feat: generate stripped-down base image variants

ublue-os · Mar 2, 2023 · ee1d4d4 · ee1d4d4
1 parent 50cbcb4
commit ee1d4d4
Show file tree

Hide file tree

Showing 13 changed files with 104 additions and 282 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -17,7 +17,7 @@ on:
       - '**.md'
       - '**.txt'
 env:
-    IMAGE_NAME: base
+    IMAGE_NAME: main
     IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
 
 jobs:
@@ -32,11 +32,20 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        major_version: [37]
+        image_name: [silverblue, kinoite, vauxite, sericea, base]
+        major_version: [37, 38]
         include:
           - major_version: 37
-            is_latest: true
-            is_stable: true
+            is_latest_version: true
+            is_stable_version: true
+          - major_version: 38
+            is_latest_version: true
+            is_stable_version: false
+        exclude:
+          # There is no Fedora 37 version of sericea
+          # When F38 is added, sericea will automatically be built too
+          - image_name: sericea
+            major_version: 37
     steps: 
       # Checkout push-to-registry action GitHub repository
       - name: Checkout Push to Registry action
@@ -46,24 +55,44 @@ jobs:
         id: generate-tags
         shell: bash
         run: |
-          echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
-          alias_tags=()
-          # Only perform the follow code when the action is spawned from a Pull Request
+          # Generate a timestamp for creating an image version history
+          TIMESTAMP="$(date +%Y%m%d)"
+          MAJOR_VERSION="${{ matrix.major_version }}"
+          COMMIT_TAGS=()
+          BUILD_TAGS=()
+          # Have tags for tracking builds during pull request
+          SHA_SHORT="$(git rev-parse --short HEAD)"
+          COMMIT_TAGS+=("pr-${{ github.event.number }}-${MAJOR_VERSION}")
+          COMMIT_TAGS+=("${SHA_SHORT}-${MAJOR_VERSION}")
+          if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \
+             [[ "${{ matrix.is_stable_version }}" == "true" ]]; then
+              COMMIT_TAGS+=("pr-${{ github.event.number }}")
+              COMMIT_TAGS+=("${SHA_SHORT}")
+          fi
+
+          BUILD_TAGS=("${MAJOR_VERSION}" "${MAJOR_VERSION}-${TIMESTAMP}")
+
+          if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \
+             [[ "${{ matrix.is_stable_version }}" == "true" ]]; then
+              BUILD_TAGS+=("${TIMESTAMP}")
+              BUILD_TAGS+=("latest")
+          fi
+
           if [[ "${{ github.event_name }}" == "pull_request" ]]; then
-            alias_tags+=("pr-${{ github.event.number }}")
+              echo "Generated the following commit tags: "
+              for TAG in "${COMMIT_TAGS[@]}"; do
+                  echo "${TAG}"
+              done
+              alias_tags=("${COMMIT_TAGS[@]}")
           else
-            # The following is run when the timer is triggered or a merge/push to main
-            echo "date=$(date +%Y%m%d)" >> $GITHUB_OUTPUT
-            alias_tags+=("${{ matrix.major_version }}")
-            if [[ "${{ matrix.is_latest }}" == "true" ]]; then
-              alias_tags+=("latest")
-            fi
-            if [[ "${{ matrix.is_stable }}" == "true" ]]; then
-              alias_tags+=("stable")
-            fi
+              alias_tags=("${BUILD_TAGS[@]}")
           fi
+          echo "Generated the following build tags: "
+          for TAG in "${BUILD_TAGS[@]}"; do
+              echo "${TAG}"
+          done
           echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT
-        
+ 
       # Build metadata
       - name: Image Metadata
         uses: docker/metadata-action@v4
@@ -85,9 +114,8 @@ jobs:
           image: ${{ env.IMAGE_NAME }}
           tags: |
             ${{ steps.generate-tags.outputs.alias_tags }}
-            ${{ steps.generate-tags.outputs.date }}
-            ${{ steps.generate-tags.outputs.sha_short }}
           build-args: |
+            IMAGE_NAME=${{ matrix.image_name }}
             FEDORA_MAJOR_VERSION=${{ matrix.major_version }}
           labels: ${{ steps.meta.outputs.labels }}
           oci: false

diff --git a/Containerfile b/Containerfile
@@ -1,31 +1,17 @@
-# Multi-stage build
-ARG FEDORA_MAJOR_VERSION=37
+ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}"
+ARG BASE_IMAGE="quay.io/fedora-ostree-desktops/${IMAGE_NAME}"
+ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-37}"
 
-## Build ublue-os-base
-FROM quay.io/fedora-ostree-desktops/silverblue:${FEDORA_MAJOR_VERSION}
-# See https://pagure.io/releng/issue/11047 for final location
+FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS builder
 
-COPY etc /etc
-COPY usr /usr
+ARG IMAGE_NAME="${IMAGE_NAME}"
 
-COPY ublue-firstboot /usr/bin
-COPY recipe.yml /etc/ublue-recipe.yml
+ADD build.sh /tmp/build.sh
+ADD packages.json /tmp/packages.json
 
-COPY --from=docker.io/mikefarah/yq /usr/bin/yq /usr/bin/yq
+COPY --from=ghcr.io/ublue-os/udev-rules:latest /ublue-os-udev-rules.noarch.rpm /tmp/ublue-os-udev-rules.noarch.rpm
 
-RUN rpm-ostree override remove firefox firefox-langpacks && \
-    echo "-- Installing RPMs defined in recipe.yml --" && \
-    rpm_packages=$(yq '.rpms[]' < /etc/ublue-recipe.yml) && \
-    for pkg in $rpm_packages; do \
-        echo "Installing: ${pkg}" && \
-        rpm-ostree install $pkg; \
-    done && \ 
-    echo "---" && \
-
-    sed -i 's/#AutomaticUpdatePolicy.*/AutomaticUpdatePolicy=stage/' /etc/rpm-ostreed.conf && \
-    systemctl enable rpm-ostreed-automatic.timer && \
-    systemctl enable flatpak-system-update.timer && \
-    rm -rf \
-        /tmp/* \
-        /var/* && \
-    ostree container commit
+RUN /tmp/build.sh
+RUN rm -rf /tmp/*
+RUN ostree container commit
+RUN mkdir -p /var/tmp && chmod -R 1777 /var/tmp
diff --git a/build.sh b/build.sh
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -ouex pipefail
+
+RELEASE="$(rpm -E %fedora)"
+
+INCLUDED_PACKAGES=($(jq -r "[.include | (.all, select(.$IMAGE_NAME != null).$IMAGE_NAME)[]] | unique | sort[]" /tmp/packages.json))
+EXCLUDED_PACKAGES=($(jq -r "[.exclude | (.all, select(.$IMAGE_NAME != null).$IMAGE_NAME)[]] | unique | sort[]" /tmp/packages.json))
+
+if [[ "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then
+    EXCLUDED_PACKAGES=($(rpm -qa --queryformat='%{NAME} ' ${EXCLUDED_PACKAGES[@]}))
+fi
+
+rpm-ostree install \
+    https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-${RELEASE}.noarch.rpm \
+    https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-${RELEASE}.noarch.rpm \
+    /tmp/ublue-os-udev-rules.noarch.rpm \
+    fedora-repos-archive
+
+if [[ "${#INCLUDED_PACKAGES[@]}" -gt 0 && "${#EXCLUDED_PACKAGES[@]}" -eq 0 ]]; then
+    rpm-ostree install \
+        ${INCLUDED_PACKAGES[@]}
+
+elif [[ "${#INCLUDED_PACKAGES[@]}" -eq 0 && "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then
+    rpm-ostree override remove \
+        ${EXCLUDED_PACKAGES[@]}
+
+elif [[ "${#INCLUDED_PACKAGES[@]}" -gt 0 && "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then
+    rpm-ostree override remove \
+        ${EXCLUDED_PACKAGES[@]} \
+        $(printf -- "--install=%s " ${INCLUDED_PACKAGES[@]})
+
+else
+    echo "No packages to install."
+
+fi
diff --git a/etc/justfile b/etc/justfile
diff --git a/etc/profile.d/ublue-firstboot.sh b/etc/profile.d/ublue-firstboot.sh
diff --git a/etc/skel.d/.config/autostart/ublue-firstboot.desktop b/etc/skel.d/.config/autostart/ublue-firstboot.desktop
diff --git a/packages.json b/packages.json
@@ -0,0 +1,8 @@
+{
+    "include": {
+        "all": []
+    },
+    "exclude": {
+        "all": []
+    }
+}
diff --git a/recipe.yml b/recipe.yml
diff --git a/ublue-firstboot b/ublue-firstboot