feat: combine build-k8s-images and push-k8s-images

.gitea/workflows/build-k8s-images.yaml

@@ -0,0 +1,42 @@
+name: Build kubernetes images
+on:
+  push:
+    branches:
+      - test-gitea-actions
+    paths:
+      - ".gitea/workflows/build-k8s-images.yaml"
+      - "org/k8s/kube-apiserver/**"
+      - "org/k8s/kube-controller-manager/**"
+      - "org/k8s/kube-scheduler/**"
+      - "org/k8s/kube-proxy/**"
+      - "tags.toml"
+      - "k8s-images.sh"
+  schedule:
+    - cron: "30 3 1 * *"
+
+jobs:
+  build-images:
+    runs-on: alt-latest
+    steps:
+      - name: Install the dependencies
+        run: |
+          apt-get update
+          apt-get install -y \
+          podman \
+          python3-module-tomli \
+          python3-module-jinja2 \
+          qemu-user-static-binfmt-aarch64 \
+          qemu-user-static-binfmt-arm \
+          qemu-user-static-binfmt-ppc
+      - name: Check out repository code
+        uses: actions/checkout@v3
+      - name: Log into gitea.basealt.ru
+        run: podman login -u stepchenkoas -p "${{ secrets.ACTIONS_TOKEN }}" gitea.basealt.ru
+      - name: Build docker images for p10 (kube-apiserver, kube-controller-manager, kube-scheduler, kube-proxy)
+        run: ${{ gitea.workspace }}/build-k8s-images.sh gitea.basealt.ru k8s-p10 p10
+      - name: Push docker images for p10 to gitea.basealt.ru
+        run: ${{ gitea.workspace }}/push-k8s-images.sh gitea.basealt.ru k8s-p10 p10
+      - name: Build docker images for sisyphus (kube-apiserver, kube-controller-manager, kube-scheduler, kube-proxy)
+        run: ${{ gitea.workspace }}/build-k8s-images.sh gitea.basealt.ru k8s-sisyphus sisyphus
+      - name: Push docker images for sisyphus to gitea.basealt.ru
+        run: ${{ gitea.workspace }}/push-k8s-images.sh gitea.basealt.ru k8s-sisyphus sisyphus

.gitea/workflows/testscript

@@ -6,70 +6,53 @@
 #$4 - ${{ needs.build-process.outputs.repo }}
 #$5 - ${{ gitea.workspace }}
 
-BR=${1:-"p10"}
-ORG=${2:-"base"}
-URL=${3:-"gitea.basealt.ru"}
-REPO=${4:-"alt"}
-WS=${5:-"image-forge"}
-
 errors=''
 haserr=false
-for IM in $(ls $WS/org/$ORG/ | xargs)
+for IM in $(ls $5/org/$2/ | xargs)
 do 
   echo "image=$IM"
-  imgpath="$REPO/$BR/$IM:$BR"
-  command=''
-  testpath="$WS/org/$ORG/$IM/test.yaml"
-  if test -f $testpath
-  then
-	entrypoint=''
-	testep=$(cat $testpath | yq '.entrypoint' -r 2> /dev/null)
-	if [[ $testep != '' ]]; then entrypoint="--entrypoint=\"$testep\""; fi 
+  if test -f $5/org/$2/$IM/test
+  then 
+    test=$(cat $5/org/$2/$IM/test)
+  else test=''
+  fi 
 
-	testcom=$(cat $testpath | yq '.command' -r 2> /dev/null)
-	if [[ $testcom != '' ]]
-	then command="podman run --rm $entrypoint $URL/$imgpath -c \"$testcom\""
-	else echo "test command is not found"
-	fi	
-  else echo "test file is not found"
+  echo "test script=$test"
+  imgpath="$2/$IM:$1"
+
+  if [[ $2 == 'k8s' ]]
+    then imgpath="$2-$1/$IM:latest"
   fi
-  echo "result test command: $command"
+
+  command="echo empty_command"
+  if [[ $test != '' ]]; then
+    command="podman run --rm --entrypoint=\"/bin/sh\" $3/$imgpath -c \"$test\""
+  else
+    if [[ $IM = 'distroless-true' ]]; then
+      command="podman run --rm $3/$imgpath \"true\""
+    fi
+    if [[ $IM = 'distroless-gotop' ]]; then 
+      command="podman run --rm $3/$imgpath \"--version\""
+    fi 
+    if [[ $IM = 'flannel-cni-plugin' ]]; then
+      command="podman run --rm $3/$imgpath \"/flannel\""
+    fi
+    if [[ $IM = 'pause' ]]; then 
+      command="podman run --rm $3/$imgpath \"/pause\" \"-v\""
+    fi 
+  fi
+  echo $command
   eval $command 2>$IM.log || haserr=true
 
-  if [ "$haserr" = false ]
-  then
-    echo "start change tag for $IM"
-    if [[ $ORG != 'base' ]]
-    then
-	package=$(podman images --filter reference=$URL/$imgpath --format='{{ json .Labels }}' | jq '."org.opencontainers.image.title"' -r 2> /dev/null)
-    	if [[ $package != '' ]]
-    	then 
-		tag=$(podman run --rm --entrypoint="/bin/sh" $URL/$imgpath -c "rpm -qa --qf \"%{VERSION}\n\" $package" 2> /dev/null)
-	else
-		echo "not found package name in images labels"
-	fi 
-    else
-	then tag=$(date +"%Y%m%d")
-    fi
-
-    if [[ $tag != '' ]]
-    then 
-	    skopeo copy -a docker://$URL/$imgpath:$BR  docker://$URL/$imgpath:$tag
-	    scopeo delete docker://$URL/$imgpath:$BR
-	    echo "tag is updated"
-    else echo "new tag is empty and is not sent to repository"
-    fi
-
-  else
-    if [[ $(cat $IM.log) != '' ]]
-    then errors="TEST ERROR OF IMAGE $IM: $(cat $IM.log); $errors"
-    else errors="TEST ERROR OF IMAGE $IM: test returned empty error, but exit status was nozero; $errors"
-    fi
-  fi
-    
   echo "podman rmi --all"
   podman rmi --all
 
+  if [ "$haserr" = true ]
+  then 
+    if [[ $(cat $IM.log) != '' ]]
+    then errors="TEST ERROR OF IMAGE $IM: $(cat $IM.log); $errors"
+    else errors="TEST ERROR OF IMAGE $IM: test returned empty error, but exit status was nozero; $errors"
+    fi 
   fi 
   haserr=false
 done

.gitea/workflows/wf_full_p10.yaml

@@ -2,10 +2,7 @@ name: Full building alt images
 on:
   push:
     tags:
-      - '*_*'
-    tags-ignore:
-      - '*_k8s'
-      - 'sisyphus_*'
+      - '*10*_*'
 
 jobs:
   build-process:
@@ -61,10 +58,12 @@ jobs:
         env:
           P_USER: ${{ secrets.PODMAN_USER }}
           P_PASS: ${{ secrets.PODMAN_PASS }}
-      - name: Run standart building script
+      - name: Run building script
         id: build-script
         run: |
-          build_args="-b $BR -o $ORG --skip-images base/distroless-devel --overwrite-organization $BR --registry $URL/$BR"          
+          build_args="-b $BR -o $ORG --skip-images alt/distroless-devel"          
+          if [[ $BR == 'c10f1' || $BR == 'c10f2' ]]; then build_args="$build_args --skip-arches arm ppc64le"; fi
+          if [[ $ORG == 'k8s' ]]; then build_args="$build_args --tags tags.toml --overwrite-organization $ORG-$BR --skip-images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-proxy k8s/kube-scheduler"; fi
           echo "build.py $build_args"
           ${{ gitea.workspace }}/build.py $build_args
         env:
@@ -103,18 +102,11 @@ jobs:
         uses: actions/init-alt-env@v1
       - name: Install requires
         run: |
-          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah skopeo jq yq curl"
+          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
           apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
       - name: Check out current repo
         uses: https://gitea.com/actions/checkout@v4
-      - name: Login podman gitea
-        run: |
-          echo "podman login ${{ env.URL }}"
-          podman login --username $P_USER --password $P_PASS ${{ needs.build-process.outputs.url }}          
-        env:
-          P_USER: ${{ secrets.PODMAN_USER }}
-          P_PASS: ${{ secrets.PODMAN_PASS }}
-      - name: Test images and update tags
+      - name: Test
         id: test-script
         continue-on-error: true
         run: |

.gitea/workflows/wf_full_sis.yaml

@@ -55,6 +55,7 @@ jobs:
         id: build-script
         run: |
           build_args="-b $BR -o $ORG --skip-images alt/distroless-devel"          
+          if [[ $BR == 'sisyphus' ]]; then build_args="$build_args --skip-arches arm"; fi
           if [[ $ORG == 'k8s' ]]; then build_args="$build_args --tags tags.toml --overwrite-organization $ORG-$BR --skip-images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-proxy k8s/kube-scheduler"; fi
           echo "build.py $build_args"
           ${{ gitea.workspace }}/build.py $build_args

README.md

@@ -28,7 +28,9 @@ If you push to the users repository, then organiztion is your username.
 
 ## Dependencies
 On x86_64 machine using p10 branch you need:
+- `podman`
 - `python3-module-tomli`
+- `python3-module-jinja2`
 - `qemu-user-static-binfmt-aarch64` to build for arm64 architecture
 - `qemu-user-static-binfmt-arm` to build for arm architecture
 - `qemu-user-static-binfmt-ppc` to build for ppc64le architecture

build.py

@@ -638,8 +638,8 @@ class ImagesInfo:
 
 def parse_args():
     stages = ["build", "remove_dockerfiles", "render_dockerfiles", "push"]
-    arches = ["amd64", "386", "arm64"]
-    branches = ["p10", "sisyphus", "c10f1", "c10f2"]
+    arches = ["amd64", "386", "arm64", "arm", "ppc64le"]
+    branches = ["p9", "p10", "sisyphus", "c10f1", "c10f2"]
     organizations = list(ORG_DIR.iterdir())
     images = [f"{o.name}/{i.name}" for o in organizations for i in o.iterdir()]
     organizations = [o.name for o in organizations]

k8s-images.sh

@@ -0,0 +1,59 @@
+#!/usr/bin/env sh
+
+set -xeuo pipefail
+
+function print_help() {
+    cat <<EOF
+usage:
+$0 (build | push) <REGISTRY> <ORGANIZATION> <BRANCH>
+EOF
+}
+
+if [ "$#" -lt 4 ]; then
+    print_help
+    exit 1
+fi
+
+COMMAND=$1
+REGISTRY=${2:-"gitea.basealt.ru"}
+ORGANIZATION=${3:-"k8s-sisyphus"}
+BRANCH=${4:-"sisyphus"}
+
+shift 4
+
+[ "$COMMAND" == 'build' ] || [ "$COMMAND" == 'push' ] || exit 1
+
+function build() {
+    ./build.py \
+    --branches $BRANCH \
+    --latest $BRANCH \
+    --registry $REGISTRY \
+    --overwrite-organization $ORGANIZATION \
+    --images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-scheduler k8s/kube-proxy \
+    --tags tags.toml \
+    --skip-stages push \
+    "$@"
+}
+
+function push() {
+    ./build.py \
+    --branches $BRANCH \
+    --latest $BRANCH \
+    --registry $REGISTRY \
+    --overwrite-organization $ORGANIZATION \
+    --images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-scheduler k8s/kube-proxy \
+    --tags tags.toml \
+    --stages push \
+    "$@"
+}
+
+for version in 1.26.14 1.27.12 1.28.8; do
+    sed -i "s/kubernetes.*-/kubernetes${version::4}-/g" org/k8s/kube-*/*
+    sed -i "s/$BRANCH = \[ \"v.*\" \]/$BRANCH = \[ \"v$version\" \]/g" tags.toml
+
+    if [ "$COMMAND" == 'build' ]; then
+        build "$@"
+    elif [ "$COMMAND" == 'push' ]; then
+        push "$@"
+    fi
+done

org/alt/apache2/test

@@ -0,0 +1 @@
+apachectl -v

org/alt/base/test

@@ -0,0 +1 @@
+LC_ALL=ru_RU.UTF-8 TZ=/usr/share/zoneinfo/Europe/Moscow date| grep MSK

org/alt/buildpack-deps-curl/test

@@ -0,0 +1 @@
+curl --version && gpg --version

org/alt/buildpack-deps-scm/test

@@ -0,0 +1 @@
+git --version && hg --version

org/alt/buildpack-deps/test

@@ -0,0 +1 @@
+gcc --version && make --version

org/alt/distroless-builder/Dockerfile.template

@@ -3,7 +3,7 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 MAINTAINER alt-cloud
 
 LABEL org.opencontainers.image.title="distroless-builder"
-LABEL org.opencontainers.image.description="This image is used to build tarballs for distroless images"
+LABEL org.opencontainers.image.description="This images is using to build tarball for distroless images"
 LABEL org.opencontainers.image.licenses="GPLv2"
 LABEL org.opencontainers.image.vendor="ALT Linux Team"
 

org/alt/distroless-builder/README.md

@@ -0,0 +1,3 @@
+ALT dockerfile for distroless-builder image.
+
+This images is using to build tarball for distroless images.

org/alt/distroless-builder/test

@@ -0,0 +1 @@
+apt-repo --version

org/alt/distroless-devel/test

@@ -0,0 +1 @@
+ss -V

org/alt/etcd/test

@@ -0,0 +1 @@
+etcdctl version

org/alt/gitea/test

@@ -0,0 +1 @@
+gitea --version

org/alt/nginx/test

@@ -0,0 +1 @@
+nginx -v

org/alt/node/test

@@ -0,0 +1 @@
+node -v

org/alt/prometheus/test

@@ -0,0 +1 @@
+prometheus --version

org/alt/python/test

@@ -0,0 +1 @@
+python3 --version

org/alt/registry/test

@@ -0,0 +1 @@
+registry --version

org/alt/ruby/test

@@ -0,0 +1 @@
+ruby --version

org/alt/systemd/Dockerfile.template

@@ -3,7 +3,7 @@ FROM {{ registry }}{{ organization }}/base:{{ branch }}
 MAINTAINER alt-cloud
 
 LABEL org.opencontainers.image.title="systemd"
-LABEL org.opencontainers.image.description="System and Session Manager"
+LABEL org.opencontainers.image.description="Systemd System V init tools"
 LABEL org.opencontainers.image.source="https://github.com/systemd/systemd"
 LABEL org.opencontainers.image.licenses="LGPLv2.1+"
 LABEL org.opencontainers.image.vendor="ALT Linux Team"

org/alt/systemd/test

@@ -0,0 +1 @@
+ls -la /sbin/init | grep systemd

org/alt/unit/test

@@ -0,0 +1 @@
+unitd --version

org/alt/zot/test

@@ -0,0 +1 @@
+zot verify /etc/zot/config.json

org/base/base/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: /bin/sh
-  command: LC_ALL=ru_RU.UTF-8 TZ=/usr/share/zoneinfo/Europe/Moscow date| grep MSK
-maintainers: []

org/base/base/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: "/bin/sh"
-command: "LC_ALL=ru_RU.UTF-8 TZ=/usr/share/zoneinfo/Europe/Moscow date| grep MSK"

org/base/buildpack-deps-curl/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: /bin/sh
-  command: curl --version && gpg --version
-maintainers: []

org/base/buildpack-deps-curl/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: "/bin/sh"
-command: "curl --version && gpg --version"

org/base/buildpack-deps-scm/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: /bin/sh
-  command: git --version && hg --version
-maintainers: []

org/base/buildpack-deps-scm/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: "/bin/sh"
-command: "git --version && hg --version"

org/base/buildpack-deps/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: /bin/sh
-  command: gcc --version && make --version
-maintainers: []

org/base/buildpack-deps/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: "/bin/sh"
-command: "gcc --version && make --version"

org/base/devel/image.yaml

@@ -1,4 +0,0 @@
-version: '1.0'
-kind: image
-test: man --version && ip -V && vim --version | grep vim
-maintainers: []

org/base/distroless-builder/README.md

@@ -1,3 +0,0 @@
-ALT dockerfile for distroless-builder image.
-
-This image is used to build tarballs for distroless images.

org/base/distroless-builder/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: /bin/sh
-  command: apt-repo --version
-maintainers: []

org/base/distroless-builder/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: "/bin/sh"
-command: "apt-repo --version"

org/base/distroless-devel/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: /bin/sh
-  command: ss -V
-maintainers: []

org/base/distroless-devel/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: "/bin/sh"
-command: "ss -V"

org/base/distroless-gotop/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: ''
-  command: --version
-maintainers: []

org/base/distroless-gotop/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: ""
-command: "--version"

org/base/distroless-true/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: ''
-  command: 'true'
-maintainers: []

org/base/distroless-true/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: ""
-command: "true"

org/base/trivy/Dockerfile.template

@@ -1,13 +0,0 @@
-FROM {{ registry }}{{ alt_image }}:{{ branch }}
-
-MAINTAINER alt-cloud
-
-LABEL org.opencontainers.image.title="trivy"
-LABEL org.opencontainers.image.description="A Fast Vulnerability Scanner for Containers"
-LABEL org.opencontainers.image.source="https://aquasecurity.github.io/trivy"
-LABEL org.opencontainers.image.licenses="Apache-2.0"
-LABEL org.opencontainers.image.vendor="ALT Linux Team"
-
-{{ install_packages("trivy") }}
-
-ENTRYPOINT [ "trivy" ]

org/base/trivy/README.md

@@ -1,10 +0,0 @@
-dockerfiles-alt-trivy
-=====================
-
-ALT dockerfile for trivy.
-
-Copy dockerfile somewhere and built the image:
-`$ docker build --rm -t <username>/trivy .`
-
-And launch the trivy container
-`$ docker run -it <username>/trivy`

org/base/trivy/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: /bin/sh
-  command: trivy --version
-maintainers: []

org/base/trivy/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: "/bin/sh"
-command: "trivy --version"

org/cert-manager/cert-manager-cainjector/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: /bin/sh
-  command: cainjector --help
-maintainers: []

org/cert-manager/cert-manager-cainjector/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: "/bin/sh"
-command: "cainjector --help"

org/cert-manager/cert-manager-controller/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: /bin/sh
-  command: controller --help
-maintainers: []

org/cert-manager/cert-manager-controller/test.yaml

@@ -1,2 +0,0 @@
-entrypoint: "/bin/sh"
-command: "controller --help"

org/cert-manager/cert-manager-webhook/image.yaml

@@ -1,6 +0,0 @@
-version: '1.0'
-kind: image
-test:
-  entrypoint: /bin/sh
-  command: webhook --help
-maintainers: []