alt/image-forge
8
1
Fork 5
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: alt:add-flux2-images
Branches Tags
alt:master alt:workflow alt:cilium alt:fix_packs alt:from-task alt:cut_base_img alt:kubevirt alt:fedorovand-patch-1 alt:automatic-version-detection alt:refactor-image-build alt:c10f2-fix alt:fix alt:add-flux2-images alt:new_struct_with_k8s alt:feature-new-layout alt:new_struct alt:feature-2level-layout alt:feature-twolevel-layout
...
pull from: alt:automatic-version-detection
Branches Tags
alt:master alt:workflow alt:cilium alt:fix_packs alt:from-task alt:cut_base_img alt:kubevirt alt:fedorovand-patch-1 alt:automatic-version-detection alt:refactor-image-build alt:c10f2-fix alt:fix alt:add-flux2-images alt:new_struct_with_k8s alt:feature-new-layout alt:new_struct alt:feature-2level-layout alt:feature-twolevel-layout

33 Commits
add-flux2- ... automatic-

Author SHA1 Message Date
Alexander Stepchenko
57bcce92b5 remove unused variables 2024-11-06 21:25:14 +03:00
Alexander Stepchenko
c553e50d53 define ARG only if needed, allow jinja2 control flow in package names 2024-11-06 21:23:24 +03:00
Alexander Stepchenko
bb085c8498 make PKG_VERSION into a dictionary of PKG_VERSIONS 2024-11-06 20:57:26 +03:00
Alexander Stepchenko
dd9866702e add info.yaml files for k8s images 2024-11-06 20:57:26 +03:00
Alexander Stepchenko
6235bdb955 fix installed package for kubernetes images 2024-11-06 20:57:26 +03:00
Alexander Stepchenko
ad980dbb06 strip whitespace from rendered tag 2024-11-06 19:51:40 +03:00
Alexander Stepchenko
d4f88412bf add templating for tag and package name in info.yaml 2024-10-23 16:15:16 +03:00
Alexander Stepchenko
0c09627b12 try automatic package version detection 2024-10-23 13:13:53 +03:00
Alexander Stepchenko
d095e0832e fix: move LABEL commands to the end of Dockerfile.template 
Since all the commands except ENTRYPOINT in cert-manager and kubernetes
Dockerfiles are the same, we can utilize the cached layers when building
images in batch, but LABEL commands prevented it from happening, because
labels are different for each image. Thus the cache is invalidated.

By moving LABELs after the common commands we allow cached layers
to be reused for every image, thus speeding up the build process.
 2024-10-23 12:42:59 +03:00
Nadezhda Fedorova
ccea111eff add exlusion for building images
Some checks failed
Full building alt images / build-process (push) Failing after 3h10m15s
Details
Full building alt images / test-process (push) Has been cancelled
Details
2024-10-16 13:58:16 +03:00
Nadezhda Fedorova
7fea91a372 fix command run-test
Some checks failed
Building alt images / build-process (push) Successful in 4m45s
Details
Building alt images / test-process (push) Successful in 1m29s
Details
Full building alt images / test-process (push) Has been cancelled
Details
Full building alt images / build-process (push) Has been cancelled
Details
2024-09-27 16:48:27 +03:00
Ivan Pepelyaev
4f1a12d561 fix: k8s/trivy-node-collector missing package
Some checks failed
Building alt images / build-process (push) Successful in 4m27s
Details
Building alt images / test-process (push) Failing after 1m26s
Details
2024-09-26 17:20:40 +03:00
Nadezhda Fedorova
1e018cfc07 add organization flag to single building
Some checks failed
Building alt images / build-process (push) Successful in 5m45s
Details
Building alt images / test-process (push) Failing after 1m51s
Details
2024-09-26 17:04:25 +03:00
Nadezhda Fedorova
19cc3e9200 add tags flag to single building
Some checks failed
Building alt images / build-process (push) Successful in 5m33s
Details
Building alt images / test-process (push) Failing after 1m52s
Details
2024-09-26 15:22:44 +03:00
Ivan Pepelyaev
0e21a9248a feat: update k8s/trivy-node-collector 2024-09-26 14:12:46 +03:00
Ivan Pepelyaev
8d9a890573 feat: update k8s/trivy-node-collector
All checks were successful
Building alt images / build-process (push) Successful in 4m12s
Details
Building alt images / test-process (push) Has been skipped
Details
2024-09-26 13:09:46 +03:00
Nadezhda Fedorova
b0178e587a add in single wf setting apt repo for c10f2
Some checks failed
Full building alt images / build-process (push) Successful in 2h34m0s
Details
Full building alt images / test-process (push) Successful in 7m24s
Details
Building alt images / build-process (push) Successful in 6m56s
Details
Building alt images / test-process (push) Failing after 1m42s
Details
2024-09-18 12:59:27 +03:00
Nadezhda Fedorova
f7e8ff3059 add skip branch c10 for ansible image
Some checks failed
Building alt images / build-process (push) Successful in 6m4s
Details
Building alt images / test-process (push) Failing after 1m46s
Details
Full building alt images / build-process (push) Failing after 3h10m56s
Details
Full building alt images / test-process (push) Has been cancelled
Details
2024-09-03 15:05:37 +03:00
Alexander Stepchenko
085e251c81 update tags.toml for cert-manager and flannel
All checks were successful
Full building alt images / build-process (push) Successful in 2h19m33s
Details
Full building alt images / test-process (push) Has been skipped
Details
2024-08-21 14:12:11 +03:00
Nadezhda Fedorova
704f9912e1 add ansible image
All checks were successful
Building alt images / build-process (push) Successful in 3m14s
Details
Building alt images / test-process (push) Has been skipped
Details
2024-08-21 12:57:54 +03:00
Nadezhda Fedorova
30c0e3df57 fix test for loki 2024-08-14 16:23:50 +03:00
Nadezhda Fedorova
430219d6d0 add temporary patchig sourceslist for p11 while it's not published
All checks were successful
Full building alt images / build-process (push) Successful in 2m11s
Details
Full building alt images / test-process (push) Has been skipped
Details
2024-08-14 12:27:01 +03:00
Nadezhda Fedorova
abddecf404 fix entrypoint in test by podman after usrmerge
All checks were successful
Building alt images / build-process (push) Successful in 5m47s
Details
Building alt images / test-process (push) Successful in 1m47s
Details
Full building alt images / build-process (push) Successful in 2m9s
Details
Full building alt images / test-process (push) Has been skipped
Details
2024-08-07 17:10:32 +03:00
Nadezhda Fedorova
78259d754d fix openjdk template
Some checks failed
Building alt images / build-process (push) Successful in 5m57s
Details
Building alt images / test-process (push) Failing after 1m48s
Details
2024-08-07 16:30:44 +03:00
Nadezhda Fedorova
cdb4d9d2f8 add new exclusion for images
Some checks failed
Building alt images / build-process (push) Successful in 6m18s
Details
Building alt images / test-process (push) Failing after 2m8s
Details
2024-08-07 15:59:23 +03:00
Nadezhda Fedorova
8da835e2b6 fix tests
All checks were successful
Building alt images / build-process (push) Successful in 6m31s
Details
Building alt images / test-process (push) Successful in 1m57s
Details
Full building alt images / build-process (push) Successful in 2h20m30s
Details
Full building alt images / test-process (push) Has been skipped
Details
2024-08-07 12:44:30 +03:00
Nadezhda Fedorova
3f4409b2c4 fix entrypoint in test by podman after usrmerge
Some checks failed
Building alt images / test-process (push) Has been cancelled
Details
Building alt images / build-process (push) Has been cancelled
Details
2024-08-07 11:46:59 +03:00
Nadezhda Fedorova
4a434a443b fix testing in single_wf
Some checks failed
Building alt images / build-process (push) Successful in 5m56s
Details
Building alt images / test-process (push) Failing after 1m55s
Details
2024-08-06 18:52:06 +03:00
Nadezhda Fedorova
79f5a1def4 fix build template for distroless-base image
Some checks failed
Building alt images / build-process (push) Successful in 6m22s
Details
Building alt images / test-process (push) Failing after 1m32s
Details
2024-08-06 18:14:07 +03:00
Nadezhda Fedorova
9145f4635d add workflow for single image building
All checks were successful
Building alt images / build-process (push) Successful in 2m55s
Details
Building alt images / test-process (push) Has been skipped
Details
2024-08-06 17:28:09 +03:00
Nadezhda Fedorova
2314b3aba8 add openjdk
All checks were successful
Full building alt images / build-process (push) Successful in 2h25m1s
Details
Full building alt images / test-process (push) Has been skipped
Details
2024-08-06 13:01:40 +03:00
Nadezhda Fedorova
63fc9e2440 add images postgresql rabbitmq 2024-08-06 13:01:40 +03:00
Nadezhda Fedorova
8e68d73e10 add tests to new images in org/alt 2024-08-06 13:01:40 +03:00
52 changed files with 650 additions and 137 deletions
Expand all files Collapse all files

12
.gitea/workflows/testscript
View File

@ -24,20 +24,22 @@ do
then imgpath="$2-$1/$IM:latest"
fi
entrypoint='/bin/sh'
command="echo empty_command"
if [[ $test != '' ]]; then
command="podman run --rm --entrypoint=\"/bin/sh\" $3/$imgpath -c \"$test\""
command="podman run --rm --entrypoint=\"$entrypoint\" $3/$imgpath -c \"$test\""
else
if [[ $IM = 'distroless-true' ]]; then
if [[ $IM == 'distroless-true' ]]; then
command="podman run --rm $3/$imgpath \"true\""
fi
if [[ $IM = 'distroless-gotop' ]]; then
if [[ $IM == 'distroless-gotop' ]]; then
command="podman run --rm $3/$imgpath \"--version\""
fi
if [[ $IM = 'flannel-cni-plugin' ]]; then
if [[ $IM == 'flannel-cni-plugin' ]]; then
command="podman run --rm $3/$imgpath \"/flannel\""
fi
if [[ $IM = 'pause' ]]; then
if [[ $IM == 'pause' ]]; then
command="podman run --rm $3/$imgpath \"/pause\" \"-v\""
fi
fi

7
.gitea/workflows/wf_full_p11.yaml
View File

@ -25,6 +25,13 @@ jobs:
env:
GU: ${{ gitea.server_url }}
GR: ${{ gitea.repository }}
- name: Set repo for p11 (Temporary)
if: ${{ contains(github.ref_name, 'p11') }}
run: |
echo "event tag=${{ github.ref_name }}"
echo "10.4.0.3 update.altsp.su" >> /etc/hosts
echo "cat /etc/hosts"
cat /etc/hosts
- name: Update apt
uses: actions/init-alt-env@v1
- name: Install requires

159
.gitea/workflows/wf_single.yaml Normal file
View File

@ -0,0 +1,159 @@
name: Building alt images
on:
push:
tags:
- '*_*/*'
jobs:
build-process:
runs-on: alt-latest
outputs:
branch: ${{ env.BRANCH }}
image: ${{ env.IMAGE }}
url: ${{ env.URL }}
repo: ${{ env.REPO }}
buildres: ${{ steps.build-script.outcome }}
test: ${{ env.TEST }}
steps:
- name: Check workspace
run: |
repourl=$(echo $GU | cut -d '/' -f 3)
echo "URL=$repourl" >> ${GITHUB_ENV}
echo "URL=$repourl"
reponame=$(echo $GR | cut -d '/' -f 1)
echo "REPO=$reponame" >> ${GITHUB_ENV}
echo "REPO=$reponame"
env:
GU: ${{ gitea.server_url }}
GR: ${{ gitea.repository }}
- name: Set repo for c10f2 (Temporary)
if: ${{ contains(github.ref_name, 'c10f2') }}
run: |
echo "event tag=${{ github.ref_name }}"
echo "10.4.0.3 update.altsp.su" >> /etc/hosts
echo "cat /etc/hosts"
cat /etc/hosts
- name: Update apt
uses: actions/init-alt-env@v1
- name: Install requires
run: |
echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
echo "apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc"
apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc
- name: Check out current repo
uses: actions/checkout@v4
- name: Login podman gitea
run: |
echo "podman login ${{ env.URL }}"
podman login --username $P_USER --password $P_PASS ${{ env.URL }}
env:
P_USER: ${{ secrets.PODMAN_USER }}
P_PASS: ${{ secrets.PODMAN_PASS }}
- name: Check files in the repository
run: |
ls -a ${{ gitea.workspace }}
- name: Parse target branch and tag from events context, save to env
env:
EV: ${{ toJson(gitea.event) }}
run: |
echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1
echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1 >> ${GITHUB_ENV}
localimage=$(echo $EV | jq '.ref' -r | sed 's/refs\/tags\///g' | cut -d '_' -f 2)
echo "IMAGE=$localimage" >> ${GITHUB_ENV}
echo "IMAGE=$localimage"
org=$(echo "$localimage" | cut -d '/' -f 1)
echo "ORG=$org" >> ${GITHUB_ENV}
echo "ORG=$org"
- name: Get test for image
run: |
if test -f ${{ gitea.workspace }}/org/$IM/test; then testscript=$(cat ${{ gitea.workspace }}/org/$IM/test); else testscript=""; fi
echo "TEST=$testscript" >> ${GITHUB_ENV}
env:
IM: ${{ env.IMAGE }}
BR: ${{ env.BRANCH }}
- name: Run building script
id: build-script
run: |
if [[ "$IM" == *"k8s"* ]]; then k8sarg="--tags=tags.toml --overwrite-organization $ORG-$BR"; else k8sarg=""; fi
echo "build.py -i $IM -b $BR"
${{ gitea.workspace }}/build.py -i $IM -b $BR $k8sarg
env:
IM: ${{ env.IMAGE }}
BR: ${{ env.BRANCH }}
ORG: ${{ env.ORG }}
continue-on-error: true
- name: Send notification if build crashed
if: ${{ steps.build-script.outcome != 'success' }}
run: |
issueid=1
body="Building image $IM finish with some errors."
curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
echo "notification about test error is sent to issue $issueid"
env:
T: ${{ secrets.TOKEN }}
BR: ${{ env.BRANCH }}
URL: ${{ gitea.server_url }}
REPO: ${{ env.REPO }}
IM: ${{ env.IMAGE }}
- name: Delete event tag
run: |
tagname=$(echo $EV | jq '.ref' -r | sed "s/refs\/tags\///g")
curl -X 'DELETE' "$URL/api/v1/repos/$REPO/image-forge/tags/$tagname?token=$T" -H 'accept: application/json' -s
echo "tag $tagname is deleted"
env:
T: ${{ secrets.TOKEN }}
BR: ${{ env.BRANCH }}
URL: ${{ gitea.server_url }}
REPO: ${{ env.REPO }}
EV: ${{ toJson(gitea.event) }}
test-process:
needs: build-process
if: ${{ needs.build-process.outputs.buildres == 'success' }}
runs-on: alt-latest
steps:
- name: Update apt
uses: https://gitea.basealt.ru/actions/init-alt-env@v1
- name: Install requires
run: |
echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah curl"
apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah curl
- name: Run test
id: test-script
if: ${{ needs.build-process.outputs.test != '' }}
continue-on-error: true
run: |
if [[ "$IM" == *"k8s"* ]]; then echo "skip tests for k8s images"; else podman run --rm --entrypoint="/bin/sh" $URL/$IM:$BR -c "$TEST"; fi
env:
IM: ${{ needs.build-process.outputs.image }}
BR: ${{ needs.build-process.outputs.branch }}
URL: ${{ needs.build-process.outputs.url }}
REPO: ${{ needs.build-process.outputs.repo }}
TEST: ${{ needs.build-process.outputs.test }}
- name: Run special test
id: special-test
if: ${{ needs.build-process.outputs.test == '' }}
continue-on-error: true
run: |
if [[ $IM = 'alt/distroless-true' ]]; then podman run --rm $URL/$IM:$BR true; fi
if [[ $IM = 'alt/distroless-gotop' ]]; then podman run --rm $URL/$IM:$BR --version; fi
env:
IM: ${{ needs.build-process.outputs.image }}
BR: ${{ needs.build-process.outputs.branch }}
URL: ${{ needs.build-process.outputs.url }}
REPO: ${{ needs.build-process.outputs.repo }}
- name: Send notification if test crashed
if: ${{ steps.test-script.outcome == 'failure' || steps.special-test.outcome == 'failure' }}
run: |
issueid=1
errors=$(cat errors.log)
body="Testing image $IM finish with some errors."
curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
echo "notification about test error is sent to issue $issueid"
env:
T: ${{ secrets.TOKEN }}
BR: ${{ needs.build-process.outputs.branch }}
URL: ${{ gitea.server_url }}
REPO: ${{ needs.build-process.outputs.repo }}
IM: ${{ needs.build-process.outputs.image }}

58
README.md
View File

@ -26,6 +26,64 @@ the organization `<ORGANIZATION>`, run:
```
If you push to the users repository, then organiztion is your username.
## info.yaml format
- `is_versioned`: **bool** (REQUIRED)
Whether to use package version as a tag for this image
- `source_packages`: **list of strings** (REQUIRED)
List of source packages (src.rpm) this image depends on.
If contains jinja2 template syntax, `--package-version`
CLI option must be specified.
- `version_template`: **string** (OPTIONAL)
template to apply when construction the tag,
`version` string variable is available in the template
### examples
#### org/k8s/flannel-cni-plugin
```yaml
is_versioned: true
version_template: v{{ version.rsplit('.', 1) | first }}-flannel{{ version.rsplit('.', 1) | last }}
source_packages:
- cni-plugin-flannel
```
```bash
./build.py -i k8s/flannel-cni-plugin
```
#### org/k8s/kube-apiserver
```yaml
is_versioned: true
version_template: v{{ version }}
source_packages:
- kubernetes{{ version }}
```
```bash
./build.py -b sisyphus -i k8s/kube-apiserver --package-version '{"k8s/kube-apiserver": "1.31"}'
```
#### org/k8s/pause
```yaml
is_versioned: true
source_packages:
- kubernetes-pause
```
```bash
./build.py -i k8s/pause
```
## Dependencies
On x86_64 machine using p10 branch you need:
- `python3-module-tomli`

119
build.py
View File

@ -6,25 +6,61 @@ import json
import re
import subprocess
import textwrap
from dataclasses import dataclass
from graphlib import TopologicalSorter
from pathlib import Path
import requests
import tomli
import yaml
from jinja2 import Template
ORG_DIR = Path("org")
PKG_VERSIONS: dict | None = None
@dataclass
class Image:
def __init__(self, canonical_name):
canonical_name: str
is_versioned: bool | None
verion_template: str | None
source_packages: list[str] | None
def __init__(self, canonical_name: str):
self.canonical_name = canonical_name
self.path = ORG_DIR / canonical_name
self.base_name = re.sub("^[^/]+/", "", canonical_name)
def __str__(self):
return (f'Image(canonical_name="{self.canonical_name}", '
f'path="{self.path}", base_name="{self.base_name}")')
info_file = self.path / "info.yaml"
if not info_file.exists():
self.is_versioned = None
self.source_packages = None
return
info: dict = yaml.safe_load(info_file.read_text())
if "is_versioned" not in info:
raise RuntimeError(
f"info.yaml for {self.canonical_name} doesn't contain 'is_versioned' key"
)
if "source_packages" not in info:
raise RuntimeError(
f"info.yaml for {self.canonical_name} doesn't contain 'source_packages' key"
)
self.is_versioned = info["is_versioned"]
self.source_packages = info["source_packages"]
if self.is_versioned and not self.source_packages:
raise RuntimeError(
f"source_packages for {self.canonical_name} doesn't contain any values"
)
self.version_template = None
if "version_template" in info:
self.version_template = info["version_template"]
class Tasks:
@ -49,18 +85,67 @@ class Tasks:
]
def api_get_source_package_version(branch: str, package_name: str) -> str:
api_url = "https://rdb.altlinux.org/api/site/package_versions_from_tasks"
params = {"branch": branch, "name": package_name}
response = requests.get(api_url, params)
if response.status_code != 200:
print(response)
raise RuntimeError(
f"failed to retrieve source package version: source package {package_name!r}, branch {branch!r} "
)
result = response.json()
return result["versions"][0]["version"]
class Tags:
def __init__(self, tags_file, latest):
def __init__(self, tags_file: str | None, latest: str):
if tags_file is None:
self._tags = None
else:
tags_file = Path(tags_file)
self._tags = tomli.loads(tags_file.read_text())
self._tags = tomli.loads(Path(tags_file).read_text())
self._latest = latest
def tags(self, branch, image: Image):
def tags(self, branch: str, image: Image):
if self._tags is None:
tags = [branch]
if image.is_versioned and image.source_packages:
package_name = image.source_packages[0]
if re.search("{%.*%}", package_name):
package_name = Template(package_name).render(branch=branch).strip()
print(f"{package_name=}")
if re.search("{{.*}}", package_name):
if PKG_VERSIONS is None:
raise RuntimeError(
f"--package-versions option is not specified, required for {image.canonical_name!r}"
)
if image.canonical_name not in PKG_VERSIONS:
raise RuntimeError(
f"--package-versions option does not contain version for image {image.canonical_name!r}"
)
if not PKG_VERSIONS[image.canonical_name]:
raise RuntimeError(
f"invalid version for image {image.canonical_name!r}: {PKG_VERSIONS[image.canonical_name]!r}"
)
package_name = Template(package_name).render(
version=PKG_VERSIONS[image.canonical_name]
)
version = api_get_source_package_version(branch, package_name)
if image.version_template is not None:
version = (
Template(image.version_template).render(version=version).strip()
)
tags = [version]
else:
tags = [branch]
else:
tags = self._tags[image.canonical_name][branch].copy()
if branch == self._latest:
@ -580,6 +665,12 @@ class DockerBuilder:
f"--platform={platforms}",
".",
]
if PKG_VERSIONS is not None and image.canonical_name in PKG_VERSIONS:
build_cmd.insert(
-1, f"--build-arg=PKG_VERSION={PKG_VERSIONS[image.canonical_name]}"
)
self.run(build_cmd, cwd=image.path)
for tag in tags[1:]:
@ -749,6 +840,11 @@ def parse_args():
choices=stages,
help="list of stages to skip",
)
parser.add_argument(
"--package-versions",
type=json.loads,
help="json string where key is image name, value is the package version",
)
args = parser.parse_args()
args.stages = set(args.stages) - set(args.skip_stages)
@ -760,7 +856,10 @@ def parse_args():
def main():
global PKG_VERSIONS
args = parse_args()
PKG_VERSIONS = args.package_versions
arches = args.arches
images_info = ImagesInfo()
tags = Tags(args.tags, args.latest)

65
images-info.toml
View File

@ -1,65 +1,8 @@
["alt/buildpack-deps"]
skip-branches = [ "p9" ]
["alt/distroless-base"]
skip-branches = [ "p9" ]
["alt/openjdk21"]
skip-arches = [ "386" ]
["alt/distroless-builder"]
skip-branches = [ "p9" ]
["alt/distroless-devel"]
skip-branches = [ "p9" ]
["alt/distroless-gotop"]
skip-branches = [ "p9" ]
["alt/distroless-static"]
skip-branches = [ "p9" ]
["alt/distroless-true"]
skip-branches = [ "p9" ]
["alt/gitea"]
skip-branches = [ "p9" ]
["alt/node"]
skip-branches = [ "p9" ]
["alt/unit"]
skip-branches = [ "p9" ]
["alt/prometheus"]
skip-branches = [ "p9" ]
["alt/registry"]
skip-branches = [ "p9" ]
["k8s/cert-manager-cainjector"]
skip-branches = [ "p9" ]
["k8s/cert-manager-controller"]
skip-branches = [ "p9" ]
["k8s/cert-manager-webhook"]
skip-branches = [ "p9" ]
["k8s/coredns"]
skip-branches = [ "p9" ]
["k8s/etcd"]
skip-branches = [ "p9" ]
["k8s/kube-apiserver"]
skip-branches = [ "p9" ]
["k8s/kube-controller-manager"]
skip-branches = [ "p9" ]
["k8s/kube-proxy"]
skip-branches = [ "p9" ]
["k8s/kube-scheduler"]
skip-branches = [ "p9" ]
["k8s/pause"]
skip-branches = [ "p9" ]
["alt/ansible"]
skip-branches = [ "c10f2", "c10f1", "p10" ]

17
org/alt/ansible/Dockerfile.template Normal file
View File

@ -0,0 +1,17 @@
FROM {{ registry }}{{ organization }}/node:{{ branch }}
MAINTAINER alt-cloud
LABEL org.opencontainers.image.title="ansible"
LABEL org.opencontainers.image.description="A radically simple IT automation system"
LABEL org.opencontainers.image.source="http://www.ansible.com"
LABEL org.opencontainers.image.licenses="GPL-3.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages(
"ansible-vim",
"ansible-core",
"ansible-lint"
) }}
WORKDIR /etc/ansible/playbooks

1
org/alt/ansible/test Normal file
View File

@ -0,0 +1 @@
ansible --version

4
org/alt/distroless-base/distroless.toml
View File

@ -4,8 +4,8 @@ builder-install-packages = [
'{{if_branches(["p10"], "glibc-nss")}}',
"glibc-timezones",
"libselinux",
'{{if_branches(["p9", "p10"], "libssl1.1")}}',
'{{if_branches(["sisyphus"], "libssl1.1")}}',
'{{if_branches(["p10"], "libssl1.1")}}',
'{{if_branches(["p11"], "libssl3")}}',
'{{if_branches(["sisyphus"], "libssl3")}}',
"tzdata",
"zlib",

1
org/alt/golang/test Normal file
View File

@ -0,0 +1 @@
go version

1
org/alt/grafana/test Normal file
View File

@ -0,0 +1 @@
grafana --version

1
org/alt/loki/test Normal file
View File

@ -0,0 +1 @@
loki -version -config.file=/etc/loki/loki.yaml

14
org/alt/openjdk21/Dockerfile.template Normal file
View File

@ -0,0 +1,14 @@
FROM {{ registry }}{{ organization }}/base:{{ branch }}
MAINTAINER alt-cloud
LABEL org.opencontainers.image.title="openjdk21"
LABEL org.opencontainers.image.description="OpenJDK 21 Runtime Environment"
LABEL org.opencontainers.image.source="https://openjdk-sources.osci.io"
LABEL org.opencontainers.image.licenses="Apache-1.1 and Apache-2.0 and BSD and BSD with advertising and GPL-2.0 and GPL-2.0 with exceptions and IJG and LGPL-2.0+ and MIT and MPL-2.0 and ALT-Public-Domain and W3C and Zlib and ISC and FTL and RSA-MD"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages(
"java-21-openjdk",
"java-21-openjdk-devel"
) }}

1
org/alt/openjdk21/test Normal file
View File

@ -0,0 +1 @@
javac --version && java --version

1
org/alt/php/test Normal file
View File

@ -0,0 +1 @@
php --version

20
org/alt/postgresql/Dockerfile.template Normal file
View File

@ -0,0 +1,20 @@
FROM {{ registry }}{{ organization }}/base:{{ branch }}
MAINTAINER alt-cloud
LABEL org.opencontainers.image.title="postgresql16"
LABEL org.opencontainers.image.description="PostgreSQL rograms and libraries"
LABEL org.opencontainers.image.source="https://github.com/postgres/postgres"
LABEL org.opencontainers.image.licenses="PostgreSQL"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("postgresql16","postgresql16-server") }}
RUN usermod -a -G postgres postgres
RUN chown -R postgres:postgres /var/lib/pgsql
USER postgres
WORKDIR /var/lib/pgsql
EXPOSE 5432
VOLUME [ "/var/lib/pgsql/data" ]

16
org/alt/postgresql/README.md Normal file
View File

@ -0,0 +1,16 @@
dockerfiles-alt-postgresql
==========================
ALT dockerfile for postgresql.
Copy Dockerfile somewhere and build the image:
`$ docker build --rm -t <username>/postgresql .`
And launch the rabbitmq-server container:
`docker run -d -p 5432:5432 --name="postgresql" -v pgsql-data:/var/lib/pgsql/data IMAGENAME`
First steps to start service and create db:
`/usr/bin/initdb /var/lib/pgsql/data`
`/usr/bin/pg_ctl -D /var/lib/pgsql/data -l logfile start`
`/usr/bin/createdb mydb`
`psql mydb`

1
org/alt/postgresql/test Normal file
View File

@ -0,0 +1 @@
pg_ctl --version

1
org/alt/prometheus-alertmanager/test Normal file
View File

@ -0,0 +1 @@
alertmanager --version

1
org/alt/prometheus-node_exporter/test Normal file
View File

@ -0,0 +1 @@
node_exporter --version

1
org/alt/python2/test Normal file
View File

@ -0,0 +1 @@
python2 --version

19
org/alt/rabbitmq/Dockerfile.template Normal file
View File

@ -0,0 +1,19 @@
FROM {{ registry }}{{ organization }}/base:{{ branch }}
MAINTAINER alt-cloud
LABEL org.opencontainers.image.title="rabbitmq"
LABEL org.opencontainers.image.description="The RabbitMQ server"
LABEL org.opencontainers.image.source="https://github.com/rabbitmq/rabbitmq-server"
LABEL org.opencontainers.image.licenses="MPL-1.1"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("rabbitmq-server") }}
USER rabbitmq
WORKDIR /var/lib/rabbitmq
EXPOSE 5672 25672
VOLUME [ "/var/lib/rabbitmq", "/etc/rabbitmq" ]
ENTRYPOINT [ "/usr/sbin/rabbitmq-server" ]
CMD ["start", "rabbitmq"]

18
org/alt/rabbitmq/README.md Normal file
View File

@ -0,0 +1,18 @@
dockerfiles-alt-rabbitmq
========================
ALT dockerfile for rabbitmq.
Copy Dockerfile somewhere and build the image:
`$ docker build --rm -t <username>/rabbitmq .`
And launch the rabbitmq-server container:
`docker run -d -p 5672:5672 --name="rabbitmq" -v rabbit-data:/var/lib/rabbitmq -v rabbit-conf:/etc/rabbitmq IMAGENAME`
With mounting /etc/rabbitmq/rabbitmq-env.conf could be change settings of rabbitmq-server.
It could be test via:
`curl localhost:5672`
For starting app:
`rabbitmqctl start_app`

1
org/alt/rabbitmq/test Normal file
View File

@ -0,0 +1 @@
rabbitmqctl version

12
org/k8s/cert-manager-acmesolver/Dockerfile.template
View File

@ -2,12 +2,6 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
MAINTAINER alt-cloud
LABEL org.opencontainers.image.title="cert-manager-acmesolver"
LABEL org.opencontainers.image.description="HTTP server used to solve ACME challenges."
LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("cert-manager") }}
RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-manger cert-manger
@ -15,3 +9,9 @@ RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-
USER 1000
ENTRYPOINT ["/usr/bin/acmesolver"]
LABEL org.opencontainers.image.title="cert-manager-acmesolver"
LABEL org.opencontainers.image.description="HTTP server used to solve ACME challenges."
LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"

6
org/k8s/cert-manager-acmesolver/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- cert-manager
...

12
org/k8s/cert-manager-cainjector/Dockerfile.template
View File

@ -2,12 +2,6 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
MAINTAINER alt-cloud
LABEL org.opencontainers.image.title="cert-manager-cainjector"
LABEL org.opencontainers.image.description="cert-manager CA injector is a Kubernetes addon to automate the injection of CA data into webhooks and APIServices from cert-manager certificates."
LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("cert-manager") }}
RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-manger cert-manger
@ -15,3 +9,9 @@ RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-
USER 1000
ENTRYPOINT ["/usr/bin/cainjector"]
LABEL org.opencontainers.image.title="cert-manager-cainjector"
LABEL org.opencontainers.image.description="cert-manager CA injector is a Kubernetes addon to automate the injection of CA data into webhooks and APIServices from cert-manager certificates."
LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"

6
org/k8s/cert-manager-cainjector/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- cert-manager
...

12
org/k8s/cert-manager-controller/Dockerfile.template
View File

@ -2,12 +2,6 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
MAINTAINER alt-cloud
LABEL org.opencontainers.image.title="cert-manager-controller"
LABEL org.opencontainers.image.description="Automatically provision and manage TLS certificates in Kubernetes."
LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("cert-manager") }}
RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-manger cert-manger
@ -15,3 +9,9 @@ RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-
USER 1000
ENTRYPOINT ["/usr/bin/controller"]
LABEL org.opencontainers.image.title="cert-manager-controller"
LABEL org.opencontainers.image.description="Automatically provision and manage TLS certificates in Kubernetes."
LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"

6
org/k8s/cert-manager-controller/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- cert-manager
...

12
org/k8s/cert-manager-startupapicheck/Dockerfile.template
View File

@ -2,12 +2,6 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
MAINTAINER alt-cloud
LABEL org.opencontainers.image.title="cert-manager-startupapicheck"
LABEL org.opencontainers.image.description="Check that cert-manager started successfully."
LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("cert-manager") }}
RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-manger cert-manger
@ -15,3 +9,9 @@ RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-
USER 1000
ENTRYPOINT ["/usr/bin/startupapicheck"]
LABEL org.opencontainers.image.title="cert-manager-startupapicheck"
LABEL org.opencontainers.image.description="Check that cert-manager started successfully."
LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"

6
org/k8s/cert-manager-startupapicheck/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- cert-manager
...

12
org/k8s/cert-manager-webhook/Dockerfile.template
View File

@ -2,12 +2,6 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
MAINTAINER alt-cloud
LABEL org.opencontainers.image.title="cert-manager-webhook"
LABEL org.opencontainers.image.description="The webhook component provides API validation, mutation and conversion functionality for cert-manager."
LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("cert-manager") }}
RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-manger cert-manger
@ -15,3 +9,9 @@ RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-
USER 1000
ENTRYPOINT ["/usr/bin/webhook"]
LABEL org.opencontainers.image.title="cert-manager-webhook"
LABEL org.opencontainers.image.description="The webhook component provides API validation, mutation and conversion functionality for cert-manager."
LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"

6
org/k8s/cert-manager-webhook/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- cert-manager
...

7
org/k8s/coredns/Dockerfile.template
View File

@ -8,6 +8,13 @@ LABEL org.opencontainers.image.source="https://github.com/coredns/coredns"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{% if branch in ["sisyphus", "p11", "c10f2"] %}
ARG PKG_VERSION
{{ install_packages("coredns${PKG_VERSION}") }}
{% else %}
{{ install_packages("coredns") }}
{% endif %}
ENTRYPOINT ["/usr/bin/coredns"]

11
org/k8s/coredns/info.yaml Normal file
View File

@ -0,0 +1,11 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- >
{% if branch in ["sisyphus", "p11", "c10f2"] %}
{% raw %}coredns{{ version }}{% endraw %}
{% else %}
coredns
{% endif %}
...

12
org/k8s/etcd/info.yaml Normal file
View File

@ -0,0 +1,12 @@
---
is_versioned: true
version_template: >
{% set version_patch = version.split(".")[2] | int %}
{% if version_patch < 16 %}
{{ version }}-0
{% else %}
v{{ version }}
{% endif %}
source_packages:
- etcd
...

6
org/k8s/flannel-cni-plugin/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version.rsplit('.', 1) | first }}-flannel{{ version.rsplit('.', 1) | last }}
source_packages:
- cni-plugin-flannel
...

4
org/k8s/flannel/info.yaml Normal file
View File

@ -0,0 +1,4 @@
is_versioned: true
version_template: v{{ version }}
source_packages:
- flannel

10
org/k8s/kube-apiserver/Dockerfile.template
View File

@ -2,12 +2,14 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
MAINTAINER alt-cloud
ARG PKG_VERSION
{{ install_packages("kubernetes${PKG_VERSION}-master") }}
ENTRYPOINT ["/usr/bin/kube-apiserver"]
LABEL org.opencontainers.image.title="kube-apiserver"
LABEL org.opencontainers.image.description="The Kubernetes API server validates and configures data for the api objects which include pods, services, replicationcontrollers, and others."
LABEL org.opencontainers.image.source="https://github.com/kubernetes/kubernetes"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("kubernetes-master") }}
ENTRYPOINT ["/usr/bin/kube-apiserver"]

6
org/k8s/kube-apiserver/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- kubernetes{{ version }}
...

10
org/k8s/kube-controller-manager/Dockerfile.template
View File

@ -2,12 +2,14 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
MAINTAINER alt-cloud
ARG PKG_VERSION
{{ install_packages("kubernetes${PKG_VERSION}-master") }}
ENTRYPOINT ["/usr/bin/kube-controller-manager"]
LABEL org.opencontainers.image.title="kube-controller-manager"
LABEL org.opencontainers.image.description="The Kubernetes controller manager is a daemon that embeds the core control loops shipped with Kubernetes."
LABEL org.opencontainers.image.source="https://github.com/kubernetes/kubernetes"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("kubernetes-master") }}
ENTRYPOINT ["/usr/bin/kube-controller-manager"]

6
org/k8s/kube-controller-manager/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- kubernetes{{ version }}
...

14
org/k8s/kube-proxy/Dockerfile.template
View File

@ -2,14 +2,16 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
MAINTAINER alt-cloud
ARG PKG_VERSION
{{ install_packages("kubernetes${PKG_VERSION}-node") }}
RUN ln -s /usr/bin/kube-proxy /usr/local/bin/kube-proxy
ENTRYPOINT ["/usr/bin/kube-proxy"]
LABEL org.opencontainers.image.title="kube-proxy"
LABEL org.opencontainers.image.description="The Kubernetes network proxy runs on each node."
LABEL org.opencontainers.image.source="https://github.com/kubernetes/kubernetes"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("kubernetes-node") }}
RUN ln -s /usr/bin/kube-proxy /usr/local/bin/kube-proxy
ENTRYPOINT ["/usr/bin/kube-proxy"]

6
org/k8s/kube-proxy/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- kubernetes{{ version }}
...

10
org/k8s/kube-scheduler/Dockerfile.template
View File

@ -2,12 +2,14 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
MAINTAINER alt-cloud
ARG PKG_VERSION
{{ install_packages("kubernetes${PKG_VERSION}-master") }}
ENTRYPOINT ["/usr/bin/kube-scheduler"]
LABEL org.opencontainers.image.title="kube-scheduler"
LABEL org.opencontainers.image.description="The Kubernetes scheduler is a control plane process which assigns Pods to Nodes."
LABEL org.opencontainers.image.source="https://github.com/kubernetes/kubernetes"
LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages("kubernetes-master") }}
ENTRYPOINT ["/usr/bin/kube-scheduler"]

6
org/k8s/kube-scheduler/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- kubernetes{{ version }}
...

6
org/k8s/kubelet/info.yaml Normal file
View File

@ -0,0 +1,6 @@
---
is_versioned: true
version_template: v{{ version }}
source_packages:
- kubernetes{{ version }}
...

5
org/k8s/pause/info.yaml Normal file
View File

@ -0,0 +1,5 @@
---
is_versioned: true
source_packages:
- kubernetes-pause
...

3
org/k8s/trivy-node-collector/Dockerfile.template
View File

@ -9,7 +9,8 @@ LABEL org.opencontainers.image.licenses="Apache-2.0"
LABEL org.opencontainers.image.vendor="ALT Linux Team"
{{ install_packages(
"k8s-trivy-node-collector"
"k8s-trivy-node-collector",
"procps"
) }}
RUN ln -s /usr/bin/k8s-trivy-node-collector /usr/bin/node-collector

5
org/k8s/trivy-node-collector/info.yaml Normal file
View File

@ -0,0 +1,5 @@
---
is_versioned: true
source_packages:
- k8s-trivy-node-collector
...

31
tags.toml
View File

@ -38,26 +38,36 @@ c10f2 = [ "3.5.9-0" ]
p10 = [ "v1.10.1" ]
sisyphus = [ "v1.10.1" ]
c10f1 = [ "v1.9.3" ]
c10f2 = [ "v1.9.3" ]
c10f2 = [ "v1.9.3" ]
["k8s/cert-manager-cainjector"]
p10 = [ "v1.9.1" ]
sisyphus = [ "v1.11.0" ]
p10 = [ "v1.14.5" ]
sisyphus = [ "v1.14.5" ]
c10f1 = [ "v1.9.1" ]
c10f2 = [ "v1.9.1" ]
["k8s/cert-manager-controller"]
p10 = [ "v1.9.1" ]
sisyphus = [ "v1.11.0" ]
p10 = [ "v1.14.5" ]
sisyphus = [ "v1.14.5" ]
c10f1 = [ "v1.9.1" ]
c10f2 = [ "v1.9.1" ]
["k8s/cert-manager-webhook"]
p10 = [ "v1.9.1" ]
sisyphus = [ "v1.11.0" ]
p10 = [ "v1.14.5" ]
sisyphus = [ "v1.14.5" ]
c10f1 = [ "v1.9.1" ]
c10f2 = [ "v1.9.1" ]
["k8s/cert-manager-acmesolver"]
p10 = [ "v1.14.5" ]
sisyphus = [ "v1.14.5" ]
c10f1 = [ "v1.9.1" ]
c10f2 = [ "v1.9.1" ]
["k8s/cert-manager-startupapicheck"]
p10 = [ "v1.14.5" ]
sisyphus = [ "v1.14.5" ]
["k8s/flannel"]
p10 = [ "v0.21.4" ]
sisyphus = [ "v0.24.2" ]
@ -66,12 +76,13 @@ c10f2 = [ "v0.21.4" ]
["k8s/flannel-cni-plugin"]
p10 = [ "v1.1.2" ]
sisyphus = [ "v1.2.0" ]
sisyphus = [ "v1.5.1-flannel1" ]
c10f1 = [ "v1.1.2" ]
c10f2 = [ "v1.1.2" ]
["k8s/trivy-node-collector"]
p10 = [ "0.0.9" ]
sisyphus = [ "0.0.9" ]
p11 = [ "0.3.1" ]
sisyphus = [ "0.3.1" ]
c10f1 = [ "0.0.9" ]
c10f2 = [ "0.0.9" ]
c10f2 = [ "0.3.1" ]