Merge pull request #2 from JamesJonesConsulting/develop

Adding additional dependencies for the build container and publishing to home lab Nexus Repository
2022-12-07 07:57:34 -05:00
parent 982a623d04 8c9891eebb
commit d0882615b2
3 changed files with 40 additions and 13 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -15,7 +15,8 @@ on:
      - develop

 env:
-  REGISTRY: ghcr.io
+  GITHUB_DOCKER_USER: ${{ github.actor }}
+  NEXUS_DOCKER_USER: ${{ secrets.HOME_NEXUS_DOCKER_USER }}

 jobs:
  build-and-push:
@@ -23,6 +24,18 @@ jobs:
    container:
      image: quay.io/podman/stable:latest
      options: --userns=keep-id --privileged --user root
+    strategy:
+      fail-fast: false
+      max-parallel: 2
+      matrix:
+        registry: [ 'ghcr.io', 'nexus.jamjon3.sytes.net:5443' ]
+        include:
+          - registry: ghcr.io
+            user: GITHUB_DOCKER_USER
+            password: GITHUB_TOKEN
+          - registry: nexus.jamjon3.sytes.net:5443
+            user: NEXUS_DOCKER_USER
+            password: HOME_NEXUS_DOCKER_PASSWORD
    steps:
      # Downloads a copy of the code in your repository before running CI tests
      - name: Check out repository code
@@ -33,15 +46,15 @@ jobs:
      - name: Docker Login
        uses: azure/docker-login@v1
        with:
-          login-server: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          login-server: ${{ matrix.registry }}
+          username: ${{ env[matrix.user] }}
+          password: ${{ secrets[matrix.password] }}
      # This requires docker buildx which podman doesn't support
      # - name: Extract metadata (tags, labels) for Docker
      #   id: meta
      #   uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
      #   with:
-      #     images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}      
+      #     images: ${{ matrix.registry }}/${{ env.IMAGE_NAME }}      
      # - name: Build and push Docker images
      #   uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
      #   with:
@@ -57,12 +70,9 @@ jobs:
          else
            VERSION=$(echo "${GITHUB_REF_NAME}" | sed 's|/|-|g')
          fi
-          podman build . --file Dockerfile --tag "$REGISTRY/$IMAGE_NAME:$VERSION"
-          podman push "$REGISTRY/$IMAGE_NAME:$VERSION"
+          podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION"
+          podman push "${{ matrix.registry }}/$IMAGE_NAME:$VERSION"
          if [[ "$GITHUB_REF" =~ ^refs/tags.* ]]; then
-            podman tag "$REGISTRY/$IMAGE_NAME:$VERSION" "$REGISTRY/$IMAGE_NAME:latest"
-            podman push "$REGISTRY/$IMAGE_NAME:latest"
+            podman tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" "${{ matrix.registry }}/$IMAGE_NAME:latest"
+            podman push "${{ matrix.registry }}/$IMAGE_NAME:latest"
          fi
-        # env:
-        #   REG_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        #   # REG_TOKEN: ${{ secrets.REPO_GITHUB_TOKEN }}
--- a/13
+++ b/13
@@ -3,13 +3,24 @@ FROM quay.io/podman/stable:latest
 # Adding on the docker alias, docker-compose and other useful stuff
 RUN dnf install -y podman-docker buildah skopeo docker-compose \
  util-linux ansible-core openssh-clients krb5-devel krb5-libs krb5-workstation git jq unzip coreutils \
-  helm doctl kubernetes-client
+  helm doctl kubernetes-client gnupg2 pinentry
+
+# Adding the Azure CLI
+RUN rpm --import https://packages.microsoft.com/keys/microsoft.asc \
+  && dnf install -y https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm \
+  && dnf install -y azure-cli

 # Adding some Ansible Key and Timeout setting
 ENV ANSIBLE_HOST_KEY_CHECKING=False
 ENV ANSIBLE_TIMEOUT=60
 RUN printf "\nStrictHostKeyChecking no\n" >> /etc/ssh/ssh_config
+ENV GPG_TTY /dev/console

+# Adding RPM build tools along with FPM
+RUN dnf install -y rpm-build rpm-sign rubygems ruby-devel gcc gcc-c++ make libffi-devel
+
+RUN gem install ffi \
+    && gem install fpm

 # Remove the Emulate Docker CLI using podman messages
 RUN touch /etc/containers/nodocker
--- a/README.md
+++ b/README.md
@@ -18,6 +18,12 @@ Note: The `build-push` action doesn't work with 'podman' (commented out in the p
 docker pull ghcr.io/jamesjonesconsulting/podman-dind-like:latest
 ```

+### Why is there a second container in the matrix?
+
+The matrix defined in the pipeline pushes the public container (as described above), but also publishes a private container to my instance of Nexus
+Repository for my home lab usage. Having this container 'local' to my home lab saves bandwidth and accellerates my use cases. In addition, it's an
+example of the usage of the 'matrix' feature in a repository I have public so others may benefit from seeing the pattern in use.
+
 ## Notes on GitLab

 This job also runs on a self-hosted gitlab agent with the following in the `/etc/gitlab-runner/config.toml` file so this is also compatible with