From c9f566d5105a0a6130e40e1f593a405f13144e97 Mon Sep 17 00:00:00 2001 From: Faeiz Mahrus <167124477+faeizmahrus@users.noreply.github.com> Date: Wed, 25 Dec 2024 22:55:30 +0600 Subject: [PATCH] Refactor to allow multiple image builds (#85) * Refactor to allow multiple image builds * Don't build fedora-example * Change fedora-sample to fedora-example * Add `steps:` back Add `workflow_dispatch` for manually triggering builds Remove obselete `--disable-content-trust` argument from Push to GHCR action Enable `oci:` in buildah action --- .github/workflows/build-boxkit.yml | 29 ++++++++++++---------- Containerfile => ContainerFiles/boxkit | 6 ++--- ContainerFiles/fedora-example | 18 ++++++++++++++ extra-packages => packages/boxkit-packages | 0 packages/fedora-example-packages | 1 + 5 files changed, 38 insertions(+), 16 deletions(-) rename Containerfile => ContainerFiles/boxkit (86%) create mode 100644 ContainerFiles/fedora-example rename extra-packages => packages/boxkit-packages (100%) create mode 100644 packages/fedora-example-packages diff --git a/.github/workflows/build-boxkit.yml b/.github/workflows/build-boxkit.yml index 59dd18f..7f8b072 100644 --- a/.github/workflows/build-boxkit.yml +++ b/.github/workflows/build-boxkit.yml @@ -1,5 +1,6 @@ name: build-boxkit on: + workflow_dispatch: # allow manually triggering builds pull_request: branches: - main @@ -8,10 +9,9 @@ on: push: branches: - main - paths-ignore: - - '**/README.md' + paths-ignore: # don't rebuild on documentation change + - '**.md' env: - IMAGE_NAME: boxkit IMAGE_TAGS: latest IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }} @@ -25,18 +25,22 @@ jobs: id-token: write strategy: fail-fast: false - steps: + matrix: + containerfile: + - boxkit + #- fedora-example # <<- Included as an example to demonstrate multi-image builds, uncomment to build + steps: # Checkout push-to-registry action GitHub repository - name: Checkout Push to Registry action uses: actions/checkout@v4 - + # Build metadata - name: Image Metadata uses: docker/metadata-action@v5 id: meta with: images: | - ${{ env.IMAGE_NAME }} + ${{ matrix.containerfile }} labels: | io.artifacthub.package.readme-url=https://raw.githubusercontent.com/ublue-os/boxkit/main/README.md @@ -46,11 +50,11 @@ jobs: uses: redhat-actions/buildah-build@v2 with: containerfiles: | - ./Containerfile - image: ${{ env.IMAGE_NAME }} + ./ContainerFiles/${{ matrix.containerfile }} + image: ${{ matrix.containerfile }} tags: ${{ env.IMAGE_TAGS }} labels: ${{ steps.meta.outputs.labels }} - oci: false + oci: true # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR. # https://github.com/macbre/push-to-ghcr/issues/12 @@ -73,8 +77,6 @@ jobs: registry: ${{ steps.registry_case.outputs.lowercase }} username: ${{ env.REGISTRY_USER }} password: ${{ env.REGISTRY_PASSWORD }} - extra-args: | - --disable-content-trust - name: Login to GitHub Container Registry uses: docker/login-action@v3 @@ -84,12 +86,13 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} # Sign container - - uses: sigstore/cosign-installer@v3.7.0 + - name: Install cosign + uses: sigstore/cosign-installer@v3.7.0 - name: Sign container image if: github.event_name != 'pull_request' run: | - cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS} + cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ matrix.containerfile }}@${TAGS} env: TAGS: ${{ steps.push.outputs.digest }} COSIGN_EXPERIMENTAL: false diff --git a/Containerfile b/ContainerFiles/boxkit similarity index 86% rename from Containerfile rename to ContainerFiles/boxkit index a25c67e..2116ebe 100644 --- a/Containerfile +++ b/ContainerFiles/boxkit @@ -5,11 +5,11 @@ LABEL com.github.containers.toolbox="true" \ summary="A cloud-native terminal experience" \ maintainer="jorge.castro@gmail.com" -COPY extra-packages / +COPY ../packages/boxkit-packages / RUN apk update && \ apk upgrade && \ - grep -v '^#' /extra-packages | xargs apk add -RUN rm /extra-packages + grep -v '^#' /boxkit-packages | xargs apk add +RUN rm /boxkit-packages RUN ln -fs /bin/sh /usr/bin/sh && \ ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/docker && \ diff --git a/ContainerFiles/fedora-example b/ContainerFiles/fedora-example new file mode 100644 index 0000000..f5edc95 --- /dev/null +++ b/ContainerFiles/fedora-example @@ -0,0 +1,18 @@ +FROM quay.io/fedora/fedora-toolbox:latest + +LABEL com.github.containers.toolbox="true" \ + usage="This image is meant to be used with the toolbox or distrobox command" \ + summary="An example ContainerFile to demonstrate multiple image builds." \ + maintainer="faeizmahrus@outlook.com" + +COPY ../packages/fedora-example-packages / +RUN dnf update -y && \ + grep -v '^#' /fedora-example-packages | xargs dnf install -y +RUN rm /fedora-example-packages + +RUN ln -fs /bin/sh /usr/bin/sh && \ + ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/docker && \ + ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/flatpak && \ + ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/podman && \ + ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/rpm-ostree && \ + ln -fs /usr/bin/distrobox-host-exec /usr/local/bin/transactional-update \ No newline at end of file diff --git a/extra-packages b/packages/boxkit-packages similarity index 100% rename from extra-packages rename to packages/boxkit-packages diff --git a/packages/fedora-example-packages b/packages/fedora-example-packages new file mode 100644 index 0000000..00af54c --- /dev/null +++ b/packages/fedora-example-packages @@ -0,0 +1 @@ +helix \ No newline at end of file