Draft
Conversation
Add $suite (default: "trixie") and $distro (default: "debian") template variables to the rootfs recipe. Use $suite in mmdebstrap's suite field instead of the previously hardcoded value. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Replace the static overlays/apt-sources/ overlay with a shell run action
that generates /etc/apt/sources.list.d/{debian,ubuntu}.sources based on
the $distro and $suite template variables.
Debian uses deb.debian.org with main/contrib/non-free/non-free-firmware.
Ubuntu uses ports.ubuntu.com/ubuntu-ports with main/universe/restricted/
multiverse.
Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Replace the static overlays/backports/ overlay with a shell run action that generates debian-backports.sources and debian-backports.pref using the $suite variable. The backports files are only generated for Debian. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Remove the static .sources and .pref files from the qsc-deb-releases overlay, keeping only the keyring (.asc). Add a run action that generates them dynamically using $suite-overlay as the suite name. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Add $username and $hostname template variables, both defaulting to
$distro ("debian" for Debian builds, "ubuntu" for Ubuntu). These can
also be overridden independently via -t username:... or -t hostname:...
Replace all hardcoded "debian" references in hostname setup, user
creation, password, sudoers, and docker group membership.
Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Select the correct mirror, components, and bootstrap packages based on $distro in the mmdebstrap action: - Debian: deb.debian.org/debian, main/contrib/non-free/non-free-firmware - Ubuntu: ports.ubuntu.com/ubuntu-ports, main/universe/restricted/multiverse Ubuntu builds also include ubuntu-keyring in the bootstrap to verify archive signatures. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Add SUITE (default: trixie) and DISTRO (default: debian) Make variables,
passed as -t suite:... -t distro:... to all debos invocations.
This enables building for different distributions with e.g.:
make SUITE=forky
make DISTRO=ubuntu SUITE=noble
Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Add suite and distro inputs to the reusable debos workflow, with defaulting to debian+trixie. Use these for base container image and all debos invocations. Update just the PR build workflow to use a matrix strategy building both trixie and forky suites. Take this opportunity to rename build-pr to just build. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Create qsc-deb-releases .sources file with "Enabled: no" and only enable it after verifying the suite exists via a wget probe of the Release file. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Per distro and suite package installs: - fastrpc-support: skipped for noble (not yet available) - fastrpc-tests: only installed for trixie (only in trixie-overlay) - debugcc: skipped for noble (not available in Ubuntu noble) - Priority important/standard: use ?origin(Ubuntu) for Ubuntu builds instead of ?origin(Debian) Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Add wget to the mmdebstrap include list to make it available when the qsc-deb-releases suite availability check runs. wget is already part of the "comfortable" package set installed later; including it in the bootstrap ensures it's available for the earlier probe step.
Expand the PR build matrix to explicit distro+suite pairs: debian/trixie, debian/forky, ubuntu/noble, and ubuntu/resolute. In debos workflow, use distro to determine container image (public.ecr.aws/<distro>/<distro>:<suite>) and install the matching archive keyring package (ubuntu-keyring for Ubuntu, debian-archive-keyring for Debian). Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Rename build-daily to just build
Contributor
Author
|
A few thoughts on current implementation:
|
Set kernel package per matrix entry. Keep trixie on overlay kernel (linux-image-6.16.7-qcom1++), use linux-image-arm64 for forky, use linux-image-qcom for noble, and use linux-image-generic for resolute. The new global default for the debos workflow is linux-image-arm64. Only install firmware-atheros and firmware-qcom-soc on Debian; these packages don't exist on Ubuntu and the kernel packages will pull the corresponding firmware. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
mmdebstrap needs ubuntu-keyring to bootstrap Ubuntu. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
adbd is not available in Ubuntu noble; it was added in android-platform-tools 34.0.5-4~exp1. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
fastrpc-support is not available in Ubuntu resolute either, so gate on distro instead of suite for now. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
The fastrpc group is created by fastrpc-support which is only installed on Debian. Check for the group with getent before adding it to the useradd --groups list to avoid failures on Ubuntu. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
On Debian, the NM applet and connection editor are split into network-manager-applet and nm-connection-editor. On Ubuntu noble, both are provided by network-manager-gnome. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Call locale-gen without arguments so it reads /etc/locale.gen.
Previously the extra "UTF-8" argument was interpreted by Ubuntu's
locale-gen as a second (invalid) locale name:
Error: 'UTF-8' is not a supported language or locale
Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
On Ubuntu, DTBs are installed under /lib/firmware/<version>/device-tree/ while Debian uses /usr/lib/linux-image-<version>/. Detect which base directory exists at build time and use it. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
u-boot-efi-dtb is not available in noble, so skip its installation and the associated DTB copy to ESP. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
For consistency in docs and CI, use qcom as default user, password, and hostname, no matter the distro. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
There is no need for the compressed assets except for upload, so just compress them directly into the staging directory. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Prefix all published artifact filenames with "$distro-$suite-" so
that builds for different distributions/suites can coexist in the same
S3 destination:
- debos.yml: use prefix for image artifacts going to staging directory
including SBOMs
- lava-test.yml: add distro/suite inputs and expose them as DISTRO/SUITE
env vars; add corresponding sed substitutions when rendering templates
- LAVA templates: reference {{DISTRO}}-{{SUITE}}-flash-*.tar.gz
- build-daily.yml, linux.yml: pass distro/suite when calling lava-test.yml
Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
There is no need for the compressed SBOM assets except for upload, so just compress them directly into the staging directory. Signed-off-by: Loïc Minier <loic.minier@oss.qualcomm.com>
Contributor
Author
|
Resolute image from CI running under QEMU Current known issues:
|
Contributor
Author
|
The noble image doesn't boot; it seems systemd-boot doesn't like the format of the linux kernel |
Contributor
|
AIUI, the kernel has stubble embedded into it now. Maybe an interaction with that? |
gagath
reviewed
Mar 10, 2026
| # plus sign in the package name as a request to install the package, so | ||
| # use two plus signs | ||
| default: linux-image-6.16.7-qcom1++ | ||
| default: linux-image-arm64 |
Contributor
|
As a global feedback I think that there is too much logic in the workflows and not enough outside of it. Github actions are well known for being hard to debug. I would like to have most of the logic inside of the Makefile instead, so users can reuse it, but it conflicts with the "one rootfs.tar, one image" policy a bit. We could have .PHONY targets that generate Debian or Ubuntu images, but this is very hacky and I would like to have proper targets like |
Contributor
Strongly agree to moving logic out of the GitHub Actions as much as possible :)
I'd be OK with that, but would prefer not to end up with a proliferation of filenames. Maybe we could use dedicated build output directories instead? Another approach would be to consider these things "build config" like the kernel does. Provide a config, expect exactly one build result, and arrange dependencies correctly so that if the config changes then the right things are rebuilt. That might be more complex that it's worth though, so a cut down version of that would be to use config parameters to make, and require a clean between builds. Some combination of that might be possible. Define "build flavours" that set various parameters in |
Contributor
|
Another though: we have Debian overlays for This would create additional work for DDs so we need to make sure we agree on what needs to be done, and how. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is still exploratory and in the short-term meant to help compare
SBOMs across distros and suites