Compare commits
No commits in common. "develop" and "r24.29.0" have entirely different histories.
6 changed files with 118 additions and 120 deletions
|
|
@ -1,43 +1,41 @@
|
|||
on:
|
||||
push:
|
||||
on: [push]
|
||||
env:
|
||||
REGISTRY_IMAGE: ${{ vars.REGISTRY }}/${{ github.repository }}:${{ github.ref_name }}
|
||||
REGISTRY: forgejo.sbox.hornwitser.no
|
||||
REGISTRY_IMAGE: forgejo.sbox.hornwitser.no/furnavia/builder
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: debian
|
||||
runs-on: docker
|
||||
container:
|
||||
image: sif.g100.hornwitser.no:3000/furnavia/builder:latest
|
||||
steps:
|
||||
-
|
||||
name: Install and configure dependencies
|
||||
name: Get image tags
|
||||
id: info
|
||||
shell: bash
|
||||
run: |
|
||||
apt-get update
|
||||
apt-get install -y --no-install-recommends \
|
||||
buildah \
|
||||
ca-certificates \
|
||||
containers-storage \
|
||||
crun \
|
||||
git \
|
||||
netavark \
|
||||
;
|
||||
shared=/var/lib/shared/storage
|
||||
sed /usr/share/containers/storage.conf \
|
||||
-e "/^additionalimagestores/a"'\
|
||||
'"\"$shared\"" \
|
||||
> /etc/containers/storage.conf
|
||||
tee -a ${GITHUB_OUTPUT} <<EOF
|
||||
TAGS<<EOT
|
||||
$(
|
||||
echo ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}
|
||||
if [[ "${{ github.ref_name }}" =~ ^r[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
|
||||
echo ${{ env.REGISTRY_IMAGE }}:latest
|
||||
elif [[ "${{ github.ref_name }}" == forgejo ]]; then
|
||||
echo ${{ env.REGISTRY_IMAGE }}:development
|
||||
fi
|
||||
)
|
||||
EOT
|
||||
EOF
|
||||
-
|
||||
name: Checkout repository
|
||||
run: |
|
||||
git config --global credential.helper store
|
||||
echo "https://runner:${{ secrets.GITHUB_TOKEN }}@$(echo "${{ github.server_url }}" | cut -b 9-)" > ~/.git-credentials
|
||||
git clone --branch ${{ github.ref_name }} ${{ github.server_url }}/${{ github.repository }} ${{ github.workspace }}
|
||||
-
|
||||
name: Authenticate with registry
|
||||
run: |
|
||||
echo "${{ secrets.REGISTRY_TOKEN }}" | buildah login ${{ vars.REGISTRY }} --username runner --password-stdin
|
||||
name: Authenticate
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
username: ${{ secrets.REGISTRY_USERNAME }}
|
||||
password: ${{ secrets.REGISTRY_TOKEN }}
|
||||
registry: ${{ env.REGISTRY }}
|
||||
-
|
||||
name: Build and push
|
||||
run: |
|
||||
export BUILDAH_ISOLATION=chroot
|
||||
export _BUILDAH_STARTED_IN_USERNS=""
|
||||
${{ github.workspace }}/builder.sh ${{ env.REGISTRY_IMAGE }}
|
||||
buildah push ${{ env.REGISTRY_IMAGE }}
|
||||
uses: docker/build-push-action@v6
|
||||
with:
|
||||
push: true
|
||||
tags: ${{ steps.info.outputs.TAGS }}
|
||||
|
|
|
|||
17
.gitlab-ci.yml
Normal file
17
.gitlab-ci.yml
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
default:
|
||||
image: docker:24.0.5
|
||||
|
||||
build:
|
||||
stage: build
|
||||
script:
|
||||
- docker build $CI_PROJECT_DIR
|
||||
--tag ${REGISTRY_IMAGE}:${CI_COMMIT_REF_SLUG}
|
||||
$(echo "$CI_COMMIT_TAG" | if grep -q $(date -u '+^r%g\.%-V\.\(0\|[1-9][0-9]*\)$');
|
||||
then echo --tag ${REGISTRY_IMAGE}:latest;
|
||||
fi)
|
||||
|
||||
deploy:
|
||||
stage: deploy
|
||||
script:
|
||||
- echo "$REGISTRY_PASSWORD" | docker login $CI_REGISTRY -u $REGISTRY_USER --password-stdin
|
||||
- docker push --all-tags ${REGISTRY_IMAGE}
|
||||
45
Dockerfile
Normal file
45
Dockerfile
Normal file
|
|
@ -0,0 +1,45 @@
|
|||
FROM debian:bookworm
|
||||
|
||||
ARG KUBE_RELEASE=v1.30.2
|
||||
ARG YQ_VERSION=v4.44.2
|
||||
ARG NODE_VERSION=20.x
|
||||
ARG PNPM_VERSION=v9.5.0
|
||||
|
||||
RUN set -eux; \
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
ca-certificates \
|
||||
curl \
|
||||
git \
|
||||
openssh-client \
|
||||
; \
|
||||
install -m 0755 -d /etc/apt/keyrings; \
|
||||
curl -sSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc; \
|
||||
chmod a+r /etc/apt/keyrings/docker.asc; \
|
||||
echo \
|
||||
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] \
|
||||
https://download.docker.com/linux/debian \
|
||||
bookworm stable" \
|
||||
> /etc/apt/sources.list.d/docker.list; \
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
docker-ce-cli \
|
||||
docker-buildx-plugin \
|
||||
docker-compose-plugin \
|
||||
; \
|
||||
curl --silent --location "https://dl.k8s.io/release/$KUBE_RELEASE/bin/linux/amd64/kubectl" \
|
||||
| install --owner=root --group=root --mode=0755 /dev/stdin /usr/local/bin/kubectl \
|
||||
; \
|
||||
curl --silent --location "https://github.com/mikefarah/yq/releases/download/$YQ_VERSION/yq_linux_amd64.tar.gz" \
|
||||
| tar --extract --gzip --to-stdout ./yq_linux_amd64 \
|
||||
| install --owner=root --group=root --mode=0755 /dev/stdin /usr/local/bin/yq \
|
||||
; \
|
||||
curl --silent --location "https://deb.nodesource.com/setup_$NODE_VERSION" | bash; \
|
||||
apt-get install -y --no-install-recommends nodejs; \
|
||||
corepack install --global pnpm@$PNPM_VERSION; \
|
||||
corepack enable pnpm; \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# References:
|
||||
# - docker: https://docs.docker.com/engine/install/debian/#install-from-a-package
|
||||
# - node: https://github.com/nodesource/distributions#installation-instructions-deb
|
||||
18
Readme.md
18
Readme.md
|
|
@ -1,14 +1,14 @@
|
|||
# Builder
|
||||
|
||||
Common container image used for running application builds, CI pipelines, and deployment scripts based on Debian Trixie.
|
||||
Common docker image used for running application builds, CI pipelines, and deployment scripts based on Debian 12.
|
||||
|
||||
## Tools included
|
||||
|
||||
- `buildah` trixie - https://packages.debian.org/trixie/buildah
|
||||
- `curl` trixie - https://packages.debian.org/trixie/curl
|
||||
- `git` trixie - https://packages.debian.org/trixie/git
|
||||
- `node` v22.x - https://github.com/nodesource/distributions
|
||||
- `pnpm` v9.5.0 - https://pnpm.io/
|
||||
- `podman` trixie - https://packages.debian.org/trixie/podman
|
||||
- `ssh` trixie - https://packages.debian.org/trixie/openssh-client
|
||||
- `yq` v4.44.2 - https://github.com/mikefarah/yq
|
||||
- `docker`
|
||||
- `curl`
|
||||
- `git`
|
||||
- `kubectl`
|
||||
- `node`
|
||||
- `pnpm`
|
||||
- `ssh`
|
||||
- `yq` - https://github.com/mikefarah/yq
|
||||
|
|
|
|||
62
builder.sh
62
builder.sh
|
|
@ -1,62 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
set -xe
|
||||
|
||||
YQ_VERSION=v4.44.2
|
||||
NODE_VERSION=22.x
|
||||
PNPM_VERSION=v9.5.0
|
||||
|
||||
ctr=$(buildah from "docker.io/library/debian:trixie-20250428")
|
||||
mnt=$(buildah mount $ctr) # Used to verify mounts work
|
||||
|
||||
# Install dependencies
|
||||
buildah run $ctr -- apt-get update
|
||||
buildah run $ctr -- apt-get install -y --no-install-recommends \
|
||||
buildah \
|
||||
ca-certificates \
|
||||
containers-storage \
|
||||
crun \
|
||||
curl \
|
||||
git \
|
||||
netavark \
|
||||
openssh-client \
|
||||
podman \
|
||||
podman-docker \
|
||||
;
|
||||
|
||||
# Configure container storage
|
||||
shared=/var/lib/shared/storage
|
||||
buildah run $ctr -- sh -c "sed /usr/share/containers/storage.conf \
|
||||
-e '/^additionalimagestores/a"'\
|
||||
'" \"$shared\"' \
|
||||
> /etc/containers/storage.conf"
|
||||
buildah run $ctr -- sh -c "\
|
||||
mkdir -p $shared/overlay-images $shared/overlay-layers; \
|
||||
touch $shared/overlay-images/images.lock; \
|
||||
touch $shared/overlay-layers/layers.lock; \
|
||||
"
|
||||
|
||||
# yq https://github.com/mikefarah/yq?tab=readme-ov-file#install
|
||||
buildah run $ctr -- sh -c "curl --silent --location \"https://github.com/mikefarah/yq/releases/download/$YQ_VERSION/yq_linux_amd64.tar.gz\" \
|
||||
| tar --extract --gzip --to-stdout ./yq_linux_amd64 \
|
||||
| install --owner=root --group=root --mode=0755 /dev/stdin /usr/local/bin/yq \
|
||||
;"
|
||||
|
||||
# node https://github.com/nodesource/distributions?tab=readme-ov-file#using-debian-as-root-nodejs-22
|
||||
buildah run $ctr -- sh -c "curl --silent --location \"https://deb.nodesource.com/setup_$NODE_VERSION\" | bash"
|
||||
buildah run $ctr -- apt-get install -y --no-install-recommends nodejs
|
||||
|
||||
# pnpm https://nodejs.org/api/corepack.html#upgrading-the-global-versions
|
||||
buildah run $ctr -- corepack install --global pnpm@$PNPM_VERSION
|
||||
buildah run $ctr -- corepack enable pnpm
|
||||
|
||||
# Clear caches
|
||||
buildah run $ctr -- rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Config
|
||||
buildah config \
|
||||
--env BUILDAH_ISOLATION=chroot \
|
||||
--env _BUILDAH_STARTED_IN_USERNS= \
|
||||
$ctr;
|
||||
|
||||
buildah unmount $ctr
|
||||
buildah commit --rm $ctr $1
|
||||
|
|
@ -1,11 +1,11 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Finds the next available r<year>.<month>.<increment> identifier
|
||||
YEAR_MONTH=$(date -u +%Y.%-m)
|
||||
YEAR=${YEAR_MONTH:0:4}
|
||||
MONTH=${YEAR_MONTH:5}
|
||||
LAST_INCREMENT=$(git tag --list | grep '^r[1-9][0-9]*\.\([1-9]\|1[0-2]\)\.\(0\|[1-9][0-9]*\)$' | cut -d . -f 3 | sort -nr | head -n 1)
|
||||
RELEASE=r${YEAR_MONTH}.$(( ${LAST_INCREMENT:--1} + 1 ))
|
||||
# Finds the next available r<year>.<week>.<bump> identifier for the current year and week
|
||||
YEAR_WEEK=$(date -u +%g.%-V)
|
||||
YEAR=${YEAR_WEEK:0:2}
|
||||
WEEK=${YEAR_WEEK:3}
|
||||
LAST_BUMP=$(git tag --list | grep '^r'$YEAR'\.'$WEEK'\.\(0\|[1-9][0-9]*\)$' | cut -d . -f 3 | sort -nr | head -n 1)
|
||||
RELEASE=r${YEAR_WEEK}.$(( ${LAST_BUMP:--1} + 1 ))
|
||||
|
||||
git tag $RELEASE
|
||||
echo Tagged $RELEASE
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue