diff --git a/.github/workflows/blank.yml b/.github/workflows/blank.yml deleted file mode 100644 index 18a6a3e..0000000 --- a/.github/workflows/blank.yml +++ /dev/null @@ -1,36 +0,0 @@ -# This is a basic workflow to help you get started with Actions - -name: CI - -# Controls when the workflow will run -on: - # Triggers the workflow on push or pull request events but only for the "main" branch - push: - branches: [ "main" ] - pull_request: - branches: [ "main" ] - - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - -# A workflow run is made up of one or more jobs that can run sequentially or in parallel -jobs: - # This workflow contains a single job called "build" - build: - # The type of runner that the job will run on - runs-on: ubuntu-latest - - # Steps represent a sequence of tasks that will be executed as part of the job - steps: - # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v3 - - # Runs a single command using the runners shell - - name: Run a one-line script - run: echo Hello, world! - - # Runs a set of commands using the runners shell - - name: Run a multi-line script - run: | - echo Add other actions to build, - echo test, and deploy your project. diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..16f0040 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,49 @@ +name: build-and-push-image + +on: + push: + branches: + - main + + pull_request: + branches: + - main + + workflow_dispatch: + +env: + REGISTRY: ghcr.io + IMAGE_NAME: centos/centos-boot-layered + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Login to GitHub Container Registry + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 + with: + context: . + file: Containerfile + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml new file mode 100644 index 0000000..28aae5f --- /dev/null +++ b/.github/workflows/pre-commit.yml @@ -0,0 +1,15 @@ +--- +name: pre_commit + +on: # yamllint disable-line rule:truthy + pull_request: + branches: + - main + +jobs: + pre_commit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 + - uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507 # v3.0.0 diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml new file mode 100644 index 0000000..7276410 --- /dev/null +++ b/.github/workflows/publish-image.yml @@ -0,0 +1,44 @@ +--- +name: publish-image + +on: + + push: + branches: + - main + + workflow_dispatch: + +env: + REGISTRY: ghcr.io + IMAGE: quay.io/centos-boot/builder + +jobs: + + build-and-push-image: + runs-on: ubuntu-latest + + steps: + + - name: Install qemu dependency + run: | + sudo apt-get update + sudo apt-get install -y qemu-user-static + + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Login to quay.io + run: buildah login --username ${{ secrets.QUAY_USER }} --password ${{ secrets.QUAY_PASSWORD }} quay.io + + - name: Build + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2.12 + with: + image: ${{ env.IMAGE }} + tags: latest + containerfiles: ./Containerfile + archs: s390x, arm64, amd64, ppc64le + context: . + + - name: Push To quay.io + run: buildah manifest push --all ${{ env.IMAGE }} docker://${{ env.IMAGE }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..9ee9ce3 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,31 @@ +--- +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.5.0 + hooks: + - id: end-of-file-fixer + - id: trailing-whitespace + args: + - --markdown-linebreak-ext=md + - id: check-docstring-first + - id: requirements-txt-fixer + - id: check-merge-conflict + - id: no-commit-to-branch + args: + - "--branch" + - "main" + - id: check-symlinks + - id: detect-private-key + - id: detect-aws-credentials + args: + - --allow-missing-credentials + - id: check-json + - id: check-yaml + - repo: https://github.com/markdownlint/markdownlint + rev: v0.13.0 + hooks: + - id: markdownlint + - repo: https://github.com/maxbrunet/pre-commit-renovate + rev: 37.49.5 + hooks: + - id: renovate-config-validator diff --git a/Containerfile b/Containerfile new file mode 100644 index 0000000..f334b24 --- /dev/null +++ b/Containerfile @@ -0,0 +1,6 @@ +# This image contains cloud-init, which makes it usable out of the box +# for e.g. a pre-generated AWS or KVM guest system. +FROM quay.io/centos-boot/fedora-tier-1:eln +RUN dnf -y install cloud-init && \ + ln -s ../cloud-init.target /usr/lib/systemd/system/default.target.wants && \ + rm /var/log/*.log /var/lib/dnf -rf && ostree container commit diff --git a/README.md b/README.md index 1d8ff06..222c94f 100644 --- a/README.md +++ b/README.md @@ -1 +1,13 @@ # centos-boot-layered + +## Badges + +| Badge | Description | Service | +| ----------------------- | -------------------- | ------------ | +| [![Renovate][1]][2] | Dependencies | Renovate | +| [![Pre-commit][3]][4] | Static quality gates | pre-commit | + +[1]: https://img.shields.io/badge/renovate-enabled-brightgreen?logo=renovate +[2]: https://renovatebot.com +[3]: https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit +[4]: https://pre-commit.com/