* Cache trivy
Fixes https://github.com/kairos-io/kairos/issues/2904
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Cache trivy in more pipelines
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Populate trivy cache
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Create the trivy cache dir if it wasn't created
because if there is no cache to restore, the directory doesn't get
created
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Try to gate all jobs with trivy cache job
to avoid failing later. Also, since jobs run in parallel, they may start
populating the cache at the same time which will result in multiple
requests for the trivy database, making the caching mechanism useless.
Doing it once before everything should solve this.
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
---------
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
While locally it works as it caches the image witht he DB already on it,
on CI it doesnt work and pulls the DB twice, so its the same as it was
before.
Signed-off-by: Itxaka <itxaka@kairos.io>
* Use kairos-agent instead of naming.sh everywhere
For this commit, kairos-agent has to be built from at least 4409a4e
Also:
- Remove some relics from when we had docs in this repo and when we
used to pass a VERSION to the bundle for systemd-sysext (now we use
"_ANY")
- Simplify earthly targets. They don't need all that input just to construct
the artifact name because it's running on the "base-image".
The artifact name is already written in the /etc/os-release file.
- Remove +version target and convert GIT_VERSION to a normal target because when you call
`DO +foo` in a target and "foo" has "FROM myimage" in it, after the call, your
target now runs on "myimage".
- Remove "VERSION" instances from most places, except in reusable-build-flavor
which is using it to replace it with "latest" thus the current value
(just the kairos version) should work. That workflow is disabled currently
but I tried not to break it in case someone re-enables it.
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Fix rebase mistake
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Fix issues building arm
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Oops
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
---------
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
Co-authored-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Use one of our luet packages to install k3s
Fixing this: https://github.com/kairos-io/kairos/issues/1797#issuecomment-1711315693
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* [Temp] Run provider tests in PRs temporarily to test this PR
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Revert "[Temp] Run provider tests in PRs temporarily to test this PR"
This reverts commit 41babdf06b.
---------
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
As it can affect our tests, we block the metadata IP acess so tests run
isolated and cant get the actual host metadata inside the test VM
machine
Signed-off-by: Itxaka <itxaka@kairos.io>
and that action fails with:
```
The following packages will be DOWNGRADED:
docker-ce docker-ce-cli
0 upgraded, 0 newly installed, 2 downgraded, 0 to remove and 11 not upgraded.
E: Packages were downgraded and -y was used without --allow-downgrades.
```
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Use dev version for provider kairos in Earthly
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* [WIP] Build a matrix for standard (provider) images
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Build provider-kairos image with the right flags
E.g. Invoke it as:
earthly +iso -PROVIDER_KAIROS=true -PROVIDER_KAIROS_VERSION=2.3.0 -K3S_VERSION=1.24.2
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Use latest package for provider-kairos and k3s
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Remove PROVIDER_KAIROS_VERSION setting
because when we install with luet, the version is defined by the
repository in framework-profile.yaml
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Remove implemented TODO
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Construct the k8s versions by quering the luet repo for available ones
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* No need to change version strings
They are already in the required format for luet
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* WIP
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Remove default MODEL that doesn't work
because the top level default always wins (Earthly...)
and downgrade osbuilder because it breaks arm builds. This should fix it:
https://github.com/kairos-io/osbuilder/pull/80
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Don't build standard images for nvidia jetson
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* WIP
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Drop PROVIDER_KAIROS and use VARIANT=standard instead
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* WIP
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* WIP
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* WIp
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Remove not used ARGs and simplify targets
Signed-off-by: Dimitris Karakasilis <dimitris@spectrocloud.com>
* Try out on our branch
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Configure luet before searching it
Signed-off-by: Dimitris Karakasilis <dimitris@spectrocloud.com>
* Try to fix luet
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Fix luet
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Fix signing path
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Bump CI
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Add debug job
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Remove dummy job and try to remove permissions
to see if they are actually needed anywhere
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Debug, debug, debug
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Switch back to old naming
we will deal with it on another PR
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Simplify jq syntax
Signed-off-by: Dimitris Karakasilis <dimitris@spectrocloud.com>
* Fix arm image release pipeline (no generic yet)
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Fix luet installation in job
Signed-off-by: Dimitris Karakasilis <dimitris@spectrocloud.com>
* Fix the release-arm pipeline
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Unshallow the checkout in the pipeline to build a proper VERSION
Signed-off-by: Dimitris Karakasilis <dimitris@spectrocloud.com>
* Use the action fetch-depth instead of unshallow
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Fix earthly things
Signed-off-by: Dimitris Karakasilis <dimitris@spectrocloud.com>
* WIP
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Remove our test branch from the workflow
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Remove done TODOs and make sure we install tools in all k3s versions
Signed-off-by: Dimitris Karakasilis <dimitris@spectrocloud.com>
* Rename Earthly command and remove unnecessary copying
because the framework-profile should already be in place
(Fixes based on PR comments)
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Add nohang in base images (wherever it's available)
and remove the Earthly target for that.
Question: We only enable this on systemd:
https://github.com/kairos-io/kairos/blob/master/overlay/files/system/oem/09_services.yaml#L21-L22
What about systemd flavors that don't have it? (fedora, rockylinux,
almalinux)
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Add repository for nohang in jetson dockerfile
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Filter which flavors to build standard image for
and stop running the release pipeline our current branch
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
* Fix name of matrix
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
---------
Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
Signed-off-by: Dimitris Karakasilis <dimitris@spectrocloud.com>
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
Co-authored-by: Mauro Morales <mauro.morales@spectrocloud.com>
Co-authored-by: Dimitris Karakasilis <dimitris@spectrocloud.com>
* Use reusable jobs
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Remove dependency to branch
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Version needs to be there, pointing to master
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* cannot find downloaded artifact
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Unzip iso
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Use artifact path
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* ls
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* doesn't need to be unziped
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Move iso into build
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* ls downloaded artifact
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* No need to mv anymore
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Name of artifact is kairos-core
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Path is different depending on the test :/
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* keep files on top dir
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Correct name of iso
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Add missing \
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* lint yaml
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* extend to 40 mins becuase ubunut might be slower in some regards
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Extend to 60 min
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Make latest be ubuntu too
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Have reusable workflows for provider tests too
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* cant copy pasta properly
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* lint newline
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Use latest release for test, don't need to upload it any longer
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Latest release step is not really needed
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* temp run provider tests in PR
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* pass label
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* inputs instead of matrix
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* don't convert to env and then use in command
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* split upgrade latest test
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* use latest release
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* head -n 1
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* lint
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* rename job
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* should be 24h instead of 8h for the test
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* Reduce name of jobs
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* oops also rename the needs
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* rename jobs
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* move from job env var to export of env var
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* 🤦
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* rename
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* remove standard tests from PR runs
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* fix install test
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
* point reusable jobs to master
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
---------
Signed-off-by: Mauro Morales <mauro.morales@spectrocloud.com>
