From 54eb4d0228dcf7eab1eb6177318b3723fa1bf565 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Sat, 4 Nov 2023 09:52:56 -0400 Subject: [PATCH] builder: New container image This will be the container image buildroot. --- .github/workflows/builder.yml | 32 ++++++++++++++++++++++++++++++++ builder/Containerfile | 7 +++++++ builder/build.sh | 21 +++++++++++++++++++++ 3 files changed, 60 insertions(+) create mode 100644 .github/workflows/builder.yml create mode 100644 builder/Containerfile create mode 100755 builder/build.sh diff --git a/.github/workflows/builder.yml b/.github/workflows/builder.yml new file mode 100644 index 00000000..41c2a793 --- /dev/null +++ b/.github/workflows/builder.yml @@ -0,0 +1,32 @@ +name: builder + +on: + push: + pull_request: + branches: + - main + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository_owner }}/builder + +jobs: + build-image: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + - name: Login + run: buildah login --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} ${{ env.REGISTRY }} + - name: Build + uses: redhat-actions/buildah-build@v2 + with: + image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: latest + containerfiles: ./builder/Containerfile + archs: amd64, ppc64le, s390x, arm64 + oci: true + context: builder + - name: Push + run: buildah push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} diff --git a/builder/Containerfile b/builder/Containerfile new file mode 100644 index 00000000..22b11d24 --- /dev/null +++ b/builder/Containerfile @@ -0,0 +1,7 @@ +# This image contains the baseline tools to build bootable base images. +FROM quay.io/centos/centos:stream9 +WORKDIR /src +COPY . . +RUN ./build.sh && cd / && rm /src -rf +WORKDIR / + diff --git a/builder/build.sh b/builder/build.sh new file mode 100755 index 00000000..51b08fa1 --- /dev/null +++ b/builder/build.sh @@ -0,0 +1,21 @@ +#!/bin/bash +set -xeuo pipefail + +pkginstall() { + dnf -y install "$@" +} + +pkginstall dnf-utils +dnf config-manager --set-enabled crb +pkginstall epel-release epel-next-release +# The repo files reference GPG keys +pkginstall distribution-gpg-keys +# rpm-ostree for builds, and need skopeo to do the container backend +pkginstall rpm-ostree skopeo +# For derived container builds +pkginstall buildah +# And a rust toolchain +pkginstall cargo openssl-devel + +# Build tools +pkginstall selinux-policy-targeted osbuild crypto-policies-scripts sudo