GitHub Action
Build Container Installer
This action is used to generate an ISO for installing an OSTree stored in a container image. This utilizes the anaconda command ostreecontainer
This action is designed to be called from a GitHub workflow using the following format
- name: Build ISO
uses: jasonn3/build-container-installer@main
id: build
with:
arch: ${{ env.ARCH}}
image_name: ${{ env.IMAGE_NAME}}
image_repo: ${{ env.IMAGE_REPO}}
image_tag: ${{ env.IMAGE_TAG }}
version: ${{ env.VERSION }}
variant: ${{ env.VARIANT }}
iso_name: ${{ env.IMAGE_NAME }}-${{ env.IMAGE_TAG }}-${{ env.VERSION }}.iso
# This example is for uploading your ISO as a Github artifact. You can do something similar using any cloud storage, so long as you copy the output
- name: Upload ISO as artifact
id: upload
uses: actions/upload-artifact@v4
with:
name: ${{ steps.build.outputs.iso_name }}
path: |
${{ steps.build.outputs.iso_path }}
${{ steps.build.outputs.iso_path }}-CHECKSUM
if-no-files-found: error
retention-days: 0
compression-level: 0See Customizing for information about customizing the ISO that gets created using with
The following variables can be used to customize the created ISO.
| Variable | Description | Default Value | Action | Container/Makefile |
|---|---|---|---|---|
| additional_templates | Space delimited list of additional Lorax templates to include | [empty] | ✅ | ✅ |
| arch | Architecture for image to build | x86_64 | ✅ | ✅ |
| enrollment_password | Used for supporting secure boot (requires SECURE_BOOT_KEY_URL to be defined) | container-installer | ✅ | ✅ |
| extra_boot_params | Extra params used by grub to boot the anaconda installer | [empty] | ✅ | ✅ |
| flatpak_remote_name | Name of the Flatpak repo on the destination OS | flathub | ✅ | ✅ |
| flatpak_remote_refs | Space separated list of flatpak refs to install | [empty] | ✅ | ✅ |
| flatpak_remote_refs_dir | Directory that contains files that list the flatpak refs to install | [empty] | ✅ | ✅ |
| flatpak_remote_url | URL of the flatpakrepo file | https://flathub.org/repo/flathub.flatpakrepo | ✅ | ✅ |
| image_name | Name of the source container image | base | ✅ | ✅ |
| image_repo | Repository containing the source container image | quay.io/fedora-ostree-desktops | ✅ | ✅ |
| image_signed | Whether the container image is signed. The policy to test the signing must be configured inside the container image | true | ✅ | ✅ |
| image_src | Overrides the source of the container image. Must be formatted for the skopeo copy command | [empty] | ✅ | ✅ |
| image_tag | Tag of the source container image | VERSION | ✅ | ✅ |
| iso_name | Name of the ISO you wish to output when completed | build/deploy.iso | ✅ | ✅ |
| make_target | Overrides the default make target | ISO_NAME-Checksum | ✅ | ❌ |
| repos | List of repo files for Lorax to use | /etc/yum.repos.d/*.repo | ✅ | ✅ |
| rootfs_size | The size (in GiB) for the squashfs runtime volume | 2 | ✅ | ✅ |
| secure_boot_key_url | Secure boot key that is installed from URL location** | [empty] | ✅ | ✅ |
| variant | Source container variant* | Server | ✅ | ✅ |
| version | Fedora version of installer to build | 39 | ✅ | ✅ |
| web_ui | Enable Anaconda WebUI (experimental) | false | ✅ | ✅ |
*Available options for VARIANT can be found by running dnf provides system-release.
Variant will be the third item in the package name. Example: fedora-release-kinoite-39-34.noarch will be kinoite
** If you need to reference a local file, you can use file://*path*
| Variable | Description | Usage |
|---|---|---|
| iso_name | The name of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} |
| iso_path | The name and path of the resulting .iso | ${{ steps.YOUR_ID_FOR_ACTION.outputs.iso_name }} |
For outputs, see example above.
The Makefile contains all commands that are run the action. There are separate targets for each file generated, however make can be used to generate the final image and make clean can be used to clean up the workspace. The resulting ISO will be stored in the build directory.
You can use make install-deps to install the required packages.
See Customizing for information about customizing the ISO that gets created. All variables should be specified in CAPITALIZED form.
A container with make install-deps already run is provided at ghcr.io/jasonn3/build-container-installer:latest
To use the container file, run docker run --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest.
This will create an ISO with the baked in defaults of the container image. The resulting file will be called deploy.iso
See Customizing for information about customizing the ISO that gets created. All variables should be specified in CAPITALIZED form. Examples:
Building an ISO to install Fedora 38
docker run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=38 IMAGE_NAME=base IMAGE_TAG=38 VARIANT=ServerBuilding an ISO to install Fedora 39
docker run --rm --privileged --volume .:/build-container-installer/build ghcr.io/jasonn3/build-container-installer:latest VERSION=39 IMAGE_NAME=base IMAGE_TAG=39 VARIANT=ServerThere is a dev container configuration provided for development. By default, it will use the existing container image available at ghcr.io/jasonn3/build-container-installer:latest. However, you can have it build a new image by editing .devcontainer/devcontainer.json and replacing image with build. Ctrl+/ can be used to comment and uncomment blocks of code within VSCode.
The code from VSCode will be available at /workspaces/build-container-installer once the container has started.
Privileged is required for access to loop devices for lorax.
Use existing container image:
{
"name": "Existing Image",
- "build": {
- "context": "..",
- "dockerfile": "../Containerfile",
- "args": {
- "version": "39"
- }
- },
+ "image": "ghcr.io/jasonn3/build-container-installer:latest",
"overrideCommand": true,
"shutdownAction": "stopContainer",
"privileged": true
}Build a new container image:
{
"name": "New Image",
+ "build": {
+ "context": "..",
+ "dockerfile": "../Containerfile",
+ "args": {
+ "version": "39"
+ }
+ },
- "image": "ghcr.io/jasonn3/build-container-installer:latest",
"overrideCommand": true,
"shutdownAction": "stopContainer",
"privileged": true
}