Skip to content
Build Images

chore: extract build-image.sh script #2050

Sign in to view logs

chore: extract build-image.sh script

chore: extract build-image.sh script #2050

Workflow file for this run

.github/workflows/build.yml at 93b574a
name: Build Images
on:
pull_request:
branches:
- main
push:
branches:
- main
schedule:
- cron: "30 0 */2 * *" # Every other day at 12:30am
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-build
cancel-in-progress: true
env:
IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
jobs:
build-base:
runs-on: ${{ matrix.arch == 'x64' && 'ubuntu-latest' || format('runs-on,runner=1cpu-linux-{0},run-id={1}', matrix.arch, github.run_id) }}
strategy:
fail-fast: false
matrix:
fedora-version: [41, stable]
fedora-edition: [silverblue, kinoite]
arch: [x64]
permissions:
contents: read
packages: write
id-token: write
env:
IMAGE_NAME: eternal-linux/main/${{ matrix.fedora-edition }}
FEDORA_VERSION: ${{ matrix.fedora-version }}
COREOS_KERNEL: "N/A"
outputs:
base-image-tag: ${{ steps.generate-image-tags.outputs.primary-tag }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
# - name: Maximize build space
# uses: ublue-os/remove-unwanted-software@517622d6452028f266b7ba4cc9a123b5f58a6b53 # v7
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build Image
id: build
env:
IMAGE_NAME: ${{ env.IMAGE_NAME }}
FEDORA_VERSION: ${{ env.FEDORA_VERSION }}
FEDORA_EDITION: ${{ matrix.fedora-edition }}
IS_RECHUNK: ${{ github.event_name != 'pull_request' && true || false }}
run: |
./.github/scripts/build-image.sh \
--containerfile ./Containerfile \
--image-name $IMAGE_NAME \
--os-version $FEDORA_VERSION \
--os-edition $FEDORA_EDITION \
--is-rechunk $IS_RECHUNK \
--meta-out-file $GITHUB_OUTPUT
- name: Push Image
id: push
env:
SOURCE_IMAGE: ${{ steps.build.outputs.OUTPUT_IMAGE }}
IMAGE_NAME: ${{ env.IMAGE_NAME }}
IMAGE_REGISTRY: ${{ env.IMAGE_REGISTRY }}
IS_SIGN_IMAGE: ${{ github.event_name != 'pull_request' && true || false }}
run: |
./.github/scripts/push-image.sh \
SOURCE_IMAGE=$SOURCE_IMAGE \
IMAGE_NAME=$IMAGE_NAME \
IMAGE_REGISTRY=$IMAGE_REGISTRY \
IMAGE_TAG=$IMAGE_TAG \
IS_SIGN=$IS_SIGN_IMAGE
# build-nvidia:
# runs-on: ubuntu-24.04
# needs: build-base
# if: ${{ !cancelled() }}
# strategy:
# fail-fast: false
# matrix:
# fedora-version: [40, 41, stable]
# fedora-edition: [silverblue, kinoite, cosmic]
# nvidia-type: [open]
# permissions:
# contents: read
# packages: write
# id-token: write
# env:
# IMAGE_NAME: eternal-linux/main/${{ matrix.fedora-edition }}
# FEDORA_VERSION: ${{ matrix.fedora-version }}
# COREOS_KERNEL: "N/A"
# steps:
# - name: Checkout
# uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
# - name: Maximize build space
# uses: ublue-os/remove-unwanted-software@517622d6452028f266b7ba4cc9a123b5f58a6b53 # v7
# with:
# remove-codeql: true
# - name: Generate Image Tags
# uses: ./.github/actions/generate-image-tags
# id: generate-image-tags
# with:
# image-name: ${{ env.IMAGE_REGISTRY}}/${{ env.IMAGE_NAME }}
# major-version: ${{ env.FEDORA_VERSION }}
# is-release: ${{ github.event_name != 'pull_request' }}
# is-nvidia: true
# nvidia-type: ${{ matrix.nvidia-type }}
# - name: Get CoreOS Kernel Information
# if: ${{ env.FEDORA_VERSION == 'stable' || env.FEDORA_VERSION == 'testing' }}
# uses: ./.github/actions/get-coreos-kernel
# id: get-coreos-kernel
# with:
# coreos-stream: ${{ env.FEDORA_VERSION }}
# - name: Set CoreOS Environment Variables
# if: ${{ env.FEDORA_VERSION == 'stable' || env.FEDORA_VERSION == 'testing' }}
# run: |
# echo "COREOS_KERNEL=${{ steps.get-coreos-kernel.outputs.coreos-kernel-release }}" >> $GITHUB_ENV
# echo "FEDORA_VERSION=${{ steps.get-coreos-kernel.outputs.coreos-repo-version }}" >> $GITHUB_ENV
# - name: Generate Base Image Tag
# id: generate-base-image-tag
# env:
# BASE_FEDORA_VERSION: ${{ matrix.fedora-version }}
# PR_NUMBER: ${{ github.event.number }}
# IS_PR: ${{ github.event_name == 'pull_request' }}
# run: |
# GIT_SHA=$(git rev-parse --short HEAD)
# if [ $IS_PR == 'true' ]; then
# BASE_TAG="pr${PR_NUMBER}-${GIT_SHA}-${BASE_FEDORA_VERSION}"
# else
# BASE_TAG="${GIT_SHA}-${BASE_FEDORA_VERSION}"
# fi
# echo "base-tag=${BASE_TAG}" >> $GITHUB_OUTPUT
# - name: Build Image
# id: build
# uses: ./.github/actions/build-image
# with:
# builder: docker
# context: .
# dockerfile: Containerfile.nvidia
# image-name: ${{ env.IMAGE_NAME }}
# image-tags: |
# ${{ steps.generate-image-tags.outputs.tags }}
# build-args: |
# FEDORA_VERSION=${{ env.FEDORA_VERSION }}
# FEDORA_EDITION=${{ matrix.fedora-edition }}
# BASE_TAG=${{ steps.generate-base-image-tag.outputs.base-tag }}
# ${{ matrix.nvidia-type == 'open' && format('NVIDIA_AKMODS_IMAGE={0}', 'ghcr.io/rsturla/akmods/nvidia-open') || '' }}
# NVIDIA_AKMODS_TAG=${{ matrix.fedora-version }}
# - name: Rechunk
# id: rechunk
# if: false
# uses: ./.github/actions/rechunk
# with:
# builder: ${{ steps.build.outputs.builder }}
# ref: ${{ steps.build.outputs.image }}:${{ steps.generate-image-tags.outputs.primary-tag }}
# prev-ref: ${{ env.IMAGE_REGISTRY }}/${{ steps.build.outputs.image }}:${{ steps.generate-image-tags.outputs.primary-tag }}
# tags: ${{ steps.build.outputs.tags }}
# - name: Push Image
# id: push
# uses: ./.github/actions/push-image
# with:
# builder: ${{ steps.build.outputs.builder }}
# image-name: ${{ steps.build.outputs.image }}
# image-tags: ${{ steps.build.outputs.tags }}
# image-registry: ${{ env.IMAGE_REGISTRY }}
# registry-username: ${{ github.actor }}
# registry-password: ${{ secrets.GITHUB_TOKEN }}
# - name: Sign Image
# uses: ./.github/actions/sign-image
# if: github.event_name != 'pull_request'
# with:
# registry: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
# registry-provider: ghcr.io
# registry-username: ${{ github.actor }}
# registry-password: ${{ secrets.GITHUB_TOKEN }}
# digest: ${{ steps.push.outputs.digest }}
# private-key: ${{ secrets.ETERNAL_LINUX_SIGNING_KEY }}
# private-key-passphrase: ${{ secrets.ETERNAL_LINUX_SIGNING_KEY_PASSPHRASE }}
# check:
# needs: [build-base, build-nvidia]
# if: always()
# runs-on: ubuntu-latest
# steps:
# - name: Checkout
# uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
# - name: Check Job Status
# uses: ./.github/actions/check-jobs-success
# with:
# jobs: ${{ toJSON(needs) }}