particle-os/debian-bootc-base-images
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-bootc-base-images/.gitlab-ci.yml
Colin Walters 7361f26eeb Introduce a tier-0 image 
This is basically just:

- kernel
- systemd
- selinux-policy-targeted
- bootc

Notably it doesn't have `rpm-ostree` or `rpm`, or many other things.
It also doesn't even have `linux-firmware`.

And no `openssh`!

It's almost certain that you need to derive from this, but
it should be a suitable starting point.

TODO: Add something like

```
$ dnf-system-bootstrap
Installing packaging tools from quay.io/fedora/fedora-boot-dnf@sha256:abcd...)
 # This would be basically all the packages not in tier-0 that
 # are enough to give `dnf install`
$ dnf install cowsay
 # Install critical stuff
$ dnf system-bootstrap remove
 # Remove everything that we added for the package system, that isn't
 # a dependency of what the user wants!
```

(In theory we could make this work with multi-stage builds, but
 it's a little hard)
2023-09-15 15:11:01 -04:00

50 lines
1.4 KiB
YAML
Raw Blame History

# Yes, we're using FCOS as a buildroot
image: quay.io/fedora/fedora-coreos:stable
stages:
- build
.base:
parallel:
matrix:
- TIER:
- tier-0
- tier-1
OS: centos
VERSION: [stream9]
VARIANT: ["", "-rt"]
- TIER:
- tier-0
- tier-1
OS: fedora
VERSION: [38]
VARIANT: [""]
test-build:
extends: .base
only:
- merge_requests
stage: build
before_script:
# Log into the registry
- echo "$CI_REGISTRY_PASSWORD" | podman login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
script:
- rpm-ostree install distribution-gpg-keys
- set -euo pipefail; rpm-ostree compose image --format=ociarchive --initialize ${OS}-${TIER}${VARIANT}-${VERSION}.yaml dest.oci-archive
build-push:
extends: .base
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
variables:
COMPOSE_INITIALIZE: "1"
FORCE: ""
stage: build
before_script:
# Log into the registry
- echo "$CI_REGISTRY_PASSWORD" | podman login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
script:
- rpm-ostree install distribution-gpg-keys
- set -euo pipefail; rpm-ostree compose image ${COMPOSE_INITIALIZE:+--initialize} ${FORCE:+--force-nocache} --format=registry ${OS}-${TIER}${VARIANT}-${VERSION}.yaml ${CI_REGISTRY_IMAGE}/${OS}-boot-${TIER}${VARIANT}:${VERSION}
Reference in a new issue View git blame Copy permalink