diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f25aa332..1a04ff0e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -199,3 +199,34 @@ jobs: truncate -s 20G ${tmpdisk} sudo podman run --rm --privileged --env RUST_LOG=debug -v /dev:/dev -v /:/target -v /var/lib/containers:/var/lib/containers -v ./usr/bin/bootc:/usr/bin/bootc --pid=host --security-opt label=disable \ -v ${tmpdisk}:/disk ${image} bootc install to-disk --via-loopback /disk + docs: + if: ${{ contains(github.event.pull_request.labels.*.name, 'documentation') }} + runs-on: ubuntu-latest + env: + MDBOOK_VERSION: 0.4.37 + steps: + - uses: actions/checkout@v4 + - name: Install mdBook + run: | + tag=$(curl 'https://github.com/gitapi/repos/rust-lang/mdbook/releases/latest' | jq -r '.tag_name') + url="https://github.com/rust-lang/mdbook/releases/download/${tag}/mdbook-${tag}-x86_64-unknown-linux-gnu.tar.gz" + mkdir mdbook + curl -sSL $url | tar -xz --directory=./mdbook + echo `pwd`/mdbook >> $GITHUB_PATH + - name: Install mdbook-mermaid + run: | + tag=$(curl 'https://github.com/gitapi/repos/badboy/mdbook-mermaid/releases/latest' | jq -r '.tag_name') + url="https://github.com/badboy/mdbook-mermaid/releases/download/${tag}/mdbook-mermaid-${tag}-x86_64-unknown-linux-gnu.tar.gz" + mkdir mdbook-mermaid + curl -sSL $url | tar -xz --directory=./mdbook-mermaid + echo `pwd`/mdbook-mermaid >> $GITHUB_PATH + - name: Install mdbook-linkcheck + run: | + tag=$(curl 'https://github.com/gitapi/repos/Michael-F-Bryan/mdbook-linkcheck/releases/latest' | jq -r '.tag_name') + archive="mdbook-linkcheck.x86_64-unknown-linux-gnu.zip" + url="https://github.com/Michael-F-Bryan/mdbook-linkcheck/releases/download/${tag}/${archive}" + mkdir mdbook-linkcheck + curl -sSL -O $url && unzip ${archive} -d ./mdbook-linkcheck && chmod +x ./mdbook-linkcheck/mdbook-linkcheck + echo `pwd`/mdbook-linkcheck >> $GITHUB_PATH + - name: Build with mdBook + run: cd docs && mdbook-mermaid install && mdbook build diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 86883437..a7f210fc 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -35,6 +35,14 @@ jobs: mkdir mdbook-mermaid curl -sSL $url | tar -xz --directory=./mdbook-mermaid echo `pwd`/mdbook-mermaid >> $GITHUB_PATH + - name: Install mdbook-linkcheck + run: | + tag=$(curl 'https://github.com/gitapi/repos/Michael-F-Bryan/mdbook-linkcheck/releases/latest' | jq -r '.tag_name') + archive="mdbook-linkcheck.x86_64-unknown-linux-gnu.zip" + url="https://github.com/Michael-F-Bryan/mdbook-linkcheck/releases/download/${tag}/${archive}" + mkdir mdbook-linkcheck + curl -sSL -O $url && unzip ${archive} -d ./mdbook-linkcheck && chmod +x ./mdbook-linkcheck/mdbook-linkcheck + echo `pwd`/mdbook-linkcheck >> $GITHUB_PATH - name: Setup Pages id: pages uses: actions/configure-pages@v4 diff --git a/docs/book.toml b/docs/book.toml index 105809ff..fa4ba8f4 100644 --- a/docs/book.toml +++ b/docs/book.toml @@ -10,3 +10,5 @@ command = "mdbook-mermaid" [output.html] additional-js = ["mermaid.min.js", "mermaid-init.js"] + +[output.linkcheck] diff --git a/docs/src/SUMMARY.md b/docs/src/SUMMARY.md index 624f912c..534039ad 100644 --- a/docs/src/SUMMARY.md +++ b/docs/src/SUMMARY.md @@ -31,7 +31,7 @@ - [Understanding `bootc install`](bootc-install.md) - [`man bootc-install.md`](man/bootc-install.md) -- [`man bootc-install-config`](man-md/bootc-install-config.md) +- [`man bootc-install-config`](man/bootc-install-config.md) - [`man bootc-install-to-disk.md`](man/bootc-install-to-disk.md) - [`man bootc-install-to-filesystem.md`](man/bootc-install-to-filesystem.md) diff --git a/docs/src/building/users-and-groups.md b/docs/src/building/users-and-groups.md index b548ddff..6f05f40b 100644 --- a/docs/src/building/users-and-groups.md +++ b/docs/src/building/users-and-groups.md @@ -144,7 +144,7 @@ or `DynamicUser=yes`. ### Machine-local state for users -At this point, it is important to understand the [filesystem](filesystem.md) +At this point, it is important to understand the [filesystem](../filesystem.md) layout - the default is up to the base image. The default Linux concept of a user has data stored in both `/etc` (`/etc/passwd`, `/etc/shadow` and groups) diff --git a/docs/src/relationship-particles.md b/docs/src/relationship-particles.md index dd6893b7..2ccef1ff 100644 --- a/docs/src/relationship-particles.md +++ b/docs/src/relationship-particles.md @@ -149,7 +149,7 @@ and apply that to the base operating system too. There is a very strong security rationale behind much of the design proposal of "particles" and DDIs. It is absolutely true today, quoting the blog: -> That said, I think [OCI has] relatively weak properties, in particular when it comes to security, since immutability/measurements and similar are not provided. This means, unlike for system extensions and portable services a complete trust chain with attestation and per-app cryptographically protected data is much harder to implement sanely. +> That said, I think \[OCI has\] relatively weak properties, in particular when it comes to security, since immutability/measurements and similar are not provided. This means, unlike for system extensions and portable services a complete trust chain with attestation and per-app cryptographically protected data is much harder to implement sanely. The [composefs project](https://github.com/containers/composefs/) aims to close this gap, and the bootc project will use it, and has an explicit goal