diff --git a/.github/workflows/daily-6.0.yml b/.github/workflows/daily-6.0.yml index 473962a91..fe86305fb 100644 --- a/.github/workflows/daily-6.0.yml +++ b/.github/workflows/daily-6.0.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest container: - image: debian:buster + image: debian:latest volumes: - /proc:/proc options: --privileged diff --git a/.github/workflows/daily-7.0.yml b/.github/workflows/daily-7.0.yml new file mode 100644 index 000000000..346a26c45 --- /dev/null +++ b/.github/workflows/daily-7.0.yml @@ -0,0 +1,27 @@ +name: daily-7.0 + +on: + push: + branches: + - master + schedule: + - cron: "0 0 * * *" + workflow_dispatch: {} + +jobs: + build: + runs-on: ubuntu-latest + + container: + image: debian:latest + volumes: + - /proc:/proc + options: --privileged + + steps: + - name: Clone build scripts + uses: actions/checkout@v1 + + - name: Build and upload daily .iso + run: | + ./workflows.sh etc/terraform-daily-7.0-azure.conf "${{ secrets.key }}" "${{ secrets.secret }}" "${{ secrets.endpoint }}" "${{ secrets.bucket }}" diff --git a/.github/workflows/stable.yml b/.github/workflows/stable.yml index bc306be35..07e78457d 100644 --- a/.github/workflows/stable.yml +++ b/.github/workflows/stable.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest container: - image: debian:buster + image: debian:latest volumes: - /proc:/proc options: --privileged diff --git a/README.md b/README.md index c902fbe9c..a71d7265e 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ Configure the channel in the `etc/terraform.conf` (stable, daily), then run: docker run --privileged -i -v /proc:/proc \ -v ${PWD}:/working_dir \ -w /working_dir \ - debian:buster \ + debian:latest \ /bin/bash -s etc/terraform.conf < build.sh ``` diff --git a/build.sh b/build.sh index 96ba57247..8b4a5aaa4 100755 --- a/build.sh +++ b/build.sh @@ -24,20 +24,26 @@ echo -e " " apt-get update -apt-get install -y live-build patch ubuntu-keyring +apt-get install -y live-build patch gnupg2 binutils zstd -# TODO: Remove once live-build is able to acommodate for cases where LB_INITRAMFS is not live-boot: -# https://salsa.debian.org/live-team/live-build/merge_requests/31 -patch -d /usr/lib/live/build/ < live-build-fix-syslinux.patch +# The Debian repositories don't seem to have the `ubuntu-keyring` or `ubuntu-archive-keyring` packages +# anymore, so we add the archive keys manually. This may need to be updated if Ubuntu changes their signing keys +# To get the current key ID, find `ubuntu-keyring-xxxx-archive.gpg` in /etc/apt/trusted.gpg.d on a running +# system and run `gpg --keyring /etc/apt/trusted.gpg.d/ubuntu-keyring-xxxx-archive.gpg --list-public-keys ` +apt-key adv --recv-keys --keyserver keyserver.ubuntu.com F6ECB3762474EDA9D21B7022871920D1991BC93C # TODO: This patch was submitted upstream at: # https://salsa.debian.org/live-team/live-build/-/merge_requests/255 # This can be removed when our Debian container has a version containing this fix patch -d /usr/lib/live/build/ < live-build-fix-shim-remove.patch -# TODO: Remove this once debootstrap 1.0.117 or newer is released and available: +# TODO: This can be removed when our Debian container has debootstrap 1.0.124 or later +# It's needed to support the new zstd .deb package compression that Ubuntu is doing +patch -d /usr/share/debootstrap/ < debootstrap-backport-zstd-support.patch + +# TODO: Remove this once debootstrap has a script to build jammy images in our container: # https://salsa.debian.org/installer-team/debootstrap/blob/master/debian/changelog -ln -sfn /usr/share/debootstrap/scripts/gutsy /usr/share/debootstrap/scripts/focal +ln -sfn /usr/share/debootstrap/scripts/gutsy /usr/share/debootstrap/scripts/jammy build () { BUILD_ARCH="$1" diff --git a/debootstrap-backport-zstd-support.patch b/debootstrap-backport-zstd-support.patch new file mode 100644 index 000000000..a7163fa1a --- /dev/null +++ b/debootstrap-backport-zstd-support.patch @@ -0,0 +1,19 @@ +--- /usr/share/debootstrap/functions.orig 2021-10-23 23:13:10.576805331 +0000 ++++ /usr/share/debootstrap/functions 2021-10-23 23:14:05.465350379 +0000 +@@ -974,6 +974,7 @@ + case "$tarball" in + control.tar.gz) cat_cmd=zcat ;; + control.tar.xz) cat_cmd=xzcat ;; ++ control.tar.zst) cat_cmd=zstdcat ;; + control.tar) cat_cmd=cat ;; + *) error 1 UNKNOWNCONTROLCOMP "Unknown compression type for %s in %s" "$tarball" "$pkg" ;; + esac +@@ -996,6 +997,7 @@ + data.tar.gz) cat_cmd=zcat ;; + data.tar.bz2) cat_cmd=bzcat ;; + data.tar.xz) cat_cmd=xzcat ;; ++ data.tar.zst) cat_cmd=zstdcat ;; + data.tar) cat_cmd=cat ;; + *) error 1 UNKNOWNDATACOMP "Unknown compression type for %s in %s" "$tarball" "$pkg" ;; + esac + diff --git a/etc/auto/config b/etc/auto/config index dc1b0b4e4..7bc507a8a 100755 --- a/etc/auto/config +++ b/etc/auto/config @@ -25,6 +25,8 @@ lb config noauto \ --linux-packages linux-image \ --linux-flavours "$KERNEL_FLAVORS" \ --bootappend-live "boot=casper maybe-ubiquity quiet splash" \ + --debootstrap-options="--extractor=ar --keyring=/etc/apt/trusted.gpg" \ + --checksums md5 \ --mirror-bootstrap "$MIRROR_URL" \ --parent-mirror-bootstrap "$MIRROR_URL" \ --mirror-chroot-security "http://security.ubuntu.com/ubuntu/" \ diff --git a/etc/config/package-lists.default/pool.list.binary b/etc/config/package-lists.default/pool.list.binary index 71617cfe3..e47d2e4ba 100644 --- a/etc/config/package-lists.default/pool.list.binary +++ b/etc/config/package-lists.default/pool.list.binary @@ -4,12 +4,10 @@ dkms intel-microcode iucode-tool lupin-support -mouseemu setserial user-setup efibootmgr -grub-efi secureboot-db #if ARCHITECTURES amd64 @@ -19,10 +17,3 @@ grub-efi-amd64-signed shim shim-signed #endif - -#if ARCHITECTURES i386 -grub-efi-ia32 -grub-efi-ia32-bin -sl-modem-daemon -#endif - diff --git a/etc/terraform-daily-7.0-azure.conf b/etc/terraform-daily-7.0-azure.conf new file mode 100644 index 000000000..596dd661a --- /dev/null +++ b/etc/terraform-daily-7.0-azure.conf @@ -0,0 +1,36 @@ +# target architecture - i386, amd64 or all +ARCH="amd64" + +# base codename +BASECODENAME="jammy" + +# base version +BASEVERSION="22.04" + +# distribution codename +CODENAME="next" + +# distribution version +VERSION="7.0" + +# distribution channel +CHANNEL="daily" + +# distribution name +NAME="elementary OS" + +# mirror to fetch packages from +MIRROR_URL="http://azure.archive.ubuntu.com/ubuntu/" + +# use HWE kernel and packages? +HWE_KERNEL="no" +HWE_X11="no" + +# use appcenter ppa +INCLUDE_APPCENTER="" + +# suffix for generated .iso files +OUTPUT_SUFFIX="" + +# folder suffix for the package lists to use +PACKAGE_LISTS_SUFFIX="default" diff --git a/live-build-fix-shim-remove.patch b/live-build-fix-shim-remove.patch index e04254210..e9348c1fc 100644 --- a/live-build-fix-shim-remove.patch +++ b/live-build-fix-shim-remove.patch @@ -1,16 +1,15 @@ ---- /usr/lib/live/build/binary_grub-efi 2019-03-11 10:05:40.000000000 +0000 -+++ /usr/lib/live/build/binary_grub-efi_v2 2021-08-04 13:37:20.064547041 +0000 -@@ -267,8 +267,12 @@ +--- binary_grub-efi 2021-04-02 15:43:54.000000000 +0000 ++++ binary_grub-efi_v2 2021-10-23 22:43:57.314540341 +0000 +@@ -280,8 +280,12 @@ # Saving cache - Save_cache cache/packages.binary + Save_package_cache binary - # Removing depends -- Remove_package + # Removing depends, some bootloader packages are marked as Protected/Important + # in Ubuntu, so temporarily add an apt flag to allow them to be removed + PRE_APT_OPTIONS="${APT_OPTIONS}" + APT_OPTIONS="${APT_OPTIONS} --allow-remove-essential" -+ Remove_package + Remove_packages + APT_OPTIONS="${PRE_APT_OPTIONS}" ;; diff --git a/live-build-fix-syslinux.patch b/live-build-fix-syslinux.patch deleted file mode 100644 index 288825494..000000000 --- a/live-build-fix-syslinux.patch +++ /dev/null @@ -1,17 +0,0 @@ ---- /usr/lib/live/build/binary_syslinux 2019-03-11 10:05:11.000000000 +0000 -+++ /usr/lib/live/build/binary_syslinux_v2 2019-10-19 00:46:20.453418149 +0100 -@@ -45,9 +45,12 @@ - Check_crossarchitectures - - case "${LB_INITRAMFS}" in -- *) -+ live-boot) - _INITRAMFS="live" - ;; -+ *) -+ _INITRAMFS="boot" -+ ;; - esac - - # Assembling image specifics -