cspark
/
Personal-Linux-System
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: add artifacthub metadata by default and WIP README (#48)

This commit is contained in:
Tulip Blossom 2025-01-05 12:33:03 -03:00 committed by GitHub
parent 301dcd61f6
commit 3390db95f4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 77 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
renovate.json → .github/renovate.json5 vendored
View File

150
.github/workflows/build.yml vendored
View File

@ -1,5 +1,5 @@
--- ---
name: build-ublue-custom name: Build Custom Image
on: on:
pull_request: pull_request:
branches: branches:
@ -17,6 +17,7 @@ env:
MY_IMAGE_NAME: "${{ github.event.repository.name }}" # the name of the image produced by this build, matches repo names MY_IMAGE_NAME: "${{ github.event.repository.name }}" # the name of the image produced by this build, matches repo names
MY_IMAGE_DESC: "My Customized Universal Blue Image" MY_IMAGE_DESC: "My Customized Universal Blue Image"
IMAGE_REGISTRY: "ghcr.io/${{ github.repository_owner }}" # do not edit IMAGE_REGISTRY: "ghcr.io/${{ github.repository_owner }}" # do not edit
ARTIFACTHUB_LOGO_URL: "https://avatars.githubusercontent.com/u/120078124?s=200&v=4" # You should put your own image here so that you get a fancy profile image on https://artifacthub.io/!
concurrency: concurrency:
group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-${{ inputs.brand_name}}-${{ inputs.stream_name }} group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-${{ inputs.brand_name}}-${{ inputs.stream_name }}
@ -33,67 +34,52 @@ jobs:
id-token: write id-token: write
steps: steps:
# Checkout push-to-registry action GitHub repository # These stage versions are pinned by https://github.com/renovatebot/renovate
- name: Checkout Push to Registry action - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Maximize build space - name: Get current date
uses: ublue-os/remove-unwanted-software@v7 id: date
- name: Generate tags
id: generate-tags
shell: bash
run: | run: |
# Generate a timestamp for creating an image version history # This generates a timestamp like what is defined on the ArtifactHub documentation
TIMESTAMP="$(date +%Y%m%d)" # E.G: 2022-02-08T15:38:15Z'
COMMIT_TAGS=() # https://artifacthub.io/docs/topics/repositories/container-images/
BUILD_TAGS=() # https://linux.die.net/man/1/date
echo "date=$(date -u +%Y\-%m\-%d\T%H\:%M\:%S\Z)" >> $GITHUB_OUTPUT
# Have tags for tracking builds during pull request # Image metadata for https://artifacthub.io/ - This is optional but is highly recommended so we all can get a index of all the custom images
SHA_SHORT="${GITHUB_SHA::7}" # The metadata by itself is not going to do anything, you choose if you want your image to be on ArtifactHub or not.
COMMIT_TAGS+=("pr-${{ github.event.number }}")
COMMIT_TAGS+=("${SHA_SHORT}")
# Append matching timestamp tags to keep a version history
for TAG in "${BUILD_TAGS[@]}"; do
BUILD_TAGS+=("${TAG}-${TIMESTAMP}")
done
BUILD_TAGS+=("${TIMESTAMP}")
BUILD_TAGS+=("latest")
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
echo "Generated the following commit tags: "
for TAG in "${COMMIT_TAGS[@]}"; do
echo "${TAG}"
done
alias_tags=("${COMMIT_TAGS[@]}")
else
alias_tags=("${BUILD_TAGS[@]}")
fi
echo "Generated the following build tags: "
for TAG in "${BUILD_TAGS[@]}"; do
echo "${TAG}"
done
echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT
# Build metadata
- name: Image Metadata - name: Image Metadata
uses: docker/metadata-action@v5 uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5
id: meta id: metadata
with: with:
images: | # This generates all the tags for your image, you can add custom tags here too!
${{ env.MY_IMAGE_NAME }} # By default, it should generate "latest" and "latest.(date here)".
tags: |
type=raw,value=latest
type=raw,value=latest.{{date 'YYYYMMDD'}}
type=raw,value={{date 'YYYYMMDD'}}
type=sha,enable=${{ github.event_name == 'pull_request' }}
type=ref,event=pr
labels: | labels: |
io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository }}/main/README.md io.artifacthub.package.readme-url=https://raw.githubusercontent.com/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}/refs/heads/main/README.md
org.opencontainers.image.description=${{ env.MY_IMAGE_DESC }} org.opencontainers.image.created=${{ steps.date.outputs.date }}
org.opencontainers.image.title=${{ env.MY_IMAGE_NAME }} org.opencontainers.image.description=${{ env.IMAGE_DESC }}
org.opencontainers.image.documentation=https://raw.githubusercontent.com/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}/refs/heads/main/README.md
org.opencontainers.image.source=https://github.com/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}/blob/main/Containerfile
org.opencontainers.image.title=${{ env.IMAGE_NAME }}
org.opencontainers.image.url=https://github.com/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
org.opencontainers.image.vendor=${{ github.repository_owner }}
org.opencontainers.image.version=latest
io.artifacthub.package.deprecated=false
io.artifacthub.package.keywords=bootc,ublue,universal-blue
io.artifacthub.package.license=Apache-2.0
io.artifacthub.package.logo-url=${{ env.ARTIFACTHUB_LOGO_URL }}
io.artifacthub.package.prerelease=false
containers.bootc=1
sep-tags: " "
sep-annotations: " "
# Build image using Buildah action
- name: Build Image - name: Build Image
id: build_image id: build_image
uses: redhat-actions/buildah-build@v2 uses: redhat-actions/buildah-build@v2
@ -102,55 +88,45 @@ jobs:
./Containerfile ./Containerfile
# Postfix image name with -custom to make it a little more descriptive # Postfix image name with -custom to make it a little more descriptive
# Syntax: https://docs.github.com/en/actions/learn-github-actions/expressions#format # Syntax: https://docs.github.com/en/actions/learn-github-actions/expressions#format
image: ${{ env.MY_IMAGE_NAME }} image: ${{ env.IMAGE_NAME }}
tags: | tags: ${{ steps.metadata.outputs.tags }}
${{ steps.generate-tags.outputs.alias_tags }} labels: ${{ steps.metadata.outputs.labels }}
labels: ${{ steps.meta.outputs.labels }}
oci: false oci: false
# Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR. # These `if` statements are so that pull requests for your custom images do not make it publish any packages under your name without you knowing
# https://github.com/macbre/push-to-ghcr/issues/12 # They also check if the runner is on the default branch so that things like the merge queue (if you enable it), are going to work
- name: Lowercase Registry
id: registry_case
uses: ASzc/change-string-case-action@v6
with:
string: ${{ env.IMAGE_REGISTRY }}
- name: Login to GitHub Container Registry - name: Login to GitHub Container Registry
uses: docker/login-action@v3 uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
if: github.event_name != 'pull_request' && github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
with: with:
registry: ghcr.io registry: ghcr.io
username: ${{ github.actor }} username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }} password: ${{ secrets.GITHUB_TOKEN }}
- name: Push Image to GHCR - name: Push To GHCR
uses: redhat-actions/push-to-registry@v2 uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2
if: github.event_name != 'pull_request' && github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
id: push id: push
env:
REGISTRY_USER: ${{ github.actor }}
REGISTRY_PASSWORD: ${{ github.token }}
with: with:
image: ${{ steps.build_image.outputs.image }} registry: ${{ env.IMAGE_REGISTRY }}
tags: ${{ steps.build_image.outputs.tags }} image: ${{ env.IMAGE_NAME }}
registry: ${{ steps.registry_case.outputs.lowercase }} tags: ${{ steps.metadata.outputs.tags }}
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }}
extra-args: |
--compression-format=zstd
# This section is optional and only needs to be enabled if you plan on distributing # This section is optional and only needs to be enabled if you plan on distributing
# your project for others to consume. You will need to create a public and private key # your project for others to consume. You will need to create a public and private key
# using Cosign and save the private key as a repository secret in Github for this workflow # using Cosign and save the private key as a repository secret in Github for this workflow
# to consume. For more details, review the image signing section of the README. # to consume. For more details, review the image signing section of the README.
- name: Install Cosign
# Sign container uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
- uses: sigstore/cosign-installer@v3.7.0 if: github.event_name != 'pull_request' && github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
if: github.event_name != 'pull_request'
- name: Sign container image - name: Sign container image
if: github.event_name != 'pull_request' if: github.event_name != 'pull_request' && github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
run: | run: |
cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ steps.build_image.outputs.image }}@${TAGS} IMAGE_FULL="${{ env.IMAGE_REGISTRY }}/${IMAGE_NAME}"
for tag in ${{ steps.metadata.outputs.tags }}; do
cosign sign -y --key env://COSIGN_PRIVATE_KEY $IMAGE_FULL:$tag
done
env: env:
TAGS: ${{ steps.push.outputs.digest }} TAGS: ${{ steps.push.outputs.digest }}
COSIGN_EXPERIMENTAL: false COSIGN_EXPERIMENTAL: false

6
README.md
View File

@ -16,6 +16,12 @@ This template includes a Containerfile and a Github workflow for building the co
- [**bootc discussion forums**](https://github.com/containers/bootc/discussions) - Nothing in this template is ublue specific, the upstream bootc project has a discussions forum where custom image builders can hang out and ask questions. - [**bootc discussion forums**](https://github.com/containers/bootc/discussions) - Nothing in this template is ublue specific, the upstream bootc project has a discussions forum where custom image builders can hang out and ask questions.
## ArtifactHub
ArtifactHub is - PLACEHOLDER
- [**artifacthub universal blue index**](https://artifacthub.io/packages/search?ts_query_web=ublue&sort=relevance&page=1)
# Prerequisites # Prerequisites
Working knowledge in the following topics: Working knowledge in the following topics:

8
artifacthub-repo.yml Normal file
View File

@ -0,0 +1,8 @@
# This file is completely optional, but if you want to index your image on https://artifacthub.io/ you can, by
# adding the Repository ID and your data there on `owners`. This makes it so we can all have a fancy index of all custom
# images. If you dont want to be on that, dont worry, this should not do anything by itself
repositoryID: my-custom-id-here # Fill in with your own credentials
owners: # (optional, used to claim repository ownership)
- name: My Name
email: my_email@email.com