Refactor to allow multiple image builds (#85)

* Refactor to allow multiple image builds * Don't build fedora-example * Change fedora-sample to fedora-example * Add `steps:` back Add `workflow_dispatch` for manually triggering builds Remove obselete `--disable-content-trust` argument from Push to GHCR action Enable `oci:` in buildah action
ublue-os · Dec 25, 2024 · c9f566d · c9f566d
1 parent fda2393
commit c9f566d
Show file tree

Hide file tree

Showing 5 changed files with 38 additions and 16 deletions.
diff --git a/.github/workflows/build-boxkit.yml b/.github/workflows/build-boxkit.yml
@@ -1,5 +1,6 @@
 name: build-boxkit
 on:
+  workflow_dispatch: # allow manually triggering builds
   pull_request:
     branches:
       - main
@@ -8,10 +9,9 @@ on:
   push:
     branches:
       - main
-    paths-ignore:
-      - '**/README.md'
+    paths-ignore: # don't rebuild on documentation change
+      - '**.md'
 env:
-    IMAGE_NAME: boxkit
     IMAGE_TAGS: latest
     IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
 
@@ -25,18 +25,22 @@ jobs:
       id-token: write
     strategy:
       fail-fast: false
-    steps: 
+      matrix:
+        containerfile: 
+          - boxkit
+          #- fedora-example # <<- Included as an example to demonstrate multi-image builds, uncomment to build
+    steps:
       # Checkout push-to-registry action GitHub repository
       - name: Checkout Push to Registry action
         uses: actions/checkout@v4
-        
+
       # Build metadata
       - name: Image Metadata
         uses: docker/metadata-action@v5
         id: meta
         with:
           images: |
-            ${{ env.IMAGE_NAME }}
+            ${{ matrix.containerfile }}
           labels: |
             io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/boxkit/main/README.md
 
@@ -46,11 +50,11 @@ jobs:
         uses: redhat-actions/buildah-build@v2
         with:
           containerfiles: |
-            ./Containerfile
-          image: ${{ env.IMAGE_NAME }}
+            ./ContainerFiles/${{ matrix.containerfile }}
+          image: ${{ matrix.containerfile }}
           tags: ${{ env.IMAGE_TAGS }}
           labels: ${{ steps.meta.outputs.labels }}
-          oci: false
+          oci: true
 
       # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR.
       # https://github.com/macbre/push-to-ghcr/issues/12
@@ -73,8 +77,6 @@ jobs:
           registry: ${{ steps.registry_case.outputs.lowercase }}
           username: ${{ env.REGISTRY_USER }}
           password: ${{ env.REGISTRY_PASSWORD }}
-          extra-args: |
-            --disable-content-trust
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
@@ -84,12 +86,13 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       # Sign container
-      - uses: sigstore/[email protected]
+      - name: Install cosign
+        uses: sigstore/[email protected]
 
       - name: Sign container image
         if: github.event_name != 'pull_request'
         run: |
-          cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS}
+          cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ matrix.containerfile }}@${TAGS}
         env:
           TAGS: ${{ steps.push.outputs.digest }}
           COSIGN_EXPERIMENTAL: false

diff --git a/Containerfile → ContainerFiles/boxkit b/Containerfile → ContainerFiles/boxkit
@@ -5,11 +5,11 @@ LABEL com.github.containers.toolbox="true" \
       summary="A cloud-native terminal experience" \
       maintainer="[email protected]"
 
-COPY extra-packages /
+COPY ../packages/boxkit-packages /
 RUN apk update && \
     apk upgrade && \
-    grep -v '^#' /extra-packages | xargs apk add
-RUN rm /extra-packages
+    grep -v '^#' /boxkit-packages | xargs apk add
+RUN rm /boxkit-packages
 
 RUN   ln -fs /bin/sh /usr/bin/sh && \
       ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/docker && \

diff --git a/ContainerFiles/fedora-example b/ContainerFiles/fedora-example
@@ -0,0 +1,18 @@
+FROM quay.io/fedora/fedora-toolbox:latest
+
+LABEL com.github.containers.toolbox="true" \
+      usage="This image is meant to be used with the toolbox or distrobox command" \
+      summary="An example ContainerFile to demonstrate multiple image builds." \
+      maintainer="[email protected]"
+
+COPY ../packages/fedora-example-packages /
+RUN dnf update -y && \
+    grep -v '^#' /fedora-example-packages | xargs dnf install -y
+RUN rm /fedora-example-packages
+
+RUN   ln -fs /bin/sh /usr/bin/sh && \
+      ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/docker && \
+      ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/flatpak && \ 
+      ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/podman && \
+      ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/rpm-ostree && \
+      ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/transactional-update
diff --git a/extra-packages → packages/boxkit-packages b/extra-packages → packages/boxkit-packages
diff --git a/packages/fedora-example-packages b/packages/fedora-example-packages
@@ -0,0 +1 @@
+helix