Compare commits
27 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 4e8f97ba7e | |||
| 56a32bfaff | |||
| 5ff0604d93 | |||
| d9ad1d6b0e | |||
| 563df98993 | |||
| e216b6b4f1 | |||
| d753f686ff | |||
| a1bd95caec | |||
| 50425b052f | |||
| 12d1348ff6 | |||
| 737888f098 | |||
| 146f65797e | |||
| 47ddd5b0b2 | |||
| 1c3584790d | |||
| 8b7030eda5 | |||
| 782a2778cd | |||
| 50f4021038 | |||
| b2ba6f5eab | |||
| 44e1ecc84e | |||
| 889a4ffc87 | |||
| da06bcb1ac | |||
| 8e42e3c6b9 | |||
| f59b0fa199 | |||
| eb1aee35c5 | |||
| f92b6f13ff | |||
| f9dfb09ce5 | |||
| b1cc207781 |
@@ -7,7 +7,7 @@ jobs:
|
||||
build:
|
||||
runs-on: almalinux-8
|
||||
container:
|
||||
image: git.query.consul/unkin/almalinux9-actionsdind:latest
|
||||
image: git.unkin.net/unkin/almalinux9-actionsdind:latest
|
||||
options: --privileged
|
||||
|
||||
steps:
|
||||
|
||||
@@ -9,7 +9,7 @@ jobs:
|
||||
build:
|
||||
runs-on: almalinux-8
|
||||
container:
|
||||
image: git.query.consul/unkin/almalinux9-actionsdind:latest
|
||||
image: git.unkin.net/unkin/almalinux9-actionsdind:latest
|
||||
options: --privileged
|
||||
|
||||
steps:
|
||||
@@ -18,10 +18,6 @@ jobs:
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Fetch master branch
|
||||
run: |
|
||||
git fetch origin master:master
|
||||
|
||||
- name: Run Packer Builds
|
||||
env:
|
||||
VAULT_ROLEID: ${{ secrets.PACKER_BUILDER_VAULT_ROLEID }}
|
||||
|
||||
@@ -4,11 +4,10 @@ LIBRARY_PATH := library
|
||||
SYMLINK_PREFIX := library_
|
||||
|
||||
# Docker registry variables
|
||||
REGISTRY := git.query.consul
|
||||
REGISTRY := git.unkin.net
|
||||
OWNER := unkin
|
||||
DATE_TAG := $(shell date +%Y%m%d)
|
||||
SUFFIX=$(shell basename $$(mktemp -u) | cut -d . -f 2)
|
||||
#GIT_BRANCH=$(shell git branch --show-current)
|
||||
GIT_BRANCH=$(shell git symbolic-ref --short HEAD 2>/dev/null || echo $$GITHUB_HEAD_REF)
|
||||
GIT_COMMIT := $(shell git rev-parse --short HEAD)
|
||||
|
||||
@@ -21,16 +20,27 @@ DIRS := $(shell find $(IMAGES_PATH) -mindepth 3 -maxdepth 3 -type d | sed 's|$(I
|
||||
default: clean
|
||||
./ci/build.sh
|
||||
|
||||
# Make all images
|
||||
# Separate base images from others
|
||||
BASE_IMAGES = $(filter %/base,$(DIRS))
|
||||
OTHER_IMAGES = $(filter-out %/base,$(DIRS))
|
||||
|
||||
# Make all images, ensuring base images build first
|
||||
all:
|
||||
@for dir in $(DIRS); do \
|
||||
@for dir in $(BASE_IMAGES); do \
|
||||
$(MAKE) $$dir; \
|
||||
done
|
||||
@for dir in $(OTHER_IMAGES); do \
|
||||
$(MAKE) $$dir; \
|
||||
done
|
||||
|
||||
|
||||
# List all directories
|
||||
list:
|
||||
@echo "Images:"
|
||||
@for dir in $(DIRS); do \
|
||||
@for dir in $(BASE_IMAGES); do \
|
||||
echo " '$$dir'"; \
|
||||
done
|
||||
@for dir in $(OTHER_IMAGES); do \
|
||||
echo " '$$dir'"; \
|
||||
done
|
||||
|
||||
@@ -40,12 +50,14 @@ $(DIRS):
|
||||
@echo "Building for $@"
|
||||
|
||||
# Export environment
|
||||
export VAULT_ADDR=https://vault.query.consul:8200
|
||||
export VAULT_ADDR=https://vault.service.consul:8200
|
||||
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
|
||||
eval $$(vault kv get -format=json kv/service/packer/builder/env | jq -r '.data.data | to_entries[] | "export \(.key)=\(.value)"')
|
||||
|
||||
@echo "Environment retrieved for $@"
|
||||
|
||||
# Check if on master branch
|
||||
if [ "$(GIT_BRANCH)" = "master" ]; then \
|
||||
@if [ "$(GIT_BRANCH)" = "master" ]; then \
|
||||
echo "Current branch is $(GIT_BRANCH), checking latest timestamp in consul."; \
|
||||
LAST_BUILD_TIMESTAMP=$$(consul kv get infra/packer/$@/timestamp || echo "0"); \
|
||||
CURRENT_TIME=$$(date +%s); \
|
||||
@@ -59,38 +71,33 @@ $(DIRS):
|
||||
fi
|
||||
|
||||
# Link .hcl files
|
||||
@echo "Linking .hcl files for $@"
|
||||
find $(LIBRARY_PATH) -name '*.hcl' -exec sh -c 'ln -sf $$PWD/{} $(IMAGES_PATH)/$@/$(SYMLINK_PREFIX)$$(basename {})' \;
|
||||
@find $(LIBRARY_PATH) -name '*.hcl' -exec sh -c 'ln -sf $$PWD/{} $(IMAGES_PATH)/$@/$(SYMLINK_PREFIX)$$(basename {})' \;
|
||||
|
||||
# Link builds
|
||||
@echo "Linking build files for $@"
|
||||
for build in $$(cat $(IMAGES_PATH)/$@/builds); do \
|
||||
@for build in $$(cat $(IMAGES_PATH)/$@/builds); do \
|
||||
ln -sf ../../../../builds/$${build}.pkr.hcl $(IMAGES_PATH)/$@/library_$${build}.build.pkr.hcl; \
|
||||
done
|
||||
|
||||
# Build the image
|
||||
(cd $(IMAGES_PATH)/$@ && \
|
||||
@(cd $(IMAGES_PATH)/$@ && \
|
||||
export DATE=$(DATE_TAG) && \
|
||||
export OS_NAME=$$(echo $@ | cut -d'/' -f1) && \
|
||||
export OS_VERSION_FULL=$$(echo $@ | cut -d'/' -f2) && \
|
||||
export OS_IMAGE=$$(echo $@ | cut -d'/' -f3) && \
|
||||
export OS_VERSION_MAJOR=$$(echo $$OS_VERSION_FULL | cut -d'.' -f1) && \
|
||||
export DOCKER_SOURCE=$$OS_NAME:$$OS_VERSION_FULL && \
|
||||
export DOCKER_SERVER='git.query.consul' && \
|
||||
export DOCKER_SERVER='git.unkin.net' && \
|
||||
export INCUS_SOURCE="images:$$OS_NAME/$$OS_VERSION_MAJOR" && \
|
||||
export SUFFIX=$(SUFFIX) && \
|
||||
export GIT_COMMIT=$(GIT_COMMIT) && \
|
||||
export GIT_BRANCH=$(GIT_BRANCH) && \
|
||||
echo "Starting packer init for $@" && \
|
||||
pwd
|
||||
ls -lha
|
||||
env
|
||||
packer init . && \
|
||||
echo "Starting packer build for $@" && \
|
||||
packer build . )
|
||||
export VAULT_ADDR=https://vault.service.consul:8200
|
||||
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
|
||||
/usr/bin/packer init . && \
|
||||
/usr/bin/packer build . )
|
||||
|
||||
# Update build timestamp and date in Consul if on master branch
|
||||
if [ "$(GIT_BRANCH)" = "master" ]; then \
|
||||
@if [ "$(GIT_BRANCH)" = "master" ]; then \
|
||||
echo "Current branch is $(GIT_BRANCH), updating consul."; \
|
||||
CURRENT_TIMESTAMP=$$(date +%s); \
|
||||
READABLE_DATE=$$(date '+%Y-%m-%d %H:%M:%S %Z'); \
|
||||
|
||||
@@ -21,6 +21,18 @@ build {
|
||||
destination = "/"
|
||||
}
|
||||
|
||||
# manage deploying incus client certficates
|
||||
# this isnt super-secure, as the key ends up baked into the docker image
|
||||
provisioner "shell" {
|
||||
inline = [
|
||||
"if [ ${var.include_incus_client_certs} = true ]; then",
|
||||
" mkdir -p /root/.config/incus",
|
||||
" echo '${replace(local.incus_crt, "'", "'\\''")}' > /root/.config/incus/client.crt",
|
||||
" echo '${replace(local.incus_key, "'", "'\\''")}' > /root/.config/incus/client.key",
|
||||
"fi"
|
||||
]
|
||||
}
|
||||
|
||||
# post-file-copy scripts
|
||||
provisioner "shell" {
|
||||
inline = var.scripts_post_file_copy
|
||||
|
||||
@@ -50,11 +50,11 @@ build {
|
||||
|
||||
post-processor "shell-local" {
|
||||
inline = [
|
||||
"incus image alias delete local:${local.incus_base_name}/latest || true",
|
||||
"incus image alias delete local:${local.incus_base_name}/${var.date} || true",
|
||||
"incus image info local:${local.incus_output_image} | grep Fingerprint | awk '{print $2}'",
|
||||
"incus image alias create local:${local.incus_base_name}/latest $(incus image info local:${local.incus_output_image} | grep Fingerprint | awk '{print $2}')",
|
||||
"incus image alias create local:${local.incus_base_name}/${var.date} $(incus image info local:${local.incus_output_image} | grep Fingerprint | awk '{print $2}')"
|
||||
"incus image alias delete $(incus remote get-default):${local.incus_base_name}/latest || true",
|
||||
"incus image alias delete $(incus remote get-default):${local.incus_base_name}/${var.date} || true",
|
||||
"incus image info $(incus remote get-default):${local.incus_output_image} | grep Fingerprint | awk '{print $2}'",
|
||||
"incus image alias create $(incus remote get-default):${local.incus_base_name}/latest $(incus image info $(incus remote get-default):${local.incus_output_image} | grep Fingerprint | awk '{print $2}')",
|
||||
"incus image alias create $(incus remote get-default):${local.incus_base_name}/${var.date} $(incus image info $(incus remote get-default):${local.incus_output_image} | grep Fingerprint | awk '{print $2}')"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
+17
-6
@@ -11,18 +11,29 @@ fi
|
||||
|
||||
# Run `make all` if there are changes in builds/
|
||||
if [ -n "$builds_changes" ]; then
|
||||
echo "Changes detected in builds/. Running 'make build-all'..."
|
||||
make all
|
||||
echo "Changes detected in builds/. Running 'make all'..."
|
||||
make all && exit 0 || exit 1
|
||||
fi
|
||||
|
||||
# Run specific `make` commands for each changed file in images/
|
||||
if [ -n "$images_changes" ]; then
|
||||
echo "Changes detected in images/. Running specific 'make' commands..."
|
||||
|
||||
# Extract unique paths for `make` commands
|
||||
for file in $images_changes; do
|
||||
# Get the subdirectory path for the make command (e.g., almalinux/8.10/actionsdind)
|
||||
target=$(echo "$file" | sed -E 's|images/||; s|/[^/]+$||')
|
||||
# Extract unique image targets (keep only up to 3 directory levels)
|
||||
TARGETS=$(echo "$images_changes" | sed -E 's|^images/([^/]+/[^/]+/[^/]+).*|\1|' | sort -u)
|
||||
|
||||
# Prioritize base images first
|
||||
BASE_TARGETS=$(echo "$TARGETS" | grep '/base$' || true)
|
||||
OTHER_TARGETS=$(echo "$TARGETS" | grep -v '/base$' || true)
|
||||
|
||||
# Build base images first
|
||||
for target in $BASE_TARGETS; do
|
||||
echo "Running 'make $target' (base image first)..."
|
||||
make "$target"
|
||||
done
|
||||
|
||||
# Then build other images
|
||||
for target in $OTHER_TARGETS; do
|
||||
echo "Running 'make $target'..."
|
||||
make "$target"
|
||||
done
|
||||
|
||||
@@ -0,0 +1,13 @@
|
||||
default-remote: incus-images
|
||||
remotes:
|
||||
images:
|
||||
addr: https://images.linuxcontainers.org
|
||||
protocol: simplestreams
|
||||
public: true
|
||||
incus-images:
|
||||
addr: https://incus-images.service.consul:8443
|
||||
auth_type: tls
|
||||
project: default
|
||||
protocol: incus
|
||||
public: false
|
||||
aliases: {}
|
||||
@@ -0,0 +1,15 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICQzCCAcmgAwIBAgIRAKlysEAEDZRgq7isqIy2yEkwCgYIKoZIzj0EAwMwSDEZ
|
||||
MBcGA1UEChMQTGludXggQ29udGFpbmVyczErMCkGA1UEAwwicm9vdEBhdXN5ZDFu
|
||||
eHZtMjA2Mi5tYWluLnVua2luLm5ldDAeFw0yNTA2MDcyMTQ0NDdaFw0zNTA2MDUy
|
||||
MTQ0NDdaMEgxGTAXBgNVBAoTEExpbnV4IENvbnRhaW5lcnMxKzApBgNVBAMMInJv
|
||||
b3RAYXVzeWQxbnh2bTIwNjIubWFpbi51bmtpbi5uZXQwdjAQBgcqhkjOPQIBBgUr
|
||||
gQQAIgNiAARsP2WBpyTosVZ5eqRe7mkg/R/dFBGUE+qyW1GZFC6zc8EEdh5Be5IA
|
||||
yQPOi+s9cFHPFFOAZXdEQdGcjWs8NFISLhuSAWKwgm5Rl1p2Necrauf/ugMEfjuH
|
||||
V0J7LeUBDJOjdzB1MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
|
||||
ATAMBgNVHRMBAf8EAjAAMEAGA1UdEQQ5MDeCHWF1c3lkMW54dm0yMDYyLm1haW4u
|
||||
dW5raW4ubmV0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMAoGCCqGSM49BAMDA2gA
|
||||
MGUCMCU719yvT6OolcQlWv4s7hIxQRkJ4l/vtwa9sj5QJLZp0xklM4m/X29B0Ogf
|
||||
yBDkUAIxANua9trToXOzZQooTRvK9ZFRk011XR1NO2A5hyn8uNtrIJYSuAnfcZ14
|
||||
jZUjLzIkKA==
|
||||
-----END CERTIFICATE-----
|
||||
@@ -0,0 +1 @@
|
||||
packer-images
|
||||
Executable
+8
@@ -0,0 +1,8 @@
|
||||
#!/usr/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
mkdir /app
|
||||
git clone --branch ${BRANCH} ${REPOSITORY} /app/repo
|
||||
cd /app/repo
|
||||
make run
|
||||
@@ -1,11 +1,13 @@
|
||||
# almalinux/8.10/actionsdind
|
||||
docker_source = "git.query.consul/unkin/almalinux8-base:latest"
|
||||
deploy_files_from_common = true
|
||||
include_incus_client_certs = true
|
||||
docker_source = "git.unkin.net/unkin/almalinux8-base:latest"
|
||||
packages = [
|
||||
"bash",
|
||||
"consul",
|
||||
"docker-ce-cli",
|
||||
"jq",
|
||||
"make",
|
||||
"incus-client",
|
||||
"incus-tools",
|
||||
"nodejs",
|
||||
"packer",
|
||||
"terraform",
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
20260106
|
||||
@@ -1 +1,2 @@
|
||||
docker
|
||||
incus
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[epel]
|
||||
name=epel repository
|
||||
baseurl=https://edgecache.query.consul/epel/8/Everything/x86_64
|
||||
gpgkey=https://edgecache.query.consul/epel/RPM-GPG-KEY-EPEL-8
|
||||
baseurl=https://packagerepo.service.consul/epel/8/everything-daily/x86_64/os/
|
||||
gpgkey=https://packagerepo.service.consul/epel/8/everything-daily/x86_64/os/RPM-GPG-KEY-EPEL-8
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
|
||||
@@ -1,10 +1,15 @@
|
||||
# almalinux/8.10/base
|
||||
deploy_files_from_image = true
|
||||
deploy_files_from_common = true
|
||||
use_incus = false
|
||||
packages = [
|
||||
"git",
|
||||
"jq",
|
||||
"make",
|
||||
"python3.11",
|
||||
"python3.11-pip",
|
||||
"python3.12",
|
||||
"python3.12-pip",
|
||||
"unkin-ca-certificates",
|
||||
"uv",
|
||||
"wget",
|
||||
]
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
20260106
|
||||
@@ -1,13 +1,6 @@
|
||||
# almalinux/8.10/jupyterlab
|
||||
docker_source = "git.query.consul/unkin/almalinux8-base:latest"
|
||||
docker_source = "git.unkin.net/unkin/almalinux8-base:latest"
|
||||
deploy_files_from_common = true
|
||||
packages = [
|
||||
"uv",
|
||||
"python3.11",
|
||||
"python3.11-pip",
|
||||
"python3.12",
|
||||
"python3.12-pip"
|
||||
]
|
||||
scripts_pre_file_copy = [
|
||||
"dnf install -y sudo",
|
||||
]
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
20250608
|
||||
@@ -0,0 +1 @@
|
||||
incus
|
||||
@@ -0,0 +1,64 @@
|
||||
# Beware! This file is rewritten by htop when settings are changed in the interface.
|
||||
# The parser is also very primitive, and not human-friendly.
|
||||
htop_version=3.3.0
|
||||
config_reader_min_version=3
|
||||
fields=0 48 17 18 38 39 40 2 46 47 49 1
|
||||
hide_kernel_threads=1
|
||||
hide_userland_threads=0
|
||||
hide_running_in_container=0
|
||||
shadow_other_users=0
|
||||
show_thread_names=0
|
||||
show_program_path=1
|
||||
highlight_base_name=0
|
||||
highlight_deleted_exe=1
|
||||
shadow_distribution_path_prefix=0
|
||||
highlight_megabytes=1
|
||||
highlight_threads=1
|
||||
highlight_changes=0
|
||||
highlight_changes_delay_secs=5
|
||||
find_comm_in_cmdline=1
|
||||
strip_exe_from_cmdline=1
|
||||
show_merged_command=0
|
||||
header_margin=1
|
||||
screen_tabs=1
|
||||
detailed_cpu_time=0
|
||||
cpu_count_from_one=0
|
||||
show_cpu_usage=1
|
||||
show_cpu_frequency=0
|
||||
show_cpu_temperature=0
|
||||
degree_fahrenheit=0
|
||||
update_process_names=0
|
||||
account_guest_in_cpu_meter=0
|
||||
color_scheme=0
|
||||
enable_mouse=1
|
||||
delay=15
|
||||
hide_function_bar=0
|
||||
topology_affinity=0
|
||||
header_layout=two_50_50
|
||||
column_meters_0=CPU Memory Swap DiskIO
|
||||
column_meter_modes_0=1 1 1 2
|
||||
column_meters_1=Tasks LoadAverage Uptime NetworkIO
|
||||
column_meter_modes_1=2 2 2 2
|
||||
tree_view=1
|
||||
sort_key=46
|
||||
tree_sort_key=0
|
||||
sort_direction=-1
|
||||
tree_sort_direction=1
|
||||
tree_view_always_by_pid=0
|
||||
all_branches_collapsed=0
|
||||
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
|
||||
.sort_key=PERCENT_CPU
|
||||
.tree_sort_key=PID
|
||||
.tree_view_always_by_pid=0
|
||||
.tree_view=1
|
||||
.sort_direction=-1
|
||||
.tree_sort_direction=1
|
||||
.all_branches_collapsed=0
|
||||
screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE PERCENT_SWAP_DELAY PERCENT_IO_DELAY Command
|
||||
.sort_key=IO_RATE
|
||||
.tree_sort_key=PID
|
||||
.tree_view_always_by_pid=0
|
||||
.tree_view=0
|
||||
.sort_direction=-1
|
||||
.tree_sort_direction=1
|
||||
.all_branches_collapsed=0
|
||||
@@ -0,0 +1,4 @@
|
||||
[puppet]
|
||||
name=puppet repository
|
||||
baseurl=https://packagerepo.service.consul/puppet7/el/8-daily/x86_64/os/
|
||||
gpgkey=https://packagerepo.service.consul/puppet7/el/8-daily/x86_64/os/RPM-GPG-KEY-puppet-20250406
|
||||
@@ -0,0 +1,19 @@
|
||||
# almalinux/8.10/puppet-base
|
||||
incus_source = "almalinux8/base/latest"
|
||||
deploy_files_from_image = true
|
||||
use_incus = true
|
||||
packages = [
|
||||
"htop",
|
||||
"openssh-server",
|
||||
"puppet-agent",
|
||||
"puppet-initial"
|
||||
]
|
||||
scripts_pre_packages = [
|
||||
"dnf makecache",
|
||||
"dnf update -y",
|
||||
]
|
||||
scripts_final = [
|
||||
"dnf clean all",
|
||||
"rm -rf /var/cache/dnf",
|
||||
"systemctl enable sshd"
|
||||
]
|
||||
@@ -0,0 +1 @@
|
||||
20250712
|
||||
@@ -1,5 +1,5 @@
|
||||
# almalinux/8.10/rpmbuilder
|
||||
docker_source = "git.query.consul/unkin/almalinux8-base:latest"
|
||||
docker_source = "git.unkin.net/unkin/almalinux8-base:latest"
|
||||
packages = [
|
||||
"asciidoc",
|
||||
"autoconf",
|
||||
@@ -19,7 +19,6 @@ packages = [
|
||||
"intltool",
|
||||
"jna",
|
||||
"ltrace",
|
||||
"make",
|
||||
"nfpm",
|
||||
"patchutils",
|
||||
"perl-Fedora-VSP",
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
20260106
|
||||
@@ -1,6 +0,0 @@
|
||||
[appstream]
|
||||
name=appstream repository
|
||||
baseurl=https://edgecache.query.consul/almalinux/9.5/AppStream/x86_64/os
|
||||
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
@@ -1,6 +0,0 @@
|
||||
[baseos]
|
||||
name=baseos repository
|
||||
baseurl=https://edgecache.query.consul/almalinux/9.5/BaseOS/x86_64/os
|
||||
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
@@ -1,5 +0,0 @@
|
||||
# new repo for EL9+, replaces PowerTools repo
|
||||
[crb]
|
||||
name=crb repository
|
||||
baseurl=https://edgecache.query.consul/almalinux/9.5/CRB/x86_64/os
|
||||
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
|
||||
@@ -1,6 +0,0 @@
|
||||
[epel]
|
||||
name=epel repository
|
||||
baseurl=https://edgecache.query.consul/epel/9/Everything/x86_64
|
||||
gpgkey=https://edgecache.query.consul/epel/RPM-GPG-KEY-EPEL-9
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
@@ -1,4 +0,0 @@
|
||||
[extras]
|
||||
name=extras repository
|
||||
baseurl=https://edgecache.query.consul/almalinux/9.5/extras/x86_64/os
|
||||
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
|
||||
@@ -1,4 +0,0 @@
|
||||
[highavailability]
|
||||
name=highavailability repository
|
||||
baseurl=https://edgecache.query.consul/almalinux/9.5/HighAvailability/x86_64/os
|
||||
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
|
||||
+7
-5
@@ -1,14 +1,16 @@
|
||||
# almalinux/9.5/actionsdind
|
||||
docker_source = "git.query.consul/unkin/almalinux9-base:latest"
|
||||
# almalinux/9.6/actionsdind
|
||||
deploy_files_from_common = true
|
||||
include_incus_client_certs = true
|
||||
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
|
||||
packages = [
|
||||
"bash",
|
||||
"consul",
|
||||
"docker-ce-cli",
|
||||
"jq",
|
||||
"make",
|
||||
"incus-client",
|
||||
"incus-tools",
|
||||
"nodejs",
|
||||
"opentofu",
|
||||
"packer",
|
||||
"terraform",
|
||||
"terragrunt",
|
||||
"unzip",
|
||||
"vault"
|
||||
@@ -0,0 +1 @@
|
||||
20260106
|
||||
@@ -0,0 +1,22 @@
|
||||
# almalinux/9.6/rpmbuilder
|
||||
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
|
||||
packages = [
|
||||
"sudo"
|
||||
]
|
||||
scripts_post_packages = [
|
||||
"git clone https://git.unkin.net/unkin/artifactapi.git /app/artifactapi && uv build --wheel /app/artifactapi",
|
||||
"useradd -m -r -s /bin/sh appuser && chown -R appuser:appuser /app",
|
||||
"sudo -u appuser uv tool install --from /app/artifactapi/dist/*.whl artifactapi",
|
||||
]
|
||||
scripts_final = [
|
||||
"dnf clean all",
|
||||
"rm -rf /var/cache/dnf"
|
||||
]
|
||||
docker_changes = [
|
||||
"EXPOSE 8000",
|
||||
"HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 CMD curl -f http://localhost:8000/health || exit 1",
|
||||
"USER appuser",
|
||||
"ENV PATH=\"/home/appuser/.local/bin:$PATH\"",
|
||||
"WORKDIR /app",
|
||||
"CMD [\"artifactapi\"]"
|
||||
]
|
||||
@@ -0,0 +1 @@
|
||||
20260110
|
||||
@@ -0,0 +1,2 @@
|
||||
docker
|
||||
incus
|
||||
@@ -0,0 +1,6 @@
|
||||
[appstream]
|
||||
name=appstream repository
|
||||
baseurl=https://packagerepo.service.consul/almalinux/9.6/appstream-daily/x86_64/os/
|
||||
gpgkey=https://packagerepo.service.consul/almalinux/9.6/appstream-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
@@ -0,0 +1,6 @@
|
||||
[baseos]
|
||||
name=baseos repository
|
||||
baseurl=https://packagerepo.service.consul/almalinux/9.6/baseos-daily/x86_64/os/
|
||||
gpgkey=https://packagerepo.service.consul/almalinux/9.6/baseos-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
@@ -0,0 +1,7 @@
|
||||
# new repo for EL9+, replaces PowerTools repo
|
||||
[crb]
|
||||
name=crb repository
|
||||
baseurl=https://packagerepo.service.consul/almalinux/9.6/crb-daily/x86_64/os/
|
||||
gpgkey=https://packagerepo.service.consul/almalinux/9.6/crb-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
@@ -0,0 +1,6 @@
|
||||
[epel]
|
||||
name=epel repository
|
||||
baseurl=https://packagerepo.service.consul/epel/9/everything-daily/x86_64/os/
|
||||
gpgkey=https://packagerepo.service.consul/epel/9/everything-daily/x86_64/os/RPM-GPG-KEY-EPEL-9
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
@@ -0,0 +1,6 @@
|
||||
[extras]
|
||||
name=extras repository
|
||||
baseurl=https://packagerepo.service.consul/almalinux/9.6/extras-daily/x86_64/os/
|
||||
gpgkey=https://packagerepo.service.consul/almalinux/9.6/extras-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
@@ -0,0 +1,4 @@
|
||||
[ha]
|
||||
name=ha repository
|
||||
baseurl=https://packagerepo.service.consul/almalinux/9.6/ha-daily/x86_64/os/
|
||||
gpgkey=https://packagerepo.service.consul/almalinux/9.6/ha-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
|
||||
+8
-2
@@ -1,10 +1,16 @@
|
||||
# almalinux/9.5/base
|
||||
# almalinux/9.6/base
|
||||
deploy_files_from_image = true
|
||||
deploy_files_from_common = true
|
||||
use_incus = false
|
||||
use_incus = true
|
||||
packages = [
|
||||
"git",
|
||||
"jq",
|
||||
"make",
|
||||
"python3.11",
|
||||
"python3.11-pip",
|
||||
"python3.12",
|
||||
"python3.12-pip",
|
||||
"unkin-ca-certificates",
|
||||
"uv",
|
||||
"wget",
|
||||
]
|
||||
@@ -0,0 +1 @@
|
||||
20260106
|
||||
+1
-8
@@ -1,13 +1,6 @@
|
||||
# almalinux/9.5/jupyterlab
|
||||
deploy_files_from_common = true
|
||||
docker_source = "git.query.consul/unkin/almalinux9-base:latest"
|
||||
packages = [
|
||||
"uv",
|
||||
"python3.11",
|
||||
"python3.11-pip",
|
||||
"python3.12",
|
||||
"python3.12-pip"
|
||||
]
|
||||
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
|
||||
scripts_pre_file_copy = [
|
||||
"dnf install -y sudo",
|
||||
]
|
||||
@@ -0,0 +1 @@
|
||||
20250608
|
||||
@@ -0,0 +1,12 @@
|
||||
# almalinux/9.6/makerun
|
||||
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
|
||||
packages = [
|
||||
"sudo"
|
||||
]
|
||||
scripts_final = [
|
||||
"dnf clean all",
|
||||
"rm -rf /var/cache/dnf"
|
||||
]
|
||||
docker_changes = [
|
||||
"CMD /usr/local/bin/run.sh"
|
||||
]
|
||||
@@ -0,0 +1 @@
|
||||
20260110_2
|
||||
@@ -0,0 +1 @@
|
||||
incus
|
||||
@@ -0,0 +1,64 @@
|
||||
# Beware! This file is rewritten by htop when settings are changed in the interface.
|
||||
# The parser is also very primitive, and not human-friendly.
|
||||
htop_version=3.3.0
|
||||
config_reader_min_version=3
|
||||
fields=0 48 17 18 38 39 40 2 46 47 49 1
|
||||
hide_kernel_threads=1
|
||||
hide_userland_threads=0
|
||||
hide_running_in_container=0
|
||||
shadow_other_users=0
|
||||
show_thread_names=0
|
||||
show_program_path=1
|
||||
highlight_base_name=0
|
||||
highlight_deleted_exe=1
|
||||
shadow_distribution_path_prefix=0
|
||||
highlight_megabytes=1
|
||||
highlight_threads=1
|
||||
highlight_changes=0
|
||||
highlight_changes_delay_secs=5
|
||||
find_comm_in_cmdline=1
|
||||
strip_exe_from_cmdline=1
|
||||
show_merged_command=0
|
||||
header_margin=1
|
||||
screen_tabs=1
|
||||
detailed_cpu_time=0
|
||||
cpu_count_from_one=0
|
||||
show_cpu_usage=1
|
||||
show_cpu_frequency=0
|
||||
show_cpu_temperature=0
|
||||
degree_fahrenheit=0
|
||||
update_process_names=0
|
||||
account_guest_in_cpu_meter=0
|
||||
color_scheme=0
|
||||
enable_mouse=1
|
||||
delay=15
|
||||
hide_function_bar=0
|
||||
topology_affinity=0
|
||||
header_layout=two_50_50
|
||||
column_meters_0=CPU Memory Swap DiskIO
|
||||
column_meter_modes_0=1 1 1 2
|
||||
column_meters_1=Tasks LoadAverage Uptime NetworkIO
|
||||
column_meter_modes_1=2 2 2 2
|
||||
tree_view=1
|
||||
sort_key=46
|
||||
tree_sort_key=0
|
||||
sort_direction=-1
|
||||
tree_sort_direction=1
|
||||
tree_view_always_by_pid=0
|
||||
all_branches_collapsed=0
|
||||
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
|
||||
.sort_key=PERCENT_CPU
|
||||
.tree_sort_key=PID
|
||||
.tree_view_always_by_pid=0
|
||||
.tree_view=1
|
||||
.sort_direction=-1
|
||||
.tree_sort_direction=1
|
||||
.all_branches_collapsed=0
|
||||
screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE PERCENT_SWAP_DELAY PERCENT_IO_DELAY Command
|
||||
.sort_key=IO_RATE
|
||||
.tree_sort_key=PID
|
||||
.tree_view_always_by_pid=0
|
||||
.tree_view=0
|
||||
.sort_direction=-1
|
||||
.tree_sort_direction=1
|
||||
.all_branches_collapsed=0
|
||||
@@ -0,0 +1,4 @@
|
||||
[puppet]
|
||||
name=puppet repository
|
||||
baseurl=https://packagerepo.service.consul/puppet7/el/9-daily/x86_64/os/
|
||||
gpgkey=https://packagerepo.service.consul/puppet7/el/9-daily/x86_64/os/RPM-GPG-KEY-puppet-20250406
|
||||
@@ -0,0 +1,19 @@
|
||||
# almalinux/9.5/puppet-base
|
||||
incus_source = "almalinux9/base/latest"
|
||||
deploy_files_from_image = true
|
||||
use_incus = true
|
||||
packages = [
|
||||
"htop",
|
||||
"openssh-server",
|
||||
"puppet-agent",
|
||||
"puppet-initial"
|
||||
]
|
||||
scripts_pre_packages = [
|
||||
"dnf makecache",
|
||||
"dnf update -y",
|
||||
]
|
||||
scripts_final = [
|
||||
"dnf clean all",
|
||||
"rm -rf /var/cache/dnf",
|
||||
"systemctl enable sshd"
|
||||
]
|
||||
@@ -0,0 +1 @@
|
||||
20250712
|
||||
@@ -0,0 +1 @@
|
||||
docker
|
||||
+2
-3
@@ -1,5 +1,5 @@
|
||||
# almalinux/9.5/rpmbuilder
|
||||
docker_source = "git.query.consul/unkin/almalinux9-base:latest"
|
||||
# almalinux/9.6/rpmbuilder
|
||||
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
|
||||
packages = [
|
||||
"asciidoc",
|
||||
"autoconf",
|
||||
@@ -19,7 +19,6 @@ packages = [
|
||||
"intltool",
|
||||
"jna",
|
||||
"ltrace",
|
||||
"make",
|
||||
"nfpm",
|
||||
"patchutils",
|
||||
"perl-Fedora-VSP",
|
||||
@@ -0,0 +1 @@
|
||||
20260106
|
||||
@@ -7,4 +7,6 @@ locals {
|
||||
incus_base_name = "${var.os_name}${var.os_version_major}/${var.os_image}"
|
||||
incus_output_image = "${local.incus_base_name}/${var.suffix}"
|
||||
is_master = "${var.git_branch}" == "master"
|
||||
incus_key = vault("kv/data/service/packer/builder/docker-incus-client", "private_key")
|
||||
incus_crt = vault("kv/data/service/packer/builder/docker-incus-client", "public_key")
|
||||
}
|
||||
|
||||
@@ -6,7 +6,7 @@ packer {
|
||||
}
|
||||
incus = {
|
||||
source = "github.com/bketelsen/incus"
|
||||
version = "~> 1"
|
||||
version = "1.2.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -7,5 +7,5 @@ source "docker" "os" {
|
||||
source "incus" "os" {
|
||||
image = var.incus_source
|
||||
output_image = local.incus_output_image
|
||||
publish_remote_name = "local"
|
||||
profile = "build"
|
||||
}
|
||||
|
||||
@@ -121,3 +121,7 @@ variable "git_branch" {
|
||||
type = string
|
||||
default = env("GIT_BRANCH")
|
||||
}
|
||||
variable "include_incus_client_certs" {
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user