Fixed a bug with the skopeo version inspection and ensure that it will now fail jobs if the result is invalid.
Added retry logic to version inspection, pulling base image, pushing to ghcr.
A helpful issue was filed with PR which will help address some spurious
issues with the github actions workflows. That inspired me to improve
the github-release-install.sh script such that it will more properly
fail(retry) when http errors occur.
Relates: ublue-os/main#502
The perl-Sys-Hostname package had been missing which prevented
sanoid/syncoid from running properly. Also clarified in README that
ucore-minimal only adds pv, not the full set of sanoid deps.
Since the fedora-coreos images built here specifically are built with
our custom kmod builds of nvidia and zfs, the public signing key should
be provided to provide those users the ability to easily import the key
as a MOK should they wish to run SecureBoot
This should allow faster overall builds of ucore and ucore-hci by building in parallel, and removes the need to publish ucore to GHCR even for PRs just to allow ucore-hci to build successfully.
Convert to a reusable workflow such that stable and testing builds can happen on separate schedules and so that stable builds are all that gate merge success, allowing testing to be more unstable.
I intentionally stopped publishing a `:latest` tag back on April 1st. It
was not intended to be an April Fool's joke, but rather a cleanup to
best practices of not using that tag. However, the old images did not
expire, so the old `:latest` continues to exist, confusing both users
and our website's image discovery code.
I suppose it turned out to be a long lived April Fool's joke after all!
This resumes the publishing of the tag, ensuring it matches the `:stable`
tag, and only on the `ucore` image. There will be no `:latest` for nvidia,
zfs or testing images, nor `fedora-coreos` or `ucore-hci`.
These files should enable rpm-ostreed/container tooling to validate
signed images when using appropriate references. It will require signed
images for ghcr.io/ublue-os images.
Relates: #101
Add the new package from `ucore-kmods` which includes the signing key.
This enables a user to import the signing key as a MOK using:
sudo mokutil --import /etc/pki/akmods/certs/akmods-ublue.der
Closes#82
With zfs 2.1.x, depmod ran automatically. Though unclear why, it no longer
seems to occur when installing zfs 2.2.x RPMs in a container build (it does
still work automatically on a non image-based Fedora system).
Manually running depmod, as in this commit, ensures the 2.2.x kmods load
as expected.
