bazzite/.github/workflows/build.yml

name: Build and Push Image
on:
  schedule:
    - cron: '20 21 * * *' # 21:20 UTC every day
  pull_request:
    branches:
      - main
    paths-ignore:
      - '**.md'
      - '**.txt'
  push:
    branches:
      - main
    paths-ignore:
      - '**.md'
      - '**.txt'
  merge_group:
  workflow_dispatch:
env:
    IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}

jobs:
  push-ghcr:
    name: Build and push image
    runs-on: buildjet-2vcpu-ubuntu-2204
    permissions:
      contents: read
      packages: write
      id-token: write
    strategy:
      fail-fast: false
      matrix:
        image_flavor: [main, nvidia]
        base_name: [bazzite, bazzite-deck]
        major_version: [38]
        include:
          - major_version: 38
            is_latest_version: false
            is_stable_version: true
          - major_version: 38
            is_latest_version: true
            is_stable_version: true
    steps:
      # Checkout push-to-registry action GitHub repository
      - name: Checkout Push to Registry action
        uses: actions/checkout@v3

      - name: Matrix Variables
        run: |
          if [[ "${{ matrix.image_flavor }}" == "main" ]]; then
              echo "IMAGE_NAME=${{ matrix.base_name }}" >> $GITHUB_ENV
          else
              echo "IMAGE_NAME=${{ format('{0}-{1}', matrix.base_name, matrix.image_flavor) }}" >> $GITHUB_ENV
          fi

      - name: Generate tags
        id: generate-tags
        shell: bash
        run: |
          # Generate a timestamp for creating an image version history
          TIMESTAMP="$(date +%Y%m%d)"
          MAJOR_VERSION="${{ matrix.major_version }}"
          COMMIT_TAGS=()
          BUILD_TAGS=()
          # Have tags for tracking builds during pull request
          SHA_SHORT="${GITHUB_SHA::7}"
          COMMIT_TAGS+=("pr-${{ github.event.number }}-${MAJOR_VERSION}")
          COMMIT_TAGS+=("${SHA_SHORT}-${MAJOR_VERSION}")
          if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \
             [[ "${{ matrix.is_stable_version }}" == "true" ]]; then
              COMMIT_TAGS+=("pr-${{ github.event.number }}")
              COMMIT_TAGS+=("${SHA_SHORT}")
          fi

          BUILD_TAGS=("${MAJOR_VERSION}" "${MAJOR_VERSION}-${TIMESTAMP}")

          if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \
             [[ "${{ matrix.is_stable_version }}" == "true" ]]; then
              BUILD_TAGS+=("latest")
          fi

          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
              echo "Generated the following commit tags: "
              for TAG in "${COMMIT_TAGS[@]}"; do
                  echo "${TAG}"
              done
              alias_tags=("${COMMIT_TAGS[@]}")
          else
              alias_tags=("${BUILD_TAGS[@]}")
          fi
          echo "Generated the following build tags: "
          for TAG in "${BUILD_TAGS[@]}"; do
              echo "${TAG}"
          done
          echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT

      - name: Get Current Fedora Version
        id: labels
        run: |
          ver=$(skopeo inspect docker://ghcr.io/ublue-os/kinoite-${{ matrix.image_flavor }}:${{ matrix.major_version }} | jq -r '.Labels["org.opencontainers.image.version"]')
          echo "VERSION=$ver" >> $GITHUB_OUTPUT

      # Build metadata
      - name: Image Metadata
        uses: docker/metadata-action@v4
        id: meta
        with:
          images: |
            ${{ env.IMAGE_NAME }}
          labels: |
            org.opencontainers.image.title=${{ env.IMAGE_NAME }}
            org.opencontainers.image.version=${{ steps.labels.outputs.VERSION }}
            org.opencontainers.image.description=Bazzite is an OCI image that serves as an alternative operating system for the Steam Deck, and a ready-to-game SteamOS-like for desktop computers and living room home theater PCs.
            io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/bazzite/main/README.md
            io.artifacthub.package.logo-url=https://raw.githubusercontent.com/ublue-os/bazzite/main/repo_content/logo.png

      # Build image using Buildah action
      - name: Build Image
        id: build_image
        uses: redhat-actions/buildah-build@v2
        with:
          containerfiles: |
            ./Containerfile
          image: ${{ env.IMAGE_NAME }}
          tags: |
            ${{ steps.generate-tags.outputs.alias_tags }}
          build-args: |
            IMAGE_NAME=${{ env.IMAGE_NAME }}
            IMAGE_FLAVOR=${{ matrix.image_flavor }}
            FEDORA_MAJOR_VERSION=${{ matrix.major_version }}
          labels: ${{ steps.meta.outputs.labels }}
          oci: false
          extra-args: |
            --target=${{ matrix.base_name }}

      # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR.
      # https://github.com/macbre/push-to-ghcr/issues/12
      - name: Lowercase Registry
        id: registry_case
        uses: ASzc/change-string-case-action@v5
        with:
          string: ${{ env.IMAGE_REGISTRY }}

      # Push the image to GHCR (Image Registry)
      - name: Push To GHCR
        uses: redhat-actions/push-to-registry@v2
        id: push
        if: github.event_name != 'pull_request'
        env:
          REGISTRY_USER: ${{ github.actor }}
          REGISTRY_PASSWORD: ${{ github.token }}
        with:
          image: ${{ steps.build_image.outputs.image }}
          tags: ${{ steps.build_image.outputs.tags }}
          registry: ${{ steps.registry_case.outputs.lowercase }}
          username: ${{ env.REGISTRY_USER }}
          password: ${{ env.REGISTRY_PASSWORD }}
          extra-args: |
            --disable-content-trust

      - name: Login to GitHub Container Registry
        uses: docker/login-action@v2
        if: github.event_name != 'pull_request'
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      # Sign container
      - uses: sigstore/cosign-installer@v3.1.1
        if: github.event_name != 'pull_request'

      - name: Sign container image
        if: github.event_name != 'pull_request'
        run: |
          cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS}
        env:
          TAGS: ${{ steps.push.outputs.digest }}
          COSIGN_EXPERIMENTAL: false
          COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}

      - name: Echo outputs
        if: github.event_name != 'pull_request'
        run: |
          echo "${{ toJSON(steps.push.outputs) }}"
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`name: Build and Push Image`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`on:`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`schedule:`
			`- cron: '20 21 * * *' # 21:20 UTC every day`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`pull_request:`
			`branches:`
			`- main`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`paths-ignore:`
			`- '**.md'`
			`- '**.txt'`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`push:`
			`branches:`
			`- main`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`paths-ignore:`
			`- '**.md'`
			`- '**.txt'`
			`merge_group:`
			`workflow_dispatch:`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`env:`
			`IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}`

			`jobs:`
			`push-ghcr:`
			`name: Build and push image`
chore(ci): bump down to 2 core builders 2023-07-25 09:58:28 -04:00			`runs-on: buildjet-2vcpu-ubuntu-2204`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`permissions:`
			`contents: read`
			`packages: write`
			`id-token: write`
			`strategy:`
			`fail-fast: false`
			`matrix:`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`image_flavor: [main, nvidia]`
			`base_name: [bazzite, bazzite-deck]`
chore: Drop Fedora 37 builds 2023-06-21 15:39:16 -07:00			`major_version: [38]`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`include:`
workflows: build: Add support for Fedora 38 2023-05-23 13:11:45 -06:00			`- major_version: 38`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`is_latest_version: false`
			`is_stable_version: true`
			`- major_version: 38`
			`is_latest_version: true`
			`is_stable_version: true`
workflows: build: Add support for Fedora 38 2023-05-23 13:11:45 -06:00			`steps:`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`# Checkout push-to-registry action GitHub repository`
			`- name: Checkout Push to Registry action`
			`uses: actions/checkout@v3`

feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`- name: Matrix Variables`
			`run: \|`
			`if [[ "${{ matrix.image_flavor }}" == "main" ]]; then`
			`echo "IMAGE_NAME=${{ matrix.base_name }}" >> $GITHUB_ENV`
			`else`
			`echo "IMAGE_NAME=${{ format('{0}-{1}', matrix.base_name, matrix.image_flavor) }}" >> $GITHUB_ENV`
			`fi`

			`- name: Generate tags`
			`id: generate-tags`
			`shell: bash`
			`run: \|`
			`# Generate a timestamp for creating an image version history`
			`TIMESTAMP="$(date +%Y%m%d)"`
			`MAJOR_VERSION="${{ matrix.major_version }}"`
			`COMMIT_TAGS=()`
			`BUILD_TAGS=()`
			`# Have tags for tracking builds during pull request`
			`SHA_SHORT="${GITHUB_SHA::7}"`
			`COMMIT_TAGS+=("pr-${{ github.event.number }}-${MAJOR_VERSION}")`
			`COMMIT_TAGS+=("${SHA_SHORT}-${MAJOR_VERSION}")`
			`if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \`
			`[[ "${{ matrix.is_stable_version }}" == "true" ]]; then`
			`COMMIT_TAGS+=("pr-${{ github.event.number }}")`
			`COMMIT_TAGS+=("${SHA_SHORT}")`
			`fi`

			`BUILD_TAGS=("${MAJOR_VERSION}" "${MAJOR_VERSION}-${TIMESTAMP}")`

			`if [[ "${{ matrix.is_latest_version }}" == "true" ]] && \`
			`[[ "${{ matrix.is_stable_version }}" == "true" ]]; then`
			`BUILD_TAGS+=("latest")`
			`fi`

			`if [[ "${{ github.event_name }}" == "pull_request" ]]; then`
			`echo "Generated the following commit tags: "`
			`for TAG in "${COMMIT_TAGS[@]}"; do`
			`echo "${TAG}"`
			`done`
			`alias_tags=("${COMMIT_TAGS[@]}")`
			`else`
			`alias_tags=("${BUILD_TAGS[@]}")`
			`fi`
			`echo "Generated the following build tags: "`
			`for TAG in "${BUILD_TAGS[@]}"; do`
			`echo "${TAG}"`
			`done`
			`echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT`

			`- name: Get Current Fedora Version`
Maintain the Current OCI Version Label 2023-03-30 05:18:47 +00:00			`id: labels`
			`run: \|`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`ver=$(skopeo inspect docker://ghcr.io/ublue-os/kinoite-${{ matrix.image_flavor }}:${{ matrix.major_version }} \| jq -r '.Labels["org.opencontainers.image.version"]')`
Maintain the Current OCI Version Label 2023-03-30 05:18:47 +00:00			`echo "VERSION=$ver" >> $GITHUB_OUTPUT`

chore: Add opencontainers labels and remove cleanup command 2023-02-15 13:48:36 -08:00			`# Build metadata`
			`- name: Image Metadata`
			`uses: docker/metadata-action@v4`
			`id: meta`
			`with:`
			`images: \|`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`${{ env.IMAGE_NAME }}`
chore: Add opencontainers labels and remove cleanup command 2023-02-15 13:48:36 -08:00			`labels: \|`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`org.opencontainers.image.title=${{ env.IMAGE_NAME }}`
Maintain the Current OCI Version Label 2023-03-30 05:18:47 +00:00			`org.opencontainers.image.version=${{ steps.labels.outputs.VERSION }}`
chore: Update OCI description to match latest README 2023-07-18 15:55:02 -07:00			`org.opencontainers.image.description=Bazzite is an OCI image that serves as an alternative operating system for the Steam Deck, and a ready-to-game SteamOS-like for desktop computers and living room home theater PCs.`
chore: Update metadata section 2023-04-04 00:12:00 -07:00			`io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/bazzite/main/README.md`
chore: Update image description, move logo.png to repo_content 2023-07-18 00:19:12 -07:00			`io.artifacthub.package.logo-url=https://raw.githubusercontent.com/ublue-os/bazzite/main/repo_content/logo.png`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00
			`# Build image using Buildah action`
			`- name: Build Image`
			`id: build_image`
			`uses: redhat-actions/buildah-build@v2`
			`with:`
			`containerfiles: \|`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`./Containerfile`
			`image: ${{ env.IMAGE_NAME }}`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`tags: \|`
			`${{ steps.generate-tags.outputs.alias_tags }}`
			`build-args: \|`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`IMAGE_NAME=${{ env.IMAGE_NAME }}`
			`IMAGE_FLAVOR=${{ matrix.image_flavor }}`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`FEDORA_MAJOR_VERSION=${{ matrix.major_version }}`
chore: Add opencontainers labels and remove cleanup command 2023-02-15 13:48:36 -08:00			`labels: ${{ steps.meta.outputs.labels }}`
			`oci: false`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`extra-args: \|`
			`--target=${{ matrix.base_name }}`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00
			`# Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR.`
			`# https://github.com/macbre/push-to-ghcr/issues/12`
			`- name: Lowercase Registry`
			`id: registry_case`
			`uses: ASzc/change-string-case-action@v5`
			`with:`
			`string: ${{ env.IMAGE_REGISTRY }}`

			`# Push the image to GHCR (Image Registry)`
			`- name: Push To GHCR`
			`uses: redhat-actions/push-to-registry@v2`
			`id: push`
chore: Fix signing step in build.yml 2023-03-04 16:45:59 -08:00			`if: github.event_name != 'pull_request'`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`env:`
			`REGISTRY_USER: ${{ github.actor }}`
			`REGISTRY_PASSWORD: ${{ github.token }}`
			`with:`
			`image: ${{ steps.build_image.outputs.image }}`
			`tags: ${{ steps.build_image.outputs.tags }}`
			`registry: ${{ steps.registry_case.outputs.lowercase }}`
			`username: ${{ env.REGISTRY_USER }}`
			`password: ${{ env.REGISTRY_PASSWORD }}`
			`extra-args: \|`
			`--disable-content-trust`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`- name: Login to GitHub Container Registry`
			`uses: docker/login-action@v2`
chore: Fix signing step in build.yml 2023-03-04 16:45:59 -08:00			`if: github.event_name != 'pull_request'`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`with:`
			`registry: ghcr.io`
			`username: ${{ github.actor }}`
			`password: ${{ secrets.GITHUB_TOKEN }}`

chore: Fix signing step in build.yml 2023-03-04 16:45:59 -08:00			`# Sign container`
chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> 2023-07-03 11:41:14 +00:00			`- uses: sigstore/cosign-installer@v3.1.1`
chore: Fix signing step in build.yml 2023-03-04 16:45:59 -08:00			`if: github.event_name != 'pull_request'`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00
chore: Fix signing step in build.yml 2023-03-04 16:45:59 -08:00			`- name: Sign container image`
			`if: github.event_name != 'pull_request'`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`run: \|`
feat: Overhaul images These changes effectively make the structure similar to bluefin. bazzite now serves as a base for desktop configurations and now bazzite-deck has been introduced to add changes specific to the Steam Deck and Steam Deck-alike configurations. Also: - Introduce images built from main for non-Nvidia systems - Consolidate structure (remove duplicates, merge Containerfiles) 2023-06-18 19:22:17 +00:00			`cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS}`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`env:`
			`TAGS: ${{ steps.push.outputs.digest }}`
			`COSIGN_EXPERIMENTAL: false`
chore: Fix signing step in build.yml 2023-03-04 16:45:59 -08:00			`COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00
			`- name: Echo outputs`
chore: Fix signing step in build.yml 2023-03-04 16:45:59 -08:00			`if: github.event_name != 'pull_request'`
Initial commit of Bazzite 2023-02-09 11:08:39 -08:00			`run: \|`
Maintain the Current OCI Version Label 2023-03-30 05:18:47 +00:00			`echo "${{ toJSON(steps.push.outputs) }}"`