TrenchBoot · krystian-hebel · Feb 19, 2025 · Jan 16, 2025 · Dec 30, 2024 · Jan 16, 2025
diff --git a/.github/workflows/qubes-dom0-packagev2.yml b/.github/workflows/qubes-dom0-packagev2.yml
@@ -13,6 +13,16 @@ on:
           Relative path to directory containing Qubes OS package.
         required: false
         type: string
+      qubes-pkg-revision:
+        description: >
+          Forced revision of a package.
+        required: false
+        type: string
+      qubes-pkg-version:
+        description: >
+          Forced version of a package.
+        required: false
+        type: string
 
 jobs:
   build-and-package:
@@ -33,6 +43,8 @@ jobs:
       - uses: actions/checkout@v4
         with:
           repository: QubesOS/qubes-builderv2
+          ref: 80dd898cc0472dd99f161f1d1c7c44da64de93f2
+          fetch-depth: 0
 
       - name: Cache Docker image and dom0 stuff
         uses: actions/cache@v4
@@ -65,12 +77,14 @@ jobs:
           URL: ${{ github.repositoryUrl }}
           COMPONENT: ${{ inputs.qubes-component }}
           PKG_DIR: ${{ inputs.qubes-pkg-src-dir }}
+          PKG_REV: ${{ inputs.qubes-pkg-revision }}
+          PKG_VER: ${{ inputs.qubes-pkg-version }}
           # Following 2 variables are used in double expansion '${${{ github.ref_type }}}',
           # do not change these names even though they don't follow the convention.
           branch: ${{ github.head_ref }}
           tag: ${{ github.ref_name }}
         run: |
-          cp example-configs/qubes-os-main.yml builder.yml
+          cp example-configs/qubes-os-r4.2.yml builder.yml
           # Switch from Qubes to Docker executor
           sed -i "/^executor:$/,+4d; /^#executor:$/,+3s/#//" builder.yml
 
@@ -107,9 +121,16 @@ jobs:
               # Temporary file handles case when qubes-pkg-src-dir is set to '.'
               mv "$clone_dir/$COMPONENT.spec.in.tmp" "$clone_dir/$COMPONENT.spec.in"
 
-              echo 1 > "$clone_dir/rel"
-              echo "0+$(git -C "$clone_dir" show-ref -s "$branch_name" | head -1)" \
-                  > "$clone_dir/version"
+              if [ -z "$PKG_REV" ]; then
+                  PKG_REV=1
+              fi
+              echo "$PKG_REV" > "$clone_dir/rel"
+
+              if [ -z "$PKG_VER" ]; then
+                  PKG_VER="0+$(git -C "$clone_dir" show-ref -s "$branch_name" | head -1)"
+              fi
+              echo "$PKG_VER" > "$clone_dir/version"
+
               cat > "$clone_dir/.qubesbuilder" <<EOF
               host:
                 rpm:
@@ -139,6 +160,18 @@ jobs:
               sed -i "/^  - $COMPONENT:/a\      verification-mode: insecure-skip-checking" builder.yml
               sed -i "/^  - $COMPONENT:/a\      branch: $branch_name" builder.yml
               sed -i "/^  - $COMPONENT:/a\      url: /builder/$rel_clone_dir" builder.yml
+
+              echo "::group::version"
+              cat $clone_dir/version
+              echo "::endgroup::"
+
+              echo "::group::$COMPONENT.spec.in"
+              cat $clone_dir/$COMPONENT.spec.in
+              echo "::endgroup::"
+
+              echo "::group::.qubesbuilder"
+              cat $clone_dir/.qubesbuilder
+              echo "::endgroup::"
           else
               # It's an existing component that needs some overrides
               sed -i "1,/^  - $COMPONENT/s#^  - $COMPONENT#&:#" builder.yml
@@ -151,18 +184,6 @@ jobs:
           cat builder.yml
           echo "::endgroup::"
 
-          echo "::group::version"
-          cat $clone_dir/version
-          echo "::endgroup::"
-
-          echo "::group::$COMPONENT.spec.in"
-          cat $clone_dir/$COMPONENT.spec.in
-          echo "::endgroup::"
-
-          echo "::group::.qubesbuilder"
-          cat $clone_dir/.qubesbuilder
-          echo "::endgroup::"
-
       - name: Build and package
         env:
           DEBUG: ${{ runner.debug == 1 && '--debug --verbose' || '' }}

diff --git a/README.md b/README.md
@@ -68,10 +68,12 @@ package, hence significantly reduced set of parameters.
 There is also no need to use `qubes-builder-docker/` in this case because
 builder's repository contains its own Docker image.
 
-| Parameter           | Type   | Req. | Def. | Description
-| ---------           | ----   | ---- | ---- | -----------
-| `qubes-component`   | string | Yes  | -    | Name of QubesOS component as recognized by its build system.
-| `qubes-pkg-src-dir` | string | No   | -    | Relative path to directory containing Qubes OS package.
+| Parameter            | Type   | Req. | Def. | Description
+| ---------            | ----   | ---- | ---- | -----------
+| `qubes-component`    | string | Yes  | -    | Name of QubesOS component as recognized by its build system.
+| `qubes-pkg-src-dir`  | string | No   | -    | Relative path to directory containing Qubes OS package.
+| `qubes-pkg-version`  | string | No   | auto | Version for RPM packages
+| `qubes-pkg-revision` | string | No   | `1`  | Revision for RPM packages
 
 Used by [TrenchBoot/qubes-antievilmaid][aem] and
 [TrenchBoot/secure-kernel-loader][skl].  The latter makes use of