https://github.com/mufeedali/shinyblue
https://github.com/mufeedali/shinyblue
Last synced: over 1 year ago
JSON representation
- Host: GitHub
- URL: https://github.com/mufeedali/shinyblue
- Owner: mufeedali
- License: apache-2.0
- Archived: true
- Created: 2024-04-21T09:42:25.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2024-06-30T20:45:03.000Z (about 2 years ago)
- Last Synced: 2025-02-06T05:13:13.441Z (over 1 year ago)
- Language: Shell
- Size: 33.2 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# Shinyblue [](https://github.com/mufeedali/shinyblue/actions/workflows/build.yml)
## Installation
> **Warning**
> [This is an experimental feature](https://www.fedoraproject.org/wiki/Changes/OstreeNativeContainerStable), try at your own discretion.
To rebase an existing atomic Fedora installation to the latest build:
- First rebase to the unsigned image, to get the proper signing keys and policies installed:
```
rpm-ostree rebase ostree-unverified-registry:ghcr.io/mufeedali/shinyblue:latest
```
- Reboot to complete the rebase:
```
systemctl reboot
```
- Then rebase to the signed image, like so:
```
rpm-ostree rebase ostree-image-signed:docker://ghcr.io/mufeedali/shinyblue:latest
```
- Reboot again to complete the installation
```
systemctl reboot
```
The `latest` tag will automatically point to the latest build. That build will still always use the Fedora version specified in `recipe.yml`, so you won't get accidentally updated to the next major version.
## ISO
If build on Fedora Atomic, you can generate an offline ISO with the instructions available [here](https://blue-build.org/learn/universal-blue/#fresh-install-from-an-iso). These ISOs cannot unfortunately be distributed on GitHub for free due to large sizes, so for public projects something else has to be used for hosting.
## Verification
These images are signed with [Sigstore](https://www.sigstore.dev/)'s [cosign](https://github.com/sigstore/cosign). You can verify the signature by downloading the `cosign.pub` file from this repo and running the following command:
```bash
cosign verify --key cosign.pub ghcr.io/mufeedali/shinyblue
```