From d6837c4356c9046601663549909285d27464303c Mon Sep 17 00:00:00 2001
From: MkKvcs <148012377+MkKvcs@users.noreply.github.com>
Date: Wed, 10 Apr 2024 21:01:36 +0200
Subject: [PATCH] Change Aurora images according to upstream suggestions (#257)

https://github.com/NiHaiden/aurora#:~:text=rpm%2Dostree%20rebase%20ostree%2Dimage%2Dsigned%3Adocker%3A//ghcr.io/ublue%2Dos/aurora%3Alatest
---
 .github/workflows/build.yml                            | 10 +---------
 .../recipes/asus/recipe-aurora-asus-nvidia-userns.yml  |  2 +-
 config/recipes/asus/recipe-aurora-asus-nvidia.yml      |  2 +-
 config/recipes/asus/recipe-aurora-asus-userns.yml      |  2 +-
 config/recipes/asus/recipe-aurora-asus.yml             |  2 +-
 .../asus/recipe-aurora-dx-asus-nvidia-userns.yml       |  2 +-
 config/recipes/asus/recipe-aurora-dx-asus-userns.yml   |  2 +-
 .../recipes/general/recipe-aurora-dx-main-userns.yml   |  2 +-
 .../recipes/general/recipe-aurora-dx-nvidia-userns.yml |  2 +-
 .../general/recipe-aurora-dx-surface-nvidia-userns.yml |  2 +-
 .../general/recipe-aurora-dx-surface-userns.yml        |  2 +-
 config/recipes/general/recipe-aurora-main-userns.yml   |  2 +-
 config/recipes/general/recipe-aurora-main.yml          |  2 +-
 config/recipes/general/recipe-aurora-nvidia-userns.yml |  2 +-
 config/recipes/general/recipe-aurora-nvidia.yml        |  2 +-
 .../general/recipe-aurora-surface-nvidia-userns.yml    |  2 +-
 .../recipes/general/recipe-aurora-surface-nvidia.yml   |  2 +-
 .../recipes/general/recipe-aurora-surface-userns.yml   |  2 +-
 config/recipes/general/recipe-aurora-surface.yml       |  2 +-
 19 files changed, 19 insertions(+), 27 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 703a50f..65642ce 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -114,7 +114,7 @@ jobs:
           echo "BASE_IMAGE_NAME=$(echo $BASE_IMAGE | sed 's/.*\/.*\///')" >> $GITHUB_ENV
 
       - name: Verify base image
-        if: ${{ !contains(env.IMAGE_NAME, 'aurora') && !contains(env.IMAGE_NAME, 'wayblue') }}
+        if: ${{ ! contains(env.IMAGE_NAME, 'wayblue') }}
         uses: EyeCantCU/cosign-action/verify@v0.2.2
         with:
           containers: ${{ env.BASE_IMAGE_NAME }}:${{ env.IMAGE_MAJOR_VERSION }}
@@ -127,14 +127,6 @@ jobs:
           registry: 'ghcr.io/wayblueorg'
           pubkey: 'https://raw.githubusercontent.com/wayblueorg/wayblue/live/cosign.pub'
 
-      - name: Verify base image
-        if: ${{ contains(env.IMAGE_NAME, 'aurora') }}
-        uses: EyeCantCU/cosign-action/verify@v0.2.2
-        with:
-          containers: ${{ env.BASE_IMAGE_NAME }}:${{ env.IMAGE_MAJOR_VERSION }}
-          registry: 'ghcr.io/NiHaiden'
-          pubkey: 'https://raw.githubusercontent.com/NiHaiden/aurora/main/cosign.pub'
-
       - name: Build secureblue
         uses: blue-build/github-action@v1.3.0
         with:
diff --git a/config/recipes/asus/recipe-aurora-asus-nvidia-userns.yml b/config/recipes/asus/recipe-aurora-asus-nvidia-userns.yml
index 989805e..b654e58 100644
--- a/config/recipes/asus/recipe-aurora-asus-nvidia-userns.yml
+++ b/config/recipes/asus/recipe-aurora-asus-nvidia-userns.yml
@@ -4,7 +4,7 @@ name: aurora-asus-nvidia-userns-hardened
 description: "Aurora asus nvidia with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-asus-nvidia
+base-image: ghcr.io/ublue-os/aurora-asus-nvidia
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/asus/recipe-aurora-asus-nvidia.yml b/config/recipes/asus/recipe-aurora-asus-nvidia.yml
index 4a73547..1438180 100644
--- a/config/recipes/asus/recipe-aurora-asus-nvidia.yml
+++ b/config/recipes/asus/recipe-aurora-asus-nvidia.yml
@@ -4,7 +4,7 @@ name: aurora-asus-nvidia-hardened
 description: "Aurora asus nvidia with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-asus-nvidia
+base-image: ghcr.io/ublue-os/aurora-asus-nvidia
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/asus/recipe-aurora-asus-userns.yml b/config/recipes/asus/recipe-aurora-asus-userns.yml
index 6af5a36..39ad4d1 100644
--- a/config/recipes/asus/recipe-aurora-asus-userns.yml
+++ b/config/recipes/asus/recipe-aurora-asus-userns.yml
@@ -4,7 +4,7 @@ name: aurora-asus-userns-hardened
 description: "Aurora asus with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-asus
+base-image: ghcr.io/ublue-os/aurora-asus
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/asus/recipe-aurora-asus.yml b/config/recipes/asus/recipe-aurora-asus.yml
index c731836..b32b9de 100644
--- a/config/recipes/asus/recipe-aurora-asus.yml
+++ b/config/recipes/asus/recipe-aurora-asus.yml
@@ -4,7 +4,7 @@ name: aurora-asus-hardened
 description: "Aurora asus with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-asus
+base-image: ghcr.io/ublue-os/aurora-asus
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/asus/recipe-aurora-dx-asus-nvidia-userns.yml b/config/recipes/asus/recipe-aurora-dx-asus-nvidia-userns.yml
index 8f82558..e85a1c7 100644
--- a/config/recipes/asus/recipe-aurora-dx-asus-nvidia-userns.yml
+++ b/config/recipes/asus/recipe-aurora-dx-asus-nvidia-userns.yml
@@ -4,7 +4,7 @@ name: aurora-dx-asus-nvidia-userns-hardened
 description: "Aurora asus dx nvidia with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-dx-asus-nvidia
+base-image: ghcr.io/ublue-os/aurora-dx-asus-nvidia
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/asus/recipe-aurora-dx-asus-userns.yml b/config/recipes/asus/recipe-aurora-dx-asus-userns.yml
index 14ece64..144154f 100644
--- a/config/recipes/asus/recipe-aurora-dx-asus-userns.yml
+++ b/config/recipes/asus/recipe-aurora-dx-asus-userns.yml
@@ -4,7 +4,7 @@ name: aurora-dx-asus-userns-hardened
 description: "Aurora asus dx with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-dx-asus
+base-image: ghcr.io/ublue-os/aurora-dx-asus
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-dx-main-userns.yml b/config/recipes/general/recipe-aurora-dx-main-userns.yml
index 1b660b0..8aaf770 100644
--- a/config/recipes/general/recipe-aurora-dx-main-userns.yml
+++ b/config/recipes/general/recipe-aurora-dx-main-userns.yml
@@ -4,7 +4,7 @@ name: aurora-dx-main-userns-hardened
 description: "Aurora-dx main with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-dx
+base-image: ghcr.io/ublue-os/aurora-dx
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-dx-nvidia-userns.yml b/config/recipes/general/recipe-aurora-dx-nvidia-userns.yml
index 9c2c7b5..2adb412 100644
--- a/config/recipes/general/recipe-aurora-dx-nvidia-userns.yml
+++ b/config/recipes/general/recipe-aurora-dx-nvidia-userns.yml
@@ -4,7 +4,7 @@ name: aurora-dx-nvidia-userns-hardened
 description: "Aurora-dx nvidia with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-dx-nvidia
+base-image: ghcr.io/ublue-os/aurora-dx-nvidia
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-dx-surface-nvidia-userns.yml b/config/recipes/general/recipe-aurora-dx-surface-nvidia-userns.yml
index 07a6e58..ab30409 100644
--- a/config/recipes/general/recipe-aurora-dx-surface-nvidia-userns.yml
+++ b/config/recipes/general/recipe-aurora-dx-surface-nvidia-userns.yml
@@ -4,7 +4,7 @@ name: aurora-dx-surface-nvidia-userns-hardened
 description: "Aurora-dx surface nvidia with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-dx-surface-nvidia
+base-image: ghcr.io/ublue-os/aurora-dx-surface-nvidia
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-dx-surface-userns.yml b/config/recipes/general/recipe-aurora-dx-surface-userns.yml
index 099a3d7..6710d65 100644
--- a/config/recipes/general/recipe-aurora-dx-surface-userns.yml
+++ b/config/recipes/general/recipe-aurora-dx-surface-userns.yml
@@ -4,7 +4,7 @@ name: aurora-dx-surface-userns-hardened
 description: "Aurora-dx surface with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-dx-surface
+base-image: ghcr.io/ublue-os/aurora-dx-surface
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-main-userns.yml b/config/recipes/general/recipe-aurora-main-userns.yml
index 19d9590..7e4bbd5 100644
--- a/config/recipes/general/recipe-aurora-main-userns.yml
+++ b/config/recipes/general/recipe-aurora-main-userns.yml
@@ -4,7 +4,7 @@ name: aurora-main-userns-hardened
 description: "Aurora main with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora
+base-image: ghcr.io/ublue-os/aurora
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-main.yml b/config/recipes/general/recipe-aurora-main.yml
index 551eec7..ed9e955 100644
--- a/config/recipes/general/recipe-aurora-main.yml
+++ b/config/recipes/general/recipe-aurora-main.yml
@@ -4,7 +4,7 @@ name: aurora-main-hardened
 description: "Aurora main with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora
+base-image: ghcr.io/ublue-os/aurora
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-nvidia-userns.yml b/config/recipes/general/recipe-aurora-nvidia-userns.yml
index bc62fa2..af8da65 100644
--- a/config/recipes/general/recipe-aurora-nvidia-userns.yml
+++ b/config/recipes/general/recipe-aurora-nvidia-userns.yml
@@ -4,7 +4,7 @@ name: aurora-nvidia-userns-hardened
 description: "Aurora nvidia with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-nvidia
+base-image: ghcr.io/ublue-os/aurora-nvidia
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-nvidia.yml b/config/recipes/general/recipe-aurora-nvidia.yml
index 57f6edf..698dfbb 100644
--- a/config/recipes/general/recipe-aurora-nvidia.yml
+++ b/config/recipes/general/recipe-aurora-nvidia.yml
@@ -4,7 +4,7 @@ name: aurora-nvidia-hardened
 description: "Aurora nvidia with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-nvidia
+base-image: ghcr.io/ublue-os/aurora-nvidia
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-surface-nvidia-userns.yml b/config/recipes/general/recipe-aurora-surface-nvidia-userns.yml
index 08e6f8d..7cd1582 100644
--- a/config/recipes/general/recipe-aurora-surface-nvidia-userns.yml
+++ b/config/recipes/general/recipe-aurora-surface-nvidia-userns.yml
@@ -4,7 +4,7 @@ name: aurora-surface-nvidia-userns-hardened
 description: "Aurora surface nvidia with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-surface-nvidia
+base-image: ghcr.io/ublue-os/aurora-surface-nvidia
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-surface-nvidia.yml b/config/recipes/general/recipe-aurora-surface-nvidia.yml
index 196e5ff..00d4060 100644
--- a/config/recipes/general/recipe-aurora-surface-nvidia.yml
+++ b/config/recipes/general/recipe-aurora-surface-nvidia.yml
@@ -4,7 +4,7 @@ name: aurora-surface-nvidia-hardened
 description: "Aurora surface nvidia with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-surface-nvidia
+base-image: ghcr.io/ublue-os/aurora-surface-nvidia
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-surface-userns.yml b/config/recipes/general/recipe-aurora-surface-userns.yml
index 145530c..c51389d 100644
--- a/config/recipes/general/recipe-aurora-surface-userns.yml
+++ b/config/recipes/general/recipe-aurora-surface-userns.yml
@@ -4,7 +4,7 @@ name: aurora-surface-userns-hardened
 description: "Aurora surface with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-surface
+base-image: ghcr.io/ublue-os/aurora-surface
 image-version: 39
 
 # list of modules, executed in order
diff --git a/config/recipes/general/recipe-aurora-surface.yml b/config/recipes/general/recipe-aurora-surface.yml
index 994c63d..7358c45 100644
--- a/config/recipes/general/recipe-aurora-surface.yml
+++ b/config/recipes/general/recipe-aurora-surface.yml
@@ -4,7 +4,7 @@ name: aurora-surface-hardened
 description: "Aurora surface with some hardening applied"
 
 # the base image to build on top of (FROM) and the version tag to use
-base-image: ghcr.io/nihaiden/aurora-surface
+base-image: ghcr.io/ublue-os/aurora-surface
 image-version: 39
 
 # list of modules, executed in order