Skip to content
FeOS OCI Release

Provide golang proto bindings for the GRPC API of FeOS (#98) #181

Sign in to view logs

Provide golang proto bindings for the GRPC API of FeOS (#98)

Provide golang proto bindings for the GRPC API of FeOS (#98) #181

Workflow file for this run

.github/workflows/release-oci.yaml at 1057b4c
name: FeOS OCI Release
on:
push:
branches:
- master
- fix_test
tags:
- '*'
paths-ignore:
- 'docs/**'
- '**/*.md'
jobs:
oci_release:
permissions:
contents: read
packages: write
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- uses: docker/metadata-action@v5
id: meta
with:
images: |
ghcr.io/ironcore-dev/feos/feos
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
flavor: |
latest=${{ github.ref == 'refs/heads/main' }}
- name: Install Protobuf Compiler
run: sudo apt-get update && sudo apt-get install protobuf-compiler -y
- name: Setup ORAS
uses: oras-project/setup-oras@v1
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up cargo cache
uses: actions/cache@v4
continue-on-error: false
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-
- name: Download and Install Youki
run: |
YOUKI_VERSION=$(cat hack/youki/version)
YOUKI_FILENAME=youki
YOUKI_ARCHIVE="${YOUKI_FILENAME}-${YOUKI_VERSION}-x86_64-musl.tar.gz"
YOUKI_URL="https://github.com/youki-dev/youki/releases/download/v${YOUKI_VERSION}/${YOUKI_ARCHIVE}"
DOWNLOAD_DIR=$(mktemp -d)
echo "Downloading Youki v${YOUKI_VERSION} from ${YOUKI_URL}"
curl -L "${YOUKI_URL}" -o "${DOWNLOAD_DIR}/${YOUKI_ARCHIVE}"
echo "Extracting Youki..."
tar -xzf "${DOWNLOAD_DIR}/${YOUKI_ARCHIVE}" -C "${DOWNLOAD_DIR}"
echo "Installing Youki binary to /usr/local/bin..."
sudo install -Dm755 "${DOWNLOAD_DIR}/${YOUKI_FILENAME}" "/usr/local/bin/${YOUKI_FILENAME}"
echo "Cleaning up..."
rm -rf "${DOWNLOAD_DIR}"
echo "Verifying youki installation:"
which youki
youki --version
- name: Run Tests
env:
RUST_BACKTRACE: 1
SUDO_ENV_VARS: "PATH=$PATH:$HOME/.cargo/bin CARGO_HOME=$HOME/.cargo"
run: |
sudo -E bash -c ' \
export PATH="$HOME/.cargo/bin:$PATH"; \
export CARGO_HOME="$HOME/.cargo"; \
make test; \
make clean
'
- name: Build build-container
run: make build-container
- name: Set up kernel cache
uses: actions/cache@v4
continue-on-error: false
with:
path: |
target/kernel/
key: ${{ runner.os }}-kernel-${{ hashFiles('hack/kernel/**') }}
restore-keys: ${{ runner.os }}-kernel-${{ hashFiles('hack/kernel/**') }}
- name: Build Kernel
run: make kernel
- name: Build initramfs
run: make initramfs
- name: Build UKI
run: |
CMDLINE="console=tty0 console=ttyS0,115200 earlyprintk=ttyS0,115200 consoleblank=0"
echo "CMDLINE=CMDLINE" >> $GITHUB_ENV
echo $CMDLINE >> target/cmdline
mkdir keys
echo "${{ secrets.SECUREBOOT_PRIVATEKEY }}" > keys/secureboot.key
echo "${{ secrets.SECUREBOOT_CERTIFICATE }}" > keys/secureboot.pem
openssl x509 -in keys/secureboot.pem -out keys/feos.crt -outform DER
make uki
- name: Create Config JSON
run: |
command_line=$(${{ env.CMDLINE }} | tr -d '\n' | tr -d '\r')
echo "{\"commandLine\": \"$command_line\", \"os-release\": \"$OS_VERSION\"}" > config.json
- name: Build rootfs img
run: |
ROOTFS_IMG="rootfs.img"
echo "ROOTFS_IMG=$ROOTFS_IMG" >> $GITHUB_ENV
dd if=/dev/zero of="$ROOTFS_IMG" bs=1M count=128
echo -e "label: gpt \nsize=100MiB, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, name=\"EFI system partition\"" | sfdisk $ROOTFS_IMG
LOOP_DEVICE=$(losetup -f)
sudo losetup "$LOOP_DEVICE" "$ROOTFS_IMG" -P
sudo mkfs.vfat ${LOOP_DEVICE}p1
MOUNT_DIR=$(mktemp -d)
sudo mount "$LOOP_DEVICE"p1 "$MOUNT_DIR"
sudo mkdir -p "$MOUNT_DIR/EFI/BOOT"
sudo cp --no-preserve=ownership target/uki.efi "$MOUNT_DIR/EFI/BOOT/BOOTX64.EFI"
sudo umount "$MOUNT_DIR"
sudo losetup -d "$LOOP_DEVICE"
sudo rmdir "$MOUNT_DIR"
- name: Push Image with ORAS (Version Tag)
run: |
ROOTFS_IMG=${{ env.ROOTFS_IMG }}
oras push ${{ steps.meta.outputs.tags }} \
$ROOTFS_IMG:application/io.gardenlinux.squashfs \
target/initramfs.zst:application/io.gardenlinux.initrd \
target/kernel/vmlinuz:application/io.gardenlinux.kernel \
--config config.json:application/vnd.unknown.config.v1+json