNEL SUPPORT if [[ "asus" == "${KERNEL_FLAVOR}" ]]; then echo "Installing ASUS Kernel:" - wget https://copr.fedorainfracloud.org/coprs/lukenukem/asus-kernel/repo/fedora-$(rpm -E %fedora)/lukenukem-asus-kernel-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_lukenukem-asus-kernel.repo + curl -L -o /etc/yum.repos.d/_copr_lukenukem-asus-kernel.repo \ + https://copr.fedorainfracloud.org/coprs/lukenukem/asus-kernel/repo/fedora-$(rpm -E %fedora)/lukenukem-asus-kernel-fedora-$(rpm -E %fedora).repo rpm-ostree cliwrap install-to-root / rpm-ostree override replace \ --experimental \ @@ -59,7 +64,8 @@ if [[ "asus" == "${KERNEL_FLAVOR}" ]]; then kernel-modules-extra elif [[ "fsync-lts" == "${KERNEL_FLAVOR}" ]]; then echo "Installing fsync-lts kernel:" - wget https://copr.fedorainfracloud.org/coprs/sentry/kernel-ba/repo/fedora-$(rpm -E %fedora)/sentry-kernel-ba-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_sentry-kernel-ba.repo + curl -L -o /etc/yum.repos.d/_copr_sentry-kernel-ba.repo \ + https://copr.fedorainfracloud.org/coprs/sentry/kernel-ba/repo/fedora-$(rpm -E %fedora)/sentry-kernel-ba-fedora-$(rpm -E %fedora).repo rpm-ostree cliwrap install-to-root / rpm-ostree override replace \ --experimental \ @@ -73,7 +79,8 @@ elif [[ "fsync-lts" == "${KERNEL_FLAVOR}" ]]; then kernel-modules-extra elif [[ "fsync" == "${KERNEL_FLAVOR}" ]]; then echo "Installing fsync kernel:" - wget https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync/repo/fedora-$(rpm -E %fedora)/sentry-kernel-fsync-fedora-$(rpm -E %fedora).repo -O /etc/yum.repos.d/_copr_sentry-kernel-fsync.repo + curl -L -o /etc/yum.repos.d/_copr_sentry-kernel-fsync.repo \ + https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync/repo/fedora-$(rpm -E %fedora)/sentry-kernel-fsync-fedora-$(rpm -E %fedora).repo rpm-ostree cliwrap install-to-root / rpm-ostree override replace \ --experimental \ @@ -88,9 +95,10 @@ elif [[ "fsync" == "${KERNEL_FLAVOR}" ]]; then elif [[ "surface" == "${KERNEL_FLAVOR}" ]]; then echo "Installing Surface Kernel:" # Add Linux Surface repo - wget https://pkg.surfacelinux.com/fedora/linux-surface.repo -P /etc/yum.repos.d - wget https://github.com/linux-surface/linux-surface/releases/download/silverblue-20201215-1/kernel-20201215-1.x86_64.rpm -O \ - /tmp/surface-kernel.rpm + curl -L -o /etc/yum.repos.d/linux-surface.repo \ + https://pkg.surfacelinux.com/fedora/linux-surface.repo + curl -L -o /tmp/surface-kernel.rpm \ + https://github.com/linux-surface/linux-surface/releases/download/silverblue-20201215-1/kernel-20201215-1.x86_64.rpm rpm-ostree cliwrap install-to-root / rpm-ostree override replace /tmp/surface-kernel.rpm \ --remove kernel-core \ @@ -103,8 +111,18 @@ elif [[ "surface" == "${KERNEL_FLAVOR}" ]]; then --install kernel-surface-modules \ --install kernel-surface-modules-core \ --install kernel-surface-modules-extra +elif [[ "main" == "${KERNEL_FLAVOR}" ]] && \ + [[ "" != "${KERNEL_VERSION}" ]]; then + echo "main kernel version ${KERNEL_VERSION} to avoid upgrading kernel beyond what is in the image." + rpm-ostree cliwrap install-to-root / + rpm-ostree install \ + kernel-devel-${KERNEL_VERSION} \ + kernel-devel-matched-${KERNEL_VERSION} else - echo "Default main kernel needs no customization." + echo "Default main kernel without a specific version." + rpm-ostree install \ + kernel-devel \ + kernel-devel-matched fi