1+ name : FeOS Nginx Container
2+
3+ on :
4+ push :
5+ branches :
6+ - master
7+ paths-ignore :
8+ - ' docs/**'
9+ - ' **/*.md'
10+
11+ jobs :
12+ build_nginx_container :
13+ permissions :
14+ contents : read
15+ packages : write
16+
17+ runs-on : ubuntu-latest
18+
19+ steps :
20+ - name : Checkout Code
21+ uses : actions/checkout@v4
22+
23+ - uses : docker/metadata-action@v5
24+ id : meta
25+ with :
26+ images : |
27+ ghcr.io/ironcore-dev/feos/feos-nginx
28+ tags : |
29+ type=ref,event=branch
30+ type=sha,prefix={{branch}}-
31+ type=raw,value=latest,enable={{is_default_branch}}
32+
33+ name : Install Protobuf Compiler
34+ run : sudo apt-get update && sudo apt-get install protobuf-compiler -y
35+
36+ - name : Login to GitHub Container Registry
37+ uses : docker/login-action@v3
38+ with :
39+ registry : ghcr.io
40+ username : ${{ github.actor }}
41+ password : ${{ secrets.GITHUB_TOKEN }}
42+
43+ - name : Set up cargo cache
44+ uses : actions/cache@v4
45+ continue-on-error : false
46+ with :
47+ path : |
48+ ~/.cargo/bin/
49+ ~/.cargo/registry/index/
50+ ~/.cargo/registry/cache/
51+ ~/.cargo/git/db/
52+ target/
53+ key : ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
54+ restore-keys : ${{ runner.os }}-cargo-
55+
56+ - name : Run Tests
57+ run : make test
58+
59+ - name : Build build-container
60+ run : make build-container
61+
62+ - name : Set up kernel cache
63+ uses : actions/cache@v4
64+ continue-on-error : false
65+ with :
66+ path : |
67+ target/kernel/
68+ key : ${{ runner.os }}-kernel-${{ hashFiles('hack/kernel/**') }}
69+ restore-keys : ${{ runner.os }}-kernel-
70+
71+ - name : Build Kernel
72+ run : make kernel
73+
74+ - name : Build initramfs
75+ run : make initramfs
76+
77+ - name : Build UKI
78+ run : |
79+ CMDLINE="console=tty0 console=ttyS0,115200 earlyprintk=ttyS0,115200 consoleblank=0"
80+ echo $CMDLINE > target/cmdline
81+ mkdir -p keys
82+ echo "${{ secrets.SECUREBOOT_PRIVATEKEY }}" > keys/secureboot.key
83+ echo "${{ secrets.SECUREBOOT_CERTIFICATE }}" > keys/secureboot.pem
84+ openssl x509 -in keys/secureboot.pem -out keys/feos.crt -outform DER
85+ make uki
86+
87+ name : Create Dockerfile for nginx container
88+ run : |
89+ cat > Dockerfile.nginx << 'EOF'
90+ FROM nginx:alpine
91+
92+ # Copy the UKI file to nginx html directory
93+ COPY target/uki.efi /usr/share/nginx/html/feos.uki
94+
95+ # Create a simple nginx config that serves the UKI file
96+ RUN echo 'server {' > /etc/nginx/conf.d/default.conf && \
97+ echo ' listen 80;' >> /etc/nginx/conf.d/default.conf && \
98+ echo ' server_name localhost;' >> /etc/nginx/conf.d/default.conf && \
99+ echo ' location / {' >> /etc/nginx/conf.d/default.conf && \
100+ echo ' root /usr/share/nginx/html;' >> /etc/nginx/conf.d/default.conf && \
101+ echo ' index index.html;' >> /etc/nginx/conf.d/default.conf && \
102+ echo ' }' >> /etc/nginx/conf.d/default.conf && \
103+ echo ' location /feos.uki {' >> /etc/nginx/conf.d/default.conf && \
104+ echo ' root /usr/share/nginx/html;' >> /etc/nginx/conf.d/default.conf && \
105+ echo ' add_header Content-Type application/octet-stream;' >> /etc/nginx/conf.d/default.conf && \
106+ echo ' add_header Content-Disposition "attachment; filename=feos.uki";' >> /etc/nginx/conf.d/default.conf && \
107+ echo ' }' >> /etc/nginx/conf.d/default.conf && \
108+ echo '}' >> /etc/nginx/conf.d/default.conf
109+
110+ # Create a simple index page
111+ RUN echo '<html><body><h1>FeOS UKI Server</h1><p><a href="/feos.uki">Download FeOS UKI</a></p></body></html>' > /usr/share/nginx/html/index.html
112+
113+ EXPOSE 80
114+ EOF
115+
116+ name : Build and push Docker image
117+ uses : docker/build-push-action@v5
118+ with :
119+ context : .
120+ file : ./Dockerfile.nginx
121+ push : true
122+ tags : ${{ steps.meta.outputs.tags }}
123+ labels : ${{ steps.meta.outputs.labels }}
0 commit comments