chore: add rechunk step and action #1924

Workflow file for this run

	name: Build Images

	on:
	pull_request:
	branches:
	- main
	push:
	branches:
	- main
	schedule:
	- cron: "30 0 * * 1" # Every Monday at 12:30am
	workflow_dispatch:

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref \|\| github.run_id }}-build
	cancel-in-progress: true

	env:
	IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}

	jobs:
	build-base:
	runs-on: ubuntu-24.04
	strategy:
	fail-fast: false
	matrix:
	fedora-version: [40, stable]
	fedora-edition: [silverblue, kinoite, cosmic]
	include:
	- fedora-edition: cosmic
	image-registry: ghcr.io/rsturla/eternal-linux/base
	permissions:
	contents: read
	packages: write
	id-token: write
	env:
	IMAGE_NAME: eternal-linux/main/${{ matrix.fedora-edition }}
	FEDORA_VERSION: ${{ matrix.fedora-version }}
	COREOS_KERNEL: "N/A"
	outputs:
	base-image-tag: ${{ steps.generate-image-tags.outputs.primary-tag }}
	steps:
	- name: Checkout
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4

	# - name: Optimize GHA Storage
	# uses: ./.github/actions/optimise-gha-storage

	- name: Generate Image Tags
	uses: ./.github/actions/generate-image-tags
	id: generate-image-tags
	with:
	image-name: ${{ env.IMAGE_REGISTRY}}/${{ env.IMAGE_NAME }}
	major-version: ${{ env.FEDORA_VERSION }}
	is-release: ${{ github.event_name != 'pull_request' }}

	- name: Get CoreOS Kernel Information
	if: ${{ env.FEDORA_VERSION == 'stable' \|\| env.FEDORA_VERSION == 'testing' }}
	uses: ./.github/actions/get-coreos-kernel
	id: get-coreos-kernel
	with:
	coreos-stream: ${{ env.FEDORA_VERSION }}

	- name: Set CoreOS Environment Variables
	if: ${{ env.FEDORA_VERSION == 'stable' \|\| env.FEDORA_VERSION == 'testing' }}
	run: \|
	echo "COREOS_KERNEL=${{ steps.get-coreos-kernel.outputs.coreos-kernel-release }}" >> $GITHUB_ENV
	echo "FEDORA_VERSION=${{ steps.get-coreos-kernel.outputs.coreos-repo-version }}" >> $GITHUB_ENV

	- name: Build Image
	id: build
	uses: ./.github/actions/build-image
	with:
	builder: podman
	context: .
	dockerfile: Containerfile
	image-name: ${{ env.IMAGE_NAME }}
	image-tags: \|
	${{ steps.generate-image-tags.outputs.tags }}
	build-args: \|
	${{ matrix.image-registry && format('IMAGE_REGISTRY={0}', matrix.image-registry) \|\| '' }}
	FEDORA_VERSION=${{ env.FEDORA_VERSION }}
	FEDORA_EDITION=${{ matrix.fedora-edition }}
	COREOS_KERNEL=${{ env.COREOS_KERNEL }}

	- name: Prepare Rechunk
	run: \|
	set -euox pipefail
	sudo apt update && sudo apt install systemd-container
	podman image ls
	sudo podman image scp $(whoami)@localhost::${{ steps.build.outputs.image }}:${{ steps.generate-image-tags.outputs.primary-tag }} root@localhost::
	sudo podman image ls
	podman rmi $(podman image ls -qa) --force

	- name: Rechunk Image
	id: rechunk
	uses: hhd-dev/[email protected]
	with:
	rechunk: ghcr.io/hhd-dev/rechunk:v0.8.6
	ref: ${{ steps.build.outputs.image }}:${{ steps.generate-image-tags.outputs.primary-tag }}
	skip_compress: true
	prev-ref: ${{ env.IMAGE_REGISTRY }}/${{ steps.build.outputs.image }}:${{ steps.generate-image-tags.outputs.primary-tag }}

	- name: Load Rechunked Image
	run: \|
	sudo podman rmi $(sudo podman image ls -qa) --force
	IMAGE=$(podman pull ${{ steps.rechunk.outputs.ref }})
	sudo rm -rf ${{ steps.rechunk.outputs.output }}
	for tag in ${{ steps.build_image.outputs.tags }}; do
	podman tag $IMAGE ${{ env.IMAGE_NAME }}:${tag}
	done

	- name: Push Image
	id: push
	uses: ./.github/actions/push-image
	with:
	builder: ${{ steps.build.outputs.builder }}
	image-name: ${{ steps.build.outputs.image }}
	image-tags: ${{ steps.build.outputs.tags }}
	image-registry: ${{ env.IMAGE_REGISTRY }}
	registry-username: ${{ github.actor }}
	registry-password: ${{ secrets.GITHUB_TOKEN }}

	- name: Sign Image
	uses: ./.github/actions/sign-image
	if: github.event_name != 'pull_request'
	with:
	registry: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
	registry-provider: ghcr.io
	registry-username: ${{ github.actor }}
	registry-password: ${{ secrets.GITHUB_TOKEN }}
	digest: ${{ steps.push.outputs.digest }}
	private-key: ${{ secrets.ETERNAL_LINUX_SIGNING_KEY }}
	private-key-passphrase: ${{ secrets.ETERNAL_LINUX_SIGNING_KEY_PASSPHRASE }}

	build-nvidia:
	runs-on: ubuntu-latest
	needs: build-base
	if: ${{ !cancelled() }}
	strategy:
	fail-fast: false
	matrix:
	fedora-version: [40, stable]
	fedora-edition: [silverblue, kinoite, cosmic]
	nvidia-type: [open]
	permissions:
	contents: read
	packages: write
	id-token: write
	env:
	IMAGE_NAME: eternal-linux/main/${{ matrix.fedora-edition }}
	FEDORA_VERSION: ${{ matrix.fedora-version }}
	COREOS_KERNEL: "N/A"
	steps:
	- name: Checkout
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4

	- name: Optimize GHA Storage
	uses: ./.github/actions/optimise-gha-storage

	- name: Generate Image Tags
	uses: ./.github/actions/generate-image-tags
	id: generate-image-tags
	with:
	image-name: ${{ env.IMAGE_REGISTRY}}/${{ env.IMAGE_NAME }}
	major-version: ${{ env.FEDORA_VERSION }}
	is-release: ${{ github.event_name != 'pull_request' }}
	is-nvidia: true
	nvidia-type: ${{ matrix.nvidia-type }}

	- name: Get CoreOS Kernel Information
	if: ${{ env.FEDORA_VERSION == 'stable' \|\| env.FEDORA_VERSION == 'testing' }}
	uses: ./.github/actions/get-coreos-kernel
	id: get-coreos-kernel
	with:
	coreos-stream: ${{ env.FEDORA_VERSION }}

	- name: Set CoreOS Environment Variables
	if: ${{ env.FEDORA_VERSION == 'stable' \|\| env.FEDORA_VERSION == 'testing' }}
	run: \|
	echo "COREOS_KERNEL=${{ steps.get-coreos-kernel.outputs.coreos-kernel-release }}" >> $GITHUB_ENV
	echo "FEDORA_VERSION=${{ steps.get-coreos-kernel.outputs.coreos-repo-version }}" >> $GITHUB_ENV

	- name: Generate Base Image Tag
	id: generate-base-image-tag
	env:
	BASE_FEDORA_VERSION: ${{ matrix.fedora-version }}
	PR_NUMBER: ${{ github.event.number }}
	IS_PR: ${{ github.event_name == 'pull_request' }}
	run: \|
	GIT_SHA=$(git rev-parse --short HEAD)
	if [ $IS_PR == 'true' ]; then
	BASE_TAG="pr${PR_NUMBER}-${GIT_SHA}-${BASE_FEDORA_VERSION}"
	else
	BASE_TAG="${GIT_SHA}-${BASE_FEDORA_VERSION}"
	fi
	echo "base-tag=${BASE_TAG}" >> $GITHUB_OUTPUT

	- name: Build Image
	id: build
	uses: ./.github/actions/build-image
	with:
	builder: docker
	context: .
	dockerfile: Containerfile.nvidia
	image-name: ${{ env.IMAGE_NAME }}
	image-tags: \|
	${{ steps.generate-image-tags.outputs.tags }}
	build-args: \|
	FEDORA_VERSION=${{ env.FEDORA_VERSION }}
	FEDORA_EDITION=${{ matrix.fedora-edition }}
	BASE_TAG=${{ steps.generate-base-image-tag.outputs.base-tag }}
	${{ matrix.nvidia-type == 'open' && format('NVIDIA_AKMODS_IMAGE={0}', 'ghcr.io/rsturla/akmods/nvidia-open') \|\| '' }}
	NVIDIA_AKMODS_TAG=${{ matrix.fedora-version }}

	- name: Push Image
	id: push
	uses: ./.github/actions/push-image
	with:
	builder: ${{ steps.build.outputs.builder }}
	image-name: ${{ steps.build.outputs.image }}
	image-tags: ${{ steps.build.outputs.tags }}
	image-registry: ${{ env.IMAGE_REGISTRY }}
	registry-username: ${{ github.actor }}
	registry-password: ${{ secrets.GITHUB_TOKEN }}

	- name: Sign Image
	uses: ./.github/actions/sign-image
	if: github.event_name != 'pull_request'
	with:
	registry: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}
	registry-provider: ghcr.io
	registry-username: ${{ github.actor }}
	registry-password: ${{ secrets.GITHUB_TOKEN }}
	digest: ${{ steps.push.outputs.digest }}
	private-key: ${{ secrets.ETERNAL_LINUX_SIGNING_KEY }}
	private-key-passphrase: ${{ secrets.ETERNAL_LINUX_SIGNING_KEY_PASSPHRASE }}

	check:
	needs: [build-base, build-nvidia]
	if: always()
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4

	- name: Check Job Status
	uses: ./.github/actions/check-jobs-success
	with:
	jobs: ${{ toJSON(needs) }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: add rechunk step and action #1924

Workflow file

chore: add rechunk step and action #1924

Jobs

Run details

Workflow file for this run