feat: modules useful for vanilla os

modules/apt-get/apt-get.sh

@@ -0,0 +1,65 @@
+#!/usr/bin/env bash
+
+# Tell build process to exit if there are any errors.
+set -euo pipefail
+
+NO_RECOMMENDS=$(echo "${1}" | yq -I=0 ".no-recommends")
+if [[ -z "${NO_RECOMMENDS}" || "${NO_RECOMMENDS}" == "null" ]]; then
+    NO_RECOMMENDS=false
+fi
+
+INSTALL_SUGGESTS=$(echo "${1}" | yq -I=0 ".install-suggests")
+if [[ -z "${INSTALL_SUGGESTS}" || "${INSTALL_SUGGESTS}" == "null" ]]; then
+    INSTALL_SUGGESTS=false
+fi
+
+FIX_MISSING=$(echo "${1}" | yq -I=0 ".fix-missing")
+if [[ -z "${FIX_MISSING}" || "${FIX_MISSING}" == "null" ]]; then
+    FIX_MISSING=false
+fi
+
+FIX_BROKEN=$(echo "${1}" | yq -I=0 ".fix-broken")
+if [[ -z "${FIX_BROKEN}" || "${FIX_BROKEN}" == "null" ]]; then
+    FIX_BROKEN=false
+fi
+
+if [[ ${NO_RECOMMENDS} == true ]]; then
+    APT_ARGS+=("--no-install-recommends")
+fi
+
+if [[ ${INSTALL_SUGGESTS} == true ]]; then
+    APT_ARGS+=("--install-suggests")
+fi
+
+if [[ ${FIX_MISSING} == true ]]; then
+    APT_ARGS+=("--fix-missing")
+fi
+
+if [[ ${FIX_BROKEN} == true ]]; then
+    APT_ARGS+=("--fix-broken")
+fi
+
+# get_yaml_array INSTALL_PKGS '.install[]' "$1"
+
+INSTALL_PKGS=("https://discord.com/api/download?platform=linux&format=deb" "micro")
+
+if [[ ${#INSTALL_PKGS[@]} -gt 0 ]]; then
+  for PKG in "${INSTALL_PKGS[@]}"; do
+      if [[ "${PKG}" =~ ^https?:\/\/.* ]]; then
+        PKG_PATH=$(mktemp --suffix=".deb")
+        wget -O "${PKG_PATH}" "${PKG}"
+        wait
+        PROCESSED_INSTALL_PKGS+=("${PKG_PATH}")
+      else
+        PROCESSED_INSTALL_PKGS+=("${PKG}")
+      fi
+  done
+fi
+
+# shellcheck disable=SC2068
+apt-get install -y ${APT_ARGS[@]} "${PROCESSED_INSTALL_PKGS[@]}"
+
+get_yaml_array REMOVE_PKGS '.remove[]' "$1"
+apt-get remove -y "${REMOVE_PKGS[@]}"
+
+apt-get clean

modules/signing/signing.sh

@@ -3,47 +3,56 @@
 # Tell build process to exit if there are any errors.
 set -euo pipefail
 
-CONTAINER_DIR="/usr/etc/containers"
-MODULE_DIRECTORY="${MODULE_DIRECTORY:-"/tmp/modules"}"
-IMAGE_NAME_FILE="${IMAGE_NAME//\//_}"
-
-echo "Setting up container signing in policy.json and cosign.yaml for $IMAGE_NAME"
-echo "Registry to write: $IMAGE_REGISTRY"
-
-if ! [ -d "$CONTAINER_DIR" ]; then
-    mkdir -p "$CONTAINER_DIR"
-fi
-
-if ! [ -d $CONTAINER_DIR/registries.d ]; then
-   mkdir -p "$CONTAINER_DIR/registries.d"
-fi
-
-if ! [ -d "/usr/etc/pki/containers" ]; then
-    mkdir -p "/usr/etc/pki/containers"
-fi
-
-if ! [ -f "$CONTAINER_DIR/policy.json" ]; then
-    cp "$MODULE_DIRECTORY/signing/policy.json" "$CONTAINER_DIR/policy.json"
-fi
-
-if ! [ -f "/usr/etc/pki/containers/$IMAGE_NAME_FILE.pub" ]; then
-    cp "/usr/share/ublue-os/cosign.pub" "/usr/etc/pki/containers/$IMAGE_NAME_FILE.pub"
-fi
-
-POLICY_FILE="$CONTAINER_DIR/policy.json"
-
-yq -i -o=j '.transports.docker |=
-    {"'"$IMAGE_REGISTRY"'/'"$IMAGE_NAME"'": [
-            {
-                "type": "sigstoreSigned",
-                "keyPath": "/usr/etc/pki/containers/'"$IMAGE_NAME_FILE"'.pub",
-                "signedIdentity": {
-                    "type": "matchRepository"
+if grep -q OSTREE /etc/os-release; then
+    echo "Detected OSTREE"
+
+    CONTAINER_DIR="/usr/etc/containers"
+    MODULE_DIRECTORY="${MODULE_DIRECTORY:-"/tmp/modules"}"
+    IMAGE_NAME_FILE="${IMAGE_NAME//\//_}"
+
+    echo "Setting up container signing in policy.json and cosign.yaml for $IMAGE_NAME"
+    echo "Registry to write: $IMAGE_REGISTRY"
+
+    if ! [ -d "$CONTAINER_DIR" ]; then
+        mkdir -p "$CONTAINER_DIR"
+    fi
+
+    if ! [ -d $CONTAINER_DIR/registries.d ]; then
+    mkdir -p "$CONTAINER_DIR/registries.d"
+    fi
+
+    if ! [ -d "/usr/etc/pki/containers" ]; then
+        mkdir -p "/usr/etc/pki/containers"
+    fi
+
+    if ! [ -f "$CONTAINER_DIR/policy.json" ]; then
+        cp "$MODULE_DIRECTORY/signing/policy.json" "$CONTAINER_DIR/policy.json"
+    fi
+
+    if ! [ -f "/usr/etc/pki/containers/$IMAGE_NAME_FILE.pub" ]; then
+        cp "/usr/share/ublue-os/cosign.pub" "/usr/etc/pki/containers/$IMAGE_NAME_FILE.pub"
+    fi
+
+    POLICY_FILE="$CONTAINER_DIR/policy.json"
+
+    yq -i -o=j '.transports.docker |=
+        {"'"$IMAGE_REGISTRY"'/'"$IMAGE_NAME"'": [
+                {
+                    "type": "sigstoreSigned",
+                    "keyPath": "/usr/etc/pki/containers/'"$IMAGE_NAME_FILE"'.pub",
+                    "signedIdentity": {
+                        "type": "matchRepository"
+                    }
                 }
-            }
-        ]
-    }
-+ .' "$POLICY_FILE"
-
-mv "$MODULE_DIRECTORY/signing/registry-config.yaml" "$CONTAINER_DIR/registries.d/$IMAGE_NAME_FILE.yaml"
-sed -i "s ghcr.io/IMAGENAME $IMAGE_REGISTRY g" "$CONTAINER_DIR/registries.d/$IMAGE_NAME_FILE.yaml"
+            ]
+        }
+    + .' "$POLICY_FILE"
+
+    mv "$MODULE_DIRECTORY/signing/registry-config.yaml" "$CONTAINER_DIR/registries.d/$IMAGE_NAME_FILE.yaml"
+    sed -i "s ghcr.io/IMAGENAME $IMAGE_REGISTRY g" "$CONTAINER_DIR/registries.d/$IMAGE_NAME_FILE.yaml"
+elif grep -q "Vanilla OS" /etc/os-release; then
+    echo "Detected Vanilla OS"
+    USERNAME="${IMAGE_REGISTRY##*/}"
+    jq -r ".name |= \"$USERNAME/$IMAGE_NAME\"" /usr/share/abroot/abroot.json > /usr/share/abroot/abroot_tmp.json
+    mv /usr/share/abroot/abroot_tmp.json /usr/share/abroot/abroot.json
+fi