Release v1.4.0: Add JupyterHub user server image

.github/workflows/build.yaml

@@ -0,0 +1,69 @@
+---
+name: Build images
+
+on:
+  push:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      actions: write
+      checks: read
+      contents: write
+      packages: write
+      security-events: write
+    strategy:
+      matrix:
+        directories:
+          - "docker/backup-tools"
+          - "docker/caddy"
+          - "docker/certbot"
+          - "docker/debug"
+          - "docker/ghub"
+          - "docker/glab"
+          - "docker/gradle"
+          - "docker/jupyterhub"
+          - "docker/python"
+          - "docker/vault"
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU (for Docker buildx)
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Install Trivy
+        run: |
+          # Install Trivy
+          sudo apt-get install wget apt-transport-https gnupg lsb-release
+          sudo wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
+          sudo echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
+          sudo apt-get update
+          sudo apt-get install trivy
+
+      - name: Build and Push Docker images
+        run: |
+          # Build and push Docker images to GitHub Container Registry
+          echo ${{ github.token }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+          image_name=$(pwd | awk -F / '{print $NF}')
+          image_tag=$(cat Dockerfile | grep -i 'ARG IMAGE_VERSION='| awk -F = '{print $2}')
+          # Build multi-arch image with specific tags
+          docker buildx build \
+            --platform linux/amd64,linux/arm64 \
+            --build-arg="PROJECT_NAME=${{ github.event.repository.name }}" \
+            -t ghcr.io/${{ github.repository }}/${image_name}:${image_tag} \
+            . --push
+          # Add latest tag to the image
+          docker buildx imagetools create \
+            ghcr.io/${{ github.repository }}/${image_name}:${image_tag} \
+            --tag ghcr.io/${{ github.repository }}/${image_name}:latest
+          # Scan Docker images with Trivy
+          trivy image --exit-code 0 --severity HIGH,CRITICAL ghcr.io/${{ github.repository }}/${image_name}:${image_tag} -f sarif -o trivy-results-${image_name}-${image_tag}.sarif
+          # Upload Trivy scan results
+          curl -L -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/repos/${{ github.repository }}/code-scanning/sarifs -d "{\"commit_sha\":\"${{ github.sha }}\",\"ref\":\"${{ github.ref }}\",\"sarif\":\"$(gzip -c trivy-results-${image_name}-${image_tag}.sarif | base64 -w 0)\"}"
+        working-directory: ${{ matrix.directories }}

.github/workflows/pr.yaml

@@ -11,6 +11,4 @@ on:
 
 jobs:
   pr:
-    uses: obervinov/_templates/.github/workflows/[email protected]
-  images:
-    uses: obervinov/_templates/.github/workflows/[email protected]
+    uses: obervinov/_templates/.github/workflows/[email protected]

.github/workflows/release.yaml

@@ -10,6 +10,4 @@ on:
 
 jobs:
   release:
-    uses: obervinov/_templates/.github/workflows/[email protected]
-  images:
-    uses: obervinov/_templates/.github/workflows/[email protected]
+    uses: obervinov/_templates/.github/workflows/[email protected]

CHANGELOG.md

@@ -3,6 +3,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/).
 
 
+## v1.4.0 - 2025-02-11
+### What's Changed
+**Full Changelog**: https://github.com/obervinov/images/compare/v1.3.0...v1.4.0 by @obervinov in https://github.com/obervinov/images/pull/28
+#### 🚀 Features
+* Add custom JupyterHub image for user servers
+* Bump workflow version to `2.1.1`
+* Migration images Actions to matrix strategy in the local workflow
+
+
 ## v1.3.0 - 2025-01-29
 ### What's Changed
 **Full Changelog**: https://github.com/obervinov/images/compare/v1.2.0...v1.3.0 by @obervinov in https://github.com/obervinov/images/pull/25

README.md

@@ -24,6 +24,7 @@ This repository contains Dockerfiles for building Docker images.
 | python        | Docker image for Python development.                | [README](docker/python/README.md)       | [Manifest](docker/python/Dockerfile)       |
 | vault         | Docker image for HashiCorp Vault.                   | [README](docker/vault/README.md)        | [Manifest](docker/vault/Dockerfile)        |
 | backup-tools  | Docker image for backup tools.                      | [README](docker/backup-tools/README.md) | [Manifest](docker/backup-tools/Dockerfile) |
+| jupyterhub    | Docker image for JupyterHub user servers.           | [README](docker/jupyterhub/README.md)   | [Manifest](docker/jupyterhub/Dockerfile)   |
 
 Each directory under `docker/` corresponds to a specific Docker image. Navigate to each directory to view the respective Dockerfile and README for further instructions.
 
@@ -34,4 +35,4 @@ This project is licensed under the [MIT License](LICENSE).
 ## <img src="https://github.com/obervinov/_templates/blob/v1.0.5/icons/github-actions.png" width="25" title="github-actions"> GitHub Actions
 | Name  | Version |
 | ------------------------ | ----------- |
-| GitHub Actions Templates | [v2.0.2](https://github.com/obervinov/_templates/tree/v2.0.2) |
+| GitHub Actions Templates | [v2.1.1](https://github.com/obervinov/_templates/tree/v2.1.1) |

docker/jupyterhub/Dockerfile

@@ -0,0 +1,48 @@
+FROM quay.io/jupyterhub/k8s-singleuser-sample:4.1.0
+
+ARG IMAGE_VERSION=1.0.0
+
+LABEL org.opencontainers.image.description "This image contains utilities for automating work with gitlab"
+LABEL org.opencontainers.image.url https://github.com/obervinov/images/docker/jupyterhub
+LABEL org.opencontainers.image.documentation https://github.com/obervinov/images/docker/jupyterhub/README.md
+LABEL org.opencontainers.image.authors https://github.com/obervinov
+LABEL org.opencontainers.image.source https://github.com/obervinov/images
+LABEL org.opencontainers.image.version ${IMAGE_VERSION}
+
+ENV DEBIAN_FRONTEND noninteractive
+ENV LC_ALL C.UTF-8
+ENV PIP_NO_CACHE_DIR=off
+ENV PIP_DISABLE_PIP_VERSION_CHECK=on
+ENV POETRY_VIRTUALENVS_IN_PROJECT=true
+ENV POETRY_NO_INTERACTION=1
+ENV PYTHONUNBUFFERED=1
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV VENV_PATH=/home/jupyterhub/app/.venv
+ENV PATH=/home/jupyterhub/.local/bin:$VENV_PATH/bin:$PATH
+
+USER root
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --no-install-recommends \
+        git \
+        curl \
+        software-properties-common \
+        build-essential \
+        libssl-dev \
+        zlib1g-dev \
+        libbz2-dev \
+        libreadline-dev \
+        libsqlite3-dev \
+        wget \
+        llvm \
+        libncurses5-dev \
+        libncursesw5-dev \
+        xz-utils \
+        tk-dev \
+        libffi-dev \
+        liblzma-dev \
+        && \
+    apt-get clean && rm -rf /var/lib/apt/lists/* && \
+    pip3 install --upgrade pip setuptools wheel
+
+USER jovyan
+ENV PYTHONPATH=/home/jovyan:/home/jovyan/.venv/lib/python3.12/site-packages

docker/jupyterhub/README.md

@@ -0,0 +1,12 @@
+# JupyterHub User Server Image
+
+This Docker image provides python environment for JupyterHub user servers.
+
+## Additional Information
+
+- **Description**: This image contains utilities for automating work with GitHub self-hosted runners.
+- **Documentation**: [GitHub Repository](https://github.com/obervinov/images/docker/jupyterhub/README.md)
+- **Author**: [obervinov](https://github.com/obervinov)
+- **Source Code**: [GitHub Repository](https://github.com/obervinov/images/docker/jupyterhub/Dockerfile)
+
+Feel free to customize this image according to your specific requirements and environment. If you encounter any issues or have suggestions for improvements, please don't hesitate to contribute to the GitHub repository.