all: remove dependency on gce repository

Since around 13 December 2025, the gce repository return an error 403, error: failed retrieving file 'gce.db' from storage.googleapis.com : The requested URL returned error: 403 We then build google-compute-engine and google-guest-agent and host it under build.kilabit.info repository using the latest releases [1][2]. For google-compute-engine we use version 20251014.00-1. For google-guest-agent we use version 20251223.00-1. [1]: https://build.kilabit.info/karajo/app/#job_aur_google-compute-engine [2]: https://build.kilabit.info/karajo/app/#job_aur_google-guest-agent
author: Shulhan <ms@kilabit.info> 2025-12-25 19:01:04 +0700
committer: Shulhan <ms@kilabit.info> 2025-12-25 19:03:16 +0700
commit: fca620c1e13bae91b4a3167a10d660f3d72e7aeb (patch)
tree: 5f586763b54324f85b80822eb0062e9d485ef20e
parent: cbc720a6c7b686312d1d309157b37c855eab063c (diff)
download: compute-archlinux-image-builder-fca620c1e13bae91b4a3167a10d660f3d72e7aeb.tar.xz
5 files changed, 159 insertions, 24 deletions
diff --git a/awwan.env b/awwan.env
index a9326d1..470bfe1 100644
--- a/awwan.env
+++ b/awwan.env
@@ -5,5 +5,5 @@ region = asia-southeast1
 zone = asia-southeast1-b
 
 [host]
-image = arch-v20240606
+image = arch-v20251225
 name = arch-test
diff --git a/build-arch-gce b/build-arch-gce
index 094ab67..ca03f13 100755
--- a/build-arch-gce
+++ b/build-arch-gce
@@ -70,12 +70,15 @@ mkdir -p $mount_dir/var/lib/pacman/sync
 rsync -r /var/lib/pacman/sync/ $mount_dir/var/lib/pacman/sync/
 
 echo '- Installing Arch Linux.'
-pacstrap -c -C "./sys/etc/pacman.conf" -- "$mount_dir" \
-	base linux dosfstools e2fsprogs openssh polkit sudo google-compute-engine \
-	vim-minimal tmux mosh rsync unzip \
-	google-cloud-ops-agent-git google-compute-engine-oslogin
+pacstrap -c -C "./sys/etc/pacman.conf.org" -M -- "$mount_dir" \
+	base linux dosfstools e2fsprogs openssh polkit sudo \
+	vim-minimal tmux mosh rsync unzip
+
 cp -f ./sys/etc/pacman.conf "$mount_dir/etc/pacman.conf"
 
+mkdir -p $mount_dir/etc/pacman.d/
+cp -f ./sys/etc/pacman.d/mirrorlist $mount_dir/etc/pacman.d/
+
 echo '- Configuring fstab.'
 root_uuid=$(lsblk --noheadings --raw --output UUID -- "$root_dev")
 boot_uuid=$(lsblk --noheadings --raw --output UUID -- "$boot_dev")
@@ -119,9 +122,6 @@ cp ./sys/etc/systemd/journald.conf.d/00-google.conf $mount_dir/etc/systemd/journ
 echo '-- Configuring ssh.'
 cp ./sys/etc/ssh/sshd_config $mount_dir/etc/ssh/
 
-echo '-- Configuring pacman mirrorlist.'
-cp -f ./sys/etc/pacman.d/mirrorlist $mount_dir/etc/pacman.d/mirrorlist
-
 echo '-- Creating pacman-init service.'
 cp ./sys/etc/systemd/system/pacman-init.service $mount_dir/etc/systemd/system/
 
@@ -129,10 +129,6 @@ echo '-- Configuring initcpio.'
 cp ./sys/etc/mkinitcpio.conf $mount_dir/etc/
 cp ./sys/etc/mkinitcpio.d/linux.preset $mount_dir/etc/mkinitcpio.d/
 
-echo '-- Configuring Google Cloud Ops Agent.'
-mkdir -p $mount_dir/etc/google-cloud-ops-agent/
-cp ./sys/etc/google-cloud-ops-agent/config.yaml $mount_dir/etc/google-cloud-ops-agent/
-
 echo '-- Configuring network.'
 mkdir -p $mount_dir/etc/systemd/network/
 cp ./sys/etc/systemd/network/10-eth0.network $mount_dir/etc/systemd/network/
@@ -154,6 +150,8 @@ arch-chroot -- "$mount_dir" /bin/bash -s <<-'EOS'
 	set -eEuo pipefail
 	trap 'echo "Error: \`$BASH_COMMAND\` exited with status $?"' ERR
 
+	ls -l /etc/pacman.d/gnupg/
+
 	echo '-- Configuring time.'
 	ln -sf /usr/share/zoneinfo/UTC /etc/localtime
 	systemctl --quiet enable systemd-timesyncd.service
@@ -168,8 +166,16 @@ arch-chroot -- "$mount_dir" /bin/bash -s <<-'EOS'
 	echo '-- Enabling sshd service.'
 	systemctl --quiet enable sshd.service
 
-	echo '-- Enabling pacman-init service.'
-	systemctl --quiet enable pacman-init.service
+	echo '-- Installing google-compute-engine and guest-agent.'
+	## Import the key for build.kilabit.info repository.
+	pacman-key --recv-key 4A5360B500C9C4F0
+	pacman-key --lsign-key 4A5360B500C9C4F0
+
+	## The google-compute-engine depends on
+	## google-compute-engine-oslogin and google-guest-agent.
+	pacman -Syy --noconfirm \
+		google-compute-engine \
+		google-cloud-ops-agent-git
 
 	echo '-- Enabling google-cloud-ops-agent.service'
 	systemctl --quiet enable google-cloud-ops-agent.service
@@ -191,6 +197,10 @@ arch-chroot -- "$mount_dir" /bin/bash -s <<-'EOS'
 	fi
 EOS
 
+echo '- Configuring Google Cloud Ops Agent.'
+mkdir -p $mount_dir/etc/google-cloud-ops-agent/
+cp ./sys/etc/google-cloud-ops-agent/config.yaml $mount_dir/etc/google-cloud-ops-agent/
+
 echo '- Configuring boot loader.'
 cp ./sys/efi/loader/loader.conf $mount_dir/boot/loader/
 cp ./sys/efi/loader/entries/arch.conf $mount_dir/boot/loader/entries/
diff --git a/current-images.txt b/current-images.txt
index 5783ff3..b405758 100644
--- a/current-images.txt
+++ b/current-images.txt
@@ -1,6 +1,35 @@
-NAME            PROJECT       FAMILY  DEPRECATED  STATUS
-arch-v20240511  arch-builder  arch                READY
-arch-v20240518  arch-builder  arch                READY
-arch-v20240525  arch-builder  arch                READY
-arch-v20240601  arch-builder  arch                READY
-arch-v20240606  arch-builder  arch                READY
+[
+  {
+    "archiveSizeBytes": "1714793856",
+    "creationTimestamp": "2025-12-25T03:51:49.084-08:00",
+    "description": "Arch linux image with ops-agent. See https://github.com/shuLhan/compute-archlinux-image-builder",
+    "diskSizeGb": "10",
+    "enableConfidentialCompute": false,
+    "family": "arch",
+    "guestOsFeatures": [
+      {
+        "type": "GVNIC"
+      },
+      {
+        "type": "UEFI_COMPATIBLE"
+      },
+      {
+        "type": "VIRTIO_SCSI_MULTIQUEUE"
+      }
+    ],
+    "id": "2806474738306685883",
+    "kind": "compute#image",
+    "labelFingerprint": "42WmSpB8rSM=",
+    "name": "arch-v20251225",
+    "rawDisk": {
+      "containerType": "TAR",
+      "source": ""
+    },
+    "selfLink": "https://www.googleapis.com/compute/v1/projects/kilabit/global/images/arch-v20251225",
+    "sourceType": "RAW",
+    "status": "READY",
+    "storageLocations": [
+      "us"
+    ]
+  }
+]
diff --git a/sys/etc/pacman.conf b/sys/etc/pacman.conf
index ccbcf80..50d57cb 100644
--- a/sys/etc/pacman.conf
+++ b/sys/etc/pacman.conf
@@ -98,7 +98,3 @@ Include = /etc/pacman.d/mirrorlist
 
 [build.kilabit.info]
 Server = https://build.kilabit.info/aur
-
-[gce]
-Server = https://storage.googleapis.com/arch-linux-gce/repo
-SigLevel = Optional TrustAll
diff --git a/sys/etc/pacman.conf.org b/sys/etc/pacman.conf.org
new file mode 100644
index 0000000..4b0fb75
--- /dev/null
+++ b/sys/etc/pacman.conf.org
@@ -0,0 +1,100 @@
+#
+# /etc/pacman.conf
+#
+# See the pacman.conf(5) manpage for option and repository directives
+
+#
+# GENERAL OPTIONS
+#
+[options]
+# The following paths are commented out with their default values listed.
+# If you wish to use different paths, uncomment and update the paths.
+#RootDir     = /
+#DBPath      = /var/lib/pacman/
+#CacheDir    = /var/cache/pacman/pkg/
+#LogFile     = /var/log/pacman.log
+#GPGDir      = /etc/pacman.d/gnupg/
+#HookDir     = /etc/pacman.d/hooks/
+HoldPkg     = pacman glibc
+#XferCommand = /usr/bin/curl -L -C - -f -o %o %u
+#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
+#CleanMethod = KeepInstalled
+Architecture = auto
+
+# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
+#IgnorePkg   =
+#IgnoreGroup =
+
+#NoUpgrade   =
+#NoExtract   =
+
+# Misc options
+#UseSyslog
+#Color
+#NoProgressBar
+CheckSpace
+VerbosePkgLists
+#ParallelDownloads = 5
+DownloadUser = alpm
+#DisableSandboxFilesystem
+#DisableSandboxSyscalls
+
+# By default, pacman accepts packages signed by keys that its local keyring
+# trusts (see pacman-key and its man page), as well as unsigned packages.
+SigLevel    = Required DatabaseOptional
+LocalFileSigLevel = Optional
+#RemoteFileSigLevel = Required
+
+# NOTE: You must run `pacman-key --init` before first using pacman; the local
+# keyring can then be populated with the keys of all official Arch Linux
+# packagers with `pacman-key --populate archlinux`.
+
+#
+# REPOSITORIES
+#   - can be defined here or included from another file
+#   - pacman will search repositories in the order defined here
+#   - local/custom mirrors can be added here or in separate files
+#   - repositories listed first will take precedence when packages
+#     have identical names, regardless of version number
+#   - URLs will have $repo replaced by the name of the current repo
+#   - URLs will have $arch replaced by the name of the architecture
+#
+# Repository entries are of the format:
+#       [repo-name]
+#       Server = ServerName
+#       Include = IncludePath
+#
+# The header [repo-name] is crucial - it must be present and
+# uncommented to enable the repo.
+#
+
+# The testing repositories are disabled by default. To enable, uncomment the
+# repo name header and Include lines. You can add preferred servers immediately
+# after the header, and they will be used before the default mirrors.
+
+#[core-testing]
+#Include = /etc/pacman.d/mirrorlist
+
+[core]
+Include = /etc/pacman.d/mirrorlist
+
+#[extra-testing]
+#Include = /etc/pacman.d/mirrorlist
+
+[extra]
+Include = /etc/pacman.d/mirrorlist
+
+# If you want to run 32 bit applications on your x86_64 system,
+# enable the multilib repositories as required here.
+
+#[multilib-testing]
+#Include = /etc/pacman.d/mirrorlist
+
+#[multilib]
+#Include = /etc/pacman.d/mirrorlist
+
+# An example of a custom package repository.  See the pacman manpage for
+# tips on creating your own repositories.
+#[custom]
+#SigLevel = Optional TrustAll
+#Server = file:///home/custompkgs
author	Shulhan <ms@kilabit.info>	2025-12-25 19:01:04 +0700
committer	Shulhan <ms@kilabit.info>	2025-12-25 19:03:16 +0700
commit	fca620c1e13bae91b4a3167a10d660f3d72e7aeb (patch)
tree	5f586763b54324f85b80822eb0062e9d485ef20e
parent	cbc720a6c7b686312d1d309157b37c855eab063c (diff)
download	compute-archlinux-image-builder-fca620c1e13bae91b4a3167a10d660f3d72e7aeb.tar.xz