qualcomm-linux
diff --git a/‎.github/actions/abi_checker/action.yml‎
Lines changed: 3 additions & 3 deletions b/‎.github/actions/abi_checker/action.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎.github/actions/build_package/action.yml‎
Lines changed: 20 additions & 9 deletions b/‎.github/actions/build_package/action.yml‎
Lines changed: 20 additions & 9 deletions
diff --git a/‎.github/actions/push_to_repo/action.yml‎
Lines changed: 8 additions & 8 deletions b/‎.github/actions/push_to_repo/action.yml‎
Lines changed: 8 additions & 8 deletions
diff --git a/‎.github/workflows/qcom-build-pkg-reusable-workflow.yml‎
Lines changed: 20 additions & 19 deletions b/‎.github/workflows/qcom-build-pkg-reusable-workflow.yml‎
Lines changed: 20 additions & 19 deletions
diff --git a/‎.github/workflows/qcom-container-build-and-upload.yml‎
Lines changed: 44 additions & 11 deletions b/‎.github/workflows/qcom-container-build-and-upload.yml‎
Lines changed: 44 additions & 11 deletions
diff --git a/‎.github/workflows/qcom-promote-upstream-reusable-workflow.yml‎
Lines changed: 17 additions & 23 deletions b/‎.github/workflows/qcom-promote-upstream-reusable-workflow.yml‎
Lines changed: 17 additions & 23 deletions
@@ -18,7 +18,7 @@ runs:
         set +e
         ./qcom-build-utils/scripts/ppa_interface.py \
           --operation list-versions \
-          --apt-config "deb [arch=${{env.ARCH}} trusted=yes] ${{env.REPO_URL}} ${{env.UBUNTU_CODENAME}}/stable main" \
+          --apt-config "deb [arch=arm64 trusted=yes] ${{env.REPO_URL}} ${{env.UBUNTU_DISTRIBUTION}}/stable main" \
           --package-name ${{env.BUILT_PACKAGE_NAME}}
 
         RET=$?
@@ -32,7 +32,7 @@ runs:
         set +e
         ./qcom-build-utils/scripts/ppa_interface.py \
           --operation download \
-          --apt-config "deb [arch=${{env.ARCH}} trusted=yes] ${{env.REPO_URL}} ${{env.UBUNTU_CODENAME}}/stable main" \
+          --apt-config "deb [arch=arm64 trusted=yes] ${{env.REPO_URL}} ${{env.UBUNTU_DISTRIBUTION}}/stable main" \
           --package-name ${{env.BUILT_PACKAGE_NAME}}
 
         RET=$?
@@ -51,7 +51,7 @@ runs:
 
         ./qcom-build-utils/scripts/deb_abi_checker.py \
           --new-package-dir ./build-area \
-          --apt-server-config "deb [arch=${{env.ARCH}} trusted=yes] ${{env.REPO_URL}} ${{env.UBUNTU_CODENAME}}/stable main" \
+          --apt-server-config "deb [arch=arm64 trusted=yes] ${{env.REPO_URL}} ${{env.UBUNTU_DISTRIBUTION}}/stable main" \
           --result-file ./results.txt
 
         RET=$?
 
@@ -18,13 +18,20 @@ runs:
 
   steps:
 
-    - name: Validate Or Create Chroot Environment
+    # Normalize the name of the architecture
+    # Build Architecture: The architecture of the machine performing the build (arm64 when native or amd64 when cross compiling).
+    # This depends on the runner executing the build
+    - name: Set Builder Arch variable
       shell: bash
       run: |
-        ./qcom-build-utils/scripts/prep_chroot_env.py \
-          --arch        ${{env.ARCH}} \
-          --os-codename ${{env.UBUNTU_CODENAME}} \
-          --suffix      ${{env.DISTRO}}
+        if [ "${{ runner.arch }}" = "X64" ]; then
+          echo "BUILD_ARCH=amd64" >> $GITHUB_ENV
+        elif [ "${{ runner.arch }}" = "ARM64" ]; then
+          echo "BUILD_ARCH=arm64" >> $GITHUB_ENV
+        else
+          echo "Unsupported architecture: ${{ runner.arch }}"
+          exit 1
+        fi
 
     - name: Prepare Workspace Structure For The Build
       shell: bash
@@ -53,19 +60,23 @@ runs:
           lintian_flag="--no-run-lintian"
         fi
 
-        if curl -sfI "http://pkg.qualcomm.com/dists/${{env.UBUNTU_CODENAME}}/Release" > /dev/null; then
-          EXTRA_REPO="--extra-repository='deb [arch=${{env.ARCH}} trusted=yes] http://pkg.qualcomm.com ${{env.UBUNTU_CODENAME}}/stable main'"
+        if curl -sfI "http://pkg.qualcomm.com/dists/${{env.UBUNTU_DISTRIBUTION}}/Release" > /dev/null; then
+          EXTRA_REPO="--extra-repository='deb [arch=arm64 trusted=yes] http://pkg.qualcomm.com ${{env.UBUNTU_DISTRIBUTION}}/stable main'"
         else
           EXTRA_REPO=""
         fi
 
         set +e
 
         # ℹ️ --git-ignore-branch is necessary because the debian branch actually checked out can be any (ex, debian/1.0.0) because we can build any previous tag 
+        # ℹ️ chroot mode unshare is important to bypass privilege issues with the mounting
+        # Host Architecture: The architecture for which the binaries are being built (invariably arm64).
+
         gbp buildpackage \
           --git-ignore-branch \
-          --git-builder="sbuild --arch=${{env.ARCH}} \
-                                --dist=${{env.UBUNTU_CODENAME}}-${{env.ARCH}}-${{env.DISTRO}} \
+          --git-builder="sbuild --host=arm64 \
+                                --build=${{env.BUILD_ARCH}} \
+                                --dist=${{env.UBUNTU_DISTRUBUTION}} \
                                 $lintian_flag \
                                 --build-dir ../${{inputs.build-dir}} \
                                 --build-dep-resolver=apt \
 
@@ -40,7 +40,7 @@ runs:
         set +e
         ./qcom-build-utils/scripts/ppa_interface.py \
           --operation list-versions \
-          --apt-config "deb [arch=${{env.ARCH}} trusted=yes] ${{env.REPO_URL}} ${{env.UBUNTU_CODENAME}}/stable main" \
+          --apt-config "deb [arch=arm64 trusted=yes] ${{env.REPO_URL}} ${{env.UBUNTU_DISTRIBUTION}}/stable main" \
           --package-name ${{env.BUILT_PACKAGE_NAME}}
 
         RET=$?
@@ -55,7 +55,7 @@ runs:
         set +e
         ./qcom-build-utils/scripts/ppa_interface.py \
           --operation contains-version \
-          --apt-config "deb [arch=${{env.ARCH}} trusted=yes] ${{env.REPO_URL}} ${{env.UBUNTU_CODENAME}}/stable main" \
+          --apt-config "deb [arch=arm64 trusted=yes] ${{env.REPO_URL}} ${{env.UBUNTU_DISTRIBUTION}}/stable main" \
           --package-name ${{env.BUILT_PACKAGE_NAME}} \
           --version ${{env.BUILT_PACKAGE_VERSION}}
 
@@ -88,25 +88,25 @@ runs:
       if: steps.check-version.outputs.do_upload == 'true'
       shell: bash
       run: |
-        ./qcom-build-utils/scripts/ppa_organizer.py --build-dir ./build-area --output-dir ./pkg-oss-staging-repo/pool/${{env.UBUNTU_CODENAME}}/stable/main
+        ./qcom-build-utils/scripts/ppa_organizer.py --build-dir ./build-area --output-dir ./pkg-oss-staging-repo/pool/${{env.UBUNTU_DISTRIBUTION}}/stable/main
 
         cd ./pkg-oss-staging-repo
 
-        PPA_PACKAGES_FILE_REPO_PATH=dists/${{env.UBUNTU_CODENAME}}/stable/main/binary-${{env.ARCH}}
+        PPA_PACKAGES_FILE_REPO_PATH=dists/${{env.UBUNTU_DISTRIBUTION}}/stable/main/binary-arm64
         
-        dpkg-scanpackages --multiversion pool/${{env.UBUNTU_CODENAME}} > $PPA_PACKAGES_FILE_REPO_PATH/Packages
-        dpkg-scanpackages --type ddeb --multiversion pool/${{env.UBUNTU_CODENAME}} >> $PPA_PACKAGES_FILE_REPO_PATH/Packages
+        dpkg-scanpackages --multiversion pool/${{env.UBUNTU_DISTRIBUTION}} > $PPA_PACKAGES_FILE_REPO_PATH/Packages
+        dpkg-scanpackages --type ddeb --multiversion pool/${{env.UBUNTU_DISTRIBUTION}} >> $PPA_PACKAGES_FILE_REPO_PATH/Packages
 
         gzip -k -f $PPA_PACKAGES_FILE_REPO_PATH/Packages
 
         cat $PPA_PACKAGES_FILE_REPO_PATH/Packages
 
         git add .
 
-        git config user.name "Github Service Bot"
+        git config user.name "GitHub Service Bot"
         git config user.email "[email protected]"
 
-        git commit -s -m "Uploaded Package ${{env.BUILT_PACKAGE_NAME}} at version ${{env.BUILT_PACKAGE_VERSION}} for distro ${{env.UBUNTU_CODENAME}}"
+        git commit -s -m "Uploaded Package ${{env.BUILT_PACKAGE_NAME}} at version ${{env.BUILT_PACKAGE_VERSION}} for distro ${{env.UBUNTU_DISTRIBUTION}}"
 
         git remote set-url origin https://x-access-token:${{inputs.token}}@github.com/${{env.REPO_NAME}}.git
 
 
@@ -18,8 +18,8 @@ on:
         required: true
         default: debian/latest
 
-      ubuntu-codename:
-        description: The ubuntu codename to build for. Ex noble, jammy, etc
+      ubuntu-distribution:
+        description: The ubuntu distribution to build for. Ex noble, jammy, etc
         type: string
         default: noble
 
@@ -43,6 +43,11 @@ on:
         type: boolean
         default: false
 
+      runner:
+        description: The runner to use for the build
+        type: string
+        default: ubuntu-latest
+
     secrets:
       TOKEN:
         required: true
@@ -55,29 +60,25 @@ env:
   REPO_URL: https://qualcomm-linux.github.io/pkg-oss-staging-repo/
   REPO_NAME: qualcomm-linux/pkg-oss-staging-repo
 
-  UBUNTU_CODENAME: ${{inputs.ubuntu-codename}}
-  DISTRO: ubuntu
-  ARCH: arm64
+  UBUNTU_DISTRIBUTION: ${{inputs.ubuntu-distribution}}
 
 jobs:
   build-debian-package:
 
-    runs-on: [self-hosted, Linux, ARM64]
-#   runs-on: [self-hosted, lecore-stg-u2404-arm64-xlrg-od-ephem]
-
-#   container:
-#     image: ubuntu:noble
-#     options: --volume /srv/chroot:/srv/chroot
+    runs-on: ${{inputs.runner}}
 
-    steps:
+    defaults:
+      run:
+        shell: bash
 
-#     - name: Install dependencies
-#       run: |
-#         apt-get update
-#         apt-get install -y git git-buildpackage sbuild debootstrap tree
+    container:
+      image: ghcr.io/qualcomm-linux/pkg-builder:${{inputs.runner == 'ubuntu-latest' && 'amd64' || 'arm64'}}-latest
+      options: --privileged
+      credentials:
+        username: ${{vars.DEB_PKG_BOT_CI_USERNAME}}
+        password: ${{secrets.TOKEN}}
 
-      - name: Ensure Workspace Is Clean
-        run: rm -rf *
+    steps:
 
       - name: Checkout qcom-build-utils
         uses: actions/checkout@v4
@@ -106,7 +107,7 @@ jobs:
           pkg-dir: package-repo
           build-dir: build-area
           run-lintian: ${{inputs.run-lintian}}
-          
+
       - name: Run ABI (Application Binary Interface) Check
         if: ${{inputs.run-abi-checker == true}}
         uses: ./qcom-build-utils/.github/actions/abi_checker
 
@@ -1,35 +1,68 @@
 name: Container Build And Upload
 description: |
-  Builds and uploads to GHCR (GitHub Container Registry) the container used to build the packages
-  
+  Builds and uploads to GHCR (GitHub Container Registry) the container used to build the Qualcomm debian packages.
+  This workflow will assumes the build architecture is amd64 (x86_64) since the github's 'ubuntu-latest' runs-on tag
+  is used. Using docker's buildx, the Dockerfile in this repo's docker/ folder will be built for amd64 and cross-compiled
+  for arm64.
+
 on:
   workflow_dispatch:
     inputs:
-      test:
-        description: no description
-        type: boolean
-        default: false
+      version:
+        description: The version name to be appended to the image name, default is 'latest'
+        type: string
+        default: latest
 
 permissions:
   contents: read
   security-events: write
 
 env:
-  GITHUB_SERVICE_BOT_USERNAME: "qcom-service-bot"
-
   QCOM_ORG_NAME: "qualcomm-linux"
 
   IMAGE_NAME: "pkg-builder"
 
 jobs:
-  container-build-and-upload:
+  build-image-amd64:
 
     runs-on: ubuntu-latest
 
     steps:
 
+      - name: Checkout Dockerfile
+        uses: actions/checkout@v4
+        with:
+          ref: ${{github.head_ref}}
+          sparse-checkout: docker/Dockerfile.amd64
+          sparse-checkout-cone-mode: false # single file -> false
+
+      - name: Authenticate to GHCR
+        run: echo ${{ secrets.DEB_PKG_BOT_CI_TOKEN }} | docker login ghcr.io -u ${{ vars.DEB_PKG_BOT_CI_USERNAME }} --password-stdin
+
+      - name: Build and Tag the Image
+        run: docker build -f docker/Dockerfile.amd64 -t ghcr.io/${{env.QCOM_ORG_NAME}}/${{env.IMAGE_NAME}}:amd64-${{inputs.version}} ./docker
+
+      - name: Push
+        run: docker push ghcr.io/${{env.QCOM_ORG_NAME}}/${{env.IMAGE_NAME}}:amd64-${{inputs.version}}
+
+  build-image-arm64:
+
+    runs-on: ["self-hosted", "lecore-prd-u2404-arm64-xlrg-od-ephem"]
+
+    steps:
+
+      - name: Checkout Dockerfile
+        uses: actions/checkout@v4
+        with:
+          ref: ${{github.head_ref}}
+          sparse-checkout: docker/Dockerfile.arm64
+          sparse-checkout-cone-mode: false # single file -> false
+
       - name: Authenticate to GHCR
-        run: echo ${{ secrets.DEB_PKG_BOT_CI_TOKEN }} | docker login ghcr.io -u ${{env.GITHUB_SERVICE_BOT_USERNAME}} --password-stdin
+        run: echo ${{ secrets.DEB_PKG_BOT_CI_TOKEN }} | docker login ghcr.io -u ${{ vars.DEB_PKG_BOT_CI_USERNAME }} --password-stdin
 
       - name: Build and Tag the Image
-        run: docker build -t ghcr.io/${{env.QCOM_ORG_NAME}}/${{env.IMAGE_NAME}}:latest .
+        run: docker build -f docker/Dockerfile.arm64 -t ghcr.io/${{env.QCOM_ORG_NAME}}/${{env.IMAGE_NAME}}:arm64-${{inputs.version}} ./docker
+
+      - name: Push
+        run: docker push ghcr.io/${{env.QCOM_ORG_NAME}}/${{env.IMAGE_NAME}}:arm64-${{inputs.version}}
@@ -41,30 +41,25 @@ env:
   NORMALIZED_VERSION: ""
   DISTRIBUTION: noble
 
-  #TODOOOOOOO : Check if a PR branch already exist. This wwould mean that someone or something triggered the
+  #TODO : Check if a PR branch already exist. This would mean that someone or something triggered the
   # promotion more than once before it was merged
 
 jobs:
   promote-upstream-version:
 
-    runs-on: [self-hosted, Linux, ARM64]
-#   runs-on: [self-hosted, lecore-stg-u2404-arm64-xlrg-od-ephem]
+    runs-on: ubuntu-latest
 
-#   container:
-#     image: ubuntu:noble
+    defaults:
+      run:
+        shell: bash
 
-    steps:
-
-#     - name: Install dependencies
-#       run: |
-#         apt-get update
-#         apt-get install -y git git-buildpackage
+    container:
+      image: ghcr.io/qualcomm-linux/pkg-builder:amd64-latest
+      credentials:
+        username: ${{ vars.DEB_PKG_BOT_CI_USERNAME }}
+        password: ${{ secrets.TOKEN }}
 
-      - name: Check Dependencies
-        run: |
-          git --version
-          gbp --version
-          gh --version
+    steps:
 
       - name: Ensure Workspace Is Clean
         run: rm -rf *
@@ -100,7 +95,7 @@ jobs:
           path: ./package-repo
           fetch-depth: 0
 
-      - name: Fetch All Branches and Tags
+      - name: Show branches/tags and checkout debian/upstream latest
         run: |
           cd ./package-repo
 
@@ -139,7 +134,7 @@ jobs:
       - name: Add Upstream Link As A Remote And Fetch Tags
         run: |
           cd ./package-repo
-          git remote add upstream-source git@github.com:${{inputs.upstream-repo}}.git
+          git remote add upstream-source https://x-access-token:${{secrets.TOKEN}}@github.com/${{inputs.upstream-repo}}.git
           git fetch upstream-source "+refs/tags/*:refs/tags/*"
 
       - name: Clone Upstream Repo At Specified Tag
@@ -174,8 +169,8 @@ jobs:
         run: |
           cd ./package-repo
 
-          git config user.name "Github Service Bot"
-          git config user.email "[email protected]"
+          git config user.name "${{vars.DEB_PKG_BOT_CI_NAME}}"
+          git config user.email "${{vars.DEB_PKG_BOT_CI_EMAIL}}"
 
           git checkout -b debian/pr/${{env.NORMALIZED_VERSION}}-1
 
@@ -206,13 +201,12 @@ jobs:
               -m "Filtered out .git, .github and debian from upstram, and preserved .github debian/latest" \
               upstream/latest
 
-      #TODO : Think about how to promote the distro -1 version, and if we push the tag or not
       - name: Promote Changelog
         run: |
           cd ./package-repo
 
-          export DEBFULLNAME="Github Service Bot"
-          export DEBEMAIL=[email protected]
+          export DEBFULLNAME="${{vars.DEB_PKG_BOT_CI_NAME}}"
+          export DEBEMAIL="${{vars.DEB_PKG_BOT_CI_EMAIL}}"
 
           # use ignore branch because we are not on default debian branch
           gbp dch \