Initial build of 9 and 10 based rpi bootc images

.github/actions/shared-steps/action.yml

@@ -7,6 +7,8 @@ inputs:
     required: true
   IMAGE_REGISTRY:
     required: true
+  VARIANT:
+    required: true
   REGISTRY_USER:
     required: true
   REGISTRY_PASSWORD:
@@ -26,12 +28,27 @@ runs:
         ARCH=${{ matrix.ARCH }}
         echo "CLEAN_ARCH=${ARCH//\//_}" >> "$GITHUB_ENV"
 
+    - name: Generate Suffix
+      id: suffix
+      shell: bash
+      run: |
+        if [ 'x${{ inputs.VARIANT }}' == 'xgeneral' ]; then
+          echo "suffix=" >> $GITHUB_OUTPUT
+          echo "clean_suffix=" >> $GITHUB_OUTPUT
+        else
+          echo "suffix=-${{ inputs.VARIANT }}" >> $GITHUB_OUTPUT
+          echo "clean_suffix=_${{ inputs.VARIANT }}" >> $GITHUB_OUTPUT
+        fi
+
     - name: Log in to registry
+      if: github.event_name != 'pull_request'
       shell: bash
       run: sudo podman login ${{ inputs.IMAGE_REGISTRY }} -u ${{ inputs.REGISTRY_USER }} -p ${{ inputs.REGISTRY_PASSWORD }}
 
     - name: Check update
       shell: bash
+      env:
+        SUFFIX: ${{ steps.suffix.outputs.suffix }}
       run: |
         # 'dnf check-update'
         # exit codes:
@@ -40,7 +57,10 @@ runs:
         #   125 - tag/platform not found
         #   127 - command not found
         res=0
-        sudo podman run ${{ env.VARIANT }} --quiet --rm ${{ inputs.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ inputs.VERSION_MAJOR }} dnf check-update || res=$?
+        if [ "${{ github.event_name }}" != "pull_request" ]; then
+          exit 100
+        fi
+        sudo podman run ${{ env.VARIANT }} --quiet --rm ${{ inputs.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ inputs.VERSION_MAJOR }}${{ env.SUFFIX }} dnf check-update || res=$?
         echo "res=${res}" >> "$GITHUB_ENV"
         echo "Exit code: '$res'"
 
@@ -86,7 +106,8 @@ runs:
           PLATFORM=${{ env.PLATFORM }} \
           LABELS="${ALL_LABELS}" \
           IMAGE_NAME=${{ env.IMAGE_NAME }} \
-          VERSION_MAJOR=${{ inputs.VERSION_MAJOR }}
+          VERSION_MAJOR=${{ inputs.VERSION_MAJOR }} \
+          VARIANT=${{ inputs.VARIANT }}
 
         echo "image-id=$(cat /tmp/image-id)" >> $GITHUB_OUTPUT
 
@@ -120,16 +141,17 @@ runs:
 
     - name: Push to registry
       id: push
-      if: ${{ env.res != 0 || github.event_name == 'workflow_dispatch' }}
+      if: ${{ (env.res != 0 || github.event_name == 'workflow_dispatch') && github.event_name != 'pull_request' }}
       env:
         IMAGE_ID: ${{ steps.rechunk.outputs.image-id }}
         VERSION: ${{ steps.run.outputs.version-id }}
+        SUFFIX: ${{ steps.suffix.outputs.suffix }}
       shell: bash
       run: |
         # The push fails for unknown reasons sometimes, so we'll retry it a few times
         for i in {1..5}; do
           sudo podman push --digestfile=/tmp/digestfile ${{ env.IMAGE_ID }} \
-            docker://${IMAGE_DEST}:${{ env.VERSION }}-${{ inputs.DATE_STAMP }}-${{ env.CLEAN_ARCH }} && break || sleep $((10*i))
+            docker://${IMAGE_DEST}:${{ env.VERSION }}${{ env.SUFFIX}}-${{ inputs.DATE_STAMP }}-${{ env.CLEAN_ARCH }} && break || sleep $((10*i))
         done
         [ -f /tmp/digestfile ] || exit 1
         echo "digest=$(cat /tmp/digestfile)" >> $GITHUB_OUTPUT
@@ -138,6 +160,8 @@ runs:
     - name: Create Job Outputs
       if: ${{ env.res != 0 || github.event_name == 'workflow_dispatch' }}
       shell: bash
+      env:
+        CLEAN_SUFFIX: ${{ steps.suffix.outputs.clean_suffix }}
       run: |
         mkdir -p /tmp/outputs/digests
 
@@ -150,15 +174,17 @@ runs:
           --arg vendor "${{ steps.run.outputs.vendor }}" \
           --arg image_id "${{ steps.rechunk.outputs.image-id }}" \
           '{($platform): {digest: $digest, id: $id, version: $version, major: $major, long_version: $long_version, vendor: $vendor, image_id: $image_id}}' \
-          > /tmp/outputs/digests/${{ env.IMAGE_NAME }}_${{ matrix.VERSION_MAJOR }}_${{ env.CLEAN_ARCH }}.json
+          > /tmp/outputs/digests/${{ env.IMAGE_NAME }}_${{ matrix.VERSION_MAJOR }}${{ env.CLEAN_SUFFIX }}_${{ env.CLEAN_ARCH }}.json
 
-        cat /tmp/outputs/digests/${{ env.IMAGE_NAME }}_${{ matrix.VERSION_MAJOR }}_${{ env.CLEAN_ARCH }}.json
+        cat /tmp/outputs/digests/${{ env.IMAGE_NAME }}_${{ matrix.VERSION_MAJOR }}${{ env.CLEAN_SUFFIX }}_${{ env.CLEAN_ARCH }}.json
 
     - name: Upload Output Artifacts
       if: ${{ env.res != 0 || github.event_name == 'workflow_dispatch' }}
       uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
+      env:
+        CLEAN_SUFFIX: ${{ steps.suffix.outputs.clean_suffix }}
       with:
-        name: ${{ env.IMAGE_NAME }}_${{ matrix.VERSION_MAJOR }}_${{ env.CLEAN_ARCH }}
+        name: ${{ env.IMAGE_NAME }}_${{ matrix.VERSION_MAJOR }}${{ env.CLEAN_SUFFIX }}_${{ env.CLEAN_ARCH }}
         retention-days: 1
         if-no-files-found: error
         path: |

.github/workflows/build.yml

@@ -1,5 +1,7 @@
 name: Build amd64 and arm64
 on:
+  pull_request:
+    types: [synchronize, opened, reopened]
   workflow_dispatch:
     inputs:
       RELEASE:
@@ -21,6 +23,7 @@ env:
   LATEST_MAJOR: 9
   IMAGE_NAME: almalinux-bootc
   VERSIONS_LIST: '"9", "10-kitten", "10"'
+  VARIANT_LIST: '"general", "rpi"'
   CHAT_CHANNEL: sigcloud
 
 jobs:
@@ -29,13 +32,17 @@ jobs:
     runs-on: ubuntu-24.04
     outputs:
       matrix: ${{ steps.set-matrix.outputs.matrix }}
+      variants: ${{ steps.set-variants.outputs.variants }}
       date_stamp: ${{ steps.date-stamp.outputs.date_stamp }}
     steps:
       - name: Set matrix
         id: set-matrix
         run: |
           # Format json for versions matrix
           case ${{ github.event_name }} in
+            pull_request)
+              echo "matrix=$(jq -c <<< '[${{ env.VERSIONS_LIST }}]')" >> $GITHUB_OUTPUT
+              ;;
             workflow_dispatch)
               if [[ "${{ inputs.RELEASE }}" == "ALL" ]]; then
                 echo "matrix=$(jq -c <<< '[${{ env.VERSIONS_LIST }}]')" >> $GITHUB_OUTPUT
@@ -48,6 +55,12 @@ jobs:
               ;;
           esac
 
+      - name: Set variants
+        id: set-variants
+        run: |
+          # Format json for variants
+          echo "variants=$(jq -c <<< '[${{ env.VARIANT_LIST }}]')" >> $GITHUB_OUTPUT
+
       - name: Date stamp
         id: date-stamp
         run: |
@@ -64,9 +77,21 @@ jobs:
       matrix:
         VERSION_MAJOR: ${{ fromJSON(needs.set-versions-matrix.outputs.matrix) }}
         ARCH: [amd64, arm64, amd64/v2]
+        VARIANT: ${{ fromJSON(needs.set-versions-matrix.outputs.variants) }}
         exclude:
           - VERSION_MAJOR: 9
             ARCH: amd64/v2
+          - VERSION_MAJOR: 9
+            ARCH: amd64
+            VARIANT: rpi
+          - VERSION_MAJOR: 10-kitten
+            VARIANT: rpi
+          - VERSION_MAJOR: 10
+            ARCH: amd64/v2
+            VARIANT: rpi
+          - VERSION_MAJOR: 10
+            ARCH: amd64
+            VARIANT: rpi
 
     env:
       PLATFORM: linux/${{ matrix.ARCH }}
@@ -83,11 +108,12 @@ jobs:
         VERSION_MAJOR: ${{ matrix.VERSION_MAJOR }}
         DATE_STAMP: ${{ env.DATE_STAMP }}
         IMAGE_REGISTRY: ${{ secrets.IMAGE_REGISTRY }}
+        VARIANT: ${{ matrix.VARIANT }}
         REGISTRY_USER:  ${{ secrets.REGISTRY_USER }}
         REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
 
   push-manifest:
-    if: ${{ always() && contains(join(needs.*.result, ','), 'success') }}
+    if: ${{ always() && contains(join(needs.*.result, ','), 'success') && github.event_name != 'pull_request' && needs.set-versions-matrix.outputs.variants == 'generic' }}
     name: Push manifest
     needs: [set-versions-matrix, build]
     runs-on: ubuntu-24.04

10-rpi/Containerfile

@@ -0,0 +1,27 @@
+FROM quay.io/almalinuxorg/10-base:10 as repos
+FROM quay.io/centos-bootc/centos-bootc:stream10 as builder
+
+RUN rm -rf /etc/yum.repos.d/*
+
+COPY --from=repos /etc/yum.repos.d/*.repo /etc/yum.repos.d/
+COPY --from=repos /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10 /etc/pki/rpm-gpg
+
+COPY 10-rpi/almalinux-raspberrypi.repo  /etc/yum.repos.d/
+COPY 10-rpi/almalinux-10-rpi.yaml /usr/share/doc/bootc-base-imagectl/manifests/
+COPY 10-rpi/kernel.yaml /usr/share/doc/bootc-base-imagectl/manifests/minimal/
+
+RUN sed -i 's/efibootmgr//g' /usr/share/doc/bootc-base-imagectl/manifests/minimal/bootupd.yaml
+
+RUN /usr/libexec/bootc-base-imagectl build-rootfs --manifest=almalinux-10-rpi /target-rootfs
+
+###
+
+FROM scratch
+
+COPY --from=builder /target-rootfs/ /
+
+LABEL containers.bootc 1
+LABEL ostree.bootable 1
+
+STOPSIGNAL SIGRTMIN+3
+CMD ["/sbin/init"]

10-rpi/almalinux-10-rpi.yaml

@@ -0,0 +1,34 @@
+releasever: 10
+
+repos:
+  - baseos
+  - appstream
+  - raspberrypi
+
+variables:
+  distro: "almalinux10"
+
+packages:
+  - almalinux-repos
+  - almalinux-release-raspberrypi
+
+postprocess:
+  - |
+    #!/usr/bin/env bash
+
+    set -euo pipefail
+
+    mkdir -p /usr/lib/bootc/install/
+    cat > /usr/lib/bootc/install/20-rhel.toml << EOF
+    [install]
+    root-fs-type = "xfs"
+    EOF
+  - |
+    #!/usr/bin/env bash
+    set -euo pipefail
+    dnf clean all
+    rm /var/{log,cache,lib}/* -rf
+    systemctl preset-all
+
+include:
+  - standard/manifest.yaml

10-rpi/almalinux-raspberrypi.repo

@@ -0,0 +1,27 @@
+# Raspberry PI repo for AlmaLinux
+
+[raspberrypi]
+name=AlmaLinux $releasever - Raspberry Pi
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/raspberrypi
+# baseurl=https://repo.almalinux.org/almalinux/$releasever/raspberrypi/$basearch/os/
+gpgcheck=1
+enabled=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10
+
+## Sources
+[raspberrypi-source]
+name=AlmaLinux $releasever - Raspberry Pi Source
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/raspberrypi-source
+# baseurl=https://repo.almalinux.org/vault/$releasever/raspberrypi/Source/
+gpgcheck=1
+enabled=0
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10
+
+## Debug
+[raspberrypi-debuginfo]
+name=AlmaLinux $releasever - Raspberry Pi debuginfo
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/raspberrypi-debuginfo
+# baseurl=https://repo.almalinux.org/vault/$releasever/raspberrypi/debug/$basearch/
+gpgcheck=1
+enabled=0
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-10

10-rpi/kernel.yaml

@@ -0,0 +1,11 @@
+packages:
+  - filesystem
+  - linux-firmware-raspberrypi
+  - raspberrypi-sys-mods
+  - raspberrypi-userland
+  - raspberrypi2-firmware
+  - raspberrypi2-kernel4
+  - raspberrypi2-kernel4-tools
+
+exclude-packages:
+  - kernel-debug

9-rpi/Containerfile

@@ -0,0 +1,27 @@
+FROM quay.io/almalinuxorg/9-base:9 as repos
+FROM quay.io/centos-bootc/centos-bootc:stream10 as builder
+
+RUN rm -rf /etc/yum.repos.d/*
+
+COPY --from=repos /etc/yum.repos.d/*.repo /etc/yum.repos.d/
+COPY --from=repos /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9 /etc/pki/rpm-gpg
+
+COPY 9-rpi/almalinux-raspberrypi.repo  /etc/yum.repos.d/
+COPY 9-rpi/almalinux-9-rpi.yaml /usr/share/doc/bootc-base-imagectl/manifests/
+COPY 9-rpi/kernel.yaml /usr/share/doc/bootc-base-imagectl/manifests/minimal/
+
+RUN sed -i 's/efibootmgr//g' /usr/share/doc/bootc-base-imagectl/manifests/minimal/bootupd.yaml
+
+RUN /usr/libexec/bootc-base-imagectl build-rootfs --manifest=almalinux-9-rpi /target-rootfs
+
+###
+
+FROM scratch
+
+COPY --from=builder /target-rootfs/ /
+
+LABEL containers.bootc 1
+LABEL ostree.bootable 1
+
+STOPSIGNAL SIGRTMIN+3
+CMD ["/sbin/init"]

9-rpi/almalinux-9-rpi.yaml

@@ -0,0 +1,34 @@
+releasever: 9
+
+repos:
+  - baseos
+  - appstream
+  - raspberrypi
+
+variables:
+  distro: "almalinux9"
+
+packages:
+  - almalinux-repos
+  - almalinux-release-raspberrypi
+
+postprocess:
+  - |
+    #!/usr/bin/env bash
+
+    set -euo pipefail
+
+    mkdir -p /usr/lib/bootc/install/
+    cat > /usr/lib/bootc/install/20-rhel.toml << EOF
+    [install]
+    root-fs-type = "xfs"
+    EOF
+  - |
+    #!/usr/bin/env bash
+    set -euo pipefail
+    dnf clean all
+    rm /var/{log,cache,lib}/* -rf
+    systemctl preset-all
+
+include:
+  - standard/manifest.yaml

9-rpi/almalinux-raspberrypi.repo

@@ -0,0 +1,27 @@
+# Raspberry PI repo for AlmaLinux
+
+[raspberrypi]
+name=AlmaLinux $releasever - Raspberry Pi
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/raspberrypi
+# baseurl=https://repo.almalinux.org/almalinux/$releasever/raspberrypi/$basearch/os/
+gpgcheck=1
+enabled=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
+
+## Sources
+[raspberrypi-source]
+name=AlmaLinux $releasever - Raspberry Pi Source
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/raspberrypi-source
+# baseurl=https://repo.almalinux.org/vault/$releasever/raspberrypi/Source/
+gpgcheck=1
+enabled=0
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
+
+## Debug
+[raspberrypi-debuginfo]
+name=AlmaLinux $releasever - Raspberry Pi debuginfo
+mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/raspberrypi-debuginfo
+# baseurl=https://repo.almalinux.org/vault/$releasever/raspberrypi/debug/$basearch/
+gpgcheck=1
+enabled=0
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9

9-rpi/kernel.yaml

@@ -0,0 +1,11 @@
+packages:
+  - filesystem
+  - linux-firmware-raspberrypi
+  - raspberrypi-sys-mods
+  - raspberrypi-userland
+  - raspberrypi2-firmware
+  - raspberrypi2-kernel4
+  - raspberrypi2-kernel4-tools
+
+exclude-packages:
+  - kernel-debug