From bda9c5e16eac61a0d94f0776fef676a19fdd1e5e Mon Sep 17 00:00:00 2001 From: Haitao Pan Date: Thu, 9 Mar 2023 23:02:16 +0800 Subject: [PATCH] merge alpine* and debian jobs -> base-images.yaml --- .github/workflows/alpine-awscli-python3.yaml | 29 ----- .github/workflows/alpine-awscli.yaml | 29 ----- .github/workflows/alpine-glibc.yaml | 29 ----- .github/workflows/alpine-with-custom-ca.yaml | 29 ----- .github/workflows/base-images.yaml | 108 +++++++++++++++++++ oci/base/debian/Dockerfile | 14 +++ 6 files changed, 122 insertions(+), 116 deletions(-) delete mode 100644 .github/workflows/alpine-awscli-python3.yaml delete mode 100644 .github/workflows/alpine-awscli.yaml delete mode 100644 .github/workflows/alpine-glibc.yaml delete mode 100644 .github/workflows/alpine-with-custom-ca.yaml create mode 100644 .github/workflows/base-images.yaml create mode 100644 oci/base/debian/Dockerfile diff --git a/.github/workflows/alpine-awscli-python3.yaml b/.github/workflows/alpine-awscli-python3.yaml deleted file mode 100644 index a02d79d..0000000 --- a/.github/workflows/alpine-awscli-python3.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: Build & push apline-awscli-python3 image -on: - pull_request: - push: - paths: - - '.github/workflows/alpine-awscli-python3.yaml' - - 'oci/base/alpine-awscli-python3/Dockerfile' - branches: - - main - -jobs: - base-image: - runs-on: ubuntu-latest - name: Build alpine-awscli-python3 base image - steps: - - uses: actions/checkout@master - - - name: 'Artifact: build && push alpine-awscli-python3 image' - uses: aevea/action-kaniko@master - with: - registry: artifact.onwalk.net - username: admin - password: ${{ secrets.HELM_REPO_PASSWORD }} - path: 'oci/base/alpine-awscli-python3' - build_file: 'Dockerfile' - image: public/alpine-awscli-python3 - tag: latest - cache: true - cache_registry: cache diff --git a/.github/workflows/alpine-awscli.yaml b/.github/workflows/alpine-awscli.yaml deleted file mode 100644 index 2a50776..0000000 --- a/.github/workflows/alpine-awscli.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: Build & push apline-awscli image -on: - pull_request: - push: - paths: - - '.github/workflows/alpine-awscli.yaml' - - 'oci/base/alpine-awscli/Dockerfile' - branches: - - main - -jobs: - base-image: - runs-on: ubuntu-latest - name: Build alpine-awscli base image - steps: - - uses: actions/checkout@master - - - name: 'Artifact: build && push alpine-awscli image' - uses: aevea/action-kaniko@master - with: - registry: artifact.onwalk.net - username: admin - password: ${{ secrets.HELM_REPO_PASSWORD }} - path: 'oci/base/alpine-awscli' - build_file: 'Dockerfile' - image: public/alpine-awscli - tag: 2.6.1 - cache: true - cache_registry: cache diff --git a/.github/workflows/alpine-glibc.yaml b/.github/workflows/alpine-glibc.yaml deleted file mode 100644 index 88a3eb5..0000000 --- a/.github/workflows/alpine-glibc.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: Build & push apline-glibc image -on: - pull_request: - push: - paths: - - '.github/workflows/alpine-glibc-image.yaml' - - 'oci/base/alpine-glibc/Dockerfile' - branches: - - main - -jobs: - base-image: - runs-on: ubuntu-latest - name: Build alpine-glibc base image - steps: - - uses: actions/checkout@master - - - name: 'Artifact: build && push alpine-glibc image' - uses: aevea/action-kaniko@master - with: - registry: artifact.onwalk.net - username: admin - password: ${{ secrets.HELM_REPO_PASSWORD }} - path: 'oci/base/alpine-glibc' - build_file: 'Dockerfile' - image: public/alpine-glibc - tag: 2.34 - cache: true - cache_registry: cache diff --git a/.github/workflows/alpine-with-custom-ca.yaml b/.github/workflows/alpine-with-custom-ca.yaml deleted file mode 100644 index d568f3b..0000000 --- a/.github/workflows/alpine-with-custom-ca.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: Build & push apline with custom ca image -on: - pull_request: - push: - paths: - - 'oci/base/alpine/Dockerfile' - - '.github/workflows/alpine-with-custom-ca.yaml' - branches: - - main - -jobs: - base-image: - runs-on: ubuntu-latest - name: Build alpine base image - steps: - - uses: actions/checkout@master - - - name: 'Artifact: build && push alpine with custom ca image' - uses: aevea/action-kaniko@master - with: - registry: artifact.onwalk.net - username: admin - password: ${{ secrets.HELM_REPO_PASSWORD }} - path: './oci/base/alpine' - build_file: 'Dockerfile' - image: public/alpine-ca - tag: latest - cache: true - cache_registry: cache diff --git a/.github/workflows/base-images.yaml b/.github/workflows/base-images.yaml new file mode 100644 index 0000000..9af3609 --- /dev/null +++ b/.github/workflows/base-images.yaml @@ -0,0 +1,108 @@ +name: Build & push apline-awscli-python3 image +on: + pull_request: + push: + paths: + - '.github/workflows/base-images.yaml' + - 'oci/base/debian/Dockerfile' + - 'oci/base/alpine/Dockerfile' + - 'oci/base/alpine-glibc/Dockerfile' + - 'oci/base/alpine-awscli/Dockerfile' + - 'oci/base/alpine-awscli-python3/Dockerfile' + branches: + - main + +jobs: + alpine-awscli-python3: + runs-on: ubuntu-latest + needs: [alpine-aws-cli] + name: Build alpine-awscli-python3 base image + steps: + - uses: actions/checkout@master + + - name: 'Artifact: build && push alpine-awscli-python3 image' + uses: aevea/action-kaniko@master + with: + registry: artifact.onwalk.net + username: admin + password: ${{ secrets.HELM_REPO_PASSWORD }} + path: 'oci/base/alpine-awscli-python3' + build_file: 'Dockerfile' + image: public/alpine-awscli-python3 + tag: latest + cache: true + cache_registry: cache + alpine-awscli: + runs-on: ubuntu-latest + name: Build alpine-awscli base image + needs: [alpine-glibc] + steps: + - uses: actions/checkout@master + + - name: 'Artifact: build && push alpine-awscli image' + uses: aevea/action-kaniko@master + with: + registry: artifact.onwalk.net + username: admin + password: ${{ secrets.HELM_REPO_PASSWORD }} + path: 'oci/base/alpine-awscli' + build_file: 'Dockerfile' + image: public/alpine-awscli + tag: 2.6.1 + cache: true + cache_registry: cache + alpine-glibc: + runs-on: ubuntu-latest + name: Build alpine-glibc base image + needs: [alpine-ca] + steps: + - uses: actions/checkout@master + + - name: 'Artifact: build && push alpine-glibc image' + uses: aevea/action-kaniko@master + with: + registry: artifact.onwalk.net + username: admin + password: ${{ secrets.HELM_REPO_PASSWORD }} + path: 'oci/base/alpine-glibc' + build_file: 'Dockerfile' + image: public/alpine-glibc + tag: 2.34 + cache: true + cache_registry: cache + alpine-ca: + runs-on: ubuntu-latest + name: Build alpine base image + steps: + - uses: actions/checkout@master + + - name: 'Artifact: build && push alpine with custom ca image' + uses: aevea/action-kaniko@master + with: + registry: artifact.onwalk.net + username: admin + password: ${{ secrets.HELM_REPO_PASSWORD }} + path: './oci/base/alpine' + build_file: 'Dockerfile' + image: public/alpine-ca + tag: latest + cache: true + cache_registry: cache + debian: + runs-on: ubuntu-latest + name: Build debian base image + steps: + - uses: actions/checkout@master + + - name: 'Artifact: build && push alpine with custom ca image' + uses: aevea/action-kaniko@master + with: + registry: artifact.onwalk.net + username: admin + password: ${{ secrets.HELM_REPO_PASSWORD }} + path: './oci/base/debian' + build_file: 'Dockerfile' + image: public/debian + tag: latest + cache: true + cache_registry: cache diff --git a/oci/base/debian/Dockerfile b/oci/base/debian/Dockerfile new file mode 100644 index 0000000..4893cb7 --- /dev/null +++ b/oci/base/debian/Dockerfile @@ -0,0 +1,14 @@ +FROM debian +RUN apt update && apt install ca-certificates curl -y +RUN cd /usr/local/share/ca-certificates/ && curl http://certinfo.roche.com/rootcerts/Roche%20Root%20CA%201.cer -o RocheRootCA1.cer && \ + curl http://certinfo.roche.com/rootcerts/RocheEnterpriseCA1.cer -o RocheEnterpriseCA1.cer && \ + curl http://certinfo.roche.com/rootcerts/RocheEnterpriseCA2.cer \ + -o RocheEnterpriseCA2.cer && curl http://certinfo.roche.com/rootcerts/Roche%20Root%20CA%201%20-%20G2.crt \ + -o RocheRootCA1-G2.crt && curl http://certinfo.roche.com/rootcerts/Roche%20Enterprise%20CA%201%20-%20G2.crt \ + -o RocheEnterpriseCA1-G2.crt && curl http://certinfo.roche.com/rootcerts/Roche%20G3%20Root%20CA.crt \ + -o RocheG3RootCA.crt && curl http://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%201.crt \ + -o RocheG3IssuingCA1.crt && curl http://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%202.crt \ + -o RocheG3IssuingCA2.crt && curl http://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%203.crt \ + -o RocheG3IssuingCA3.crt && curl http://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%204.crt \ + -o RocheG3IssuingCA4.crt && update-ca-certificates +