ratigorsk/podman-in-docker
2
0
Fork 0
Code Actions Packages Activity

Merge pull request #2 from JamesJonesConsulting/develop
Some checks failed
Build podman-dind-like / build-and-push (GITHUB_TOKEN, ghcr.io, GITHUB_DOCKER_USER) (push) Has been cancelled
Details
Build podman-dind-like / build-and-push (HOME_NEXUS_DOCKER_PASSWORD, nexus.jamjon3.sytes.net:5443, NEXUS_DOCKER_USER) (push) Has been cancelled
Details

Browse Source 
Adding additional dependencies for the build container and publishing to home lab Nexus Repository
This commit is contained in:
James Jones
2022-12-07 07:57:34 -05:00
committed by GitHub
parent 982a623d04 8c9891eebb
commit d0882615b2
3 changed files with 40 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
.github/workflows/build.yml vendored
View File

@@ -15,7 +15,8 @@ on:
- develop - develop
env: env:
REGISTRY: ghcr.io GITHUB_DOCKER_USER: ${{ github.actor }}
NEXUS_DOCKER_USER: ${{ secrets.HOME_NEXUS_DOCKER_USER }}
jobs: jobs:
build-and-push: build-and-push:
@@ -23,6 +24,18 @@ jobs:
container: container:
image: quay.io/podman/stable:latest image: quay.io/podman/stable:latest
options: --userns=keep-id --privileged --user root options: --userns=keep-id --privileged --user root
strategy:
fail-fast: false
max-parallel: 2
matrix:
registry: [ 'ghcr.io', 'nexus.jamjon3.sytes.net:5443' ]
include:
- registry: ghcr.io
user: GITHUB_DOCKER_USER
password: GITHUB_TOKEN
- registry: nexus.jamjon3.sytes.net:5443
user: NEXUS_DOCKER_USER
password: HOME_NEXUS_DOCKER_PASSWORD
steps: steps:
# Downloads a copy of the code in your repository before running CI tests # Downloads a copy of the code in your repository before running CI tests
- name: Check out repository code - name: Check out repository code
@@ -33,15 +46,15 @@ jobs:
- name: Docker Login - name: Docker Login
uses: azure/docker-login@v1 uses: azure/docker-login@v1
with: with:
login-server: ${{ env.REGISTRY }} login-server: ${{ matrix.registry }}
username: ${{ github.actor }} username: ${{ env[matrix.user] }}
password: ${{ secrets.GITHUB_TOKEN }} password: ${{ secrets[matrix.password] }}
# This requires docker buildx which podman doesn't support # This requires docker buildx which podman doesn't support
# - name: Extract metadata (tags, labels) for Docker # - name: Extract metadata (tags, labels) for Docker
# id: meta # id: meta
# uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 # uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
# with: # with:
# images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} # images: ${{ matrix.registry }}/${{ env.IMAGE_NAME }}
# - name: Build and push Docker images # - name: Build and push Docker images
# uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc # uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
# with: # with:
@@ -57,12 +70,9 @@ jobs:
else else
VERSION=$(echo "${GITHUB_REF_NAME}" | sed 's|/|-|g') VERSION=$(echo "${GITHUB_REF_NAME}" | sed 's|/|-|g')
fi fi
podman build . --file Dockerfile --tag "$REGISTRY/$IMAGE_NAME:$VERSION" podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION"
podman push "$REGISTRY/$IMAGE_NAME:$VERSION" podman push "${{ matrix.registry }}/$IMAGE_NAME:$VERSION"
if [[ "$GITHUB_REF" =~ ^refs/tags.* ]]; then if [[ "$GITHUB_REF" =~ ^refs/tags.* ]]; then
podman tag "$REGISTRY/$IMAGE_NAME:$VERSION" "$REGISTRY/$IMAGE_NAME:latest" podman tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" "${{ matrix.registry }}/$IMAGE_NAME:latest"
podman push "$REGISTRY/$IMAGE_NAME:latest" podman push "${{ matrix.registry }}/$IMAGE_NAME:latest"
fi fi
# env:
# REG_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# # REG_TOKEN: ${{ secrets.REPO_GITHUB_TOKEN }}

13
Dockerfile
View File

@@ -3,13 +3,24 @@ FROM quay.io/podman/stable:latest
# Adding on the docker alias, docker-compose and other useful stuff # Adding on the docker alias, docker-compose and other useful stuff
RUN dnf install -y podman-docker buildah skopeo docker-compose \ RUN dnf install -y podman-docker buildah skopeo docker-compose \
util-linux ansible-core openssh-clients krb5-devel krb5-libs krb5-workstation git jq unzip coreutils \ util-linux ansible-core openssh-clients krb5-devel krb5-libs krb5-workstation git jq unzip coreutils \
helm doctl kubernetes-client helm doctl kubernetes-client gnupg2 pinentry
# Adding the Azure CLI
RUN rpm --import https://packages.microsoft.com/keys/microsoft.asc \
&& dnf install -y https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm \
&& dnf install -y azure-cli
# Adding some Ansible Key and Timeout setting # Adding some Ansible Key and Timeout setting
ENV ANSIBLE_HOST_KEY_CHECKING=False ENV ANSIBLE_HOST_KEY_CHECKING=False
ENV ANSIBLE_TIMEOUT=60 ENV ANSIBLE_TIMEOUT=60
RUN printf "\nStrictHostKeyChecking no\n" >> /etc/ssh/ssh_config RUN printf "\nStrictHostKeyChecking no\n" >> /etc/ssh/ssh_config
ENV GPG_TTY /dev/console
# Adding RPM build tools along with FPM
RUN dnf install -y rpm-build rpm-sign rubygems ruby-devel gcc gcc-c++ make libffi-devel
RUN gem install ffi \
&& gem install fpm
# Remove the Emulate Docker CLI using podman messages # Remove the Emulate Docker CLI using podman messages
RUN touch /etc/containers/nodocker RUN touch /etc/containers/nodocker

6
README.md
View File

@@ -18,6 +18,12 @@ Note: The `build-push` action doesn't work with 'podman' (commented out in the p
docker pull ghcr.io/jamesjonesconsulting/podman-dind-like:latest docker pull ghcr.io/jamesjonesconsulting/podman-dind-like:latest
``` ```
### Why is there a second container in the matrix?
The matrix defined in the pipeline pushes the public container (as described above), but also publishes a private container to my instance of Nexus
Repository for my home lab usage. Having this container 'local' to my home lab saves bandwidth and accellerates my use cases. In addition, it's an
example of the usage of the 'matrix' feature in a repository I have public so others may benefit from seeing the pattern in use.
## Notes on GitLab ## Notes on GitLab
This job also runs on a self-hosted gitlab agent with the following in the `/etc/gitlab-runner/config.toml` file so this is also compatible with This job also runs on a self-hosted gitlab agent with the following in the `/etc/gitlab-runner/config.toml` file so this is also compatible with