Build ISOs #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build ISOs | |
on: | |
pull_request: | |
branches: | |
- main | |
paths: | |
- ".github/workflows/build_iso.yml" | |
workflow_dispatch: | |
workflow_call: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-iso | |
cancel-in-progress: true | |
jobs: | |
build-iso: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
id-token: write | |
strategy: | |
fail-fast: false | |
matrix: | |
image_name: | |
- beyond | |
fedora_version: | |
- 40 | |
env: | |
IMAGE_TAG: ${{ matrix.fedora_version }}-amd64 | |
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} | |
steps: | |
- name: Free Disk Space | |
uses: jlumbroso/[email protected] | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set Image Tag | |
id: generate-tag | |
shell: bash | |
run: | | |
TAG="stable" | |
if [[ "${{ github.ref_name }}" == "testing" ]]; then | |
TAG="testing" | |
fi | |
# Would like to implement in the future. This will allow us to support image tags from a PR. | |
#if [[ github.event.number ]]; then | |
# TAG="pr-${{ github.event.number }}-${{ matrix.major_version }}" | |
#fi | |
echo "tag=${TAG}" >> $GITHUB_OUTPUT | |
- name: Get Flatpak Dependencies | |
id: flatpak-dependencies | |
env: | |
IMAGE: ${{ env.IMAGE_REGISTRY }}/${{ matrix.image_name }}:${{ env.IMAGE_TAG }} | |
shell: bash | |
run: | | |
set -euox pipefail | |
# Make temp space | |
TEMP_FLATPAK_INSTALL_DIR=$(mktemp -d -p ${{ github.workspace }} flatpak.XXX) | |
FLATPAK_REFS_DIR=DIR=${{ github.workspace }}/flatpak | |
mkdir -p "${FLATPAK_REFS_DIR}" | |
mv flatpaks.txt "${FLATPAK_REFS_DIR_ABS}/flatpaks.txt" | |
# Read the list of Flatpak refs | |
FLATPAK_REFS=() | |
while IFS= read -r line; do | |
FLATPAK_REFS+=("$line") | |
done < <(cat "${FLATPAK_REFS_DIR}/core.txt" "${FLATPAK_REFS_DIR}/incubator.txt" "${FLATPAK_REFS_DIR}/circle.txt") | |
# Generate install script | |
cat << EOF > ${TEMP_FLATPAK_INSTALL_DIR}/script.sh | |
cat /temp_flatpak_install_dir/script.sh | |
mkdir -p /flatpak/flatpak /flatpak/triggers | |
mkdir /var/tmp || true | |
chmod -R 1777 /var/tmp | |
flatpak config --system --set languages "*" | |
flatpak remote-add --system flathub https://dl.flathub.org/repo/flathub.flatpakrepo | |
flatpak install --system --noninteractive flathub ${FLATPAK_REFS[@]} | |
ostree refs --repo=\${FLATPAK_SYSTEM_DIR}/repo | grep '^deploy/' | grep -v 'org\.freedesktop\.Platform\.openh264' | sed 's/^deploy\///g' > /output/flatpaks_with_deps | |
EOF | |
docker run --rm --privileged \ | |
--entrypoint bash \ | |
-e FLATPAK_SYSTEM_DIR=/flatpak/flatpak \ | |
-e FLATPAK_TRIGGERSDIR=/flatpak/triggers \ | |
--volume ${FLATPAK_REFS_DIR}:/output \ | |
--volume ${TEMP_FLATPAK_INSTALL_DIR}:/temp_flatpak_install_dir \ | |
${IMAGE} /temp_flatpak_install_dir/script.sh | |
docker rmi ${IMAGE} | |
echo "FLATPAK_REFS_DIR=${FLATPAK_REFS_DIR}" >> $GITHUB_OUTPUT | |
- name: Build ISOs | |
uses: jasonn3/[email protected] | |
id: build | |
with: | |
arch: x86_64 | |
image_name: ${{ matrix.image_name }} | |
image_repo: ${{ env.IMAGE_REGISTRY }} | |
variant: Silverblue | |
version: ${{ matrix.fedora_version }} | |
image_tag: ${{ env.IMAGE_TAG }} | |
secure_boot_key_url: "https://github.com/ublue-os/akmods/raw/main/certs/public_key.der" | |
enrollment_password: "universalblue" | |
iso_name: ${{ matrix.image_name }}-${{ env.IMAGE_TAG }}.iso | |
enable_cache_dnf: "false" | |
enable_cache_skopeo: "false" | |
flatpak_remote_refs_dir: ${{ steps.flatpak-dependencies.outputs.FLATPAK_REFS_DIR }} | |
enable_flatpak_dependencies: "false" | |
- name: Upload ISOs and Checksum to Job Artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ matrix.image_name }}-${{ env.IMAGE_TAG }} | |
path: | | |
${{ steps.build.outputs.iso_path }} | |
${{ steps.build.outputs.iso_path }}-CHECKSUM | |
if-no-files-found: error | |
retention-days: 0 | |
compression-level: 0 | |
overwrite: true |