-
Notifications
You must be signed in to change notification settings - Fork 24
81 lines (69 loc) · 2.72 KB
/
build-images.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
name: Build images
on:
push:
pull_request:
workflow_dispatch:
# TODO create debos reusable workflow action which this recipe / others can use: https://docs.github.com/en/actions/using-workflows/reusing-workflows#creating-a-reusable-workflow
# TODO add all-green job
# TODO add dependabot for this ci file
# TODO run in one context at a time
#jobs:
# build:
# runs-on: ubuntu-latest
# if: github.event_name != "pull_request" || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name
# TODO make this a strategy: matrix to build all images in parallel
# TODO build ospacks first
jobs:
build_images:
name: Build images
timeout-minutes: 120
# Determine which machine type to run on.
#
# Nested virtualisation is not enabled on the default GitHub-hosted runners. See:
# - https://github.com/actions/runner-images/discussions/7191
# - https://github.blog/changelog/2023-02-23-hardware-accelerated-android-virtualization-on-actions-windows-and-linux-larger-hosted-runners/
#
# Use a self-hosted runner (with access to /dev/kvm) tagged with `kvm` if
# the branch is part of the go-debos organisation. Otherwise, run on a shared
# runner without any nested virtualisation.
runs-on: ${{ github.repository_owner == 'go-debos' && 'kvm' || 'ubuntu-latest' }}
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Set up qemu-user-static (required for --disable-fakemachine)
uses: docker/setup-qemu-action@v2
- name: Determine if machine has nested virtualisation
run:
if [ -e /dev/kvm ]; then
echo "KVM_EXISTS=true" >> $GITHUB_ENV;
else
echo "KVM_EXISTS=false" >> $GITHUB_ENV;
fi
# Workaround for
- name: Create output directory
run: mkdir out
# If no kvm available, run without fakemachine (e.g. directly on the host)
# as running without nested virtualisation (e.g. uml/qemu backends) are
# far too slow.
- name: Build rpi64 image
run:
docker run
--cgroupns=private
-v $(pwd):/recipes
-w /recipes
--tmpfs /scratch:exec
--tmpfs /run
--privileged
${{ env.KVM_EXISTS == 'false' && '-v /dev:/dev' || '' }}
-e TMP=/scratch
-e SYSTEMD_NSPAWN_UNIFIED_HIERARCHY=1
ghcr.io/go-debos/debos:main
--artifactdir=out
${{ env.KVM_EXISTS == 'false' && '--disable-fakemachine' || '' }}
rpi64/debimage-rpi64.yaml
- name: Publish rpi64 artifacts
uses: actions/upload-artifact@v3
with:
name: rpi64
path: out/
if-no-files-found: error