fullstack-devops · eksrha · Apr 29, 2022 · Apr 29, 2022
diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml
@@ -29,6 +29,7 @@ jobs:
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v1
       - name: Set up Docker Buildx
+        id: buildx
         uses: docker/setup-buildx-action@v1
 
       - name: Build github-actions-runner:base
@@ -49,7 +50,7 @@ jobs:
 
       - name: link child image to current pr
         run: |
-          sed -i --expression "s@FROM.*@FROM ${{ env.IMAGE_BASE }}:base-pr-${{ github.event.pull_request.number }}@g" \
+          sed -i --expression "s@FROM ${{ env.IMAGE_BASE }}.*@FROM ${{ env.IMAGE_BASE }}:base-pr-${{ github.event.pull_request.number }}@g" \
           images/ansible-k8s/Dockerfile \
           images/fullstacked/Dockerfile
 

diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
@@ -44,7 +44,7 @@ jobs:
           push: true
           tags: |
             ${{ env.IMAGE_BASE }}:latest
-            ${{ env.IMAGE_BASE }}:base-latest
+            ${{ env.IMAGE_BASE }}:latest-base
             ${{ env.IMAGE_BASE }}:${{needs.create_release.outputs.version}}-base
 
       - name: Build github-actions-runner:kaniko-sidecar
@@ -53,12 +53,12 @@ jobs:
           context: ./images/kaniko-sidecar
           push: true
           tags: |
-            ${{ env.IMAGE_BASE }}:kaniko-sidecar-latest
+            ${{ env.IMAGE_BASE }}:latest-kaniko-sidecar
             ${{ env.IMAGE_BASE }}:${{needs.create_release.outputs.version}}-kaniko-sidecar
 
       - name: link child image to current version
         run: |
-          sed -i --expression "s@FROM.*@FROM ${{ env.IMAGE_BASE }}:${{needs.create_release.outputs.version}}-base@g" \
+          sed -i --expression "s@FROM ${{ env.IMAGE_BASE }}.*@FROM ${{ env.IMAGE_BASE }}:${{needs.create_release.outputs.version}}-base@g" \
           images/ansible-k8s/Dockerfile \
           images/fullstacked/Dockerfile
 
@@ -68,7 +68,7 @@ jobs:
           context: ./images/ansible-k8s
           push: true
           tags: |
-            ${{ env.IMAGE_BASE }}:ansible-k8s-latest
+            ${{ env.IMAGE_BASE }}:latest-ansible-k8s
             ${{ env.IMAGE_BASE }}:${{needs.create_release.outputs.version}}-ansible-k8s
 
       - name: Build github-actions-runner:fullstacked
@@ -77,7 +77,7 @@ jobs:
           context: ./images/fullstacked
           push: true
           tags: |
-            ${{ env.IMAGE_BASE }}:fullstacked-latest
+            ${{ env.IMAGE_BASE }}:latest-fullstacked
             ${{ env.IMAGE_BASE }}:${{needs.create_release.outputs.version}}-fullstacked
 
   publish_release:

diff --git a/README.md b/README.md
@@ -11,10 +11,10 @@ Package / Images: ghcr.io/fullstack-devops/github-actions-runner
 Available Tags:
 | Name (tag)              | Installed Tools/ Software                                                                                 | Description                                                                                                                      |
 |-------------------------|-----------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------|
-| `base-latest`           | libffi-dev, libicu-dev, build-essential, libssl-dev, ca-certificates, jq, sed, grep, git, curl, wget, zip | Base runner with nothing fancy installed <br> [Dockerfile](images/base/Dockerfile)                                               |
-| `kaniko-sidecar-latest` | kaniko                                                                                                    | Sidecar used by other runner images to build containers without root privileges                                                               |
-| `ansible-k8s-latest`    | base-image + ansible, helm, kubectl                                                                       | Runner specialized for automated k8s deployments via ansible <br> For more Details see [Dockerfile](images/ansible-k8s/Dockerfile)            |
-| `fullstacked-latest`    | base-image + maven, openjdk-11, nodejs, go, yarn, angular/cli, helm                                       | Runner with a bunch of tools to build your hole application<br> For more Details see [Dockerfile](images/fullstacked/Dockerfile) |
+| `latest-base`           | libffi-dev, libicu-dev, build-essential, libssl-dev, ca-certificates, jq, sed, grep, git, curl, wget, zip | Base runner with nothing fancy installed <br> [Dockerfile](images/base/Dockerfile)                                               |
+| `latest-kaniko-sidecar` | kaniko                                                                                                    | Sidecar used by other runner images to build containers without root privileges                                                               |
+| `latest-ansible-k8s`    | base-image + ansible, helm, kubectl, skopeo                                                                       | Runner specialized for automated k8s deployments via ansible <br> For more Details see [Dockerfile](images/ansible-k8s/Dockerfile)            |
+| `latest-fullstacked`    | base-image + maven, openjdk-11, nodejs, go, yarn, angular/cli, helm                                       | Runner with a bunch of tools to build your hole application<br> For more Details see [Dockerfile](images/fullstacked/Dockerfile) |
 
 > Hint: `latest can be replaced with an spezfic release version for more stability`
 
@@ -100,15 +100,15 @@ spec:
       emptyDir: {}
   containers:
     - name: kaniko
-      image: ghcr.io/fullstack-devops/github-actions-runner:kaniko-sidecar-latest
+      image: ghcr.io/fullstack-devops/github-actions-runner:latest-kaniko-sidecar
       resources: {}
       volumeMounts:
         - name: workspace-volume
           mountPath: /kaniko/workspace/
       imagePullPolicy: IfNotPresent
       tty: true
     - name: github-actions-runner
-      image: ghcr.io/fullstack-devops/github-actions-runner:base-latest
+      image: ghcr.io/fullstack-devops/github-actions-runner:latest-base
       resources: {}
       env:
         - name: GH_ORG

diff --git a/images/ansible-k8s/Dockerfile b/images/ansible-k8s/Dockerfile
@@ -1,14 +1,20 @@
-FROM ghcr.io/fullstack-devops/github-actions-runner:base-latest
+FROM golang:1.16 AS build
+WORKDIR $GOPATH/src/github.com/containers/skopeo
+ENV CGO_ENABLED=0
+ENV BUILDTAGS=containers_image_openpgp
+ENV DISABLE_DOCS=1
+RUN git clone https://github.com/containers/skopeo $GOPATH/src/github.com/containers/skopeo
+RUN git checkout tags/v1.7.0
+RUN make bin/skopeo
+
+FROM ghcr.io/fullstack-devops/github-actions-runner:latest-base
 
 USER root
 # install packages along with jq so we can parse JSON
 # add additional packages as necessary
-ARG PACKAGES="ansible skopeo"
+ARG PACKAGES="ansible"
 ARG PACKAGES_PYTHON="kubernetes"
 
-RUN echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${UBUNTU_VERSION}/ /" | tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
-RUN curl -fsSL https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_${UBUNTU_VERSION}/Release.key | gpg --dearmor | tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_stable.gpg > /dev/null
-
 RUN apt-get update \
   && apt-get install -y --no-install-recommends ${PACKAGES} \
   && rm -rf /var/lib/apt/lists/* \
@@ -20,6 +26,8 @@ ARG KUBECTL_VERSION=1.23.5
 # https://github.com/helm/helm/releases
 ARG HELM_VERSION=3.8.1
 
+COPY --from=build /go/src/github.com/containers/skopeo/bin/skopeo /usr/local/bin/skopeo
+
 # Install kubectl
 RUN export ARCH=$(/helper-scripts/translate-aarch.sh a-short)  \
   && wget -q https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_VERSION}/bin/linux/${ARCH}/kubectl -O /usr/local/bin/kubectl \