diff --git a/.gitea/workflows/base-build.yml b/.gitea/workflows/base-build.yml index d4ccc5c..e43f566 100644 --- a/.gitea/workflows/base-build.yml +++ b/.gitea/workflows/base-build.yml @@ -4,11 +4,12 @@ on: push: branches: - main - paths-ignore: - - '**/CHANGES.md' - - '**/build-info.json' - - '**/debian-*.tar.bz2' - - '/sha256sums.txt' + paths: + - '.gitea/workflows/*.yml' + - '!**/debian-*.tar.bz2' + - '!/sha256sums.txt' + - '!**/CHANGES.md' + - '!**/build-info.json' schedule: - cron: '0 12 * * 0' # Sunday at noon UTC @@ -22,19 +23,13 @@ env: DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} VERSIONS: "buster bullseye bookworm trixie" - VERSIONS_JSON: '["buster","bullseye","bookworm","trixie"]' OUTPUT_DIR: ./output jobs: - build-rootfs-per-version: + build-and-push-rootfs-archives: runs-on: vm-docker-build2 - strategy: - matrix: - version: ${{ fromJson(env.VERSIONS_JSON) }} outputs: - archive_changed: ${{ steps.check_changed.outputs.archive_changed }} - env: - VERSION: ${{ matrix.version }} + archives_changed: ${{ steps.commit_archives.outputs.archives_changed }} steps: - name: Checkout source uses: actions/checkout@v3 @@ -42,58 +37,91 @@ jobs: - name: Create output directory run: mkdir -p ./output - - name: Build Debian ${{ env.VERSION }} rootfs + - name: Build all Debian rootfs versions into volumes and extract run: | - echo "[INFO] Building $VERSION..." - volume_name="build_output_$VERSION" - docker volume create "$volume_name" + versions=($VERSIONS) + for version in "${versions[@]}"; do + echo "[INFO] Building $version..." + volume_name="build_output_$version" + docker volume create "$volume_name" - docker build --build-arg VERSION=$VERSION -t fithwum/debian-$VERSION-base . + docker build --build-arg VERSION=$version -t fithwum/debian-$version-base . - docker run --rm --privileged \ - -v "$volume_name:/output" \ - -e VERSION="$VERSION" \ - fithwum/debian-$VERSION-base \ - bash -c "/scripts/bootstrap-rootfs.sh \"$VERSION\"" + docker run --rm --privileged \ + -v "$volume_name:/output" \ + -e VERSION="$version" \ + fithwum/debian-$version-base \ + bash -c "/scripts/bootstrap-rootfs.sh \"$version\"" - container_id=$(docker create -v "$volume_name:/output" debian) - mkdir -p ./output/$VERSION - docker cp "$container_id:/output/$VERSION/debian-$VERSION.tar.bz2" ./output/$VERSION/ - docker rm "$container_id" + # Extract the output file from the volume + container_id=$(docker create -v "$volume_name:/output" debian) + mkdir -p ./output/$version + docker cp "$container_id:/output/$version/debian-$version.tar.bz2" ./output/$version/ + docker rm "$container_id" + done + + - name: Validate that archives exist for each version + run: | + IFS=' ' read -r -a versions <<< "$VERSIONS" + for version in "${versions[@]}"; do + path="./output/$version/debian-$version.tar.bz2" + if [[ ! -f "$path" ]]; then + echo "[ERROR] Missing archive: $path" + exit 1 + else + echo "[OK] Found: $path" + fi + done - name: Clone upload repo run: | GIT_CREDENTIAL="${{ secrets.GIT_TOKEN || secrets.GIT_PASSWORD }}" git clone --depth=1 "https://${{ env.GIT_USERNAME }}:${GIT_CREDENTIAL}@gitea.fithwum.tech/fithwum/debian-base.git" upload-repo - - name: Check if archive changed - id: check_changed + - name: Clean old archives in upload-repo + run: rm -rfv upload-repo/*/*.tar.bz2 + + - name: Copy new archives to upload-repo run: | - mkdir -p upload-repo/${VERSION} - new="./output/${VERSION}/debian-${VERSION}.tar.bz2" - old="upload-repo/${VERSION}/debian-${VERSION}.tar.bz2" - cp "$new" "$old" - - checksum=$(sha256sum "$new" | awk '{print $1}') - echo "$checksum ${VERSION}/debian-${VERSION}.tar.bz2" >> upload-repo/sha256sums.txt + for filepath in ./output/*/debian-*.tar.bz2; do + version_dir=$(basename "$(dirname "$filepath")") + mkdir -p "upload-repo/$version_dir" + cp "$filepath" "upload-repo/$version_dir/" + done + - name: Calculate and store sha256sums in upload-repo + run: | cd upload-repo - git config user.name "${{ env.GIT_USERNAME }}" - git config user.email "${{ env.GIT_EMAIL }}" - git add ${VERSION}/debian-${VERSION}.tar.bz2 sha256sums.txt || true + rm -f sha256sums.txt + for tarball in */debian-*.tar.bz2; do + echo "[INFO] Processing: $tarball" + checksum=$(sha256sum "$tarball" | awk '{print $1}') + echo "$checksum $tarball" >> sha256sums.txt + done + echo "[INFO] SHA256 contents:" + cat sha256sums.txt - if git diff --cached --quiet; then - echo "[INFO] No changes to commit." - echo "archive_changed=false" >> $GITHUB_OUTPUT - else - git commit -m "Update rootfs for $VERSION" + - name: Commit and push files if changed + id: commit_archives + run: | + cd upload-repo + git config --global user.name "${{ env.GIT_USERNAME }}" + git config --global user.email "${{ env.GIT_EMAIL }}" + + if git status --porcelain | grep .; then + git add **/*.tar.bz2 sha256sums.txt || true + git commit -m "Update base images and checksum on $(date -u +'%Y-%m-%dT%H:%M:%SZ') [skip ci]" git push - echo "archive_changed=true" >> $GITHUB_OUTPUT + echo "archives_changed=true" >> $GITHUB_OUTPUT + else + echo "[INFO] No changes to commit." + echo "archives_changed=false" >> $GITHUB_OUTPUT fi build-and-push-docker-images: - needs: build-rootfs-per-version + needs: build-and-push-rootfs-archives if: always() + # if: needs.build-and-push-rootfs-archives.outputs.archives_changed == 'true' runs-on: doc-docker-build steps: - name: Checkout source @@ -136,6 +164,11 @@ jobs: sleep 10 fi done + mkdir -p "$version" + DOCKERFILE_PATH="$version/Dockerfile" + + if [[ -f "$DOCKERFILE_PATH" ]]; then + echo "[INFO] Skipping $DOCKERFILE_PATH (already exists)" if [[ $found -eq 0 ]]; then missing_versions+=("$version") fi @@ -146,6 +179,26 @@ jobs: fi done + - name: Generate Dockerfiles per version (if missing) + run: | + for version in $VERSIONS; do + mkdir -p "$version" + DOCKERFILE_PATH="$version/Dockerfile" + + if [[ -f "$DOCKERFILE_PATH" ]]; then + echo "[INFO] Skipping $DOCKERFILE_PATH (already exists)" + continue + fi + + printf '%s\n' \ + "FROM scratch" \ + "LABEL maintainer=\"fithwum\"" \ + "ADD debian-$version.tar.bz2 /" \ + "CMD [\"/bin/bash\"]" > "$DOCKERFILE_PATH" + + echo "[INFO] Created $DOCKERFILE_PATH" + done + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -165,7 +218,7 @@ jobs: done generate-changelogs: - needs: build-rootfs-per-version + needs: build-and-push-rootfs-archives runs-on: doc-docker-build steps: - name: Checkout source diff --git a/.gitea/workflows/build-rootfs-template.yml b/.gitea/workflows/build-rootfs-template.yml deleted file mode 100644 index e50c4b1..0000000 --- a/.gitea/workflows/build-rootfs-template.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: Build RootFS for ${{ inputs.version }} - -on: - workflow_call: - inputs: - version: - required: true - type: string - -jobs: - build: - runs-on: vm-docker-build2 - steps: - - name: Checkout repo - uses: actions/checkout@v3 - - - name: Set up scripts - run: chmod +x scripts/*.sh - - - name: Build rootfs - run: ./scripts/build-rootfs.sh "${{ inputs.version }}" - - - name: Validate rootfs - run: ./scripts/validate-rootfs.sh "${{ inputs.version }}" - - - name: Upload to upload-repo - run: | - ./scripts/upload-rootfs.sh "${{ inputs.version }}" "${{ secrets.GIT_USERNAME }}" "${{ secrets.GIT_PASSWORD }}" diff --git a/base-image-script/build-rootfs.sh b/base-image-script/build-rootfs.sh deleted file mode 100644 index 1eb5619..0000000 --- a/base-image-script/build-rootfs.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -set -euo pipefail - -VERSION="$1" -VOLUME="build_output_$VERSION" - -echo "[INFO] Building rootfs for $VERSION" -docker volume create "$VOLUME" - -docker build --build-arg VERSION="$VERSION" -t "fithwum/debian-$VERSION-base" . - -docker run --rm --privileged -v "$VOLUME:/output" \ - -e VERSION="$VERSION" \ - "fithwum/debian-$VERSION-base" \ - bash -c "/scripts/bootstrap-rootfs.sh \"$VERSION\"" - -container_id=$(docker create -v "$VOLUME:/output" debian) -mkdir -p "output/$VERSION" -docker cp "$container_id:/output/$VERSION/debian-$VERSION.tar.bz2" "output/$VERSION/" -docker rm "$container_id" diff --git a/base-image-script/extract-rootfs.sh b/base-image-script/extract-rootfs.sh deleted file mode 100644 index e69de29..0000000 diff --git a/base-image-script/generate-build-info.sh b/base-image-script/generate-build-info.sh deleted file mode 100644 index e69de29..0000000 diff --git a/base-image-script/generate-changelog.sh b/base-image-script/generate-changelog.sh deleted file mode 100644 index e69de29..0000000 diff --git a/base-image-script/upload-rootfs.sh b/base-image-script/upload-rootfs.sh deleted file mode 100644 index 61fdaeb..0000000 --- a/base-image-script/upload-rootfs.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -set -euo pipefail -VERSION="$1" - -REPO_URL="https://${GIT_USERNAME}:${GIT_PASSWORD}@gitea.fithwum.tech/fithwum/debian-base.git" -git clone --depth=1 "$REPO_URL" upload-repo - -rm -rfv "upload-repo/$VERSION/*.tar.bz2" -mkdir -p "upload-repo/$VERSION" -cp "output/$VERSION/debian-$VERSION.tar.bz2" "upload-repo/$VERSION/" - -cd upload-repo -sha256sum "$VERSION/debian-$VERSION.tar.bz2" > sha256sums.txt - -git config user.name "$GIT_USERNAME" -git config user.email "ci@gitea.fithwum.tech" -if git status --porcelain | grep .; then - git add "$VERSION/*.tar.bz2" sha256sums.txt - git commit -m "Update $VERSION archive" - git push -else - echo "[INFO] No changes to commit." -fi diff --git a/base-image-script/validate-archives.sh b/base-image-script/validate-archives.sh deleted file mode 100644 index e69de29..0000000 diff --git a/base-image-script/validate-rootfs.sh b/base-image-script/validate-rootfs.sh deleted file mode 100644 index e03749f..0000000 --- a/base-image-script/validate-rootfs.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -set -euo pipefail -VERSION="$1" -archive="./output/$VERSION/debian-$VERSION.tar.bz2" - -if [[ ! -f "$archive" ]]; then - echo "[ERROR] Archive missing: $archive" - exit 1 -else - echo "[OK] Found archive: $archive" -fi