From b6ecb8d6822eaa6aff5bff37b029a8243941f6f3 Mon Sep 17 00:00:00 2001
From: Ben Vincent <ben@unkin.net>
Date: Sun, 8 Sep 2024 00:15:21 +1000
Subject: [PATCH] feat: initial commit

- add Makefile
- add gitea workflows
- add Dockerfile
- pass through trusted ca certificates
---
 .gitea/workflows/build.yaml  | 29 +++++++++++++++++++++++++
 .gitea/workflows/deploy.yaml | 42 ++++++++++++++++++++++++++++++++++++
 Dockerfile                   | 18 ++++++++++++++++
 Makefile                     | 33 ++++++++++++++++++++++++++++
 README.md                    | 11 ++++++++--
 5 files changed, 131 insertions(+), 2 deletions(-)
 create mode 100644 .gitea/workflows/build.yaml
 create mode 100644 .gitea/workflows/deploy.yaml
 create mode 100644 Dockerfile
 create mode 100644 Makefile

diff --git a/.gitea/workflows/build.yaml b/.gitea/workflows/build.yaml
new file mode 100644
index 0000000..05cec67
--- /dev/null
+++ b/.gitea/workflows/build.yaml
@@ -0,0 +1,29 @@
+name: Build
+
+on:
+  pull_request:
+
+jobs:
+  build:
+    runs-on: almalinux-8
+    container:
+      image: docker:dind
+      options: --privileged
+      volumes:
+        - /etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt
+        - /etc/pki/tls/certs/ca-bundle.crt:/etc/ssl/certs/ca-certificates.crt
+        - /etc/pki/tls/certs/ca-bundle.crt:/etc/docker/certs.d/git.query.consul/ca.crt
+
+    steps:
+      - name: Set up environment
+        run: |
+          apk add --no-cache make bash git nodejs
+          cp /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+          update-ca-certificates
+
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Build Docker Image
+        run: |
+          make build
diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml
new file mode 100644
index 0000000..819c184
--- /dev/null
+++ b/.gitea/workflows/deploy.yaml
@@ -0,0 +1,42 @@
+name: Deploy
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    runs-on: almalinux-8
+    container:
+      image: docker:dind
+      options: --privileged
+      volumes:
+        - /etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt
+        - /etc/pki/tls/certs/ca-bundle.crt:/etc/ssl/certs/ca-certificates.crt
+        - /etc/pki/tls/certs/ca-bundle.crt:/etc/docker/certs.d/git.query.consul/ca.crt
+
+    steps:
+      - name: Set up environment
+        run: |
+          apk add --no-cache make bash git nodejs
+          cp /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+          update-ca-certificates
+
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Build Docker Image
+        run: |
+          make build
+
+      - name: Log in to Docker
+        env:
+          UPLOAD_USER: ${{ secrets.UPLOAD_USER }}
+          UPLOAD_PASS: ${{ secrets.UPLOAD_PASS }}
+        run: |
+          echo "$UPLOAD_PASS" | docker login --username=$UPLOAD_USER --password-stdin git.query.consul
+
+      - name: Push Docker Image
+        run: |
+          make push
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..0d637c7
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,18 @@
+# Start with the AlmaLinux 8.10 base image
+FROM git.query.consul/unkin/almalinux8:latest
+
+# Clean and update the repository cache
+RUN dnf clean all && \
+    dnf makecache
+
+# Install nodejs:20 for actions
+RUN dnf module enable -y nodejs:20 && \
+    dnf install -y nodejs
+
+# Install build-essential
+RUN dnf groupinstall -y 'Development Tools' && \
+    dnf install -y make cmake gcc gcc-c++ rpm rpmdevtools wget
+
+# Cleanup
+RUN dnf clean all && \
+    rm -rf /var/cache/dnf
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..63d06f6
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,33 @@
+# Get the current Git commit hash
+GIT_COMMIT := $(shell git rev-parse --short HEAD)
+
+# Get the current date in YYYYMMDD format
+DATE_TAG := $(shell date +%Y%m%d)
+
+# Set the Docker image name and repository information
+IMAGE_NAME := alma8-buildagent
+REGISTRY := git.query.consul
+OWNER := unkin
+
+# Build the Docker image (without tags)
+build:
+	docker build --network=host -t $(REGISTRY)/$(OWNER)/$(IMAGE_NAME) .
+
+# Tag the Docker image with the Git commit hash, the date, and 'latest'
+tag:
+	docker tag $(REGISTRY)/$(OWNER)/$(IMAGE_NAME) $(REGISTRY)/$(OWNER)/$(IMAGE_NAME):$(GIT_COMMIT)
+	docker tag $(REGISTRY)/$(OWNER)/$(IMAGE_NAME) $(REGISTRY)/$(OWNER)/$(IMAGE_NAME):$(DATE_TAG)
+	docker tag $(REGISTRY)/$(OWNER)/$(IMAGE_NAME) $(REGISTRY)/$(OWNER)/$(IMAGE_NAME):latest
+
+# Push the Docker image to a repository with all tags
+push: tag
+	docker push $(REGISTRY)/$(OWNER)/$(IMAGE_NAME):$(GIT_COMMIT)
+	docker push $(REGISTRY)/$(OWNER)/$(IMAGE_NAME):$(DATE_TAG)
+	docker push $(REGISTRY)/$(OWNER)/$(IMAGE_NAME):latest
+
+# Clean up dangling Docker images
+clean:
+	docker image prune -f
+
+# Default target
+default: build
diff --git a/README.md b/README.md
index 5b416e8..2bf4630 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,10 @@
-# docker-almalinux-buildrunner
+# Docker Image Build: almalinux buildrunner
 
-Create almalinux docker images for buildagents
\ No newline at end of file
+[![Build Status](https://droneci.query.consul/api/badges/unkin/docker-almalinux-base/status.svg)](https://droneci.query.consul/unkin/docker-almalinux-base)
+
+This project provides a reproducible Docker image build process for `almalinux:8.10`, with custom YUM repository configurations and package installations. The build is automated using a `Makefile` and managed via CI tasks to ensure consistent and reliable Docker image builds.
+
+This build includes:
+- build-essentials
+- nodejs:20 for actions
+- make, git, rpmbuild, etc