mirror of
https://github.com/lukaszraczylo/talos-builder.git
synced 2026-06-05 23:03:36 +00:00
Stephen Wheet
c62a8373a2
- Make TALOS_VERSION overridable (?=) and extract from git tag - Workflow builds Pi5 then Pi4 (clean re-checkout for different kernel config) - Separate installer images: <tag>-rpi5 and <tag>-rpi4 - Separate metal images: metal-arm64-rpi5.raw.zst and metal-arm64-rpi4.raw.zst - Release includes both platforms with updated notes - README updated for dual-platform support
197 lines
8.3 KiB
YAML
197 lines
8.3 KiB
YAML
on:
|
|
push:
|
|
tags:
|
|
- 'v*.*.*'
|
|
|
|
env:
|
|
REGISTRY: ghcr.io
|
|
REGISTRY_USERNAME: ${{ github.repository_owner }}
|
|
# Extensions to bake into the installer image.
|
|
# Format: space-separated list of image:tag references (digests resolved at build time).
|
|
EXTENSION_ISCSI_IMAGE: ghcr.io/siderolabs/iscsi-tools:v0.2.0
|
|
EXTENSION_UTIL_LINUX_IMAGE: ghcr.io/siderolabs/util-linux-tools:2.41.2
|
|
|
|
jobs:
|
|
build:
|
|
permissions:
|
|
contents: write
|
|
packages: write
|
|
attestations: write
|
|
id-token: write
|
|
runs-on: ubuntu-24.04-arm
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: imjasonh/setup-crane@v0.4
|
|
with:
|
|
version: v0.20.5
|
|
- uses: docker/setup-buildx-action@v3
|
|
- uses: docker/login-action@v3
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Set up GitHub Actions bot user
|
|
run: |
|
|
git config --global user.name "github-actions[bot]"
|
|
git config --global user.email "github-actions[bot]@users.noreply.github.com"
|
|
|
|
- name: Extract Talos version from tag
|
|
id: talos-version
|
|
run: |
|
|
# Tag format: v1.11.6-rpi5, v1.11.5-cm5, etc.
|
|
# Extract the upstream Talos version (vMAJOR.MINOR.PATCH) from the tag.
|
|
TAG="${{ github.ref_name }}"
|
|
TALOS_VERSION=$(echo "$TAG" | grep -oE '^v[0-9]+\.[0-9]+\.[0-9]+')
|
|
echo "TALOS_VERSION=${TALOS_VERSION}" >> $GITHUB_ENV
|
|
echo "Resolved TALOS_VERSION=${TALOS_VERSION} from tag ${TAG}"
|
|
|
|
- name: Resolve extension image digests
|
|
run: |
|
|
EXTENSIONS=""
|
|
while IFS= read -r line; do
|
|
IMAGE="${line#*=}"
|
|
DIGEST=$(crane digest "$IMAGE")
|
|
EXTENSIONS="$EXTENSIONS $IMAGE@$DIGEST"
|
|
done < <(env | grep '^EXTENSION_')
|
|
echo "EXTENSIONS=${EXTENSIONS# }" >> $GITHUB_ENV
|
|
|
|
# ──────────────────────────────────────────────
|
|
# Raspberry Pi 5
|
|
# ──────────────────────────────────────────────
|
|
|
|
- name: "Pi5 — Prepare (checkouts & patches)"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} checkouts patches-pi5
|
|
|
|
- name: "Pi5 — Kernel"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} REGISTRY=${{ env.REGISTRY }} REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} kernel
|
|
|
|
- name: "Pi5 — Kernel initramfs"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} REGISTRY=${{ env.REGISTRY }} REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} kern_initramfs
|
|
|
|
- name: "Pi5 — Installer base"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} REGISTRY=${{ env.REGISTRY }} REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} installer-base
|
|
|
|
- name: "Pi5 — Imager"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} REGISTRY=${{ env.REGISTRY }} REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} imager
|
|
|
|
- name: "Pi5 — Overlay"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} REGISTRY=${{ env.REGISTRY }} REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} overlay
|
|
|
|
- name: "Pi5 — Build installer image (with extensions)"
|
|
run: |
|
|
make TALOS_VERSION=${{ env.TALOS_VERSION }} \
|
|
REGISTRY=${{ env.REGISTRY }} \
|
|
REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} \
|
|
ASSET_TYPE=installer \
|
|
EXTENSIONS="${{ env.EXTENSIONS }}" \
|
|
installer-pi5
|
|
crane push \
|
|
./checkouts/talos/_out/installer-arm64.tar \
|
|
${{ env.REGISTRY }}/${{ env.REGISTRY_USERNAME }}/installer:${{ github.ref_name }}-rpi5
|
|
|
|
- name: "Pi5 — Build metal disk image"
|
|
run: |
|
|
make TALOS_VERSION=${{ env.TALOS_VERSION }} \
|
|
REGISTRY=${{ env.REGISTRY }} \
|
|
REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} \
|
|
ASSET_TYPE=metal \
|
|
EXTENSIONS="${{ env.EXTENSIONS }}" \
|
|
installer-pi5
|
|
mv ./checkouts/talos/_out/metal-arm64.raw.zst ./metal-arm64-rpi5.raw.zst
|
|
|
|
# ──────────────────────────────────────────────
|
|
# Raspberry Pi 4 / CM4
|
|
# ──────────────────────────────────────────────
|
|
|
|
- name: "Pi4 — Prepare (clean, re-checkout & patches)"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} checkouts-clean checkouts patches-pi4
|
|
|
|
- name: "Pi4 — Kernel"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} REGISTRY=${{ env.REGISTRY }} REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} kernel
|
|
|
|
- name: "Pi4 — Kernel initramfs"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} REGISTRY=${{ env.REGISTRY }} REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} kern_initramfs
|
|
|
|
- name: "Pi4 — Installer base"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} REGISTRY=${{ env.REGISTRY }} REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} installer-base
|
|
|
|
- name: "Pi4 — Imager"
|
|
run: make TALOS_VERSION=${{ env.TALOS_VERSION }} REGISTRY=${{ env.REGISTRY }} REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} imager
|
|
|
|
- name: "Pi4 — Build installer image (with extensions)"
|
|
run: |
|
|
make TALOS_VERSION=${{ env.TALOS_VERSION }} \
|
|
REGISTRY=${{ env.REGISTRY }} \
|
|
REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} \
|
|
ASSET_TYPE=installer \
|
|
EXTENSIONS="${{ env.EXTENSIONS }}" \
|
|
installer-pi4
|
|
crane push \
|
|
./checkouts/talos/_out/installer-arm64.tar \
|
|
${{ env.REGISTRY }}/${{ env.REGISTRY_USERNAME }}/installer:${{ github.ref_name }}-rpi4
|
|
|
|
- name: "Pi4 — Build metal disk image"
|
|
run: |
|
|
make TALOS_VERSION=${{ env.TALOS_VERSION }} \
|
|
REGISTRY=${{ env.REGISTRY }} \
|
|
REGISTRY_USERNAME=${{ env.REGISTRY_USERNAME }} \
|
|
ASSET_TYPE=metal \
|
|
EXTENSIONS="${{ env.EXTENSIONS }}" \
|
|
installer-pi4
|
|
mv ./checkouts/talos/_out/metal-arm64.raw.zst ./metal-arm64-rpi4.raw.zst
|
|
|
|
# ──────────────────────────────────────────────
|
|
# Release
|
|
# ──────────────────────────────────────────────
|
|
|
|
- name: Create GitHub Release
|
|
if: startsWith(github.ref, 'refs/tags/v')
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
run: |
|
|
INSTALLER_PI5="${{ env.REGISTRY }}/${{ env.REGISTRY_USERNAME }}/installer:${{ github.ref_name }}-rpi5"
|
|
INSTALLER_PI4="${{ env.REGISTRY }}/${{ env.REGISTRY_USERNAME }}/installer:${{ github.ref_name }}-rpi4"
|
|
NOTES=$(cat <<EOF
|
|
> ⚠️ Experimental build, use at your own risk.
|
|
|
|
Patched Talos Linux for **Raspberry Pi 5** and **Raspberry Pi 4 / CM4**, including NVMe, NIC and USB support.
|
|
|
|
### Extensions included
|
|
|
|
- \`iscsi-tools\` ${{ env.EXTENSION_ISCSI_IMAGE }}
|
|
- \`util-linux-tools\` ${{ env.EXTENSION_UTIL_LINUX_IMAGE }}
|
|
|
|
### Artifacts
|
|
|
|
| Platform | Disk image | Installer image |
|
|
|----------|-----------|----------------|
|
|
| **RPi 5 / CM5** | \`metal-arm64-rpi5.raw.zst\` | \`${INSTALLER_PI5}\` |
|
|
| **RPi 4 / CM4** | \`metal-arm64-rpi4.raw.zst\` | \`${INSTALLER_PI4}\` |
|
|
|
|
### Fresh install
|
|
|
|
Download the disk image for your board and flash it:
|
|
\`\`\`bash
|
|
unzstd metal-arm64-rpi5.raw.zst # or metal-arm64-rpi4.raw.zst
|
|
dd if=metal-arm64-rpi5.raw of=<disk> bs=4M status=progress
|
|
\`\`\`
|
|
|
|
### Upgrade
|
|
|
|
\`\`\`bash
|
|
# Raspberry Pi 5
|
|
talosctl upgrade --nodes <NODE_IP> --image ${INSTALLER_PI5}
|
|
|
|
# Raspberry Pi 4 / CM4
|
|
talosctl upgrade --nodes <NODE_IP> --image ${INSTALLER_PI4}
|
|
\`\`\`
|
|
|
|
EOF
|
|
)
|
|
gh release create \
|
|
${{ github.ref_name }} \
|
|
metal-arm64-rpi5.raw.zst \
|
|
metal-arm64-rpi4.raw.zst \
|
|
--title "${{ github.ref_name }}" \
|
|
--notes "$NOTES"
|