mkosi for test image builds (#4539)

Added a `mkosi` profile as well as organized test tooling a bit.

---------

Co-authored-by: 0xdeadd <clintdotphillips@gmail.com>

Author: Torxed

.github/workflows/iso-build.yaml

@@ -32,7 +32,7 @@ jobs:
       - run: cat /etc/os-release
       - run: pacman-key --init
       - run: pacman --noconfirm -Sy archlinux-keyring
-      - run: ./build_iso.sh
+      - run: ./test_tooling/mkarchiso/build_iso.sh
       - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
         with:
           name: Arch Live ISO

.github/workflows/uki-build.yaml

@@ -0,0 +1,40 @@
+# This workflow will build an Arch Linux UKI file with the commit on it
+
+name: Build Arch UKI with ArchInstall Commit
+
+on:
+  push:
+    branches:
+      - master
+      - main # In case we adopt this convention in the future
+  pull_request:
+    paths-ignore:
+      - 'docs/**'
+      - '**.editorconfig'
+      - '**.gitignore'
+      - '**.md'
+      - 'LICENSE'
+      - 'PKGBUILD'
+  release:
+    types:
+      - created
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    container:
+      image: archlinux/archlinux:latest
+      options: --privileged
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+      - run: pwd
+      - run: find .
+      - run: cat /etc/os-release
+      - run: pacman-key --init
+      - run: pacman --noconfirm -Sy archlinux-keyring
+      - run: pacman --noconfirm -Sy mkosi
+      - run: (cd test_tooling/mkosi/ && mkosi build -B)
+      - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
+        with:
+          name: Arch Live UKI
+          path: test_tooling/mkosi/mkosi.output/*.efi

.gitignore

@@ -41,3 +41,7 @@ requirements.txt
 /cmd_output.txt
 node_modules/
 uv.lock
+test_tooling/mkosi/mkosi.output/*image*
+test_tooling/mkosi/mkosi.cache/**
+test_tooling/mkosi/mkosi.tools/**
+test_tooling/mkosi/mkosi.tools.manifest

pyproject.toml

@@ -69,7 +69,10 @@ archinstall = "archinstall"
 [tool.mypy]
 python_version = "3.14"
 files = "."
-exclude = "^build/"
+exclude = [
+    "^build/",
+    "^test_tooling/",
+]
 disallow_any_explicit = false
 disallow_any_expr = false
 disallow_any_unimported = true

build_iso.sh test_tooling/mkarchiso/build_iso.shbuild_iso.sh renamed to test_tooling/mkarchiso/build_iso.sh

@@ -0,0 +1,12 @@
+# To build
+
+    mkosi build -B
+
+# To run
+
+    mkosi qemu \
+        --drive=archinstall_small:25G \
+        -- \
+        -device nvme,serial=archinstall_small,drive=archinstall_small
+
+*note: in order to boot the installation, we need to disable UKI being added to -kernel. I don't know of a way to do this yet, unless we tinker with mkosi/qemu.py - https://github.com/Torxed/mkosi/commit/6f3c20802bd73f88b672cc96ef0db1e542084316 - in which case we could do: `mkosi qemu --drive=archinstall_small:25G -- -device nvme,serial=archinstall_small,drive=archinstall_small,bootindex=0 -kernel none` but it still won't boot properly.*

test_tooling/mkosi/README.md

@@ -0,0 +1,50 @@
+[Distribution]
+Distribution=arch
+# LocalMirror=file:///var/lib/localmirror
+
+[Output]
+Format=uki
+# Format=disk
+
+[Include]
+Include=mkosi-vm
+
+[Validation]
+SecureBoot=false
+SecureBootAutoEnroll=false
+Sign=false
+# Signing artifacts (hashsums etc) using a GPG key:
+# Key=D4B58E897A929F2E
+# Signing secure boot using PIV on yubikey:
+# SecureBoot=true
+# SecureBootKey=pkcs11:
+# SecureBootCertificate=secureboot.crt
+
+[Content]
+Packages=
+         pacman
+         archlinux-keyring
+         amd-ucode
+         intel-ucode
+#         tpm2-tss
+#         libfido2
+#         libp11-kit
+WithDocs=false
+RootPassword=toor
+Timezone=Europe/Stockholm
+Keymap=sv-latin1
+InitrdProfiles=network
+
+[Config]
+Profiles=archinstall
+
+[Build]
+Incremental=true
+ToolsTree=default
+ToolsTreeProfiles=devel,misc,package-manager,runtime,gui
+WithNetwork=yes
+
+[Runtime]
+Console=gui
+CPUs=4
+RAM=8G

test_tooling/mkosi/mkosi.cache/.gitkeep

@@ -0,0 +1,24 @@
+[Match]
+# Matching with "Type=ether" causes issues with containers because it also matches virtual Ethernet interfaces (veth*).
+# See https://bugs.archlinux.org/task/70892
+# Instead match by globbing the network interface name.
+Name=en*
+Name=eth*
+
+[Link]
+RequiredForOnline=routable
+
+[Network]
+DHCP=yes
+MulticastDNS=yes
+
+# systemd-networkd does not set per-interface-type default route metrics
+# https://github.com/systemd/systemd/issues/17698
+# Explicitly set route metric, so that Ethernet is preferred over Wi-Fi and Wi-Fi is preferred over mobile broadband.
+# Use values from NetworkManager. From nm_device_get_route_metric_default in
+# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c
+[DHCPv4]
+RouteMetric=100
+
+[IPv6AcceptRA]
+RouteMetric=100

test_tooling/mkosi/mkosi.conf

@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=-/usr/bin/agetty --noreset --noclear --autologin root - ${TERM}