Merge branch 'master' into updaltorg

.gitea/workflows/testscript

@@ -30,6 +30,9 @@ do
   if [[ $test != '' ]]; then
     command="podman run --rm --entrypoint=\"$entrypoint\" $3/$imgpath -c \"$test\""
   else
+    if [[ $IM == 'distroless-toybox' ]]; then
+      command="podman run --rm $3/$imgpath toysh -c true"
+    fi
     if [[ $IM == 'distroless-true' ]]; then
       command="podman run --rm $3/$imgpath \"true\""
     fi

.gitea/workflows/wf_full.yaml

@@ -2,11 +2,11 @@ name: Full building alt images
 on:
   push:
     tags:
-      - '*10*_*'
+      - '*_*'
 
 jobs:
   build-process:
-    runs-on: alt-p10
+    runs-on: alt-sisyphus
     outputs:
       branch: ${{ env.BRANCH }}
       org: ${{ env.ORG }}
@@ -36,35 +36,36 @@ jobs:
         uses: actions/init-alt-env@v1
       - name: Install requires
         run: |
-          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
-          apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
+          echo "apt-get install -y python3-module-tomli python3-module-jinja2 python3-module-yaml python3-module-requests podman buildah jq curl"
+          apt-get install -y python3-module-tomli python3-module-jinja2 python3-module-yaml python3-module-requests podman buildah jq curl
           echo "apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc qemu-user-static-binfmt-riscv qemu-user-static-binfmt-loongarch"
-          apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc qemu-user-static-binfmt-riscv qemu-user-static-binfmt-loongarch         
+          apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc qemu-user-static-binfmt-riscv qemu-user-static-binfmt-loongarch
       - name: Check out current repo
         uses: actions/checkout@v4
-      - name: Parse target branch and tag from events context, save to env                                
+      - name: Parse target branch and tag from events context, save to env
         env:
-          EV: ${{ toJson(gitea.event) }}                                         
+          EV: ${{ toJson(gitea.event) }}
         run: |
           echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1
           echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1 >> ${GITHUB_ENV}
           org=$(echo $EV | jq '.ref' -r | sed 's/refs\/tags\///g' | cut -d '_' -f 2)
-          echo "ORG=$org" >> ${GITHUB_ENV}                              
+          echo "ORG=$org" >> ${GITHUB_ENV}
           echo "ORG=$org"
       - name: Login podman gitea
         run: |
           echo "podman login ${{ env.URL }}"
-          podman login --username $P_USER --password $P_PASS ${{ env.URL }}          
+          podman login --username $P_USER --password $P_PASS ${{ env.URL }}
         env:
           P_USER: ${{ secrets.PODMAN_USER }}
           P_PASS: ${{ secrets.PODMAN_PASS }}
       - name: Run building script
         id: build-script
         run: |
-          build_args="-b $BR -o $ORG --skip-images alt/distroless-devel --arches amd64 386 arm64"          
-          if [[ $ORG == 'k8s' ]]; then build_args="$build_args --tags tags.toml --overwrite-organization $ORG-$BR --skip-images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-proxy k8s/kube-scheduler"; fi
-          echo "build.py $build_args"
-          ${{ gitea.workspace }}/build.py $build_args
+          build_args="-b $BR -o $ORG --skip-images alt/distroless-devel"
+          if [[ "$BR" == "sisyphus" ]]; then arches="--arches amd64 386 arm64 loong64"; else arches="--arches amd64 386 arm64"; fi
+          if [[ "$ORG" == "k8s" ]]; then build_args="$build_args --overwrite-organization $ORG-$BR --package-versions {\"k8s/kube-apiserver\":\"1.31\",\"k8s/kube-scheduler\":\"1.31\",\"k8s/kube-controller-manager\":\"1.31\",\"k8s/kube-proxy\":\"1.31\",\"k8s/coredns\":\"1.11.3\",\"k8s/kubelet\":\"1.31\"}"; fi
+          echo "build.py $build_args $arches"
+          ${{ gitea.workspace }}/build.py $build_args $arches
         env:
           ORG: ${{ env.ORG }}
           BR: ${{ env.BRANCH }}
@@ -85,7 +86,7 @@ jobs:
         run: |
           tagname=$(echo $EV | jq '.ref' -r | sed "s/refs\/tags\///g")
           curl -X 'DELETE' "$URL/api/v1/repos/$REPO/image-forge/tags/$tagname?token=$T" -H 'accept: application/json' -s
-          echo "tag $tagname is deleted"                    
+          echo "tag $tagname is deleted"
         env:
           T: ${{ secrets.TOKEN }}
           BR: ${{ env.BRANCH }}
@@ -94,8 +95,8 @@ jobs:
           EV: ${{ toJson(gitea.event) }}
   test-process:
     needs: build-process
-    if: ${{ needs.build-process.outputs.buildres == 'success' }}
-    runs-on: alt-p10
+    if: ${{ needs.build-process.outputs.buildres == 'success' && needs.build-process.outputs.org != 'k8s' }}
+    runs-on: alt-sisyphus
     steps:
       - name: Update apt
         uses: actions/init-alt-env@v1

.gitea/workflows/wf_full_p11.yaml

@@ -1,133 +0,0 @@
-name: Full building alt images
-on:
-  push:
-    tags:
-      - 'p11_*'
-
-jobs:
-  build-process:
-    runs-on: alt-sisyphus
-    outputs:
-      branch: ${{ env.BRANCH }}
-      org: ${{ env.ORG }}
-      url: ${{ env.URL }}
-      repo: ${{ env.REPO }}
-      buildres: ${{ steps.build-script.outcome }}
-    steps:
-      - name: Check workspace
-        run: |
-          repourl=$(echo $GU | cut -d '/' -f 3)
-          echo "URL=$repourl" >> ${GITHUB_ENV}
-          echo $repourl
-          reponame=$(echo $GR | cut -d '/' -f 1)
-          echo "REPO=$reponame" >> ${GITHUB_ENV}
-          echo $reponame
-        env:
-          GU: ${{ gitea.server_url }}
-          GR: ${{ gitea.repository }}
-      - name: Set repo for p11 (Temporary)
-        if: ${{ contains(github.ref_name, 'p11') }}
-        run: |
-          echo "event tag=${{ github.ref_name }}" 
-          echo "10.4.0.3        update.altsp.su" >> /etc/hosts
-          echo "cat /etc/hosts"
-          cat /etc/hosts 
-      - name: Update apt
-        uses: actions/init-alt-env@v1
-      - name: Install requires
-        run: |
-          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
-          apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
-          echo "apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc qemu-user-static-binfmt-riscv qemu-user-static-binfmt-loongarch"
-          apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc qemu-user-static-binfmt-riscv qemu-user-static-binfmt-loongarch
-      - name: Check out current repo
-        uses: actions/checkout@v4
-      - name: Parse target branch and tag from events context, save to env                                
-        env:
-          EV: ${{ toJson(gitea.event) }}                                         
-        run: |
-          echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1
-          echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1 >> ${GITHUB_ENV}
-          org=$(echo $EV | jq '.ref' -r | sed 's/refs\/tags\///g' | cut -d '_' -f 2)
-          echo "ORG=$org" >> ${GITHUB_ENV}                              
-          echo "ORG=$org"
-      - name: Login podman gitea
-        run: |
-          echo "podman login ${{ env.URL }}"
-          podman login --username $P_USER --password $P_PASS ${{ env.URL }}          
-        env:
-          P_USER: ${{ secrets.PODMAN_USER }}
-          P_PASS: ${{ secrets.PODMAN_PASS }}
-      - name: Run building script
-        id: build-script
-        run: |
-          build_args="-b $BR -o $ORG --skip-images alt/distroless-devel --arches amd64 386 arm64"          
-          if [[ $ORG == 'k8s' ]]; then build_args="$build_args --tags tags.toml --overwrite-organization $ORG-$BR --skip-images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-proxy k8s/kube-scheduler"; fi
-          echo "build.py $build_args"
-          ${{ gitea.workspace }}/build.py $build_args
-        env:
-          ORG: ${{ env.ORG }}
-          BR: ${{ env.BRANCH }}
-        continue-on-error: true
-      - name: Send notification if build crashed
-        if: ${{ steps.build-script.outcome != 'success' }}
-        run: |
-          issueid=1
-          body="Building images finish with some errors."
-          curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
-          echo "notification about test error is sent to issue $issueid"
-        env:
-          T: ${{ secrets.TOKEN }}
-          BR: ${{ env.BRANCH }}
-          URL: ${{ gitea.server_url }}
-          REPO: ${{ env.REPO }}
-      - name: Delete event tag
-        run: |
-          tagname=$(echo $EV | jq '.ref' -r | sed "s/refs\/tags\///g")
-          curl -X 'DELETE' "$URL/api/v1/repos/$REPO/image-forge/tags/$tagname?token=$T" -H 'accept: application/json' -s
-          echo "tag $tagname is deleted"                    
-        env:
-          T: ${{ secrets.TOKEN }}
-          BR: ${{ env.BRANCH }}
-          URL: ${{ gitea.server_url }}
-          REPO: ${{ env.REPO }}
-          EV: ${{ toJson(gitea.event) }}
-  test-process:
-    needs: build-process
-    if: ${{ needs.build-process.outputs.buildres == 'success' }}
-    runs-on: alt-sisyphus
-    steps:
-      - name: Update apt
-        uses: actions/init-alt-env@v1
-      - name: Install requires
-        run: |
-          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
-          apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
-      - name: Check out current repo
-        uses: https://gitea.com/actions/checkout@v4
-      - name: Test
-        id: test-script
-        continue-on-error: true
-        run: |
-          $WS/.gitea/workflows/testscript $BR $ORG $URL $REPO $WS
-          cat haserr.log >> ${GITHUB_ENV}
-          echo "test process finished"
-        env:
-          BR: ${{ needs.build-process.outputs.branch }}
-          ORG: ${{ needs.build-process.outputs.org }}
-          URL: ${{ needs.build-process.outputs.url }}
-          REPO: ${{ needs.build-process.outputs.repo }}
-          WS: ${{ gitea.workspace }}
-      - name: Send notification if test crashed
-        if: ${{ env.ERR == 'true' || steps.test-script.outcome == 'failure' }}
-        run: |
-          issueid=1
-          errors=$(cat errors.log)
-          body="Testing images finish with some errors. $errors"
-          curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
-          echo "notification about test error is sent to issue $issueid"
-        env:
-          T: ${{ secrets.TOKEN }}
-          BR: ${{ needs.build-process.outputs.branch }}
-          URL: ${{ gitea.server_url }}
-          REPO: ${{ needs.build-process.outputs.repo }}

.gitea/workflows/wf_full_sis.yaml

@@ -1,126 +0,0 @@
-name: Full building alt images
-on:
-  push:
-    tags:
-      - 'sisyphus_*'
-
-jobs:
-  build-process:
-    runs-on: alt-sisyphus
-    outputs:
-      branch: ${{ env.BRANCH }}
-      org: ${{ env.ORG }}
-      url: ${{ env.URL }}
-      repo: ${{ env.REPO }}
-      buildres: ${{ steps.build-script.outcome }}
-    steps:
-      - name: Check workspace
-        run: |
-          repourl=$(echo $GU | cut -d '/' -f 3)
-          echo "URL=$repourl" >> ${GITHUB_ENV}
-          echo $repourl
-          reponame=$(echo $GR | cut -d '/' -f 1)
-          echo "REPO=$reponame" >> ${GITHUB_ENV}
-          echo $reponame
-        env:
-          GU: ${{ gitea.server_url }}
-          GR: ${{ gitea.repository }}
-      - name: Update apt
-        uses: actions/init-alt-env@v1
-      - name: Install requires
-        run: |
-          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
-          apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
-          echo "apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc qemu-user-static-binfmt-riscv qemu-user-static-binfmt-loongarch"
-          apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc qemu-user-static-binfmt-riscv qemu-user-static-binfmt-loongarch
-      - name: Check out current repo
-        uses: actions/checkout@v4
-      - name: Parse target branch and tag from events context, save to env                                
-        env:
-          EV: ${{ toJson(gitea.event) }}                                         
-        run: |
-          echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1
-          echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1 >> ${GITHUB_ENV}
-          org=$(echo $EV | jq '.ref' -r | sed 's/refs\/tags\///g' | cut -d '_' -f 2)
-          echo "ORG=$org" >> ${GITHUB_ENV}                              
-          echo "ORG=$org"
-      - name: Login podman gitea
-        run: |
-          echo "podman login ${{ env.URL }}"
-          podman login --username $P_USER --password $P_PASS ${{ env.URL }}          
-        env:
-          P_USER: ${{ secrets.PODMAN_USER }}
-          P_PASS: ${{ secrets.PODMAN_PASS }}
-      - name: Run building script
-        id: build-script
-        run: |
-          build_args="-b $BR -o $ORG --skip-images alt/distroless-devel --arches amd64 386 arm64 loongarch64"          
-          if [[ $ORG == 'k8s' ]]; then build_args="$build_args --tags tags.toml --overwrite-organization $ORG-$BR --skip-images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-proxy k8s/kube-scheduler"; fi
-          echo "build.py $build_args"
-          ${{ gitea.workspace }}/build.py $build_args
-        env:
-          ORG: ${{ env.ORG }}
-          BR: ${{ env.BRANCH }}
-        continue-on-error: true
-      - name: Send notification if build crashed
-        if: ${{ steps.build-script.outcome != 'success' }}
-        run: |
-          issueid=1
-          body="Building images finish with some errors."
-          curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
-          echo "notification about test error is sent to issue $issueid"
-        env:
-          T: ${{ secrets.TOKEN }}
-          BR: ${{ env.BRANCH }}
-          URL: ${{ gitea.server_url }}
-          REPO: ${{ env.REPO }}
-      - name: Delete event tag
-        run: |
-          tagname=$(echo $EV | jq '.ref' -r | sed "s/refs\/tags\///g")
-          curl -X 'DELETE' "$URL/api/v1/repos/$REPO/image-forge/tags/$tagname?token=$T" -H 'accept: application/json' -s
-          echo "tag $tagname is deleted"                    
-        env:
-          T: ${{ secrets.TOKEN }}
-          BR: ${{ env.BRANCH }}
-          URL: ${{ gitea.server_url }}
-          REPO: ${{ env.REPO }}
-          EV: ${{ toJson(gitea.event) }}
-  test-process:
-    needs: build-process
-    if: ${{ needs.build-process.outputs.buildres == 'success' }}
-    runs-on: alt-sisyphus
-    steps:
-      - name: Update apt
-        uses: actions/init-alt-env@v1
-      - name: Install requires
-        run: |
-          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
-          apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
-      - name: Check out current repo
-        uses: https://gitea.com/actions/checkout@v4
-      - name: Test
-        id: test-script
-        continue-on-error: true
-        run: |
-          $WS/.gitea/workflows/testscript $BR $ORG $URL $REPO $WS
-          cat haserr.log >> ${GITHUB_ENV}
-          echo "test process finished"
-        env:
-          BR: ${{ needs.build-process.outputs.branch }}
-          ORG: ${{ needs.build-process.outputs.org }}
-          URL: ${{ needs.build-process.outputs.url }}
-          REPO: ${{ needs.build-process.outputs.repo }}
-          WS: ${{ gitea.workspace }}
-      - name: Send notification if test crashed
-        if: ${{ env.ERR == 'true' || steps.test-script.outcome == 'failure' }}
-        run: |
-          issueid=1
-          errors=$(cat errors.log)
-          body="Testing images finish with some errors. $errors"
-          curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
-          echo "notification about test error is sent to issue $issueid"
-        env:
-          T: ${{ secrets.TOKEN }}
-          BR: ${{ needs.build-process.outputs.branch }}
-          URL: ${{ gitea.server_url }}
-          REPO: ${{ needs.build-process.outputs.repo }}

.gitea/workflows/wf_single.yaml

@@ -2,11 +2,11 @@ name: Building alt images
 on:
   push:
     tags:
-      - '*_*/*'
+      - '*_*/*_*'
 
 jobs:
   build-process:
-    runs-on: alt-latest
+    runs-on: alt-sisyphus
     outputs:
       branch: ${{ env.BRANCH }}
       image: ${{ env.IMAGE }}
@@ -37,8 +37,8 @@ jobs:
         uses: actions/init-alt-env@v1
       - name: Install requires
         run: |
-          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
-          apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
+          echo "apt-get install -y python3-module-tomli python3-module-jinja2 python3-module-yaml python3-module-requests podman buildah jq curl"
+          apt-get install -y python3-module-tomli python3-module-jinja2 python3-module-yaml python3-module-requests podman buildah jq curl
           echo "apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc qemu-user-static-binfmt-riscv qemu-user-static-binfmt-loongarch"
           apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc qemu-user-static-binfmt-riscv qemu-user-static-binfmt-loongarch
       - name: Check out current repo
@@ -52,35 +52,39 @@ jobs:
           P_PASS: ${{ secrets.PODMAN_PASS }}
       - name: Check files in the repository
         run: |
-          ls -a ${{ gitea.workspace }}          
+          ls -a ${{ gitea.workspace }}
       - name: Parse target branch and tag from events context, save to env                                
         env:
-          EV: ${{ toJson(gitea.event) }}                                         
+          EV: ${{ toJson(gitea.event) }}
         run: |
           echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1
           echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1 >> ${GITHUB_ENV}
           localimage=$(echo $EV | jq '.ref' -r | sed 's/refs\/tags\///g' | cut -d '_' -f 2)
-          echo "IMAGE=$localimage" >> ${GITHUB_ENV}                              
+          echo "IMAGE=$localimage" >> ${GITHUB_ENV}
           echo "IMAGE=$localimage"
           org=$(echo "$localimage" | cut -d '/' -f 1)
           echo "ORG=$org" >> ${GITHUB_ENV}
           echo "ORG=$org"
+          ver=$(echo $EV | jq '.ref' -r | sed 's/refs\/tags\///g' | cut -d '_' -f 3)
+          echo "VER=$ver" >> ${GITHUB_ENV}
+          echo "VER=$ver"
       - name: Get test for image
         run: |
           if test -f ${{ gitea.workspace }}/org/$IM/test; then testscript=$(cat ${{ gitea.workspace }}/org/$IM/test); else testscript=""; fi
-          echo "TEST=$testscript" >> ${GITHUB_ENV}          
-        env:                                     
+          echo "TEST=$testscript" >> ${GITHUB_ENV}
+        env:
           IM: ${{ env.IMAGE }}
           BR: ${{ env.BRANCH }}
       - name: Run building script
         id: build-script
         run: |
-          if [[ "$IM" == *"k8s"* ]]; then k8sarg="--tags=tags.toml --overwrite-organization $ORG-$BR"; else k8sarg=""; fi
-          if [[ "$BR" = "sisyphus" ]]; then arches="--arches amd64 386 arm64 loongarch64"; else arches="--arches amd64 386 arm64"; fi
-          echo "build.py -i $IM -b $BR"
-          ${{ gitea.workspace }}/build.py -i $IM -b $BR $arches $k8sarg        
+          if [[ "$IM" == *"k8s"* ]]; then k8sarg="--overwrite-organization $ORG-$BR --package-versions {\"$IM\":\"$VER\"}"; else k8sarg=""; fi
+          if [[ "$BR" == "sisyphus" ]]; then arches="--arches amd64 386 arm64 loong64"; else arches="--arches amd64 386 arm64"; fi
+          echo "build.py -i $IM -b $BR $arches $k8sarg"
+          ${{ gitea.workspace }}/build.py -i $IM -b $BR $arches $k8sarg 
         env:
           IM: ${{ env.IMAGE }}
+          VER: ${{ env.VER }}
           BR: ${{ env.BRANCH }}
           ORG: ${{ env.ORG }}
         continue-on-error: true
@@ -90,7 +94,7 @@ jobs:
           issueid=1
           body="Building image $IM finish with some errors."
           curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
-          echo "notification about test error is sent to issue $issueid"          
+          echo "notification about test error is sent to issue $issueid" 
         env:
           T: ${{ secrets.TOKEN }}
           BR: ${{ env.BRANCH }}
@@ -101,7 +105,7 @@ jobs:
         run: |
           tagname=$(echo $EV | jq '.ref' -r | sed "s/refs\/tags\///g")
           curl -X 'DELETE' "$URL/api/v1/repos/$REPO/image-forge/tags/$tagname?token=$T" -H 'accept: application/json' -s
-          echo "tag $tagname is deleted"                              
+          echo "tag $tagname is deleted"
         env:
           T: ${{ secrets.TOKEN }}
           BR: ${{ env.BRANCH }}
@@ -111,7 +115,7 @@ jobs:
   test-process:
     needs: build-process
     if: ${{ needs.build-process.outputs.buildres == 'success' }}
-    runs-on: alt-latest
+    runs-on: alt-sisyphus
     steps:
       - name: Update apt
         uses: https://gitea.basealt.ru/actions/init-alt-env@v1
@@ -125,7 +129,7 @@ jobs:
         continue-on-error: true
         run: |
           if [[ "$IM" == *"k8s"* ]]; then echo "skip tests for k8s images"; else podman run --rm --entrypoint="/bin/sh" $URL/$IM:$BR -c "$TEST"; fi
-        env:                
+        env:
           IM: ${{ needs.build-process.outputs.image }} 
           BR: ${{ needs.build-process.outputs.branch }}
           URL: ${{ needs.build-process.outputs.url }}  

README.md

@@ -26,10 +26,70 @@ the organization `<ORGANIZATION>`, run:
 ```
 If you push to the users repository, then organiztion is your username.
 
+## info.yaml format
+
+- `is_versioned`: **bool** (REQUIRED)
+
+  Whether to use package version as a tag for this image
+
+- `source_packages`: **list of strings** (REQUIRED)
+
+  List of source packages (src.rpm) this image depends on.
+  If contains jinja2 template syntax, `--package-version`
+  CLI option must be specified.
+
+- `version_template`: **string** (OPTIONAL)
+
+  template to apply when construction the tag,
+  `version` string variable is available in the template
+
+### examples
+
+
+#### org/k8s/flannel-cni-plugin
+
+```yaml
+is_versioned: true
+version_template: v{{ version.rsplit('.', 1) | first  }}-flannel{{ version.rsplit('.', 1) | last }}
+source_packages:
+  - cni-plugin-flannel
+```
+
+```bash
+./build.py -i k8s/flannel-cni-plugin
+```
+
+#### org/k8s/kube-apiserver
+
+```yaml
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - kubernetes{{ version }}
+```
+
+```bash
+./build.py -b sisyphus -i k8s/kube-apiserver --package-version '{"k8s/kube-apiserver": "1.31"}'
+```
+
+#### org/k8s/pause
+
+```yaml
+is_versioned: true
+source_packages:
+  - kubernetes-pause
+```
+
+```bash
+./build.py -i k8s/pause
+```
+
 ## Dependencies
 On x86_64 machine using p10 branch you need:
 - `python3-module-tomli`
 - `python3-module-jinja2`
+- `python3-module-yaml`
+- `python3-module-requests`
 - `qemu-user-static-binfmt-aarch64` to build for arm64 architecture
 - `qemu-user-static-binfmt-arm` to build for arm architecture
 - `qemu-user-static-binfmt-ppc` to build for ppc64le architecture

build.py

@@ -6,25 +6,61 @@ import json
 import re
 import subprocess
 import textwrap
+from dataclasses import dataclass
 from graphlib import TopologicalSorter
 from pathlib import Path
 
+import requests
 import tomli
+import yaml
 from jinja2 import Template
 
-
 ORG_DIR = Path("org")
 
+PKG_VERSIONS: dict | None = None
 
+
+@dataclass
 class Image:
-    def __init__(self, canonical_name):
+    canonical_name: str
+    is_versioned: bool | None
+    verion_template: str | None
+    source_packages: list[str] | None
+
+    def __init__(self, canonical_name: str):
         self.canonical_name = canonical_name
         self.path = ORG_DIR / canonical_name
         self.base_name = re.sub("^[^/]+/", "", canonical_name)
 
-    def __str__(self):
-        return (f'Image(canonical_name="{self.canonical_name}", '
-                f'path="{self.path}", base_name="{self.base_name}")')
+        info_file = self.path / "info.yaml"
+        if not info_file.exists():
+            self.is_versioned = None
+            self.source_packages = None
+            return
+
+        info: dict = yaml.safe_load(info_file.read_text())
+
+        if "is_versioned" not in info:
+            raise RuntimeError(
+                f"info.yaml for {self.canonical_name} doesn't contain 'is_versioned' key"
+            )
+
+        if "source_packages" not in info:
+            raise RuntimeError(
+                f"info.yaml for {self.canonical_name} doesn't contain 'source_packages' key"
+            )
+
+        self.is_versioned = info["is_versioned"]
+        self.source_packages = info["source_packages"]
+
+        if self.is_versioned and not self.source_packages:
+            raise RuntimeError(
+                f"source_packages for {self.canonical_name} doesn't contain any values"
+            )
+
+        self.version_template = None
+        if "version_template" in info:
+            self.version_template = info["version_template"]
 
 
 class Tasks:
@@ -49,18 +85,67 @@ class Tasks:
                 ]
 
 
+def api_get_source_package_version(branch: str, package_name: str) -> str:
+    api_url = "https://rdb.altlinux.org/api/site/package_versions_from_tasks"
+    params = {"branch": branch, "name": package_name}
+    response = requests.get(api_url, params)
+    if response.status_code != 200:
+        print(response)
+        raise RuntimeError(
+            f"failed to retrieve source package version: source package {package_name!r}, branch {branch!r} "
+        )
+
+    result = response.json()
+
+    return result["versions"][0]["version"]
+
+
 class Tags:
-    def __init__(self, tags_file, latest):
+    def __init__(self, tags_file: str | None, latest: str):
         if tags_file is None:
             self._tags = None
         else:
-            tags_file = Path(tags_file)
-            self._tags = tomli.loads(tags_file.read_text())
+            self._tags = tomli.loads(Path(tags_file).read_text())
         self._latest = latest
 
-    def tags(self, branch, image: Image):
+    def tags(self, branch: str, image: Image):
         if self._tags is None:
-            tags = [branch]
+            if image.is_versioned and image.source_packages:
+                package_name = image.source_packages[0]
+
+                if re.search("{%.*%}", package_name):
+                    package_name = Template(package_name).render(branch=branch).strip()
+                    print(f"{package_name=}")
+
+                if re.search("{{.*}}", package_name):
+                    if PKG_VERSIONS is None:
+                        raise RuntimeError(
+                            f"--package-versions option is not specified, required for {image.canonical_name!r}"
+                        )
+
+                    if image.canonical_name not in PKG_VERSIONS:
+                        raise RuntimeError(
+                            f"--package-versions option does not contain version for image {image.canonical_name!r}"
+                        )
+
+                    if not PKG_VERSIONS[image.canonical_name]:
+                        raise RuntimeError(
+                            f"invalid version for image {image.canonical_name!r}: {PKG_VERSIONS[image.canonical_name]!r}"
+                        )
+
+                    package_name = Template(package_name).render(
+                        version=PKG_VERSIONS[image.canonical_name]
+                    )
+                version = api_get_source_package_version(branch, package_name)
+
+                if image.version_template is not None:
+                    version = (
+                        Template(image.version_template).render(version=version).strip()
+                    )
+
+                tags = [version]
+            else:
+                tags = [branch]
         else:
             tags = self._tags[image.canonical_name][branch].copy()
         if branch == self._latest:
@@ -580,6 +665,12 @@ class DockerBuilder:
             f"--platform={platforms}",
             ".",
         ]
+
+        if PKG_VERSIONS is not None and image.canonical_name in PKG_VERSIONS:
+            build_cmd.insert(
+                -1, f"--build-arg=PKG_VERSION={PKG_VERSIONS[image.canonical_name]}"
+            )
+
         self.run(build_cmd, cwd=image.path)
 
         for tag in tags[1:]:
@@ -638,7 +729,7 @@ class ImagesInfo:
 
 def parse_args():
     stages = ["build", "remove_dockerfiles", "render_dockerfiles", "push"]
-    arches = ["amd64", "386", "arm64", "loongarch64", "riscv64"]
+    arches = ["amd64", "386", "arm64", "loong64", "riscv64"]
     branches = ["p11", "p10", "sisyphus", "c10f1", "c10f2"]
     organizations = list(ORG_DIR.iterdir())
     images = [f"{o.name}/{i.name}" for o in organizations for i in o.iterdir()]
@@ -749,6 +840,11 @@ def parse_args():
         choices=stages,
         help="list of stages to skip",
     )
+    parser.add_argument(
+        "--package-versions",
+        type=json.loads,
+        help="json string where key is image name, value is the package version",
+    )
     args = parser.parse_args()
 
     args.stages = set(args.stages) - set(args.skip_stages)
@@ -760,7 +856,10 @@ def parse_args():
 
 
 def main():
+    global PKG_VERSIONS
+
     args = parse_args()
+    PKG_VERSIONS = args.package_versions
     arches = args.arches
     images_info = ImagesInfo()
     tags = Tags(args.tags, args.latest)

images-info.toml

@@ -1,12 +1,11 @@
 ["alt/buildpack-deps"]
 skip-branches = [ "p9" ]
 
+["alt/distroless-toybox"]
+skip-branches = [ "p10" ]
+
 ["alt/openjdk21"]
 skip-arches = [ "386" ]
 
 ["alt/ansible"]
-skip-branches = [ "c10f2", "c10f1", "p10" ]
-
-["alt/systemd"]
-skip-arches = [ "loongarch64" ]
-
+skip-branches = [ "c10f2", "c10f1", "p10" ]

org/alt/distroless-toybox/README.md

@@ -0,0 +1,11 @@
+ALT distroless-toybox image
+===========================
+
+This is distroless image with toybox binary. It can be used for debugging
+containers as toybox provides a lot of utils.
+
+To launch a shell in the container:
+`docker run --rm -it registry.altlinux.org/alt/distroless-toybox`
+
+To get system inforamtion:
+`docker run --rm -it registry.altlinux.org/alt/distroless-toybox uname -a`

org/alt/distroless-toybox/distroless.toml

@@ -0,0 +1,7 @@
+from = "{{ registry }}{{ organization }}/distroless-static:{{ branch }}"
+
+builder-install-packages = ["toybox"]
+files = ["/bin/toybox"]
+
+entrypoint = ["/bin/toybox"]
+cmd = ["sh"]

org/k8s/cert-manager-acmesolver/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - cert-manager
+...

org/k8s/cert-manager-cainjector/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - cert-manager
+...

org/k8s/cert-manager-controller/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - cert-manager
+...

org/k8s/cert-manager-startupapicheck/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - cert-manager
+...

org/k8s/cert-manager-webhook/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - cert-manager
+...

org/k8s/coredns/Dockerfile.template

@@ -8,6 +8,13 @@ LABEL org.opencontainers.image.source="https://github.com/coredns/coredns"
 LABEL org.opencontainers.image.licenses="Apache-2.0"
 LABEL org.opencontainers.image.vendor="ALT Linux Team"
 
+{% if branch in ["sisyphus", "p11", "c10f2"] %}
+ARG PKG_VERSION
+
+{{ install_packages("coredns${PKG_VERSION}") }}
+{% else %}
 {{ install_packages("coredns") }}
+{% endif %}
+
 
 ENTRYPOINT ["/usr/bin/coredns"]

org/k8s/coredns/info.yaml

@@ -0,0 +1,11 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - >
+    {% if branch in ["sisyphus", "p11", "c10f2"] %}
+    {% raw %}coredns{{ version }}{% endraw %}
+    {% else %}
+    coredns
+    {% endif %}
+...

org/k8s/etcd/info.yaml

@@ -0,0 +1,12 @@
+---
+is_versioned: true
+version_template: >
+  {% set version_patch = version.split(".")[2] | int %}
+  {% if version_patch < 16 %}
+    {{ version }}-0
+  {% else %}
+    v{{ version }}
+  {% endif %}
+source_packages:
+  - etcd
+...

org/k8s/flannel-cni-plugin/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version.rsplit('.', 1) | first  }}-flannel{{ version.rsplit('.', 1) | last }}
+source_packages:
+  - cni-plugin-flannel
+...

org/k8s/flannel/info.yaml

@@ -0,0 +1,4 @@
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - flannel

org/k8s/kube-apiserver/Dockerfile.template

@@ -2,7 +2,9 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_packages("kubernetes-master") }}
+ARG PKG_VERSION
+
+{{ install_packages("kubernetes${PKG_VERSION}-master") }}
 
 ENTRYPOINT ["/usr/bin/kube-apiserver"]
 

org/k8s/kube-apiserver/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - kubernetes{{ version }}
+...

org/k8s/kube-controller-manager/Dockerfile.template

@@ -2,7 +2,9 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_packages("kubernetes-master") }}
+ARG PKG_VERSION
+
+{{ install_packages("kubernetes${PKG_VERSION}-master") }}
 
 ENTRYPOINT ["/usr/bin/kube-controller-manager"]
 

org/k8s/kube-controller-manager/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - kubernetes{{ version }}
+...

org/k8s/kube-proxy/Dockerfile.template

@@ -2,7 +2,9 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_packages("kubernetes-node") }}
+ARG PKG_VERSION
+
+{{ install_packages("kubernetes${PKG_VERSION}-node") }}
 
 RUN ln -s /usr/bin/kube-proxy /usr/local/bin/kube-proxy
 

org/k8s/kube-proxy/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - kubernetes{{ version }}
+...

org/k8s/kube-scheduler/Dockerfile.template

@@ -2,7 +2,9 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_packages("kubernetes-master") }}
+ARG PKG_VERSION
+
+{{ install_packages("kubernetes${PKG_VERSION}-master") }}
 
 ENTRYPOINT ["/usr/bin/kube-scheduler"]
 

org/k8s/kube-scheduler/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - kubernetes{{ version }}
+...

org/k8s/kubelet/Dockerfile.template

@@ -0,0 +1,17 @@
+FROM {{ registry }}{{ alt_image }}:{{ branch }}
+
+MAINTAINER alt-cloud
+
+ARG PKG_VERSION
+
+{{ install_packages("ca-certificates", "ethtool", "socat", "kubernetes${PKG_VERSION}-kubelet") }}
+
+RUN ln -s /usr/bin/kubelet /usr/local/bin/kubelet
+
+ENTRYPOINT ["/usr/bin/kubelet"]
+
+LABEL org.opencontainers.image.title="kubelet" \
+    org.opencontainers.image.description="An agent that runs on each node in the cluster. It makes sure that containers are running in a Pod." \
+    org.opencontainers.image.source="https://github.com/kubernetes/kubernetes" \
+    org.opencontainers.image.licenses="Apache-2.0" \
+    org.opencontainers.image.vendor="ALT Linux Team" \

org/k8s/kubelet/info.yaml

@@ -0,0 +1,6 @@
+---
+is_versioned: true
+version_template: v{{ version }}
+source_packages:
+  - kubernetes{{ version }}
+...

org/k8s/pause/info.yaml

@@ -0,0 +1,5 @@
+---
+is_versioned: true
+source_packages:
+  - kubernetes-pause
+...

org/k8s/trivy-node-collector/info.yaml

@@ -0,0 +1,5 @@
+---
+is_versioned: true
+source_packages:
+  - k8s-trivy-node-collector
+...