diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 69d9ff3..7f23510 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -46,7 +46,6 @@ jobs: echo DISTRO=$DISTRO >> $GITHUB_ENV DISTRO_REL=$(echo $x| awk '{print $2}') echo DISTRO_REL=$DISTRO_REL >> $GITHUB_ENV - # build image tag cat config.mk | sed /^#.*$/d | sed s/\?=/=/g | sed s/#.*$//g | egrep -v "COMMIT|MAKE|DISTRO" > config.vars cat ./config.vars source ./config.vars @@ -60,11 +59,14 @@ jobs: exit 1 fi SHA=${{ github.sha }} + SHA=${SHA::7} echo SHA=$SHA >> $GITHUB_ENV echo IMAGE=${{ matrix.image }}-$DISTRO-${{ matrix.arch }} >> $GITHUB_ENV - IMAGE_TAG=$TAG-${SHA::7} + IMAGE_TAG=$TAG-${SHA} echo IMAGE_TAG=$IMAGE_TAG echo IMAGE_TAG=$IMAGE_TAG >> $GITHUB_ENV + echo DESCRIPTION="$(cat images/${{ matrix.image }}/README.md)" >> $GITHUB_ENV + echo LICENSES="$(cat images/${{ matrix.image }}/LICENSE.md)" >> $GITHUB_ENV - name: Run zot container image with podman run: | wget -N https://raw.githubusercontent.com/project-zot/zot/main/examples/config-cve.json @@ -76,7 +78,9 @@ jobs: with: file: images/${{ matrix.image }}/stacker.yaml build-args: | - COMMIT=${{ github.sha }} + REVISION=${{ env.SHA }} + DESCRIPTION="${{ env.DESCRIPTION }}" + LICENSES="${{ env.LICENSES }}" OS=${{ matrix.os }} ARCH=${{ matrix.arch }} DISTRO=${{ env.DISTRO }} @@ -136,7 +140,6 @@ jobs: echo DISTRO=$DISTRO >> $GITHUB_ENV DISTRO_REL=$(echo $x| awk '{print $2}') echo DISTRO_REL=$DISTRO_REL >> $GITHUB_ENV - # build image tag cat config.mk | sed /^#.*$/d | sed s/\?=/=/g | sed s/#.*$//g | egrep -v "COMMIT|MAKE|DISTRO" > config.vars cat ./config.vars source ./config.vars @@ -150,16 +153,21 @@ jobs: exit 1 fi SHA=${{ github.sha }} + SHA=${SHA::7} echo SHA=$SHA >> $GITHUB_ENV echo IMAGE=${{ matrix.image }}-$DISTRO-${{ matrix.arch }} >> $GITHUB_ENV IMAGE_TAG=$TAG echo IMAGE_TAG=$IMAGE_TAG >> $GITHUB_ENV + echo DESCRIPTION="$(cat images/${{ matrix.image }}/README.md)" >> $GITHUB_ENV + echo LICENSES="$(cat images/${{ matrix.image }}/LICENSE.md)" >> $GITHUB_ENV - name: Publish container images to zothub.io uses: project-stacker/stacker-build-push-action@main with: file: images/${{ matrix.image }}/stacker.yaml build-args: | - COMMIT=${{ github.sha }} + REVISION=${{ env.SHA }} + DESCRIPTION="${{ env.DESCRIPTION }}" + LICENSES="${{ env.LICENSES }}" OS=${{ matrix.os }} ARCH=${{ matrix.arch }} DISTRO=${{ env.DISTRO }} diff --git a/images/base/Makefile b/images/base/Makefile index b69a485..a65ff6b 100644 --- a/images/base/Makefile +++ b/images/base/Makefile @@ -9,7 +9,9 @@ all: $(IMAGES) test .PHONY: % %: stacker build -f $*.yaml \ - --substitute BUILD_ID=$(COMMIT) \ + --substitute REVISION=$(COMMIT) \ + --substitute LICENSES="$(shell cat LICENSE.md)" \ + --substitute DESCRIPTION="$(shell cat README.md)" \ --substitute OS=$(OS) \ --substitute ARCH=$(ARCH) \ --substitute DISTRO=$(DISTRO) \ diff --git a/images/base/README.md b/images/base/README.md index 216c0b7..aed9c8f 100644 --- a/images/base/README.md +++ b/images/base/README.md @@ -1 +1 @@ -**base** is a minimal glibc-based Linux system. +base is a minimal glibc-based Linux system diff --git a/images/base/stacker.yaml b/images/base/stacker.yaml index 524c28e..92ee698 100644 --- a/images/base/stacker.yaml +++ b/images/base/stacker.yaml @@ -1,6 +1,3 @@ -# "base" is an image that can be used to package binaries -# that require libc runtime - config: prerequisites: - ../static/stacker.yaml @@ -32,3 +29,12 @@ base-${{DISTRO}}-${{ARCH}}: from: type: tar url: stacker://build-base/rootfs.tar + annotations: + org.opencontainers.image.title: base-${{DISTRO}}-${{ARCH}} + org.opencontainers.image.description: ${{DESCRIPTION}} + org.opencontainers.image.url: https://github.com/project-stacker/c3 + org.opencontainers.image.source: https://github.com/project-stacker/c3 + org.opencontainers.image.version: ${{DISTRO_REL}} + org.opencontainers.image.revision: ${{REVISION}} + org.opencontainers.image.licenses: ${{LICENSES}} + org.opencontainers.image.vendor: Cisco Systems, Inc. diff --git a/images/busybox/stacker.yaml b/images/busybox/stacker.yaml deleted file mode 100644 index 85206a4..0000000 --- a/images/busybox/stacker.yaml +++ /dev/null @@ -1,40 +0,0 @@ -# Builds a "distroless" image -# -# "static" is an image that can be used to package statically built binaries (go, rust, etc) - -build-static: - from: - type: docker - url: docker://${{ARCH}}/${{DISTRO}}:${{DISTRO_REL}} - run: | - apt-get update && apt-get dist-upgrade -y - dldir=$(mktemp -d ${TMPDIR:-/tmp}/XXXXXX) - apt-get -y --reinstall install \ - "--option=Dir::Cache::Archives=$dldir" \ - --download-only \ - ca-certificates base-files netbase tzdata - ls $dldir - mkdir rootfs - dpkg-deb -xv $dldir/ca-certificates*.deb rootfs - dpkg-deb -xv $dldir/base-files*.deb rootfs - dpkg-deb -xv $dldir/netbase*.deb rootfs - dpkg-deb -xv $dldir/tzdata*.deb rootfs - # post-build cleanup - rm -rf rootfs/usr/bin/* - rm -rf rootfs/usr/sbin/* - rm -rf rootfs/usr/share/doc/* - rm -rf rootfs/usr/share/man/* - # post-build packaging - cd rootfs/ - tar cpvf /rootfs.tar . - ls -altr /rootfs.tar - sha256sum /rootfs.tar - # post-packaging cleanup - cd .. - rm -rf rootfs - build_only: true - -static-${{DISTRO}}-${{ARCH}}: - from: - type: tar - url: stacker://build-static/rootfs.tar diff --git a/images/devel/Makefile b/images/devel/Makefile index b69a485..a65ff6b 100644 --- a/images/devel/Makefile +++ b/images/devel/Makefile @@ -9,7 +9,9 @@ all: $(IMAGES) test .PHONY: % %: stacker build -f $*.yaml \ - --substitute BUILD_ID=$(COMMIT) \ + --substitute REVISION=$(COMMIT) \ + --substitute LICENSES="$(shell cat LICENSE.md)" \ + --substitute DESCRIPTION="$(shell cat README.md)" \ --substitute OS=$(OS) \ --substitute ARCH=$(ARCH) \ --substitute DISTRO=$(DISTRO) \ diff --git a/images/devel/README.md b/images/devel/README.md index 6a7be18..7e90e67 100644 --- a/images/devel/README.md +++ b/images/devel/README.md @@ -1 +1 @@ -**devel** is a layer which contains common packages use to compile and build programs. +devel is a layer which contains common packages use to compile and build programs. diff --git a/images/go-devel/Makefile b/images/go-devel/Makefile index 1abac5e..39ccf2c 100644 --- a/images/go-devel/Makefile +++ b/images/go-devel/Makefile @@ -8,8 +8,10 @@ all: $(IMAGES) test .PHONY: % %: - stacker build -f $*.yaml \ - --substitute BUILD_ID=$(COMMIT) \ + stacker --debug build -f $*.yaml \ + --substitute REVISION=$(COMMIT) \ + --substitute LICENSES="$(shell cat LICENSE.md)" \ + --substitute DESCRIPTION="$(shell cat README.md)" \ --substitute OS=$(OS) \ --substitute ARCH=$(ARCH) \ --substitute DISTRO=$(DISTRO) \ diff --git a/images/go-devel/README.md b/images/go-devel/README.md index 3524a3d..575de54 100644 --- a/images/go-devel/README.md +++ b/images/go-devel/README.md @@ -1 +1 @@ -**golang-devel** is an image which contains a golang toolchain along with some common build tools. +golang-devel is an image which contains a golang toolchain along with some common build tools diff --git a/images/go-devel/stacker.yaml b/images/go-devel/stacker.yaml index d3abdb8..1a335bb 100644 --- a/images/go-devel/stacker.yaml +++ b/images/go-devel/stacker.yaml @@ -1,5 +1,3 @@ -# "go-devel" is an image that can be used to do golang development - config: prerequisites: - ../static/stacker.yaml @@ -72,6 +70,15 @@ go-devel-${{DISTRO}}-${{ARCH}}: echo 'mkdir -p /tmp/go/cache' >> /etc/profile echo 'export GOCACHE=/tmp/go/cache' >> /etc/profile full_command: "/bin/sh -l" + annotations: + org.opencontainers.image.title: go-devel-${{DISTRO}}-${{ARCH}} + org.opencontainers.image.description: ${{DESCRIPTION}} + org.opencontainers.image.url: https://github.com/project-stacker/c3 + org.opencontainers.image.source: https://github.com/project-stacker/c3 + org.opencontainers.image.version: ${{GOLANG}} + org.opencontainers.image.revision: ${{REVISION}} + org.opencontainers.image.licenses: ${{LICENSES}} + org.opencontainers.image.vendor: Cisco Systems, Inc. test-go-devel: from: diff --git a/images/openj9-devel/Makefile b/images/openj9-devel/Makefile index 42439b8..de43263 100644 --- a/images/openj9-devel/Makefile +++ b/images/openj9-devel/Makefile @@ -9,7 +9,9 @@ all: $(IMAGES) test .PHONY: % %: stacker build -f $*.yaml \ - --substitute BUILD_ID=$(COMMIT) \ + --substitute REVISION=$(COMMIT) \ + --substitute LICENSES="$(shell cat LICENSE.md)" \ + --substitute DESCRIPTION="$(shell cat README.md)" \ --substitute OS=$(OS) \ --substitute ARCH=$(ARCH) \ --substitute DISTRO=$(DISTRO) \ diff --git a/images/openj9-devel/README.md b/images/openj9-devel/README.md index 43121ac..f3d5895 100644 --- a/images/openj9-devel/README.md +++ b/images/openj9-devel/README.md @@ -1 +1 @@ -**openj9-devel** is an image which contains IBM Semeru Runtime OpenJ9 JDK and JRE along with some common build tools. +openj9-devel is an image which contains IBM Semeru Runtime OpenJ9 JDK and JRE along with some common build tools diff --git a/images/openj9-devel/stacker.yaml b/images/openj9-devel/stacker.yaml index f543a85..7d37b2e 100644 --- a/images/openj9-devel/stacker.yaml +++ b/images/openj9-devel/stacker.yaml @@ -1,5 +1,3 @@ -# "openj9-devel" is an image that can be used to do Java development - config: prerequisites: - ../static/stacker.yaml @@ -58,9 +56,18 @@ openj9-devel-${{DISTRO}}-${{ARCH}}: url: stacker://build-openj9-devel/rootfs.tar run: | echo 'export HOME=/jdk' > /etc/profile - echo 'export JAVA_HOME=/opt/jdk' > /etc/profile + echo 'export JAVA_HOME=/opt/jdk' >> /etc/profile echo 'export PATH=$JAVA_HOME/bin:$PATH' >> /etc/profile full_command: "/bin/sh -l" + annotations: + org.opencontainers.image.title: openj9-devel-${{DISTRO}}-${{ARCH}} + org.opencontainers.image.description: ${{DESCRIPTION}} + org.opencontainers.image.url: https://github.com/project-stacker/c3 + org.opencontainers.image.source: https://github.com/project-stacker/c3 + org.opencontainers.image.version: ${{OPENJDK}} + org.opencontainers.image.revision: ${{REVISION}} + org.opencontainers.image.licenses: ${{LICENSES}} + org.opencontainers.image.vendor: Cisco Systems, Inc. test-openj9-devel: from: diff --git a/images/openj9/Makefile b/images/openj9/Makefile index 42439b8..de43263 100644 --- a/images/openj9/Makefile +++ b/images/openj9/Makefile @@ -9,7 +9,9 @@ all: $(IMAGES) test .PHONY: % %: stacker build -f $*.yaml \ - --substitute BUILD_ID=$(COMMIT) \ + --substitute REVISION=$(COMMIT) \ + --substitute LICENSES="$(shell cat LICENSE.md)" \ + --substitute DESCRIPTION="$(shell cat README.md)" \ --substitute OS=$(OS) \ --substitute ARCH=$(ARCH) \ --substitute DISTRO=$(DISTRO) \ diff --git a/images/openj9/README.md b/images/openj9/README.md index 46043ca..fbac00c 100644 --- a/images/openj9/README.md +++ b/images/openj9/README.md @@ -1 +1 @@ -**openj9** is an image which contains IBM Semeru Runtime OpenJ9 JVM runtime to host Java applications. +openj9 is an image which contains IBM Semeru Runtime OpenJ9 JVM runtime to host Java applications diff --git a/images/openj9/stacker.yaml b/images/openj9/stacker.yaml index 8b00daa..693f0c6 100644 --- a/images/openj9/stacker.yaml +++ b/images/openj9/stacker.yaml @@ -1,5 +1,3 @@ -# "openj9-devel" is an image that can be used to do Java development - config: prerequisites: - ../static/stacker.yaml @@ -59,9 +57,18 @@ openj9-${{DISTRO}}-${{ARCH}}: url: stacker://build-openj9/rootfs.tar run: | echo 'export HOME=/jre' > /etc/profile - echo 'export JAVA_HOME=/opt/jre' > /etc/profile + echo 'export JAVA_HOME=/opt/jre' >> /etc/profile echo 'export PATH=$JAVA_HOME/bin:$PATH' >> /etc/profile full_command: "/bin/sh -l" + annotations: + org.opencontainers.image.title: openj9-${{DISTRO}}-${{ARCH}} + org.opencontainers.image.description: ${{DESCRIPTION}} + org.opencontainers.image.url: https://github.com/project-stacker/c3 + org.opencontainers.image.source: https://github.com/project-stacker/c3 + org.opencontainers.image.version: ${{OPENJDK}} + org.opencontainers.image.revision: ${{REVISION}} + org.opencontainers.image.licenses: ${{LICENSES}} + org.opencontainers.image.vendor: Cisco Systems, Inc. run-openj9: from: diff --git a/images/static/Makefile b/images/static/Makefile index b69a485..a65ff6b 100644 --- a/images/static/Makefile +++ b/images/static/Makefile @@ -9,7 +9,9 @@ all: $(IMAGES) test .PHONY: % %: stacker build -f $*.yaml \ - --substitute BUILD_ID=$(COMMIT) \ + --substitute REVISION=$(COMMIT) \ + --substitute LICENSES="$(shell cat LICENSE.md)" \ + --substitute DESCRIPTION="$(shell cat README.md)" \ --substitute OS=$(OS) \ --substitute ARCH=$(ARCH) \ --substitute DISTRO=$(DISTRO) \ diff --git a/images/static/README.md b/images/static/README.md index e16c0a9..a409a8d 100644 --- a/images/static/README.md +++ b/images/static/README.md @@ -1 +1 @@ -**static** is a minimal Linux system intended for use directly by statically compiled binaries. +static is a minimal Linux system intended for use directly by statically compiled binaries diff --git a/images/static/stacker.yaml b/images/static/stacker.yaml index b490b76..9c0b4be 100644 --- a/images/static/stacker.yaml +++ b/images/static/stacker.yaml @@ -1,6 +1,3 @@ -# "static" is an image that can be used to -# package statically built binaries (go, rust, etc) - build-static: from: type: docker @@ -25,3 +22,12 @@ static-${{DISTRO}}-${{ARCH}}: from: type: tar url: stacker://build-static/rootfs.tar + annotations: + org.opencontainers.image.title: static-${{DISTRO}}-${{ARCH}} + org.opencontainers.image.description: ${{DESCRIPTION}} + org.opencontainers.image.url: https://github.com/project-stacker/c3 + org.opencontainers.image.source: https://github.com/project-stacker/c3 + org.opencontainers.image.version: ${{DISTRO_REL}} + org.opencontainers.image.revision: ${{REVISION}} + org.opencontainers.image.licenses: ${{LICENSES}} + org.opencontainers.image.vendor: Cisco Systems, Inc.