From 569afcbf3db1a22d196206ea8538006b0f403850 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sun, 19 Feb 2023 21:04:25 -0500 Subject: [PATCH 1/8] Adding longer timeout --- .github/workflows/build.yml | 1 + .gitlab-ci.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index cb7646f..fa50cb6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,6 +22,7 @@ env: jobs: build-and-push: runs-on: [ self-hosted, medium, build ] + timeout-minutes: 720 container: image: nexus.jamesjonesconsulting.com:5444/podman/stable:latest # image: quay.io/podman/stable:latest diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0331c48..4940f88 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -6,6 +6,7 @@ stages: variables: DOCKER_AUTH_CONFIG: ${HOME_NEXUS_DOCKER_AUTH_CONFIG} image: "$HOME_NEXUS_DOCKER_REGISTRY_SHARED/podman/stable:latest" + timeout: 3h 30m parallel: matrix: - REGISTRY_USER: $CI_REGISTRY_USER From 3c643634562eb9fe7093c1f2677205d09a8dbf76 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 25 Feb 2023 08:57:59 -0500 Subject: [PATCH 2/8] Adding on the yq utility --- .github/workflows/build.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index fa50cb6..890dce0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -52,9 +52,9 @@ jobs: # Downloads a copy of the code in your repository before running CI tests - name: Check out repository code uses: actions/checkout@v3 - - name: Add on podman-docker for step compatibility - run: | - dnf install -y podman-docker + # - name: Add on podman-docker for step compatibility + # run: | + # dnf install -y podman-docker - name: Docker Login uses: azure/docker-login@v1 with: @@ -88,7 +88,7 @@ jobs: else VERSION=$(echo "${GITHUB_REF_NAME}" | sed 's|/|-|g') fi - podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry_proxy }} + podman build --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry_proxy }} podman push "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" if [[ "$GITHUB_REF" =~ ^refs/tags.* ]]; then podman tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" "${{ matrix.registry }}/$IMAGE_NAME:latest" From fb710345f428c185a8899a6927dac7d2389e3447 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 25 Feb 2023 09:02:20 -0500 Subject: [PATCH 3/8] Adding on the yq utility --- .github/workflows/build.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 890dce0..fa50cb6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -52,9 +52,9 @@ jobs: # Downloads a copy of the code in your repository before running CI tests - name: Check out repository code uses: actions/checkout@v3 - # - name: Add on podman-docker for step compatibility - # run: | - # dnf install -y podman-docker + - name: Add on podman-docker for step compatibility + run: | + dnf install -y podman-docker - name: Docker Login uses: azure/docker-login@v1 with: @@ -88,7 +88,7 @@ jobs: else VERSION=$(echo "${GITHUB_REF_NAME}" | sed 's|/|-|g') fi - podman build --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry_proxy }} + podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry_proxy }} podman push "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" if [[ "$GITHUB_REF" =~ ^refs/tags.* ]]; then podman tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" "${{ matrix.registry }}/$IMAGE_NAME:latest" From a6f09d9f9bef3e5bca20c1793081ede093af05c3 Mon Sep 17 00:00:00 2001 From: James Jones Date: Fri, 3 Mar 2023 11:54:17 -0500 Subject: [PATCH 4/8] Adding some additional SSH settings to 'relax' things for Ansible --- Dockerfile | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4a79133..b81c134 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,10 +11,12 @@ RUN rpm --import https://packages.microsoft.com/keys/microsoft.asc \ && dnf install -y https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm \ && dnf install -y azure-cli -# Adding some Ansible Key and Timeout setting +# Adding some Ansible Key and Timeout setting as well as accepting ssh-rsa ENV ANSIBLE_HOST_KEY_CHECKING=False -ENV ANSIBLE_TIMEOUT=60 -RUN printf "\nStrictHostKeyChecking no\n" >> /etc/ssh/ssh_config +ENV ANSIBLE_TIMEOUT=120 +RUN printf "StrictHostKeyChecking no\n" > /etc/ssh/ssh_config.d/99-ansible.conf +RUN printf "PubkeyAcceptedKeyTypes +ssh-rsa\n" >> /etc/ssh/ssh_config.d/99-ansible.conf +RUN printf "HostKeyAlgorithms +ssh-rsa\n" >> /etc/ssh/ssh_config.d/99-ansible.conf ENV GPG_TTY /dev/console # Adding RPM build tools along with FPM From 342e633bd30f2b6bbf5ee40691346f1adda3d72f Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 4 Mar 2023 08:53:44 -0500 Subject: [PATCH 5/8] Removing the dnf cache and condensing this a bit --- Dockerfile | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index b81c134..5d91e52 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,16 @@ ARG ARTIFACTORY FROM ${ARTIFACTORY}/podman/stable:latest -# Adding on the docker alias, docker-compose and other useful stuff +# Adding on the docker alias, docker-compose and other useful stuff including the Azure CLI and RPM build tools along with FPM RUN dnf install -y podman-docker buildah skopeo docker-compose \ util-linux ansible-core openssh-clients krb5-devel krb5-libs krb5-workstation git jq wget curl unzip coreutils \ - helm doctl kubernetes-client gnupg2 pinentry expect gh awscli - -# Adding the Azure CLI -RUN rpm --import https://packages.microsoft.com/keys/microsoft.asc \ + helm doctl kubernetes-client gnupg2 pinentry expect gh awscli \ + && rpm --import https://packages.microsoft.com/keys/microsoft.asc \ && dnf install -y https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm \ - && dnf install -y azure-cli + && dnf install -y azure-cli \ + && dnf install -y rpm-build rpm-sign rubygems ruby-devel gcc gcc-c++ make libffi-devel \ + && dnf clean all \ + && rm -rf /var/cache/yum # Adding some Ansible Key and Timeout setting as well as accepting ssh-rsa ENV ANSIBLE_HOST_KEY_CHECKING=False @@ -19,9 +20,7 @@ RUN printf "PubkeyAcceptedKeyTypes +ssh-rsa\n" >> /etc/ssh/ssh_config.d/99-ansib RUN printf "HostKeyAlgorithms +ssh-rsa\n" >> /etc/ssh/ssh_config.d/99-ansible.conf ENV GPG_TTY /dev/console -# Adding RPM build tools along with FPM -RUN dnf install -y rpm-build rpm-sign rubygems ruby-devel gcc gcc-c++ make libffi-devel - +# Ensuring the fpm tool is installed to build distro packages such as RPM and DEB RUN gem install ffi \ && gem install fpm COPY rpm-sign-expect /usr/bin From ff82d243ae9e992cd7bfcaac4e6aaa2074d5792a Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 4 Mar 2023 09:33:58 -0500 Subject: [PATCH 6/8] Removing the dnf cache and condensing this a bit --- Dockerfile | 29 +++++++++++------------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5d91e52..715a3c0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,26 +10,19 @@ RUN dnf install -y podman-docker buildah skopeo docker-compose \ && dnf install -y azure-cli \ && dnf install -y rpm-build rpm-sign rubygems ruby-devel gcc gcc-c++ make libffi-devel \ && dnf clean all \ - && rm -rf /var/cache/yum + && rm -rf /var/cache/yum \ + && wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq \ + && chmod +x /usr/bin/yq \ + && touch /etc/containers/nodocker # Adding some Ansible Key and Timeout setting as well as accepting ssh-rsa -ENV ANSIBLE_HOST_KEY_CHECKING=False -ENV ANSIBLE_TIMEOUT=120 -RUN printf "StrictHostKeyChecking no\n" > /etc/ssh/ssh_config.d/99-ansible.conf -RUN printf "PubkeyAcceptedKeyTypes +ssh-rsa\n" >> /etc/ssh/ssh_config.d/99-ansible.conf -RUN printf "HostKeyAlgorithms +ssh-rsa\n" >> /etc/ssh/ssh_config.d/99-ansible.conf -ENV GPG_TTY /dev/console +ENV ANSIBLE_HOST_KEY_CHECKING=False \ + ANSIBLE_TIMEOUT=120 \ + GPG_TTY=/dev/console +COPY ssh_ansible.conf /etc/ssh/ssh_config.d/99-ansible.conf # Ensuring the fpm tool is installed to build distro packages such as RPM and DEB -RUN gem install ffi \ - && gem install fpm COPY rpm-sign-expect /usr/bin - -RUN chmod +x /usr/bin/rpm-sign-expect - -# Get the latest version of the unpackage yq utility -RUN wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq \ - && chmod +x /usr/bin/yq - -# Remove the Emulate Docker CLI using podman messages -RUN touch /etc/containers/nodocker \ No newline at end of file +RUN gem install ffi \ + && gem install fpm \ + && chmod +x /usr/bin/rpm-sign-expect \ No newline at end of file From 976aab2b072af4f09da4da87df4e8b9b63c0b9f1 Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 4 Mar 2023 09:43:05 -0500 Subject: [PATCH 7/8] Removing the dnf cache and condensing this a bit --- ssh_ansible.conf | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ssh_ansible.conf diff --git a/ssh_ansible.conf b/ssh_ansible.conf new file mode 100644 index 0000000..6c2570a --- /dev/null +++ b/ssh_ansible.conf @@ -0,0 +1,3 @@ +StrictHostKeyChecking no +PubkeyAcceptedKeyTypes +ssh-rsa +HostKeyAlgorithms +ssh-rsa \ No newline at end of file From db07e74ed198042056ac64bc54e9d7016339678e Mon Sep 17 00:00:00 2001 From: James Jones Date: Sat, 4 Mar 2023 10:45:47 -0500 Subject: [PATCH 8/8] Removing the dnf cache and condensing this a bit --- .github/workflows/build.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index fa50cb6..439da02 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -89,8 +89,12 @@ jobs: VERSION=$(echo "${GITHUB_REF_NAME}" | sed 's|/|-|g') fi podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry_proxy }} - podman push "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" - if [[ "$GITHUB_REF" =~ ^refs/tags.* ]]; then - podman tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" "${{ matrix.registry }}/$IMAGE_NAME:latest" - podman push "${{ matrix.registry }}/$IMAGE_NAME:latest" + if [[ "$GITHUB_REF" =~ ^refs/pull.* ]]; then + echo "Pull requests do not get published. Only for testing" + else + podman push "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" + if [[ "$GITHUB_REF" =~ ^refs/tags.* ]]; then + podman tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" "${{ matrix.registry }}/$IMAGE_NAME:latest" + podman push "${{ matrix.registry }}/$IMAGE_NAME:latest" + fi fi