Initial creation of demo repo for GHA builds

nzwulfin · Nov 8, 2024 · d2fb572 · d2fb572
1 parent 80fb837
commit d2fb572
Show file tree

Hide file tree

Showing 4 changed files with 141 additions and 0 deletions.
diff --git a/.github/workflows/build_fedora_bootc.yml b/.github/workflows/build_fedora_bootc.yml
@@ -0,0 +1,43 @@
+name: Build F40 bootc image with GHA
+on:
+  push:
+    paths:
+      - 'fedora/**'
+    branches:
+      - main
+
+jobs:
+  build:
+    name: Build Fedora bootc image
+    runs-on: ubuntu-latest
+    env:
+      IMAGE_NAME: f40-bootc-quick
+      REGISTRY: ghcr.io/nzwulfin
+
+    steps:
+      - name: Clone the repository
+        uses: actions/checkout@v4
+
+      - name: Use buildah bud to create the image
+        id: build-image
+        uses: redhat-actions/buildah-build@v2
+        with:
+          image: ${{ env.IMAGE_NAME }}
+          tags: latest ${{ github.sha }}
+          containerfiles: |
+            ./fedora/Containerfile
+
+      - name: Log in to the GitHub Container registry
+        uses: redhat-actions/podman-login@v1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Push to GitHub Container Repository
+        id: push-to-ghcr
+        uses: redhat-actions/push-to-registry@v2
+        with:
+          image: ${{ steps.build-image.outputs.image }}
+          tags: ${{ steps.build-image.outputs.tags }}
+          registry: ${{ env.REGISTRY }}
diff --git a/.github/workflows/build_rhel_bootc.yml b/.github/workflows/build_rhel_bootc.yml
@@ -0,0 +1,80 @@
+name: Build RHEL bootc image with GHA
+on:
+  push:
+    paths:
+      - 'rhel/**'
+    branches:
+      - main
+
+jobs:
+  subs:
+    name: Build RHEL bootc image with repo access
+    runs-on: ubuntu-latest
+    env:
+      IMAGE_NAME: rhel9-bootc-quick
+      REGISTRY: ghcr.io/nzwulfin
+    container:
+      image: registry.access.redhat.com/ubi9/ubi
+      options: --privileged
+
+    steps:
+      - name: Clone the repository
+        uses: actions/checkout@v4
+
+      - name: Get container tools in UBI builder
+        run: dnf -y install --disablerepo=* --enablerepo=ubi-9-appstream-rpms --enablerepo=ubi-9-baseos-rpms podman buildah skopeo
+
+      - name: Access a subscription via activation key
+        env:
+          SMDEV_CONTAINER_OFF: 1
+          orgid: ${{ secrets.RHT_ORGID }}
+          activation_key: ${{ secrets.RHT_ACT_KEY }}
+        run: subscription-manager register --org=$orgid --activationkey=$activation_key
+
+      # workaround for https://github.com/redhat-actions/podman-login/issues/42 since the docker config from the host doesn't come up to the container
+      - name: Fix auth file
+        env:
+          auth: "{ \"auths\": {} }"
+        run: |
+          mkdir -p $HOME/.docker
+          echo $auth > $HOME/.docker/config.json
+      
+      - name: Log in to the RHT terms based registry
+        uses: redhat-actions/podman-login@v1
+        with:
+          registry: registry.redhat.io
+          username: ${{ vars.RHT_REG_SVCUSER }}
+          password: ${{ secrets.RHT_REG_SVCPASS }}
+          auth_file_path: /run/containers/0/auth.json
+
+      - name: Use buildah bud to create the image
+        id: build-image
+        uses: redhat-actions/buildah-build@v2
+        with:
+          image: ${{ env.IMAGE_NAME }}
+          tags: latest ${{ github.sha }}
+          containerfiles: |
+            ./rhel/Containerfile
+
+      - name: Log in to the GitHub Container registry
+        uses: redhat-actions/podman-login@v1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+          auth_file_path: /run/containers/0/auth.json
+
+      - name: Push to GitHub Container Repository
+        id: push-to-ghcr
+        uses: redhat-actions/push-to-registry@v2
+        with:
+          image: ${{ steps.build-image.outputs.image }}
+          tags: ${{ steps.build-image.outputs.tags }}
+          registry: ${{ env.REGISTRY }}
+
+      - name: Release the subscription
+        env:
+          SMDEV_CONTAINER_OFF: 1
+        run: |
+          subscription-manager remove --all
+          subscription-manager unregister
diff --git a/fedora/Containerfile b/fedora/Containerfile
@@ -0,0 +1,9 @@
+FROM quay.io/fedora/fedora-bootc:40
+RUN dnf -y install mkpasswd neofetch nethack
+RUN pass=$(mkpasswd --method=SHA-512 --rounds=4096 redhat) && useradd -m -G wheel bootc-user -p $pass
+RUN echo "%wheel        ALL=(ALL)       NOPASSWD: ALL" > /etc/sudoers.d/wheel-sudo
+RUN dnf -y install httpd && \
+    systemctl enable httpd && \
+    mv /var/www /usr/share/www && \
+    sed -ie 's,/var/www,/usr/share/www,' /etc/httpd/conf/httpd.conf
+RUN echo "Welcome to the bootc-http instance!" > /usr/share/www/html/index.html
diff --git a/rhel/Containerfile b/rhel/Containerfile
@@ -0,0 +1,9 @@
+FROM registry.redhat.io/rhel9/rhel-bootc
+RUN dnf -y install mkpasswd 
+RUN pass=$(mkpasswd --method=SHA-512 --rounds=4096 redhat) && useradd -m -G wheel bootc-user -p $pass
+RUN echo "%wheel        ALL=(ALL)       NOPASSWD: ALL" > /etc/sudoers.d/wheel-sudo
+RUN dnf -y install httpd && \
+    systemctl enable httpd && \
+    mv /var/www /usr/share/www && \
+    sed -ie 's,/var/www,/usr/share/www,' /etc/httpd/conf/httpd.conf
+RUN echo "Welcome to a GHA built bootc-http instance!" > /usr/share/www/html/index.html