From 349bf6a1fb40feaf55afa8b0dd5396a5ab92a31c Mon Sep 17 00:00:00 2001 From: xyny Date: Tue, 4 Feb 2025 20:05:15 +0200 Subject: [PATCH 1/2] feat: initial version of RCL example --- .github/workflows/100-build-rcl.yml | 65 ++++++++++++++++++++++++++++ 100-rcl/.gitignore | 1 + 100-rcl/README.md | 2 + 100-rcl/cosign.pub | 4 ++ 100-rcl/recipes.rcl | 66 +++++++++++++++++++++++++++++ 5 files changed, 138 insertions(+) create mode 100644 .github/workflows/100-build-rcl.yml create mode 100644 100-rcl/.gitignore create mode 100644 100-rcl/README.md create mode 100644 100-rcl/cosign.pub create mode 100644 100-rcl/recipes.rcl diff --git a/.github/workflows/100-build-rcl.yml b/.github/workflows/100-build-rcl.yml new file mode 100644 index 0000000..a8d178e --- /dev/null +++ b/.github/workflows/100-build-rcl.yml @@ -0,0 +1,65 @@ +name: bluebuild +on: + push: + paths-ignore: # don't rebuild if only documentation has changed + - "**.md" + + pull_request: + workflow_dispatch: # allow manually triggering builds +jobs: + rcl: + name: Build recipe files with rcl + runs-on: ubuntu-latest + outputs: + recipe-matrix: ${{ steps.rcl.outputs.recipe-matrix }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install rcl + run: | + git clone https://github.com/ruuda/rcl.git /tmp/rcl + cd /tmp/rcl && cargo build --release + sudo cp target/release/rcl /usr/local/bin/ + + - name: Build recipe files + id: rcl + run: | + RCL_OUTPUT=$(rcl build ./100-rcl/recipes.rcl) + RECIPE_FILENAMES=$(echo "$RCL_OUTPUT" | awk '{ print $2 }' | sed -e 's/^recipes\///') + RECIPE_FILENAMES_JSON=$(echo "$RECIPE_FILENAMES" | jq --compact-output --raw-input '[inputs]') + MATRIX_JSON=$(jq -cn --argjson recipes "${RECIPE_FILENAMES_JSON[@]}" '{ recipes: $recipes }') + + echo "recipe-matrix=$MATRIX_JSON" >> $GITHUB_OUTPUT + + - uses: actions/upload-artifact@v4 + with: + name: recipes + path: ./100-rcl/recipes/ + bluebuild: + name: Build Custom Image + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + id-token: write + needs: rcl + strategy: + fail-fast: false # stop GH from cancelling all matrix builds if one fails + matrix: ${{ fromJson(needs.rcl.outputs.recipe-matrix) }} + steps: + - uses: actions/checkout@v4 + - uses: actions/download-artifact@v4 + with: + name: recipes + path: ./100-rcl/recipes/ + + - name: Build Custom Image + uses: blue-build/github-action@v1.8 + with: + recipe: ${{ matrix.recipe }} + working_directory: ./100-rcl + cosign_private_key: ${{ secrets.SIGNING_SECRET }} + registry_token: ${{ github.token }} + pr_event_number: ${{ github.event.number }} + skip_checkout: true diff --git a/100-rcl/.gitignore b/100-rcl/.gitignore new file mode 100644 index 0000000..ad30bfe --- /dev/null +++ b/100-rcl/.gitignore @@ -0,0 +1 @@ +*.yml \ No newline at end of file diff --git a/100-rcl/README.md b/100-rcl/README.md new file mode 100644 index 0000000..f20d47a --- /dev/null +++ b/100-rcl/README.md @@ -0,0 +1,2 @@ +# Easy build matrixing with [RCL](https://rcl-lang.org/) + diff --git a/100-rcl/cosign.pub b/100-rcl/cosign.pub new file mode 100644 index 0000000..d90ac20 --- /dev/null +++ b/100-rcl/cosign.pub @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEliM5WSdh8GEB5c9ffB+/RJJAbAkT +Rkdfr9RsoSjPITV0foGyvoiQ06DCiaTgaj6kBG2rUHPXEgIH5B2IlPJMRw== +-----END PUBLIC KEY----- diff --git a/100-rcl/recipes.rcl b/100-rcl/recipes.rcl new file mode 100644 index 0000000..dc06f13 --- /dev/null +++ b/100-rcl/recipes.rcl @@ -0,0 +1,66 @@ +let project = { + name = "test", + description = "My test project.", + base-images = "ghcr.io/ublue-os" +}; + +let gts-version = 40; + +{ + for base-image in ["kinoite", "silverblue"]: + for nvidia in [true, false]: + for image-version in [gts-version, "latest"]: + + let nvidia-suffix = if nvidia: "-nvidia" else: ""; + + f"recipes/recipe-{base-image}{nvidia-suffix}-{image-version}.yml": { + format = "json", + contents = { + name = f"{project.name}-{base-image}{nvidia-suffix}", + description = + f""" + {project.description} + ({base-image}{nvidia-suffix} edition, {if image-version == gts-version: "GTS" else "latest"} version) + """, + + base-image = f"{project.base-images}/{base-image}{nvidia-suffix}", + image-version = image-version, + + if image-version == gts-version: + alt-tags = [ + "gts" + ], + + modules = [ + { + type = "files", + files = [ + { + source = "system", + destination = "/", + }, + if nvidia: + { + source = "system_nvidia", + destination = "/", + } + ] + }, + { + type = "default-flatpaks", + user = { + install = [ + "org.kde.krita", + "org.fedoraproject.MediaWriter" + ] + } + }, + if nvidia: { + type = "script", + script = "nvidia-setup.sh" + }, + { type = "signing" } + ] + } + } +} \ No newline at end of file From 21f3196bb829a015cf29e6266399ebe5ad14de3d Mon Sep 17 00:00:00 2001 From: xyny Date: Tue, 4 Feb 2025 20:25:14 +0200 Subject: [PATCH 2/2] fix: improve on-push filters --- .github/workflows/100-build-rcl.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/100-build-rcl.yml b/.github/workflows/100-build-rcl.yml index a8d178e..0edf280 100644 --- a/.github/workflows/100-build-rcl.yml +++ b/.github/workflows/100-build-rcl.yml @@ -1,8 +1,11 @@ name: bluebuild on: push: - paths-ignore: # don't rebuild if only documentation has changed - - "**.md" + paths: + - "100-rcl/**" + - ".github/workflows/100-build-rcl.yml" + branches: + - main pull_request: workflow_dispatch: # allow manually triggering builds