ee384d85da
The mutter image now sets up a non-root default user, so we have to wrap everything with sudo or su. Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2806>
104 lines
2.8 KiB
Bash
Executable File
104 lines
2.8 KiB
Bash
Executable File
#!/bin/bash
|
|
# vi: sw=2 ts=4
|
|
|
|
set -e
|
|
|
|
die() {
|
|
echo "$@" >&2
|
|
exit 1
|
|
}
|
|
|
|
check_image_base() {
|
|
local base=$(
|
|
skopeo inspect docker://$TOOLBOX_IMAGE 2>/dev/null |
|
|
jq -r '.Labels["org.opencontainers.image.base.name"]')
|
|
[[ "$base" == "$MUTTER_CI_IMAGE" ]]
|
|
}
|
|
|
|
buildah_run() {
|
|
buildah run $build_cntr sudo "$@"
|
|
}
|
|
|
|
build_container() {
|
|
echo Building $TOOLBOX_IMAGE from $MUTTER_CI_IMAGE
|
|
|
|
export BUILDAH_ISOLATION=chroot
|
|
export BUILDAH_FORMAT=docker
|
|
|
|
local build_cntr=$(buildah from $MUTTER_CI_IMAGE)
|
|
local build_mnt=$(buildah mount $build_cntr)
|
|
|
|
[[ -n "$build_mnt" && -n "$build_cntr" ]] || die "Failed to mount the container"
|
|
|
|
local extra_packages=(
|
|
passwd # needed by toolbox
|
|
gdb
|
|
gnome-console # can't do without *some* terminal
|
|
flatpak-spawn # run host commands
|
|
flatpak # for host apps
|
|
abattis-cantarell-fonts # system font
|
|
gnome-backgrounds # no blank background!
|
|
)
|
|
buildah_run dnf config-manager --set-disabled '*-modular,*-openh264'
|
|
buildah_run dnf install -y "${extra_packages[@]}"
|
|
buildah_run dnf clean all
|
|
buildah_run rm -rf /var/lib/cache/dnf
|
|
|
|
# work around non-working pkexec
|
|
local fake_pkexec=$(mktemp)
|
|
cat > $fake_pkexec <<-'EOF'
|
|
#!/bin/sh
|
|
exec su -c "$*"
|
|
EOF
|
|
buildah copy --chmod 755 $build_cntr $fake_pkexec /usr/bin/pkexec
|
|
|
|
# disable gnome-keyring activation:
|
|
# it either asks for unlocking the login keyring on startup, or it detects
|
|
# the running host daemon and doesn't export the object on the bus, which
|
|
# blocks the activating service until it hits the timeout
|
|
buildah_run rm /usr/share/dbus-1/services/org.freedesktop.secrets.service
|
|
|
|
local srcdir=$(realpath $(dirname $0))
|
|
buildah copy --chmod 755 $build_cntr $srcdir/install-meson-project.sh /usr/libexec
|
|
|
|
# include convenience script for updating mutter dependency
|
|
local update_mutter=$(mktemp)
|
|
cat > $update_mutter <<-EOF
|
|
#!/bin/sh
|
|
/usr/libexec/install-meson-project.sh https://gitlab.gnome.org/GNOME/mutter.git $MUTTER_BRANCH
|
|
EOF
|
|
buildah copy --chmod 755 $build_cntr $update_mutter /usr/bin/update-mutter
|
|
|
|
buildah config --env HOME- \
|
|
--label com.github.containers.toolbox=true \
|
|
--label org.opencontainers.image.base.name=$MUTTER_CI_IMAGE \
|
|
$build_cntr
|
|
|
|
buildah commit $build_cntr $TOOLBOX_IMAGE
|
|
}
|
|
|
|
|
|
MUTTER_CI_IMAGE=$1
|
|
MUTTER_BRANCH=${2:-$CI_COMMIT_BRANCH}
|
|
|
|
TOOLBOX_IMAGE=$CI_REGISTRY_IMAGE/toolbox:${MUTTER_BRANCH#gnome-}
|
|
|
|
[[ -n "$MUTTER_CI_IMAGE" && -n "$MUTTER_BRANCH" ]] ||
|
|
die "Usage: $(basename $0) MUTTER_CI_IMAGE [MUTTER_BRANCH]"
|
|
|
|
if [[ -z "$FORCE_REBUILD" ]]; then
|
|
if check_image_base; then
|
|
echo Image $TOOLBOX_IMAGE exists and is up to date.
|
|
exit 0
|
|
fi
|
|
fi
|
|
|
|
[[ -n "$CI_REGISTRY" && -n "$CI_REGISTRY_USER" && -n "$CI_REGISTRY_PASSWORD" ]] ||
|
|
die "Insufficient information to log in."
|
|
|
|
podman login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
|
|
build_container
|
|
|
|
podman push $TOOLBOX_IMAGE
|