Merge pull request #13 from cgwalters/builder
builder: New container image
This commit is contained in:
Colin Walters
GitHub
commit
b8a2ddea30
|
|
@ -0,0 +1,35 @@
|
|||
name: builder
|
||||
|
||||
on:
|
||||
push:
|
||||
paths:
|
||||
- builder/**
|
||||
|
||||
env:
|
||||
REGISTRY: ghcr.io
|
||||
IMAGE_NAME: ${{ github.repository_owner }}/builder
|
||||
|
||||
jobs:
|
||||
build-image:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Install qemu dependency
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y qemu-user-static
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
- name: Login
|
||||
run: buildah login --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} ${{ env.REGISTRY }}
|
||||
- name: Build
|
||||
uses: redhat-actions/buildah-build@v2
|
||||
with:
|
||||
image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||
tags: latest
|
||||
containerfiles: ./builder/Containerfile
|
||||
archs: s390x, arm64, amd64, ppc64le
|
||||
oci: true
|
||||
context: builder
|
||||
- name: Push
|
||||
run: buildah push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||
|
|
@ -1,46 +0,0 @@
|
|||
|
||||
image: registry.gitlab.com/centos/cloud/sagano-builder/centos:stream9
|
||||
|
||||
stages:
|
||||
- build
|
||||
|
||||
.base:
|
||||
tags:
|
||||
- platform-engineering
|
||||
parallel:
|
||||
matrix:
|
||||
- TIER:
|
||||
- tier-0
|
||||
- tier-1
|
||||
OS: centos
|
||||
VERSION: [stream9]
|
||||
VARIANT: ["", "-rt"]
|
||||
- TIER:
|
||||
- tier-0
|
||||
- tier-1
|
||||
OS: fedora
|
||||
VERSION: ["eln"]
|
||||
VARIANT: ["", "-dev"]
|
||||
.default-target: fedora-tier-1-eln
|
||||
|
||||
test-build:
|
||||
extends: .base
|
||||
only:
|
||||
- merge_requests
|
||||
stage: build
|
||||
script:
|
||||
- set -euo pipefail; rpm-ostree compose image --format=ociarchive --initialize ${OS}-${TIER}${VARIANT}-${VERSION}.yaml dest.oci-archive
|
||||
|
||||
build-push:
|
||||
extends: .base
|
||||
rules:
|
||||
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
|
||||
variables:
|
||||
COMPOSE_INITIALIZE: "1"
|
||||
FORCE: ""
|
||||
stage: build
|
||||
before_script:
|
||||
# Log into the registry
|
||||
- echo "$CI_REGISTRY_PASSWORD" | skopeo login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
|
||||
script:
|
||||
- set -euo pipefail; rpm-ostree compose image ${COMPOSE_INITIALIZE:+--initialize} ${FORCE:+--force-nocache} --format=registry ${OS}-${TIER}${VARIANT}-${VERSION}.yaml ${CI_REGISTRY_IMAGE}/${OS}-boot-${TIER}${VARIANT}:${VERSION}
|
||||
10
README.md
10
README.md
|
|
@ -1,5 +1,3 @@
|
|||
# Sagano
|
||||
|
||||
# Goals
|
||||
|
||||
This project's toplevel goal is to create base *bootable* container images
|
||||
|
|
@ -7,7 +5,9 @@ from Fedora ELN and CentOS Stream packages.
|
|||
|
||||
## Status
|
||||
|
||||
This project was migrated from https://gitlab.com/centos/cloud/sagano
|
||||
This is an in-development project not intended for production use yet.
|
||||
|
||||
This project was migrated from [a gitlab repo](https://gitlab.com/centos/cloud/sagano)
|
||||
and currently container images point to that repository. Reworking
|
||||
the build system is in progress!
|
||||
|
||||
|
|
@ -15,10 +15,6 @@ the build system is in progress!
|
|||
|
||||
See [install.md](./install.md).
|
||||
|
||||
## Status
|
||||
|
||||
This is an in-development project not intended for production use yet.
|
||||
|
||||
## Differences from Fedora CoreOS
|
||||
|
||||
Fedora CoreOS today is not small; there are multiple reasons for this, but
|
||||
|
|
|
|||
|
|
@ -0,0 +1,5 @@
|
|||
# This image contains the baseline tools to build bootable base images.
|
||||
FROM quay.io/centos/centos:stream9
|
||||
COPY coreos-continuous.repo /etc/yum.repos.d
|
||||
COPY . /src
|
||||
RUN /src/build.sh && cd / && rm /src -rf
|
||||
|
|
@ -0,0 +1,21 @@
|
|||
#!/bin/bash
|
||||
set -xeuo pipefail
|
||||
|
||||
pkginstall() {
|
||||
dnf -y install "$@"
|
||||
}
|
||||
|
||||
pkginstall dnf-utils
|
||||
dnf config-manager --set-enabled crb
|
||||
# Sadly there's no EPEL for s390x so we just hardcode this for now, it's noarch.
|
||||
dnf -y install https://kojipkgs.fedoraproject.org//packages/distribution-gpg-keys/1.98/1.el9/noarch/distribution-gpg-keys-1.98-1.el9.noarch.rpm
|
||||
|
||||
# rpm-ostree for builds, and need skopeo to do the container backend
|
||||
pkginstall rpm-ostree skopeo
|
||||
# For derived container builds
|
||||
pkginstall buildah
|
||||
# And a rust toolchain
|
||||
pkginstall cargo openssl-devel
|
||||
|
||||
# Build tools
|
||||
pkginstall selinux-policy-targeted osbuild crypto-policies-scripts sudo
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
[copr:copr.fedorainfracloud.org:group_CoreOS:continuous]
|
||||
name=Copr repo for continuous owned by @CoreOS
|
||||
baseurl=https://download.copr.fedorainfracloud.org/results/@CoreOS/continuous/centos-stream-9-$basearch/
|
||||
type=rpm-md
|
||||
skip_if_unavailable=True
|
||||
gpgcheck=1
|
||||
gpgkey=https://download.copr.fedorainfracloud.org/results/@CoreOS/continuous/pubkey.gpg
|
||||
repo_gpgcheck=0
|
||||
enabled=1
|
||||
enabled_metadata=1
|
||||
Loading…
Reference in New Issue