From f5cc9fb68d1624983c2d7b69d3de49c4f4aa66c8 Mon Sep 17 00:00:00 2001
From: Eriq Taing <eriq12@protonmail.com>
Date: Sat, 21 Jun 2025 14:17:59 -0400
Subject: [PATCH] Move to directly put actions in build

---
 .github/workflows/build.yml | 97 +++++++++++++++++++++++++++++++++----
 1 file changed, 87 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index ba3c902..ae5862a 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -24,18 +24,95 @@ jobs:
       packages: write
       id-token: write
     strategy:
-      fail-fast: false # stop GH from cancelling all matrix builds if one fails
       matrix:
         recipe:
-          # !! Add your recipes here
           - recipe.yml
     steps:
-      # the build is fully handled by the reusable github action
-      - name: Build Custom Image
-        uses: ./.github/workflows/build-composite.yml
+      # building custom images might take a lot of space,
+      # so it's best to remove unneeded softawre
+      - name: Maximize build space
+        uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
+
+      - name: Get Ubuntu version
+        id: ubuntu_version
+        shell: bash
+        run: |
+          VERSION=$(awk -F= '/^VERSION_ID=/ {gsub(/"/, "", $2); print $2}' /etc/os-release)
+          echo "Ubuntu version is $VERSION"
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+      
+      # that is compatible with BlueBuild
+      - name: Setup Podman
+        if: ${{ steps.ubuntu_version.outputs.version == '22.04' }}
+        shell: bash
+        run: |
+          # from https://askubuntu.com/questions/1414446/whats-the-recommended-way-of-installing-podman-4-in-ubuntu-22-04
+          ubuntu_version='22.04'
+          key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key"
+          sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}"
+          echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel-kubic-libcontainers-unstable.list
+          curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null
+          sudo apt-get update
+          sudo apt-get install -y podman
+      
+      - uses: sigstore/cosign-installer@sigstore/cosign-installer # v3.9.0
         with:
-          recipe: ${{ matrix.recipe }}
-          cosign_private_key: ${{ secrets.SIGNING_SECRET }}
-          registry: 'git.hydrosaber.com'
-          registry_token: ${{ secrets.PACKAGE_BUILDER_TOKEN }}
-          pr_event_number: ${{ github.event.number }}
+          install-dir: /usr/bin
+          use-sudo: true
+
+      # clones user's repo
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Determine Vars
+        id: build_vars
+        shell: bash
+        env:
+          RECIPE: ${{ matrix.recipe }}
+        run: |
+          if [[ "${{ inputs.use_unstable_cli }}" == "true" && -z "${{ inputs.cli_version }}" ]]; then
+            CLI_VERSION_TAG="main"
+          elif [ -n "${{ inputs.cli_version }}" ]; then
+            CLI_VERSION_TAG="${{ inputs.cli_version }}"
+          else
+            CLI_VERSION_TAG="v0.9"
+          fi
+          echo "cli_version=${CLI_VERSION_TAG}" >> ${GITHUB_OUTPUT}
+
+          RECIPE_PATH=""
+          if [ -f "./config/${RECIPE}" ]; then
+            RECIPE_PATH="./config/${RECIPE}"
+          else
+            RECIPE_PATH="./recipes/${RECIPE}"
+          fi
+          echo "recipe_path=${RECIPE_PATH}" >> ${GITHUB_OUTPUT}
+      
+      - name: Install BlueBuild
+        shell: bash
+        env:
+          CLI_VERSION_TAG: ${{ steps.build_vars.outputs.cli_version }}
+        run: |
+          sudo docker create \
+            --name blue-build-installer \
+            ghcr.io/blue-build/cli:${{ env.CLI_VERSION_TAG }}-installer
+          sudo docker cp blue-build-installer:/out/bluebuild /usr/bin/bluebuild
+          sudo docker rm blue-build-installer
+          bluebuild --version
+        
+      # blue-build/cli does the heavy lifting
+      - name: Build Image
+        shell: bash
+        working-directory: ${{ inputs.working_directory }}
+        env:
+          COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}
+          GH_TOKEN: ${{ secrets.PACKAGE_BUILDER_TOKEN }}
+          BB_PASSWORD: ${{ inputs.registry_token }}
+          BB_USERNAME: ${{ github.repository_owner }}
+          BB_REGISTRY: 'git.hydrosaber.com'
+          BB_REGISTRY_NAMESPACE: ${{ github.repository_owner }}
+          GH_PR_EVENT_NUMBER: ${{ github.event.number }}
+          BB_CACHE_LAYERS: true
+          RECIPE_PATH: ${{ steps.build_vars.outputs.recipe_path }}
+          RUST_LOG_STYLE: always
+          CLICOLOR_FORCE: "1"
+        run: |
+          sudo -E bluebuild build -v --push --rechunk ${RECIPE_PATH}
\ No newline at end of file