diff --git a/.github/workflows/build-iso.yml b/.github/workflows/build-iso.yml index 6a51ffb..61416ad 100644 --- a/.github/workflows/build-iso.yml +++ b/.github/workflows/build-iso.yml @@ -12,6 +12,7 @@ on: paths: - 'iso/**' - 'packages/**' + - 'scripts/**' - 'Makefile' - '.github/workflows/build-iso.yml' pull_request: @@ -19,18 +20,9 @@ on: paths: - 'iso/**' - 'packages/**' + - 'scripts/**' - 'Makefile' workflow_dispatch: - inputs: - iso_type: - description: 'ISO type to build' - required: true - default: 'offline' - type: choice - options: - - netinst - - offline - - both env: DEBIAN_FRONTEND: noninteractive @@ -43,36 +35,34 @@ jobs: - name: Checkout uses: actions/checkout@v4 - - name: Install build dependencies + - name: Build packages in Debian container run: | - sudo apt-get update - sudo apt-get install -y \ - dpkg-dev \ - devscripts \ - debhelper \ - fakeroot \ - gnupg - - - name: Build cortex-archive-keyring - run: | - cd packages/cortex-archive-keyring - dpkg-buildpackage -us -uc -b - - - name: Build cortex-core - run: | - cd packages/cortex-core - dpkg-buildpackage -us -uc -b - - - name: Build cortex-full - run: | - cd packages/cortex-full - dpkg-buildpackage -us -uc -b + docker run --rm \ + -v "${{ github.workspace }}:/workspace" \ + -w /workspace \ + -e DEBIAN_FRONTEND=noninteractive \ + debian:bookworm /bin/bash -c ' + set -e + apt-get update + apt-get install -y build-essential dpkg-dev devscripts debhelper fakeroot gnupg + + for pkg in cortex-archive-keyring cortex-core cortex-full; do + echo "Building $pkg..." + cd /workspace/packages/$pkg + dpkg-buildpackage -us -uc -b + cd /workspace + done + + mkdir -p /workspace/output/packages + mv /workspace/packages/*.deb /workspace/output/packages/ 2>/dev/null || true + ls -la /workspace/output/packages/ + ' - name: Upload packages uses: actions/upload-artifact@v4 with: name: debian-packages - path: packages/*.deb + path: output/packages/*.deb retention-days: 7 build-iso: @@ -82,8 +72,18 @@ jobs: strategy: matrix: arch: [amd64] - # arm64 builds require self-hosted runner with ARM steps: + - name: Free disk space + uses: jlumbroso/free-disk-space@main + with: + tool-cache: true + android: true + dotnet: true + haskell: true + large-packages: true + docker-images: false + swap-storage: true + - name: Checkout uses: actions/checkout@v4 @@ -93,51 +93,63 @@ jobs: name: debian-packages path: packages/ - - name: Install live-build dependencies - run: | - sudo apt-get update - sudo apt-get install -y \ - live-build \ - debootstrap \ - squashfs-tools \ - xorriso \ - isolinux \ - syslinux-efi \ - grub-pc-bin \ - grub-efi-amd64-bin \ - mtools \ - dosfstools - - - name: Configure live-build - run: | - cd iso/live-build - chmod +x auto/* - sudo lb config - - - name: Copy packages to chroot - run: | - mkdir -p iso/live-build/config/packages.chroot/ - cp packages/*.deb iso/live-build/config/packages.chroot/ - - - name: Build ISO - run: | - cd iso/live-build - sudo lb build 2>&1 | tee build.log - - - name: Generate checksums + - name: Build ISO in Debian container run: | - cd iso/live-build - sha256sum *.iso > SHA256SUMS - sha512sum *.iso > SHA512SUMS + docker run --rm --privileged \ + -v "${{ github.workspace }}:/workspace" \ + -w /workspace \ + -e ARCH=${{ matrix.arch }} \ + -e DEBIAN_FRONTEND=noninteractive \ + debian:bookworm /bin/bash -c ' + set -e + echo "=== Installing build dependencies ===" + apt-get update + apt-get install -y \ + live-build \ + debootstrap \ + squashfs-tools \ + xorriso \ + isolinux \ + syslinux-efi \ + grub-pc-bin \ + grub-efi-amd64-bin \ + mtools \ + dosfstools \ + gnupg \ + debian-archive-keyring + + echo "=== Configuring live-build ===" + cd /workspace/iso/live-build + chmod +x auto/* 2>/dev/null || true + lb config + + echo "=== Building ISO (packages will be added post-install) ===" + lb build 2>&1 | tee /workspace/build.log + + echo "=== Generating checksums ===" + if ls *.iso 1>/dev/null 2>&1; then + sha256sum *.iso > SHA256SUMS + sha512sum *.iso > SHA512SUMS + mkdir -p /workspace/output + mv *.iso *.sha* /workspace/output/ 2>/dev/null || true + mv SHA256SUMS SHA512SUMS /workspace/output/ 2>/dev/null || true + else + echo "No ISO files generated" + exit 1 + fi + + echo "=== Output ===" + ls -la /workspace/output/ + ' - name: Upload ISO uses: actions/upload-artifact@v4 with: name: cortex-linux-${{ matrix.arch }} path: | - iso/live-build/*.iso - iso/live-build/SHA256SUMS - iso/live-build/SHA512SUMS + output/*.iso + output/SHA256SUMS + output/SHA512SUMS retention-days: 14 - name: Upload build log @@ -145,7 +157,7 @@ jobs: uses: actions/upload-artifact@v4 with: name: build-log-${{ matrix.arch }} - path: iso/live-build/build.log + path: build.log retention-days: 7 release: @@ -177,21 +189,20 @@ jobs: SHA512SUMS body: | ## Cortex Linux ${{ github.ref_name }} - + ### Downloads - **cortex-linux-*-amd64-offline.iso** - Full offline installer - - **cortex-linux-*-amd64-netinst.iso** - Minimal network installer - + ### Verification ```bash sha256sum -c SHA256SUMS ``` - + ### Quick Start 1. Write ISO to USB: `dd if=cortex-linux-*.iso of=/dev/sdX bs=4M status=progress` 2. Boot from USB 3. Follow installation prompts - + ### Documentation See https://cortexlinux.com/docs for full documentation. draft: false diff --git a/README.md b/README.md index 568f181..4b823e7 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ **Debian-based Distribution Engineering for Cortex Linux** -[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE) +[![License](https://img.shields.io/badge/license-BSL%201.1-orange.svg)](LICENSE) [![Debian](https://img.shields.io/badge/base-Debian%2013%20trixie-A81D33.svg)](https://debian.org) [![Build](https://img.shields.io/github/actions/workflow/status/cortexlinux/cortex-distro/build-iso.yml?branch=main)](https://github.com/cortexlinux/cortex-distro/actions) @@ -231,7 +231,7 @@ See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines. ## License -Apache 2.0 - See [LICENSE](LICENSE) +BSL 1.1 - See [LICENSE](LICENSE) ## Support diff --git a/iso/live-build/auto/config b/iso/live-build/auto/config index df650db..04cd3f2 100755 --- a/iso/live-build/auto/config +++ b/iso/live-build/auto/config @@ -7,10 +7,12 @@ set -e # Cortex Linux build configuration -CODENAME="trixie" +# Using bookworm (stable) for reliable package availability and GPG support +CODENAME="bookworm" ARCH="amd64" VERSION="0.1.0" +# Ubuntu 24.04 compatible live-build options lb config noauto \ --distribution "${CODENAME}" \ --parent-distribution "${CODENAME}" \ @@ -18,7 +20,6 @@ lb config noauto \ --archive-areas "main contrib non-free non-free-firmware" \ --architectures "${ARCH}" \ --binary-images iso-hybrid \ - --bootloaders "grub-efi,syslinux" \ --debian-installer-distribution "${CODENAME}" \ --debian-installer live \ --debian-installer-gui false \ @@ -28,7 +29,6 @@ lb config noauto \ --iso-volume "Cortex Linux ${VERSION}" \ --memtest none \ --security true \ - --updates true \ --backports true \ --apt-indices true \ --apt-recommends true \ @@ -36,30 +36,27 @@ lb config noauto \ --cache true \ --cache-indices true \ --cache-packages true \ - --cache-stages true \ --checksums sha256 \ --chroot-filesystem squashfs \ --clean \ - --color \ --compression xz \ --debconf-frontend noninteractive \ --debconf-priority critical \ - --debootstrap-options "--variant=minbase --include=apt-transport-https,ca-certificates,gnupg" \ --firmware-binary true \ --firmware-chroot true \ --hdd-size auto \ - --image-name "cortex-linux" \ --initramfs live-boot \ - --initramfs-compression xz \ --initsystem systemd \ --interactive false \ --linux-flavours "${ARCH}" \ --linux-packages "linux-image linux-headers" \ --mode debian \ - --quiet \ --system live \ - --verbose \ --bootappend-live "boot=live components quiet splash locales=en_US.UTF-8 keyboard-layouts=us" \ "${@}" +# Create package lists directory +mkdir -p config/package-lists +echo "apt-transport-https ca-certificates gnupg" > config/package-lists/base.list.chroot + echo "Cortex Linux live-build configured successfully" diff --git a/iso/live-build/config/includes.chroot/usr/lib/cortex/firstboot.sh b/iso/live-build/config/includes.chroot/usr/lib/cortex/firstboot.sh index 20aacc0..b4dac1e 100755 --- a/iso/live-build/config/includes.chroot/usr/lib/cortex/firstboot.sh +++ b/iso/live-build/config/includes.chroot/usr/lib/cortex/firstboot.sh @@ -2,7 +2,7 @@ # Cortex Linux First Boot Provisioning # Runs on first boot to complete system setup # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/packages/cortex-archive-keyring/debian/compat b/packages/cortex-archive-keyring/debian/compat deleted file mode 100644 index ec63514..0000000 --- a/packages/cortex-archive-keyring/debian/compat +++ /dev/null @@ -1 +0,0 @@ -9 diff --git a/packages/cortex-core/debian/compat b/packages/cortex-core/debian/compat deleted file mode 100644 index b1bd38b..0000000 --- a/packages/cortex-core/debian/compat +++ /dev/null @@ -1 +0,0 @@ -13 diff --git a/packages/cortex-full/debian/compat b/packages/cortex-full/debian/compat deleted file mode 100644 index b1bd38b..0000000 --- a/packages/cortex-full/debian/compat +++ /dev/null @@ -1 +0,0 @@ -13 diff --git a/packages/cortex-gpu-amd/debian/compat b/packages/cortex-gpu-amd/debian/compat deleted file mode 100644 index f599e28..0000000 --- a/packages/cortex-gpu-amd/debian/compat +++ /dev/null @@ -1 +0,0 @@ -10 diff --git a/packages/cortex-gpu-nvidia/debian/compat b/packages/cortex-gpu-nvidia/debian/compat deleted file mode 100644 index f599e28..0000000 --- a/packages/cortex-gpu-nvidia/debian/compat +++ /dev/null @@ -1 +0,0 @@ -10 diff --git a/packages/cortex-llm/debian/compat b/packages/cortex-llm/debian/compat deleted file mode 100644 index f599e28..0000000 --- a/packages/cortex-llm/debian/compat +++ /dev/null @@ -1 +0,0 @@ -10 diff --git a/packages/cortex-secops/debian/compat b/packages/cortex-secops/debian/compat deleted file mode 100644 index f599e28..0000000 --- a/packages/cortex-secops/debian/compat +++ /dev/null @@ -1 +0,0 @@ -10 diff --git a/repository/scripts/repo-manage.sh b/repository/scripts/repo-manage.sh index c0570d4..2aa6722 100755 --- a/repository/scripts/repo-manage.sh +++ b/repository/scripts/repo-manage.sh @@ -2,7 +2,7 @@ # Cortex Linux APT Repository Management # Manages package publishing, signing, and snapshots # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/sbom/generate-sbom.sh b/sbom/generate-sbom.sh index 29b1d5c..b77c0d7 100755 --- a/sbom/generate-sbom.sh +++ b/sbom/generate-sbom.sh @@ -2,7 +2,7 @@ # Cortex Linux SBOM Generation # Generates Software Bill of Materials in CycloneDX and SPDX formats # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/scripts/build.sh b/scripts/build.sh index a7cecdd..8ff3621 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -2,7 +2,7 @@ # Cortex Linux Master Build Script # One-command ISO build with all dependencies # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/tests/verify-iso.sh b/tests/verify-iso.sh index 16156fd..fe7200a 100755 --- a/tests/verify-iso.sh +++ b/tests/verify-iso.sh @@ -2,7 +2,7 @@ # Cortex Linux ISO Verification Tests # Validates ISO integrity and bootability # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/tests/verify-packages.sh b/tests/verify-packages.sh index 11b6ea0..be94443 100755 --- a/tests/verify-packages.sh +++ b/tests/verify-packages.sh @@ -2,7 +2,7 @@ # Cortex Linux Package Verification Tests # Validates Debian package structure and dependencies # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/tests/verify-preseed.sh b/tests/verify-preseed.sh index 2417f99..e87b7d9 100755 --- a/tests/verify-preseed.sh +++ b/tests/verify-preseed.sh @@ -2,7 +2,7 @@ # Cortex Linux Preseed Verification Tests # Validates preseed files for automated installation # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e