feat: combine build-k8s-images and push-k8s-images

.gitea/workflows/build-k8s-images.yaml

@@ -0,0 +1,42 @@
+name: Build kubernetes images
+on:
+  push:
+    branches:
+      - test-gitea-actions
+    paths:
+      - ".gitea/workflows/build-k8s-images.yaml"
+      - "org/k8s/kube-apiserver/**"
+      - "org/k8s/kube-controller-manager/**"
+      - "org/k8s/kube-scheduler/**"
+      - "org/k8s/kube-proxy/**"
+      - "tags.toml"
+      - "k8s-images.sh"
+  schedule:
+    - cron: "30 3 1 * *"
+
+jobs:
+  build-images:
+    runs-on: alt-latest
+    steps:
+      - name: Install the dependencies
+        run: |
+          apt-get update
+          apt-get install -y \
+          podman \
+          python3-module-tomli \
+          python3-module-jinja2 \
+          qemu-user-static-binfmt-aarch64 \
+          qemu-user-static-binfmt-arm \
+          qemu-user-static-binfmt-ppc
+      - name: Check out repository code
+        uses: actions/checkout@v3
+      - name: Log into gitea.basealt.ru
+        run: podman login -u stepchenkoas -p "${{ secrets.ACTIONS_TOKEN }}" gitea.basealt.ru
+      - name: Build docker images for p10 (kube-apiserver, kube-controller-manager, kube-scheduler, kube-proxy)
+        run: ${{ gitea.workspace }}/build-k8s-images.sh gitea.basealt.ru k8s-p10 p10
+      - name: Push docker images for p10 to gitea.basealt.ru
+        run: ${{ gitea.workspace }}/push-k8s-images.sh gitea.basealt.ru k8s-p10 p10
+      - name: Build docker images for sisyphus (kube-apiserver, kube-controller-manager, kube-scheduler, kube-proxy)
+        run: ${{ gitea.workspace }}/build-k8s-images.sh gitea.basealt.ru k8s-sisyphus sisyphus
+      - name: Push docker images for sisyphus to gitea.basealt.ru
+        run: ${{ gitea.workspace }}/push-k8s-images.sh gitea.basealt.ru k8s-sisyphus sisyphus

.gitea/workflows/testscript

@@ -0,0 +1,65 @@
+#!/bin/bash
+
+#$1 - ${{ needs.build-process.outputs.branch }}
+#$2 - ${{ needs.build-process.outputs.org }}
+#$3 - ${{ needs.build-process.outputs.url }}
+#$4 - ${{ needs.build-process.outputs.repo }}
+#$5 - ${{ gitea.workspace }}
+
+errors=''
+haserr=false
+for IM in $(ls $5/org/$2/ | xargs)
+do 
+  echo "image=$IM"
+  if test -f $5/org/$2/$IM/test
+  then 
+    test=$(cat $5/org/$2/$IM/test)
+  else test=''
+  fi 
+
+  echo "test script=$test"
+  imgpath="$2/$IM:$1"
+
+  if [[ $2 == 'k8s' ]]
+    then imgpath="$2-$1/$IM:latest"
+  fi
+
+  command="echo empty_command"
+  if [[ $test != '' ]]; then
+    command="podman run --rm --entrypoint=\"/bin/sh\" $3/$imgpath -c \"$test\""
+  else
+    if [[ $IM = 'distroless-true' ]]; then
+      command="podman run --rm $3/$imgpath \"true\""
+    fi
+    if [[ $IM = 'distroless-gotop' ]]; then 
+      command="podman run --rm $3/$imgpath \"--version\""
+    fi 
+    if [[ $IM = 'flannel-cni-plugin' ]]; then
+      command="podman run --rm $3/$imgpath \"/flannel\""
+    fi
+    if [[ $IM = 'pause' ]]; then 
+      command="podman run --rm $3/$imgpath \"/pause\" \"-v\""
+    fi 
+  fi
+  echo $command
+  eval $command 2>$IM.log || haserr=true
+
+  echo "podman rmi --all"
+  podman rmi --all
+
+  if [ "$haserr" = true ]
+  then 
+    if [[ $(cat $IM.log) != '' ]]
+    then errors="TEST ERROR OF IMAGE $IM: $(cat $IM.log); $errors"
+    else errors="TEST ERROR OF IMAGE $IM: test returned empty error, but exit status was nozero; $errors"
+    fi 
+  fi 
+  haserr=false
+done
+
+echo "$errors"
+if [[ $errors != '' ]]
+  then haserr=true 
+fi
+echo "ERR=$haserr" > haserr.log
+echo $errors > errors.log

.gitea/workflows/wf_full_p10.yaml

@@ -0,0 +1,134 @@
+name: Full building alt images
+on:
+  push:
+    tags:
+      - '*10*_*'
+
+jobs:
+  build-process:
+    runs-on: alt-p10
+    outputs:
+      branch: ${{ env.BRANCH }}
+      org: ${{ env.ORG }}
+      url: ${{ env.URL }}
+      repo: ${{ env.REPO }}
+      buildres: ${{ steps.build-script.outcome }}
+    steps:
+      - name: Check workspace
+        run: |
+          repourl=$(echo $GU | cut -d '/' -f 3)
+          echo "URL=$repourl" >> ${GITHUB_ENV}
+          echo $repourl
+          reponame=$(echo $GR | cut -d '/' -f 1)
+          echo "REPO=$reponame" >> ${GITHUB_ENV}
+          echo $reponame
+        env:
+          GU: ${{ gitea.server_url }}
+          GR: ${{ gitea.repository }}
+      - name: Set repo for c10f2 (Temporary)
+        if: ${{ contains(github.ref_name, 'c10f2') }}
+        run: |
+          echo "event tag=${{ github.ref_name }}" 
+          echo "10.4.0.3        update.altsp.su" >> /etc/hosts
+          echo "cat /etc/hosts"
+          cat /etc/hosts
+      - name: Update apt
+        uses: actions/init-alt-env@v1
+      - name: Install requires
+        run: |
+          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
+          apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
+          echo "apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc"
+          apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc          
+      - name: Check out current repo
+        uses: actions/checkout@v4
+      - name: Parse target branch and tag from events context, save to env                                
+        env:
+          EV: ${{ toJson(gitea.event) }}                                         
+        run: |
+          echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1
+          echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1 >> ${GITHUB_ENV}
+          org=$(echo $EV | jq '.ref' -r | sed 's/refs\/tags\///g' | cut -d '_' -f 2)
+          echo "ORG=$org" >> ${GITHUB_ENV}                              
+          echo "ORG=$org"
+      - name: Login podman gitea
+        run: |
+          echo "podman login ${{ env.URL }}"
+          podman login --username $P_USER --password $P_PASS ${{ env.URL }}          
+        env:
+          P_USER: ${{ secrets.PODMAN_USER }}
+          P_PASS: ${{ secrets.PODMAN_PASS }}
+      - name: Run building script
+        id: build-script
+        run: |
+          build_args="-b $BR -o $ORG --skip-images alt/distroless-devel"          
+          if [[ $BR == 'c10f1' || $BR == 'c10f2' ]]; then build_args="$build_args --skip-arches arm ppc64le"; fi
+          if [[ $ORG == 'k8s' ]]; then build_args="$build_args --tags tags.toml --overwrite-organization $ORG-$BR --skip-images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-proxy k8s/kube-scheduler"; fi
+          echo "build.py $build_args"
+          ${{ gitea.workspace }}/build.py $build_args
+        env:
+          ORG: ${{ env.ORG }}
+          BR: ${{ env.BRANCH }}
+        continue-on-error: true
+      - name: Send notification if build crashed
+        if: ${{ steps.build-script.outcome != 'success' }}
+        run: |
+          issueid=1
+          body="Building images finish with some errors."
+          curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
+          echo "notification about test error is sent to issue $issueid"
+        env:
+          T: ${{ secrets.TOKEN }}
+          BR: ${{ env.BRANCH }}
+          URL: ${{ gitea.server_url }}
+          REPO: ${{ env.REPO }}
+      - name: Delete event tag
+        run: |
+          tagname=$(echo $EV | jq '.ref' -r | sed "s/refs\/tags\///g")
+          curl -X 'DELETE' "$URL/api/v1/repos/$REPO/image-forge/tags/$tagname?token=$T" -H 'accept: application/json' -s
+          echo "tag $tagname is deleted"                    
+        env:
+          T: ${{ secrets.TOKEN }}
+          BR: ${{ env.BRANCH }}
+          URL: ${{ gitea.server_url }}
+          REPO: ${{ env.REPO }}
+          EV: ${{ toJson(gitea.event) }}
+  test-process:
+    needs: build-process
+    if: ${{ needs.build-process.outputs.buildres == 'success' }}
+    runs-on: alt-p10
+    steps:
+      - name: Update apt
+        uses: actions/init-alt-env@v1
+      - name: Install requires
+        run: |
+          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
+          apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
+      - name: Check out current repo
+        uses: https://gitea.com/actions/checkout@v4
+      - name: Test
+        id: test-script
+        continue-on-error: true
+        run: |
+          $WS/.gitea/workflows/testscript $BR $ORG $URL $REPO $WS
+          cat haserr.log >> ${GITHUB_ENV}
+          echo "test process finished"
+        env:
+          BR: ${{ needs.build-process.outputs.branch }}
+          ORG: ${{ needs.build-process.outputs.org }}
+          URL: ${{ needs.build-process.outputs.url }}
+          REPO: ${{ needs.build-process.outputs.repo }}
+          WS: ${{ gitea.workspace }}
+      - name: Send notification if test crashed
+        if: ${{ env.ERR == 'true' || steps.test-script.outcome == 'failure' }}
+        run: |
+          issueid=1
+          errors=$(cat errors.log)
+          body="Testing images finish with some errors. $errors"
+          curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
+          echo "notification about test error is sent to issue $issueid"
+        env:
+          T: ${{ secrets.TOKEN }}
+          BR: ${{ needs.build-process.outputs.branch }}
+          URL: ${{ gitea.server_url }}
+          REPO: ${{ needs.build-process.outputs.repo }}

.gitea/workflows/wf_full_sis.yaml

@@ -0,0 +1,127 @@
+name: Full building alt images
+on:
+  push:
+    tags:
+      - 'sisyphus_*'
+
+jobs:
+  build-process:
+    runs-on: alt-sisyphus
+    outputs:
+      branch: ${{ env.BRANCH }}
+      org: ${{ env.ORG }}
+      url: ${{ env.URL }}
+      repo: ${{ env.REPO }}
+      buildres: ${{ steps.build-script.outcome }}
+    steps:
+      - name: Check workspace
+        run: |
+          repourl=$(echo $GU | cut -d '/' -f 3)
+          echo "URL=$repourl" >> ${GITHUB_ENV}
+          echo $repourl
+          reponame=$(echo $GR | cut -d '/' -f 1)
+          echo "REPO=$reponame" >> ${GITHUB_ENV}
+          echo $reponame
+        env:
+          GU: ${{ gitea.server_url }}
+          GR: ${{ gitea.repository }}
+      - name: Update apt
+        uses: actions/init-alt-env@v1
+      - name: Install requires
+        run: |
+          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
+          apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
+          echo "apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc"
+          apt-get install -y qemu-user-static-binfmt-aarch64 qemu-user-static-binfmt-arm qemu-user-static-binfmt-ppc          
+      - name: Check out current repo
+        uses: actions/checkout@v4
+      - name: Parse target branch and tag from events context, save to env                                
+        env:
+          EV: ${{ toJson(gitea.event) }}                                         
+        run: |
+          echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1
+          echo $EV | jq '.ref' -r | sed "s/refs\/tags\//BRANCH=/g" | cut -d '_' -f 1 >> ${GITHUB_ENV}
+          org=$(echo $EV | jq '.ref' -r | sed 's/refs\/tags\///g' | cut -d '_' -f 2)
+          echo "ORG=$org" >> ${GITHUB_ENV}                              
+          echo "ORG=$org"
+      - name: Login podman gitea
+        run: |
+          echo "podman login ${{ env.URL }}"
+          podman login --username $P_USER --password $P_PASS ${{ env.URL }}          
+        env:
+          P_USER: ${{ secrets.PODMAN_USER }}
+          P_PASS: ${{ secrets.PODMAN_PASS }}
+      - name: Run building script
+        id: build-script
+        run: |
+          build_args="-b $BR -o $ORG --skip-images alt/distroless-devel"          
+          if [[ $BR == 'sisyphus' ]]; then build_args="$build_args --skip-arches arm"; fi
+          if [[ $ORG == 'k8s' ]]; then build_args="$build_args --tags tags.toml --overwrite-organization $ORG-$BR --skip-images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-proxy k8s/kube-scheduler"; fi
+          echo "build.py $build_args"
+          ${{ gitea.workspace }}/build.py $build_args
+        env:
+          ORG: ${{ env.ORG }}
+          BR: ${{ env.BRANCH }}
+        continue-on-error: true
+      - name: Send notification if build crashed
+        if: ${{ steps.build-script.outcome != 'success' }}
+        run: |
+          issueid=1
+          body="Building images finish with some errors."
+          curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
+          echo "notification about test error is sent to issue $issueid"
+        env:
+          T: ${{ secrets.TOKEN }}
+          BR: ${{ env.BRANCH }}
+          URL: ${{ gitea.server_url }}
+          REPO: ${{ env.REPO }}
+      - name: Delete event tag
+        run: |
+          tagname=$(echo $EV | jq '.ref' -r | sed "s/refs\/tags\///g")
+          curl -X 'DELETE' "$URL/api/v1/repos/$REPO/image-forge/tags/$tagname?token=$T" -H 'accept: application/json' -s
+          echo "tag $tagname is deleted"                    
+        env:
+          T: ${{ secrets.TOKEN }}
+          BR: ${{ env.BRANCH }}
+          URL: ${{ gitea.server_url }}
+          REPO: ${{ env.REPO }}
+          EV: ${{ toJson(gitea.event) }}
+  test-process:
+    needs: build-process
+    if: ${{ needs.build-process.outputs.buildres == 'success' }}
+    runs-on: alt-sisyphus
+    steps:
+      - name: Update apt
+        uses: actions/init-alt-env@v1
+      - name: Install requires
+        run: |
+          echo "apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl"
+          apt-get install -y python3-module-tomli python3-module-jinja2 podman buildah jq curl
+      - name: Check out current repo
+        uses: https://gitea.com/actions/checkout@v4
+      - name: Test
+        id: test-script
+        continue-on-error: true
+        run: |
+          $WS/.gitea/workflows/testscript $BR $ORG $URL $REPO $WS
+          cat haserr.log >> ${GITHUB_ENV}
+          echo "test process finished"
+        env:
+          BR: ${{ needs.build-process.outputs.branch }}
+          ORG: ${{ needs.build-process.outputs.org }}
+          URL: ${{ needs.build-process.outputs.url }}
+          REPO: ${{ needs.build-process.outputs.repo }}
+          WS: ${{ gitea.workspace }}
+      - name: Send notification if test crashed
+        if: ${{ env.ERR == 'true' || steps.test-script.outcome == 'failure' }}
+        run: |
+          issueid=1
+          errors=$(cat errors.log)
+          body="Testing images finish with some errors. $errors"
+          curl -X 'POST' "$URL/api/v1/repos/$REPO/image-forge/issues/$issueid/comments?token=$T" -H 'accept: application/json' -H 'Content-Type: application/json' -d "{ \"body\": \"$body\" }" -s
+          echo "notification about test error is sent to issue $issueid"
+        env:
+          T: ${{ secrets.TOKEN }}
+          BR: ${{ needs.build-process.outputs.branch }}
+          URL: ${{ gitea.server_url }}
+          REPO: ${{ needs.build-process.outputs.repo }}

README.md

@@ -28,7 +28,9 @@ If you push to the users repository, then organiztion is your username.
 
 ## Dependencies
 On x86_64 machine using p10 branch you need:
+- `podman`
 - `python3-module-tomli`
+- `python3-module-jinja2`
 - `qemu-user-static-binfmt-aarch64` to build for arm64 architecture
 - `qemu-user-static-binfmt-arm` to build for arm architecture
 - `qemu-user-static-binfmt-ppc` to build for ppc64le architecture

build.py

@@ -225,7 +225,7 @@ class DockerBuilder:
         self,
         template: str,
         organization: str,
-        install_pakages=None,
+        install_packages=None,
         **kwargs,
     ) -> str:
         if self.registry:
@@ -237,7 +237,7 @@ class DockerBuilder:
         rendered = Template(template).render(
             alt_image=alt_image,
             branch=self.branch,
-            install_pakages=install_pakages,
+            install_packages=install_packages,
             organization=organization,
             registry=registry,
             **kwargs,
@@ -247,7 +247,7 @@ class DockerBuilder:
 
     @forall_images(consume_result=True)
     def render_dockerfiles(self, **kwargs):
-        def install_pakages(*names):
+        def install_packages(*names):
             tasks = self.tasks.get(self.branch, kwargs["image"])
             linux32 = '$([ "$(rpm --eval %_host_cpu)" = i586 ] && echo linux32)'
             if tasks:
@@ -273,7 +273,7 @@ class DockerBuilder:
             rendered = self.render_template(
                 dockerfile_template.read_text(),
                 self.overwrite_organization,
-                install_pakages,
+                install_packages,
             )
             kwargs["dockerfile"].write_text(rendered + "\n")
 
@@ -639,7 +639,7 @@ class ImagesInfo:
 def parse_args():
     stages = ["build", "remove_dockerfiles", "render_dockerfiles", "push"]
     arches = ["amd64", "386", "arm64", "arm", "ppc64le"]
-    branches = ["p9", "p10", "sisyphus"]
+    branches = ["p9", "p10", "sisyphus", "c10f1", "c10f2"]
     organizations = list(ORG_DIR.iterdir())
     images = [f"{o.name}/{i.name}" for o in organizations for i in o.iterdir()]
     organizations = [o.name for o in organizations]
@@ -654,7 +654,8 @@ def parse_args():
         nargs="+",
         default=images,
         choices=images,
-        help="list of branches",
+        metavar="IMAGE_NAME",
+        help="list of images to build",
     )
     images_group.add_argument(
         "-o",
@@ -664,10 +665,18 @@ def parse_args():
         choices=organizations,
         help="build all images from these organizations",
     )
+    parser.add_argument(
+        "--skip-images",
+        nargs="+",
+        default=[],
+        choices=images,
+        metavar="IMAGE_NAME",
+        help="list of images to skip",
+    )
     parser.add_argument(
         "-r",
         "--registry",
-        default="registry.altlinux.org",
+        default="gitea.basealt.ru",
     )
     parser.add_argument(
         "--overwrite-organization",
@@ -696,27 +705,20 @@ def parse_args():
     parser.add_argument(
         "--sign",
     )
-    parser.add_argument(
-        "--skip-images",
-        nargs="+",
-        default=[],
-        choices=images,
-        help="list of skipping images",
-    )
     parser.add_argument(
         "-a",
         "--arches",
         nargs="+",
         default=arches,
         choices=arches,
-        help="list of arches",
+        help="build images for these architectures",
     )
     parser.add_argument(
         "--skip-arches",
         nargs="+",
         default=[],
         choices=arches,
-        help="list of skipping arches",
+        help="list of architectures to skip",
     )
     parser.add_argument(
         "-b",
@@ -724,28 +726,28 @@ def parse_args():
         nargs="+",
         default=branches,
         choices=branches,
-        help="list of branches",
+        help="build images for these branches",
     )
     parser.add_argument(
         "--skip-branches",
         nargs="+",
         default=[],
         choices=branches,
-        help="list of skipping branches",
+        help="list of branches to skip",
     )
     parser.add_argument(
         "--stages",
         nargs="+",
         default=stages,
         choices=stages,
-        help="list of stages",
+        help="list of stages to go through",
     )
     parser.add_argument(
         "--skip-stages",
         nargs="+",
         default=[],
         choices=stages,
-        help="list of skipping stages",
+        help="list of stages to skip",
     )
     args = parser.parse_args()
 

k8s-images.sh

@@ -0,0 +1,59 @@
+#!/usr/bin/env sh
+
+set -xeuo pipefail
+
+function print_help() {
+    cat <<EOF
+usage:
+$0 (build | push) <REGISTRY> <ORGANIZATION> <BRANCH>
+EOF
+}
+
+if [ "$#" -lt 4 ]; then
+    print_help
+    exit 1
+fi
+
+COMMAND=$1
+REGISTRY=${2:-"gitea.basealt.ru"}
+ORGANIZATION=${3:-"k8s-sisyphus"}
+BRANCH=${4:-"sisyphus"}
+
+shift 4
+
+[ "$COMMAND" == 'build' ] || [ "$COMMAND" == 'push' ] || exit 1
+
+function build() {
+    ./build.py \
+    --branches $BRANCH \
+    --latest $BRANCH \
+    --registry $REGISTRY \
+    --overwrite-organization $ORGANIZATION \
+    --images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-scheduler k8s/kube-proxy \
+    --tags tags.toml \
+    --skip-stages push \
+    "$@"
+}
+
+function push() {
+    ./build.py \
+    --branches $BRANCH \
+    --latest $BRANCH \
+    --registry $REGISTRY \
+    --overwrite-organization $ORGANIZATION \
+    --images k8s/kube-apiserver k8s/kube-controller-manager k8s/kube-scheduler k8s/kube-proxy \
+    --tags tags.toml \
+    --stages push \
+    "$@"
+}
+
+for version in 1.26.14 1.27.12 1.28.8; do
+    sed -i "s/kubernetes.*-/kubernetes${version::4}-/g" org/k8s/kube-*/*
+    sed -i "s/$BRANCH = \[ \"v.*\" \]/$BRANCH = \[ \"v$version\" \]/g" tags.toml
+
+    if [ "$COMMAND" == 'build' ]; then
+        build "$@"
+    elif [ "$COMMAND" == 'push' ]; then
+        push "$@"
+    fi
+done

org/alt/apache2/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("apache2") }}
+LABEL org.opencontainers.image.title="apache2"
+LABEL org.opencontainers.image.description="The most widely used Web server on the Internet"
+LABEL org.opencontainers.image.source="http://httpd.apache.org"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("apache2") }}
 
 EXPOSE 80
 

org/alt/apache2/test

@@ -0,0 +1 @@
+apachectl -v

org/alt/base/Dockerfile.template

@@ -2,6 +2,6 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("glibc-gconv-modules", "glibc-locales", "tzdata") }}
+{{ install_packages("glibc-gconv-modules", "glibc-locales", "tzdata") }}
 
 CMD ["bash"]

org/alt/base/test

@@ -0,0 +1 @@
+LC_ALL=ru_RU.UTF-8 TZ=/usr/share/zoneinfo/Europe/Moscow date| grep MSK

org/alt/buildpack-deps-curl/Dockerfile.template

@@ -2,9 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages(
+LABEL org.opencontainers.image.title="buildpack-deps-curl"
+LABEL org.opencontainers.image.licenses="GPLv2"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages(
     "ca-certificates",
     "curl",
     "gnupg",
     "wget"
-) }}
+) }}

org/alt/buildpack-deps-curl/test

@@ -0,0 +1 @@
+curl --version && gpg --version

org/alt/buildpack-deps-scm/Dockerfile.template

@@ -2,8 +2,11 @@ FROM {{ registry }}{{ organization }}/buildpack-deps-curl:{{ branch }}
 
 MAINTAINER alt-cloud
 
+LABEL org.opencontainers.image.title="buildpack-deps-scm"
+LABEL org.opencontainers.image.licenses="GPLv2"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
 
-{{ install_pakages(
+{{ install_packages(
     "git",
     "mercurial",
     "openssh-clients",

org/alt/buildpack-deps-scm/test

@@ -0,0 +1 @@
+git --version && hg --version

org/alt/buildpack-deps/Dockerfile.template

@@ -2,7 +2,11 @@ FROM {{ registry }}{{ organization }}/buildpack-deps-scm:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages(
+LABEL org.opencontainers.image.title="buildpack-deps"
+LABEL org.opencontainers.image.licenses="GPLv2"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages(
     "ImageMagick",
     "autoconf",
     "automake",

org/alt/buildpack-deps/test

@@ -0,0 +1 @@
+gcc --version && make --version

org/alt/devel/Dockerfile.template

@@ -2,28 +2,33 @@ FROM {{ registry }}{{ organization }}/base:{{ branch }}
 
 MAINTAINER alt-cloud
 
+LABEL org.opencontainers.image.title="devel"
+LABEL org.opencontainers.image.description="This image is only for devel or testing purposes"
+LABEL org.opencontainers.image.licenses="GPLv2"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
 # install editor
-{{ install_pakages("vim-console") }}
+{{ install_packages("vim-console") }}
 
 # install debugging tools
-{{ install_pakages("strace", "gdb") }}
+{{ install_packages("strace", "gdb") }}
 
 # install document viewers
-{{ install_pakages("man") }}
+{{ install_packages("man") }}
 
 # install version control system
-{{ install_pakages("git-core", "perl-Git") }}
+{{ install_packages("git-core", "perl-Git") }}
 
 # install network utils
-{{ install_pakages("iproute2", "iputils", "wget", "curl") }}
+{{ install_packages("iproute2", "iputils", "wget", "curl") }}
 
 # install file utils
-{{ install_pakages("lsof", "ripgrep") }}
+{{ install_packages("lsof", "ripgrep") }}
 
 # install shell and completions
-{{ install_pakages("zsh", "zsh-completions") }}
+{{ install_packages("zsh", "zsh-completions") }}
 
 # install compilation utils
-{{ install_pakages("make", "gcc", "gcc-c++") }}
+{{ install_packages("make", "gcc", "gcc-c++") }}
 
 CMD ["zsh"]

org/alt/devel/test

@@ -0,0 +1 @@
+man --version && ip -V && vim --version | grep vim

org/alt/distroless-builder/Dockerfile.template

@@ -2,9 +2,14 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
+LABEL org.opencontainers.image.title="distroless-builder"
+LABEL org.opencontainers.image.description="This images is using to build tarball for distroless images"
+LABEL org.opencontainers.image.licenses="GPLv2"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
 RUN echo %_excludedocs 1 >> /etc/rpm/macros
 RUN rpm -qalds | awk '/^normal/{print $2}' | xargs rm -rf
-{{ install_pakages("python3", "glibc-utils", "apt-repo") }}
+{{ install_packages("python3", "glibc-utils", "apt-repo") }}
 WORKDIR /usr/src/distroless
 RUN mkdir file-lists
 RUN useradd -m nonroot

org/alt/distroless-builder/test

@@ -0,0 +1 @@
+apt-repo --version

org/alt/distroless-devel/test

@@ -0,0 +1 @@
+ss -V

org/alt/etcd/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("etcd") }}
+LABEL org.opencontainers.image.title="etcd"
+LABEL org.opencontainers.image.description="Distributed reliable key-value store for the most critical data of a distributed system"
+LABEL org.opencontainers.image.source="https://github.com/etcd-io/etcd"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("etcd") }}
 
 VOLUME /data
 

org/alt/etcd/test

@@ -0,0 +1 @@
+etcdctl version

org/alt/gitea/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("gitea", "openssh-server", "gosu") }}
+LABEL org.opencontainers.image.title="gitea"
+LABEL org.opencontainers.image.description="Git with a cup of tea, painless self-hosted git service"
+LABEL org.opencontainers.image.source="https://github.com/go-gitea/gitea"
+LABEL org.opencontainers.image.licenses="MIT"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("gitea", "openssh-server", "gosu") }}
 
 ENV USER gitea
 ENV HOME /var/lib/gitea

org/alt/gitea/test

@@ -0,0 +1 @@
+gitea --version

org/alt/nginx/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("nginx", "apache2-html", "tzdata") }}
+LABEL org.opencontainers.image.title="nginx"
+LABEL org.opencontainers.image.description="Fast HTTP server, extremely useful as an Apache frontend"
+LABEL org.opencontainers.image.source="https://nginx.org/"
+LABEL org.opencontainers.image.licenses="BSD"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("nginx", "apache2-html", "tzdata") }}
 
 RUN cd /etc/nginx/sites-enabled.d && ln -s ../sites-available.d/default.conf .
 

org/alt/nginx/test

@@ -0,0 +1 @@
+nginx -v

org/alt/node/Dockerfile.template

@@ -2,10 +2,16 @@ FROM {{ registry }}{{ organization }}/buildpack-deps:{{ branch }}
 
 MAINTAINER alt-cloud
 
+LABEL org.opencontainers.image.title="node"
+LABEL org.opencontainers.image.description="Evented I/O for V8 Javascript"
+LABEL org.opencontainers.image.source="https://github.com/nodejs/node"
+LABEL org.opencontainers.image.licenses="MIT"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
 RUN groupadd --gid 1000 node \
     && useradd --uid 1000 --gid node --shell /bin/bash --create-home node
 
-{{ install_pakages(
+{{ install_packages(
     "node",
     "npm",
     "yarn"

org/alt/node/test

@@ -0,0 +1 @@
+node -v

org/alt/prometheus/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("prometheus") }}
+LABEL org.opencontainers.image.title="prometheus"
+LABEL org.opencontainers.image.description="Prometheus monitoring system and time series database"
+LABEL org.opencontainers.image.source="https://github.com/prometheus/prometheus"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("prometheus") }}
 
 WORKDIR /var/lib/prometheus
 USER prometheus

org/alt/prometheus/test

@@ -0,0 +1 @@
+prometheus --version

org/alt/python/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ organization }}/base:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages(
+LABEL org.opencontainers.image.title="python"
+LABEL org.opencontainers.image.description="Python 3 and tools needed for development"
+LABEL org.opencontainers.image.source="https://github.com/python/cpython"
+LABEL org.opencontainers.image.licenses="Python"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages(
     "python3-module-pip",
     "python3-module-setuptools",
     "python3-dev",

org/alt/python/test

@@ -0,0 +1 @@
+python3 --version

org/alt/registry/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("docker-registry") }}
+LABEL org.opencontainers.image.title="registry"
+LABEL org.opencontainers.image.description="The Docker toolset to pack, ship, store, and deliver content"
+LABEL org.opencontainers.image.source="https://github.com/docker/distribution"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("docker-registry") }}
 
 RUN ln -sf /usr/bin/docker-registry /bin/registry
 

org/alt/registry/test

@@ -0,0 +1 @@
+registry --version

org/alt/ruby/Dockerfile.template

@@ -2,6 +2,12 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("irb") }}
+LABEL org.opencontainers.image.title="ruby"
+LABEL org.opencontainers.image.description="Interactive Ruby Shell"
+LABEL org.opencontainers.image.source="https://github.com/ruby/ruby"
+LABEL org.opencontainers.image.licenses="BSD-2-Clause or Ruby"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("irb") }}
 
 CMD ["irb"]

org/alt/ruby/test

@@ -0,0 +1 @@
+ruby --version

org/alt/systemd/Dockerfile.template

@@ -2,9 +2,15 @@ FROM {{ registry }}{{ organization }}/base:{{ branch }}
 
 MAINTAINER alt-cloud
 
+LABEL org.opencontainers.image.title="systemd"
+LABEL org.opencontainers.image.description="Systemd System V init tools"
+LABEL org.opencontainers.image.source="https://github.com/systemd/systemd"
+LABEL org.opencontainers.image.licenses="LGPLv2.1+"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
 ENV container docker
 
-{{ install_pakages("systemd-sysvinit") }}
+{{ install_packages("systemd-sysvinit") }}
 
 RUN ( \
         cd /lib/systemd/system/sysinit.target.wants/; \

org/alt/systemd/test

@@ -0,0 +1 @@
+ls -la /sbin/init | grep systemd

org/alt/unit/Dockerfile.template

@@ -2,6 +2,12 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
+LABEL org.opencontainers.image.title="unit"
+LABEL org.opencontainers.image.description="NGINX Unit is a lightweight and versatile web-server"
+LABEL org.opencontainers.image.source="https://github.com/nginx/unit"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
 RUN apt-get update && \
     apt-get install -y unit curl tzdata; \
     rm -f /var/cache/apt/archives/*.rpm \

org/alt/unit/test

@@ -0,0 +1 @@
+unitd --version

org/alt/zot/Dockerfile.template

@@ -0,0 +1,19 @@
+FROM {{ registry }}{{ alt_image }}:{{ branch }}
+
+MAINTAINER alt-cloud
+
+LABEL org.opencontainers.image.title="zot"
+LABEL org.opencontainers.image.description="A production-ready vendor-neutral OCI-native container image registry (purely based on OCI Distribution Specification)"
+LABEL org.opencontainers.image.source="https://github.com/project-zot/zot"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("zot") }}
+
+USER _zot:_zot
+
+VOLUME ["/var/lib/zot"]
+EXPOSE 5000
+
+ENTRYPOINT ["/usr/bin/zot"]
+CMD ["serve", "/etc/zot/config.json"]

org/alt/zot/test

@@ -0,0 +1 @@
+zot verify /etc/zot/config.json

org/k8s/cert-manager-cainjector/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("cert-manager") }}
+LABEL org.opencontainers.image.title="cert-manager-cainjector"
+LABEL org.opencontainers.image.description="Cainjector component for automatic provisioning and managing TLS certificates in Kubernetes"
+LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("cert-manager") }}
 
 RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-manger cert-manger
 

org/k8s/cert-manager-cainjector/test

@@ -0,0 +1 @@
+cainjector --help

org/k8s/cert-manager-controller/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("cert-manager") }}
+LABEL org.opencontainers.image.title="cert-manager-controller"
+LABEL org.opencontainers.image.description="Controller component for automatic provisioning and managing TLS certificates in Kubernetes"
+LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("cert-manager") }}
 
 RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-manger cert-manger
 

org/k8s/cert-manager-controller/test

@@ -0,0 +1 @@
+controller --help

org/k8s/cert-manager-webhook/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("cert-manager") }}
+LABEL org.opencontainers.image.title="cert-manager-webhook"
+LABEL org.opencontainers.image.description="Webhook component for automatic provisioning and managing TLS certificates in Kubernetes"
+LABEL org.opencontainers.image.source="https://github.com/cert-manager/cert-manager"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("cert-manager") }}
 
 RUN groupadd -r -g 1000 cert-manger && useradd --no-log-init -r -u 1000 -g cert-manger cert-manger
 

org/k8s/cert-manager-webhook/test

@@ -0,0 +1 @@
+webhook --help

org/k8s/coredns/Dockerfile.template

@@ -2,6 +2,12 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("coredns") }}
+LABEL org.opencontainers.image.title="coredns"
+LABEL org.opencontainers.image.description="CoreDNS is a DNS server that chains plugins"
+LABEL org.opencontainers.image.source="https://github.com/coredns/coredns"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("coredns") }}
 
 ENTRYPOINT ["/usr/bin/coredns"]

org/k8s/coredns/test

@@ -0,0 +1 @@
+coredns --version

org/k8s/etcd/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("etcd") }}
+LABEL org.opencontainers.image.title="etcd"
+LABEL org.opencontainers.image.description="Distributed reliable key-value store for the most critical data of a distributed system"
+LABEL org.opencontainers.image.source="https://github.com/etcd-io/etcd"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("etcd") }}
 
 VOLUME /data
 

org/k8s/etcd/test

@@ -0,0 +1 @@
+etcd --version

org/k8s/flannel-cni-plugin/Dockerfile.template

@@ -2,6 +2,12 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("cni-plugin-flannel") }}
+LABEL org.opencontainers.image.title="flannel-cni-plugin"
+LABEL org.opencontainers.image.description="CNI network plugin that is powered by flannel"
+LABEL org.opencontainers.image.source="https://github.com/flannel-io/cni-plugin"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("cni-plugin-flannel") }}
 
 RUN cp /usr/libexec/cni/flannel /flannel

org/k8s/flannel/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages(
+LABEL org.opencontainers.image.title="flannel"
+LABEL org.opencontainers.image.description="Network fabric for containers"
+LABEL org.opencontainers.image.source="https://github.com/flannel-io/flannel"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages(
     "iproute2",
     "net-tools",
     "ca-certificates",

org/k8s/flannel/test

@@ -0,0 +1 @@
+flanneld --version

org/k8s/kube-apiserver/Dockerfile.template

@@ -2,6 +2,12 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("kubernetes-master") }}
+LABEL org.opencontainers.image.title="kube-apiserver"
+LABEL org.opencontainers.image.description="The Kubernetes API server validates and configures data for the api objects which include pods, services, replicationcontrollers, and others."
+LABEL org.opencontainers.image.source="https://github.com/kubernetes/kubernetes"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("kubernetes-master") }}
 
 ENTRYPOINT ["/usr/bin/kube-apiserver"]

org/k8s/kube-apiserver/test

@@ -0,0 +1 @@
+kube-apiserver --version

org/k8s/kube-controller-manager/Dockerfile.template

@@ -2,6 +2,12 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("kubernetes-master") }}
+LABEL org.opencontainers.image.title="kube-controller-manager"
+LABEL org.opencontainers.image.description="The Kubernetes controller manager is a daemon that embeds the core control loops shipped with Kubernetes."
+LABEL org.opencontainers.image.source="https://github.com/kubernetes/kubernetes"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("kubernetes-master") }}
 
 ENTRYPOINT ["/usr/bin/kube-controller-manager"]

org/k8s/kube-controller-manager/test

@@ -0,0 +1 @@
+kube-controller-manager --version

org/k8s/kube-proxy/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("kubernetes-node") }}
+LABEL org.opencontainers.image.title="kube-proxy"
+LABEL org.opencontainers.image.description="The Kubernetes network proxy runs on each node."
+LABEL org.opencontainers.image.source="https://github.com/kubernetes/kubernetes"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("kubernetes-node") }}
 
 RUN ln -s /usr/bin/kube-proxy /usr/local/bin/kube-proxy
 

org/k8s/kube-proxy/test

@@ -0,0 +1 @@
+kube-proxy --version

org/k8s/kube-scheduler/Dockerfile.template

@@ -2,6 +2,12 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages("kubernetes-master") }}
+LABEL org.opencontainers.image.title="kube-scheduler"
+LABEL org.opencontainers.image.description="The Kubernetes scheduler is a control plane process which assigns Pods to Nodes."
+LABEL org.opencontainers.image.source="https://github.com/kubernetes/kubernetes"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages("kubernetes-master") }}
 
 ENTRYPOINT ["/usr/bin/kube-scheduler"]

org/k8s/kube-scheduler/test

@@ -0,0 +1 @@
+kube-scheduler --version

org/k8s/pause/Dockerfile.template

@@ -1,6 +1,6 @@
 FROM {{ registry }}{{ alt_image }}:{{ branch }} as installer
 
-{{ install_pakages("kubernetes-pause") }}
+{{ install_packages("kubernetes-pause") }}
 
 FROM scratch
 

org/k8s/trivy-node-collector/Dockerfile.template

@@ -2,7 +2,13 @@ FROM {{ registry }}{{ alt_image }}:{{ branch }}
 
 MAINTAINER alt-cloud
 
-{{ install_pakages(
+LABEL org.opencontainers.image.title="trivy-node-collector"
+LABEL org.opencontainers.image.description="Open source collector who collect Node information (fs and process data) and output in a table/json format"
+LABEL org.opencontainers.image.source="https://github.com/aquasecurity/k8s-node-collector"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+{{ install_packages(
     "k8s-trivy-node-collector"
 ) }}
 

org/k8s/trivy-node-collector/test

@@ -0,0 +1 @@
+node-collector --help

tags.toml

@@ -1,47 +1,77 @@
 ["k8s/kube-apiserver"]
-p10 = [ "v1.26.9" ]
-sisyphus = [ "v1.26.9" ]
+p10 = [ "v1.28.9" ]
+sisyphus = [ "v1.28.9" ]
+c10f1 = [ "v1.26.15" ]
+c10f2 = [ "v1.26.15" ]
 
 ["k8s/kube-controller-manager"]
-p10 = [ "v1.26.9" ]
-sisyphus = [ "v1.26.9" ]
+p10 = [ "v1.28.9" ]
+sisyphus = [ "v1.28.9" ]
+c10f1 = [ "v1.26.15" ]
+c10f2 = [ "v1.26.15" ]
 
 ["k8s/kube-scheduler"]
-p10 = [ "v1.26.9" ]
-sisyphus = [ "v1.26.9" ]
+p10 = [ "v1.28.9" ]
+sisyphus = [ "v1.28.9" ]
+c10f1 = [ "v1.26.15" ]
+c10f2 = [ "v1.26.15" ]
 
 ["k8s/kube-proxy"]
-p10 = [ "v1.26.9" ]
-sisyphus = [ "v1.26.9" ]
+p10 = [ "v1.28.9" ]
+sisyphus = [ "v1.28.9" ]
+c10f1 = [ "v1.26.15" ]
+c10f2 = [ "v1.26.15" ]
 
 ["k8s/pause"]
 p10 = [ "3.9" ]
 sisyphus = [ "3.9" ]
+c10f1 = [ "3.9" ]
+c10f2 = [ "3.9" ]
 
 ["k8s/etcd"]
-p10 = [ "3.5.6-0" ]
-sisyphus = [ "3.5.6-0" ]
+p10 = [ "3.5.12-0" ]
+sisyphus = [ "3.5.12-0" ]
+c10f1 = [ "3.5.9-0" ]
+c10f2 = [ "3.5.9-0" ]
 
 ["k8s/coredns"]
-p10 = [ "v1.9.3" ]
-sisyphus = [ "v1.9.3" ]
+p10 = [ "v1.10.1" ]
+sisyphus = [ "v1.10.1" ]
+c10f1 = [ "v1.9.3" ]
+c10f2 = [ "v1.9.3" ] 
 
 ["k8s/cert-manager-cainjector"]
 p10 = [ "v1.9.1" ]
 sisyphus = [ "v1.11.0" ]
+c10f1 = [ "v1.9.1" ]
+c10f2 = [ "v1.9.1" ]
 
 ["k8s/cert-manager-controller"]
 p10 = [ "v1.9.1" ]
 sisyphus = [ "v1.11.0" ]
+c10f1 = [ "v1.9.1" ]
+c10f2 = [ "v1.9.1" ]
 
 ["k8s/cert-manager-webhook"]
 p10 = [ "v1.9.1" ]
 sisyphus = [ "v1.11.0" ]
+c10f1 = [ "v1.9.1" ]
+c10f2 = [ "v1.9.1" ]
 
 ["k8s/flannel"]
 p10 = [ "v0.21.4" ]
-sisyphus = [ "v0.22.3" ]
+sisyphus = [ "v0.24.2" ]
+c10f1 = [ "v0.21.4" ]
+c10f2 = [ "v0.21.4" ]
 
 ["k8s/flannel-cni-plugin"]
 p10 = [ "v1.1.2" ]
 sisyphus = [ "v1.2.0" ]
+c10f1 = [ "v1.1.2" ]
+c10f2 = [ "v1.1.2" ]
+
+["k8s/trivy-node-collector"]
+p10 = [ "0.0.9" ]
+sisyphus = [ "0.0.9" ]
+c10f1 = [ "0.0.9" ]
+c10f2 = [ "0.0.9" ]