From bebe14acdc6919dc52c36184925d17102f4547fb Mon Sep 17 00:00:00 2001 From: James Jones Date: Tue, 3 Jan 2023 20:01:16 -0500 Subject: [PATCH 01/20] Switching the hosted registry --- .github/workflows/build.yml | 2 +- rpm-sign-expect | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 42921ff..69bddd1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -28,7 +28,7 @@ jobs: fail-fast: false max-parallel: 2 matrix: - registry: [ 'ghcr.io', 'nexus.jamjon3.sytes.net:5443' ] + registry: [ 'ghcr.io', 'nexus.jamesjonesconsulting.com:5443' ] include: - registry: ghcr.io user: GITHUB_DOCKER_USER diff --git a/rpm-sign-expect b/rpm-sign-expect index de17dfc..112f8ab 100644 --- a/rpm-sign-expect +++ b/rpm-sign-expect @@ -7,7 +7,7 @@ set name [lindex $argv 3] ### rpm-sign-expect -- Sign RPMs by sending passphrase and other elements -spawn rpm --define "_gpg_name $name <$email>" --addsign $rpm +spawn rpm --define {"_gpg_name $name <$email>"} --addsign $rpm expect -exact "Enter pass phrase: " send -- "$passphrase\r" expect eof \ No newline at end of file From 39d8af5f264fcf98c45e917a785b3d867daff522 Mon Sep 17 00:00:00 2001 From: James Jones Date: Tue, 3 Jan 2023 21:19:31 -0500 Subject: [PATCH 02/20] Switching the hosted registry --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 69bddd1..b492a1e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,7 +23,7 @@ jobs: runs-on: self-hosted container: image: quay.io/podman/stable:latest - options: --userns=keep-id --privileged --user root + options: --userns=keep-id --group-add keep-groups --privileged --user root strategy: fail-fast: false max-parallel: 2 From 46503c1ab6302c6f6a4e1347b26f487c0e4983ee Mon Sep 17 00:00:00 2001 From: James Jones Date: Wed, 4 Jan 2023 17:01:04 -0500 Subject: [PATCH 03/20] Switching the hosted registry --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b492a1e..f41c8cf 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -33,7 +33,7 @@ jobs: - registry: ghcr.io user: GITHUB_DOCKER_USER password: GITHUB_TOKEN - - registry: nexus.jamjon3.sytes.net:5443 + - registry: nexus.jamesjonesconsulting.com:5443 user: NEXUS_DOCKER_USER password: HOME_NEXUS_DOCKER_PASSWORD steps: From 8a0c474e691d88b16bdbaa4db1eb63a0c1e14e2e Mon Sep 17 00:00:00 2001 From: James Jones Date: Wed, 4 Jan 2023 18:03:46 -0500 Subject: [PATCH 04/20] Switching the hosted registry --- .gitlab-ci.yml | 44 ++++++++++++++++++++++++++++++-------------- 1 file changed, 30 insertions(+), 14 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d811262..e446cb2 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,30 +3,46 @@ stages: before_script: - dnf install -y podman-docker - - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY + # - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY + +.shared_resources: + script: &before_login + - docker login -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" $REGISTRY + build:prereleases: stage: dind-build + parallel: + matrix: + - REGISTRY_USER: $CI_REGISTRY_USER + REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD + REGISTRY: $CI_REGISTRY + REGISTRY_IMAGE: $CI_REGISTRY_IMAGE + - REGISTRY_USER: $HOME_NEXUS_DOCKER_USER + REGISTRY_PASSWORD: $HOME_NEXUS_DOCKER_PASSWORD + REGISTRY: $HOME_NEXUS_DOCKER_REGISTRY + REGISTRY_IMAGE: $HOME_NEXUS_DOCKER_REGISTRY/$CI_PROJECT_PATH_SLUG tags: - big-build script: + - *before_login - export IMAGE_TAG=$(echo -en $CI_COMMIT_REF_NAME | sed 's|/|-|g') - - docker build --pull -t "$CI_REGISTRY_IMAGE:$IMAGE_TAG" . - - docker push "$CI_REGISTRY_IMAGE:$IMAGE_TAG" + - docker build --pull -t "$REGISTRY_IMAGE:$IMAGE_TAG" . + - docker push "$REGISTRY_IMAGE:$IMAGE_TAG" only: - branches except: - main -build:releases: - stage: dind-build - tags: - - big-build - script: - - docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" . - - docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" - - docker tag "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" "$CI_REGISTRY_IMAGE:latest" - - docker push "$CI_REGISTRY_IMAGE:latest" - only: - - tags +# build:releases: +# stage: dind-build +# tags: +# - big-build +# script: +# - docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" . +# - docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" +# - docker tag "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" "$CI_REGISTRY_IMAGE:latest" +# - docker push "$CI_REGISTRY_IMAGE:latest" +# only: +# - tags From 268e952c7220f649b7fa68afaacc28cddb0ef24d Mon Sep 17 00:00:00 2001 From: James Jones Date: Wed, 4 Jan 2023 19:28:52 -0500 Subject: [PATCH 05/20] Switching the hosted registry --- .gitlab-ci.yml | 6 ++++-- Dockerfile | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e446cb2..0e23aaa 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,12 +3,14 @@ stages: before_script: - dnf install -y podman-docker - # - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY + - docker login -u "$HOME_NEXUS_DOCKER_USER" -p "$HOME_NEXUS_DOCKER_PASSWORD" $HOME_NEXUS_DOCKER_REGISTRY_SHARED .shared_resources: script: &before_login - docker login -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" $REGISTRY +variables: + DOCKER_AUTH_CONFIG: ${HOME_NEXUS_DOCKER_AUTH_CONFIG} build:prereleases: stage: dind-build @@ -27,7 +29,7 @@ build:prereleases: script: - *before_login - export IMAGE_TAG=$(echo -en $CI_COMMIT_REF_NAME | sed 's|/|-|g') - - docker build --pull -t "$REGISTRY_IMAGE:$IMAGE_TAG" . + - docker build --pull -t "$REGISTRY_IMAGE:$IMAGE_TAG" --build-arg ARTIFACTORY=$HOME_NEXUS_DOCKER_REGISTRY_SHARED . - docker push "$REGISTRY_IMAGE:$IMAGE_TAG" only: - branches diff --git a/Dockerfile b/Dockerfile index c6972ad..8a1da3d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,5 @@ -FROM quay.io/podman/stable:latest +ARG ARTIFACTORY +FROM ${ARTIFACTORY}/podman/stable:latest # Adding on the docker alias, docker-compose and other useful stuff RUN dnf install -y podman-docker buildah skopeo docker-compose \ From 086c6ebbe25378e548eb917e13cdfea051dc9512 Mon Sep 17 00:00:00 2001 From: James Jones Date: Wed, 4 Jan 2023 20:37:24 -0500 Subject: [PATCH 06/20] Switching the hosted registry --- .gitlab-ci.yml | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0e23aaa..0264776 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,19 +1,29 @@ stages: - dind-build -before_script: - - dnf install -y podman-docker - - docker login -u "$HOME_NEXUS_DOCKER_USER" -p "$HOME_NEXUS_DOCKER_PASSWORD" $HOME_NEXUS_DOCKER_REGISTRY_SHARED +# before_script: +# - dnf install -y podman-docker +# - docker login -u "$HOME_NEXUS_DOCKER_USER" -p "$HOME_NEXUS_DOCKER_PASSWORD" $HOME_NEXUS_DOCKER_REGISTRY_SHARED + +.base: + # See https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/ + variables: + DOCKER_AUTH_CONFIG: ${HOME_NEXUS_DOCKER_AUTH_CONFIG} + image: "$HOME_NEXUS_DOCKER_REGISTRY_SHARED/podman/stable:latest" .shared_resources: script: &before_login - docker login -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" $REGISTRY + before_script: &before_auth + - dnf install -y podman-docker + - docker login -u "$HOME_NEXUS_DOCKER_USER" -p "$HOME_NEXUS_DOCKER_PASSWORD" $HOME_NEXUS_DOCKER_REGISTRY_SHARED variables: DOCKER_AUTH_CONFIG: ${HOME_NEXUS_DOCKER_AUTH_CONFIG} build:prereleases: stage: dind-build + extends: .base parallel: matrix: - REGISTRY_USER: $CI_REGISTRY_USER @@ -23,20 +33,24 @@ build:prereleases: - REGISTRY_USER: $HOME_NEXUS_DOCKER_USER REGISTRY_PASSWORD: $HOME_NEXUS_DOCKER_PASSWORD REGISTRY: $HOME_NEXUS_DOCKER_REGISTRY - REGISTRY_IMAGE: $HOME_NEXUS_DOCKER_REGISTRY/$CI_PROJECT_PATH_SLUG + REGISTRY_IMAGE: $HOME_NEXUS_DOCKER_REGISTRY/$CI_PROJECT_PATH tags: - big-build + before_script: + - *before_auth script: - *before_login - export IMAGE_TAG=$(echo -en $CI_COMMIT_REF_NAME | sed 's|/|-|g') - - docker build --pull -t "$REGISTRY_IMAGE:$IMAGE_TAG" --build-arg ARTIFACTORY=$HOME_NEXUS_DOCKER_REGISTRY_SHARED . - - docker push "$REGISTRY_IMAGE:$IMAGE_TAG" + - export REGISTRY_IMAGE_LOWER=$(echo "$REGISTRY_IMAGE" | tr '[:upper:]' '[:lower:]') + - docker build --pull -t "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" --build-arg ARTIFACTORY=$HOME_NEXUS_DOCKER_REGISTRY_SHARED . + - docker push "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" only: - branches except: - main # build:releases: +# extends: .base # stage: dind-build # tags: # - big-build From 118671c3daa279a37e2c9e35080157e405f51539 Mon Sep 17 00:00:00 2001 From: James Jones Date: Wed, 4 Jan 2023 21:10:13 -0500 Subject: [PATCH 07/20] Switching the hosted registry --- .gitlab-ci.yml | 82 +++++++++++++++++++++++++++++--------------------- 1 file changed, 48 insertions(+), 34 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0264776..2df1072 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,29 +1,11 @@ stages: - dind-build -# before_script: -# - dnf install -y podman-docker -# - docker login -u "$HOME_NEXUS_DOCKER_USER" -p "$HOME_NEXUS_DOCKER_PASSWORD" $HOME_NEXUS_DOCKER_REGISTRY_SHARED - .base: # See https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/ variables: DOCKER_AUTH_CONFIG: ${HOME_NEXUS_DOCKER_AUTH_CONFIG} image: "$HOME_NEXUS_DOCKER_REGISTRY_SHARED/podman/stable:latest" - -.shared_resources: - script: &before_login - - docker login -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" $REGISTRY - before_script: &before_auth - - dnf install -y podman-docker - - docker login -u "$HOME_NEXUS_DOCKER_USER" -p "$HOME_NEXUS_DOCKER_PASSWORD" $HOME_NEXUS_DOCKER_REGISTRY_SHARED - -variables: - DOCKER_AUTH_CONFIG: ${HOME_NEXUS_DOCKER_AUTH_CONFIG} - -build:prereleases: - stage: dind-build - extends: .base parallel: matrix: - REGISTRY_USER: $CI_REGISTRY_USER @@ -34,31 +16,63 @@ build:prereleases: REGISTRY_PASSWORD: $HOME_NEXUS_DOCKER_PASSWORD REGISTRY: $HOME_NEXUS_DOCKER_REGISTRY REGISTRY_IMAGE: $HOME_NEXUS_DOCKER_REGISTRY/$CI_PROJECT_PATH + +.shared_resources: + script: &build_push + - docker login -u "$REGISTRY_USER" -p "$REGISTRY_PASSWORD" $REGISTRY + - export REGISTRY_IMAGE_LOWER=$(echo "$REGISTRY_IMAGE" | tr '[:upper:]' '[:lower:]') + - docker build --pull -t "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" --build-arg ARTIFACTORY=$HOME_NEXUS_DOCKER_REGISTRY_SHARED . + - docker push "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" + before_script: &before_auth + - dnf install -y podman-docker + - docker login -u "$HOME_NEXUS_DOCKER_USER" -p "$HOME_NEXUS_DOCKER_PASSWORD" $HOME_NEXUS_DOCKER_REGISTRY_SHARED + +variables: + DOCKER_AUTH_CONFIG: ${HOME_NEXUS_DOCKER_AUTH_CONFIG} + +build:prereleases: + stage: dind-build + extends: .base + # parallel: + # matrix: + # - REGISTRY_USER: $CI_REGISTRY_USER + # REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD + # REGISTRY: $CI_REGISTRY + # REGISTRY_IMAGE: $CI_REGISTRY_IMAGE + # - REGISTRY_USER: $HOME_NEXUS_DOCKER_USER + # REGISTRY_PASSWORD: $HOME_NEXUS_DOCKER_PASSWORD + # REGISTRY: $HOME_NEXUS_DOCKER_REGISTRY + # REGISTRY_IMAGE: $HOME_NEXUS_DOCKER_REGISTRY/$CI_PROJECT_PATH tags: - big-build before_script: - *before_auth script: - - *before_login - export IMAGE_TAG=$(echo -en $CI_COMMIT_REF_NAME | sed 's|/|-|g') - - export REGISTRY_IMAGE_LOWER=$(echo "$REGISTRY_IMAGE" | tr '[:upper:]' '[:lower:]') - - docker build --pull -t "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" --build-arg ARTIFACTORY=$HOME_NEXUS_DOCKER_REGISTRY_SHARED . - - docker push "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" + - *build_push + # - export REGISTRY_IMAGE_LOWER=$(echo "$REGISTRY_IMAGE" | tr '[:upper:]' '[:lower:]') + # - docker build --pull -t "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" --build-arg ARTIFACTORY=$HOME_NEXUS_DOCKER_REGISTRY_SHARED . + # - docker push "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" only: - branches except: - main -# build:releases: -# extends: .base -# stage: dind-build -# tags: -# - big-build -# script: -# - docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" . -# - docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" -# - docker tag "$CI_REGISTRY_IMAGE:$CI_COMMIT_TAG" "$CI_REGISTRY_IMAGE:latest" -# - docker push "$CI_REGISTRY_IMAGE:latest" -# only: -# - tags +build:releases: + extends: .base + stage: dind-build + tags: + - big-build + before_script: + - *before_auth + script: + - export IMAGE_TAG=$CI_COMMIT_TAG + - *build_push + # - export REGISTRY_IMAGE_LOWER=$(echo "$REGISTRY_IMAGE" | tr '[:upper:]' '[:lower:]') + # - docker build --pull -t "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" --build-arg ARTIFACTORY=$HOME_NEXUS_DOCKER_REGISTRY_SHARED . + # - docker push "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" + - docker tag "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" "$REGISTRY_IMAGE_LOWER:latest" + - docker push "$REGISTRY_IMAGE_LOWER:latest" + only: + - tags From a2e90e828620af85ae7b7b5edbd4af3a0bc5d6b5 Mon Sep 17 00:00:00 2001 From: James Jones Date: Wed, 4 Jan 2023 22:06:15 -0500 Subject: [PATCH 08/20] Switching the hosted registry --- .gitlab-ci.yml | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 2df1072..169f4ed 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -33,16 +33,6 @@ variables: build:prereleases: stage: dind-build extends: .base - # parallel: - # matrix: - # - REGISTRY_USER: $CI_REGISTRY_USER - # REGISTRY_PASSWORD: $CI_REGISTRY_PASSWORD - # REGISTRY: $CI_REGISTRY - # REGISTRY_IMAGE: $CI_REGISTRY_IMAGE - # - REGISTRY_USER: $HOME_NEXUS_DOCKER_USER - # REGISTRY_PASSWORD: $HOME_NEXUS_DOCKER_PASSWORD - # REGISTRY: $HOME_NEXUS_DOCKER_REGISTRY - # REGISTRY_IMAGE: $HOME_NEXUS_DOCKER_REGISTRY/$CI_PROJECT_PATH tags: - big-build before_script: @@ -50,9 +40,6 @@ build:prereleases: script: - export IMAGE_TAG=$(echo -en $CI_COMMIT_REF_NAME | sed 's|/|-|g') - *build_push - # - export REGISTRY_IMAGE_LOWER=$(echo "$REGISTRY_IMAGE" | tr '[:upper:]' '[:lower:]') - # - docker build --pull -t "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" --build-arg ARTIFACTORY=$HOME_NEXUS_DOCKER_REGISTRY_SHARED . - # - docker push "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" only: - branches except: @@ -68,9 +55,6 @@ build:releases: script: - export IMAGE_TAG=$CI_COMMIT_TAG - *build_push - # - export REGISTRY_IMAGE_LOWER=$(echo "$REGISTRY_IMAGE" | tr '[:upper:]' '[:lower:]') - # - docker build --pull -t "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" --build-arg ARTIFACTORY=$HOME_NEXUS_DOCKER_REGISTRY_SHARED . - # - docker push "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" - docker tag "$REGISTRY_IMAGE_LOWER:$IMAGE_TAG" "$REGISTRY_IMAGE_LOWER:latest" - docker push "$REGISTRY_IMAGE_LOWER:latest" only: From 9d874afeaf7476562c63e16c713aa4a44b4b60fe Mon Sep 17 00:00:00 2001 From: James Jones Date: Wed, 4 Jan 2023 22:06:49 -0500 Subject: [PATCH 09/20] Switching the hosted registry --- .gitlab-ci.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 169f4ed..0331c48 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -27,9 +27,6 @@ stages: - dnf install -y podman-docker - docker login -u "$HOME_NEXUS_DOCKER_USER" -p "$HOME_NEXUS_DOCKER_PASSWORD" $HOME_NEXUS_DOCKER_REGISTRY_SHARED -variables: - DOCKER_AUTH_CONFIG: ${HOME_NEXUS_DOCKER_AUTH_CONFIG} - build:prereleases: stage: dind-build extends: .base From ecd65b8cfd86d3eb72ba9258982cbfe3e5536b69 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 18 Feb 2023 19:48:37 -0500 Subject: [PATCH 10/20] Adding labels to target runners --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f41c8cf..8c390fd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,7 +20,7 @@ env: jobs: build-and-push: - runs-on: self-hosted + runs-on: [ self-hosted, big, build ] container: image: quay.io/podman/stable:latest options: --userns=keep-id --group-add keep-groups --privileged --user root From 0fb80c2147d1c7e2aa0701d87489a14dadfd26a8 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 18 Feb 2023 20:17:12 -0500 Subject: [PATCH 11/20] Adding labels to target runners --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8c390fd..01997f8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -70,7 +70,7 @@ jobs: else VERSION=$(echo "${GITHUB_REF_NAME}" | sed 's|/|-|g') fi - podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" + podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry }} podman push "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" if [[ "$GITHUB_REF" =~ ^refs/tags.* ]]; then podman tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" "${{ matrix.registry }}/$IMAGE_NAME:latest" From 9b1c9c41a27c357842c99cfcf078b9d2d20f74dc Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 18 Feb 2023 20:32:40 -0500 Subject: [PATCH 12/20] Adding labels to target runners --- .github/workflows/build.yml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 01997f8..7da2914 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,6 +17,7 @@ on: env: GITHUB_DOCKER_USER: ${{ github.actor }} NEXUS_DOCKER_USER: ${{ secrets.HOME_NEXUS_DOCKER_USER }} + NEXUS_PROXY_REGISTRY: nexus.jamesjonesconsulting.com:5444 jobs: build-and-push: @@ -33,9 +34,15 @@ jobs: - registry: ghcr.io user: GITHUB_DOCKER_USER password: GITHUB_TOKEN + registry_proxy: NEXUS_PROXY_REGISTRY + proxy_user: NEXUS_DOCKER_USER + proxy_password: HOME_NEXUS_DOCKER_PASSWORD - registry: nexus.jamesjonesconsulting.com:5443 user: NEXUS_DOCKER_USER password: HOME_NEXUS_DOCKER_PASSWORD + registry_proxy: NEXUS_PROXY_REGISTRY + proxy_user: NEXUS_DOCKER_USER + proxy_password: HOME_NEXUS_DOCKER_PASSWORD steps: # Downloads a copy of the code in your repository before running CI tests - name: Check out repository code @@ -49,6 +56,12 @@ jobs: login-server: ${{ matrix.registry }} username: ${{ env[matrix.user] }} password: ${{ secrets[matrix.password] }} + - name: Docker Login + uses: azure/docker-login@v1 + with: + login-server: ${{ matrix.registry_proxy }} + username: ${{ env[matrix.proxy_user] }} + password: ${{ secrets[matrix.proxy_password] }} # This requires docker buildx which podman doesn't support # - name: Extract metadata (tags, labels) for Docker # id: meta @@ -70,7 +83,7 @@ jobs: else VERSION=$(echo "${GITHUB_REF_NAME}" | sed 's|/|-|g') fi - podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry }} + podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry_proxy }} podman push "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" if [[ "$GITHUB_REF" =~ ^refs/tags.* ]]; then podman tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" "${{ matrix.registry }}/$IMAGE_NAME:latest" From fa8bcc23b249d1235100ad74b583d4319d85bed3 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 18 Feb 2023 20:44:50 -0500 Subject: [PATCH 13/20] Adding labels to target runners --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7da2914..fdb31ae 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,13 +34,13 @@ jobs: - registry: ghcr.io user: GITHUB_DOCKER_USER password: GITHUB_TOKEN - registry_proxy: NEXUS_PROXY_REGISTRY + registry_proxy: ${{ env.NEXUS_PROXY_REGISTRY }} proxy_user: NEXUS_DOCKER_USER proxy_password: HOME_NEXUS_DOCKER_PASSWORD - registry: nexus.jamesjonesconsulting.com:5443 user: NEXUS_DOCKER_USER password: HOME_NEXUS_DOCKER_PASSWORD - registry_proxy: NEXUS_PROXY_REGISTRY + registry_proxy: ${{ env.NEXUS_PROXY_REGISTRY }} proxy_user: NEXUS_DOCKER_USER proxy_password: HOME_NEXUS_DOCKER_PASSWORD steps: From 877a3facddc35fcb8d63509fe62d00f1588280de Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 18 Feb 2023 20:47:59 -0500 Subject: [PATCH 14/20] Adding labels to target runners --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index fdb31ae..fd7922e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,13 +34,13 @@ jobs: - registry: ghcr.io user: GITHUB_DOCKER_USER password: GITHUB_TOKEN - registry_proxy: ${{ env.NEXUS_PROXY_REGISTRY }} + registry_proxy: $NEXUS_PROXY_REGISTRY proxy_user: NEXUS_DOCKER_USER proxy_password: HOME_NEXUS_DOCKER_PASSWORD - registry: nexus.jamesjonesconsulting.com:5443 user: NEXUS_DOCKER_USER password: HOME_NEXUS_DOCKER_PASSWORD - registry_proxy: ${{ env.NEXUS_PROXY_REGISTRY }} + registry_proxy: $NEXUS_PROXY_REGISTRY proxy_user: NEXUS_DOCKER_USER proxy_password: HOME_NEXUS_DOCKER_PASSWORD steps: From 3a7054fd21c6b247533a83a72e8985147ecccc6d Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 18 Feb 2023 21:18:23 -0500 Subject: [PATCH 15/20] Adding labels to target runners --- .github/workflows/build.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index fd7922e..00e4532 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,8 +23,12 @@ jobs: build-and-push: runs-on: [ self-hosted, big, build ] container: - image: quay.io/podman/stable:latest + image: nexus.jamesjonesconsulting.com:5444/podman/stable:latest + # image: quay.io/podman/stable:latest options: --userns=keep-id --group-add keep-groups --privileged --user root + credentials: + username: ${{ secrets.HOME_NEXUS_DOCKER_USER }} + password: ${{ secrets.HOME_NEXUS_DOCKER_PASSWORD }} strategy: fail-fast: false max-parallel: 2 From f0d413d88312372dde16e9e90e38fac76baafb57 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sun, 19 Feb 2023 08:16:20 -0500 Subject: [PATCH 16/20] Adding labels to target runners --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 00e4532..56cfa49 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: container: image: nexus.jamesjonesconsulting.com:5444/podman/stable:latest # image: quay.io/podman/stable:latest - options: --userns=keep-id --group-add keep-groups --privileged --user root + options: --userns=keep-id --group-add keep-groups --privileged --user root --network host credentials: username: ${{ secrets.HOME_NEXUS_DOCKER_USER }} password: ${{ secrets.HOME_NEXUS_DOCKER_PASSWORD }} From 0345fac1d846ca0a578d7aae716d8d5b8bf191a3 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sun, 19 Feb 2023 08:39:52 -0500 Subject: [PATCH 17/20] Adding labels to target runners --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 56cfa49..00e4532 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: container: image: nexus.jamesjonesconsulting.com:5444/podman/stable:latest # image: quay.io/podman/stable:latest - options: --userns=keep-id --group-add keep-groups --privileged --user root --network host + options: --userns=keep-id --group-add keep-groups --privileged --user root credentials: username: ${{ secrets.HOME_NEXUS_DOCKER_USER }} password: ${{ secrets.HOME_NEXUS_DOCKER_PASSWORD }} From 2c6d668e55051dcd4087265ca9fe896ee2a6c4f1 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sun, 19 Feb 2023 08:42:31 -0500 Subject: [PATCH 18/20] Adding labels to target runners --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 00e4532..cb7646f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -21,7 +21,7 @@ env: jobs: build-and-push: - runs-on: [ self-hosted, big, build ] + runs-on: [ self-hosted, medium, build ] container: image: nexus.jamesjonesconsulting.com:5444/podman/stable:latest # image: quay.io/podman/stable:latest From 8ec3ab63e6617097d47dce863d9733e2e5e9639b Mon Sep 17 00:00:00 2001 From: James Jones Date: Sun, 19 Feb 2023 15:24:23 -0500 Subject: [PATCH 19/20] Adding github cli --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 8a1da3d..32e1beb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ FROM ${ARTIFACTORY}/podman/stable:latest # Adding on the docker alias, docker-compose and other useful stuff RUN dnf install -y podman-docker buildah skopeo docker-compose \ util-linux ansible-core openssh-clients krb5-devel krb5-libs krb5-workstation git jq unzip coreutils \ - helm doctl kubernetes-client gnupg2 pinentry expect + helm doctl kubernetes-client gnupg2 pinentry expect gh # Adding the Azure CLI RUN rpm --import https://packages.microsoft.com/keys/microsoft.asc \ From 2a7b12e716903a4e321ffc3a267ff16f173a29b2 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sun, 19 Feb 2023 17:14:15 -0500 Subject: [PATCH 20/20] Adding aws cli --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 32e1beb..9720d69 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ FROM ${ARTIFACTORY}/podman/stable:latest # Adding on the docker alias, docker-compose and other useful stuff RUN dnf install -y podman-docker buildah skopeo docker-compose \ util-linux ansible-core openssh-clients krb5-devel krb5-libs krb5-workstation git jq unzip coreutils \ - helm doctl kubernetes-client gnupg2 pinentry expect gh + helm doctl kubernetes-client gnupg2 pinentry expect gh awscli # Adding the Azure CLI RUN rpm --import https://packages.microsoft.com/keys/microsoft.asc \