Skip to content

Commit 639e540

Browse files
SecAI-Hubclaude
andcommitted
Fix ISO build: switch from isogenerator to build-container-installer
ublue-os/isogenerator is a composite action that runs dnf directly on the host — fails on ubuntu-latest. Switch to jasonn3/build-container-installer which is container-based and what Bazzite/Bluefin actually use for ISO generation on standard GitHub runners. Also add disk space cleanup step before ISO build (ISOs are ~4GB). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 2c438da commit 639e540

1 file changed

Lines changed: 20 additions & 14 deletions

File tree

.github/workflows/release.yml

Lines changed: 20 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -149,22 +149,28 @@ jobs:
149149
path: dist/
150150

151151
build-iso:
152-
name: Build ISO (isogenerator)
152+
name: Build ISO
153153
needs: [preflight]
154154
runs-on: ubuntu-latest
155155
steps:
156156
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
157157

158+
- name: Free disk space
159+
run: |
160+
sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc
161+
sudo docker image prune -af
162+
158163
- name: Build ISO
159-
uses: ublue-os/isogenerator@427a070b3ba1d24998833c948b745ef8061bb5e2 # main
164+
uses: jasonn3/build-container-installer@207e927e28c92704c4cdbe10b980643b3771ef01 # main
160165
id: isogen
161166
with:
162-
ARCH: x86_64
163-
IMAGE_REPO: ghcr.io/secai-hub
164-
IMAGE_NAME: secai_os
165-
IMAGE_TAG: ${{ github.ref_name }}
166-
VERSION: 42
167-
VARIANT: Silverblue
167+
arch: x86_64
168+
image_name: secai_os
169+
image_repo: ghcr.io/secai-hub
170+
image_tag: ${{ github.ref_name }}
171+
version: 42
172+
variant: Silverblue
173+
iso_name: secai-os-${{ github.ref_name }}-x86_64.iso
168174

169175
- name: Install cosign
170176
run: |
@@ -173,16 +179,16 @@ jobs:
173179
-o /usr/local/bin/cosign
174180
chmod +x /usr/local/bin/cosign
175181
176-
- name: Rename and sign ISO
182+
- name: Sign ISO
177183
run: |
178-
ISO_SRC="${{ steps.isogen.outputs.iso-path }}"
179-
ISO_DST="dist/secai-os-${{ github.ref_name }}-x86_64.iso"
184+
ISO_PATH="${{ steps.isogen.outputs.iso_path }}"
180185
mkdir -p dist
181-
mv "$ISO_SRC" "$ISO_DST"
186+
mv "$ISO_PATH" "dist/"
187+
ISO_FILE="dist/secai-os-${{ github.ref_name }}-x86_64.iso"
182188
cosign sign-blob --yes \
183189
--key env://COSIGN_PRIVATE_KEY \
184-
--output-signature "${ISO_DST}.sig" \
185-
"$ISO_DST"
190+
--output-signature "${ISO_FILE}.sig" \
191+
"$ISO_FILE"
186192
env:
187193
COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}
188194

0 commit comments

Comments
 (0)