feat: Bump fedora version and some packages

dusansimic · May 25, 2024 · e791f39 · e791f39
1 parent 01a9151
commit e791f39
Show file tree

Hide file tree

Showing 17 changed files with 96 additions and 248 deletions.
diff --git a/.github/workflows/base.yml b/.github/workflows/base.yml
@@ -6,47 +6,18 @@ on:
     paths:
       - .github/workflows/base.yml
       - images/base/**
-
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: base
+  workflow_dispatch:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout the repo
-        uses: actions/checkout@v3
-      - name: Setup cosign
-        uses: sigstore/cosign-installer@v3.3.0
-      - name: Login to container registry
-        uses: redhat-actions/podman-login@v1
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Build image
-        uses: redhat-actions/buildah-build@v2
-        id: build
-        with:
-          image: ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}
-          tags: 39 latest
-          containerfiles: images/base/Containerfile
-          context: images/base
-          oci: true
-      - name: Push image
-        uses: redhat-actions/push-to-registry@v2
-        id: push
-        with:
-          image: ${{ steps.build.outputs.image }}
-          tags: ${{ steps.build.outputs.tags }}
-          registry: ${{ env.REGISTRY }}
-      - name: Sign image
-        run: cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}@${{ steps.push.outputs.digest }}
-        env:
-          COSIGN_EXPERIMENTAL: false
-          COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
-          COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
+    name: Build Base image
+    uses: ./.github/workflows/reusable-build.yml
+    secrets: inherit
+    with:
+      image-name: base
+      image-tag: "40"
+      containerfile-path: images/base
+      context-path: images/base
   node:
     needs: build
     uses: ./.github/workflows/node.yml

diff --git a/.github/workflows/fedora-packager.yml b/.github/workflows/fedora-packager.yml
@@ -6,45 +6,15 @@ on:
     paths:
       - .github/workflows/fedora-packager.yml
       - images/fedora-packager/**
-  workflow_call:
-
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: fedora-packager
+  workflow_dispatch:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout the repo
-        uses: actions/checkout@v3
-      # - name: Setup cosign
-      #   uses: sigstore/cosign-installer@v3.3.0
-      - name: Login to container registry
-        uses: redhat-actions/podman-login@v1
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Build image
-        uses: redhat-actions/buildah-build@v2
-        id: build
-        with:
-          image: ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}
-          tags: 39 latest
-          containerfiles: images/fedora-packager/Containerfile
-          context: images/fedora-packager
-          oci: true
-      - name: Push image
-        uses: redhat-actions/push-to-registry@v2
-        id: push
-        with:
-          image: ${{ steps.build.outputs.image }}
-          tags: ${{ steps.build.outputs.tags }}
-          registry: ${{ env.REGISTRY }}
-      # - name: Sign image
-      #   run: cosign sign -y --recursive --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}@${{ steps.push.outputs.digest }}
-      #   env:
-      #     COSIGN_EXPERIMENTAL: false
-      #     COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
-      #     COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
+    name: Build Fedora packager image
+    uses: ./.github/workflows/reusable-build.yml
+    secrets: inherit
+    with:
+      image-name: fedora-packager
+      image-tag: "40"
+      containerfile-path: images/fedora-packager
+      context-path: images/fedora-packager
diff --git a/.github/workflows/java.yml b/.github/workflows/java.yml
@@ -6,45 +6,15 @@ on:
     paths:
       - .github/workflows/java.yml
       - images/java/**
-  workflow_call:
-
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: java
+  workflow_dispatch:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout the repo
-        uses: actions/checkout@v3
-      # - name: Setup cosign
-      #   uses: sigstore/cosign-installer@v3.3.0
-      - name: Login to container registry
-        uses: redhat-actions/podman-login@v1
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Build image
-        uses: redhat-actions/buildah-build@v2
-        id: build
-        with:
-          image: ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}
-          tags: 39 latest
-          containerfiles: images/java/Containerfile
-          context: images/java
-          oci: true
-      - name: Push image
-        uses: redhat-actions/push-to-registry@v2
-        id: push
-        with:
-          image: ${{ steps.build.outputs.image }}
-          tags: ${{ steps.build.outputs.tags }}
-          registry: ${{ env.REGISTRY }}
-      # - name: Sign image
-      #   run: cosign sign -y --recursive --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}@${{ steps.push.outputs.digest }}
-      #   env:
-      #     COSIGN_EXPERIMENTAL: false
-      #     COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
-      #     COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
+    name: Build Java image
+    uses: ./.github/workflows/reusable-build.yml
+    secrets: inherit
+    with:
+      image-name: java
+      image-tag: "40"
+      containerfile-path: images/java
+      context-path: images/java
diff --git a/.github/workflows/node.yml b/.github/workflows/node.yml
@@ -6,45 +6,15 @@ on:
     paths:
       - .github/workflows/node.yml
       - images/node/**
-  workflow_call:
-
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: node
+  workflow_dispatch:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout the repo
-        uses: actions/checkout@v3
-      # - name: Setup cosign
-      #   uses: sigstore/cosign-installer@v3.3.0
-      - name: Login to container registry
-        uses: redhat-actions/podman-login@v1
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Build image
-        uses: redhat-actions/buildah-build@v2
-        id: build
-        with:
-          image: ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}
-          tags: 39 latest
-          containerfiles: images/node/Containerfile
-          context: images/node
-          oci: true
-      - name: Push image
-        uses: redhat-actions/push-to-registry@v2
-        id: push
-        with:
-          image: ${{ steps.build.outputs.image }}
-          tags: ${{ steps.build.outputs.tags }}
-          registry: ${{ env.REGISTRY }}
-      # - name: Sign image
-      #   run: cosign sign -y --recursive --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}@${{ steps.push.outputs.digest }}
-      #   env:
-      #     COSIGN_EXPERIMENTAL: false
-      #     COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
-      #     COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
+    name: Build Node.js image
+    uses: ./.github/workflows/reusable-build.yml
+    secrets: inherit
+    with:
+      image-name: node
+      image-tag: "40"
+      containerfile-path: images/node
+      context-path: images/node
diff --git a/.github/workflows/ansible.yml → .github/workflows/reusable-build.yml b/.github/workflows/ansible.yml → .github/workflows/reusable-build.yml
@@ -1,39 +1,49 @@
-name: Ansible image
+name: Reusable build
 
 on:
-  push:
-    branches: [main]
-    paths:
-      - .github/workflows/ansible.yml
-      - images/ansible/**
   workflow_call:
+    inputs:
+      image-name:
+        description: Name of the image to be built
+        required: true
+        type: string
+      image-tag:
+        description: Tag of the base image (will be used for the built image)
+        required: true
+        type: string
+      containerfile-path:
+        description: Path to the Containerfile
+        required: true
+        type: string
+      context-path:
+        description: Path to the build context
+        required: true
+        type: string
 
 env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: ansible
+  REGISTRY: ghcr.io/${{ github.repository }}
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
-      - name: Checkout the repo
-        uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       # - name: Setup cosign
       #   uses: sigstore/cosign-installer@v3.3.0
       - name: Login to container registry
         uses: redhat-actions/podman-login@v1
         with:
-          registry: ${{ env.REGISTRY }}
+          registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Build image
         uses: redhat-actions/buildah-build@v2
         id: build
         with:
-          image: ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}
-          tags: 39 latest
-          containerfiles: images/ansible/Containerfile
-          context: images/ansible
+          image: ${{ env.REGISTRY }}/${{ github.repository }}/${{ inputs.image-name }}
+          tags: ${{ inputs.image-tag }} latest
+          containerfiles: ${{ inputs.containerfile-path }}/Containerfile
+          context: ${{ inputs.context-path }}
           oci: true
       - name: Push image
         uses: redhat-actions/push-to-registry@v2

diff --git a/.github/workflows/rstudio.yml b/.github/workflows/rstudio.yml
@@ -6,45 +6,15 @@ on:
     paths:
       - .github/workflows/rstudio.yml
       - images/rstudio/**
-  workflow_call:
-
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: rstudio
+  workflow_dispatch:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout the repo
-        uses: actions/checkout@v3
-      # - name: Setup cosign
-      #   uses: sigstore/cosign-installer@v3.3.0
-      - name: Login to container registry
-        uses: redhat-actions/podman-login@v1
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Build image
-        uses: redhat-actions/buildah-build@v2
-        id: build
-        with:
-          image: ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}
-          tags: 39 latest
-          containerfiles: images/rstudio/Containerfile
-          context: images/rstudio
-          oci: true
-      - name: Push image
-        uses: redhat-actions/push-to-registry@v2
-        id: push
-        with:
-          image: ${{ steps.build.outputs.image }}
-          tags: ${{ steps.build.outputs.tags }}
-          registry: ${{ env.REGISTRY }}
-      # - name: Sign image
-      #   run: cosign sign -y --recursive --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}@${{ steps.push.outputs.digest }}
-      #   env:
-      #     COSIGN_EXPERIMENTAL: false
-      #     COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
-      #     COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
+    name: Build RStudio image
+    uses: ./.github/workflows/reusable-build.yml
+    secrets: inherit
+    with:
+      image-name: rstudio
+      image-tag: "40"
+      containerfile-path: images/rstudio
+      context-path: images/rstudio
diff --git a/images/ansible/Containerfile b/images/ansible/Containerfile
diff --git a/images/ansible/README.md b/images/ansible/README.md
diff --git a/images/ansible/extra-packages b/images/ansible/extra-packages
diff --git a/images/base/Containerfile b/images/base/Containerfile
@@ -1,6 +1,8 @@
-FROM registry.fedoraproject.org/fedora-toolbox:39
+ARG IMAGE_TAG
+FROM registry.fedoraproject.org/fedora-toolbox:${IMAGE_TAG}
 
-ENV NAME=base-toolbox VERSION=39
+ARG IMAGE_TAG
+ENV NAME=base-toolbox VERSION=${IMAGE_TAG}
 LABEL com.github.containers.toolbox="true" \
       com.redhat.component="$NAME" \
       name="$NAME" \
@@ -25,11 +27,11 @@ RUN rm /swap-packages
 RUN cosign completion fish > /etc/fish/completions/cosign.fish
 
 RUN mkdir -p /opt/oha/bin
-ADD https://github.com/hatoo/oha/releases/download/v0.5.9/oha-linux-amd64 /opt/oha/bin/oha
+ADD https://github.com/hatoo/oha/releases/download/v1.4.4/oha-linux-amd64 /opt/oha/bin/oha
 RUN chmod +x /opt/oha/bin/oha
 ENV PATH="${PATH}:/opt/oha/bin"
 
-ADD https://github.com/bootandy/dust/releases/download/v0.8.6/dust-v0.8.6-x86_64-unknown-linux-gnu.tar.gz /tmp/dust.tar.gz
+ADD https://github.com/bootandy/dust/releases/download/v1.0.0/dust-v1.0.0-x86_64-unknown-linux-gnu.tar.gz /tmp/dust.tar.gz
 RUN mkdir /tmp/dust
 RUN tar -xf /tmp/dust.tar.gz -C /tmp/dust --strip-components=1
 RUN mkdir -p /opt/dust/bin