blue-build / legacy-template Goto Github PK

View Code? Open in Web Editor NEW

129.0 5.0 208.0 464 KB

Starting point for making your own OS image

License: Apache License 2.0

Shell 61.63% Dockerfile 38.37%

cloud-native fedora fedora-silverblue image-based linux silverblue ublue ublue-custom-image

legacy-template's People

Contributors

Stargazers

Watchers

Forkers

guillemlc pliveyns bpbeatty ayhc mossman1215 j3rr1ck kalguinn aar015 imatsatsos akdev1l camckay meisme-dev hhawkens jesusxd88 samurai-spider totalchaos05 hyprblue burdickjp inffy tangowithfoxtrot bmanuel arcitec zjin1126 crawfordlong veitikka icaho gerblesh bayazidbh meisenzahl plata vielmetti celestecaprine test-org-66 jossamloh bbonsign pheoxy didnt1able awebeer256 mecattaf lemonadesoftware dnkmmr69420 kircheneer kanavaar dyoungwd rarguello ny5re jamesericdavidson platinumretriever christophersegale trofosila michaelmnemonic solopasha emsquarial rse-1967 bencarmichael01 tulilirockz steveyackey charlieqle psaile cshei waffleophagus jh-devv superrnovae howyay kabiconfigs mortifier13 bullblack thimslugga eyecantcu xakv floris272 mrbrawndo 0ranki throwaway43 vietchinh vendion doosty indibart m2giles lamarios soda3x abelynderynn ludg1e sgallagher hamzehtamimi silver-ublue-saigon schklom dockde mimilliedemo dennis8 sgnconnects idlecat90 tunix dastultz tsubajashi 5init cubt85iz mimillieuh c0deplayer trbntwo

legacy-template's Issues

We need a proper way of handling custom repo files

Sometimes we may want to add hardcoded repo files instead of downloading them on the fly as we do for COPR repo's. 1Password is an example to this scenario.

Placing the repo file inside /usr directory is OK when one wants to install it after the initial setup process. But for installing it during initial setup, we have to copy the repo files to /etc.

It'd be nice if we have an official and nice way of including such files.

add the ability to add nix applications to recipe.yml

There should be a variable like this. it can either be false or true. this variable configures if nix should be installed automatically or not.

nix: true

then

nixapps:
- nixpkgs#htop
- nixpkgs#btop
- nixpkgs#virt-manager
- nixpkgs#distrobox
- nixpkgs#toolbox

Images created aren't versioned in rpm-ostree status

Hello,

I filed this in xynydev/create-ublue-image#18 at first but was referred here.

When using standard ublue images, output of rpm-ostree is as such;

  ostree-unverified-registry:ghcr.io/ublue-os/silverblue-main:38
                   Digest: sha256:9f2d4a03d1d09612d5c8b3f6a7d6be40dc3be6cabb85d96a13b3eef6f9bead52
                  Version: 38.20230513.0 (2023-05-13T16:43:33Z)
      RemovedBasePackages: package_1
          LayeredPackages: package_2

When using an image created using startingpoint (by using the aforementioned tool), output is;

  ostree-unverified-registry:ghcr.io/marinmo/satellite-ublue:latest
                   Digest: sha256:f97de18e51c853e5f6b6a72555890af8fb09720cf822b9b4fcaf9908614f8532
                Timestamp: 2023-05-14T21:21:11Z

I'm wondering why the version (I realise this is just a concatenation of the fedora version+date+id) isn't displayed in the images created by my workflow? This seems like a slight bug to me, as comparing timestamps is less readable than the Versioning.

Thanks in advance for your consideration!

Custom flatpak: invalid input text

Followed the manual setup guide, and now I'm stuck on getting the Actions to succeed. It seems to be reading my flatpak id's incorrectly:

Adding Flatpaks to yafti.yml
Adding to yafti: com.raggesilver.BlackBox

Error: 1:57: invalid input text "com.raggesilver...."
error building at STEP "RUN chmod +x /tmp/build.sh && /tmp/build.sh &&     rm -rf /tmp/* /var/* && ostree container commit": error while running runtime: exit status 1
time="2023-10-02T19:24:42Z" level=error msg="exit status 1"
Error: Error: buildah exited with code 1

Tried putting another flatpak first in the list and rerunning:

Adding Flatpaks to yafti.yml
Adding to yafti: com.google.Chrome

Error: 1:57: invalid input text "com.google.Chrom..."
error building at STEP "RUN chmod +x /tmp/build.sh && /tmp/build.sh &&     rm -rf /tmp/* /var/* && ostree container commit": error while running runtime: exit status 1
time="2023-10-02T19:35:56Z" level=error msg="exit status 1"
Error: Error: buildah exited with code 1

It looks like something is truncating the flatpak name down to 16 characters and adding three dots at the end.

Full build log


Run redhat-actions/buildah-build@v2
/usr/bin/buildah version
Storage driver is not 'overlay', so not overriding storage configuration
Performing build from Containerfile
/usr/bin/buildah bud -f /home/runner/work/ublue/ublue/Containerfile --label io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/120078124?s=200&v=4 --label io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/startingpoint/main/README.md --label org.opencontainers.image.created=2023-10-02T19:21:27.019Z --label org.opencontainers.image.description=My Linux --label org.opencontainers.image.licenses=Apache-2.0 --label org.opencontainers.image.revision=f01a0da2be04358984ef393e5d6d095a1f4e4c6c --label org.opencontainers.image.source=https://github.com/arteeh/ublue --label org.opencontainers.image.title=malila-desktop --label org.opencontainers.image.url=https://github.com/arteeh/ublue --label org.opencontainers.image.version=38.20231002.0 --build-arg IMAGE_MAJOR_VERSION=latest --build-arg BASE_IMAGE_URL=ghcr.io/ublue-os/silverblue-main --build-arg RECIPE=recipe.yml --build-arg IMAGE_REGISTRY=ghcr.io/arteeh --format docker --tls-verify=true -t malila-desktop:38 /home/runner/work/ublue/ublue
STEP 1/12: FROM ghcr.io/ublue-os/silverblue-main:latest
Trying to pull ghcr.io/ublue-os/silverblue-main:latest...
Getting image source signatures
Copying blob sha256:6b013d9fb4d2a1f4fe1947a0eb228b3a2729998ef7fb0c6407660d0cce98d7ac
Copying blob sha256:071a760e[46](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:47)fa3f069db2eafa976e823d0724e9e77b9385b3db69e4816278d7f5
Copying blob sha256:b47379dad44b92e78a24bc11b0e4ba99684bff74f633ebffb58354ad86a4a516
Copying blob sha256:d562efb78e2f2b[59](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:61)fd313908354fbfdaaf98ae53821a6cb2fdbc94ea775e78dc
Copying blob sha256:6c11a2dd92045a0007f1ac5ac9782cf04c2cb30facfe435ae8e1443d98ca[60](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:62)36
Copying blob sha256:f081a8b726d21a0286f33598c234b70e7d227ff8132a24bfe0467475192fe670
Copying blob sha256:6c11a2dd92045a0007f1ac5ac9782cf04c2cb30facfe435ae8e1443d98ca6036
Copying blob sha256:6b013d9fb4d2a1f4fe1947a0eb228b3a2729998ef7fb0c6407660d0cce98d7ac
Copying blob sha256:071a760e46fa3f069db2eafa976e823d0724e9e77b9385b3db69e4816278d7f5
Copying blob sha256:f081a8b726d21a0286f33598c234b70e7d227ff8132a24bfe0467475192fe670
Copying blob sha256:b47379dad44b92e78a24bc11b0e4ba99684bff74f633ebffb58354ad86a4a516
Copying blob sha256:d562efb78e2f2b59fd313908354fbfdaaf98ae53821a6cb2fdbc94ea775e78dc
Copying blob sha256:ba25513aa682574f7593e6a65b0969b922327962c3dcf0737f44060eb15be5bb
Copying blob sha256:5b85a1ab5b93c44b1496ad22f38c95f544171607e54f9b57ce8bdcfa0c7b20aa
Copying blob sha256:b44ebc181c100b32ab42f533e7604002b282b4785f8180ab93b7806f1bca34d7
Copying blob sha256:93af151462dca5af9c83df3a6f575d3108afeeaae12eab37eb8bb66ee00b43f5
Copying blob sha256:237ed8387e4d9f9f3caaa106d34ebda565dd991255675743310e5a154e460bfa
Copying blob sha256:ba25513aa682574f7593e6a65b0969b922327962c3dcf0737f44060eb15be5bb
Copying blob sha256:5b85a1ab5b93c44b1496ad22f38c95f544171607e54f9b57ce8bdcfa0c7b20aa
Copying blob sha256:237ed8387e4d9f9f3caaa106d34ebda565dd991255675743310e5a154e460bfa
Copying blob sha256:b44ebc181c100b32ab42f533e7604002b282b4785f8180ab93b7806f1bca34d7
Copying blob sha256:93af151462dca5af9c83df3a6f575d3108afeeaae12eab37eb8bb66ee00b43f5
Copying blob sha256:fddc7c6a94105bd691d9cf2d86aac812b1ebdd3eb2ac0[61](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:63)3d75102efd5ae37bd
Copying blob sha256:c8002574dffc2f773f63fbdea3c1afe398f2e3977ae94a681d23bb4418e7792c
Copying blob sha256:6d3f8b122cd361925b9f59c968840c8931d1b96b596b03991442d08e03041386
Copying blob sha256:0dbc8d5e49cbbed4243e4e41e14f700f5d2defd68d70db6d22f4ebd782aee300
Copying blob sha256:b452281a241e684028d03b66bbdc977f7cf2dbc40e2c7b322b1d483c9777d38a
Copying blob sha256:0dbc8d5e49cbbed4243e4e41e14f700f5d2defd68d70db6d22f4ebd782aee300
Copying blob sha256:fddc7c6a94105bd691d9cf2d86aac812b1ebdd3eb2ac0613d75102efd5ae37bd
Copying blob sha256:c8002574dffc2f773f63fbdea3c1afe398f2e3977ae94a681d23bb4418e7792c
Copying blob sha256:b452281a241e684028d03b66bbdc977f7cf2dbc40e2c7b322b1d483c9777d38a
Copying blob sha256:6d3f8b122cd361925b9f59c968840c8931d1b96b596b03991442d08e03041386
Copying blob sha256:bf2c5f1641adf6c1110761206e4a0489bc3e746f0141459cee304d430109169d
Copying blob sha256:7c536540c787ba3074fabf305207d2fe07d47f8634e98efa04166abd447cc384
Copying blob sha256:2b7b3334fc58cbbdef0dd8073ff9e8445db57cc9ddd68dae21c70c6af27a6d82
Copying blob sha256:c759443fdc615c8969fb00a222118532e6123ac491ad3fd21a25f5417d28f868
Copying blob sha256:af39264c18[62](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:64)e15d47e0f7c2087c7ea384f8742f92cd9fe0436482e6eb121e52
Copying blob sha256:7c536540c787ba3074fabf305207d2fe07d47f8[63](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:65)4e98efa04166abd447cc384
Copying blob sha256:bf2c5f1641adf6c1110761206e4a0489bc3e746f0141459cee304d430109169d
Copying blob sha256:af39264c1862e15d47e0f7c2087c7ea384f8742f92cd9fe0436482e6eb121e52
Copying blob sha256:c759443fdc615c8969fb00a222118532e6123ac491ad3fd21a25f5417d28f868
Copying blob sha256:2b7b3334fc58cbbdef0dd8073ff9e8445db57cc9ddd68dae21c70c6af27a6d82
Copying blob sha256:435ad4180f37d1b6d4e96f5e109c19985b69d420eb4a428d3ce5abf8019b2608
Copying blob sha256:b327f5c1cd760b42f841493681ac9ebf9b9f0fd7e79bafdf09964efe43933045
Copying blob sha256:cdac40f3f172fab04402326ee7283a9ae6f0780d9b76f0d9a056e511bd47bd73
Copying blob sha256:0fe1d68dbbfb1d93123cf0352216048bf96b229496f964a3f8abcd508a67220a
Copying blob sha256:0b97477c3286faf655508736c8ed5324ed442ed34b15e136b01e0c1804b97e90
Copying blob sha256:0b97477c3286faf655508736c8ed5324ed442ed34b15e136b01e0c1804b97e90
Copying blob sha256:cdac40f3f172fab04402326ee7283a9ae6f0780d9b76f0d9a056e511bd47bd73
Copying blob sha256:0fe1d68dbbfb1d93123cf0352216048bf96b229496f964a3f8abcd508a67220a
Copying blob sha256:435ad4180f37d1b6d4e96f5e109c19985b69d420eb4a428d3ce5abf8019b2608
Copying blob sha256:b327f5c1cd760b42f841493681ac9ebf9b9f0fd7e79bafdf09964efe43933045
Copying blob sha256:e8737979adadc36b535683aecd85e839de7092ae1842d5a52dbe8322098804d0
Copying blob sha256:ee34e4f583e19aee4f0946fdd1742747d89720b94b54054de1ef45e83bde7939
Copying blob sha256:65cfb56e2ecad4174e693a5f65d9bd2259635183425465a5d7f3a37dad12ab06
Copying blob sha256:3dbeb058a372456901b99e7339ad51f410f0b2e2f589979369629c4405ad46aa
Copying blob sha256:0602dd94dc411e625443ca34b103364e57f64b9c22323d0c0ec761fa328eff04
Copying blob sha256:0602dd94dc411e625443ca34b103364e57f64b9c22323d0c0ec761fa328eff04
Copying blob sha256:ee34e4f583e19aee4f0946fdd1742747d89720b94b54054de1ef45e83bde7939
Copying blob sha256:e8737979adadc36b535683aecd85e839de7092ae1842d5a52dbe8322098804d0
Copying blob sha256:3dbeb058a372456901b99e7339ad51f410f0b2e2f589979369629c4405ad46aa
Copying blob sha256:65cfb56e2ecad4174e693a5f65d9bd2259635183425465a5d7f3a37dad12ab06
Copying blob sha256:e7709d5abc19c4c134b74a4ce4749dceea0e5dade5b542d47a7dd6c4d539ad41
Copying blob sha256:e0821f9bbc5a54373a912691f7e7e095977d8d7110c1870c8288c805e8c11c90
Copying blob sha256:28b11f1ad5bdf3ae9689eb9477a838f1c994f9ef6544ad8327b25c7a485195b0
Copying blob sha256:f349438f7ec3bdd1f9066cff6e74e399bf6c9515cbdadbfca48c151b30f816f1
Copying blob sha256:7a03fd4f461ded2cdffa2e2646cd8169565254b17f39000158ce3583ce4945e4
Copying blob sha256:e7709d5abc19c4c134b74a4ce4749dceea0e5dade5b542d47a7dd6c4d539ad41
Copying blob sha256:f349438f7ec3bdd1f9066cff6e74e399bf6c9515cbdadbfca48c151b30f816f1
Copying blob sha256:e0821f9bbc5a54373a912691f7e7e095977d8d7110c1870c8288c805e8c11c90
Copying blob sha256:7a03fd4f461ded2cdffa2e2646cd8169565254b17f39000158ce3583ce4945e4
Copying blob sha256:28b11f1ad5bdf3ae9689eb9477a838f1c994f9ef6544ad8327b25c7a485195b0
Copying blob sha256:b1b2117ac757ac114cb6f695e8856ea825c9ad7fcb94f4f882df43e5a0fceb8c
Copying blob sha256:0ca61a6b5480220f00ad0f0361efe540173dc3cf53080258e329b8ad0f7ce194
Copying blob sha256:fde7201f92a690963463e27cda093e7ea58e43c7fb2c79f312149e67ca729ce5
Copying blob sha256:fde7201f92a690963463e27cda093e7ea58e43c7fb2c79f312149e67ca729ce5
Copying blob sha256:b1b2117ac757ac114cb6f695e8856ea825c9ad7fcb94f4f882df43e5a0fceb8c
Copying blob sha256:0ca61a6b5480220f00ad0f0361efe540173dc3cf53080258e329b8ad0f7ce194
Copying blob sha256:16f9774d7e5b320c2ea28a4213b3490440c4a93fe5e14a565627a96a0fcd8f18
Copying blob sha256:16f9774d7e5b320c2ea28a4213b3490440c4a93fe5e14a565627a96a0fcd8f18
Copying blob sha256:e26fc867fba29851da151e0b4c01e81c7cc1c29fad6a2bc0d2483defd076c8eb
Copying blob sha256:61b4ab98b85475bf93423b819f859364c504601480a2e6abf6ca0966daeb0783
Copying blob sha256:8de800e8155a95abbc16c8170ac334c947d7ea9d2c444e25e921c3160fb41980
Copying blob sha256:839249133ad13f4b57662e6a75c7c11e10fac77eff196a23099ee483051b2371
Copying blob sha256:e26fc867fba29851da151e0b4c01e81c7cc1c29fad6a2bc0d2483defd076c8eb
Copying blob sha256:8de800e8155a95abbc16c8170ac334c947d7ea9d2c444e25e921c3160fb41980
Copying blob sha256:839249133ad13f4b57662e6a75c7c11e10fac77eff196a23099ee483051b2371
Copying blob sha256:61b4ab98b85475bf93423b819f859364c504601480a2e6abf6ca0966daeb0783
Copying blob sha256:62f9d90df42161dad73a7b320a56fce63b99986a58026576fc2bd748a501924b
Copying blob sha256:dc97561658edd6761c299483a7ca158fc357f4f2e15e7e138d072130f975fcbf
Copying blob sha256:f76e010e63f10007107d7e9197909dfefab010a536d6fd8cfd93fe8ef2a82413
Copying blob sha256:b67717c773b0359ce717ed1d23b158d823d193f97e0e8435d2bf8dbcf05289ff
Copying blob sha256:62f9d90df42161dad73a7b320a56fce63b99986a58026576fc2bd748a501924b
Copying blob sha256:b67717c773b0359ce717ed1d23b158d823d193f97e0e8435d2bf8dbcf05289ff
Copying blob sha256:dc97561658edd6761c299483a7ca158fc357f4f2e15e7e138d072130f975fcbf
Copying blob sha256:f76e010e63f10007107d7e9197909dfefab010a536d6fd8cfd93fe8ef2a82413
Copying blob sha256:43b92c578947ca691a5451c27adf4dbf8bc01cc7ff1f4c72539ca9b40a2b3853
Copying blob sha256:23cb00bea8cadf64b5c3b104aa344296eda331fb31c672f765bdfac1793239d2
Copying blob sha256:e3acf061bd8fa958c975fc4ee961b19286c97bbbfbe88146cf120347d56132cf
Copying blob sha256:de1d24c0f4bde2776ef7b6fed13046a48441df08b00d3cff7f052bb53ec3cec2
Copying blob sha256:5886ce09b8ba2f8e59c6fc621a36610680a4caf068601ad459dd38b337c0d5e0
Copying blob sha256:23cb00bea8cadf64b5c3b104aa344296eda331fb31c672f765bdfac1793239d2
Copying blob sha256:43b92c578947ca691a5451c27adf4dbf8bc01cc7ff1f4c72539ca9b40a2b3853
Copying blob sha256:e3acf061bd8fa958c975fc4ee961b19286c97bbbfbe88146cf120347d56132cf
Copying blob sha256:de1d24c0f4bde2776ef7b6fed13046a48441df08b00d3cff7f052bb53ec3cec2
Copying blob sha256:5886ce09b8ba2f8e59c6fc621a36610680a4caf068601ad459dd38b337c0d5e0
Copying blob sha256:105003dc59e3367d0ad4423277f51765cff63b574523d5329313f69407e14891
Copying blob sha256:724b04ef7ac7ca13373544a4504647402680fa45dd669815f3e10bce54eaf747
Copying blob sha256:116d34a1f9b637c57692d7528e5cacaece1e1041aab0ae8190680bd6b6e257ea
Copying blob sha256:3cce69dc162869bd1e4dff1725c264bbc3ab7ad41fdd7e3fe5e10270eedfa181
Copying blob sha256:724b04ef7ac7ca13373544a4504647402680fa45dd669815f3e10bce54eaf747
Copying blob sha256:116d34a1f9b637c57692d7528e5cacaece1e1041aab0ae8190680bd6b6e257ea
Copying blob sha256:3cce69dc162869bd1e4dff1725c264bbc3ab7ad41fdd7e3fe5e10270eedfa181
Copying blob sha256:105003dc59e3367d0ad4423277f51765cff63b574523d5329313f69407e14891
Copying blob sha256:3c85375dbe08c9b8644a9cec63f56e2e2a9152933efab518e8c84b64e3972b3b
Copying blob sha256:2e5c0039afafed1c1ee8007dbe2b7a39545fcb228f36ee3a433df172bb7d111d
Copying blob sha256:ee8af9fcffc9ef47a249e150d5ca842e7fceeebe6ecd0e6e6528df84fe2459e6
Copying blob sha256:2e5c0039afafed1c1ee8007dbe2b7a39545fcb228f36ee3a433df172bb7d111d
Copying blob sha256:3c85375dbe08c9b8644a9cec63f56e2e2a9152933efab518e8c84b64e3972b3b
Copying blob sha256:ee8af9fcffc9ef47a249e150d5ca842e7fceeebe6ecd0e6e6528df84fe2459e6
Copying blob sha256:b343fb6d9dfbd81fb44c8e2c135f608c334116a504c2d4176fce74925fc7c084
Copying blob sha256:ad3688370acbe21ee50c5e1d71ea56ccb83728fb7960c0c4e487e606e5bf5136
Copying blob sha256:49bd4fef2efc01f41928ce856c30af20d854f8b1fa3e6c963ede6f6ff19d7ac9
Copying blob sha256:c40631beb505dc921112426d769611eb01b91e328fbe416ffdc2f130b0b4d2f0
Copying blob sha256:ad3688370acbe21ee50c5e1d71ea56ccb83728fb7960c0c4e487e606e5bf5136
Copying blob sha256:c40631beb505dc921112426d769611eb01b91e328fbe416ffdc2f130b0b4d2f0
Copying blob sha256:b343fb6d9dfbd81fb44c8e2c135f608c334116a504c2d4176fce74925fc7c084
Copying blob sha256:49bd4fef2efc01f41928ce856c30af20d854f8b1fa3e6c963ede6f6ff19d7ac9
Copying blob sha256:74fabfae09936bd35c909ba61cc0279eeab7319a01358763a82ddea03d69f5d8
Copying blob sha256:dbced2d7e86773708dc390f252a628427417d8466e4063efb2ffc5f8b24d0a07
Copying blob sha256:b7f0413290bf36439dcf9347cc7b95a79b977e3393127bec4170bb58a7acd493
Copying blob sha256:74fabfae09936bd35c909ba61cc0279eeab7319a01358763a82ddea03d69f5d8
Copying blob sha256:b7f0413290bf36439dcf9347cc7b95a79b977e3393127bec4170bb58a7acd493
Copying blob sha256:dbced2d7e86773708dc390f252a628427417d8466e4063efb2ffc5f8b24d0a07
Copying config sha256:dd0f078e63c2ed378f13a4be860b8bc52d36676c60d6ea5add70b8b869d32235
Writing manifest to image destination
Storing signatures
STEP 2/12: ARG RECIPE=recipe.yml 
STEP 3/12: ARG IMAGE_REGISTRY=ghcr.io/ublue-os
STEP 4/12: COPY cosign.pub /usr/share/ublue-os/cosign.pub
STEP 5/12: COPY --from=ghcr.io/ublue-os/bling:latest /rpms /tmp/bling/rpms
Trying to pull ghcr.io/ublue-os/bling:latest...
Getting image source signatures
Copying blob sha256:1b4d839e831e491794dd0bdd01666820623a7dcab74c1c2fce34e4a8168dbb01
Copying blob sha256:1b4d839e831e491794dd0bdd01666820623a7dcab74c1c2fce34e4a8168dbb01
Copying config sha256:55b161806894c30f8f9f96410122f05f95adbe6882d521ab93b29ca854b310c8
Writing manifest to image destination
Storing signatures
STEP 6/12: COPY --from=ghcr.io/ublue-os/bling:latest /files /tmp/bling/files
STEP 7/12: COPY build.sh /tmp/build.sh
STEP 8/12: COPY config /tmp/config/
STEP 9/12: COPY --from=ghcr.io/ublue-os/bling:latest /modules /tmp/modules/
STEP 10/12: COPY modules /tmp/modules/
STEP 11/12: COPY --from=docker.io/mikefarah/yq /usr/bin/yq /usr/bin/yq
Trying to pull docker.io/mikefarah/yq:latest...
Getting image source signatures
Copying blob sha256:f0bd00ecf9d87d2717f2f7853e6414e3f509c43fb404778b0273af3891671bc4
Copying blob sha256:7264a8db6415046d36d16ba98b79778e18accee6ffa71850405994cffa9be7de
Copying blob sha256:6f61ac162dbc6e2abe1c463581439022aed296648cff8d5f2b790a25539d7db2
Copying blob sha256:b35773e390632ca70251ae7105d5c361c2fdf15fe5dfa8bc8e14def0858ec0b1
Copying blob sha256:dbec3fa98865cd9396d84da2c9b7ea91c39cc8a182de31398d682893db729512
Copying blob sha256:f0bd00ecf9d87d2717f2f7853e6414e3f509c43fb404778b0273af3891671bc4
Copying blob sha256:6f61ac162dbc6e2abe1c463581439022aed296648cff8d5f2b790a25539d7db2
Copying blob sha256:7264a8db6415046d36d16ba98b79778e18accee6ffa71850405994cffa9be7de
Copying blob sha256:b35773e390632ca70251ae7105d5c361c2fdf15fe5dfa8bc8e14def0858ec0b1
Copying blob sha256:dbec3fa98865cd9396d84da2c9b7ea91c39cc8a182de31398d682893db729512
Copying config sha256:0c281de45f0e31c471ae5abdffa6242c21328adba437fdee237908070b514c5f
Writing manifest to image destination
Storing signatures
STEP 12/12: RUN chmod +x /tmp/build.sh && /tmp/build.sh &&     rm -rf /tmp/* /var/* && ostree container commit
Building malila-desktop from ghcr.io/ublue-os/silverblue-main:38.
=== Launching module of type: files ===
Adding files to image
Copying /tmp/config/files/usr to /usr
======
=== Launching module of type: rpm-ostree ===
Adding repositories
--2023-10-02 19:23:16--  https://pkgs.tailscale.com/stable/fedora/tailscale.repo
Resolving pkgs.tailscale.com (pkgs.tailscale.com)... 199.38.181.239, 2607:f740:f::d19
Connecting to pkgs.tailscale.com (pkgs.tailscale.com)|199.38.181.239|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 203 [text/plain]
Saving to: '/etc/yum.repos.d/tailscale.repo'

     0K                                                       100%  176M=0s

2023-10-02 19:23:16 (176 MB/s) - '/etc/yum.repos.d/tailscale.repo' saved [203/203]

Installing & Removing RPMs
Installing: tailscale
Removing: gnome-tweaks gnome-tour gnome-terminal gnome-terminal-nautilus yelp firefox firefox-langpacks htop nvtop
Enabled rpm-md repositories: tailscale-stable rpmfusion-free rpmfusion-nonfree-updates rpmfusion-nonfree rpmfusion-free-updates updates fedora-cisco-openh264 fedora-modular fedora updates-modular updates-archive
Updating metadata for 'tailscale-stable'...done
Updating metadata for 'rpmfusion-free'...done
Updating metadata for 'rpmfusion-nonfree-updates'...done
Updating metadata for 'rpmfusion-nonfree'...done
Updating metadata for 'rpmfusion-free-updates'...done
Updating metadata for 'updates'...done
Updating metadata for 'fedora-cisco-openh264'...done
Updating metadata for 'fedora-modular'...done
Updating metadata for 'fedora'...done
Updating metadata for 'updates-modular'...done
Updating metadata for 'updates-archive'...done
Importing rpm-md...done
rpm-md repo 'tailscale-stable'; generated: 2023-10-02T18:31:35Z solvables: 85
rpm-md repo 'rpmfusion-free'; generated: 2023-04-14T11:37:11Z solvables: 468
rpm-md repo 'rpmfusion-nonfree-updates'; generated: 2023-09-26T11:49:58Z solvables: 81
rpm-md repo 'rpmfusion-nonfree'; generated: 2023-04-14T12:02:51Z solvables: 235
rpm-md repo 'rpmfusion-free-updates'; generated: 2023-09-26T11:20:14Z solvables: 184
rpm-md repo 'updates'; generated: 2023-10-02T01:19:54Z solvables: 24706
rpm-md repo 'fedora-cisco-openh264'; generated: 2023-03-14T10:56:46Z solvables: 4
rpm-md repo 'fedora-modular'; generated: 2023-04-13T20:30:47Z solvables: 1082
rpm-md repo 'fedora'; generated: 2023-04-13T20:37:10Z solvables: 69222
rpm-md repo 'updates-modular'; generated: 2023-09-16T00:25:03Z solvables: 1087
rpm-md repo 'updates-archive'; generated: 2023-09-26T01:48:51Z solvables: 38543
Resolving dependencies...done
Will download: 1 package (25.4?MB)
Downloading from 'tailscale-stable'...done
Installing 1 packages:
  tailscale-1.50.1-1.x86_64 (tailscale-stable)
Removing 9 packages:
  firefox-118.0-1.fc38.x86_64 (@System)
  firefox-langpacks-118.0-1.fc38.x86_64 (@System)
  gnome-terminal-3.48.1-1.fc38.x86_64 (@System)
  gnome-terminal-nautilus-3.48.1-1.fc38.x86_64 (@System)
  gnome-tour-44.0-1.fc38.x86_64 (@System)
  gnome-tweaks-42~beta-5.fc38.noarch (@System)
  htop-3.2.2-2.fc38.x86_64 (@System)
  nvtop-3.0.2-1.fc38.x86_64 (@System)
  yelp-2:42.2-2.fc38.x86_64 (@System)
Installing: tailscale-1.50.1-1.x86_64 (tailscale-stable)
Removing: gnome-terminal-nautilus;3.48.1-1.fc38;x86_64;installed
Removing: firefox;118.0-1.fc38;x86_64;installed
Removing: firefox-langpacks;118.0-1.fc38;x86_64;installed
Removing: gnome-tweaks;42~beta-5.fc38;noarch;installed
Removing: gnome-terminal;3.48.1-1.fc38;x86_64;installed
Removing: yelp;2:42.2-2.fc38;x86_64;installed
Removing: nvtop;3.0.2-1.fc38;x86_64;installed
Removing: htop;3.2.2-2.fc38;x86_64;installed
Removing: gnome-tour;44.0-1.fc38;x86_64;installed
======
=== Launching module of type: yafti ===
Installing python3-pip and libadwaita
Enabled rpm-md repositories: tailscale-stable rpmfusion-free rpmfusion-nonfree-updates rpmfusion-nonfree rpmfusion-free-updates updates fedora-cisco-openh264 fedora-modular fedora updates-modular updates-archive
Importing rpm-md...done
rpm-md repo 'tailscale-stable' (cached); generated: 2023-10-02T18:31:35Z solvables: 85
rpm-md repo 'rpmfusion-free' (cached); generated: 2023-04-14T11:37:11Z solvables: 468
rpm-md repo 'rpmfusion-nonfree-updates' (cached); generated: 2023-09-26T11:49:58Z solvables: 81
rpm-md repo 'rpmfusion-nonfree' (cached); generated: 2023-04-14T12:02:51Z solvables: 235
rpm-md repo 'rpmfusion-free-updates' (cached); generated: 2023-09-26T11:20:14Z solvables: 184
rpm-md repo 'updates' (cached); generated: 2023-10-02T01:19:54Z solvables: 24706
rpm-md repo 'fedora-cisco-openh264' (cached); generated: 2023-03-14T10:56:46Z solvables: 4
rpm-md repo 'fedora-modular' (cached); generated: 2023-04-13T20:30:47Z solvables: 1082
rpm-md repo 'fedora' (cached); generated: 2023-04-13T20:37:10Z solvables: 69222
rpm-md repo 'updates-modular' (cached); generated: 2023-09-16T00:25:03Z solvables: 1087
rpm-md repo 'updates-archive' (cached); generated: 2023-09-26T01:48:51Z solvables: 38543
Resolving dependencies...done
Will download: 1 package (3.2?MB)
Downloading from 'updates'...done
Installing 1 packages:
  python3-pip-22.3.1-3.fc38.noarch (updates)
Installing: python3-pip-22.3.1-3.fc38.noarch (updates)
Installing and enabling yafti
Collecting yafti
  Downloading yafti-0.8.0-py3-none-any.whl (33 kB)
Collecting gbulb<0.7.0,>=0.6.4
  Downloading gbulb-0.6.4-py3-none-any.whl (17 kB)
Collecting pydantic==1.10.2
  Downloading pydantic-1.10.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (14.1 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 14.1/14.1 MB 95.8 MB/s eta 0:00:00
Requirement already satisfied: pygobject<4.0.0,>=3.42.2 in /usr/lib64/python3.11/site-packages (from yafti) (3.44.1)
Requirement already satisfied: pyyaml<7.0,>=6.0 in /usr/lib64/python3.11/site-packages (from yafti) (6.0)
Collecting rich<14.0.0,>=13.3.2
  Downloading rich-13.6.0-py3-none-any.whl (239 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 239.8/239.8 kB 56.6 MB/s eta 0:00:00
Collecting typer<0.10,>=0.7
  Downloading typer-0.9.0-py3-none-any.whl (45 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 45.9/45.9 kB 16.6 MB/s eta 0:00:00
Collecting typing-extensions>=4.1.0
  Downloading typing_extensions-4.8.0-py3-none-any.whl (31 kB)
Collecting markdown-it-py>=2.2.0
  Downloading markdown_it_py-3.0.0-py3-none-any.whl (87 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 87.5/87.5 kB 29.3 MB/s eta 0:00:00
Collecting pygments<3.0.0,>=2.13.0
  Downloading Pygments-2.16.1-py3-none-any.whl (1.2 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.2/1.2 MB 96.6 MB/s eta 0:00:00
Requirement already satisfied: click<9.0.0,>=7.1.1 in /usr/lib/python3.11/site-packages (from typer<0.10,>=0.7->yafti) (8.1.3)
Collecting mdurl~=0.1
  Downloading mdurl-0.1.2-py3-none-any.whl (10.0 kB)
Installing collected packages: typing-extensions, pygments, mdurl, gbulb, typer, pydantic, markdown-it-py, rich, yafti
Successfully installed gbulb-0.6.4 markdown-it-py-3.0.0 mdurl-0.1.2 pydantic-1.10.2 pygments-2.16.1 rich-13.6.0 typer-0.9.0 typing-extensions-4.8.0 yafti-0.8.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
Adding Flatpaks to yafti.yml
Adding to yafti: com.raggesilver.BlackBox

Error: 1:57: invalid input text "com.raggesilver...."
error building at STEP "RUN chmod +x /tmp/build.sh && /tmp/build.sh &&     rm -rf /tmp/* /var/* && ostree container commit": error while running runtime: exit status 1
time="2023-10-02T19:24:42Z" level=error msg="exit status 1"
Error: Error: buildah exited with code 1
Trying to pull ghcr.io/ublue-os/silverblue-main:latest...
Getting image source signatures
Copying blob sha256:6b013d9fb4d2a1f4fe1947a0eb228b3a2729998ef7fb0c[64](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:66)07660d0cce98d7ac
Copying blob sha256:071a760e46fa3f069db2eafa976e823d0724e9e77b9385b3db69e4816278d7f5
Copying blob sha256:b47379dad44b92e78a24bc11b0e4ba99684bff74f633ebffb58354ad86a4a516
Copying blob sha256:d562efb78e2f2b59fd313908354fbfdaaf98ae53821a6cb2fdbc94ea775e78dc
Copying blob sha256:6c11a2dd92045a0007f1ac5ac9782cf04c2cb30facfe435ae8e1443d98ca6036
Copying blob sha256:f081a8b726d21a0286f33598c234b70e7d227ff8132a24bfe0467475192fe670
Copying blob sha256:6c11a2dd92045a0007f1ac5ac9782cf04c2cb30facfe435ae8e1443d98ca6036
Copying blob sha256:6b013d9fb4d2a1f4fe1947a0eb228b3a2729998ef7fb0c6407660d0cce98d7ac
Copying blob sha256:071a760e46fa3f069db2eafa976e823d0724e9e77b9385b3db69e4816278d7f5
Copying blob sha256:f081a8b726d21a0286f33598c234b70e7d227ff8132a24bfe0467475192fe670
Copying blob sha256:b47379dad44b92e78a24bc11b0e4ba99684bff74f633ebffb58354ad86a4a516
Copying blob sha256:d562efb78e2f2b59fd313908354fbfdaaf98ae53821a6cb2fdbc94ea775e78dc
Copying blob sha256:ba25513aa682574f7593e6a[65](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:67)b0969b922327962c3dcf0737f44060eb15be5bb
Copying blob sha256:5b85a1ab5b93c44b1496ad22f38c95f544171607e54f9b57ce8bdcfa0c7b20aa
Copying blob sha256:b44ebc181c100b32ab42f533e7604002b282b4785f8180ab93b7806f1bca34d7
Copying blob sha256:93af151462dca5af9c83df3a6f575d3108afeeaae12eab37eb8bb[66](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:68)ee00b43f5
Copying blob sha256:237ed8387e4d9f9f3caaa106d34ebda565dd991255[67](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:69)5743310e5a154e460bfa
Copying blob sha256:ba25513aa[68](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:70)2574f7593e6a65b09[69](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:71)b922327962c3dcf0737f44060eb15be5bb
Copying blob sha256:5b85a1ab5b93c44b1496ad22f38c95f544171607e54f9b57ce8bdcfa0c7b20aa
Copying blob sha256:237ed8387e4d9f9f3caaa106d34ebda565dd991255675743310e5a154e460bfa
Copying blob sha256:b44ebc181c100b32ab42f533e7604002b282b4785f8180ab93b7806f1bca34d7
Copying blob sha256:93af151462dca5af9c83df3a6f575d3108afeeaae12eab37eb8bb66ee00b43f5
Copying blob sha256:fddc7c6a94105bd691d9cf2d86aac812b1ebdd3eb2ac0613d75102efd5ae37bd
Copying blob sha256:c8002574dffc2f773f63fbdea3c1afe398f2e3977ae94a681d23bb4418e7792c
Copying blob sha256:6d3f8b122cd361925b9f59c968840c8931d1b96b596b03991442d08e03041386
Copying blob sha256:0dbc8d5e49cbbed4243e4e41e14f[70](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:72)0f5d2defd68d70db6d22f4ebd782aee300
Copying blob sha256:b452281a241e684028d03b66bbdc977f7cf2dbc40e2c7b322b1d483c9777d38a
Copying blob sha256:0dbc8d5e49cbbed4243e4e41e14f700f5d2defd68d70db6d22f4ebd782aee300
Copying blob sha256:fddc7c6a94105bd691d9cf2d86aac812b1ebdd3eb2ac0613d75102efd5ae37bd
Copying blob sha256:c8002574dffc2f773f63fbdea3c1afe398f2e3977ae94a681d23bb4418e7792c
Copying blob sha256:b452281a241e684028d03b66bbdc977f7cf2dbc40e2c7b322b1d483c9777d38a
Copying blob sha256:6d3f8b122cd361925b9f59c968840c8931d1b96b596b03991442d08e03041386
Copying blob sha256:bf2c5f1641adf6c1110761206e4a0489bc3e746f0141459cee304d430109169d
Copying blob sha256:7c536540c787ba3074fabf305207d2fe07d47f8634e98efa04166abd447cc384
Copying blob sha256:2b7b3334fc58cbbdef0dd8073ff9e8445db57cc9ddd68dae21c70c6af27a6d82
Copying blob sha256:c759443fdc615c8969fb00a222118532e6123ac491ad3fd21a25f5417d28f868
Copying blob sha256:af39264c1862e15d47e0f7c2087c7ea384f8742f92cd9fe0436482e6eb121e52
Copying blob sha256:7c536540c787ba3074fabf305207d2fe07d47f8634e98efa04166abd447cc384
Copying blob sha256:bf2c5f1641adf6c1110761206e4a0489bc3e746f0141459cee304d430109169d
Copying blob sha256:af39264c1862e15d47e0f7c2087c7ea384f8742f92cd9fe0436482e6eb121e52
Copying blob sha256:c759443fdc615c8969fb00a222118532e6123ac491ad3fd21a25f5417d28f868
Copying blob sha256:2b7b3334fc58cbbdef0dd8073ff9e8445db57cc9ddd68dae21c70c6af27a6d82
Copying blob sha256:435ad4180f37d1b6d4e96f5e109c19985b69d420eb4a428d3ce5abf8019b2608
Copying blob sha256:b327f5c1cd760b42f841493681ac9ebf9b9f0fd7e79bafdf09964efe43933045
Copying blob sha256:cdac40f3f1[72](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:74)fab04402326ee7283a9ae6f0780d9b76f0d9a056e511bd47bd[73](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:75)
Copying blob sha256:0fe1d68dbbfb1d93123cf0352216048bf96b229496f964a3f8abcd508a67220a
Copying blob sha256:0b9[74](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:76)[77](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:79)c32[86](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:88)faf65550[87](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:89)36c8ed5[324](https://github.com/arteeh/ublue/actions/runs/6384512892/job/17327318709#step:12:326)ed442ed34b

My recipe


name: malila-desktop
description: My Linux
base-image: ghcr.io/ublue-os/silverblue-main
image-version: latest
modules:

  - type: files
    files:
      - usr: /usr

  - type: rpm-ostree
    repos:
       - https://pkgs.tailscale.com/stable/fedora/tailscale.repo
    install:
       - tailscale
    remove:
      - gnome-tweaks
      - gnome-tour
      - gnome-terminal
      - gnome-terminal-nautilus
      - yelp
      - firefox
      - firefox-langpacks
      - htop
      - nvtop

  - type: yafti
    custom-flatpaks:
      - com.google.Chrome
      - com.raggesilver.BlackBox
      - com.bitwarden.desktop
      - org.gnome.Calculator
      - org.gnome.Calendar
      - org.gnome.TextEditor
      - org.gnome.eog
      - org.gnome.Totem
      - com.github.tchx84.Flatseal
      - com.mattjakeman.ExtensionManager
      - com.visualstudio.code
      - io.github.shiftey.Desktop
      - org.gimp.GIMP
      - org.signal.Signal
      - io.github.mimbrero.WhatsAppDesktop
      - com.discordapp.Discord
      - com.moonlight_stream.Moonlight
      - com.github.iwalton3.jellyfin-media-player
      - com.valvesoftware.Steam
      - org.prismlauncher.PrismLauncher

  - type: script
    scripts:
      - signing.sh

My repo, forked from startingpoint: https://github.com/arteeh/ublue

Only thing I changed outside of the recipe.yml is setting flatpak installation to user instead of system in yafti.yml. I have an older ublue repo where this works totally fine, though.

Disabling automatic updates

I decided to do automatic updates manually for a while so disabled the bling part in recipe. I use silverblue-main as base image. Looks like silverblue-main includes ublue-os/config and the automatic updates come from there as well.

How can I disable automatic updates? I also can't do systemctl disable rpm-ostreed-automatic.timer -- it's simply re-enabled everytime I do it. I don't know how.. 🤔

fix: Image build not pulling in recipe.yml

Over the last day or so (after #23 was committed), I've encountered the following error when trying to build the image:

-- Installing RPMs defined in recipe.yml --
Error: read /dev/stdin: is a directory

The built image does not include any of the packages listed in recipe.yml.

feat: decide on packages config format

As residue from this repository being based on base, the recipe.yml format is still used. I find this a straightforward approach to add custom packages and flatpaks.
However, currently the uBlue main repo uses packages.json, which is fantastic for it's use case: including and excluding rpm packages parametrically.

I think recipe.yml would be better for this repo, because it's more easily edited by humans, and can include extensive documentation using comments.

fix: don't add yafti group "Custom" if no packages are defined in recipe

Error reported on discord.

feat: iso build ["1.0" GOAL]

Bluefin recently got ISO builds and there's progress on that. An ISO build action should be added to be created when needed.

fix: declare needed gh packages permissions

Sources (akdev on discord) say that adding

permissions:
  contents: write
  packages: write

to the "workflow yaml" could solve some minor GitHub packages permissions related issues.
Only thing is, I'm not quite sure where to add this. I'll look into it soon.

feat!: better batch-building images

Currently startingpoint can build multiple images based on multiple recipe's.

It would be great, though, to be able to share some settings between images, like package lists.

As building multiple images from a single recipe is not possible, I think this should be done via "includes". We'd have a "recipes" directory which gets copied in full into the Containerfile somewhere. All the included files would have to be in that directory as well. Then all the include's would somehow be parsed and compiled, or interpreted when come accross them when reading the files.

Now, this is not a YAML feature, but prior art should be investigated. The possibility of using another config language, like Nix(?), could be considered.

This feature should be worked on only after a "1.0" release.

feat: adding repos in recipe.yml?

This could be a useful feature since rpm-ostree currently has no command for this.
How it would work is you copy a download link for the repo file (could even be your own gist or a file in the repo or smth) and it's downloaded into /etc/yum.repos.d/ (or perhaps /usr/etc/?) in build.sh.

The procedure for enabling a COPR repo then would be going to the repo's page (ex. https://copr.fedorainfracloud.org/coprs/solopasha/hyprland/) and copying the correct link from the Repo Download section by right-clicking on the button.

Move to signed images

Recently main just made the move to signed images, it would be ideal if the move was replicated in startingpoint. Here's what needs to be done:

move the public key to /usr/etc/pki/containers
include the proper parameters in the policy file

Image not pushed to ghcr since last commits

Hello, I've merged today 4 commits from the main starting point branch and it seem to not being uploading the image to ghcr.

It does the same with a new repo.

Any clue on the issue ?

Option to remove nonfree repos

I'm trying to make a version of Fedora with a blob-free kernel and no proprietary software in the software repositories. I notice a lot of nonfree software like Steam is suggested by default, and RPMFusion nonfree is added by default. How do I remove RPMFusion-nonfree?

docs: add sections in README for scripts and a small explanation of /usr/etc/

bug: Recipe builds are failing on signing step

hey all after following the manual setup directions I'm getting the following error back from actions
DOCKER_METADATA_OUTPUT_BAKE_FILE: /tmp/docker-actions-toolkit-dOlNP5/docker-metadata-action-bake.json TAGS: sha256:8a80680feaecbd9226ec7894aff4f6bdd449e3a565e4f76cc03ba79b1927c99e COSIGN_EXPERIMENTAL: false COSIGN_PRIVATE_KEY: *** 653 cosign.key Error: signing [ghcr.io/j3rr1ck/Gnos_Linux_Nvidia@sha256:8a80680feaecbd9226ec7894aff4f6bdd449e3a565e4f76cc03ba79b1927c99e]: getting signer: reading key: unsupported pem type: ENCRYPTED SIGSTORE PRIVATE KEY main.go:74: error during command execution: signing [ghcr.io/j3rr1ck/Gnos_Linux_Nvidia@sha256:8a80680feaecbd9226ec7894aff4f6bdd449e3a565e4f76cc03ba79b1927c99e]: getting signer: reading key: unsupported pem type: ENCRYPTED SIGSTORE PRIVATE KEY Error: Process completed with exit code 1.

I tried swapping in both passworded and non-passworded keys just to see if that was the problem but the error is consistent across both
am I missing something obvious here?

`Operation not permitted` when cleaning deployments

$ rpm-ostree upgrade   
note: automatic updates (stage) are enabled
Pulling manifest: ostree-unverified-image:docker://ghcr.io/noahdotpy/myublue-gnome:latest
Staging deployment... done
error: Cleaning deployments: Removing ostree/deploy/fedora/deploy/1f9d6a5f0adc8a7a3a74bbc0d8d840714e283b391bfdbb90f3040512c1aa4f7d.0: unlinkat(resolv.conf): Operation not permitted

Here you can see that I am attempting to do a system upgrade on my uBlue image however it says it's unable to clean deployments! Yesterday I have also noticed that [at startup] there is a notification warning me that there is 0 bytes left available in the /boot partition. How can I cleanup /boot/ostree as that is the giant folder in there (taking up 940 MiB)
i am wondering how to fix the Operation not permitted message and also to cleanup /boot/ostree
when i do

$ rpm-ostree cleanup -b -r -p 
error: cleanup: GDBus.Error:org.projectatomic.rpmostreed.Error.Failed: syscore cleanup: Cleaning deployments: Removing ostree/deploy/fedora/deploy/1f9d6a5f0adc8a7a3a74bbc0d8d840714e283b391bfdbb90f3040512c1aa4f7d.0: unlinkat(resolv.conf): Operation not permitted

you can see that i cannot cleanup with that either
neither does it work with sudo ostree admin cleanup as it displays the same error as rpm-ostree upgrade

fix: setup-flatpaks in justfile doesn't work

it should be the same script as in the containerfile, currently also having some whitespace issue

fix: moving recipe back to a directory available on the host

Currently the just setup-flatpaks command is broken (because of e9c31ab). In light of this, the recipe should probably be moved to some folder accessible on the host computer.

That folder probably shouldn't be /etc/, though, as that implies that it's a config file that can be edited, when it should only be changed inside the git repository.

Image signing fails when repository contains capital letters.

GitHub action fails on the 'Sign container image' step when the repository contains capital letters.

This is due to the variable "env.IMAGE_NAME" being automatically lowercased by GitHub when pushing the image to the registry, but capitalized when attempting to pull the image to run cosign.

I have fixed it on my own repository in this commit:
TRS-SoD/Indomitable@f2ab510

Using a similar method used for the username capitalization workaround.

Dconf updater error log support

While its functionality is great, it's the matter of time when some dconf value stops working.
System & apps can get update any time, which would prevent custom configuration working.

I propose some solution to have error logging for non-working dconfs & when dconf-updater is prevented in writing the modified values. Possibly, by reading starting values with "dconf read" & comparing that to the end output. If some part of the output is unchanged from the starting values, fail then inform the user through error log.

This way, we will know which dconf values should be corrected in the future.

feat: add a just setup command for setting up nix

title

feat(long-term): create an image creation wizard

Initial idea: https://github.com/orgs/ublue-os/discussions/105#discussioncomment-5233571

Plan:

Create a custom Alpine container with the tools required to create a functional repo (github-cli, cosign)
Create a custom shell script based on gum to run the initial setup for the repository

The script should clone the repository, prompt you to log in to your github account, prompt you to create a new repository under your own account and add the signing key to it. It should provide the user useful information about what is happening and what next steps to take (rename the image, enable workflows)

Yafti does not work on non-gtk based flavors

(discussed this with https://github.com/Doosty on discord)

Yafti requires libadwaita (available as rpm) to run, but some images like base-main / base-nvidia don't come with it by default.

It should be documented and added to the recipe just in case.

Gitlab CI

Would be amazing to get a gitlab-ci.yml file to make it easy to deploy over gitlab. Im currently struggeling with the image verification and was to stupid to make a gitlab-ci pipeline that is using cosign to sign the image

build.sh should also provide a reference to the module directory

Something like MODULES_DIRECTORY=/tmp/modules. Currently, the fonts module uses some rather non-idiomatic code to detect it's own directory. It could of course just be referenced directly, but this might be a bit more future-proof, or smth. The current code would be adapted to use $MODULES_DIRECTORY if present, but /tmp/modules if not, since not everyone merges the startingpoint changes immediately.

Add example for kernel replacement

I'm trying to use the linux-surface kernel.

In a VM, the following works:

sudo wget -O /etc/yum.repos.d/linux-surface.repo \
    https://pkg.surfacelinux.com/fedora/linux-surface.repo
wget https://github.com/linux-surface/linux-surface/releases/download/silverblue-20201215-1/kernel-20201215-1.x86_64.rpm
rpm-ostree override replace ./*.rpm

see linux-surface/linux-surface#1128

However, in the Containerfile:

RUN wget -O /etc/yum.repos.d/linux-surface.repo https://pkg.surfacelinux.com/fedora/linux-surface.repo && \
    wget https://github.com/linux-surface/linux-surface/releases/download/silverblue-20201215-1/kernel-20201215-1.x86_64.rpm  && \
    rpm-ostree override replace ./*.rpm && \
    rpm-ostree install surface-secureboot

This shows an error when generating initramfs during the build. Interestingly, the build still succeeds but after rebasing to the image, it boots with kernel panic.

The error:

dracut: No '/dev/log' or 'logger' included for syslog logging
dracut: Executing: /usr/libexec/rpm-ostree/wrapped/dracut --no-hostonly --kver 6.2.13-1.surface.fc38.x86_64 --reproducible -v --add ostree -f /tmp/.tmpOqYwdG/initramfs.img
dracut: /lib/modules/6.2.13-1.surface.fc38.x86_64//modules.dep is missing. Did you run depmod?
error: rpm-ostree kernel-install wrapper: Running dracut: Failed to generate initramfs (via dracut) for for kernel: 6.2.13-1.surface.fc38.x86_64: ExitStatus(unix_wait_status(256))

I tried to follow https://github.com/coreos/layering-examples/blob/main/replace-kernel/Containerfile but it gives the same issue.

RUN rpm-ostree override replace https://github.com/linux-surface/linux-surface/releases/download/fedora-38-6.2.13-1/kernel-surface-6.2.13-1.fc38.x86_64.rpm \
                                https://github.com/linux-surface/linux-surface/releases/download/fedora-38-6.2.13-1/kernel-surface-devel-6.2.13-1.fc38.x86_64.rpm

I don't think that this is specific to that kernel, so having some guideline on how to replace the kernel would be greatly appreciated.

feat: parametrization of base image

Currently FROM is just a static link, but it could come from a build ARG.
An alternative approach would be just leaving it as is, making building multiple images harder, but making it a bit more clear for people seeking to just create one image.

I disagree with the approach of setting the variant(/desktop) and the uBlue flavor seperately, as it would make no more sense if we started building images with multiple hyphens, or if somebody wanted to make an image based on Bazzite, for example.

Nix Flakes or normal Nix?

Shall we use flakes (and nix profile) or not (and nix-env) in the justfile?

I'm for flakes because they are easier for the developers and is uses flake references to find packages so a package with the same name works well (https://www.reddit.com/r/NixOS/comments/10s2298/comment/j6zdtfq/). I also think that then it's easier to use fleek.
Any other opinions because if we're using flakes I will need to change the justfile.

@dnkmmr69420

[feat] Recipe compiler

I just made this issue to document the idea of a recipe compiler for this project, similar to Vanilla OS'es Vib. It could be an amazing idea considering it could be supported by Zerolayer for self-sufficient updates without any kind of hosting!

feat(enhancement): fedora version variable for repo

When updating your image, you have to currently change all of the extra / copr repos to the new version manually. A variable could be introduced that could be used in the repo urls.

Why default branch "template"

I tried to git merge upstream/main until I realized that the default branch is called template. Why is this? I understand that this is a template repository but the default branch could (should?) still be main.

docs: clarify flatpaks in recipe

It gives the impression that the flatpaks listed in the recipe will be preinstalled just like the rpms.

refactor: clean up scripts functionality

no need to define in recipe
support both pre and post scripts
scripts/pre & scripts/post

sketching out a community & patch-based approach for adding extra features

I think it would be beneficial to have some kind of official and documented way of adding "extensions" or "patches" to startingpoint-based images / repos.

Having the scripts functionality, it would be entirely possible to boostrap that for such a feature. The scripts already have access to the recipe (where they could read their configuration, maybe from under a separate namespace like unofficial:).
It would be pretty easy to have a system where; Oh you want libvirt and virt-manager? Well this guy maintains a set of packages for that that you can just pull in like this.

The question is, what is the mechanism for pulling it in. There could be an extra option, like extrarepos: that just downloads scripts for you, or the scripts could just be added manually.

style: change base-container to base-image in recipe.yml

this is just something that's bugging me, it's not a container it's an OCI image sure, but it's never ran containerized...

recipe.yml with enabled 'dconf-update-service' fails to build (new modular system)

Pulling from bling: dconf-update-service

Failed to enable unit, unit dconf-update.services.service does not exist.

Looks like there was a typo, an extra s was left on the end of the service file name to enable.

refactor: pushing Nix out of scope

Why?

The main purpose of startingpoint is to be a template repository, not providing extra features that do not enhance the custom image creation experience.
I as the main maintainer of this repo have no knowledge about Nix, relying on other people's testing and word

Alternatives

There are two paths you can go by, but in the long run, there's still time to change the road you're on.

Pushing upstream

A Nix installer is an useful feature that could be included in the ublue-os/config repo and ingested by ublue-os/main and the children.
This would require a proposal and someone to just do it, after which this repo would be cleaned up.

Pushing downstream

A Nix installer is one of those thing not everybody needs and could be made a frontrunner in the quest to create a "patch-based" system for creating custom images (see #94).
This would require somebody to step up as the maintainer of the nix-installer patch and sketch out with me the plan for how such a patch system would look. I'd also certainly help getting the repo started if needed, but keep my hands of the thing.

Building kmods or akmods won't work during build (action using azure kernel)

Hello,

I've noticed an annoyance with a lot of packages like VirtualBox or some Guest Tools from paralells on someone's computer,

It's impossible to install them cause when you execute akmods or something that relate to uname it will take the kernel from azure (the one that github uses to build and image) and so it won't find the kernel module folder for that one.

Any suggestions ? or potential fix ?

Thanks !

exemple of issue :

Checking kmods exist for 5.15.0-1041-azure [  OK  ]
Files needed for building modules against kernel
5.15.0-1041-azure could not be found as the following
directories are missing:
/usr/src/kernels/5.15.0-1041-azure/
/lib/modules/5.15.0-1041-azure/build/Is the correct kernel-devel package installed? [FAILED]

feat: global alias for included justfile

A few days ago I started my journey for a customized ublue project. Thanks for this great "startingpoint" repo! It made my start so easy!!

I started playing around with the provided justfile. First I thought I could just run just from the terminal but that gave me the error error: No justfile found. Should have read the documentation first ;). After doing so I used just --justfile /etc/justfile to get started. But this is cumbersome to use. Thanks to your hint in the documentation I know about include directives, but since this is marked as "currently unstable" I dug a little deeper and found forwarding-alias.

Which brings me to the following suggestion.

Suggestion

Since the provided justfile has commands in it like update and changelogs I thought, wouldn't it be nice to just run ublue update or ublue changelogs etc.

This could be achieved by simply creating a global alias with:

alias ublue="just --justfile /etc/justfile

Possible implementation

To set the global alias I would create ublue-just.sh under /etc/profile.d/ with the mentioned alias in it.

Here an example from my repo:
https://github.com/tepene/ublue-bayou/blob/main/etc/profile.d/ublue-just.sh

Example usage

$ ublue
Available recipes:
    bios
    changelogs
    default
    distrobox-boxkit
    distrobox-debian
    distrobox-opensuse
    distrobox-ubuntu
    setup-pwa-for-edge
    update
    yafti

$ ublue update
echo "Updating system ..."
Updating system ...
rpm-ostree update
note: automatic updates (stage) are enabled
Pulling manifest: ostree-unverified-image:docker://registry.dev.local:5000/ublue-bayou:dev-latest
No upgrade available.
flatpak update -y
Looking for updates…

Nothing to do.
distrobox upgrade -a
 Upgrading ubuntu...
....

What do you think about it? Let me know, i would create a PR if you think my proposal is good for the project.

add warning that ublue-os/startingpoint image won't be updated anymore

I think this will confuse newcomers because the startingpoint image does not get pushed after PR #76.

ublue-update fails on unsigned image

Wasn't sure whether this should be reported in ublue-update or in here, but

Tested on a fresh install

[2023-09-30 16:07:45,335] ublue_update.cli:ERROR | /etc/ublue-update.d/system/00-system-update.sh returned error code: 1

                        Program output:
                        Pulling manifest: ostree-image-signed:docker://ghcr.io/zelikos/zeliblue:null

It seems that 00-system-update.sh reads from the image-ref and image-tag properties, but startingpoint only creates image-ref and image-default-tag:

akzel@fedora ~> cat /usr/share/ublue-os/image-info.json 
{
"image-ref": "ostree-image-signed:docker://ghcr.io/zelikos/zeliblue",
"image-default-tag": "latest"
}

feat: get system justfile base from ublue config repo

Once the ublue config justfile gets more content, this repository should probably be updated to accommodate for that.

bug?: Changes made under etc/ are not applied with rpm-ostree update

I'm not sure if it's a bug, a feature, or if it's just my lack of understanding. My custom image https://github.com/tepene/ublue-bayou is based on this startingpoint. I'm getting along quite well ;) but now I'm struggling with updates.

According to https://github.com/coreos/rpm-ostree/blob/main/docs/container.md#installing-config-files

You can use any tooling you want to generate config files in /etc. When a booted system pulls an updated container images, the changes will also be applied.

But that's not what is happening. For Example: I modified the etc/yafti.yml, rebuilt the image, uploaded it to my local registry and ran rpm-ostree update on my test machine. The new update gets applied and i reboot with systemctl reboot.
After the reboot I check the content of the /etc/yafti.yml on my test machine and it still has the "old" content. Not the "new" as I would have expected.

Am I missing something crucial. Is etc/ only applied during a fresh installation and not during updates, or is there a magic command which I am missing? Any help is greatly appreciated.

Use dependabot?

Got this after forking: plata/ublue-surface#1

feat(long-term): retire `ublue-firstboot` in favour of yafti

Technically this could be done already and the commands there moved to just recipes. I've had a bad experience with ublue-firstboot so I would consider this.

chore: clean up workflows

The only absolutely necessary workflow is build.yml.
Others should probably be removed for the sake of clarity.
We might want to keep the release workflow too for easing the creation of releases. I don't know if it's necessary, so I'm keeping it open for now.

Installing fonts into /usr/local/share/fonts/

I want to add Fira Code Nerd Font. Following this guide, I made the directory usr/local/share/fonts/FiraCodeNerdFont and added all the ttf files there. However, I get the following error when building the image. Do you know what is happening?

STEP 3/10: COPY usr /usr
error building at STEP "COPY usr /usr": 3 errors occurred:
	* error reading "/home/runner/work/caladriOS/caladriOS/usr": error during bulk transfer for copier.request{Request:"GET", Root:"/", preservedRoot:"/home/runner/work/caladriOS/caladriOS", rootPrefix:"/home/runner/work/caladriOS/caladriOS", Directory:"/", preservedDirectory:"/home/runner/work/caladriOS/caladriOS", Globs:[]string{"/usr"}, preservedGlobs:[]string{"/home/runner/work/caladriOS/caladriOS/usr"}, StatOptions:copier.StatOptions{CheckForArchives:false, Excludes:[]string(nil)}, GetOptions:copier.GetOptions{UIDMap:[]idtools.IDMap(nil), GIDMap:[]idtools.IDMap(nil), Excludes:[]string(nil), ExpandArchives:false, ChownDirs:(*idtools.IDPair)(0xc00042a830), ChmodDirs:(*fs.FileMode)(nil), ChownFiles:(*idtools.IDPair)(0xc00042a840), ChmodFiles:(*fs.FileMode)(nil), StripSetuidBit:true, StripSetgidBit:true, StripStickyBit:false, StripXattrs:false, KeepDirectoryNames:false, Rename:map[string]string(nil), NoDerefSymlinks:false, IgnoreUnreadable:false, NoCrossDevice:false}, PutOptions:copier.PutOptions{UIDMap:[]idtools.IDMap(nil), GIDMap:[]idtools.IDMap(nil), DefaultDirOwner:(*idtools.IDPair)(nil), DefaultDirMode:(*fs.FileMode)(nil), ChownDirs:(*idtools.IDPair)(nil), ChmodDirs:(*fs.FileMode)(nil), ChownFiles:(*idtools.IDPair)(nil), ChmodFiles:(*fs.FileMode)(nil), StripXattrs:false, IgnoreXattrErrors:false, IgnoreDevices:false, NoOverwriteDirNonDir:false, Rename:map[string]string(nil)}, MkdirOptions:copier.MkdirOptions{UIDMap:[]idtools.IDMap(nil), GIDMap:[]idtools.IDMap(nil), ChownNew:(*idtools.IDPair)(nil), ChmodNew:(*fs.FileMode)(nil)}, RemoveOptions:copier.RemoveOptions{All:false}}: copier: get: "/usr"("/usr"): error copying /usr/local/share/fonts/FiraCodeNerdFont/FiraCodeNerdFont-Bold.ttf: write bulk-writer: broken pipe
	* error closing "/home/runner/work/caladriOS/caladriOS/usr": error reading tar archive: error copying content for "local/share/fonts/FiraCodeNerdFont/FiraCodeNerdFont-Bold.ttf": io: read/write on closed pipe
	* error storing "/home/runner/work/caladriOS/caladriOS/usr": error during bulk transfer for copier.request{Request:"PUT", Root:"/", preservedRoot:"/home/runner/.local/share/containers/storage/overlay/ce5f3812dba423ad8a0069a2853d914cde4ad97a290998d61128e587aaecca14/merged/usr", rootPrefix:"/home/runner/.local/share/containers/storage/overlay/ce5f3812dba423ad8a0069a2853d914cde4ad97a290998d61128e587aaecca14/merged/usr", Directory:"/", preservedDirectory:"/home/runner/.local/share/containers/storage/overlay/ce5f3812dba423ad8a0069a2853d914cde4ad97a290998d61128e587aaecca14/merged/usr", Globs:[]string{}, preservedGlobs:[]string{}, StatOptions:copier.StatOptions{CheckForArchives:false, Excludes:[]string(nil)}, GetOptions:copier.GetOptions{UIDMap:[]idtools.IDMap(nil), GIDMap:[]idtools.IDMap(nil), Excludes:[]string(nil), ExpandArchives:false, ChownDirs:(*idtools.IDPair)(nil), ChmodDirs:(*fs.FileMode)(nil), ChownFiles:(*idtools.IDPair)(nil), ChmodFiles:(*fs.FileMode)(nil), StripSetuidBit:false, StripSetgidBit:false, StripStickyBit:false, StripXattrs:false, KeepDirectoryNames:false, Rename:map[string]string(nil), NoDerefSymlinks:false, IgnoreUnreadable:false, NoCrossDevice:false}, PutOptions:copier.PutOptions{UIDMap:[]idtools.IDMap{}, GIDMap:[]idtools.IDMap{}, DefaultDirOwner:(*idtools.IDPair)(0xc0003b45a0), DefaultDirMode:(*fs.FileMode)(nil), ChownDirs:(*idtools.IDPair)(nil), ChmodDirs:(*fs.FileMode)(nil), ChownFiles:(*idtools.IDPair)(nil), ChmodFiles:(*fs.FileMode)(nil), StripXattrs:false, IgnoreXattrErrors:false, IgnoreDevices:true, NoOverwriteDirNonDir:false, Rename:map[string]string(nil)}, MkdirOptions:copier.MkdirOptions{UIDMap:[]idtools.IDMap(nil), GIDMap:[]idtools.IDMap(nil), ChownNew:(*idtools.IDPair)(nil), ChmodNew:(*fs.FileMode)(nil)}, RemoveOptions:copier.RemoveOptions{All:false}}: copier: put: error creating "/local": stat /local: no such file or directory


time="2023-07-13T18:21:39Z" level=error msg="exit status 125"
Error: Error: buildah exited with code 125

Here is the repo if it can help
https://github.com/maxtremblay/caladriOS

docs: Remove/Relax "Fedora Silverblue" in README description

This is a starting point Fedora Silverblue image designed to be customized to whatever you want

As the recipe is based on silverblue-main, this is correct.

Still, it might not be the best wording for the description section of the startingpoint repository. For example, a user might wonder if it doesn't work for Kinoite (I know that this is clarified later in "Customization").

I'm still not 100% clear on what ublue OS (and thus the startingpoint) really is or shall be, so I find it hard to find a better wording myself. I currently see these options:

Fedora ostree + extensions
OCI defined OS which just happens to be Fedora but could be anything else
A framework/toolset to define/maintain an OCI defined OS

I see that the original topic for this issue led to very fundamental considerations which probably shouldn't even be in this repo, so sorry for that. Nevertheless, I hope my point became clear.

EDIT: Just saw https://github.com/orgs/ublue-os/discussions/125.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.