From 5603cac19c620094101f06a00467094fc042da80 Mon Sep 17 00:00:00 2001 From: Brian Beatty Date: Mon, 6 May 2024 10:41:49 -0500 Subject: [PATCH] feat: update signing key --- .github/workflows/reusable-build.yml | 23 ++++++++++++----------- Containerfile | 10 +++++----- cosign.pub | 4 ++-- 3 files changed, 19 insertions(+), 18 deletions(-) diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index cd120b35..2e3f46c1 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -28,17 +28,17 @@ jobs: - ${{ inputs.fedora_version }} kernel_flavor: - main - - asus - - surface + # - asus + # - surface image_name: - silverblue - - kinoite - - sericea - - onyx - - base - - lazurite - - mate - - vauxite + # - kinoite + # - sericea + # - onyx + # - base + # - lazurite + # - mate + # - vauxite image_target: - main - nvidia @@ -150,12 +150,13 @@ jobs: with: containers: ${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }} registry: ${{ env.IMAGE_REGISTRY }} + pubkey: https://raw.githubusercontent.com/bpbeatty/hwe/main/cosign.pub - name: Verify akmods-nvidia image uses: EyeCantCU/cosign-action/verify@v0.2.2 with: containers: akmods-nvidia:${{ matrix.kernel_flavor}}-${{ matrix.fedora_version }} - registry: ${{ env.IMAGE_REGISTRY }} + registry: ghcr.io/ublue-os - name: Pull main and akmods-nvidia images uses: Wandalen/wretry.action@v3.4.0 @@ -201,7 +202,7 @@ jobs: ${{ env.IMAGE_NAME }} labels: | org.opencontainers.image.title=${{ env.IMAGE_NAME }} - org.opencontainers.image.description=ublue-os ${{ matrix.image_name }}${{ matrix.kernel_flavor == 'asus' && ' for ASUS devices' || '' }}${{ matrix.kernel_flavor == 'surface' && ' for Surface laptops' || ''}}${{ matrix.image_target == 'nvidia' && ' with Nvidia drivers' || ''}} + org.opencontainers.image.description=bpbeatty ${{ matrix.image_name }}${{ matrix.kernel_flavor == 'asus' && ' for ASUS devices' || '' }}${{ matrix.kernel_flavor == 'surface' && ' for Surface laptops' || ''}}${{ matrix.image_target == 'nvidia' && ' with Nvidia drivers' || ''}} org.opencontainers.image.version=${{ env.SOURCE_IMAGE_VERSION }} ostree.linux=${{ env.KERNEL_VERSION }} io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md diff --git a/Containerfile b/Containerfile index cc133884..b3b5fce1 100644 --- a/Containerfile +++ b/Containerfile @@ -1,6 +1,6 @@ ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}" ARG SOURCE_IMAGE="${SOURCE_IMAGE:-silverblue-main}" -ARG SOURCE_ORG="${SOURCE_ORG:-ublue-os}" +ARG SOURCE_ORG="${SOURCE_ORG:-bpbeatty}" ARG BASE_IMAGE="ghcr.io/${SOURCE_ORG}/${SOURCE_IMAGE}" ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-40}" @@ -9,7 +9,7 @@ FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS main ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-40}" ARG KERNEL_FLAVOR="${KERNEL_FLAVOR:-main}" ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}" -ARG IMAGE_VENDOR="${IMAGE_VENDOR:-ublue-os}" +ARG IMAGE_VENDOR="${IMAGE_VENDOR:-bpbeatty}" ARG RPMFUSION_MIRROR="" COPY *.sh /tmp/ @@ -27,14 +27,14 @@ RUN mkdir -p /var/lib/alternatives && \ FROM main AS nvidia -ARG SOURCE_ORG="${SOURCE_ORG:-ublue-os}" +ARG SOURCE_ORG="${SOURCE_ORG:-bpbeatty}" ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-40}" ARG KERNEL_FLAVOR="${KERNEL_FLAVOR:-main}" ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}" -ARG IMAGE_VENDOR="${IMAGE_VENDOR:-ublue-os}" +ARG IMAGE_VENDOR="${IMAGE_VENDOR:-bpbeatty}" ARG RPMFUSION_MIRROR="" -COPY --from=ghcr.io/${SOURCE_ORG}/akmods-nvidia:${KERNEL_FLAVOR}-${FEDORA_MAJOR_VERSION} /rpms /tmp/akmods-rpms +COPY --from=ghcr.io/ublue-os/akmods-nvidia:${KERNEL_FLAVOR}-${FEDORA_MAJOR_VERSION} /rpms /tmp/akmods-rpms COPY *.sh /tmp/ diff --git a/cosign.pub b/cosign.pub index f9482c42..0bbb8580 100644 --- a/cosign.pub +++ b/cosign.pub @@ -1,4 +1,4 @@ -----BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE7lh7fJMV4dBT2jT1XafixUJa7OVA -cT+QFVD8IfIJIS/KBAc8hx1aslzkH3tfeM0cwyCLB7kOStZ4sh6RyFQD9w== +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKzG40GDYzK/xo3Fd+NcNiuBqqZKW +QdbqTzIfNWjYwJH1KJAPpvvb5Ok+9o/vwjQRRuBqjvi9iKio+JHdEpzXjA== -----END PUBLIC KEY-----