All notable changes to this project will be documented in this file.
- Remove tty_only for ConsoleAppender and use dumb-init correctly
- Remove COPY for entrypoint.sh
- Check for existence of rpm-ostree-base-db (#733)
- Release
- Add another path for pacman cache (#714)
- Fix clippy lints due to rust compiler upgrade
- Update to the latest stable nixpkgs from flakehub (#726)
- Fix link to nix flake on flakehub (#727)
- Check if container run fails when checking version (#729)
- Relink rpm-ostree-base-db to system rpmdb (#732)
- Ensure consecutive colors aren't too similar (#715)
- Fix clippy lints
- Release
- Only run setup if required programs don't exist (#712)
- Get all the digests in the image ref and sign them (#705)
- Bump cosign to v3.0.5 (#703)
- Update log filter list and add arg to disable filter
- Release
- Ensure generated ANSI colors have adequate contrast (#683)
- Verification checks correct pub file
- Ensure --no-sign doesn't check cosign keys
- Add support for new package managers (#649)
- Add clean script for container build tests
- Release
- Remove quotes around platform value
- Cargo.lock file
- Add option to remove base image after building new image (#663)
- Add the ability to set the platform for a stage (#653)
- Bump cosign to v3.0.3 (#665)
- Bump cosign to v3.0.4 (#666)
- Prune after removing base image when rechunking (#667)
- Release
- Release
- Remove --replace arg
- Continue initializing logger if it can't create log files (#625)
- Have to move ARG and FROM to top of file
- Ensure layer annotations for build-chunked-oci are preserved (#644)
- Pull prior build for build-chunked-oci to use as baseline (#650)
- Remove concurrency limits from reusable workflows (#652)
- Set compression format in manifest_push (#645)
- Have the base image FROM use an ARG
- Use special logging for pushing manifest
- Add concurrency limits for all jobs (#651)
- Release
- "or", not "and", in
Recipe::should_install_bins(#619) - Don't use conflicts_with for rechunk
- Run build-chunked-oci steps serially (#622)
- Support more lenient version strings (#621)
- Update lockfile
- Release
- Sign images using old bundle format
- Attempt to fix podman manifest create failures (#615)
- Support rechunking with build-chunked-oci (#610)
- Export
OS_ARCHvariable to be from the container… (#614) - Clean up and consolidate chunked logic
- Clean up and consolidate chunked logic (#616)
- Release
- Drop unmaintained dep atty
- Remove unused dep users
- Mismatched sha and version
- Specific secrets inheritance
- Give amd64 and arm64 pre-build write for packages
- Allow blue-build-tag to take a branch name
- Ensure build scripts are extracted only once per run
- Give provenance jobs
actions: readaccess - Retrieve the digest-list artifact directly
- Get digest-list from separate call
- Make sure the tag build spits out the digest list
- Build args should be last
- Add environment variables for generate-iso args
- Refactor label generation to support custom user-defined values.
- Add --web-ui option (#602)
- Enable multi-arch builds (#518)
- Support Cosign V3 (#601)
- Add SLSA provenance generation (#596)
- Cargo format
- Consolidated label generation into recipe method and cleaned up some formatting
- Cleanup use statements and fix clippy doc errors
- Upgrade sigstore to 0.13
- Replace serde_yml with serde_yaml_ng
- Upgrade log4rs to 1.4 to drop unmaintained subdep
- Create SECURITY.md
- Add cooldown for dependabot with default 7 days
- Pin actions references
- Set empty top level permissions for all jobs (#595)
- Remove crate format_serde_error
- Pin all crate versions
- Add RUSTUP_PERMIT_COPY_RENAME and clippy fixes
- Print all digests and sign all images (#597)
- Add cosign validation to install.sh (#598)
- Release
- Simplified label generation and clarity, removed mutation as impact of new btree generation is negligible and maintains a better, immutable api.
- Move build script logic to generate command
- Find the correct credentials for inspecting
- Add timeout of 10 seconds for retrieving schema files
- Bump cosign to 2.6.1
- Add extra error context for schema validator
- Allow vendoring libgit2 (#562)
- Release
- Use different mount options based on build engine
- Get podman working for Gitlab builds (#520)
- Ensure build and run driver is set to podman
- Symlink /opt in prebuild
- Make sure to recreate the symbolic link for /opt at the end
- Have a better check for existing entries in /opt
- Set buildscripts for switch command
- Make sure to remove /opt before re-linking
- Take into account directories with spaces in the name
- The last argument shouldn't have quotes
- Add bootc support (#448)
- Embed build scripts and extract into temp dir for build (#516)
- Use oci-client crate for inspecting
- Add --link arg for COPY if build driver is docker
- Fix clippy lints
- Update deps
- Add env vars for some build args
- Add missing env vars for build args
- Create scorecard.yml
- Add scorecard badge
- Use /usr/lib/opt for optfix to match dnf and rpm-ostree modules
- Release
- Remove default value of native for platform arg
- Adjust release command
- Release
- [breaking] Allow specifying mount type for secrets
- Set default-flatpaks module to v1
- Add all linux platforms
- Don't skip validation
- Typo
- Release
- Add ability to mount secrets
- Bump cosign to 2.5.3
- Release
- Only set to config/ if files/ doesn't exist
- Release
- Upload-sarif comment formatting
- Allow repos that don't have a files/ directory
- Update README.md to bring it up to current functionality
- Add docker in list of builders
- Add the ability to set args for module calls
- Run arm pre-build on arm runner
- Update deps
- Bump cosign
- Release
- Remove bootc check for now since it's causing problems
- Release
- Replace / in branch names with _ when generating tags
- Disable cache for earthly setup
- Release
- Remove /usr/etc in cleanup since it's not used by bootc
- Release
- Needs to be bootc container lint
- Release
- Setup QEMU for tag builds
- Pull akmods-extra only for bazzite (Fixes #441)
- Parse Version from container and remove ostree commit
- Bump docker/login-action
- Add github-actions dependabot updates
- Bump cosign to 2.5.0
- Bump cosign to 2.5.0
- Fix github actions dep reference (#440)
- Use get_env_var
- Clippy fixes
- Disable legacy integration test
- Remove feature flags
- Add bootc lint
- Release
- Remove onig from dep tree
- Add retry for retrieving schemas
- Use our rust earthly lib now; make tests and lints more efficient
- Maximize build space for building the image
- Revert test and lint changes
- Add cache layer support
- Clippy fixes
- Update edition to 2024
- Install toolchains and components in build
- Format files
- Rework the workflows to make it easier to manage
- Create separate test and build workflows
- Add extra test recipes
- Simplify opts using new ImageRef type
- Release
- Get os ID with built-ins
- Upgrade deps
- Migrate from rinja to askama
- Upgrade cached and use new sync_writes by_key for faster operations
- Release
- Use sudo for skopeo copy for rechunk
- Revert change to OciDir
- Use sudo for login when using rechunk
- Fix lints and be sure to login before build in rechunk
- Handle login for skopeo during rechunk flow
- Release
- Allow user to not install Nushell in their system
- Don't use * for shadow-rs build dependency
- Invoke sudo when needed for privileged
- Add more context to schema parsing errors
- Disable logs for sensitive crates
- Bump cosign to v2.4.3
- Bump cosign image to 2.4.3
- Pin actions to commit hashes
- Upgrade deps
- Release
- Ignore pre-release field when parsing versions (#364)
- Filter out images whose repo or tag is when listing images
- Make sure to update flake.nix during release
- Add more context for list_images image parsing
- Release
- Check for buildx before using docker
- Use lenient_semver for build drivers version check to handle pre-release versions
- Bump cosign to 2.4.2
- Release
- Set tags on docker build
- Fix clippy lints
- Release
- Determin scripts tag
- Release
- Release
- Improve validation errors
- Use new comlexr features
- Make sure clippy checks entire workspace
- Upgrade comlexr to 1.3.0
- Cleanup code before release and update deps
- Release
- Don't install all features when building tag
- Remove image for docker inspect after running image to get version
- Switch to using my new proc_macro comlexr
- Release
- Add support for NuShell scripts
- Support versioned modules
- Add nushell completions
- Update jsonschema
- Fix clippy lints
- Release
- Make use of Reference to ensure typing
- Prevent certain builds from running when the PR is from a fork
- Set kinoite as the default variant for generating an ISO
- Typo in --all arg for buildah and podman prune
- Use ghcr for cosign (#304)
- Add the ability to choose a tempdir for builds
- Allow fresh rechunking of image
- Copy signing keys to
/etc/only (#288) - Remove unused force arg
- Use consistent syntax for getting information from os-release
- Add Github Action auditing
- Upgrade shadow-rs
- Release
- Change file paths to match template
- Add the ability to rechunk an image
- Prepare for the v0.9.0 release
- Release
- Login to earthly for tag build-scripts-all target
- [breaking] Create prune command
- Assure that
get_json_arrayoutputs compactjsonoutput - Release
- Build all features for each package and build all archs
- Export get_json_array bash function
- Fix integration tests
- Add logic for inspecting multi-manifest images
- Release
- Make sure tag job uses +build-images target
- Ensure we build the +build-scripts target on tags
- Make sure jq prints raw values
- Add cache for dnf5
- Remove unneded comment about
bootupctlcommand - Add get_json_array bash function for migration to jq
- Release
- Update main branch workflow to use +build-images target
- Make sure to exit after unwind
- Update copy Typespec to expect proper type
- Clean up error display for validate command
- Pin prebuilds to Fedora 40
- Have integration tests job require the amd64-prebuild job
- Better support distrobox (#160)
- Setup blue-build-recipe crate to use reqwest version and features
- Add validation command
- Use yaml-rust2 to get line numbers for better errors
- Include base image information in labels
- Add the new/init subcommands (#85)
- Cleanup workflows to be run from just (#238)
- Require integration tests to depend on prebuild
- Remove expect-exit as a dependency and add bacon config
- Remove akmod that no longer exists in integration tests
- Create dependabot.yml
- Send log files to ~/.cache/bluebuild
- Set shadow back to its original location
- Remove need to update .gitignore by making use of temporary directories
- [breaking] Remove force arg for build since it is no longer in use
- Update akmods image ref gen to handle open drivers
- Add extra help text for fixing local modules
- Install jq and prefer over yq for modules
- Release
- Release
- Ensure the correct digest is used for docker and podman inspect drivers
- Use docker buildx imagetools to inspect for the docker inspect driver
- Use full json inspection for docker inspect driver
- Switch cosign registry from GCR to GHCR (#237)
- Remove --load for docker build since we no longer pull the image for inspection
- Fix akmods tests
- Remove akmods module for arm64 build
- Release
- Use built-in image inspection for podman and docker
- Release
- Properly escape module json
- Add post build script to prepare image for ISO creation
- Make sigstore driver more resilient to network errors
- May not be possible to just install bootc, run bootupctl if bootc already exists
- Run image as fallback for version retrieval
- Add platform arg to force building a specific architecture
- Add expand.rs to .gitignore for debugging macros
- Make build.rs run again on git change
- Add one more criteria for rerun build.rs to check .git/refs/heads
- Check for bootupctl in post-build script
- Remove bootupctl until issue is resolved
- Run clippy and test for every feature individually
- Release
- Swtich to using bon for builder pattern
- Fix docker login for oauth logins
- Upgrade sigstore to use contributed changes
- Release
- Ensure image names are lowercase
- Update tests for lowercasing image names
- Release
- Ensure that debug logs header for builds properly display the time
- Make build fail if module fails
- Generate correct image names based on user supplied arguments
- Color output in terminal if running in TTY
- Create generate-iso command (#192)
- Display list of image refs at the end of a build
- Make sigstore an optional dep
- Update CODEOWNERS
- Update patch rev for sigstore
- Fix legacy integration tests
- Release
- Make sure getting version fails if not all dirs were copied
- Make sure GitHub job pushes latest image on scheduled job
- Properly handle alt-tags so they don't collide with default tags
- Release
- Include $crate for macro calls
- Don't let process continue running if the main app thread panics
- Release
- Create SigningDriver and CiDriver (#197)
- Add Ctrl-C handler for spawned children (#193)
- Support other signals properly (#194)
- Builds failing due to new Rust version
- Add typespec schemas for cli modules, remove modules.json (not needed anymore) (#209)
- Allow copying keys to both /etc and /usr/etc
- Out of bounds panic when not retrying push
- Add arm support (#191)
- Build multiple recipes in parallel (#182)
- Create RunDriver (#196)
- Add gh cli to just release
- Build with priveleged
- Checkout proper branch and build using cargo for buildah-build
- Use proper out directory for installer image
- Capitalize AS
- Stop using secureblue for integration testing
- Move files for test-repo to work with new files module update
- Add Justfile commands for easier development (#205)
- Fix integration tests failing
- Switch from askama to rinja
- Move files from
/usr/etc/to/etc/in build-time (#214) - Release
- Fix tag CI to build prebuild separately from main build
- Switch to using miette for errors instead of anyhow (#198)
- Fail if cosign private/public key can't be verified (#190)
- Make sure username, password, and registry are not empty
- Move creds empty check to credentials module
- Update README to put preferred method of installation higher up
- Add action to test external login
- Add registry for external login test
- Add external login job and buildah jobs
- Release
- Allow both files or config directory to not exist (#185)
- Remove extra setup call
- Remove hard requirement for login creds to be able to push (#187)
- Stages (#173)
- Don't use satellites for integration tests
- Release
- [breaking] Rename
templatetogenerateand moverebase/upgradeunderswitch(#116)
- Don't create builder if DOCKER_HOST is set
- Use leniency for semver parsing (#184)
- Update README to revert cargo install instruction since issue is fixed
- Update docker/podman install instructions
- Fix checkout for podman-build
- Remove a pre-release-replacement
- Release
- Add driver args to rebase/upgrade command
- Make docker pull latest images when building
- Don't use '' in format arg
- Create lock on docker setup to prevent race conditions
- Create a bluebuild buildx runner
- Ensure cargo installs use version for build scripts image
- Cleanup install script to instead create the container without running it
- Release
- Git sha not present during
cargo install(#176)
- Add alternate tags for user images (#172)
- Streamline getting version
- Fix how we get the version in the Earthfile
- Allow tests to pass due to upstream akmods issues
- Remove title case (#177)
- Fix release replacements
- Release
- Fix flatpak module errors
- Remove token from checkout
- Pull version using cargo for tag job
- Fix integration tests
- Improve tagging of images and applying labels
- Release
- Use shebang in release recipe
- Pull extra akmods image too (#169)
- Display full recipe with syntax highlighting (#166)
- Move module run logic into its own script (#168)
- Fix tag.yml workflow to pull version from .workspace.package.version
- Remove debug logs from utils
- Use Semver to grab OS version from image
- Make more /var dirs
- Release
- Sign all images in manifest (#148)
- Use proper image URI for local rebasing
- Add test for rpm-ostree rebase (#161)
- Error if any module fails to deserialize (#163)
- Remove /var tmpfs
- Create /var/roothome to fix any issues with adding files to /root
- Create /var/lib/alternatives
- Give better errors for read_to_string
- Add distrobox installation tips (#146)
- Add driver selection args (#153)
- Squash builds (#155)
- Look for recipes in
./recipes/, build files in./files/, and Containerfiles in./containerfiles/(#157)
- Add MODULE_DIRECTORY env var (#142)
- Remove unused files module
- Put LABELS last since they cause cache miss with buildah
- Cleanup images and use hash for exports tag (#158)
- Update akmods module to account for upstream changes (#165)
- Prepare justfile for release
- Release
- Add alpine distrobox and shell completions (#149)
- Checkout proper versions when building on main vs a PR
- Use container skopeo (#110)
- Remove tmpfs for /tmp (#123)
- Allow docker driver to properly use cache (#126)
- Allow special characters for export script (#128)
- Copy bins and keys with mounts for ostree commit (#132)
- Set gzip to default compression format
- Create dir for keys and bins in case they don't exist
- Allow user supplied registry to be set in the template (#135)
- Unable to use SHELL with podman, encapsulate commands in /bin/bash -c
- Put export script in own image
- Remove docker syntax marker
- Pulling wrong exports image
- Revert to bash files module (#125)
- Support
zstdcompression (#134) - Improve logging output (#139)
- Update workspace dependency versions
- Setup build concurrency to reduce number of simultaneous builds on a PR
- Adjust readme path in files module.yml
- Fix readme path for containerfile module in module.yml
- Add version checks for upstream tools (#121)
- Don't build nightly for now
- Separate nightly build to not run in CI for now
- Remove builtin-podman code
- Enable cache builds on main branch
- Don't use docker driver for buildx job on main
- Update gitlab-ci section in README
- Add image source label for exports
- Use tag exports instead
- Fix build.yml
- Release
- Rename strategies to drivers
- Filter out
/in tag names (#94) - Run
ostree container commitat the end of each module run (#103) - Add Nvidia Version to main base case (#107)
- Retry flag (#111)
- Add
org.opencontainers.image.sourceLABEL for CI images (#113) - Remove check for specific branches for signing (#114)
- Update path in comments and README (#115)
- Add install script from github option (#102)
- Add flakehub entry + nix flake (#109)
- Add integration test for
disableuserns.sh(#104) - Update builds to use different satellites and have integration tests on their own job
- Move cargo release settings to root Cargo.toml
- Update crates to have their own versions starting at CLI version
- Prepare for v0.8.2 release
- Update build command to use BuildStrategy (#88)
- COPY yq for final image for modules to work
- COPY yq into final image for modules
- Update modules.json to reflect change in dir layout
- Release blue-build version 0.8.1
- Move templates to their own crate (#83)
- Make sure cosign.pub exists before trying to check key validity
- Check for
GITHUB_TOKENinstead ofSIGSTORE_ID_TOKENfor github OIDC (#72) - Use REGISTRY_TOKEN for GitHub OIDC signing
- Switch to using --certificate-identity-regexp for Github Keyless verification
- Remove trailing newlines from yaml arrays (#73)
- Use GH_TOKEN as GITHUB_TOKEN is a protected env var
- Allow empty custom modules dir (#77)
- Add module documentation for 'containerfile' and 'files' (#82)
- Use GitHub's OIDC for signing images (#62)
- Use WORKDIR and ENTRYPOINT for cli containers (#63)
- Clean up working container for SIGINT and SIGTERM (#14)
- Use tmpfs mount for /tmp and /var (#67)
- Allow user to use source images (#69)
- Make use of rpm-ostree cache (#68)
- Block overriding (#74)
- Allow use of akmods module (#71)
- Add retry options to cli build command (#81)
- Fix build and build-pr not running properly
- Remove unwanted software so we have enough space to run the build for forked PRs
- Print out stderr from login attempts if login fails
- Replace tabs with spaces in Containerfile template
- Run integration tests on a separate satellite to keep build cache free
- Add trace log for github cosign verify
- Fix integration-tests for forks
- Update default module source (#76)
- Release blue-build version 0.8.0
- Use GITHUB_TOKEN instead of REGISTRY_TOKEN (#75)
- Move modules into their own directory structure (#80)
- Remove deprecated bling
COPYforfilesandrpms(#52) - Only use earthly builder if token exists (#53)
- Use Multi-stage builds to prevent COPY for modules and config (#54)
- Alias update for upgrade subcommand (#60)
- Update /Containerfile in .gitignore
- Create base integration test setup (#55)
- Remove nightly flags
- Rename registry-path arg to registry-namespace but keep previous as alias
- Add cargo release files
- Release blue-build version 0.7.1
- Enable clippy nursery lint
- Snippets (#51)
- [breaking] Rename bb to bluebuild (#50)
- Tag workflow version fix (#16)
- Improper syntax for test in tag workflow
- Improve workflow for main branch and PRs (#17)
- Use new cargo-builder to help speed up build times
- Change local build dir to /etc/bluebuild
- Build failing due to change in local tarball location
- Add missing container tags (#37)
- Update containerfile to check for presence of cosign.pub (#46)
- Output better serde::yaml errors (#47)
- Lowecase registry and update IMAGE_REGISTRY arg (#49)
- Add release workflows (#22)
- Upgrades (#26)
- Bugreport command (#28)
- Use COPY syntax for files module (#38)
- Allow default recipe path (#45)
- Move recipe out to its own module (#18)
- Enable Clippy Pedantic lint (#19)
- Fix simple error in workflow (#27)
- Update/Remove logos in this repo (#23) (#30)
- Setup earthly satellite building (#29)
- Update README to show github action use
- Set version to 0.5.6-dev.0 to prepare for first release
- Switch back to crate format_serde_error
- Prepare for 0.6.0 release
- Separate module template from recipe module (#32)
- Separate modules into individual templates
- Install script not working as intended (#15)
- Update gitlab ci example
- Update README for distrobox usage (#12)
- Bumb version
- Don't fetch tags again
- Add token for pushing tags
- Bump version
- Bump version
- Bump version
- Update outdated 60-custom.just
- Rebase path not being generated properly (#8)
- Update changelog
- Manual update changelog for release
- Run clippy + BlueBuildTrait (#4)
- Update Cargo.toml with new repo URL
- Manual bump of version
- Create GitHub Workflow (#9)
- Don't build integration tests in +all
- Allow write for contents and id-token
- Allow workflow_dispatch on build
- Use docker/login-action@v3
- Set packages permissions to write
- Update README.md (#10)
- Use GHCR for install.sh (#11)
- Remove input for release
- Add CARGO_REGISTRY_TOKEN
- Fetch all to get history for changelog updates
- Allow write for id-token
- Allow single module from-file
- Update README for upgrade and rebase commands
- [breaking] Upgrade and Rebase commands
- Add CODEOWNERS file
- Enable integration tests
- Run both nightly and default integration tests
- Use --privileged instead of WITH DOCKER
- Add integration tests for build and template
- Use podman-api crate for building images
- Used wrong image for installer in Containerfile template
- Installer used wrong image tag
- Update README to describe using local builds
- [breaking] Remove containerfile arg since we use compiled time templates
- Conflicting short args for build subcommand
- Local image rebasing
- Add logos
- Removed unwrap from template to handle with proper error message
- Stop possible from-file, type module collision in template
- Use askama crate for compile-time template type checking
- Earthfile syntax error
- Allow image_version to be a String
- Clippy error for image_tag
- Inefficiency in generated Containerfile
- Rename ublue-rs to blue-build
- Renaming tool in docs
- Update README to point to new project
- Logging
- Update cargo.toml
- Bump version
- Add Github support in Build command
- Add support for alpine image and using either podman or buildah
- Update README and CHANGELOG
- Adding more template files for init
- Adding new subcommand
- Add main README template
- Add basic templating support for Github Actions
- Switch to using typed builders
- Improper trim of image digest
- Clippy
- Remove single quotes from image_digest
- Add logging
- Add rusty-hook
- Make containerfile formatting nicer
- Move command structs into bin
- [breaking] Remove legacy code"
- Finish build feature
- Add rust-toolchain.toml
- Exclude some more files
- Fix .git/ exclude
- Update README, checking off a feature
- Fix version to match with published version
- Create README
- Add support for legacy containerfiles and modules containerfiles
- Encapsulate module echo in quotes to be passed in as a single arg
- Remove tracing
- Print module context as json
- [breaking] Support new modules based starting point template
- [breaking] Allow containerfile module to print out to main Containerfile
- Add changelog