Merge branch 'main' into dependabot/github_actions/sigstore/cosign-installer-3.5.0

Author: bsherman

.github/workflows/reusable-build.yml

@@ -7,7 +7,7 @@ on:
         required: true
         type: string
 env:
-    IMAGE_NAME: akmods
+    IMAGE_BASE_NAME: akmods
     IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
 
 concurrency:
@@ -36,14 +36,7 @@ jobs:
         cfile_suffix:
           - common
           - nvidia
-        nvidia_version:
-          - 0
-          - 550
         exclude:
-          - cfile_suffix: common
-            nvidia_version: 550
-          - cfile_suffix: nvidia
-            nvidia_version: 0
           - kernel_flavor: asus
             fedora_version: 38
           - kernel_flavor: surface
@@ -56,7 +49,6 @@ jobs:
             kernel_flavor: fsync # kernel-fsync packages are not being built for F40 yet.
           - fedora_version: 40
             kernel_flavor: fsync-lts
-          
     steps:
       # Checkout push-to-registry action GitHub repository
       - name: Checkout Push to Registry action
@@ -65,26 +57,25 @@ jobs:
       - name: Matrix Variables
         shell: bash
         run: |
-          if [[ "${{ matrix.fedora_version }}" -ge "41" ]]; then
-              # when we are confident of official fedora images we can switch to them
-              echo "SOURCE_IMAGE=fedora-silverblue" >> $GITHUB_ENV
-              echo "SOURCE_ORG=fedora" >> $GITHUB_ENV
+          if [ "common" == "${{ matrix.cfile_suffix }}" ]; then
+              echo "IMAGE_NAME=${{ env.IMAGE_BASE_NAME }}" >> $GITHUB_ENV
           else
-              echo "SOURCE_IMAGE=base" >> $GITHUB_ENV
-              echo "SOURCE_ORG=fedora-ostree-desktops" >> $GITHUB_ENV
+              echo "IMAGE_NAME=${{ env.IMAGE_BASE_NAME }}-${{ matrix.cfile_suffix }}" >> $GITHUB_ENV
           fi
+          export SOURCE_IMAGE=base
+          export SOURCE_ORG=fedora-ostree-desktops
+          echo "SOURCE_IMAGE=${SOURCE_IMAGE}" >> $GITHUB_ENV
+          echo "SOURCE_ORG=${SOURCE_ORG}" >> $GITHUB_ENV
+          echo "FQ_SOURCE_IMAGE=quay.io/${SOURCE_ORG}/${SOURCE_IMAGE}:${{ matrix.fedora_version }}" >> $GITHUB_ENV
+
 
       - name: Generate tags
         id: generate-tags
         shell: bash
         run: |
           # Generate a timestamp for creating an image version history
           TIMESTAMP="$(date +%Y%m%d)"
-          if [[ "${{ matrix.cfile_suffix }}" == "nvidia" ]]; then
-              VARIANT="${{ matrix.kernel_flavor }}-${{ matrix.fedora_version }}-${{ matrix.nvidia_version }}"
-          else
-              VARIANT="${{ matrix.kernel_flavor }}-${{ matrix.fedora_version }}"
-          fi
+          VARIANT="${{ matrix.kernel_flavor }}-${{ matrix.fedora_version }}"
 
           COMMIT_TAGS=()
           BUILD_TAGS=()
@@ -125,69 +116,103 @@ jobs:
           # DEBUG: get character count of key
           wc -c certs/private_key.priv
 
-      - name: Get current version
-        id: labels
-        uses: Wandalen/wretry.action@v2.1.0
+      - name: Pull build image
+        uses: Wandalen/wretry.action@v3.4.0
         with:
           attempt_limit: 3
           attempt_delay: 15000
           command: |
-            set -eo pipefail
-            skopeo inspect docker://quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }} > inspect.json
-            ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json)
+            # pull the base image used for FROM in containerfile so
+            # we can retry on that unfortunately common failure case
+            podman pull ${{ env.FQ_SOURCE_IMAGE }}
+
+      - name: Get current version
+        run: |
+          set -eo pipefail
+
+          # skopeo must always run to inspect image labels for build version
+          skopeo inspect docker://${{ env.FQ_SOURCE_IMAGE }} > inspect.json
+          ver=$(jq -r '.Labels["org.opencontainers.image.version"]' inspect.json)
+          if [ -z "$ver" ] || [ "null" = "$ver" ]; then
+            echo "inspected image version must not be empty or null"
+            exit 1
+          fi
+
+          if [ "main" == "${{ matrix.kernel_flavor }}" ]; then
+            # main kernel_flavor: use ostree.linux to determine kernel version
             linux=$(jq -r '.Labels["ostree.linux"]' inspect.json)
-            if [ -z "$ver" ] || [ "null" = "$ver" ]; then
-              echo "inspected image version must not be empty or null"
-              exit 1
-            fi
-            if [ -z "$linux" ] || [ "null" = "$linux" ]; then
-              echo "inspected image linux version must not be empty or null"
-              exit 1
-            fi
-            echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV
-            echo "SOURCE_IMAGE_LINUX=$linux" >> $GITHUB_ENV
+          else
+            # other kernel_flavor: start container use dnf to find kernel version
+            container_name="fq-$(uuidgen)"
+            podman run --entrypoint /bin/bash --name "$container_name" -dt "${{ env.FQ_SOURCE_IMAGE }}"
+            podman exec $container_name rpm-ostree install dnf dnf-plugins-core
+
+            # Fetch kernel version
+            dnf="podman exec $container_name dnf"
+            case "${{ matrix.kernel_flavor }}" in
+              "asus")
+                $dnf copr enable -y lukenukem/asus-kernel
+                linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:lukenukem:asus-kernel --whatprovides kernel | tail -n1 | sed 's/.*://')
+                ;;
+              "fsync")
+                $dnf copr enable -y sentry/kernel-fsync
+                linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:sentry:kernel-fsync --whatprovides kernel | tail -n1 | sed 's/.*://')
+                ;;
+              "fsync-lts")
+                $dnf copr enable -y sentry/kernel-ba
+                linux=$($dnf repoquery --repoid copr:copr.fedorainfracloud.org:sentry:kernel-ba --whatprovides kernel | tail -n1 | sed 's/.*://')
+                ;;
+              "main")
+                linux=$($dnf repoquery --whatprovides kernel | tail -n1 | sed 's/.*://')
+                ;;
+              "surface")
+                $dnf config-manager --add-repo=https://pkg.surfacelinux.com/fedora/linux-surface.repo
+                linux=$($dnf repoquery --repoid linux-surface --whatprovides kernel-surface | tail -n1 | sed 's/.*://')
+                ;;
+              *)
+                echo "unexpected kernel_flavor '${{ matrix.kernel_flavor }}' for dnf repoquery"
+                ;;
+            esac
+          fi
+
+          if [ -z "$linux" ] || [ "null" = "$linux" ]; then
+            echo "inspected image linux version must not be empty or null"
+            exit 1
+          fi
+          echo "SOURCE_IMAGE_VERSION=$ver" >> $GITHUB_ENV
+          echo "KERNEL_VERSION=$linux" >> $GITHUB_ENV
 
       # Build metadata
       - name: Image Metadata
         uses: docker/metadata-action@v5
         id: meta
         with:
           images: |
-            ${{ 'nvidia' == matrix.cfile_suffix && format('{0}-nvidia', env.IMAGE_NAME) || format('{0}', env.IMAGE_NAME) }}
+            ${{ env.IMAGE_NAME }}
           labels: |
-            org.opencontainers.image.title=${{ env.IMAGE_NAME }}
+            org.opencontainers.image.title=${{ env.IMAGE_BASE_NAME }}
             org.opencontainers.image.description=A caching layer for pre-built akmod RPMs
             org.opencontainers.image.version=${{ env.SOURCE_IMAGE_VERSION }}
-            ostree.linux=${{ env.SOURCE_IMAGE_LINUX }}
+            ostree.linux=${{ env.KERNEL_VERSION }}
             io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md
             io.artifacthub.package.logo-url=https://avatars.githubusercontent.com/u/1728152?s=200&v=4
 
-      - name: Pull build image
-        uses: Wandalen/wretry.action@v2.1.0
-        with:
-          attempt_limit: 3
-          attempt_delay: 15000
-          command: |
-            # pull the base image used for FROM in containerfile so
-            # we can retry on that unfortunately common failure case
-            podman pull quay.io/${{ env.SOURCE_ORG }}/${{ env.SOURCE_IMAGE }}:${{ matrix.fedora_version }}
-
       # Build image using Buildah action
       - name: Build Image
         id: build_image
         uses: redhat-actions/buildah-build@v2
         with:
           containerfiles: |
             ./Containerfile.${{ matrix.cfile_suffix }}
-          image: ${{ 'nvidia' == matrix.cfile_suffix && format('{0}-nvidia', env.IMAGE_NAME) || format('{0}', env.IMAGE_NAME) }}
+          image: ${{ env.IMAGE_NAME }}
           tags: |
             ${{ steps.generate-tags.outputs.alias_tags }}
           build-args: |
             SOURCE_IMAGE=${{ env.SOURCE_IMAGE }}
             SOURCE_ORG=${{ env.SOURCE_ORG }}
             KERNEL_FLAVOR=${{ matrix.kernel_flavor }}
+            KERNEL_VERSION=${{ env.KERNEL_VERSION }}
             FEDORA_MAJOR_VERSION=${{ matrix.fedora_version }}
-            NVIDIA_MAJOR_VERSION=${{ matrix.nvidia_version }}
             RPMFUSION_MIRROR=${{ vars.RPMFUSION_MIRROR }}
           labels: ${{ steps.meta.outputs.labels }}
           oci: false
@@ -202,7 +227,7 @@ jobs:
 
 
       - name: Push To GHCR
-        uses: Wandalen/wretry.action@v2.1.0
+        uses: Wandalen/wretry.action@v3.4.0
         id: push
         if: github.event_name != 'pull_request'
         env:

Containerfile.common

@@ -11,6 +11,7 @@ ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}"
 FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS builder
 ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}"
 ARG KERNEL_FLAVOR="{KERNEL_FLAVOR:-main}"
+ARG KERNEL_VERSION=""
 ARG RPMFUSION_MIRROR=""
 
 COPY build*.sh /tmp
@@ -37,16 +38,11 @@ RUN if grep -qv "surface" <<< "${KERNEL_FLAVOR}"; then \
         /tmp/build-kmod-evdi.sh \
     ; fi && \
     if grep -qv "fsync" <<< "${KERNEL_FLAVOR}"; then \
-        /tmp/build-kmod-winesync.sh && \
-        /tmp/build-kmod-openrgb.sh && \
-        /tmp/build-kmod-steamdeck.sh \
+        /tmp/build-kmod-openrgb.sh \
     ; fi && \
     /tmp/build-kmod-ayaneo-platform.sh && \
     /tmp/build-kmod-ayn-platform.sh && \
-    /tmp/build-kmod-bmi160.sh && \
-    /tmp/build-kmod-bmi260.sh && \
-    /tmp/build-kmod-bmi323.sh && \
-    /tmp/build-kmod-gcadapter_oc.sh && \
+    /tmp/build-kmod-kvmfr.sh && \
     /tmp/build-kmod-nct6687d.sh && \
     /tmp/build-kmod-openrazer.sh && \
     /tmp/build-kmod-ryzen-smu.sh && \

Containerfile.nvidia

@@ -1,17 +1,17 @@
 ###
-### Containerfile.nvidia - used to build ONLY NVIDIA kmods (one driver version per build)
+### Containerfile.nvidia - used to build ONLY NVIDIA kmods
 ###
 
-#Build from base, simpley because it's the smallest image
+#Build from base, simply because it's the smallest image
 ARG SOURCE_IMAGE="${SOURCE_IMAGE:-base}"
 ARG SOURCE_ORG="${SOURCE_ORG:-fedora-ostree-desktops}"
 ARG BASE_IMAGE="quay.io/${SOURCE_ORG}/${SOURCE_IMAGE}"
 ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}"
 
 FROM ${BASE_IMAGE}:${FEDORA_MAJOR_VERSION} AS builder
 ARG FEDORA_MAJOR_VERSION="${FEDORA_MAJOR_VERSION:-39}"
-ARG NVIDIA_MAJOR_VERSION="${NVIDIA_MAJOR_VERSION:-550}"
 ARG KERNEL_FLAVOR="{KERNEL_FLAVOR:-main}"
+ARG KERNEL_VERSION=""
 ARG RPMFUSION_MIRROR=""
 
 COPY build*.sh /tmp
@@ -39,7 +39,7 @@ RUN if grep -qv "surface" <<< "${KERNEL_FLAVOR}"; then \
     ; else \
        export KERNEL_NAME="kernel-surface" \
     ; fi && \
-    /tmp/build-kmod-nvidia.sh ${NVIDIA_MAJOR_VERSION}
+    /tmp/build-kmod-nvidia.sh 550
 
 RUN cp /tmp/ublue-os-nvidia-addons/rpmbuild/RPMS/noarch/ublue-os-nvidia-addons*.rpm \
       /var/cache/rpms/ublue-os/

README.md

@@ -14,21 +14,16 @@ Feel free to PR more kmod build scripts into this repo!
     - [nvidia-container-tookkit repo](https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/latest/install-guide.html#installing-with-yum-or-dnf) - version 1.14 (and newer) provide CDI for podman use of nvidia gpus
 - [ayaneo-platform](https://github.com/ShadowBlip/ayaneo-platform) - Linux drivers for AYANEO x86 handhelds (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
 - [ayn-platform](https://github.com/ShadowBlip/ayn-platform) - Linux drivers for AYN x86 handhelds (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
-- [bmi160](https://github.com/hhd-dev/bmi160) - kernel module driver for the BMI160 IMU (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
-- [bmi260](https://github.com/hhd-dev/bmi260) - kernel module driver for the Bosch BMI260 IMU (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
-- [bmi323](https://github.com/hhd-dev/bmi260) - kernel module driver for the Bosch BMI323 IMU (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
 - [evdi](www.displaylink.com) - kernel module required for use of displaylink (akmod from [negativo17 multimedia repo](https://negativo17.org/multimedia/)
-- [gcadapter_oc](https://github.com/hannesmann/gcadapter-oc-kmod) - kernel module for overclocking the Nintendo Wii U/Mayflash GameCube adapter (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
+- [kvmfr](https://github.com/gnif/looking-glass) - KVM framebuffer relay kernel module for use with Looking Glass (akmod from [hikariknight/looking-glass-kvmfr-akmod copr](https://copr.fedorainfracloud.org/coprs/hikariknight/looking-glass-kvmfr/))
 - [nct6687d](https://github.com/Fred78290/nct6687d) - Linux kernel module for Nuvoton NCT6687-R found on AMD B550 chipset motherboards (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
 - [nvidia](https://rpmfusion.org/Howto/NVIDIA) - nvidia GPU drivers built from rpmfusion
 - [openrazer](https://openrazer.github.io/) - kernel module adding additional features to Razer hardware (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
 - [openrgb](https://gitlab.com/CalcProgrammer1/OpenRGB/-/raw/master/OpenRGB.patch) - kernel module with i2c-nct6775 and patched i2c-piix4 for use with OpenRGB (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
 - rtl8814au - Realtek RTL8814AU Driver (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
 - rtl88xxau - Realtek RTL8812AU/21AU and RTL8814AU driver (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
 - [ryzen_smu](https://gitlab.com/leogx9r/ryzen_smu) - A Linux kernel driver that exposes access to the SMU (System Management Unit) for certain AMD Ryzen Processors (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
-- [steamdeck](https://lkml.org/lkml/2022/2/5/391) - platform driver for Valve's Steam Deck handheld PC (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
 - [v4l2loopback](https://github.com/umlaeute/v4l2loopback) - allows creating "virtual video devices"
-- [winesync](https://repo.or.cz/linux/zf.git/shortlog/refs/heads/winesync4) - Support for Winesync/Fastsync/NTSync primitives (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
 - [wl (broadcom)](https://github.com/rpmfusion/broadcom-wl/) - support for some legacy broadcom wifi devices
 - [xpadneo](https://github.com/atar-axis/xpadneo) - xbox one controller bluetooth driver (akmod from [negativo17 steam repo](https://negativo17.org/steam/)
 - [xonedo](https://github.com/BoukeHaarsma23/xonedo/) - xbox one controller USB wired/RF driver modified to work along-side xpad (akmod from [ublue-os/akmods copr](https://copr.fedorainfracloud.org/coprs/ublue-os/akmods/))
@@ -40,21 +35,21 @@ The [`akmods` image](https://github.com/orgs/ublue-os/packages/container/package
 
 Here's a rundown on how it's organized.
 
-We do our best to support all current builds of Fedora, current versions of the kernel modules listed, and in the case of NVIDIA current (550).
-**Note: NVIDIA legacy driver version 470 is no longer provided as RPMfusion has ceased updates to the package and it no longer builds with kernel 6.8 which has now released for Fedora 38 and 39.**
+We do our best to support all current builds of Fedora, current versions of the kernel modules listed, and the latest NVIDIA driver.
+**Note: NVIDIA legacy driver version 470 is no longer provided as RPMfusion has ceased updates to the package and it no longer builds with kernel 6.8 which has now released for Fedora 38 and 39. Also the `-550` extra driver version tag has been removed as the latest driver will always be included.**
 
 The majority of the drivers are tagged with `KERNEL_TYPE-FEDORA_RELEASE`. NVIDIA drivers are bundled distinctly with tag `KERNEL_TYPE-FEDORA_RELEASE-NVIDIA_VERSION`.
 
 | KERNEL_TYPE | FEDORA_RELEASE | TAG |
 | - | - | - |
-| Fedora stock kernel | 38 | `main-38`, `main-38-550` |
-| | 39 | `main-39`, `main-39-550` |
-| | 40 | `main-40`, `main-40-550` |
-| [patched for ASUS devices](https://copr.fedorainfracloud.org/coprs/lukenukem/asus-kernel) | 39 | `asus-39`, `asus-39-550` |
-| | 40 | `asus-40`, `asus-40-550` |
-| [patched fsync](https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync) | 39 | `fsync-39`, `fsync-39-550` |
-| [patched Microsoft Surface devices](https://github.com/linux-surface/linux-surface/) | 39 | `surface-39`, `surface-39-550` |
-| | 40 | `surface-40`, `surface-40-550` |
+| Fedora stock kernel | 38 | `main-38` |
+| | 39 | `main-39` |
+| | 40 | `main-40` |
+| [patched for ASUS devices](https://copr.fedorainfracloud.org/coprs/lukenukem/asus-kernel) | 39 | `asus-39`|
+| | 40 | `asus-40` |
+| [patched fsync](https://copr.fedorainfracloud.org/coprs/sentry/kernel-fsync) | 39 | `fsync-39` |
+| [patched Microsoft Surface devices](https://github.com/linux-surface/linux-surface/) | 39 | `surface-39` |
+| | 40 | `surface-40` |