ARG BASE_IMAGE="quay.io/fedora-ostree-desktops/base" ARG FEDORA_VERSION="${FEDORA_VERSION:-39}" FROM ${BASE_IMAGE}:${FEDORA_VERSION} as builder ARG FEDORA_VERSION ARG NVIDIA_VERSION="${NVIDIA_VERSION:-535}" COPY certs /tmp/certs COPY akmods-cert.spec /tmp/akmods-cert/akmods-cert.spec RUN mkdir -p \ # this is required for ld to work and build akmods # see https://github.com/coreos/rpm-ostree/issues/4201 & # https://github.com/coreos/rpm-ostree/issues/1614 /var/lib/alternatives \ # for signed artifacts /var/cache/rpms/kmods \ # for akmods public cert /var/cache/rpms/akmods-cert # setup rpmfusion RUN rpm-ostree install \ https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-${FEDORA_VERSION}.noarch.rpm \ https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-${FEDORA_VERSION}.noarch.rpm # install test or real keys RUN if [ ! -e /tmp/certs/private_key.priv ]; then \ echo "WARNING: Using test signing key" && \ cp /tmp/certs/private_key.priv{.test,} && \ cp /tmp/certs/public_key.der{.test,}; \ fi RUN install -Dm644 {/tmp/certs,/etc/pki/akmods/certs}/public_key.der && \ install -Dm644 {/tmp/certs,/etc/pki/akmods/private}/private_key.priv # install kmods RUN rpm-ostree install \ akmods \ mock \ # nvidia akmod-nvidia-${NVIDIA_VERSION}* \ xorg-x11-drv-nvidia-{cuda,power}-${NVIDIA_VERSION}* # nvidia RUN export kernel_version="$(rpm -q kernel --queryformat '%{VERSION}-%{RELEASE}.%{ARCH}')" && \ if ! akmods --force --kernels "$kernel_version" --kmod nvidia; then \ cat /var/cache/akmods/nvidia/*"$kernel_version".failed.log && exit 1; \ fi # certificate rpm RUN install -D /etc/pki/akmods/certs/public_key.der /tmp/akmods-cert/rpmbuild/SOURCES/public_key.der RUN rpmbuild -ba \ --define '_topdir /tmp/akmods-cert/rpmbuild' \ --define '%_tmppath %{_topdir}/tmp' \ /tmp/akmods-cert/akmods-cert.spec # wrap everything up RUN cp /tmp/akmods-cert/rpmbuild/RPMS/noarch/getchoo-akmods-cert*.rpm /var/cache/rpms/akmods-cert/ RUN find /var/cache/akmods -type f -name \*.rpm | while read -r rpm; do \ cp "$rpm" /var/cache/rpms/kmods/; \ done # send it off FROM scratch as rpms COPY --from=builder /var/cache/rpms /rpms