feat: example for build matrixing with RCL

.github/workflows/100-build-rcl.yml

@@ -0,0 +1,68 @@
+name: bluebuild
+on:
+  push:
+    paths:
+      - "100-rcl/**"
+      - ".github/workflows/100-build-rcl.yml"
+    branches:
+      - main
+
+  pull_request:
+  workflow_dispatch: # allow manually triggering builds
+jobs:
+  rcl:
+    name: Build recipe files with rcl
+    runs-on: ubuntu-latest
+    outputs:
+      recipe-matrix: ${{ steps.rcl.outputs.recipe-matrix }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install rcl
+        run: |
+          git clone https://github.com/ruuda/rcl.git /tmp/rcl
+          cd /tmp/rcl && cargo build --release
+          sudo cp target/release/rcl /usr/local/bin/
+
+      - name: Build recipe files
+        id: rcl
+        run: |
+          RCL_OUTPUT=$(rcl build ./100-rcl/recipes.rcl)
+          RECIPE_FILENAMES=$(echo "$RCL_OUTPUT" | awk '{ print $2 }' | sed -e 's/^recipes\///')
+          RECIPE_FILENAMES_JSON=$(echo "$RECIPE_FILENAMES" | jq --compact-output --raw-input '[inputs]')
+          MATRIX_JSON=$(jq -cn --argjson recipes "${RECIPE_FILENAMES_JSON[@]}" '{ recipes: $recipes }')
+
+          echo "recipe-matrix=$MATRIX_JSON" >> $GITHUB_OUTPUT
+
+      - uses: actions/upload-artifact@v4
+        with:
+          name: recipes
+          path: ./100-rcl/recipes/
+  bluebuild:
+    name: Build Custom Image
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
+    needs: rcl
+    strategy:
+      fail-fast: false # stop GH from cancelling all matrix builds if one fails
+      matrix: ${{ fromJson(needs.rcl.outputs.recipe-matrix) }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/download-artifact@v4
+        with:
+          name: recipes
+          path: ./100-rcl/recipes/
+
+      - name: Build Custom Image
+        uses: blue-build/[email protected]
+        with:
+          recipe: ${{ matrix.recipe }}
+          working_directory: ./100-rcl
+          cosign_private_key: ${{ secrets.SIGNING_SECRET }}
+          registry_token: ${{ github.token }}
+          pr_event_number: ${{ github.event.number }}
+          skip_checkout: true

100-rcl/.gitignore

@@ -0,0 +1 @@
+*.yml

100-rcl/README.md

@@ -0,0 +1,2 @@
+# Easy build matrixing with [RCL](https://rcl-lang.org/)
+

100-rcl/cosign.pub

@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEliM5WSdh8GEB5c9ffB+/RJJAbAkT
+Rkdfr9RsoSjPITV0foGyvoiQ06DCiaTgaj6kBG2rUHPXEgIH5B2IlPJMRw==
+-----END PUBLIC KEY-----

100-rcl/recipes.rcl

@@ -0,0 +1,66 @@
+let project = {
+    name = "test",
+    description = "My test project.",
+    base-images = "ghcr.io/ublue-os"
+};
+
+let gts-version = 40;
+
+{
+    for base-image in ["kinoite", "silverblue"]:
+    for nvidia in [true, false]:
+    for image-version in [gts-version, "latest"]:
+
+    let nvidia-suffix = if nvidia: "-nvidia" else: "";
+
+    f"recipes/recipe-{base-image}{nvidia-suffix}-{image-version}.yml": {
+        format = "json",
+        contents = {
+            name = f"{project.name}-{base-image}{nvidia-suffix}",
+            description =
+                f"""
+                {project.description}
+                ({base-image}{nvidia-suffix} edition, {if image-version == gts-version: "GTS" else "latest"} version)
+                """,
+
+            base-image = f"{project.base-images}/{base-image}{nvidia-suffix}",
+            image-version = image-version,
+
+            if image-version == gts-version:
+                alt-tags = [
+                    "gts"
+                ],
+
+            modules = [
+                {
+                    type = "files",
+                    files = [
+                        {
+                            source = "system",
+                            destination = "/",
+                        },
+                        if nvidia:
+                        {
+                            source = "system_nvidia",
+                            destination = "/",
+                        }
+                    ]
+                },
+                {
+                    type = "default-flatpaks",
+                    user = {
+                        install = [
+                            "org.kde.krita",
+                            "org.fedoraproject.MediaWriter"
+                        ]
+                    }
+                },
+                if nvidia: {
+                    type = "script",
+                    script = "nvidia-setup.sh"
+                },
+                { type = "signing" }
+            ]
+        }
+    }
+}