diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0274d2b..d39f3ff 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,16 +1,24 @@ -name: Build Images -on: [push, pull_request, workflow_dispatch] +name: build +on: + workflow_dispatch: + pull_request: + push: + branches: [ main ] jobs: build: + name: ${{ matrix.image.name }} runs-on: ubuntu-24.04 strategy: matrix: image: - - guest-fedora-41 - - guest-ubuntu-oracular - - guest-debian-bookworm + - path: guest/fedora/41 + name: guest-fedora-41 + - path: guest/ubuntu/oracular + name: guest-ubuntu-oracular + - path: guest/debian/bookworm + name: guest-debian-bookworm steps: - uses: actions/checkout@v4 @@ -21,18 +29,18 @@ jobs: sudo apt-get update sudo apt-get install -y mkosi qemu-utils systemd-ukify systemd-boot policycoreutils mtools - - name: Build ${{ matrix.image }} - run: sudo mkosi -C ${{ matrix.image }}/ + - name: Build ${{ matrix.image.name }} + run: sudo mkosi -C ${{ matrix.image.path }}/ - name: Convert raw image to qcow2 run: | - qemu-img convert -f raw -O qcow2 ${{ matrix.image }}/image.raw ${{ matrix.image }}/image.qcow2 + qemu-img convert -f raw -O qcow2 ${{ matrix.image.path }}/image.raw ${{ matrix.image.path }}/image.qcow2 - name: Upload image uses: actions/upload-artifact@v4 with: - name: ${{ matrix.image }} + name: ${{ matrix.image.name }} path: | - ${{ matrix.image }}/image.efi - ${{ matrix.image }}/image.qcow2 + ${{ matrix.image.path }}/image.efi + ${{ matrix.image.path }}/image.qcow2 retention-days: 7 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 001102e..3413c83 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,9 +1,12 @@ -name: Style Checks -on: [push, pull_request] +name: lint +on: + pull_request: + push: + branches: [ main ] jobs: commits: - name: Check Conventional Commit Syntax + name: conventional commit runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 @@ -11,4 +14,4 @@ jobs: - uses: webiny/action-conventional-commits@v1.3.0 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - allowed-commit-types: "feat,fix,build,chore,ci,docs,style,refactor,perf,test" \ No newline at end of file + allowed-commit-types: "feat,fix,build,chore,ci,docs,style,refactor,perf,test" diff --git a/README.md b/README.md index c5c79de..711c31a 100644 --- a/README.md +++ b/README.md @@ -18,8 +18,8 @@ Individual guest tests should be written as systemd services. ```sh $ qemu-kvm -m 2G \ -bios /usr/share/edk2/ovmf/OVMF_CODE.fd \ - -kernel guest-fedora-41/image.efi \ - -hda guest-fedora-41/image.qcow2 + -kernel guest/fedora/41/image.efi \ + -hda guest/fedora/41/image.qcow2 ``` 4. **Launch SNP Guest:** Run an SNP guest with the direct boot options and kernel-hashes=on for the confidential guest measured boot: @@ -30,12 +30,12 @@ $ qemu-system-x86_64 \ -cpu EPYC-v4 \ -smp 1 \ -device virtio-blk-pci,drive=disk0,id=scsi0 \ - -drive file=guest-fedora-41/image.qcow2,if=none,id=disk0 \ + -drive file=guest/fedora/41/image.qcow2,if=none,id=disk0 \ -machine memory-encryption=sev0,vmport=off \ -object memory-backend-memfd,id=ram1,size=2048M \ -machine memory-backend=ram1 \ -object sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1,kernel-hashes=on \ -bios /usr/share/edk2/ovmf/OVMF.amdsev.fd \ - -kernel guest-fedora-41/image.efi \ + -kernel guest/fedora/41/image.efi \ -nographic ``` diff --git a/guest-fedora-41/mkosi.conf b/guest-fedora-41/mkosi.conf deleted file mode 100644 index 2e5740f..0000000 --- a/guest-fedora-41/mkosi.conf +++ /dev/null @@ -1,10 +0,0 @@ -[Include] -Include=../common/ - -[Distribution] -Distribution=fedora -Release=41 - -[Content] -Packages=systemd,kernel,wget2,systemd-boot-unsigned,selinux-policy-targeted,systemd-networkd,systemd-resolved,dnf -SELinuxRelabel=yes diff --git a/guest/debian/bookworm/mkosi.conf b/guest/debian/bookworm/mkosi.conf new file mode 100644 index 0000000..3efcaca --- /dev/null +++ b/guest/debian/bookworm/mkosi.conf @@ -0,0 +1,5 @@ +[Include] +Include=../ + +[Distribution] +Release=bookworm diff --git a/guest-debian-bookworm/mkosi.conf b/guest/debian/mkosi.conf similarity index 77% rename from guest-debian-bookworm/mkosi.conf rename to guest/debian/mkosi.conf index a8718dd..15edcdc 100644 --- a/guest-debian-bookworm/mkosi.conf +++ b/guest/debian/mkosi.conf @@ -1,9 +1,8 @@ [Include] -Include=../common/ +Include=../ [Distribution] Distribution=debian -Release=bookworm [Content] Packages=linux-image-generic,systemd,systemd-boot,resolvconf,locales diff --git a/guest/fedora/41/mkosi.conf b/guest/fedora/41/mkosi.conf new file mode 100644 index 0000000..f408975 --- /dev/null +++ b/guest/fedora/41/mkosi.conf @@ -0,0 +1,5 @@ +[Include] +Include=../ + +[Distribution] +Release=41 diff --git a/guest/fedora/mkosi.conf b/guest/fedora/mkosi.conf new file mode 100644 index 0000000..42974c3 --- /dev/null +++ b/guest/fedora/mkosi.conf @@ -0,0 +1,9 @@ +[Include] +Include=../ + +[Distribution] +Distribution=fedora + +[Content] +Packages=kernel,selinux-policy-targeted,systemd,systemd-boot-unsigned,systemd-networkd,systemd-resolved +SELinuxRelabel=yes diff --git a/common/mkosi.conf b/guest/mkosi.conf similarity index 100% rename from common/mkosi.conf rename to guest/mkosi.conf diff --git a/common/mkosi.extra/etc/fstab b/guest/mkosi.extra/etc/fstab similarity index 100% rename from common/mkosi.extra/etc/fstab rename to guest/mkosi.extra/etc/fstab diff --git a/common/mkosi.extra/usr/local/lib/systemd/network/loopback.network b/guest/mkosi.extra/usr/local/lib/systemd/network/loopback.network similarity index 100% rename from common/mkosi.extra/usr/local/lib/systemd/network/loopback.network rename to guest/mkosi.extra/usr/local/lib/systemd/network/loopback.network diff --git a/common/mkosi.extra/usr/local/lib/systemd/network/wired.network b/guest/mkosi.extra/usr/local/lib/systemd/network/wired.network similarity index 100% rename from common/mkosi.extra/usr/local/lib/systemd/network/wired.network rename to guest/mkosi.extra/usr/local/lib/systemd/network/wired.network diff --git a/common/mkosi.extra/usr/local/lib/systemd/system-preset/10-enable.preset b/guest/mkosi.extra/usr/local/lib/systemd/system-preset/10-enable.preset similarity index 100% rename from common/mkosi.extra/usr/local/lib/systemd/system-preset/10-enable.preset rename to guest/mkosi.extra/usr/local/lib/systemd/system-preset/10-enable.preset diff --git a/common/mkosi.extra/usr/local/lib/tmpfiles.d/common.conf b/guest/mkosi.extra/usr/local/lib/tmpfiles.d/common.conf similarity index 100% rename from common/mkosi.extra/usr/local/lib/tmpfiles.d/common.conf rename to guest/mkosi.extra/usr/local/lib/tmpfiles.d/common.conf diff --git a/common/mkosi.repart/esp.conf b/guest/mkosi.repart/esp.conf similarity index 100% rename from common/mkosi.repart/esp.conf rename to guest/mkosi.repart/esp.conf diff --git a/common/mkosi.repart/root.conf b/guest/mkosi.repart/root.conf similarity index 100% rename from common/mkosi.repart/root.conf rename to guest/mkosi.repart/root.conf diff --git a/common/mkosi.repart/verity.conf b/guest/mkosi.repart/verity.conf similarity index 100% rename from common/mkosi.repart/verity.conf rename to guest/mkosi.repart/verity.conf diff --git a/guest-ubuntu-oracular/mkosi.conf b/guest/ubuntu/mkosi.conf similarity index 80% rename from guest-ubuntu-oracular/mkosi.conf rename to guest/ubuntu/mkosi.conf index 4f1ec0b..3061888 100644 --- a/guest-ubuntu-oracular/mkosi.conf +++ b/guest/ubuntu/mkosi.conf @@ -1,9 +1,8 @@ [Include] -Include=../common/ +Include=../ [Distribution] Distribution=ubuntu -Release=oracular Repositories=universe [Content] diff --git a/guest/ubuntu/oracular/mkosi.conf b/guest/ubuntu/oracular/mkosi.conf new file mode 100644 index 0000000..b6f30ea --- /dev/null +++ b/guest/ubuntu/oracular/mkosi.conf @@ -0,0 +1,5 @@ +[Include] +Include=../ + +[Distribution] +Release=oracular