Compare commits

..

2 Commits

Author SHA1 Message Date
unkinben eb3d5b3956 feat: update incus build process
Build / build (pull_request) Successful in 27m35s
- ensure unkin-ca-certificates are installed
- find the default incus remote and use that for images
- dont set publish_remote_name
- build incus images for the base image
- build puppet-base image for incus only
- ensure builds are made with the `build` profile
2025-04-23 23:00:23 +10:00
unkinben afceaa8618 feat: build incus images
- enable building incus incus images
2025-04-23 19:46:58 +10:00
55 changed files with 67 additions and 260 deletions
+1 -1
View File
@@ -7,7 +7,7 @@ jobs:
build:
runs-on: almalinux-8
container:
image: git.unkin.net/unkin/almalinux9-actionsdind:latest
image: git.query.consul/unkin/almalinux9-actionsdind:latest
options: --privileged
steps:
+1 -1
View File
@@ -9,7 +9,7 @@ jobs:
build:
runs-on: almalinux-8
container:
image: git.unkin.net/unkin/almalinux9-actionsdind:latest
image: git.query.consul/unkin/almalinux9-actionsdind:latest
options: --privileged
steps:
+4 -4
View File
@@ -4,7 +4,7 @@ LIBRARY_PATH := library
SYMLINK_PREFIX := library_
# Docker registry variables
REGISTRY := git.unkin.net
REGISTRY := git.query.consul
OWNER := unkin
DATE_TAG := $(shell date +%Y%m%d)
SUFFIX=$(shell basename $$(mktemp -u) | cut -d . -f 2)
@@ -50,7 +50,7 @@ $(DIRS):
@echo "Building for $@"
# Export environment
export VAULT_ADDR=https://vault.service.consul:8200
export VAULT_ADDR=https://vault.query.consul:8200
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
eval $$(vault kv get -format=json kv/service/packer/builder/env | jq -r '.data.data | to_entries[] | "export \(.key)=\(.value)"')
@@ -86,12 +86,12 @@ $(DIRS):
export OS_IMAGE=$$(echo $@ | cut -d'/' -f3) && \
export OS_VERSION_MAJOR=$$(echo $$OS_VERSION_FULL | cut -d'.' -f1) && \
export DOCKER_SOURCE=$$OS_NAME:$$OS_VERSION_FULL && \
export DOCKER_SERVER='git.unkin.net' && \
export DOCKER_SERVER='git.query.consul' && \
export INCUS_SOURCE="images:$$OS_NAME/$$OS_VERSION_MAJOR" && \
export SUFFIX=$(SUFFIX) && \
export GIT_COMMIT=$(GIT_COMMIT) && \
export GIT_BRANCH=$(GIT_BRANCH) && \
export VAULT_ADDR=https://vault.service.consul:8200
export VAULT_ADDR=https://vault.query.consul:8200
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
/usr/bin/packer init . && \
/usr/bin/packer build . )
+3 -3
View File
@@ -12,15 +12,15 @@ fi
# Run `make all` if there are changes in builds/
if [ -n "$builds_changes" ]; then
echo "Changes detected in builds/. Running 'make all'..."
make all && exit 0 || exit 1
make all
fi
# Run specific `make` commands for each changed file in images/
if [ -n "$images_changes" ]; then
echo "Changes detected in images/. Running specific 'make' commands..."
# Extract unique image targets (keep only up to 3 directory levels)
TARGETS=$(echo "$images_changes" | sed -E 's|^images/([^/]+/[^/]+/[^/]+).*|\1|' | sort -u)
# Extract unique paths for `make` commands
TARGETS=$(echo "$images_changes" | sed -E 's|images/||; s|/[^/]+$||' | sort -u)
# Prioritize base images first
BASE_TARGETS=$(echo "$TARGETS" | grep '/base$' || true)
@@ -1,15 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICQzCCAcmgAwIBAgIRAKlysEAEDZRgq7isqIy2yEkwCgYIKoZIzj0EAwMwSDEZ
MIICQzCCAcmgAwIBAgIRAP69BjDEj7qKxP8PJ1LhPcEwCgYIKoZIzj0EAwMwSDEZ
MBcGA1UEChMQTGludXggQ29udGFpbmVyczErMCkGA1UEAwwicm9vdEBhdXN5ZDFu
eHZtMjA2Mi5tYWluLnVua2luLm5ldDAeFw0yNTA2MDcyMTQ0NDdaFw0zNTA2MDUy
MTQ0NDdaMEgxGTAXBgNVBAoTEExpbnV4IENvbnRhaW5lcnMxKzApBgNVBAMMInJv
b3RAYXVzeWQxbnh2bTIwNjIubWFpbi51bmtpbi5uZXQwdjAQBgcqhkjOPQIBBgUr
gQQAIgNiAARsP2WBpyTosVZ5eqRe7mkg/R/dFBGUE+qyW1GZFC6zc8EEdh5Be5IA
yQPOi+s9cFHPFFOAZXdEQdGcjWs8NFISLhuSAWKwgm5Rl1p2Necrauf/ugMEfjuH
V0J7LeUBDJOjdzB1MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
ATAMBgNVHRMBAf8EAjAAMEAGA1UdEQQ5MDeCHWF1c3lkMW54dm0yMDYyLm1haW4u
eHZtMTA3Mi5tYWluLnVua2luLm5ldDAeFw0yNTA0MjEwNTI3MDZaFw0zNTA0MTkw
NTI3MDZaMEgxGTAXBgNVBAoTEExpbnV4IENvbnRhaW5lcnMxKzApBgNVBAMMInJv
b3RAYXVzeWQxbnh2bTEwNzIubWFpbi51bmtpbi5uZXQwdjAQBgcqhkjOPQIBBgUr
gQQAIgNiAAT+BWB3mVdTG6kIy5XY5z0t7QqudNMIqA7cXt+mT7sV74gVJeVjWi1P
poXp6OPXaGJUP937aisdAfRyvSd5qWu/WJ+i6vu7jNrGrTMsM9HDFqUzhNK5wcd4
v0BxRAT70fGjdzB1MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
ATAMBgNVHRMBAf8EAjAAMEAGA1UdEQQ5MDeCHWF1c3lkMW54dm0xMDcyLm1haW4u
dW5raW4ubmV0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMAoGCCqGSM49BAMDA2gA
MGUCMCU719yvT6OolcQlWv4s7hIxQRkJ4l/vtwa9sj5QJLZp0xklM4m/X29B0Ogf
yBDkUAIxANua9trToXOzZQooTRvK9ZFRk011XR1NO2A5hyn8uNtrIJYSuAnfcZ14
jZUjLzIkKA==
MGUCMBcKlKF05Nd1NDxRDzji45O5O18EvvHkwGCAQHMw1V6Q6RNIbajSKEPwch5q
qIciAQIxAIWpYJkELMpX2yJi6uzsN5KKo5LB3p5q8VGirgs3VDpma36oo99yw9nk
YBQ2dT1GqA==
-----END CERTIFICATE-----
@@ -1,8 +0,0 @@
#!/usr/bin/bash
set -e
mkdir /app
git clone --branch ${BRANCH} ${REPOSITORY} /app/repo
cd /app/repo
make run
@@ -1,7 +1,7 @@
# almalinux/8.10/actionsdind
deploy_files_from_common = true
include_incus_client_certs = true
docker_source = "git.unkin.net/unkin/almalinux8-base:latest"
docker_source = "git.query.consul/unkin/almalinux8-base:latest"
packages = [
"bash",
"consul",
@@ -1 +0,0 @@
20260106
@@ -1,6 +1,6 @@
[epel]
name=epel repository
baseurl=https://packagerepo.service.consul/epel/8/everything-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/epel/8/everything-daily/x86_64/os/RPM-GPG-KEY-EPEL-8
baseurl=https://edgecache.query.consul/epel/8/Everything/x86_64
gpgkey=https://edgecache.query.consul/epel/RPM-GPG-KEY-EPEL-8
enabled=1
gpgcheck=1
@@ -1,6 +1,7 @@
# almalinux/8.10/base
deploy_files_from_image = true
deploy_files_from_common = true
use_incus = true
packages = [
"git",
"jq",
-1
View File
@@ -1 +0,0 @@
20260106
@@ -1,5 +1,5 @@
# almalinux/8.10/jupyterlab
docker_source = "git.unkin.net/unkin/almalinux8-base:latest"
docker_source = "git.query.consul/unkin/almalinux8-base:latest"
deploy_files_from_common = true
scripts_pre_file_copy = [
"dnf install -y sudo",
-1
View File
@@ -1 +0,0 @@
20250608
@@ -1,64 +0,0 @@
# Beware! This file is rewritten by htop when settings are changed in the interface.
# The parser is also very primitive, and not human-friendly.
htop_version=3.3.0
config_reader_min_version=3
fields=0 48 17 18 38 39 40 2 46 47 49 1
hide_kernel_threads=1
hide_userland_threads=0
hide_running_in_container=0
shadow_other_users=0
show_thread_names=0
show_program_path=1
highlight_base_name=0
highlight_deleted_exe=1
shadow_distribution_path_prefix=0
highlight_megabytes=1
highlight_threads=1
highlight_changes=0
highlight_changes_delay_secs=5
find_comm_in_cmdline=1
strip_exe_from_cmdline=1
show_merged_command=0
header_margin=1
screen_tabs=1
detailed_cpu_time=0
cpu_count_from_one=0
show_cpu_usage=1
show_cpu_frequency=0
show_cpu_temperature=0
degree_fahrenheit=0
update_process_names=0
account_guest_in_cpu_meter=0
color_scheme=0
enable_mouse=1
delay=15
hide_function_bar=0
topology_affinity=0
header_layout=two_50_50
column_meters_0=CPU Memory Swap DiskIO
column_meter_modes_0=1 1 1 2
column_meters_1=Tasks LoadAverage Uptime NetworkIO
column_meter_modes_1=2 2 2 2
tree_view=1
sort_key=46
tree_sort_key=0
sort_direction=-1
tree_sort_direction=1
tree_view_always_by_pid=0
all_branches_collapsed=0
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
.sort_key=PERCENT_CPU
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=1
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE PERCENT_SWAP_DELAY PERCENT_IO_DELAY Command
.sort_key=IO_RATE
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=0
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
@@ -3,8 +3,6 @@ incus_source = "almalinux8/base/latest"
deploy_files_from_image = true
use_incus = true
packages = [
"htop",
"openssh-server",
"puppet-agent",
"puppet-initial"
]
@@ -14,6 +12,5 @@ scripts_pre_packages = [
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf",
"systemctl enable sshd"
"rm -rf /var/cache/dnf"
]
@@ -1 +0,0 @@
20250712
@@ -1,5 +1,5 @@
# almalinux/8.10/rpmbuilder
docker_source = "git.unkin.net/unkin/almalinux8-base:latest"
docker_source = "git.query.consul/unkin/almalinux8-base:latest"
packages = [
"asciidoc",
"autoconf",
-1
View File
@@ -1 +0,0 @@
20260106
@@ -1,7 +1,7 @@
# almalinux/9.6/actionsdind
# almalinux/9.5/actionsdind
deploy_files_from_common = true
include_incus_client_certs = true
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
docker_source = "git.query.consul/unkin/almalinux9-base:latest"
packages = [
"bash",
"consul",
@@ -9,8 +9,8 @@ packages = [
"incus-client",
"incus-tools",
"nodejs",
"opentofu",
"packer",
"terraform",
"terragrunt",
"unzip",
"vault"
@@ -0,0 +1,6 @@
[appstream]
name=appstream repository
baseurl=https://edgecache.query.consul/almalinux/9.5/AppStream/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -0,0 +1,6 @@
[baseos]
name=baseos repository
baseurl=https://edgecache.query.consul/almalinux/9.5/BaseOS/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -0,0 +1,5 @@
# new repo for EL9+, replaces PowerTools repo
[crb]
name=crb repository
baseurl=https://edgecache.query.consul/almalinux/9.5/CRB/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
@@ -0,0 +1,6 @@
[epel]
name=epel repository
baseurl=https://edgecache.query.consul/epel/9/Everything/x86_64
gpgkey=https://edgecache.query.consul/epel/RPM-GPG-KEY-EPEL-9
enabled=1
gpgcheck=1
@@ -0,0 +1,4 @@
[extras]
name=extras repository
baseurl=https://edgecache.query.consul/almalinux/9.5/extras/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
@@ -0,0 +1,4 @@
[highavailability]
name=highavailability repository
baseurl=https://edgecache.query.consul/almalinux/9.5/HighAvailability/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
@@ -1,4 +1,4 @@
# almalinux/9.6/base
# almalinux/9.5/base
deploy_files_from_image = true
deploy_files_from_common = true
use_incus = true
@@ -1,6 +1,6 @@
# almalinux/9.5/jupyterlab
deploy_files_from_common = true
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
docker_source = "git.query.consul/unkin/almalinux9-base:latest"
scripts_pre_file_copy = [
"dnf install -y sudo",
]
@@ -3,8 +3,6 @@ incus_source = "almalinux9/base/latest"
deploy_files_from_image = true
use_incus = true
packages = [
"htop",
"openssh-server",
"puppet-agent",
"puppet-initial"
]
@@ -14,6 +12,5 @@ scripts_pre_packages = [
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf",
"systemctl enable sshd"
"rm -rf /var/cache/dnf"
]
@@ -1,5 +1,5 @@
# almalinux/9.6/rpmbuilder
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
# almalinux/9.5/rpmbuilder
docker_source = "git.query.consul/unkin/almalinux9-base:latest"
packages = [
"asciidoc",
"autoconf",
-1
View File
@@ -1 +0,0 @@
20260106
@@ -1,22 +0,0 @@
# almalinux/9.6/rpmbuilder
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"sudo"
]
scripts_post_packages = [
"git clone https://git.unkin.net/unkin/artifactapi.git /app/artifactapi && uv build --wheel /app/artifactapi",
"useradd -m -r -s /bin/sh appuser && chown -R appuser:appuser /app",
"sudo -u appuser uv tool install --from /app/artifactapi/dist/*.whl artifactapi",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
docker_changes = [
"EXPOSE 8000",
"HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 CMD curl -f http://localhost:8000/health || exit 1",
"USER appuser",
"ENV PATH=\"/home/appuser/.local/bin:$PATH\"",
"WORKDIR /app",
"CMD [\"artifactapi\"]"
]
-1
View File
@@ -1 +0,0 @@
20260110
@@ -1,6 +0,0 @@
[appstream]
name=appstream repository
baseurl=https://packagerepo.service.consul/almalinux/9.6/appstream-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/almalinux/9.6/appstream-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[baseos]
name=baseos repository
baseurl=https://packagerepo.service.consul/almalinux/9.6/baseos-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/almalinux/9.6/baseos-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,7 +0,0 @@
# new repo for EL9+, replaces PowerTools repo
[crb]
name=crb repository
baseurl=https://packagerepo.service.consul/almalinux/9.6/crb-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/almalinux/9.6/crb-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[epel]
name=epel repository
baseurl=https://packagerepo.service.consul/epel/9/everything-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/epel/9/everything-daily/x86_64/os/RPM-GPG-KEY-EPEL-9
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[extras]
name=extras repository
baseurl=https://packagerepo.service.consul/almalinux/9.6/extras-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/almalinux/9.6/extras-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,4 +0,0 @@
[ha]
name=ha repository
baseurl=https://packagerepo.service.consul/almalinux/9.6/ha-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/almalinux/9.6/ha-daily/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
-1
View File
@@ -1 +0,0 @@
20260106
-1
View File
@@ -1 +0,0 @@
20250608
-1
View File
@@ -1 +0,0 @@
docker
@@ -1,12 +0,0 @@
# almalinux/9.6/makerun
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"sudo"
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
docker_changes = [
"CMD /usr/local/bin/run.sh"
]
-1
View File
@@ -1 +0,0 @@
20260110_2
@@ -1,64 +0,0 @@
# Beware! This file is rewritten by htop when settings are changed in the interface.
# The parser is also very primitive, and not human-friendly.
htop_version=3.3.0
config_reader_min_version=3
fields=0 48 17 18 38 39 40 2 46 47 49 1
hide_kernel_threads=1
hide_userland_threads=0
hide_running_in_container=0
shadow_other_users=0
show_thread_names=0
show_program_path=1
highlight_base_name=0
highlight_deleted_exe=1
shadow_distribution_path_prefix=0
highlight_megabytes=1
highlight_threads=1
highlight_changes=0
highlight_changes_delay_secs=5
find_comm_in_cmdline=1
strip_exe_from_cmdline=1
show_merged_command=0
header_margin=1
screen_tabs=1
detailed_cpu_time=0
cpu_count_from_one=0
show_cpu_usage=1
show_cpu_frequency=0
show_cpu_temperature=0
degree_fahrenheit=0
update_process_names=0
account_guest_in_cpu_meter=0
color_scheme=0
enable_mouse=1
delay=15
hide_function_bar=0
topology_affinity=0
header_layout=two_50_50
column_meters_0=CPU Memory Swap DiskIO
column_meter_modes_0=1 1 1 2
column_meters_1=Tasks LoadAverage Uptime NetworkIO
column_meter_modes_1=2 2 2 2
tree_view=1
sort_key=46
tree_sort_key=0
sort_direction=-1
tree_sort_direction=1
tree_view_always_by_pid=0
all_branches_collapsed=0
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
.sort_key=PERCENT_CPU
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=1
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE PERCENT_SWAP_DELAY PERCENT_IO_DELAY Command
.sort_key=IO_RATE
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=0
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
-1
View File
@@ -1 +0,0 @@
20250712
-1
View File
@@ -1 +0,0 @@
docker
-1
View File
@@ -1 +0,0 @@
20260106
+1 -1
View File
@@ -6,7 +6,7 @@ packer {
}
incus = {
source = "github.com/bketelsen/incus"
version = "1.2.0"
version = "~> 1"
}
}
}