From 0c03092481ec1ef6d6bc171d8a96e015614ce03b Mon Sep 17 00:00:00 2001 From: Licia Date: Fri, 20 Mar 2026 01:22:07 +0000 Subject: [PATCH 1/5] add cosmic desktop add cosmic aarch64 workaround --- .github/actions/config/action.yml | 2 +- .github/workflows/reusable-build.yml | 4 +++- files/scripts/20-desktop.sh | 14 ++++++++++++++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/.github/actions/config/action.yml b/.github/actions/config/action.yml index ed10df1..03d32ac 100644 --- a/.github/actions/config/action.yml +++ b/.github/actions/config/action.yml @@ -57,7 +57,7 @@ runs: IMAGE_PATH="almalinuxorg" IMAGE_NAME="atomic-desktop" PLATFORMS="arm64,amd64,amd64/v2" - VARIANTS="gnome,kde" + VARIANTS="gnome,kde,cosmic" echo "REGISTRY=${REGISTRY}" >> $GITHUB_OUTPUT echo "REGISTRY_USER=${REGISTRY_USER}" >> $GITHUB_OUTPUT diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index dd17f87..4f8225c 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -107,7 +107,9 @@ jobs: - Systemd: - Glibc: - Bootc: - - ${{ inputs.variant == 'gnome' && 'GNOME: ' || 'KDE: ' }} + - ${{ inputs.variant == 'gnome' && 'GNOME: ' + || inputs.variant == 'kde' && 'KDE: ' + || inputs.variant == 'cosmic' && 'COSMIC: ' }} KMS_KEY_ALIAS: ${{ inputs.KMS_KEY_ALIAS }} AWS_REGION: ${{ inputs.AWS_REGION }} generate-sbom: true diff --git a/files/scripts/20-desktop.sh b/files/scripts/20-desktop.sh index 66f07c7..881b1c9 100755 --- a/files/scripts/20-desktop.sh +++ b/files/scripts/20-desktop.sh @@ -31,6 +31,20 @@ elif [[ "${VARIANT}" == "kde" ]]; then systemctl enable sddm +elif [[ "${VARIANT}" == "cosmic" ]]; then + # workaround: cosmic-greeter requires fprintd-pam but for aarch64 it's only in devel repo + if [[ "${TARGETARCH}" == "arm64" && ! $(dnf repoinfo devel -q | grep enabled) ]]; then + dnf install -y almalinux-release-devel + dnf config-manager --set-disabled devel + dnf install -y fprintd-pam --enablerepo=devel + fi + + dnf copr enable -y "ligenix/enterprise-cosmic" "rhel+epel-10-$(uname -m)" + dnf install -y \ + cosmic-desktop + + systemctl enable cosmic-greeter + else true From ec460a2802c41b53ee42f4bb273cfd95ba7cd1dd Mon Sep 17 00:00:00 2001 From: Licia Date: Fri, 20 Mar 2026 07:24:21 +0000 Subject: [PATCH 2/5] add cosmic to build-iso and README --- .github/workflows/build-iso.yml | 1 + README.md | 2 ++ 2 files changed, 3 insertions(+) diff --git a/.github/workflows/build-iso.yml b/.github/workflows/build-iso.yml index cf2b303..3d33d09 100644 --- a/.github/workflows/build-iso.yml +++ b/.github/workflows/build-iso.yml @@ -11,6 +11,7 @@ on: options: - 'gnome' - 'kde' + - 'cosmic' - 'ALL' concurrency: diff --git a/README.md b/README.md index 10a2102..02c9e57 100644 --- a/README.md +++ b/README.md @@ -13,10 +13,12 @@ to get you started. Create your own Atomic AlmaLinux respin in minutes! Download and install from the ISOs: * [atomic-desktop-gnome-amd64.iso](https://almalinux-atomic.s3-accelerate.dualstack.amazonaws.com/atomic-desktop/latest/atomic-desktop-gnome-amd64.iso) * [atomic-desktop-kde-amd64.iso](https://almalinux-atomic.s3-accelerate.dualstack.amazonaws.com/atomic-desktop/latest/atomic-desktop-kde-amd64.iso) +* [atomic-desktop-cosmic-amd64.iso](https://almalinux-atomic.s3-accelerate.dualstack.amazonaws.com/atomic-desktop/latest/atomic-desktop-cosmic-amd64.iso) Bootc images: * `quay.io/almalinuxorg/atomic-desktop-gnome` * `quay.io/almalinuxorg/atomic-desktop-kde` +* `quay.io/almalinuxorg/atomic-desktop-cosmic` * Cosign public key: [cosign.pub](/cosign.pub) # Contributing From 7cbb2fbbaef3c1ccd57b6a4c6d63d90703d60628 Mon Sep 17 00:00:00 2001 From: Licia Date: Sun, 22 Mar 2026 09:28:11 +0900 Subject: [PATCH 3/5] Change registry to GitHub Container Registry Updated action to use GitHub Container Registry and dynamic image details. --- .github/actions/config/action.yml | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/.github/actions/config/action.yml b/.github/actions/config/action.yml index ed10df1..10d15da 100644 --- a/.github/actions/config/action.yml +++ b/.github/actions/config/action.yml @@ -1,5 +1,6 @@ --- name: Set Environment Variables +description: Set Environment Variables inputs: VARIANT: @@ -52,11 +53,11 @@ runs: echo "LATEST_TAG=latest" >> $GITHUB_OUTPUT fi - REGISTRY=quay.io - REGISTRY_USER="almalinuxorg+airibarr_bot" - IMAGE_PATH="almalinuxorg" - IMAGE_NAME="atomic-desktop" - PLATFORMS="arm64,amd64,amd64/v2" + REGISTRY=ghcr.io + REGISTRY_USER=${{ github.actor }} + IMAGE_PATH=${{ github.repository_owner }} + IMAGE_NAME=${{ github.event.repository.name }} + PLATFORMS="arm64" VARIANTS="gnome,kde" echo "REGISTRY=${REGISTRY}" >> $GITHUB_OUTPUT @@ -73,4 +74,13 @@ runs: echo "MATRIX={\"variant\": [\"${{ inputs.VARIANT }}\"]}" >> $GITHUB_OUTPUT fi - echo "IS_SIGNED=true" >> $GITHUB_OUTPUT + # This is a workaround so that the expansion of SIGNING_SECRET doesn't break the if statement + SECRET=$(cat <> $GITHUB_OUTPUT + else + echo "IS_SIGNED=true" >> $GITHUB_OUTPUT + fi From 33073142add439b789bbd160602d874fcf4032ec Mon Sep 17 00:00:00 2001 From: Licia Date: Sun, 22 Mar 2026 09:30:52 +0900 Subject: [PATCH 4/5] Update base image in Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 676c87d..1aec535 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,7 +7,7 @@ COPY files/scripts /build_files/ COPY *.pub /keys/ # Base Image -FROM quay.io/almalinuxorg/almalinux-bootc:10@sha256:33cdd2cd472e007b7e14c8d534dec6dd80ca95096921cd18a9405a1b45c9e9cb +FROM ghcr.io/eseiker/almalinux-asahi-atomic:10@sha256:fad7d0177b595b03d9ec3dccdf170f50636d03e256f28945788cbd02c4a844a3 ARG IMAGE_NAME ARG IMAGE_REGISTRY From fbff07140de0074834f3aaf4e8760192b87e7631 Mon Sep 17 00:00:00 2001 From: Licia Date: Sun, 22 Mar 2026 00:42:24 +0000 Subject: [PATCH 5/5] update signing keys --- almalinux-asahi-atomic.pub | 4 ++++ almalinux-bootc.pub | 4 ---- cosign.pub | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) create mode 100644 almalinux-asahi-atomic.pub delete mode 100644 almalinux-bootc.pub diff --git a/almalinux-asahi-atomic.pub b/almalinux-asahi-atomic.pub new file mode 100644 index 0000000..89aa8c3 --- /dev/null +++ b/almalinux-asahi-atomic.pub @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEvgiGgHQz0dkEVssJvuNe70m5AUpt +BJXF0StH9iTz7r644UQNv5O2OpV70RCdJ74Sjx2UANzWlWndRP62rQ1VXQ== +-----END PUBLIC KEY----- diff --git a/almalinux-bootc.pub b/almalinux-bootc.pub deleted file mode 100644 index 45d3e6b..0000000 --- a/almalinux-bootc.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEptCZlNhnJ/MqYNBlUQ3IpyM/YvEO -qOtXYnkMZ36aNiIk9vvCYs3HjUvECgCr0arl0lRh5822cJRCL8EsWKXYEA== ------END PUBLIC KEY----- diff --git a/cosign.pub b/cosign.pub index bdda0f3..29bbcb2 100644 --- a/cosign.pub +++ b/cosign.pub @@ -1,4 +1,4 @@ -----BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqdVEERP3rl6YPIIsYYZb26DmHt3L -Mz6/eRZpb/KP8p4vsLjGELs7H81z4DpkKH0y7CLYpHihXXvzWjSWWRwQgA== +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEh0NYhUdd75gfPoq3H/QZ3JOAPDbz +dlrJ+wS9PxcNBp9csBWdmFFoBYMiA1hPgEd7h+qVgRo5koscLI/64FiFZQ== -----END PUBLIC KEY-----