Compare commits

..

3 Commits

Author SHA1 Message Date
unkinben 27da21cfab test: debug
Build / build (pull_request) Successful in 19s
2025-01-25 17:57:04 +11:00
unkinben 7a1d25f3b6 feat: add build workflows
Build / build (pull_request) Successful in 7s
- enable fetch-depth for code_checkout
- fetch master branch before checking for changed files
- ensure the clean target is called with the default
- improve makefile failure handling
- ensure VAULT_ADDR is set before VAULT_TOKEN
2025-01-25 17:14:28 +11:00
unkinben d936a21108 feat: remove incus from builds file
- this will prevent incus images from building
- pending physical build nodes before enabling deployment of incus images
2025-01-25 17:08:30 +11:00
65 changed files with 101 additions and 402 deletions
+1 -1
View File
@@ -7,7 +7,7 @@ jobs:
build: build:
runs-on: almalinux-8 runs-on: almalinux-8
container: container:
image: git.unkin.net/unkin/almalinux9-actionsdind:latest image: git.query.consul/unkin/almalinux9-actionsdind:latest
options: --privileged options: --privileged
steps: steps:
+5 -1
View File
@@ -9,7 +9,7 @@ jobs:
build: build:
runs-on: almalinux-8 runs-on: almalinux-8
container: container:
image: git.unkin.net/unkin/almalinux9-actionsdind:latest image: git.query.consul/unkin/almalinux9-actionsdind:latest
options: --privileged options: --privileged
steps: steps:
@@ -18,6 +18,10 @@ jobs:
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Fetch master branch
run: |
git fetch origin master:master
- name: Run Packer Builds - name: Run Packer Builds
env: env:
VAULT_ROLEID: ${{ secrets.PACKER_BUILDER_VAULT_ROLEID }} VAULT_ROLEID: ${{ secrets.PACKER_BUILDER_VAULT_ROLEID }}
+17 -27
View File
@@ -4,10 +4,11 @@ LIBRARY_PATH := library
SYMLINK_PREFIX := library_ SYMLINK_PREFIX := library_
# Docker registry variables # Docker registry variables
REGISTRY := git.unkin.net REGISTRY := git.query.consul
OWNER := unkin OWNER := unkin
DATE_TAG := $(shell date +%Y%m%d) DATE_TAG := $(shell date +%Y%m%d)
SUFFIX=$(shell basename $$(mktemp -u) | cut -d . -f 2) SUFFIX=$(shell basename $$(mktemp -u) | cut -d . -f 2)
#GIT_BRANCH=$(shell git branch --show-current)
GIT_BRANCH=$(shell git symbolic-ref --short HEAD 2>/dev/null || echo $$GITHUB_HEAD_REF) GIT_BRANCH=$(shell git symbolic-ref --short HEAD 2>/dev/null || echo $$GITHUB_HEAD_REF)
GIT_COMMIT := $(shell git rev-parse --short HEAD) GIT_COMMIT := $(shell git rev-parse --short HEAD)
@@ -20,27 +21,16 @@ DIRS := $(shell find $(IMAGES_PATH) -mindepth 3 -maxdepth 3 -type d | sed 's|$(I
default: clean default: clean
./ci/build.sh ./ci/build.sh
# Separate base images from others # Make all images
BASE_IMAGES = $(filter %/base,$(DIRS))
OTHER_IMAGES = $(filter-out %/base,$(DIRS))
# Make all images, ensuring base images build first
all: all:
@for dir in $(BASE_IMAGES); do \ @for dir in $(DIRS); do \
$(MAKE) $$dir; \ $(MAKE) $$dir; \
done done
@for dir in $(OTHER_IMAGES); do \
$(MAKE) $$dir; \
done
# List all directories # List all directories
list: list:
@echo "Images:" @echo "Images:"
@for dir in $(BASE_IMAGES); do \ @for dir in $(DIRS); do \
echo " '$$dir'"; \
done
@for dir in $(OTHER_IMAGES); do \
echo " '$$dir'"; \ echo " '$$dir'"; \
done done
@@ -50,14 +40,12 @@ $(DIRS):
@echo "Building for $@" @echo "Building for $@"
# Export environment # Export environment
export VAULT_ADDR=https://vault.service.consul:8200 export VAULT_ADDR=https://vault.query.consul:8200
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \ export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
eval $$(vault kv get -format=json kv/service/packer/builder/env | jq -r '.data.data | to_entries[] | "export \(.key)=\(.value)"') eval $$(vault kv get -format=json kv/service/packer/builder/env | jq -r '.data.data | to_entries[] | "export \(.key)=\(.value)"')
@echo "Environment retrieved for $@"
# Check if on master branch # Check if on master branch
@if [ "$(GIT_BRANCH)" = "master" ]; then \ if [ "$(GIT_BRANCH)" = "master" ]; then \
echo "Current branch is $(GIT_BRANCH), checking latest timestamp in consul."; \ echo "Current branch is $(GIT_BRANCH), checking latest timestamp in consul."; \
LAST_BUILD_TIMESTAMP=$$(consul kv get infra/packer/$@/timestamp || echo "0"); \ LAST_BUILD_TIMESTAMP=$$(consul kv get infra/packer/$@/timestamp || echo "0"); \
CURRENT_TIME=$$(date +%s); \ CURRENT_TIME=$$(date +%s); \
@@ -71,33 +59,35 @@ $(DIRS):
fi fi
# Link .hcl files # Link .hcl files
@find $(LIBRARY_PATH) -name '*.hcl' -exec sh -c 'ln -sf $$PWD/{} $(IMAGES_PATH)/$@/$(SYMLINK_PREFIX)$$(basename {})' \; @echo "Linking .hcl files for $@"
find $(LIBRARY_PATH) -name '*.hcl' -exec sh -c 'ln -sf $$PWD/{} $(IMAGES_PATH)/$@/$(SYMLINK_PREFIX)$$(basename {})' \;
# Link builds # Link builds
@for build in $$(cat $(IMAGES_PATH)/$@/builds); do \ @echo "Linking build files for $@"
for build in $$(cat $(IMAGES_PATH)/$@/builds); do \
ln -sf ../../../../builds/$${build}.pkr.hcl $(IMAGES_PATH)/$@/library_$${build}.build.pkr.hcl; \ ln -sf ../../../../builds/$${build}.pkr.hcl $(IMAGES_PATH)/$@/library_$${build}.build.pkr.hcl; \
done done
# Build the image # Build the image
@(cd $(IMAGES_PATH)/$@ && \ (cd $(IMAGES_PATH)/$@ && \
export DATE=$(DATE_TAG) && \ export DATE=$(DATE_TAG) && \
export OS_NAME=$$(echo $@ | cut -d'/' -f1) && \ export OS_NAME=$$(echo $@ | cut -d'/' -f1) && \
export OS_VERSION_FULL=$$(echo $@ | cut -d'/' -f2) && \ export OS_VERSION_FULL=$$(echo $@ | cut -d'/' -f2) && \
export OS_IMAGE=$$(echo $@ | cut -d'/' -f3) && \ export OS_IMAGE=$$(echo $@ | cut -d'/' -f3) && \
export OS_VERSION_MAJOR=$$(echo $$OS_VERSION_FULL | cut -d'.' -f1) && \ export OS_VERSION_MAJOR=$$(echo $$OS_VERSION_FULL | cut -d'.' -f1) && \
export DOCKER_SOURCE=$$OS_NAME:$$OS_VERSION_FULL && \ export DOCKER_SOURCE=$$OS_NAME:$$OS_VERSION_FULL && \
export DOCKER_SERVER='git.unkin.net' && \ export DOCKER_SERVER='git.query.consul' && \
export INCUS_SOURCE="images:$$OS_NAME/$$OS_VERSION_MAJOR" && \ export INCUS_SOURCE="images:$$OS_NAME/$$OS_VERSION_MAJOR" && \
export SUFFIX=$(SUFFIX) && \ export SUFFIX=$(SUFFIX) && \
export GIT_COMMIT=$(GIT_COMMIT) && \ export GIT_COMMIT=$(GIT_COMMIT) && \
export GIT_BRANCH=$(GIT_BRANCH) && \ export GIT_BRANCH=$(GIT_BRANCH) && \
export VAULT_ADDR=https://vault.service.consul:8200 echo "Starting packer init for $@" && \
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
/usr/bin/packer init . && \ /usr/bin/packer init . && \
/usr/bin/packer build . ) echo "Starting packer build for $@" && \
/usr/bin/packer build -debug . )
# Update build timestamp and date in Consul if on master branch # Update build timestamp and date in Consul if on master branch
@if [ "$(GIT_BRANCH)" = "master" ]; then \ if [ "$(GIT_BRANCH)" = "master" ]; then \
echo "Current branch is $(GIT_BRANCH), updating consul."; \ echo "Current branch is $(GIT_BRANCH), updating consul."; \
CURRENT_TIMESTAMP=$$(date +%s); \ CURRENT_TIMESTAMP=$$(date +%s); \
READABLE_DATE=$$(date '+%Y-%m-%d %H:%M:%S %Z'); \ READABLE_DATE=$$(date '+%Y-%m-%d %H:%M:%S %Z'); \
-12
View File
@@ -21,18 +21,6 @@ build {
destination = "/" destination = "/"
} }
# manage deploying incus client certficates
# this isnt super-secure, as the key ends up baked into the docker image
provisioner "shell" {
inline = [
"if [ ${var.include_incus_client_certs} = true ]; then",
" mkdir -p /root/.config/incus",
" echo '${replace(local.incus_crt, "'", "'\\''")}' > /root/.config/incus/client.crt",
" echo '${replace(local.incus_key, "'", "'\\''")}' > /root/.config/incus/client.key",
"fi"
]
}
# post-file-copy scripts # post-file-copy scripts
provisioner "shell" { provisioner "shell" {
inline = var.scripts_post_file_copy inline = var.scripts_post_file_copy
+5 -5
View File
@@ -50,11 +50,11 @@ build {
post-processor "shell-local" { post-processor "shell-local" {
inline = [ inline = [
"incus image alias delete $(incus remote get-default):${local.incus_base_name}/latest || true", "incus image alias delete local:${local.incus_base_name}/latest || true",
"incus image alias delete $(incus remote get-default):${local.incus_base_name}/${var.date} || true", "incus image alias delete local:${local.incus_base_name}/${var.date} || true",
"incus image info $(incus remote get-default):${local.incus_output_image} | grep Fingerprint | awk '{print $2}'", "incus image info local:${local.incus_output_image} | grep Fingerprint | awk '{print $2}'",
"incus image alias create $(incus remote get-default):${local.incus_base_name}/latest $(incus image info $(incus remote get-default):${local.incus_output_image} | grep Fingerprint | awk '{print $2}')", "incus image alias create local:${local.incus_base_name}/latest $(incus image info local:${local.incus_output_image} | grep Fingerprint | awk '{print $2}')",
"incus image alias create $(incus remote get-default):${local.incus_base_name}/${var.date} $(incus image info $(incus remote get-default):${local.incus_output_image} | grep Fingerprint | awk '{print $2}')" "incus image alias create local:${local.incus_base_name}/${var.date} $(incus image info local:${local.incus_output_image} | grep Fingerprint | awk '{print $2}')"
] ]
} }
} }
+6 -17
View File
@@ -11,29 +11,18 @@ fi
# Run `make all` if there are changes in builds/ # Run `make all` if there are changes in builds/
if [ -n "$builds_changes" ]; then if [ -n "$builds_changes" ]; then
echo "Changes detected in builds/. Running 'make all'..." echo "Changes detected in builds/. Running 'make build-all'..."
make all && exit 0 || exit 1 make all
fi fi
# Run specific `make` commands for each changed file in images/ # Run specific `make` commands for each changed file in images/
if [ -n "$images_changes" ]; then if [ -n "$images_changes" ]; then
echo "Changes detected in images/. Running specific 'make' commands..." echo "Changes detected in images/. Running specific 'make' commands..."
# Extract unique image targets (keep only up to 3 directory levels) # Extract unique paths for `make` commands
TARGETS=$(echo "$images_changes" | sed -E 's|^images/([^/]+/[^/]+/[^/]+).*|\1|' | sort -u) for file in $images_changes; do
# Get the subdirectory path for the make command (e.g., almalinux/8.10/actionsdind)
# Prioritize base images first target=$(echo "$file" | sed -E 's|images/||; s|/[^/]+$||')
BASE_TARGETS=$(echo "$TARGETS" | grep '/base$' || true)
OTHER_TARGETS=$(echo "$TARGETS" | grep -v '/base$' || true)
# Build base images first
for target in $BASE_TARGETS; do
echo "Running 'make $target' (base image first)..."
make "$target"
done
# Then build other images
for target in $OTHER_TARGETS; do
echo "Running 'make $target'..." echo "Running 'make $target'..."
make "$target" make "$target"
done done
@@ -1,13 +0,0 @@
default-remote: incus-images
remotes:
images:
addr: https://images.linuxcontainers.org
protocol: simplestreams
public: true
incus-images:
addr: https://incus-images.service.consul:8443
auth_type: tls
project: default
protocol: incus
public: false
aliases: {}
@@ -1,15 +0,0 @@
-----BEGIN CERTIFICATE-----
MIICQzCCAcmgAwIBAgIRAKlysEAEDZRgq7isqIy2yEkwCgYIKoZIzj0EAwMwSDEZ
MBcGA1UEChMQTGludXggQ29udGFpbmVyczErMCkGA1UEAwwicm9vdEBhdXN5ZDFu
eHZtMjA2Mi5tYWluLnVua2luLm5ldDAeFw0yNTA2MDcyMTQ0NDdaFw0zNTA2MDUy
MTQ0NDdaMEgxGTAXBgNVBAoTEExpbnV4IENvbnRhaW5lcnMxKzApBgNVBAMMInJv
b3RAYXVzeWQxbnh2bTIwNjIubWFpbi51bmtpbi5uZXQwdjAQBgcqhkjOPQIBBgUr
gQQAIgNiAARsP2WBpyTosVZ5eqRe7mkg/R/dFBGUE+qyW1GZFC6zc8EEdh5Be5IA
yQPOi+s9cFHPFFOAZXdEQdGcjWs8NFISLhuSAWKwgm5Rl1p2Necrauf/ugMEfjuH
V0J7LeUBDJOjdzB1MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
ATAMBgNVHRMBAf8EAjAAMEAGA1UdEQQ5MDeCHWF1c3lkMW54dm0yMDYyLm1haW4u
dW5raW4ubmV0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMAoGCCqGSM49BAMDA2gA
MGUCMCU719yvT6OolcQlWv4s7hIxQRkJ4l/vtwa9sj5QJLZp0xklM4m/X29B0Ogf
yBDkUAIxANua9trToXOzZQooTRvK9ZFRk011XR1NO2A5hyn8uNtrIJYSuAnfcZ14
jZUjLzIkKA==
-----END CERTIFICATE-----
-1
View File
@@ -1 +0,0 @@
packer-images
@@ -1,8 +0,0 @@
#!/usr/bin/bash
set -e
mkdir /app
git clone --branch ${BRANCH} ${REPOSITORY} /app/repo
cd /app/repo
make run
@@ -1,13 +1,11 @@
# almalinux/8.10/actionsdind # almalinux/8.10/actionsdind
deploy_files_from_common = true docker_source = "git.query.consul/unkin/almalinux8-base:latest"
include_incus_client_certs = true
docker_source = "git.unkin.net/unkin/almalinux8-base:latest"
packages = [ packages = [
"bash", "bash",
"consul", "consul",
"docker-ce-cli", "docker-ce-cli",
"incus-client", "jq",
"incus-tools", "make",
"nodejs", "nodejs",
"packer", "packer",
"terraform", "terraform",
@@ -1 +0,0 @@
20260106
-1
View File
@@ -1,2 +1 @@
docker docker
incus
@@ -1,6 +1,6 @@
[epel] [epel]
name=epel repository name=epel repository
baseurl=https://packagerepo.service.consul/epel/8/everything-daily/x86_64/os/ baseurl=https://edgecache.query.consul/epel/8/Everything/x86_64
gpgkey=https://packagerepo.service.consul/epel/8/everything-daily/x86_64/os/RPM-GPG-KEY-EPEL-8 gpgkey=https://edgecache.query.consul/epel/RPM-GPG-KEY-EPEL-8
enabled=1 enabled=1
gpgcheck=1 gpgcheck=1
@@ -1,15 +1,10 @@
# almalinux/8.10/base # almalinux/8.10/base
deploy_files_from_image = true deploy_files_from_image = true
deploy_files_from_common = true deploy_files_from_common = true
use_incus = false
packages = [ packages = [
"git", "git",
"jq", "jq",
"make",
"python3.11",
"python3.11-pip",
"python3.12",
"python3.12-pip",
"unkin-ca-certificates",
"uv", "uv",
"wget", "wget",
] ]
-1
View File
@@ -1 +0,0 @@
20260106
@@ -1,6 +1,13 @@
# almalinux/8.10/jupyterlab # almalinux/8.10/jupyterlab
docker_source = "git.unkin.net/unkin/almalinux8-base:latest" docker_source = "git.query.consul/unkin/almalinux8-base:latest"
deploy_files_from_common = true deploy_files_from_common = true
packages = [
"uv",
"python3.11",
"python3.11-pip",
"python3.12",
"python3.12-pip"
]
scripts_pre_file_copy = [ scripts_pre_file_copy = [
"dnf install -y sudo", "dnf install -y sudo",
] ]
-1
View File
@@ -1 +0,0 @@
20250608
-1
View File
@@ -1 +0,0 @@
incus
@@ -1,64 +0,0 @@
# Beware! This file is rewritten by htop when settings are changed in the interface.
# The parser is also very primitive, and not human-friendly.
htop_version=3.3.0
config_reader_min_version=3
fields=0 48 17 18 38 39 40 2 46 47 49 1
hide_kernel_threads=1
hide_userland_threads=0
hide_running_in_container=0
shadow_other_users=0
show_thread_names=0
show_program_path=1
highlight_base_name=0
highlight_deleted_exe=1
shadow_distribution_path_prefix=0
highlight_megabytes=1
highlight_threads=1
highlight_changes=0
highlight_changes_delay_secs=5
find_comm_in_cmdline=1
strip_exe_from_cmdline=1
show_merged_command=0
header_margin=1
screen_tabs=1
detailed_cpu_time=0
cpu_count_from_one=0
show_cpu_usage=1
show_cpu_frequency=0
show_cpu_temperature=0
degree_fahrenheit=0
update_process_names=0
account_guest_in_cpu_meter=0
color_scheme=0
enable_mouse=1
delay=15
hide_function_bar=0
topology_affinity=0
header_layout=two_50_50
column_meters_0=CPU Memory Swap DiskIO
column_meter_modes_0=1 1 1 2
column_meters_1=Tasks LoadAverage Uptime NetworkIO
column_meter_modes_1=2 2 2 2
tree_view=1
sort_key=46
tree_sort_key=0
sort_direction=-1
tree_sort_direction=1
tree_view_always_by_pid=0
all_branches_collapsed=0
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
.sort_key=PERCENT_CPU
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=1
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE PERCENT_SWAP_DELAY PERCENT_IO_DELAY Command
.sort_key=IO_RATE
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=0
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
@@ -1,4 +0,0 @@
[puppet]
name=puppet repository
baseurl=https://packagerepo.service.consul/puppet7/el/8-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/puppet7/el/8-daily/x86_64/os/RPM-GPG-KEY-puppet-20250406
@@ -1,19 +0,0 @@
# almalinux/8.10/puppet-base
incus_source = "almalinux8/base/latest"
deploy_files_from_image = true
use_incus = true
packages = [
"htop",
"openssh-server",
"puppet-agent",
"puppet-initial"
]
scripts_pre_packages = [
"dnf makecache",
"dnf update -y",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf",
"systemctl enable sshd"
]
@@ -1 +0,0 @@
20250712
@@ -1,5 +1,5 @@
# almalinux/8.10/rpmbuilder # almalinux/8.10/rpmbuilder
docker_source = "git.unkin.net/unkin/almalinux8-base:latest" docker_source = "git.query.consul/unkin/almalinux8-base:latest"
packages = [ packages = [
"asciidoc", "asciidoc",
"autoconf", "autoconf",
@@ -19,6 +19,7 @@ packages = [
"intltool", "intltool",
"jna", "jna",
"ltrace", "ltrace",
"make",
"nfpm", "nfpm",
"patchutils", "patchutils",
"perl-Fedora-VSP", "perl-Fedora-VSP",
-1
View File
@@ -1 +0,0 @@
20260106
@@ -1,16 +1,14 @@
# almalinux/9.6/actionsdind # almalinux/9.5/actionsdind
deploy_files_from_common = true docker_source = "git.query.consul/unkin/almalinux9-base:latest"
include_incus_client_certs = true
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [ packages = [
"bash", "bash",
"consul", "consul",
"docker-ce-cli", "docker-ce-cli",
"incus-client", "jq",
"incus-tools", "make",
"nodejs", "nodejs",
"opentofu",
"packer", "packer",
"terraform",
"terragrunt", "terragrunt",
"unzip", "unzip",
"vault" "vault"
@@ -0,0 +1,6 @@
[appstream]
name=appstream repository
baseurl=https://edgecache.query.consul/almalinux/9.5/AppStream/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -0,0 +1,6 @@
[baseos]
name=baseos repository
baseurl=https://edgecache.query.consul/almalinux/9.5/BaseOS/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -0,0 +1,5 @@
# new repo for EL9+, replaces PowerTools repo
[crb]
name=crb repository
baseurl=https://edgecache.query.consul/almalinux/9.5/CRB/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
@@ -0,0 +1,6 @@
[epel]
name=epel repository
baseurl=https://edgecache.query.consul/epel/9/Everything/x86_64
gpgkey=https://edgecache.query.consul/epel/RPM-GPG-KEY-EPEL-9
enabled=1
gpgcheck=1
@@ -0,0 +1,4 @@
[extras]
name=extras repository
baseurl=https://edgecache.query.consul/almalinux/9.5/extras/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
@@ -0,0 +1,4 @@
[highavailability]
name=highavailability repository
baseurl=https://edgecache.query.consul/almalinux/9.5/HighAvailability/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
@@ -1,16 +1,10 @@
# almalinux/9.6/base # almalinux/9.5/base
deploy_files_from_image = true deploy_files_from_image = true
deploy_files_from_common = true deploy_files_from_common = true
use_incus = true use_incus = false
packages = [ packages = [
"git", "git",
"jq", "jq",
"make",
"python3.11",
"python3.11-pip",
"python3.12",
"python3.12-pip",
"unkin-ca-certificates",
"uv", "uv",
"wget", "wget",
] ]
@@ -1,6 +1,13 @@
# almalinux/9.5/jupyterlab # almalinux/9.5/jupyterlab
deploy_files_from_common = true deploy_files_from_common = true
docker_source = "git.unkin.net/unkin/almalinux9-base:latest" docker_source = "git.query.consul/unkin/almalinux9-base:latest"
packages = [
"uv",
"python3.11",
"python3.11-pip",
"python3.12",
"python3.12-pip"
]
scripts_pre_file_copy = [ scripts_pre_file_copy = [
"dnf install -y sudo", "dnf install -y sudo",
] ]
@@ -1,5 +1,5 @@
# almalinux/9.6/rpmbuilder # almalinux/9.5/rpmbuilder
docker_source = "git.unkin.net/unkin/almalinux9-base:latest" docker_source = "git.query.consul/unkin/almalinux9-base:latest"
packages = [ packages = [
"asciidoc", "asciidoc",
"autoconf", "autoconf",
@@ -19,6 +19,7 @@ packages = [
"intltool", "intltool",
"jna", "jna",
"ltrace", "ltrace",
"make",
"nfpm", "nfpm",
"patchutils", "patchutils",
"perl-Fedora-VSP", "perl-Fedora-VSP",
-1
View File
@@ -1 +0,0 @@
20260106
@@ -1,22 +0,0 @@
# almalinux/9.6/rpmbuilder
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"sudo"
]
scripts_post_packages = [
"git clone https://git.unkin.net/unkin/artifactapi.git /app/artifactapi && uv build --wheel /app/artifactapi",
"useradd -m -r -s /bin/sh appuser && chown -R appuser:appuser /app",
"sudo -u appuser uv tool install --from /app/artifactapi/dist/*.whl artifactapi",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
docker_changes = [
"EXPOSE 8000",
"HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 CMD curl -f http://localhost:8000/health || exit 1",
"USER appuser",
"ENV PATH=\"/home/appuser/.local/bin:$PATH\"",
"WORKDIR /app",
"CMD [\"artifactapi\"]"
]
-1
View File
@@ -1 +0,0 @@
20260110
-2
View File
@@ -1,2 +0,0 @@
docker
incus
@@ -1,6 +0,0 @@
[appstream]
name=appstream repository
baseurl=https://packagerepo.service.consul/almalinux/9.6/appstream-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/almalinux/9.6/appstream-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[baseos]
name=baseos repository
baseurl=https://packagerepo.service.consul/almalinux/9.6/baseos-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/almalinux/9.6/baseos-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,7 +0,0 @@
# new repo for EL9+, replaces PowerTools repo
[crb]
name=crb repository
baseurl=https://packagerepo.service.consul/almalinux/9.6/crb-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/almalinux/9.6/crb-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[epel]
name=epel repository
baseurl=https://packagerepo.service.consul/epel/9/everything-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/epel/9/everything-daily/x86_64/os/RPM-GPG-KEY-EPEL-9
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[extras]
name=extras repository
baseurl=https://packagerepo.service.consul/almalinux/9.6/extras-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/almalinux/9.6/extras-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,4 +0,0 @@
[ha]
name=ha repository
baseurl=https://packagerepo.service.consul/almalinux/9.6/ha-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/almalinux/9.6/ha-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
-1
View File
@@ -1 +0,0 @@
20260106
-1
View File
@@ -1 +0,0 @@
20250608
@@ -1,12 +0,0 @@
# almalinux/9.6/makerun
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"sudo"
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
docker_changes = [
"CMD /usr/local/bin/run.sh"
]
-1
View File
@@ -1 +0,0 @@
20260110_2
-1
View File
@@ -1 +0,0 @@
incus
@@ -1,64 +0,0 @@
# Beware! This file is rewritten by htop when settings are changed in the interface.
# The parser is also very primitive, and not human-friendly.
htop_version=3.3.0
config_reader_min_version=3
fields=0 48 17 18 38 39 40 2 46 47 49 1
hide_kernel_threads=1
hide_userland_threads=0
hide_running_in_container=0
shadow_other_users=0
show_thread_names=0
show_program_path=1
highlight_base_name=0
highlight_deleted_exe=1
shadow_distribution_path_prefix=0
highlight_megabytes=1
highlight_threads=1
highlight_changes=0
highlight_changes_delay_secs=5
find_comm_in_cmdline=1
strip_exe_from_cmdline=1
show_merged_command=0
header_margin=1
screen_tabs=1
detailed_cpu_time=0
cpu_count_from_one=0
show_cpu_usage=1
show_cpu_frequency=0
show_cpu_temperature=0
degree_fahrenheit=0
update_process_names=0
account_guest_in_cpu_meter=0
color_scheme=0
enable_mouse=1
delay=15
hide_function_bar=0
topology_affinity=0
header_layout=two_50_50
column_meters_0=CPU Memory Swap DiskIO
column_meter_modes_0=1 1 1 2
column_meters_1=Tasks LoadAverage Uptime NetworkIO
column_meter_modes_1=2 2 2 2
tree_view=1
sort_key=46
tree_sort_key=0
sort_direction=-1
tree_sort_direction=1
tree_view_always_by_pid=0
all_branches_collapsed=0
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
.sort_key=PERCENT_CPU
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=1
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE PERCENT_SWAP_DELAY PERCENT_IO_DELAY Command
.sort_key=IO_RATE
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=0
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
@@ -1,4 +0,0 @@
[puppet]
name=puppet repository
baseurl=https://packagerepo.service.consul/puppet7/el/9-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/puppet7/el/9-daily/x86_64/os/RPM-GPG-KEY-puppet-20250406
@@ -1,19 +0,0 @@
# almalinux/9.5/puppet-base
incus_source = "almalinux9/base/latest"
deploy_files_from_image = true
use_incus = true
packages = [
"htop",
"openssh-server",
"puppet-agent",
"puppet-initial"
]
scripts_pre_packages = [
"dnf makecache",
"dnf update -y",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf",
"systemctl enable sshd"
]
-1
View File
@@ -1 +0,0 @@
20250712
-1
View File
@@ -1 +0,0 @@
docker
-1
View File
@@ -1 +0,0 @@
20260106
-2
View File
@@ -7,6 +7,4 @@ locals {
incus_base_name = "${var.os_name}${var.os_version_major}/${var.os_image}" incus_base_name = "${var.os_name}${var.os_version_major}/${var.os_image}"
incus_output_image = "${local.incus_base_name}/${var.suffix}" incus_output_image = "${local.incus_base_name}/${var.suffix}"
is_master = "${var.git_branch}" == "master" is_master = "${var.git_branch}" == "master"
incus_key = vault("kv/data/service/packer/builder/docker-incus-client", "private_key")
incus_crt = vault("kv/data/service/packer/builder/docker-incus-client", "public_key")
} }
+1 -1
View File
@@ -6,7 +6,7 @@ packer {
} }
incus = { incus = {
source = "github.com/bketelsen/incus" source = "github.com/bketelsen/incus"
version = "1.2.0" version = "~> 1"
} }
} }
} }
+1 -1
View File
@@ -7,5 +7,5 @@ source "docker" "os" {
source "incus" "os" { source "incus" "os" {
image = var.incus_source image = var.incus_source
output_image = local.incus_output_image output_image = local.incus_output_image
profile = "build" publish_remote_name = "local"
} }
-4
View File
@@ -121,7 +121,3 @@ variable "git_branch" {
type = string type = string
default = env("GIT_BRANCH") default = env("GIT_BRANCH")
} }
variable "include_incus_client_certs" {
type = bool
default = false
}