Enable building from cache and rechunker

.github/workflows/build.yml

@@ -104,43 +104,18 @@ jobs:
           sep-tags: " "
           sep-annotations: " "
 
-      - name: Build Image
-        id: build_image
-        uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2
-        with:
-          containerfiles: |
-            ./Containerfile
-          # Postfix image name with -custom to make it a little more descriptive
-          # Syntax: https://docs.github.com/en/actions/learn-github-actions/expressions#format
-          image: ${{ env.IMAGE_NAME }}
-          tags: ${{ steps.metadata.outputs.tags }}
-          labels: ${{ steps.metadata.outputs.labels }}
-          oci: false
-
-      # Rechunk is a script that we use on Universal Blue to make sure there isnt a single huge layer when your image gets published.
-      # This does not make your image faster to download, just provides better resumability and fixes a few errors.
-      # Documentation for Rechunk is provided on their github repository at https://github.com/hhd-dev/rechunk
-      # You can enable it by uncommenting the following lines:
-      #- name: Run Rechunker
-      #  id: rechunk
-      #  uses: hhd-dev/rechunk@f153348d8100c1f504dec435460a0d7baf11a9d2 # v1.1.1
-      #  if: 
+      #- name: Build Image
+      #  id: build_image
+      #  uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2
       #  with:
-      #    rechunk: 'ghcr.io/hhd-dev/rechunk:v1.0.1'
-      #    ref: "localhost/${{ env.IMAGE_NAME }}:${{ env.DEFAULT_TAG }}"
-      #    prev-ref: "${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEFAULT_TAG }}"
-      #    skip_compression: true
-      #    version: ${{ env.CENTOS_VERSION }}
-      #    labels: ${{ steps.metadata.outputs.labels }} # Rechunk strips out all the labels during build, this needs to be reapplied here with newline separator
-      #
-      ## This is necessary so that the podman socket can find the rechunked image on its storage
-      #- name: Load in podman and tag
-      #  run: |
-      #    IMAGE=$(podman pull ${{ steps.rechunk.outputs.ref }})
-      #    sudo rm -rf ${{ steps.rechunk.outputs.output }}
-      #    for tag in ${{ steps.metadata.outputs.tags }}; do
-      #      podman tag $IMAGE ${{ env.IMAGE_NAME }}:$tag
-      #    done
+      #    containerfiles: |
+      #      ./Containerfile
+      #    # Postfix image name with -custom to make it a little more descriptive
+      #    # Syntax: https://docs.github.com/en/actions/learn-github-actions/expressions#format
+      #    image: ${{ env.IMAGE_NAME }}
+      #    tags: ${{ steps.metadata.outputs.tags }}
+      #    labels: ${{ steps.metadata.outputs.labels }}
+      #    oci: false
 
       # These `if` statements are so that pull requests for your custom images do not make it publish any packages under your name without you knowing
       # They also check if the runner is on the default branch so that things like the merge queue (if you enable it), are going to work
@@ -151,6 +126,64 @@ jobs:
           registry: git.hydrosaber.com
           username: ${{ github.actor }}
           password: ${{ secrets.PACKAGE_BUILDER_TOKEN }}
+      
+      - name: Build Image
+        id: build_image
+        run: |
+          sudo buildah bud \
+            --format docker
+            --tag "localhost/${{ env.IMAGE_NAME }}:${{ env.DEFAULT_TAG }}"
+            --layers
+            --cache-to ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}/cache
+            --cache-from ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}/cache
+            --file ./Containerfile
+
+      # Rechunk is a script that we use on Universal Blue to make sure there isnt a single huge layer when your image gets published.
+      # This does not make your image faster to download, just provides better resumability and fixes a few errors.
+      # Documentation for Rechunk is provided on their github repository at https://github.com/hhd-dev/rechunk
+      # You can enable it by uncommenting the following lines:
+      - name: Run Rechunker
+        id: rechunk
+        if: github.event_name != 'pull_request' && github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
+        uses: hhd-dev/rechunk@5fbe1d3a639615d2548d83bc888360de6267b1a2 # v1.2.4
+        if: 
+        with:
+          rechunk: 'ghcr.io/hhd-dev/rechunk:v1.2.2'
+          ref: "localhost/${{ env.IMAGE_NAME }}:${{ env.DEFAULT_TAG }}"
+          prev-ref: "${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DEFAULT_TAG }}"
+          skip_compression: false
+          version: ${{ env.CENTOS_VERSION }}
+          labels: ${{ steps.metadata.outputs.labels }} # Rechunk strips out all the labels during build, this needs to be reapplied here with newline separator
+
+      # Taken from vst-name/ublue-aurora-dx to output results of rechunk
+      - name: Rechunk output
+        if: github.event_name != 'pull_request' && github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
+        env:
+          STEPS_RECHUNK_CONCLUSION: ${{ steps.rechunk.conclusion }}
+          STEPS_RECHUNK_OUTPUTS_CHANGELOG: ${{ steps.rechunk.outputs.changelog }}
+          STEPS_RECHUNK_OUTPUTS_MANIFEST: ${{ steps.rechunk.outputs.manifest }}
+        run: |
+          if [[ "${STEPS_RECHUNK_CONCLUSION}" == "success" ]]; then
+            echo "${STEPS_RECHUNK_OUTPUTS_CHANGELOG}"
+            echo "${STEPS_RECHUNK_OUTPUTS_MANIFEST}"
+            cat "${STEPS_RECHUNK_OUTPUTS_CHANGELOG}"
+            cat "${STEPS_RECHUNK_OUTPUTS_MANIFEST}"
+
+          else
+            echo "Rechunk conclusion:"
+            echo "${STEPS_RECHUNK_CONCLUSION}"
+          fi
+
+      
+      ## This is necessary so that the podman socket can find the rechunked image on its storage
+      - name: Load in podman and tag
+        if: github.event_name != 'pull_request' && github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
+        run: |
+          IMAGE=$(podman pull ${{ steps.rechunk.outputs.ref }})
+          sudo rm -rf ${{ steps.rechunk.outputs.output }}
+          for tag in ${{ steps.metadata.outputs.tags }}; do
+            podman tag $IMAGE ${{ env.IMAGE_NAME }}:$tag
+          done
 
       - name: Push To git.hydrosaber.com
         uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2

Containerfile

@@ -23,12 +23,102 @@ COPY system_files /
 # copy key into /etc/pki/containers/hydros.pub
 COPY cosign.pub /etc/pki/containers/hydros.pub
 
+# Install dnf packages
+
 RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
     --mount=type=cache,dst=/var/cache \
     --mount=type=cache,dst=/var/log \
     --mount=type=tmpfs,dst=/tmp \
-    /ctx/build.sh
-    
+    /ctx/dnfstart.sh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/dnf/multimedia.sh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/dnf/greeter.sh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/dnf/hyprland.sh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/dnf/environment.sh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/dnf/applications.sh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/dnf/themes.sh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/dnf/drivers.sh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/dnfcleanup.sh
+
+# Add image info
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/addimageinfo.sh
+
+# Install Oh My Zsh
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/installohmyzsh.sh
+
+# Install SystemD services
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/installservices.sh
+
+# Build akmods
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/buildakmods.sh
+
+# Finalize image
+
+RUN --mount=type=bind,from=ctx,source=/,target=/ctx \
+    --mount=type=cache,dst=/var/cache \
+    --mount=type=cache,dst=/var/log \
+    --mount=type=tmpfs,dst=/tmp \
+    /ctx/finalize.sh
+
 ### LINTING
 ## Verify final image and contents are correct.
 RUN bootc container lint

build_files/build.sh

@@ -1,35 +0,0 @@
-#!/bin/bash
-
-set -ouex pipefail
-
-### Install dnf packages
-# Enable rpm fusion free and nonfree
-dnf5 -y install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
-
-/ctx/scripts/dnf/multimedia.sh
-/ctx/scripts/dnf/greeter.sh
-/ctx/scripts/dnf/hyprland.sh
-/ctx/scripts/dnf/environment.sh
-/ctx/scripts/dnf/applications.sh
-/ctx/scripts/dnf/themes.sh
-/ctx/scripts/dnf/drivers.sh
-
-# finish by removing rpm fusion repo files
-rm -f /etc/yum.repos.d/rpmfusion-*\.repo
-
-### Add image info
-/ctx/scripts/addimageinfo.sh
-
-### Install OhMyZsh
-/ctx/scripts/installohmyzsh.sh
-
-### Bring in SystemD units and enable services
-/ctx/scripts/installservices.sh
-
-### Build akmods
-/ctx/scripts/buildakmods.sh
-
-### Cleanup
-rm -rf /usr/etc
-
-rm -rf /var/lib/dnf

build_files/dnfcleanup.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+set -ouex pipefail
+
+# finish by removing rpm fusion repo files
+rm -f /etc/yum.repos.d/rpmfusion-*\.repo

build_files/dnfstart.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+set -ouex pipefail
+
+# Enable rpm fusion free and nonfree
+dnf5 -y install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm

build_files/finalize.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+set -ouex pipefail
+
+### Cleanup
+rm -rf /usr/etc
+
+rm -rf /var/lib/dnf