Build Image #23187

Summary
Jobs
- build
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/build-image.yml at 6eb8480

	name: Build Image
	on:
	push:
	branches:
	- main
	schedule:
	- cron: '2 * * * *'
	env:
	IMAGE_TAG: 39 # Fedora Version
	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-go@v4
	with:
	go-version: 1.18
	- id: get-image
	name: Get Image
	run: \|
	date >> changes
	podman image pull docker.io/library/fedora:$IMAGE_TAG
	imageDigest=`podman image inspect docker.io/library/fedora:$IMAGE_TAG --format {{.Digest}}`
	echo $imageDigest > lastimage
	lastImage=`curl -L "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/releases/latest/download/lastimage"`
	echo "Digest: $imageDigest"
	echo "Last: $lastImage"
	if [ "$lastImage" != "$imageDigest" ]; then
	echo "Image needs update"
	echo -e "\nImage update:\n $imageDigest\n" >> changes
	echo "image_change=true" >> $GITHUB_OUTPUT
	fi
	- name: Reuse cached image
	if: steps.get-image.outputs.image_change != 'true'
	run: \|
	curl -L $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/releases/latest/download/rootfs.tar.xz --output rootfs.tar.xz
	unxz rootfs.tar.xz
	podman import rootfs.tar fedora-update
	podman create --name fedora-update fedora-update sleep 7200
	- name: Use clean image
	if: steps.get-image.outputs.image_change == 'true'
	run: \|
	podman create --name fedora-update docker.io/library/fedora:$IMAGE_TAG sleep 7200
	- name: Apply updates
	id: check-updates
	run: \|
	podman start fedora-update
	podman exec fedora-update sh -c 'rpm -qa --qf "%-30{name} %{version}-%{release}\n" \| sort' > pre-update
	podman exec fedora-update sh -c 'dnf update -y && dnf -y install podman podman-docker procps-ng openssh-server net-tools iproute dhcp-client crun-wasm wasmedge-rt && dnf clean all && rm -rf /var/cache/yum'
	podman exec fedora-update sh -c 'rpm -qa --qf "%-30{name} %{version}-%{release}\n" \| sort' > post-update

	diff -u pre-update post-update > delta \|\| delta=1
	if [ ! -z "$delta" ]; then
	echo "Package changes!"
	echo -e "\nInstalled packages:\n\`\`\`" >> changes
	grep '^+' delta \| grep -v '+++' \| sed 's/^\+//g' >> changes
	echo "\`\`\`" >> changes
	echo "package_change=true" >> $GITHUB_OUTPUT
	fi
	- name: Add gvproxy vm
	if: steps.get-image.outputs.image_change == 'true' \|\| steps.check-updates.outputs.package_change == 'true'
	run: \|
	set +o verbose
	git clone https://github.com/containers/gvisor-tap-vsock
	cd gvisor-tap-vsock
	git checkout v0.6.1
	make vm
	podman cp bin/vm fedora-update:/usr/local/bin/vm
	cd ..
	- name: Prepare archive
	if: steps.get-image.outputs.image_change == 'true' \|\| steps.check-updates.outputs.package_change == 'true'
	run: \|
	podman export --output rootfs.tar fedora-update
	# GNu tar has a corruption bugs with --delete, so use bsdtar to filter instead
	podman run -v .:/mnt --security-opt label=disable fedora sh -c 'dnf -y install bsdtar && bsdtar -cf /mnt/new.tar --exclude etc/resolv.conf @/mnt/rootfs.tar'
	mv new.tar rootfs.tar
	mkdir -p etc; touch etc/resolv.conf
	tar rf rootfs.tar --mode=644 --group=root --owner=root etc/resolv.conf
	xz rootfs.tar
	shasum -a 256 rootfs.tar.xz > shasums
	- name: Bump version and push tag
	if: steps.get-image.outputs.image_change == 'true' \|\| steps.check-updates.outputs.package_change == 'true'
	id: tag_version
	uses: mathieudutour/[email protected]
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}
	- name: Make version file
	run: \|
	echo ${{steps.tag_version.outputs.new_tag}} > version
	- name: Create a GitHub release
	if: steps.get-image.outputs.image_change == 'true' \|\| steps.check-updates.outputs.package_change == 'true'
	uses: ncipollo/release-action@v1
	with:
	tag: ${{ steps.tag_version.outputs.new_tag }}
	name: Release ${{ steps.tag_version.outputs.new_tag }}
	bodyfile: changes
	artifacts: "lastimage,rootfs.tar.xz,shasums,version"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build Image #23187

Workflow file

Build Image #23187

Jobs

Run details

Workflow file for this run