### Example Custom Build Script Source: https://context7.com/blue-build/template/llms.txt This is a placeholder for a custom build script that can be executed during the BlueBuild process. Scripts should be placed in the 'files/scripts/' directory and must include proper error handling to ensure build failures are detected. ```bash #!/usr/bin/env bash ``` -------------------------------- ### Configure Custom System Scripts Source: https://context7.com/blue-build/template/llms.txt A template for custom shell scripts used during the build process. It includes error handling via pipefail and demonstrates how to install binaries and write configuration files. ```bash set -oue pipefail echo 'Installing custom configurations...' # Example: Download and install a binary curl -Lo /usr/local/bin/mytool https://example.com/mytool chmod +x /usr/local/bin/mytool # Example: Configure system settings mkdir -p /etc/myapp cat > /etc/myapp/settings.conf << 'EOF' setting1=value1 setting2=value2 EOF echo 'Custom script completed successfully' ``` -------------------------------- ### Flatpak Configuration Module for BlueBuild Source: https://context7.com/blue-build/template/llms.txt This YAML configuration defines Flatpak applications to be installed. It supports system-wide or user-specific installations, includes options for notification settings upon installation, and allows specifying repository URLs and names. ```yaml modules: - type: default-flatpaks configurations: # System-wide flatpaks (available to all users) - notify: true # Show notification after install scope: system repo-url: https://dl.flathub.org/repo/flathub.flatpakrepo repo-name: flathub install: - org.mozilla.firefox - org.gnome.Loupe - com.visualstudio.code - org.gimp.GIMP remove: - org.gnome.Photos # Remove unwanted default flatpaks # User-scope flatpak configuration - scope: user repo-url: https://dl.flathub.org/repo/flathub.flatpakrepo repo-name: flathub # No packages - just adds the repo for user installs ``` -------------------------------- ### Rebase Fedora Atomic System to BlueBuild Image Source: https://github.com/blue-build/template/blob/main/README.md Commands to transition an existing Fedora Atomic installation to a custom BlueBuild image. This process involves an initial rebase to an unsigned image to install signing keys, followed by a rebase to the signed image. ```bash rpm-ostree rebase ostree-unverified-registry:ghcr.io/blue-build/template:latest systemctl reboot rpm-ostree rebase ostree-image-signed:docker://ghcr.io/blue-build/template:latest systemctl reboot ``` -------------------------------- ### Recipe Configuration for BlueBuild Template Source: https://context7.com/blue-build/template/llms.txt The main recipe.yml file defines the custom image, including its name, description, base image, version, and a list of modules to be applied. This example shows how to configure file copying, DNF packages, Flatpaks, and signing. ```yaml --- # yaml-language-server: $schema=https://schema.blue-build.org/recipe-v1.json # image will be published to ghcr.io// name: my-custom-image # description will be included in the image's metadata description: My personalized Fedora Silverblue image # the base image to build on top of (FROM) and the version tag to use base-image: ghcr.io/ublue-os/silverblue-main image-version: 42 # latest is also supported if you want new updates ASAP # module configuration, executed in order # you can include multiple instances of the same module modules: - type: files files: - source: system destination: / # copies files/system/* into your image's root folder / - type: dnf repos: copr: - atim/starship install: packages: - micro - starship remove: packages: - firefox - firefox-langpacks - type: default-flatpaks configurations: - notify: true scope: system install: - org.mozilla.firefox - org.gnome.Loupe - scope: user - type: signing # sets up proper policy & signing files for signed images ``` -------------------------------- ### DNF Package Management Module Configuration Source: https://context7.com/blue-build/template/llms.txt This YAML snippet configures the DNF package manager within a BlueBuild recipe. It demonstrates how to add COPR repositories, specify packages to install, and list packages to remove from the base image. ```yaml modules: - type: dnf repos: copr: - atim/starship # Add COPR repository - varlad/zellij # Multiple repos supported install: packages: - micro # Terminal text editor - starship # Cross-shell prompt - zellij # Terminal multiplexer - htop # Process viewer - neofetch # System info tool remove: packages: - firefox # Remove in favor of flatpak - firefox-langpacks # Remove dependency packages too - gnome-tour # Remove unwanted default apps ``` -------------------------------- ### Automate Image Builds with GitHub Actions Source: https://context7.com/blue-build/template/llms.txt A GitHub Actions workflow configuration that automates the building and publishing of OCI images. It supports multiple recipes, concurrency management, and image signing. ```yaml name: bluebuild on: schedule: - cron: "00 06 * * *" push: paths-ignore: - "**.md" pull_request: workflow_dispatch: concurrency: group: ${{ github.workflow }}-${{ github.ref || github.run_id }} cancel-in-progress: true jobs: bluebuild: name: Build Custom Image runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write strategy: fail-fast: false matrix: recipe: - recipe.yml steps: - name: Build Custom Image uses: blue-build/github-action@v1.11 with: recipe: ${{ matrix.recipe }} cosign_private_key: ${{ secrets.SIGNING_SECRET }} registry_token: ${{ github.token }} pr_event_number: ${{ github.event.number }} maximize_build_space: true ``` -------------------------------- ### Deploy and Verify Fedora Atomic Images Source: https://context7.com/blue-build/template/llms.txt Commands for rebasing a Fedora Atomic system to a custom image and verifying its authenticity. The process involves an initial unsigned rebase followed by a signed rebase. ```bash # Step 1: Rebase to unsigned image rpm-ostree rebase ostree-unverified-registry:ghcr.io/username/my-custom-image:latest # Step 2: Reboot systemctl reboot # Step 3: Rebase to signed image rpm-ostree rebase ostree-image-signed:docker://ghcr.io/username/my-custom-image:latest # Step 4: Final reboot systemctl reboot # Verify the installation rpm-ostree status ``` -------------------------------- ### Verify Image Signature with Cosign Source: https://context7.com/blue-build/template/llms.txt Instructions for verifying the integrity of a container image using a public key. This ensures the image was built and signed by the trusted source. ```bash # Download the public key curl -Lo cosign.pub https://raw.githubusercontent.com/username/my-custom-image/main/cosign.pub # Verify the image signature cosign verify --key cosign.pub ghcr.io/username/my-custom-image:latest ``` -------------------------------- ### Verify Image Signature with Cosign Source: https://github.com/blue-build/template/blob/main/README.md Command to verify the authenticity of the container image using a public key. It ensures the image was signed by the expected authority using the Sigstore cosign tool. ```bash cosign verify --key cosign.pub ghcr.io/blue-build/template ``` -------------------------------- ### Files Module for Copying Custom Files Source: https://context7.com/blue-build/template/llms.txt The files module in BlueBuild allows copying custom files from the repository into the built image. Files are organized in the 'files/system' directory and are copied to the root filesystem or other specified destinations. ```yaml modules: - type: files files: - source: system destination: / # Copy files/system/* to / - source: scripts destination: /usr/share/my-scripts ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.