From 8941081abb0d6cc06ca9db63c1bd243a0c2c2acc Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 16 Aug 2023 14:24:17 -0600 Subject: [PATCH 01/25] chore(main): release 1.8.0 (#294) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6c6c6f63..43086e53 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Changelog +## [1.8.0](https://github.com/ublue-os/main/compare/v1.7.0...v1.8.0) (2023-08-11) + + +### Features + +* **vauxite:** add xfce4-whiskermenu-plugin ([#293](https://github.com/ublue-os/main/issues/293)) ([ca58833](https://github.com/ublue-os/main/commit/ca588333009d01e40a41d94b6a64dff87490c106)) + ## [1.7.0](https://github.com/ublue-os/main/compare/v1.6.0...v1.7.0) (2023-08-08) From 42343fa129b79dd2f9e4be8285419633224e0135 Mon Sep 17 00:00:00 2001 From: RJ Trujillo Date: Wed, 16 Aug 2023 15:18:03 -0600 Subject: [PATCH 02/25] chore(ci): Bump isogenerator to v2.1.0 (#303) --- .github/workflows/build.yml.save | 192 +++++++++++++++++++++++++++ .github/workflows/release-please.yml | 6 +- 2 files changed, 195 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/build.yml.save diff --git a/.github/workflows/build.yml.save b/.github/workflows/build.yml.save new file mode 100644 index 00000000..bfddbe6b --- /dev/null +++ b/.github/workflows/build.yml.save @@ -0,0 +1,192 @@ +name: build-ublue +on: + pull_request: + pull_request_review: + type: [submitted] + merge_group: + schedule: + - cron: '0 7 * * *' # 7 am everyday + workflow_dispatch: +env: + IMAGE_BASE_NAME: main + IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} + +jobs: + push-ghcr: + name: Build and push image + if: github.event.review.state == 'approved' || github.event_name != 'pull_request_review' + runs-on: ubuntu-22.04 + permissions: + contents: read + packages: write + id-token: write + strategy: + fail-fast: false + matrix: + image_name: [silverblue, kinoite, vauxite, sericea, base, lxqt, mate] + major_version: [37, 38] + include: + - major_version: 37 + is_latest_version: false + is_stable_version: true + - major_version: 38 + is_latest_version: true + is_stable_version: true + exclude: + # There is no Fedora 37 version of sericea + # When F38 is added, sericea will automatically be built too + - image_name: sericea + major_version: 37 + steps: + - name: Delete image + uses: bots-house/ghcr-delete-image-action@v1.1.0 + with: + # NOTE: at now only orgs is supported + owner: bots-house + name: some-web-service + # NOTE: using Personal Access Token + token: ${{ secrets.PAT }} + tag: pr-${{github.event.pull_request.number}} + run: + + # Checkout push-to-registry action GitHub repository + - name: Checkout Push to Registry action + uses: actions/checkout@v3 + + - name: Matrix Variables + run: | + if [[ "${{ matrix.image_name }}" == "lxqt" || "${{ matrix.image_name }}" == "mate" ]]; then + echo "SOURCE_IMAGE=base" >> $GITHUB_ENV + else + echo "SOURCE_IMAGE=${{ matrix.image_name }}" >> $GITHUB_ENV + fi + echo "IMAGE_NAME=${{ format('{0}-{1}', matrix.image_name, env.IMAGE_BASE_NAME) }}" >> $GITHUB_ENV + + - name: Generate tags + id: generate-tags + shell: bash + run: | + # Generate a timestamp for creating an image version history + TIMESTAMP="$(date +%Y%m%d)" + MAJOR_VERSION="${{ matrix.major_version }}" + COMMIT_TAGS=() + BUILD_TAGS=() + # Have tags for tracking builds during pull request + SHA_SHORT="${GITHUB_SHA::7}" + COMMIT_TAGS+=("pr-${{ github.event.pull_request.number }}-${MAJOR_VERSION}") + COMMIT_TAGS+=("${SHA_SHORT}-${MAJOR_VERSION}") + if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \ + [[ "${{ matrix.is_stable_version }}" == "true" ]]; then + COMMIT_TAGS+=("pr-${{ github.event.pull_request.number }}") + COMMIT_TAGS+=("${SHA_SHORT}") + fi + + BUILD_TAGS=("${MAJOR_VERSION}" "${MAJOR_VERSION}-${TIMESTAMP}") + + if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \ + [[ "${{ matrix.is_stable_version }}" == "true" ]]; then + BUILD_TAGS+=("latest") + fi + + if [[ "${{ github.event_name }}" == "pull_request_review" ]]; then + echo "Generated the following commit tags: " + for TAG in "${COMMIT_TAGS[@]}"; do + echo "${TAG}" + done + alias_tags=("${COMMIT_TAGS[@]}") + else + alias_tags=("${BUILD_TAGS[@]}") + fi + echo "Generated the following build tags: " + for TAG in "${BUILD_TAGS[@]}"; do + echo "${TAG}" + done + echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT + + - name: Get current version + id: labels + run: | + ver=$(skopeo inspect docker://quay.io/fedora-ostree-desktops/${{ env.SOURCE_IMAGE }}:${{ matrix.major_version }} | jq -r '.Labels["org.opencontainers.image.version"]') + echo "VERSION=$ver" >> $GITHUB_OUTPUT + + # Build metadata + - name: Image Metadata + uses: docker/metadata-action@v4 + id: meta + with: + images: | + ${{ env.IMAGE_NAME }} + labels: | + org.opencontainers.image.title=${{ env.IMAGE_NAME }} + org.opencontainers.image.version=${{ steps.labels.outputs.VERSION }} + org.opencontainers.image.description=A base ${{ env.IMAGE_NAME }} image with batteries included + io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/main/main/README.md + io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4 + + # Build image using Buildah action + - name: Build Image + id: build_image + uses: redhat-actions/buildah-build@v2 + with: + containerfiles: | + ./Containerfile + image: ${{ env.IMAGE_NAME }} + tags: | + ${{ steps.generate-tags.outputs.alias_tags }} + build-args: | + IMAGE_NAME=${{ matrix.image_name }} + SOURCE_IMAGE=${{ env.SOURCE_IMAGE }} + FEDORA_MAJOR_VERSION=${{ matrix.major_version }} + labels: ${{ steps.meta.outputs.labels }} + oci: false + + # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR. + # https://github.com/macbre/push-to-ghcr/issues/12 + - name: Lowercase Registry + id: registry_case + uses: ASzc/change-string-case-action@v5 + with: + string: ${{ env.IMAGE_REGISTRY }} + + # Push the image to GHCR (Image Registry) + - name: Push To GHCR + uses: redhat-actions/push-to-registry@v2 + id: push + if: github.event.review.state == 'approved' || github.event_name != 'pull_request' + env: + REGISTRY_USER: ${{ github.actor }} + REGISTRY_PASSWORD: ${{ github.token }} + with: + image: ${{ steps.build_image.outputs.image }} + tags: ${{ steps.build_image.outputs.tags }} + registry: ${{ steps.registry_case.outputs.lowercase }} + username: ${{ env.REGISTRY_USER }} + password: ${{ env.REGISTRY_PASSWORD }} + extra-args: | + --disable-content-trust + + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + if: github.event.review.state == 'approved' || github.event_name != 'pull_request' + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + # Sign container + - uses: sigstore/cosign-installer@v3.1.1 + if: github.event.review.state == 'approved' || github.event_name != 'pull_request' + + - name: Sign container image + if: github.event.review.state == 'approved' || github.event_name != 'pull_request' + run: | + cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS} + env: + TAGS: ${{ steps.push.outputs.digest }} + COSIGN_EXPERIMENTAL: false + COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }} + + - name: Echo outputs + if: github.event.review.state == 'approved' || github.event_name != 'pull_request' + run: | + echo "${{ toJSON(steps.push.outputs) }}" diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 2615efe9..635f76cf 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -25,15 +25,15 @@ jobs: runs-on: ubuntu-latest needs: release-please if: needs.release-please.outputs.releases_created - container: + container: image: fedora:38 options: --privileged permissions: contents: write steps: - uses: actions/checkout@v3 - - name: Generate ISO - uses: ublue-os/isogenerator@v2.0.2 + - name: Generate ISO + uses: ublue-os/isogenerator@v2.1.0 id: isogenerator with: image-name: universalblue From 3a7e7d442e1f2f99a8ca31a8fde41879d14b6e92 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 16 Aug 2023 15:38:18 -0600 Subject: [PATCH 03/25] chore(main): release 1.9.0 (#304) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- CHANGELOG.md | 99 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 43086e53..5fe28761 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,104 @@ # Changelog +## [1.9.0](https://github.com/ublue-os/main/compare/v1.8.0...v1.9.0) (2023-08-16) + + +### Features + +* add `lshw` (issue [#225](https://github.com/ublue-os/main/issues/225)) ([#230](https://github.com/ublue-os/main/issues/230)) ([5501e3c](https://github.com/ublue-os/main/commit/5501e3c008aaed027c2bbfc25c3a952a2500db4d)) +* add adw-gtk3-theme for Silverblue ([#204](https://github.com/ublue-os/main/issues/204)) ([3aa1345](https://github.com/ublue-os/main/commit/3aa1345d46507a4158ff7df29cbb92b186c89b4b)) +* Add alsa-firmware package needed for some sound cards ([#270](https://github.com/ublue-os/main/issues/270)) ([0eb781b](https://github.com/ublue-os/main/commit/0eb781b117f90437ab68eeee442bdffbf0d966b0)) +* add apr and apr-util ([#92](https://github.com/ublue-os/main/issues/92)) ([ade520f](https://github.com/ublue-os/main/commit/ade520f7e50a12b40672b50b184fba6a41e2d002)) +* add cinnamon image to iso ([#237](https://github.com/ublue-os/main/issues/237)) ([d6d98a2](https://github.com/ublue-os/main/commit/d6d98a238a2d6f9702d428de5ef94011df6a4a3e)) +* add clipman for sericea ([#273](https://github.com/ublue-os/main/issues/273)) ([09c59b5](https://github.com/ublue-os/main/commit/09c59b5ec03c49d8c34f8344d87e5ddbdca8e217)) +* Add disk management cli tools ([#52](https://github.com/ublue-os/main/issues/52)) ([277e1fe](https://github.com/ublue-os/main/commit/277e1fe0260a22ec76bf9ca45b226144bc1433ff)) +* add distrobox, just, and gnome-tweaks ([#17](https://github.com/ublue-os/main/issues/17)) ([15f17ee](https://github.com/ublue-os/main/commit/15f17ee7b779b5331e99a08701b629f53906c050)) +* add ffmpegthumbnailer ([#49](https://github.com/ublue-os/main/issues/49)) ([699588c](https://github.com/ublue-os/main/commit/699588cf94a18060835c458452c6a828a6ad7435)) +* add fzf for better just support ([#84](https://github.com/ublue-os/main/issues/84)) ([3f9d939](https://github.com/ublue-os/main/commit/3f9d9398ca7b1754234ef06111b66037b2f3531b)) +* Add htop package ([#82](https://github.com/ublue-os/main/issues/82)) ([af2b3cf](https://github.com/ublue-os/main/commit/af2b3cfd1f3d8a0e52c03166a553d5f33e156638)) +* add intel-media-driver ([#98](https://github.com/ublue-os/main/issues/98)) ([9d7f2e2](https://github.com/ublue-os/main/commit/9d7f2e26d39d90eaf38449f8a7bcfda97142f7b3)) +* Add kernel-devel package ([#16](https://github.com/ublue-os/main/issues/16)) ([7e31134](https://github.com/ublue-os/main/commit/7e311342aa80e20ad2c4762b033a6b714a5ae334)) +* add kernel-tools ([#208](https://github.com/ublue-os/main/issues/208)) ([b2d0b07](https://github.com/ublue-os/main/commit/b2d0b0795067de0630ef4f64a3471dda5d33e5d9)) +* add libheif-freeworld & heif-pixbuf-loader ([#255](https://github.com/ublue-os/main/issues/255)) ([5f21453](https://github.com/ublue-os/main/commit/5f2145300d11d2c844ce73df13f6a53520655c6e)) +* Add libheif-tools ([#253](https://github.com/ublue-os/main/issues/253)) ([8703dc8](https://github.com/ublue-os/main/commit/8703dc8c3ab6c63237e2e3d948796d7e3fe67919)) +* Add lxqt image ([#47](https://github.com/ublue-os/main/issues/47)) ([2a9eddc](https://github.com/ublue-os/main/commit/2a9eddc4bf67f34763a8c2e3f53642613a228afa)) +* Add mate-desktop packages ([#53](https://github.com/ublue-os/main/issues/53)) ([96cf250](https://github.com/ublue-os/main/commit/96cf250141d9ea737a3956f0955a20ad813619ed)) +* add openrgb udev rules ([#197](https://github.com/ublue-os/main/issues/197)) ([a95ec2d](https://github.com/ublue-os/main/commit/a95ec2d42e059eb3595f31b5c1bc8251e1cb0662)) +* add package request template ([#3](https://github.com/ublue-os/main/issues/3)) ([9ee86e8](https://github.com/ublue-os/main/commit/9ee86e80c622aef297a7770dc7ec4a02c87affa6)) +* add podman-compose ([#180](https://github.com/ublue-os/main/issues/180)) ([4eea999](https://github.com/ublue-os/main/commit/4eea999b5771d438e819735b9f000b9d0b4ef27c)) +* add post-install script for finalizing configurations ([#30](https://github.com/ublue-os/main/issues/30)) ([828d712](https://github.com/ublue-os/main/commit/828d71209ee612ccc6373ba76982f63b268d07dc)) +* Add release package group configuration support ([#15](https://github.com/ublue-os/main/issues/15)) ([5d33e5e](https://github.com/ublue-os/main/commit/5d33e5e235b26ff56bcf7db7319d5b1d1acadac4)) +* add repography ([#66](https://github.com/ublue-os/main/issues/66)) ([95d2e62](https://github.com/ublue-os/main/commit/95d2e62e2e90d7a5f5f76569678e522441e7972f)) +* Add RPMs from ublue-os/config ([#22](https://github.com/ublue-os/main/issues/22)) ([ea9dd75](https://github.com/ublue-os/main/commit/ea9dd75d7ef8be10afb33a94e1d391a2dcde8bba)) +* add some indonesian fonts ([#248](https://github.com/ublue-os/main/issues/248)) ([abfc70d](https://github.com/ublue-os/main/commit/abfc70d21cc9ea97b839564fe959587e0dbb7fef)) +* add tmux ([#190](https://github.com/ublue-os/main/issues/190)) ([c5491b9](https://github.com/ublue-os/main/commit/c5491b9a903be6eb5311e01c9dbefc638c3567d9)) +* add tumbler for thumbnails on sericea ([#56](https://github.com/ublue-os/main/issues/56)) ([07b2736](https://github.com/ublue-os/main/commit/07b2736f03f3b054eebb01ce1f2d668d5284e7bf)) +* Add vim, openssl, and pipewire-codec-aptx ([#31](https://github.com/ublue-os/main/issues/31)) ([e1f77e7](https://github.com/ublue-os/main/commit/e1f77e79b99150fff55cd07190f608f7ddd48e5d)) +* add wireguard-tools ([#241](https://github.com/ublue-os/main/issues/241)) ([44cb522](https://github.com/ublue-os/main/commit/44cb522091433b2e1e4a84f4bdac4ea592e353b0)) +* add xfce4-clipman-plugin to vauxite ([#182](https://github.com/ublue-os/main/issues/182)) ([5a7a820](https://github.com/ublue-os/main/commit/5a7a820180dd878b9be8bc2729ba3c51c2e3594d)) +* add xwaylandvideobridge ([#232](https://github.com/ublue-os/main/issues/232)) ([ef29a6b](https://github.com/ublue-os/main/commit/ef29a6bbfc4edd28bebef63994f8a6ab922818a1)) +* add zstd ([#63](https://github.com/ublue-os/main/issues/63)) ([4307b8b](https://github.com/ublue-os/main/commit/4307b8bc3fe6f087c0251f0e7105ac173035baac)) +* align packagelist with fedora workstation ([#235](https://github.com/ublue-os/main/issues/235)) ([fe48ba8](https://github.com/ublue-os/main/commit/fe48ba84a061ef193285830f72c95d3f71c7a496)) +* enable mesa-va-drivers-freeworld for all Fedora releases ([#67](https://github.com/ublue-os/main/issues/67)) ([7265922](https://github.com/ublue-os/main/commit/7265922d0a781c396f334582df7a1b04f3a2a32b)) +* enable ublue-os akmods ([#234](https://github.com/ublue-os/main/issues/234)) ([df93c4f](https://github.com/ublue-os/main/commit/df93c4f17fe4262dad7e59233097513c734cc007)) +* Fix inconsistent thumbnails across images ([#262](https://github.com/ublue-os/main/issues/262)) ([3fc9c69](https://github.com/ublue-os/main/commit/3fc9c69b7c3d4f8571eebc0788a1a7015e5bdfe0)) +* generate stripped-down base image variants ([ee1d4d4](https://github.com/ublue-os/main/commit/ee1d4d432b0bcd620894412fa30daf9a556bf8b4)) +* Include libratbag ([#139](https://github.com/ublue-os/main/issues/139)) ([4dcd439](https://github.com/ublue-os/main/commit/4dcd439c4b0a07c9ed96d6dd96d8a997a092b5b4)) +* install libva, and nvtop ([#19](https://github.com/ublue-os/main/issues/19)) ([7e3c54a](https://github.com/ublue-os/main/commit/7e3c54a7a5810e20f53998a432c9d45be38cba78)) +* KDE QoL additions ([#259](https://github.com/ublue-os/main/issues/259)) ([a2a561e](https://github.com/ublue-os/main/commit/a2a561e57ace78d975e33c07232e21d50e79df45)) +* move to a unified ISO for all images ([#109](https://github.com/ublue-os/main/issues/109)) ([9c52e30](https://github.com/ublue-os/main/commit/9c52e302741968a0d290a70fb863464bd41fa970)) +* new akmods build process ([#87](https://github.com/ublue-os/main/issues/87)) ([f0503ff](https://github.com/ublue-os/main/commit/f0503ffd4ac769e9c38f58adc274e35af9edf50f)) +* promote ISO to F38 GA ([#156](https://github.com/ublue-os/main/issues/156)) ([4968d34](https://github.com/ublue-os/main/commit/4968d34aef7a9e4a6c55bfee1e2e2eb8d095e6c1)) +* remove xwaylandvideobridge ([#284](https://github.com/ublue-os/main/issues/284)) ([477e15a](https://github.com/ublue-os/main/commit/477e15a26fd0aaf8c75d8ceca90175457a9e256b)) +* swap mesa-va-drivers and add ffmpeg for F37 ([#21](https://github.com/ublue-os/main/issues/21)) ([79ede2c](https://github.com/ublue-os/main/commit/79ede2ca5028187e29ee7e5c83275b0eff20e55e)) +* switch the latest tag to F38 ([#177](https://github.com/ublue-os/main/issues/177)) ([9aca46a](https://github.com/ublue-os/main/commit/9aca46a742d9128e9b22bfbc5e380f5394ee269a)) +* use custom repos provided by akmods ([#236](https://github.com/ublue-os/main/issues/236)) ([efe5364](https://github.com/ublue-os/main/commit/efe53640acc871ed2d60903774577e8a5565672c)) +* use tagged release for isogenerator ([#155](https://github.com/ublue-os/main/issues/155)) ([f7d05b4](https://github.com/ublue-os/main/commit/f7d05b4f58096fa87df920523390cfe51774cdee)) +* **vauxite:** add xfce4-whiskermenu-plugin ([#293](https://github.com/ublue-os/main/issues/293)) ([ca58833](https://github.com/ublue-os/main/commit/ca588333009d01e40a41d94b6a64dff87490c106)) + + +### Bug Fixes + +* add usage instructions ([#40](https://github.com/ublue-os/main/issues/40)) ([3c1db1e](https://github.com/ublue-os/main/commit/3c1db1ed5965b3f1547c3cf5f560273cfa0332e3)) +* also build the image variant with the correct name ([#12](https://github.com/ublue-os/main/issues/12)) ([a5fde3b](https://github.com/ublue-os/main/commit/a5fde3b9edb2ad3c04e0af25b4f2e3a5c1ebadc4)) +* Be selective in which kmods are brought into main. ([#278](https://github.com/ublue-os/main/issues/278)) ([aac58b0](https://github.com/ublue-os/main/commit/aac58b0480d8c8a0a44aae1882e2288547a0fde1)) +* bump isogenerator dep and regen ISOs ([#222](https://github.com/ublue-os/main/issues/222)) ([b3d690b](https://github.com/ublue-os/main/commit/b3d690b338e32d28210e00112973e15797cf6749)) +* bump isogenerator to 1.2.0 ([#167](https://github.com/ublue-os/main/issues/167)) ([2a46e49](https://github.com/ublue-os/main/commit/2a46e49765fea7683278f74e1d2eb6fe2b3b9ff4)) +* delete changelog to unstick release-please action ([#100](https://github.com/ublue-os/main/issues/100)) ([6dc1d80](https://github.com/ublue-os/main/commit/6dc1d808d8cdb33e912926a587c843b3a9d9c993)) +* image name and description variable interpolation ([#37](https://github.com/ublue-os/main/issues/37)) ([7f922c9](https://github.com/ublue-os/main/commit/7f922c9343878ceb9a09bba0126ed55e19edc23a)) +* keep IMAGE_NAME and set it once ([#13](https://github.com/ublue-os/main/issues/13)) ([85b152e](https://github.com/ublue-os/main/commit/85b152ec097f3be9b15a87b39bffa7ba022ba968)) +* kick off an iso build ([#114](https://github.com/ublue-os/main/issues/114)) ([1ce2350](https://github.com/ublue-os/main/commit/1ce235014932000625c47f6a89319647e37a190e)) +* kick off ISO build ([#119](https://github.com/ublue-os/main/issues/119)) ([95a5651](https://github.com/ublue-os/main/commit/95a5651a205e9839f76d0fbcd5bcdf7c3351ded9)) +* kick off ISO build ([#159](https://github.com/ublue-os/main/issues/159)) ([7c9e430](https://github.com/ublue-os/main/commit/7c9e43008eb65a6af6ed1c69a3c08dfbc819ba63)) +* kick off ISO build ([#217](https://github.com/ublue-os/main/issues/217)) ([fe67565](https://github.com/ublue-os/main/commit/fe675656ad5e7fae24849eb8af200bbd6cf8a588)) +* **Kinoite:** Remove Discover rpm-ostree plugin ([#282](https://github.com/ublue-os/main/issues/282)) ([7a011ff](https://github.com/ublue-os/main/commit/7a011ff719e351ee53ccb3da27fe4083e0423028)) +* maintain the current oci version label ([#89](https://github.com/ublue-os/main/issues/89)) ([be7faed](https://github.com/ublue-os/main/commit/be7faeda71ca2a96e0471d0fada59052b8db3c3d)) +* make intro text more clear ([#128](https://github.com/ublue-os/main/issues/128)) ([5c8567d](https://github.com/ublue-os/main/commit/5c8567d72f8ad5ba68c2e20a04ab10a72df40980)) +* ostree automatic updates not enabled ([#48](https://github.com/ublue-os/main/issues/48)) ([b508c02](https://github.com/ublue-os/main/commit/b508c02b0200846a50e62d31479d7ba83b424b00)) +* PRs won't push to registry ([8d21213](https://github.com/ublue-os/main/commit/8d212133ec05899d1ae1e35f2de5a730a55b1364)) +* README line fix ([#135](https://github.com/ublue-os/main/issues/135)) ([35cd1c0](https://github.com/ublue-os/main/commit/35cd1c079aeec5a25dca57d2e73d1abd83ace3e2)) +* Readme update ([#74](https://github.com/ublue-os/main/issues/74)) ([e290cbf](https://github.com/ublue-os/main/commit/e290cbfd0503598994cc7fee18dde883373783a2)) +* remove standalone date tag ([#80](https://github.com/ublue-os/main/issues/80)) ([edb67aa](https://github.com/ublue-os/main/commit/edb67aa48326ac59891e8e28779c0d2b05a92f0f)) +* removed the matrix ([#116](https://github.com/ublue-os/main/issues/116)) ([89b1a5e](https://github.com/ublue-os/main/commit/89b1a5e8c23b415b0cf5e49256721bb9252bca1d)) +* rename README.mdlol to README.md ([#219](https://github.com/ublue-os/main/issues/219)) ([5548e8f](https://github.com/ublue-os/main/commit/5548e8fd8b1b2585dbfb6b07a498c716c7b7521e)) +* Reorder und add more info about distrobox to README ([#73](https://github.com/ublue-os/main/issues/73)) ([f8bf5bd](https://github.com/ublue-os/main/commit/f8bf5bdac57f777050da058b7590339254847467)) +* Revert to older version of ostree to fix Flatpak installations ([#261](https://github.com/ublue-os/main/issues/261)) ([0859834](https://github.com/ublue-os/main/commit/0859834454591a4b231a710e491825c08391235d)) +* split variant builds to their own registry ([#11](https://github.com/ublue-os/main/issues/11)) ([17da43c](https://github.com/ublue-os/main/commit/17da43c69d2850501ae611370e8890f02d44de2b)) +* temporarily disable mesa-va-drivers-freeworld for f38 ([#163](https://github.com/ublue-os/main/issues/163)) ([73a10d0](https://github.com/ublue-os/main/commit/73a10d02c7b814cb382823c1571c97a86309e22a)) +* update ISOs ([#133](https://github.com/ublue-os/main/issues/133)) ([728f7d6](https://github.com/ublue-os/main/commit/728f7d6e71b7360355f8bb86e85371f28408c289)) +* update readme a bit ([#148](https://github.com/ublue-os/main/issues/148)) ([1ca2aaa](https://github.com/ublue-os/main/commit/1ca2aaacf9291f8dca28c5dd189192386be1db36)) +* update readme to kick off build ([#121](https://github.com/ublue-os/main/issues/121)) ([83186eb](https://github.com/ublue-os/main/commit/83186eb1dd72c5cc5903b8ba308cbcb5a96e7ff7)) +* update readme to kick off iso ([#125](https://github.com/ublue-os/main/issues/125)) ([7fc2dbf](https://github.com/ublue-os/main/commit/7fc2dbf454e2a5aa7184c8bc968bf9196dc9bfcc)) +* update to cosign 2.0 and pin install ([#10](https://github.com/ublue-os/main/issues/10)) ([4fbe168](https://github.com/ublue-os/main/commit/4fbe1688e9dce81efd9597bcd46caaf75945f7d3)) +* upgrade container to 38 ([#118](https://github.com/ublue-os/main/issues/118)) ([cf607b4](https://github.com/ublue-os/main/commit/cf607b4627082b25ea81e511ad96c2ef70ef66b3)) + + +### Reverts + +* "fix: Revert to older version of ostree to fix Flatpak installations ([#261](https://github.com/ublue-os/main/issues/261))" ([#265](https://github.com/ublue-os/main/issues/265)) ([f2c2a31](https://github.com/ublue-os/main/commit/f2c2a314b57b585c467ebc6bbbb40febfd40a11f)) +* "fix: temporarily disable mesa-va-drivers-freeworld for f38" ([#166](https://github.com/ublue-os/main/issues/166)) ([32b29ac](https://github.com/ublue-os/main/commit/32b29ac8299919b2e97e16058a6c94e66410ef10)) +* "revert: "fix: Revert to older version of ostree to fix Flatpak installations ([#261](https://github.com/ublue-os/main/issues/261))"" ([#266](https://github.com/ublue-os/main/issues/266)) ([36711fa](https://github.com/ublue-os/main/commit/36711fa635afba4dcb2be667fadc96a8d9feeb48)) + ## [1.8.0](https://github.com/ublue-os/main/compare/v1.7.0...v1.8.0) (2023-08-11) From 1a8fbb7ac69d650d4c98fabdcd641268b2782217 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Aug 2023 08:36:04 -0400 Subject: [PATCH 04/25] chore(deps): bump ublue-os/isogenerator from 2.1.0 to 2.1.1 (#306) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/release-please.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 635f76cf..c0824bcc 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -33,7 +33,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Generate ISO - uses: ublue-os/isogenerator@v2.1.0 + uses: ublue-os/isogenerator@v2.1.1 id: isogenerator with: image-name: universalblue From 735aeee66a81c22499a788de1eb80ac3713aa19b Mon Sep 17 00:00:00 2001 From: "Jorge O. Castro" Date: Mon, 21 Aug 2023 21:38:51 -0400 Subject: [PATCH 05/25] docs: leave signposts for the docs (#305) --- README.md | 125 +++--------------------------------------------------- 1 file changed, 5 insertions(+), 120 deletions(-) diff --git a/README.md b/README.md index 390dafab..c9b7219f 100644 --- a/README.md +++ b/README.md @@ -4,124 +4,9 @@ A common main image for all other uBlue images, with minimal (but important) adjustments to Fedora. <3 -1. [Features](#Features) -1. [Tips and Tricks](#Tips-and-Tricks) -1. [How to Install](#How-to-Install) -1. [Verification](#Verification) -1. [Configuring Automatic Updates](#Configuring-Automatic-Updates) -1. [Making your own](#Making-your-own) +# Documentation -## What is this? - -You should be familiar with [image-based desktops](https://silverblue.fedoraproject.org/about). These are Fedora OStree images that have been modified with the following quality of life features: - -## Features - -- Start with a Fedora image -- Adds the following packages to the base image: - - Hardware acceleration and codecs - - `distrobox` for terminal CLI and user package installation - - A selection of [udev rules and service units](https://github.com/ublue-os/config) - - [libratbag](https://github.com/libratbag/libratbag), to configure supported mice via [piper](https://github.com/libratbag/piper) - - Several pre-built [drivers/akmods](https://github.com/ublue-os/akmods) - - Various other tools: check out the [complete list of packages](https://github.com/ublue-os/main/blob/main/packages.json) -- Sets automatic staging of updates for the system -- Sets flatpaks to update twice a day -- Everything else (desktop, artwork, etc) remains stock so you can use this as a good starting image - -## Tips and Tricks - -Unlike traditional Linux distributions, the base image is intended to be used "out of the box" as it is, packages are installed via Flatpak whenever possible (execpt for IDEs in some cases, more below). -Should that not be possible, you can use [distrobox](https://github.com/89luca89/distrobox) to have images of mutable distributions where you can install applications normally. -Want an application that is only available on Arch Linux *and* one that is only on Ubuntu? Well, now can have both! - -Distrobox is very powerful, for example you can use to [host your entire development environment](https://github.com/89luca89/distrobox/blob/main/docs/posts/integrate_vscode_distrobox.md) completely separate from your host system. Or use it to run a [container for your virtual machines](https://github.com/89luca89/distrobox/blob/main/docs/posts/run_libvirt_in_distrobox.md). - -ublue-os/base-main is also very well suited for servers, and users are expected to make full use of `podman` to host containers running "typical" server software i.e. `nginx`, `caddy` and others. - -## How to Install - -1. [Download the image you want](https://github.com/ublue-os/main/releases) -1. [Follow these instructions](https://ublue.it/installation) -1. [File an issue](https://github.com/ublue-os/main/issues) if you find a problem - -
-To switch to another Image - -To rebase an existing Silverblue/Kinoite machine to the latest release (38): - -1. Download and install [Fedora Silverblue](https://silverblue.fedoraproject.org/download) -1. After you reboot you should [pin the working deployment](https://docs.fedoraproject.org/en-US/fedora-silverblue/faq/#_about_using_silverblue) so you can safely rollback -1. If you are coming from an existing system it is recommended to not have any layered packages before proceeding. See the [Fedora documentation](https://docs.fedoraproject.org/en-US/fedora-silverblue/) for more information. -1. Open a terminal and use one of the following commands to rebase the OS: - -**Silverblue (GNOME):** - - sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/silverblue-main:38 - -**Kinoite (KDE)** - - sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/kinoite-main:38 - -**LXQt** - - sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/lxqt-main:38 - -**MATE** - - sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/mate-main:38 - -**Sericea (Sway)** -Recommended only for advanced users - - sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/sericea-main:38 - -**Vauxite (XFCE)** - - sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/vauxite-main:38 - -**Base** - -Which does not come with any desktops or window managers: - - sudo rpm-ostree rebase ostree-image-signed:docker://ghcr.io/ublue-os/base-main:38 - -
- -## Verification - -These images are signed with sigstore's [cosign](https://docs.sigstore.dev/cosign/overview/). You can verify the signature by downloading the `cosign.pub` key from this repo and running the following command: - - cosign verify --key cosign.pub ghcr.io/ublue-os/silverblue-main - -If you're forking this repo you should [read the docs](https://docs.github.com/en/actions/security-guides/encrypted-secrets) on keeping secrets in github. You need to [generate a new keypair](https://docs.sigstore.dev/cosign/overview/) with cosign. The public key can be in your public repo (your users need it to check the signatures), and you can paste the private key in Settings -> Secrets -> Actions. - -## Configuring Automatic Updates - -> **Warning** -> -> Disabling automatic updates is an unsupported configuration. If you reconfigure updates, you MUST be on the latest image before opening any issues. - -With that said, you can individually disable which automatic update timers [ublue-os/config](https://github.com/ublue-os/config) provides with the following commands: - -* flatpak system: `sudo systemctl disable flatpak-system-update.timer` -* flatpak user: `sudo systemctl --global disable flatpak-user-update.timer` - -You can also configure automatic `rpm-ostree` updates by editing `/etc/rpm-ostreed.conf` and changing "AutomaticUpdatePolicy" to "none" or "check": - -``` -[Daemon] -AutomaticUpdatePolicy=check -``` - -## Making your own - -See [the documentation](https://universal-blue.org/tinker/make-your-own/) on how use this image in your own projects. - -## [![Repography logo](https://images.repography.com/logo.svg)](https://repography.com) / Recent activity [![Time period](https://images.repography.com/35181738/ublue-os/main/recent-activity/xrA_PaNuNMQaiMXAgCjt1WHFLAbONeWxJABDiQSIMJI/sadhuTBbL8fbqM2jXKHWg-T1EsqHwZ2NlnlT6FB-e7Q_badge.svg)](https://repography.com) -[![Timeline graph](https://images.repography.com/35181738/ublue-os/main/recent-activity/xrA_PaNuNMQaiMXAgCjt1WHFLAbONeWxJABDiQSIMJI/sadhuTBbL8fbqM2jXKHWg-T1EsqHwZ2NlnlT6FB-e7Q_timeline.svg)](https://github.com/ublue-os/main/commits) -[![Issue status graph](https://images.repography.com/35181738/ublue-os/main/recent-activity/xrA_PaNuNMQaiMXAgCjt1WHFLAbONeWxJABDiQSIMJI/sadhuTBbL8fbqM2jXKHWg-T1EsqHwZ2NlnlT6FB-e7Q_issues.svg)](https://github.com/ublue-os/main/issues) -[![Pull request status graph](https://images.repography.com/35181738/ublue-os/main/recent-activity/xrA_PaNuNMQaiMXAgCjt1WHFLAbONeWxJABDiQSIMJI/sadhuTBbL8fbqM2jXKHWg-T1EsqHwZ2NlnlT6FB-e7Q_prs.svg)](https://github.com/ublue-os/main/pulls) -[![Trending topics](https://images.repography.com/35181738/ublue-os/main/recent-activity/xrA_PaNuNMQaiMXAgCjt1WHFLAbONeWxJABDiQSIMJI/sadhuTBbL8fbqM2jXKHWg-T1EsqHwZ2NlnlT6FB-e7Q_words.svg)](https://github.com/ublue-os/main/commits) -[![Top contributors](https://images.repography.com/35181738/ublue-os/main/recent-activity/xrA_PaNuNMQaiMXAgCjt1WHFLAbONeWxJABDiQSIMJI/sadhuTBbL8fbqM2jXKHWg-T1EsqHwZ2NlnlT6FB-e7Q_users.svg)](https://github.com/ublue-os/main/graphs/contributors) -[![Activity map](https://images.repography.com/35181738/ublue-os/main/recent-activity/xrA_PaNuNMQaiMXAgCjt1WHFLAbONeWxJABDiQSIMJI/sadhuTBbL8fbqM2jXKHWg-T1EsqHwZ2NlnlT6FB-e7Q_map.svg)](https://github.com/ublue-os/main/commits) +- [Main website and documentation](https://universal-blue.org) +- [Documentation for these images](https://universal-blue.org/images/main) +- [Installation](https://universal-blue.org/installation/) - follow this for clean installation +- [Rebase instructions](https://universal-blue.org/images/) - follow this if you want to switch to another image. From 4ba7efd440efd31b83c81b9fd88e5a99f1322763 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Wed, 23 Aug 2023 08:18:04 -0500 Subject: [PATCH 06/25] feat: add cosign (#308) --- Containerfile | 1 + build.sh | 3 +++ github-release-install.sh | 43 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 47 insertions(+) create mode 100755 github-release-install.sh diff --git a/Containerfile b/Containerfile index 4cd47f52..fdfdf330 100644 --- a/Containerfile +++ b/Containerfile @@ -8,6 +8,7 @@ FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS builder ARG IMAGE_NAME="${IMAGE_NAME}" ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION}" +ADD github-release-install.sh /tmp/github-release-install.sh ADD build.sh /tmp/build.sh ADD post-install.sh /tmp/post-install.sh ADD packages.json /tmp/packages.json diff --git a/build.sh b/build.sh index dccdf174..ad89bf98 100755 --- a/build.sh +++ b/build.sh @@ -56,3 +56,6 @@ else echo "No packages to install." fi + +## install packages direct from github +/tmp/github-release-install.sh sigstore/cosign x86_64.rpm diff --git a/github-release-install.sh b/github-release-install.sh new file mode 100755 index 00000000..00836b8b --- /dev/null +++ b/github-release-install.sh @@ -0,0 +1,43 @@ +#!/bin/bash +# +# A script to install an RPM from the latest Github release for a project. +# +# ORG_PROJ is the pair of URL components for organization/projectName in Github URL +# example: https://github.com/wez/wezterm/releases +# ORG_PROJ would be "wez/wezterm" +# +# FILTER is used if there are more than one RPMs which match our arch/noarch.rpm pattern +# example: wezterm builds a lot of rpms, but they are labeled by distro so we can filter +# FILTER would be "fedora36" to get the RPM build for fedora36 OR "fedora" should get +# the RPM build for fedora37 (or newest fedora build) due to a reverse sort + +ORG_PROJ=${1} +SUFFIX=${2} +FILTER=${3} + +usage() { + echo "$0 ORG_PROJ SUFFIX [FILTER]" + echo " ORG_PROJ - organization/projectname" + echo " SUFFIX - trailing part of rpm name: eg, x86_64rpm or noarch.rpm" + echo " FILTER - optional extra filter to further limit rpm selection" + +} + +if [ -z ${ORG_PROJ} ]; then + usage + exit 1 +fi + +if [ -z ${SUFFIX} ]; then + usage + exit 2 +fi + +API="https://api.github.com/repos/${ORG_PROJ}/releases/latest" +RPM_URLS=$(curl -sL ${API} | jq -r '.assets[].browser_download_url' | grep -E "${SUFFIX}$" | grep "${FILTER}" |sort -r) +for URL in ${RPM_URLS}; do + # WARNING: in case of multiple matches, this only installs the first (hopefully the newest, given the reverse sort) + echo "execute: rpm-ostree install \"${URL}\"" + rpm-ostree install "${URL}" + break +done From ffac5c4f33b81f42d54279c5b95a0df404b79bc7 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Wed, 23 Aug 2023 12:33:04 -0500 Subject: [PATCH 07/25] refactor: improve github-release-install script (#310) --- github-release-install.sh | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/github-release-install.sh b/github-release-install.sh index 00836b8b..5fca5966 100755 --- a/github-release-install.sh +++ b/github-release-install.sh @@ -6,20 +6,19 @@ # example: https://github.com/wez/wezterm/releases # ORG_PROJ would be "wez/wezterm" # -# FILTER is used if there are more than one RPMs which match our arch/noarch.rpm pattern -# example: wezterm builds a lot of rpms, but they are labeled by distro so we can filter -# FILTER would be "fedora36" to get the RPM build for fedora36 OR "fedora" should get -# the RPM build for fedora37 (or newest fedora build) due to a reverse sort +# ARCH_FILTER is used to select the specific RPM. Typically this can just be the arch +# such as 'x86_64' but sometimes a specific filter is required when multiple match. +# example: wezterm builds RPMs for different distros so we must be more specific. +# ARCH_FILTER of "fedora37.x86_64" gets the x86_64 RPM build for fedora37 + ORG_PROJ=${1} -SUFFIX=${2} -FILTER=${3} +ARCH_FILTER=${2} usage() { - echo "$0 ORG_PROJ SUFFIX [FILTER]" - echo " ORG_PROJ - organization/projectname" - echo " SUFFIX - trailing part of rpm name: eg, x86_64rpm or noarch.rpm" - echo " FILTER - optional extra filter to further limit rpm selection" + echo "$0 ORG_PROJ ARCH_FILTER" + echo " ORG_PROJ - organization/projectname" + echo " ARCH_FILTER - optional extra filter to further limit rpm selection" } @@ -28,16 +27,19 @@ if [ -z ${ORG_PROJ} ]; then exit 1 fi -if [ -z ${SUFFIX} ]; then +if [ -z ${ARCH_FILTER} ]; then usage exit 2 fi API="https://api.github.com/repos/${ORG_PROJ}/releases/latest" -RPM_URLS=$(curl -sL ${API} | jq -r '.assets[].browser_download_url' | grep -E "${SUFFIX}$" | grep "${FILTER}" |sort -r) +RPM_URLS=$(curl -sL ${API} \ + | jq \ + --arg arch_filter "${ARCH_FILTER}" \ + '.assets | sort_by(.created_at) | reverse | .[] | select(.name|test($arch_filter)) | select (.name|test("rpm$")) | .browser_download_url') for URL in ${RPM_URLS}; do - # WARNING: in case of multiple matches, this only installs the first (hopefully the newest, given the reverse sort) - echo "execute: rpm-ostree install \"${URL}\"" - rpm-ostree install "${URL}" + # WARNING: in case of multiple matches, this only installs the first matched release + echo "execute: rpm-ostree install ${URL}" + rpm-ostree install ${URL} break done From 9b12fd58401c9118ca24c6de5d79076455d5ad93 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Thu, 24 Aug 2023 12:18:33 -0500 Subject: [PATCH 08/25] fix: use raw output from jq to install cosign again (#312) --- build.sh | 2 +- github-release-install.sh | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/build.sh b/build.sh index ad89bf98..b7e527be 100755 --- a/build.sh +++ b/build.sh @@ -58,4 +58,4 @@ else fi ## install packages direct from github -/tmp/github-release-install.sh sigstore/cosign x86_64.rpm +/tmp/github-release-install.sh sigstore/cosign x86_64 diff --git a/github-release-install.sh b/github-release-install.sh index 5fca5966..9beedfe8 100755 --- a/github-release-install.sh +++ b/github-release-install.sh @@ -32,14 +32,17 @@ if [ -z ${ARCH_FILTER} ]; then exit 2 fi +set -ouex pipefail + API="https://api.github.com/repos/${ORG_PROJ}/releases/latest" RPM_URLS=$(curl -sL ${API} \ | jq \ + -r \ --arg arch_filter "${ARCH_FILTER}" \ '.assets | sort_by(.created_at) | reverse | .[] | select(.name|test($arch_filter)) | select (.name|test("rpm$")) | .browser_download_url') for URL in ${RPM_URLS}; do # WARNING: in case of multiple matches, this only installs the first matched release - echo "execute: rpm-ostree install ${URL}" - rpm-ostree install ${URL} + echo "execute: rpm-ostree install \"${URL}\"" + rpm-ostree install "${URL}" break done From 940a231bcd9418db3c2a4e1f4f150ed265647ad4 Mon Sep 17 00:00:00 2001 From: Kyle Gospodnetich Date: Sun, 27 Aug 2023 12:25:28 -0700 Subject: [PATCH 09/25] feat: Add xone and xpad-noone drivers (#314) --- build.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/build.sh b/build.sh index b7e527be..1724bb7b 100755 --- a/build.sh +++ b/build.sh @@ -32,7 +32,9 @@ done rpm-ostree install \ /tmp/akmods-rpms/kmods/*v4l2loopback*.rpm \ - /tmp/akmods-rpms/kmods/*xpadneo*.rpm + /tmp/akmods-rpms/kmods/*xpadneo*.rpm \ + /tmp/akmods-rpms/kmods/*xone*.rpm \ + /tmp/akmods-rpms/kmods/*xpad-noone*.rpm for REPO in $(rpm -ql ublue-os-akmods-addons|grep ^"/etc"|grep repo$); do echo "akmods: disable per defaults: ${REPO}" From 8f67c24cdd39a93aa18046f88c0e3f42a218e7db Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Aug 2023 22:02:54 -0600 Subject: [PATCH 10/25] chore(deps): bump ublue-os/isogenerator from 2.1.1 to 2.1.2 (#316) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/release-please.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index c0824bcc..c8e92a50 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -33,7 +33,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Generate ISO - uses: ublue-os/isogenerator@v2.1.1 + uses: ublue-os/isogenerator@v2.1.2 id: isogenerator with: image-name: universalblue From a6ab04dd2755d03ef47fb39737d599cbd249a0c2 Mon Sep 17 00:00:00 2001 From: bobslept <38557801+bobslept@users.noreply.github.com> Date: Tue, 29 Aug 2023 14:39:40 +0200 Subject: [PATCH 11/25] chore: add pull request template (#318) --- .github/pull_request_template.md | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 .github/pull_request_template.md diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 00000000..b3c98825 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,7 @@ +## Thank you for contributing to the Universal Blue project! +### Guidelines +In this project we follow [Semantic PRs][1] and [Conventional Commits][2] to describe features and fixes we made. It would be nice if you did too. Not sure what this all means? Here are some [examples][3]. Did you already use this? Awesome, thanks again! + +[1]: https://github.com/Ezard/semantic-prs +[2]: https://www.conventionalcommits.org/en/v1.0.0/#summary +[3]: https://www.conventionalcommits.org/en/v1.0.0/#examples From 40e6c5d1facb90b3d5340f113ae3a52f169bd1ac Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Tue, 29 Aug 2023 18:10:52 -0500 Subject: [PATCH 12/25] feat: build nvidia images in main repo (#319) This adds the nvidia build scripts to the repo and reconfigures Containerfile to build both FOO-main and FOO-nvidia images per matrix provided build-args. Workflow matrix was modified to support this use case, including changes to variables and tag generation. Reviewers: please double-check the generated tags look correct per image. I did review and put some effort into this, but would appreciate extra eyes. Changes which were not technically required: "main" build.sh, post-install.sh, packages.json renamed (with main- prefix) to make things more consistent and easier to follow for future switched to COPY instead of ADD in Containerfile for compliance with best practices added retry logic to curl in github-release-install.sh to avoid some observed intermittent errors Co-authored-by: Jorge O. Castro --- .github/workflows/build.yml | 72 ++++++++++++++++++++----- Containerfile | 35 ++++++++---- github-release-install.sh | 2 +- build.sh => main-install.sh | 4 +- packages.json => main-packages.json | 0 post-install.sh => main-post-install.sh | 0 nvidia-install.sh | 23 ++++++++ nvidia-post-install.sh | 17 ++++++ 8 files changed, 128 insertions(+), 25 deletions(-) rename build.sh => main-install.sh (93%) rename packages.json => main-packages.json (100%) rename post-install.sh => main-post-install.sh (100%) create mode 100755 nvidia-install.sh create mode 100755 nvidia-post-install.sh diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 31e6dd28..89796e50 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ env: jobs: push-ghcr: name: Build and push image - runs-on: ubuntu-22.04 + runs-on: buildjet-2vcpu-ubuntu-2204 permissions: contents: read packages: write @@ -20,8 +20,10 @@ jobs: strategy: fail-fast: false matrix: + image_flavor: [main, nvidia] image_name: [silverblue, kinoite, vauxite, sericea, base, lxqt, mate] major_version: [37, 38] + nvidia_version: [0, 470, 535] include: - major_version: 37 is_latest_version: false @@ -29,11 +31,19 @@ jobs: - major_version: 38 is_latest_version: true is_stable_version: true + - nvidia_version: 535 + is_latest_nvidia: true exclude: # There is no Fedora 37 version of sericea # When F38 is added, sericea will automatically be built too - image_name: sericea major_version: 37 + - image_flavor: main + nvidia_version: 470 + - image_flavor: main + nvidia_version: 535 + - image_flavor: nvidia + nvidia_version: 0 steps: # Checkout push-to-registry action GitHub repository - name: Checkout Push to Registry action @@ -54,24 +64,46 @@ jobs: run: | # Generate a timestamp for creating an image version history TIMESTAMP="$(date +%Y%m%d)" - MAJOR_VERSION="${{ matrix.major_version }}" + VARIANT="${{ 'nvidia' == matrix.image_flavor && format('{0}-{1}', matrix.major_version, matrix.nvidia_version) || format('{0}', matrix.major_version) }}" + COMMIT_TAGS=() BUILD_TAGS=() + # Have tags for tracking builds during pull request SHA_SHORT="${GITHUB_SHA::7}" - COMMIT_TAGS+=("pr-${{ github.event.number }}-${MAJOR_VERSION}") - COMMIT_TAGS+=("${SHA_SHORT}-${MAJOR_VERSION}") + COMMIT_TAGS+=("pr-${{ github.event.number }}-${VARIANT}") + COMMIT_TAGS+=("${SHA_SHORT}-${VARIANT}") + if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \ [[ "${{ matrix.is_stable_version }}" == "true" ]]; then - COMMIT_TAGS+=("pr-${{ github.event.number }}") - COMMIT_TAGS+=("${SHA_SHORT}") + if [[ "${{ matrix.image_flavor }}" == "main" ]] || \ + [[ "${{ matrix.is_latest_nvidia }}" == "true" ]]; then + # assume matrix is honestis_latest_nvidia==true only when image_flavor==nvidia + COMMIT_TAGS+=("pr-${{ github.event.number }}") + COMMIT_TAGS+=("${SHA_SHORT}") + fi fi - BUILD_TAGS=("${MAJOR_VERSION}" "${MAJOR_VERSION}-${TIMESTAMP}") + BUILD_TAGS=("${VARIANT}") + + if [[ "${{ matrix.is_latest_nvidia }}" == "true" ]]; then + BUILD_TAGS+=("${{ matrix.major_version }}-current") + BUILD_TAGS+=("${{ matrix.major_version }}") + fi + + # Append matching timestamp tags to keep a version history + for TAG in "${BUILD_TAGS[@]}"; do + BUILD_TAGS+=("${TAG}-${TIMESTAMP}") + done if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \ [[ "${{ matrix.is_stable_version }}" == "true" ]]; then - BUILD_TAGS+=("latest") + if [[ "${{ matrix.image_flavor }}" == "main" ]] || \ + [[ "${{ matrix.is_latest_nvidia }}" == "true" ]]; then + # assume matrix is honest: is_latest_nvidia==true only when image_flavor==nvidia + BUILD_TAGS+=("${TIMESTAMP}") + BUILD_TAGS+=("latest") + fi fi if [[ "${{ github.event_name }}" == "pull_request" ]]; then @@ -83,10 +115,12 @@ jobs: else alias_tags=("${BUILD_TAGS[@]}") fi + echo "Generated the following build tags: " for TAG in "${BUILD_TAGS[@]}"; do echo "${TAG}" done + echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT - name: Get current version @@ -103,10 +137,10 @@ jobs: images: | ${{ env.IMAGE_NAME }} labels: | - org.opencontainers.image.title=${{ env.IMAGE_NAME }} + org.opencontainers.image.title=${{ matrix.image_name }}-${{ matrix.image_flavor }} org.opencontainers.image.version=${{ steps.labels.outputs.VERSION }} - org.opencontainers.image.description=A base ${{ env.IMAGE_NAME }} image with batteries included - io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/main/main/README.md + org.opencontainers.image.description=A base Universal Blue ${{ matrix.image_name }} image with batteries included${{ 'nvidia' == matrix.image_flavor && ' and Nvidia drivers added' || '' }} + io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4 # Build image using Buildah action @@ -116,15 +150,18 @@ jobs: with: containerfiles: | ./Containerfile - image: ${{ env.IMAGE_NAME }} + image: ${{ matrix.image_name }}-${{ matrix.image_flavor }} tags: | ${{ steps.generate-tags.outputs.alias_tags }} build-args: | IMAGE_NAME=${{ matrix.image_name }} SOURCE_IMAGE=${{ env.SOURCE_IMAGE }} FEDORA_MAJOR_VERSION=${{ matrix.major_version }} + NVIDIA_MAJOR_VERSION=${{ matrix.nvidia_version }} labels: ${{ steps.meta.outputs.labels }} oci: false + extra-args: | + --target=${{ matrix.image_flavor }} # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR. # https://github.com/macbre/push-to-ghcr/issues/12 @@ -166,7 +203,8 @@ jobs: - name: Sign container image if: github.event_name != 'pull_request' run: | - cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS} + cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}@${TAGS} + tags: ${{ steps.build_image.outputs.tags }} env: TAGS: ${{ steps.push.outputs.digest }} COSIGN_EXPERIMENTAL: false @@ -177,3 +215,11 @@ jobs: run: | echo "${{ toJSON(steps.push.outputs) }}" + check: + name: Check all builds successful + runs-on: ubuntu-latest + needs: [push-ghcr] + steps: + - name: Exit + shell: bash + run: exit 0 diff --git a/Containerfile b/Containerfile index fdfdf330..6a545931 100644 --- a/Containerfile +++ b/Containerfile @@ -3,21 +3,38 @@ ARG SOURCE_IMAGE="${SOURCE_IMAGE:-silverblue}" ARG BASE_IMAGE="quay.io/fedora-ostree-desktops/${SOURCE_IMAGE}" ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-37}" -FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS builder -ARG IMAGE_NAME="${IMAGE_NAME}" -ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION}" +FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS main +ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}" +ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-37}" -ADD github-release-install.sh /tmp/github-release-install.sh -ADD build.sh /tmp/build.sh -ADD post-install.sh /tmp/post-install.sh -ADD packages.json /tmp/packages.json +COPY github-release-install.sh /tmp/github-release-install.sh +COPY main-install.sh /tmp/main-install.sh +COPY main-post-install.sh /tmp/main-post-install.sh +COPY main-packages.json /tmp/main-packages.json COPY --from=ghcr.io/ublue-os/config:latest /rpms /tmp/rpms COPY --from=ghcr.io/ublue-os/akmods:${FEDORA_MAJOR_VERSION} /rpms /tmp/akmods-rpms -RUN /tmp/build.sh -RUN /tmp/post-install.sh +RUN /tmp/main-install.sh +RUN /tmp/main-post-install.sh RUN rm -rf /tmp/* /var/* RUN ostree container commit RUN mkdir -p /var/tmp && chmod -R 1777 /var/tmp + + +FROM main AS nvidia +ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}" +ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-37}" +ARG NVIDIA_MAJOR_VERSION="${NVIDIA_MAJOR_VERSION:-535}" + +COPY nvidia-install.sh /tmp/nvidia-install.sh +COPY nvidia-post-install.sh /tmp/nvidia-post-install.sh + +COPY --from=ghcr.io/ublue-os/akmods-nvidia:${FEDORA_MAJOR_VERSION}-${NVIDIA_MAJOR_VERSION} /rpms /tmp/akmods-rpms + +RUN /tmp/nvidia-install.sh +RUN /tmp/nvidia-post-install.sh +RUN rm -rf /tmp/* /var/* +RUN ostree container commit +RUN mkdir -p /var/tmp && chmod -R 1777 /tmp /var/tmp diff --git a/github-release-install.sh b/github-release-install.sh index 9beedfe8..24a08828 100755 --- a/github-release-install.sh +++ b/github-release-install.sh @@ -35,7 +35,7 @@ fi set -ouex pipefail API="https://api.github.com/repos/${ORG_PROJ}/releases/latest" -RPM_URLS=$(curl -sL ${API} \ +RPM_URLS=$(curl --retry 3 --retry-delay 0 --retry-all-errors -sL ${API} \ | jq \ -r \ --arg arch_filter "${ARCH_FILTER}" \ diff --git a/build.sh b/main-install.sh similarity index 93% rename from build.sh rename to main-install.sh index 1724bb7b..c2382c5f 100755 --- a/build.sh +++ b/main-install.sh @@ -6,10 +6,10 @@ RELEASE="$(rpm -E %fedora)" INCLUDED_PACKAGES=($(jq -r "[(.all.include | (.all, select(.\"$IMAGE_NAME\" != null).\"$IMAGE_NAME\")[]), \ (select(.\"$FEDORA_MAJOR_VERSION\" != null).\"$FEDORA_MAJOR_VERSION\".include | (.all, select(.\"$IMAGE_NAME\" != null).\"$IMAGE_NAME\")[])] \ - | sort | unique[]" /tmp/packages.json)) + | sort | unique[]" /tmp/main-packages.json)) EXCLUDED_PACKAGES=($(jq -r "[(.all.exclude | (.all, select(.\"$IMAGE_NAME\" != null).\"$IMAGE_NAME\")[]), \ (select(.\"$FEDORA_MAJOR_VERSION\" != null).\"$FEDORA_MAJOR_VERSION\".exclude | (.all, select(.\"$IMAGE_NAME\" != null).\"$IMAGE_NAME\")[])] \ - | sort | unique[]" /tmp/packages.json)) + | sort | unique[]" /tmp/main-packages.json)) if [[ "${#EXCLUDED_PACKAGES[@]}" -gt 0 ]]; then diff --git a/packages.json b/main-packages.json similarity index 100% rename from packages.json rename to main-packages.json diff --git a/post-install.sh b/main-post-install.sh similarity index 100% rename from post-install.sh rename to main-post-install.sh diff --git a/nvidia-install.sh b/nvidia-install.sh new file mode 100755 index 00000000..6aff8418 --- /dev/null +++ b/nvidia-install.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +set -ouex pipefail + +sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/fedora-{cisco-openh264,modular,updates-modular}.repo + +rpm-ostree install \ + /tmp/akmods-rpms/ublue-os/ublue-os-nvidia-addons-*.rpm + +source /tmp/akmods-rpms/kmods/nvidia-vars.${NVIDIA_MAJOR_VERSION} + +if [[ "${IMAGE_NAME}" == "kinoite" ]]; then + VARIANT_PKGS="supergfxctl-plasmoid" +elif [[ "${IMAGE_NAME}" == "silverblue" ]]; then + VARIANT_PKGS="gnome-shell-extension-supergfxctl-gex" +else + VARIANT_PKGS="" +fi + +rpm-ostree install \ + xorg-x11-drv-${NVIDIA_PACKAGE_NAME}-{,cuda-,devel-,kmodsrc-,power-}${NVIDIA_FULL_VERSION} \ + nvidia-container-toolkit nvidia-vaapi-driver supergfxctl ${VARIANT_PKGS} \ + /tmp/akmods-rpms/kmods/kmod-${NVIDIA_PACKAGE_NAME}-${KERNEL_VERSION}-${NVIDIA_AKMOD_VERSION}.fc${RELEASE}.rpm diff --git a/nvidia-post-install.sh b/nvidia-post-install.sh new file mode 100755 index 00000000..c3e47b41 --- /dev/null +++ b/nvidia-post-install.sh @@ -0,0 +1,17 @@ +#!/bin/sh + +set -ouex pipefail + +sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/{eyecantcu-supergfxctl,nvidia-container-runtime}.repo + +mv /etc/nvidia-container-runtime/config.toml{,.orig} +cp /etc/nvidia-container-runtime/config{-rootless,}.toml + +semodule --verbose --install /usr/share/selinux/packages/nvidia-container.pp +ln -s /usr/bin/ld.bfd /etc/alternatives/ld +ln -s /etc/alternatives/ld /usr/bin/ld + +if [[ "${IMAGE_NAME}" == "sericea" ]]; then + mv /etc/sway/environment{,.orig} + install -Dm644 /usr/share/ublue-os/etc/sway/environment /etc/sway/environment +fi From 36fcf22bc0b1bcfda66f6fdfec21d95923bb5f6f Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Tue, 29 Aug 2023 18:54:22 -0500 Subject: [PATCH 13/25] fix: remove extra 'tags' line from cosign (#321) --- .github/workflows/build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 89796e50..bfdc79e1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -204,7 +204,6 @@ jobs: if: github.event_name != 'pull_request' run: | cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}@${TAGS} - tags: ${{ steps.build_image.outputs.tags }} env: TAGS: ${{ steps.push.outputs.digest }} COSIGN_EXPERIMENTAL: false From 1cfad9e1f728707f65864125959126dadfe3ab29 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Tue, 29 Aug 2023 22:02:50 -0500 Subject: [PATCH 14/25] fix: switch back to free builders to fix skopeo inspect issue (#322) --- .github/workflows/build.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bfdc79e1..69191376 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -6,13 +6,12 @@ on: - cron: '0 7 * * *' # 7 am everyday workflow_dispatch: env: - IMAGE_BASE_NAME: main IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} jobs: push-ghcr: name: Build and push image - runs-on: buildjet-2vcpu-ubuntu-2204 + runs-on: ubuntu-22.04 permissions: contents: read packages: write @@ -56,7 +55,7 @@ jobs: else echo "SOURCE_IMAGE=${{ matrix.image_name }}" >> $GITHUB_ENV fi - echo "IMAGE_NAME=${{ format('{0}-{1}', matrix.image_name, env.IMAGE_BASE_NAME) }}" >> $GITHUB_ENV + echo "IMAGE_NAME=${{ matrix.image_name }}-${{ matrix.image_flavor }}" >> $GITHUB_ENV - name: Generate tags id: generate-tags @@ -137,7 +136,7 @@ jobs: images: | ${{ env.IMAGE_NAME }} labels: | - org.opencontainers.image.title=${{ matrix.image_name }}-${{ matrix.image_flavor }} + org.opencontainers.image.title=${{ env.IMAGE_NAME }} org.opencontainers.image.version=${{ steps.labels.outputs.VERSION }} org.opencontainers.image.description=A base Universal Blue ${{ matrix.image_name }} image with batteries included${{ 'nvidia' == matrix.image_flavor && ' and Nvidia drivers added' || '' }} io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md @@ -150,7 +149,7 @@ jobs: with: containerfiles: | ./Containerfile - image: ${{ matrix.image_name }}-${{ matrix.image_flavor }} + image: ${{ env.IMAGE_NAME }} tags: | ${{ steps.generate-tags.outputs.alias_tags }} build-args: | From 77e398f8b9afb22c4af752598f8107f5e2312e39 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Sep 2023 10:32:54 -0400 Subject: [PATCH 15/25] chore(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#327) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 69191376..50faaf43 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -196,7 +196,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} # Sign container - - uses: sigstore/cosign-installer@v3.1.1 + - uses: sigstore/cosign-installer@v3.1.2 if: github.event_name != 'pull_request' - name: Sign container image From 66ffdc67df1560582fbd7323bafb73a0ae90cf10 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 07:46:05 -0600 Subject: [PATCH 16/25] chore(deps): bump actions/checkout from 3 to 4 (#331) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- .github/workflows/release-please.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 50faaf43..be9d8307 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -46,7 +46,7 @@ jobs: steps: # Checkout push-to-registry action GitHub repository - name: Checkout Push to Registry action - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Matrix Variables run: | diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index c8e92a50..affffccc 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -31,7 +31,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Generate ISO uses: ublue-os/isogenerator@v2.1.2 id: isogenerator From 9cb853bfe535426a9113f32f972f3ae7b210db32 Mon Sep 17 00:00:00 2001 From: Benjamin Sherman Date: Tue, 12 Sep 2023 10:05:15 -0500 Subject: [PATCH 17/25] fix: remove libheif-freeworld from packages to fix build (#332) --- Containerfile | 6 +++--- main-packages.json | 1 - 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/Containerfile b/Containerfile index 6a545931..7f6391f7 100644 --- a/Containerfile +++ b/Containerfile @@ -1,12 +1,12 @@ ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}" ARG SOURCE_IMAGE="${SOURCE_IMAGE:-silverblue}" ARG BASE_IMAGE="quay.io/fedora-ostree-desktops/${SOURCE_IMAGE}" -ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-37}" +ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-38}" FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS main ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}" -ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-37}" +ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-38}" COPY github-release-install.sh /tmp/github-release-install.sh COPY main-install.sh /tmp/main-install.sh @@ -25,7 +25,7 @@ RUN mkdir -p /var/tmp && chmod -R 1777 /var/tmp FROM main AS nvidia ARG IMAGE_NAME="${IMAGE_NAME:-silverblue}" -ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-37}" +ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-38}" ARG NVIDIA_MAJOR_VERSION="${NVIDIA_MAJOR_VERSION:-535}" COPY nvidia-install.sh /tmp/nvidia-install.sh diff --git a/main-packages.json b/main-packages.json index ca7e3b3e..31831fc6 100644 --- a/main-packages.json +++ b/main-packages.json @@ -17,7 +17,6 @@ "just", "kernel-devel-matched", "kernel-tools", - "libheif-freeworld", "libheif-tools", "libratbag-ratbagd", "libva-intel-driver", From 50541f2d77c7208dd7b18d5e3947f6bac6c267c1 Mon Sep 17 00:00:00 2001 From: AhmadH_4296 <49896401+sekalengrengginang@users.noreply.github.com> Date: Fri, 15 Sep 2023 21:47:31 +0700 Subject: [PATCH 18/25] feat: remove google-noto-sans-cjk-vf-fonts and replace it with google-noto-sans-cjk-fonts (#334) --- main-packages.json | 4 +++- main-post-install.sh | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/main-packages.json b/main-packages.json index 31831fc6..f73a51e8 100644 --- a/main-packages.json +++ b/main-packages.json @@ -27,6 +27,7 @@ "google-noto-sans-javanese-fonts", "google-noto-sans-balinese-fonts", "google-noto-sans-sundanese-fonts", + "google-noto-sans-cjk-fonts", "nvme-cli", "nvtop", "openrgb-udev-rules", @@ -207,7 +208,8 @@ "libpostproc-free", "libswresample-free", "libswscale-free", - "mesa-va-drivers" + "mesa-va-drivers", + "google-noto-sans-cjk-vf-fonts" ], "kinoite": [ "plasma-discover-rpm-ostree", diff --git a/main-post-install.sh b/main-post-install.sh index 8d970a0b..f35798a6 100755 --- a/main-post-install.sh +++ b/main-post-install.sh @@ -8,3 +8,5 @@ systemctl enable flatpak-system-update.timer systemctl --global enable flatpak-user-update.timer cp /usr/share/ublue-os/update-services/etc/rpm-ostreed.conf /etc/rpm-ostreed.conf + +ln -s "/usr/share/fonts/google-noto-sans-cjk-fonts" "/usr/share/fonts/noto-cjk" From d23273cf484a9627df7862dfcd31d33dd8e6b4f6 Mon Sep 17 00:00:00 2001 From: Jakob Date: Fri, 15 Sep 2023 22:36:41 +0200 Subject: [PATCH 19/25] fix: add workaround for podman/crun regression (#335) --- Containerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Containerfile b/Containerfile index 7f6391f7..fce7d565 100644 --- a/Containerfile +++ b/Containerfile @@ -18,6 +18,10 @@ COPY --from=ghcr.io/ublue-os/akmods:${FEDORA_MAJOR_VERSION} /rpms /tmp/akmods-rp RUN /tmp/main-install.sh RUN /tmp/main-post-install.sh + +# temporary fix for https://github.com/containers/podman/issues/19930 +RUN rpm-ostree override replace https://bodhi.fedoraproject.org/updates/FEDORA-2023-8d641964bc + RUN rm -rf /tmp/* /var/* RUN ostree container commit RUN mkdir -p /var/tmp && chmod -R 1777 /var/tmp From ed724e0b5a3d1fddd1e7627e779395aa144d0c74 Mon Sep 17 00:00:00 2001 From: RJ Trujillo Date: Fri, 15 Sep 2023 16:25:49 -0600 Subject: [PATCH 20/25] fix(nvidia): Install 32 bit driver libraries (#336) --- nvidia-install.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/nvidia-install.sh b/nvidia-install.sh index 6aff8418..6f45b18a 100755 --- a/nvidia-install.sh +++ b/nvidia-install.sh @@ -19,5 +19,6 @@ fi rpm-ostree install \ xorg-x11-drv-${NVIDIA_PACKAGE_NAME}-{,cuda-,devel-,kmodsrc-,power-}${NVIDIA_FULL_VERSION} \ + xorg-x11-drv-${NVIDIA_PACKAGE_NAME}-libs-{,cuda-}${NVIDIA_FULL_VERSION}.i686 \ nvidia-container-toolkit nvidia-vaapi-driver supergfxctl ${VARIANT_PKGS} \ /tmp/akmods-rpms/kmods/kmod-${NVIDIA_PACKAGE_NAME}-${KERNEL_VERSION}-${NVIDIA_AKMOD_VERSION}.fc${RELEASE}.rpm From d94c197ce2932162840358ac6a4416ce05d1d651 Mon Sep 17 00:00:00 2001 From: RJ Trujillo Date: Fri, 15 Sep 2023 16:34:43 -0600 Subject: [PATCH 21/25] fix(nvidia-32bit): Append release to packages (#338) --- nvidia-install.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/nvidia-install.sh b/nvidia-install.sh index 6f45b18a..b71439f0 100755 --- a/nvidia-install.sh +++ b/nvidia-install.sh @@ -2,6 +2,8 @@ set -ouex pipefail +RELEASE="$(rpm -E %fedora)" + sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/fedora-{cisco-openh264,modular,updates-modular}.repo rpm-ostree install \ @@ -19,6 +21,6 @@ fi rpm-ostree install \ xorg-x11-drv-${NVIDIA_PACKAGE_NAME}-{,cuda-,devel-,kmodsrc-,power-}${NVIDIA_FULL_VERSION} \ - xorg-x11-drv-${NVIDIA_PACKAGE_NAME}-libs-{,cuda-}${NVIDIA_FULL_VERSION}.i686 \ + xorg-x11-drv-${NVIDIA_PACKAGE_NAME}-libs-{,cuda-}${NVIDIA_FULL_VERSION}.fc${RELEASE}.i686 \ nvidia-container-toolkit nvidia-vaapi-driver supergfxctl ${VARIANT_PKGS} \ /tmp/akmods-rpms/kmods/kmod-${NVIDIA_PACKAGE_NAME}-${KERNEL_VERSION}-${NVIDIA_AKMOD_VERSION}.fc${RELEASE}.rpm From dc380d4b8594d565a83418ffa351c075cd93cccc Mon Sep 17 00:00:00 2001 From: RJ Trujillo Date: Fri, 15 Sep 2023 18:10:28 -0600 Subject: [PATCH 22/25] fix(nvidia-32bit): Correct package name (#339) --- nvidia-install.sh | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/nvidia-install.sh b/nvidia-install.sh index b71439f0..d4fce914 100755 --- a/nvidia-install.sh +++ b/nvidia-install.sh @@ -2,8 +2,6 @@ set -ouex pipefail -RELEASE="$(rpm -E %fedora)" - sed -i 's@enabled=1@enabled=0@g' /etc/yum.repos.d/fedora-{cisco-openh264,modular,updates-modular}.repo rpm-ostree install \ @@ -21,6 +19,6 @@ fi rpm-ostree install \ xorg-x11-drv-${NVIDIA_PACKAGE_NAME}-{,cuda-,devel-,kmodsrc-,power-}${NVIDIA_FULL_VERSION} \ - xorg-x11-drv-${NVIDIA_PACKAGE_NAME}-libs-{,cuda-}${NVIDIA_FULL_VERSION}.fc${RELEASE}.i686 \ + xorg-x11-drv-${NVIDIA_PACKAGE_NAME}-libs.i686 \ nvidia-container-toolkit nvidia-vaapi-driver supergfxctl ${VARIANT_PKGS} \ /tmp/akmods-rpms/kmods/kmod-${NVIDIA_PACKAGE_NAME}-${KERNEL_VERSION}-${NVIDIA_AKMOD_VERSION}.fc${RELEASE}.rpm From 76a95c6e706b57d49c711a983b13cfe8419b211f Mon Sep 17 00:00:00 2001 From: Kyle Gospodnetich Date: Sat, 16 Sep 2023 07:43:49 -0700 Subject: [PATCH 23/25] feat: Add OpenRazer kmod (#340) --- main-install.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/main-install.sh b/main-install.sh index c2382c5f..7706f5a5 100755 --- a/main-install.sh +++ b/main-install.sh @@ -31,6 +31,7 @@ for REPO in $(rpm -ql ublue-os-akmods-addons|grep ^"/etc"|grep repo$); do done rpm-ostree install \ + /tmp/akmods-rpms/kmods/*openrazer*.rpm \ /tmp/akmods-rpms/kmods/*v4l2loopback*.rpm \ /tmp/akmods-rpms/kmods/*xpadneo*.rpm \ /tmp/akmods-rpms/kmods/*xone*.rpm \ From 07cb6841ea48768cd5da55752a0f57754e421f69 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Sep 2023 14:46:40 +0200 Subject: [PATCH 24/25] chore(deps): bump docker/metadata-action from 4 to 5 (#347) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index be9d8307..8c4e9814 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -130,7 +130,7 @@ jobs: # Build metadata - name: Image Metadata - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 id: meta with: images: | From 9d853a1c7938a95fbb6bfbf8b127a30384f26929 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Sep 2023 13:49:32 +0000 Subject: [PATCH 25/25] chore(deps): bump docker/login-action from 2 to 3 (#346) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8c4e9814..2d80a4da 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -188,7 +188,7 @@ jobs: --disable-content-trust - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 if: github.event_name != 'pull_request' with: registry: ghcr.io