svrnty/talos-rpi5
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 26 Wiki Activity
Files
7d1bb1fbef43956ada97f46161d4e29dd8396d4b
talos-rpi5/.gitea/workflows/build.yaml
T
Mathias Beaulieu-Duncan 2b009aaeee
Build Talos CM5 Image / build (push) Failing after 13m49s
Details
ci: fix SIGPIPE (exit 141) in pipefail run steps on Linux 
bash -eo pipefail turns `cmd | head -1` into a failure when head closes
the pipe early (SIGPIPE). Surfaced as exit 141 on the arm64 runner.

- build.yaml: drop `| head -1` on `make --version`; use `find -print -quit`
  for the disk image instead of `find | head -1`
- auto-update.sh: `sed ... | head -1` -> `... | awk 'NR==1'` (reads to EOF)

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-16 10:03:32 -04:00

142 lines
5.0 KiB
YAML
Raw Blame History

# Build and release custom Talos CM5 image
#
# Triggered by pushing a version tag (e.g. v1.11.5-1)
#
# Produces:
# - Installer container image → Docker Hub (svrnty/talos-rpi5:<tag>)
# - Raw disk image → Gitea release (metal-arm64.raw.zst)
#
# Runner: ASUS GX10 (self-hosted, Linux, arm64), host mode.
# Builds natively on arm64 — no QEMU/binfmt emulation.
name: Build Talos CM5 Image
on:
push:
tags:
- 'v*.*.*'
jobs:
build:
runs-on: arm64
timeout-minutes: 180
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Verify Docker is running
run: docker info
- name: Install build dependencies
run: |
# Native arm64 host — make, sed, git, docker and buildx come from the host.
# Only crane + jq are fetched (static arm64 binaries, no sudo, no QEMU).
mkdir -p "$HOME/.local/bin"
echo "$HOME/.local/bin" >> "$GITHUB_PATH"
export PATH="$HOME/.local/bin:$PATH"
if ! command -v crane >/dev/null 2>&1; then
curl -fsSL https://github.com/google/go-containerregistry/releases/latest/download/go-containerregistry_Linux_arm64.tar.gz \
| tar -xz -C "$HOME/.local/bin" crane
fi
if ! command -v jq >/dev/null 2>&1; then
curl -fsSL https://github.com/jqlang/jq/releases/latest/download/jq-linux-arm64 -o "$HOME/.local/bin/jq"
chmod +x "$HOME/.local/bin/jq"
fi
make --version
crane version || true
- name: Set up Docker Buildx
run: |
# Native arm64 builder — the docker-container driver is used only for
# SBOM/provenance attestation, not for cross-arch (no QEMU registered).
docker buildx version
docker buildx create --name talos-builder --driver docker-container --use 2>/dev/null || docker buildx use talos-builder
docker buildx inspect --bootstrap
- name: Login to Docker Hub
run: echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login -u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
- name: Extract version tag
id: version
run: echo "tag=${GITHUB_REF#refs/tags/}" >> "$GITHUB_OUTPUT"
- name: Clone upstream sources
run: make checkouts
- name: Apply patches
run: make patches
- name: Build kernel
run: make kernel
- name: Build SBC overlay
run: make overlay
- name: Build installer and disk image
run: make installer
- name: Tag release images
run: make release TAG=${{ steps.version.outputs.tag }}
- name: Compress disk image
run: |
# The imager outputs to checkouts/talos/_out/
DISK_IMAGE=$(find checkouts/talos/_out -name 'metal-arm64*.raw*' -print -quit)
if [ -z "$DISK_IMAGE" ]; then
echo "Error: disk image not found in checkouts/talos/_out/"
find checkouts/talos/_out -type f
exit 1
fi
# Copy to workspace root for release upload
cp "$DISK_IMAGE" metal-arm64.raw.zst
ls -lh metal-arm64.raw.zst
- name: Create Gitea release and upload artifact
env:
GITEA_TOKEN: ${{ secrets.GITHUB_TOKEN }}
TAG: ${{ steps.version.outputs.tag }}
run: |
GITEA_URL="${GITHUB_SERVER_URL}"
REPO="${GITHUB_REPOSITORY}"
API="${GITEA_URL}/api/v1"
# Extract component versions from tag (format: v1.12.3-k6.12.47-1)
TALOS_VER=$(echo "$TAG" | sed -E 's/^(v[0-9]+\.[0-9]+\.[0-9]+)-.*/\1/')
KERNEL_VER=$(echo "$TAG" | sed -E 's/.*-k([0-9]+\.[0-9]+\.[0-9]+)-.*/\1/')
RELEASE_BODY="Custom Talos Linux image for Raspberry Pi 5 / CM5 (Compute Blade)
**Talos**: ${TALOS_VER}
**Kernel**: RPi downstream ${KERNEL_VER} (CM5/RP1 support)
**Extensions**: iscsi-tools, util-linux-tools
**Overclock**: 2.6GHz (arm_freq=2600)
## Artifacts
- \`metal-arm64.raw.zst\` — Raw disk image for eMMC flashing
- \`docker.io/svrnty/talos-rpi5:${TAG}\` — Installer image for talosctl upgrade"
# Strip leading whitespace from heredoc-style indentation
RELEASE_BODY=$(echo "$RELEASE_BODY" | sed 's/^ //')
RELEASE_BODY_JSON=$(jq -Rs '.' <<< "$RELEASE_BODY")
RELEASE_ID=$(curl -sf -X POST \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d "{\"tag_name\":\"${TAG}\",\"name\":\"Talos RPi5 ${TAG}\",\"body\":${RELEASE_BODY_JSON},\"prerelease\":true}" \
"${API}/repos/${REPO}/releases" | jq -r '.id')
echo "Created release ID: ${RELEASE_ID}"
curl -sf -X POST \
-H "Authorization: token ${GITEA_TOKEN}" \
-F "attachment=@metal-arm64.raw.zst" \
"${API}/repos/${REPO}/releases/${RELEASE_ID}/assets?name=metal-arm64.raw.zst"
echo "Uploaded metal-arm64.raw.zst to release"
- name: Clean up
if: always()
run: make clean
Reference in New Issue View Git Blame Copy Permalink