Compare commits

3 Commits

Author SHA1 Message Date
unkinben fb62a03198 test: debug
Build / build (pull_request) Successful in 5s
2025-01-25 17:31:11 +11:00
unkinben 7a1d25f3b6 feat: add build workflows
Build / build (pull_request) Successful in 7s
- enable fetch-depth for code_checkout
- fetch master branch before checking for changed files
- ensure the clean target is called with the default
- improve makefile failure handling
- ensure VAULT_ADDR is set before VAULT_TOKEN
2025-01-25 17:14:28 +11:00
unkinben d936a21108 feat: remove incus from builds file
- this will prevent incus images from building
- pending physical build nodes before enabling deployment of incus images
2025-01-25 17:08:30 +11:00
114 changed files with 152 additions and 805 deletions
+1 -1
View File
@@ -7,7 +7,7 @@ jobs:
build:
runs-on: almalinux-8
container:
image: git.unkin.net/unkin/almalinux9-actionsdind:latest
image: git.query.consul/unkin/almalinux9-actionsdind:latest
options: --privileged
steps:
+5 -1
View File
@@ -9,7 +9,7 @@ jobs:
build:
runs-on: almalinux-8
container:
image: git.unkin.net/unkin/almalinux9-actionsdind:latest
image: git.query.consul/unkin/almalinux9-actionsdind:latest
options: --privileged
steps:
@@ -18,6 +18,10 @@ jobs:
with:
fetch-depth: 0
- name: Fetch master branch
run: |
git fetch origin master:master
- name: Run Packer Builds
env:
VAULT_ROLEID: ${{ secrets.PACKER_BUILDER_VAULT_ROLEID }}
+20 -28
View File
@@ -4,11 +4,11 @@ LIBRARY_PATH := library
SYMLINK_PREFIX := library_
# Docker registry variables
REGISTRY := git.unkin.net
REGISTRY := git.query.consul
OWNER := unkin
DATE_TAG := $(shell date +%Y%m%d)
SUFFIX=$(shell basename $$(mktemp -u) | cut -d . -f 2)
GIT_BRANCH=$(shell git symbolic-ref --short HEAD 2>/dev/null || echo $$GITHUB_HEAD_REF)
GIT_BRANCH=$(shell git branch --show-current)
GIT_COMMIT := $(shell git rev-parse --short HEAD)
# Find all subdirectories under the IMAGES_PATH
@@ -20,27 +20,16 @@ DIRS := $(shell find $(IMAGES_PATH) -mindepth 3 -maxdepth 3 -type d | sed 's|$(I
default: clean
./ci/build.sh
# Separate base images from others
BASE_IMAGES = $(filter %/base,$(DIRS))
OTHER_IMAGES = $(filter-out %/base,$(DIRS))
# Make all images, ensuring base images build first
# Make all images
all:
@for dir in $(BASE_IMAGES); do \
@for dir in $(DIRS); do \
$(MAKE) $$dir; \
done
@for dir in $(OTHER_IMAGES); do \
$(MAKE) $$dir; \
done
# List all directories
list:
@echo "Images:"
@for dir in $(BASE_IMAGES); do \
echo " '$$dir'"; \
done
@for dir in $(OTHER_IMAGES); do \
@for dir in $(DIRS); do \
echo " '$$dir'"; \
done
@@ -50,14 +39,16 @@ $(DIRS):
@echo "Building for $@"
# Export environment
export VAULT_ADDR=https://vault.service.consul:8200
export VAULT_ADDR=https://vault.query.consul:8200
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
eval $$(vault kv get -format=json kv/service/packer/builder/env | jq -r '.data.data | to_entries[] | "export \(.key)=\(.value)"')
@echo "Environment retrieved for $@"
env | grep -i CONSUL
env | grep -i VAULT
# Check if on master branch
@if [ "$(GIT_BRANCH)" = "master" ]; then \
if [ "$(GIT_BRANCH)" = "master" ]; then \
echo "Current branch is $(GIT_BRANCH), checking latest timestamp in consul."; \
LAST_BUILD_TIMESTAMP=$$(consul kv get infra/packer/$@/timestamp || echo "0"); \
CURRENT_TIME=$$(date +%s); \
@@ -71,34 +62,35 @@ $(DIRS):
fi
# Link .hcl files
@find $(LIBRARY_PATH) -name '*.hcl' -exec sh -c 'ln -sf $$PWD/{} $(IMAGES_PATH)/$@/$(SYMLINK_PREFIX)$$(basename {})' \;
@echo "Linking .hcl files for $@"
find $(LIBRARY_PATH) -name '*.hcl' -exec sh -c 'ln -sf $$PWD/{} $(IMAGES_PATH)/$@/$(SYMLINK_PREFIX)$$(basename {})' \;
# Link builds
@for build in $$(cat $(IMAGES_PATH)/$@/builds); do \
@echo "Linking build files for $@"
for build in $$(cat $(IMAGES_PATH)/$@/builds); do \
ln -sf ../../../../builds/$${build}.pkr.hcl $(IMAGES_PATH)/$@/library_$${build}.build.pkr.hcl; \
done
# Build the image
@(cd $(IMAGES_PATH)/$@ && \
(cd $(IMAGES_PATH)/$@ && \
export DATE=$(DATE_TAG) && \
export VERSION=$$(cat version) && \
export OS_NAME=$$(echo $@ | cut -d'/' -f1) && \
export OS_VERSION_FULL=$$(echo $@ | cut -d'/' -f2) && \
export OS_IMAGE=$$(echo $@ | cut -d'/' -f3) && \
export OS_VERSION_MAJOR=$$(echo $$OS_VERSION_FULL | cut -d'.' -f1) && \
export DOCKER_SOURCE=$$OS_NAME:$$OS_VERSION_FULL && \
export DOCKER_SERVER='git.unkin.net' && \
export DOCKER_SERVER='git.query.consul' && \
export INCUS_SOURCE="images:$$OS_NAME/$$OS_VERSION_MAJOR" && \
export SUFFIX=$(SUFFIX) && \
export GIT_COMMIT=$(GIT_COMMIT) && \
export GIT_BRANCH=$(GIT_BRANCH) && \
export VAULT_ADDR=https://vault.service.consul:8200
export VAULT_TOKEN=$$(vault write -field=token auth/approle/login role_id=$$VAULT_ROLEID) && \
/usr/bin/packer init . && \
/usr/bin/packer build . )
echo "Starting packer init for $@" && \
packer init . && \
echo "Starting packer build for $@" && \
packer build . )
# Update build timestamp and date in Consul if on master branch
@if [ "$(GIT_BRANCH)" = "master" ]; then \
if [ "$(GIT_BRANCH)" = "master" ]; then \
echo "Current branch is $(GIT_BRANCH), updating consul."; \
CURRENT_TIMESTAMP=$$(date +%s); \
READABLE_DATE=$$(date '+%Y-%m-%d %H:%M:%S %Z'); \
+1 -13
View File
@@ -21,18 +21,6 @@ build {
destination = "/"
}
# manage deploying incus client certficates
# this isnt super-secure, as the key ends up baked into the docker image
provisioner "shell" {
inline = [
"if [ ${var.include_incus_client_certs} = true ]; then",
" mkdir -p /root/.config/incus",
" echo '${replace(local.incus_crt, "'", "'\\''")}' > /root/.config/incus/client.crt",
" echo '${replace(local.incus_key, "'", "'\\''")}' > /root/.config/incus/client.key",
"fi"
]
}
# post-file-copy scripts
provisioner "shell" {
inline = var.scripts_post_file_copy
@@ -64,7 +52,7 @@ build {
post-processors {
post-processor "docker-tag" {
repository = "${var.docker_server}/unkin/${var.os_name}${var.os_version_major}-${var.os_image}"
tags = ["latest", var.git_commit, var.version]
tags = ["latest", var.date]
}
dynamic "post-processor" {
+5 -5
View File
@@ -50,11 +50,11 @@ build {
post-processor "shell-local" {
inline = [
"incus image alias delete $(incus remote get-default):${local.incus_base_name}/latest || true",
"incus image alias delete $(incus remote get-default):${local.incus_base_name}/${var.date} || true",
"incus image info $(incus remote get-default):${local.incus_output_image} | grep Fingerprint | awk '{print $2}'",
"incus image alias create $(incus remote get-default):${local.incus_base_name}/latest $(incus image info $(incus remote get-default):${local.incus_output_image} | grep Fingerprint | awk '{print $2}')",
"incus image alias create $(incus remote get-default):${local.incus_base_name}/${var.date} $(incus image info $(incus remote get-default):${local.incus_output_image} | grep Fingerprint | awk '{print $2}')"
"incus image alias delete local:${local.incus_base_name}/latest || true",
"incus image alias delete local:${local.incus_base_name}/${var.date} || true",
"incus image info local:${local.incus_output_image} | grep Fingerprint | awk '{print $2}'",
"incus image alias create local:${local.incus_base_name}/latest $(incus image info local:${local.incus_output_image} | grep Fingerprint | awk '{print $2}')",
"incus image alias create local:${local.incus_base_name}/${var.date} $(incus image info local:${local.incus_output_image} | grep Fingerprint | awk '{print $2}')"
]
}
}
+6 -17
View File
@@ -11,29 +11,18 @@ fi
# Run `make all` if there are changes in builds/
if [ -n "$builds_changes" ]; then
echo "Changes detected in builds/. Running 'make all'..."
make all && exit 0 || exit 1
echo "Changes detected in builds/. Running 'make build-all'..."
make all
fi
# Run specific `make` commands for each changed file in images/
if [ -n "$images_changes" ]; then
echo "Changes detected in images/. Running specific 'make' commands..."
# Extract unique image targets (keep only up to 3 directory levels)
TARGETS=$(echo "$images_changes" | sed -E 's|^images/([^/]+/[^/]+/[^/]+).*|\1|' | sort -u)
# Prioritize base images first
BASE_TARGETS=$(echo "$TARGETS" | grep '/base$' || true)
OTHER_TARGETS=$(echo "$TARGETS" | grep -v '/base$' || true)
# Build base images first
for target in $BASE_TARGETS; do
echo "Running 'make $target' (base image first)..."
make "$target"
done
# Then build other images
for target in $OTHER_TARGETS; do
# Extract unique paths for `make` commands
for file in $images_changes; do
# Get the subdirectory path for the make command (e.g., almalinux/8.10/actionsdind)
target=$(echo "$file" | sed -E 's|images/||; s|/[^/]+$||')
echo "Running 'make $target'..."
make "$target"
done
@@ -1,13 +0,0 @@
default-remote: incus-images
remotes:
images:
addr: https://images.linuxcontainers.org
protocol: simplestreams
public: true
incus-images:
addr: https://incus-images.service.consul:8443
auth_type: tls
project: default
protocol: incus
public: false
aliases: {}
@@ -1,15 +0,0 @@
-----BEGIN CERTIFICATE-----
MIICQzCCAcmgAwIBAgIRAKlysEAEDZRgq7isqIy2yEkwCgYIKoZIzj0EAwMwSDEZ
MBcGA1UEChMQTGludXggQ29udGFpbmVyczErMCkGA1UEAwwicm9vdEBhdXN5ZDFu
eHZtMjA2Mi5tYWluLnVua2luLm5ldDAeFw0yNTA2MDcyMTQ0NDdaFw0zNTA2MDUy
MTQ0NDdaMEgxGTAXBgNVBAoTEExpbnV4IENvbnRhaW5lcnMxKzApBgNVBAMMInJv
b3RAYXVzeWQxbnh2bTIwNjIubWFpbi51bmtpbi5uZXQwdjAQBgcqhkjOPQIBBgUr
gQQAIgNiAARsP2WBpyTosVZ5eqRe7mkg/R/dFBGUE+qyW1GZFC6zc8EEdh5Be5IA
yQPOi+s9cFHPFFOAZXdEQdGcjWs8NFISLhuSAWKwgm5Rl1p2Necrauf/ugMEfjuH
V0J7LeUBDJOjdzB1MA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD
ATAMBgNVHRMBAf8EAjAAMEAGA1UdEQQ5MDeCHWF1c3lkMW54dm0yMDYyLm1haW4u
dW5raW4ubmV0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMAoGCCqGSM49BAMDA2gA
MGUCMCU719yvT6OolcQlWv4s7hIxQRkJ4l/vtwa9sj5QJLZp0xklM4m/X29B0Ogf
yBDkUAIxANua9trToXOzZQooTRvK9ZFRk011XR1NO2A5hyn8uNtrIJYSuAnfcZ14
jZUjLzIkKA==
-----END CERTIFICATE-----
-1
View File
@@ -1 +0,0 @@
packer-images
@@ -1,8 +0,0 @@
#!/usr/bin/bash
set -e
mkdir /app
git clone --branch ${BRANCH} ${REPOSITORY} /app/repo
cd /app/repo
make run
@@ -1,13 +1,11 @@
# almalinux/8.10/actionsdind
deploy_files_from_common = true
include_incus_client_certs = true
docker_source = "git.unkin.net/unkin/almalinux8-base:latest"
docker_source = "git.query.consul/unkin/almalinux8-base:latest"
packages = [
"bash",
"consul",
"docker-ce-cli",
"incus-client",
"incus-tools",
"jq",
"make",
"nodejs",
"packer",
"terraform",
@@ -1 +0,0 @@
20260117
@@ -1,6 +1,6 @@
[appstream]
name=appstream repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux/8.10/AppStream/x86_64/os
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux/8.10/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-8
baseurl=https://edgecache.query.consul/almalinux/8.10/AppStream/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-8
enabled=1
gpgcheck=1
@@ -1,6 +1,6 @@
[baseos]
name=baseos repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux/8.10/BaseOS/x86_64/os
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux/8.10/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-8
baseurl=https://edgecache.query.consul/almalinux/8.10/BaseOS/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-8
enabled=1
gpgcheck=1
@@ -1,6 +1,6 @@
[epel]
name=epel repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/epel/8/Everything/x86_64
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/epel/RPM-GPG-KEY-EPEL-8
baseurl=https://edgecache.query.consul/epel/8/Everything/x86_64
gpgkey=https://edgecache.query.consul/epel/RPM-GPG-KEY-EPEL-8
enabled=1
gpgcheck=1
@@ -0,0 +1,4 @@
[extras]
name=extras repository
baseurl=https://edgecache.query.consul/almalinux/8.10/extras/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-8
@@ -1,6 +1,4 @@
[ha]
name=ha repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux/8.10/HighAvailability/x86_64/os
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux/8.10/HighAvailability/x86_64/os/RPM-GPG-KEY-AlmaLinux-8
enabled=1
gpgcheck=1
[highavailability]
name=highavailability repository
baseurl=https://edgecache.query.consul/almalinux/8.10/HighAvailability/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-8
@@ -1,7 +1,7 @@
# replaced by crb repo in EL9
[powertools]
name=powertools repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux/8.10/PowerTools/x86_64/os
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux/8.10/PowerTools/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
baseurl=https://edgecache.query.consul/almalinux/8.10/PowerTools/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-8
enabled=1
gpgcheck=1
@@ -1,6 +1,6 @@
[unkin]
name=unkin repository
baseurl=https://git.unkin.net/api/packages/unkin/rpm/almalinux/el8
gpgkey=https://git.unkin.net/api/packages/unkin/rpm/repository.key
baseurl=https://git.query.consul/api/packages/unkin/rpm/almalinux/el8
gpgkey=https://git.query.consul/api/packages/unkin/rpm/repository.key
enabled=1
gpgcheck=0
@@ -1,7 +1,7 @@
# only available on EL8
[unkinben]
name=unkinben repository
baseurl=https://git.unkin.net/api/packages/unkinben/rpm/el8
gpgkey=https://git.unkin.net/api/packages/unkinben/rpm/repository.key
baseurl=https://git.query.consul/api/packages/unkinben/rpm/el8
gpgkey=https://git.query.consul/api/packages/unkinben/rpm/repository.key
enabled=1
gpgcheck=0
@@ -1,21 +1,16 @@
# almalinux/8.10/base
deploy_files_from_image = true
deploy_files_from_common = true
use_incus = false
packages = [
"git",
"jq",
"make",
"python3.11",
"python3.11-pip",
"python3.12",
"python3.12-pip",
"unkin-ca-certificates",
"uv",
"wget",
]
scripts_pre_file_copy = [
"rm -f /etc/yum.repos.d/*.repo",
"curl -k -o internal-ca-certificates.rpm https://git.unkin.net/unkin/-/packages/rpm/internal-ca-certificates/20240825-1.el8/files/756 && rpm -i internal-ca-certificates.rpm"
"curl -k -o internal-ca-certificates.rpm https://git.query.consul/unkin/-/packages/rpm/internal-ca-certificates/20240825-1.el8/files/756 && rpm -i internal-ca-certificates.rpm"
]
scripts_pre_packages = [
"dnf makecache",
-1
View File
@@ -1 +0,0 @@
20260516
@@ -1,6 +1,13 @@
# almalinux/8.10/jupyterlab
docker_source = "git.unkin.net/unkin/almalinux8-base:latest"
docker_source = "git.query.consul/unkin/almalinux8-base:latest"
deploy_files_from_common = true
packages = [
"uv",
"python3.11",
"python3.11-pip",
"python3.12",
"python3.12-pip"
]
scripts_pre_file_copy = [
"dnf install -y sudo",
]
-1
View File
@@ -1 +0,0 @@
20260117
-1
View File
@@ -1 +0,0 @@
incus
@@ -1,64 +0,0 @@
# Beware! This file is rewritten by htop when settings are changed in the interface.
# The parser is also very primitive, and not human-friendly.
htop_version=3.3.0
config_reader_min_version=3
fields=0 48 17 18 38 39 40 2 46 47 49 1
hide_kernel_threads=1
hide_userland_threads=0
hide_running_in_container=0
shadow_other_users=0
show_thread_names=0
show_program_path=1
highlight_base_name=0
highlight_deleted_exe=1
shadow_distribution_path_prefix=0
highlight_megabytes=1
highlight_threads=1
highlight_changes=0
highlight_changes_delay_secs=5
find_comm_in_cmdline=1
strip_exe_from_cmdline=1
show_merged_command=0
header_margin=1
screen_tabs=1
detailed_cpu_time=0
cpu_count_from_one=0
show_cpu_usage=1
show_cpu_frequency=0
show_cpu_temperature=0
degree_fahrenheit=0
update_process_names=0
account_guest_in_cpu_meter=0
color_scheme=0
enable_mouse=1
delay=15
hide_function_bar=0
topology_affinity=0
header_layout=two_50_50
column_meters_0=CPU Memory Swap DiskIO
column_meter_modes_0=1 1 1 2
column_meters_1=Tasks LoadAverage Uptime NetworkIO
column_meter_modes_1=2 2 2 2
tree_view=1
sort_key=46
tree_sort_key=0
sort_direction=-1
tree_sort_direction=1
tree_view_always_by_pid=0
all_branches_collapsed=0
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
.sort_key=PERCENT_CPU
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=1
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE PERCENT_SWAP_DELAY PERCENT_IO_DELAY Command
.sort_key=IO_RATE
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=0
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
@@ -1,4 +0,0 @@
[puppet]
name=puppet repository
baseurl=https://packagerepo.service.consul/puppet7/el/8-daily/x86_64/os/
gpgkey=https://packagerepo.service.consul/puppet7/el/8-daily/x86_64/os/RPM-GPG-KEY-puppet-20250406
@@ -1,19 +0,0 @@
# almalinux/8.10/puppet-base
incus_source = "almalinux8/base/latest"
deploy_files_from_image = true
use_incus = true
packages = [
"htop",
"openssh-server",
"puppet-agent",
"puppet-initial"
]
scripts_pre_packages = [
"dnf makecache",
"dnf update -y",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf",
"systemctl enable sshd"
]
@@ -1 +0,0 @@
20250712
@@ -1,12 +1,11 @@
# almalinux/8.10/rpmbuilder
docker_source = "git.unkin.net/unkin/almalinux8-base:latest"
docker_source = "git.query.consul/unkin/almalinux8-base:latest"
packages = [
"asciidoc",
"autoconf",
"automake",
"binutils",
"bison",
"buildah",
"byacc",
"cmake",
"diffstat",
@@ -20,6 +19,7 @@ packages = [
"intltool",
"jna",
"ltrace",
"make",
"nfpm",
"patchutils",
"perl-Fedora-VSP",
-1
View File
@@ -1 +0,0 @@
20260117
@@ -1,16 +1,14 @@
# almalinux/9.7/actionsdind
deploy_files_from_common = true
include_incus_client_certs = true
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
# almalinux/9.5/actionsdind
docker_source = "git.query.consul/unkin/almalinux9-base:latest"
packages = [
"bash",
"consul",
"docker-ce-cli",
"incus-client",
"incus-tools",
"jq",
"make",
"nodejs",
"opentofu",
"packer",
"terraform",
"terragrunt",
"unzip",
"vault"
@@ -0,0 +1,6 @@
[appstream]
name=appstream repository
baseurl=https://edgecache.query.consul/almalinux/9.5/AppStream/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -0,0 +1,6 @@
[baseos]
name=baseos repository
baseurl=https://edgecache.query.consul/almalinux/9.5/BaseOS/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -0,0 +1,5 @@
# new repo for EL9+, replaces PowerTools repo
[crb]
name=crb repository
baseurl=https://edgecache.query.consul/almalinux/9.5/CRB/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
@@ -0,0 +1,6 @@
[epel]
name=epel repository
baseurl=https://edgecache.query.consul/epel/9/Everything/x86_64
gpgkey=https://edgecache.query.consul/epel/RPM-GPG-KEY-EPEL-9
enabled=1
gpgcheck=1
@@ -0,0 +1,4 @@
[extras]
name=extras repository
baseurl=https://edgecache.query.consul/almalinux/9.5/extras/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
@@ -0,0 +1,4 @@
[highavailability]
name=highavailability repository
baseurl=https://edgecache.query.consul/almalinux/9.5/HighAvailability/x86_64/os
gpgkey=https://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-9
@@ -0,0 +1,6 @@
[unkin]
name=unkin repository
baseurl=https://git.query.consul/api/packages/unkin/rpm/almalinux/el9
gpgkey=https://git.query.consul/api/packages/unkin/rpm/repository.key
enabled=1
gpgcheck=0
@@ -0,0 +1,23 @@
# almalinux/9.5/base
deploy_files_from_image = true
deploy_files_from_common = true
use_incus = false
packages = [
"git",
"jq",
"uv",
"wget",
]
scripts_pre_file_copy = [
"rm -f /etc/yum.repos.d/*.repo",
"curl -k -o internal-ca-certificates.rpm https://git.query.consul/unkin/-/packages/rpm/internal-ca-certificates/20240825-1.el8/files/756 && rpm -i internal-ca-certificates.rpm"
]
scripts_pre_packages = [
"dnf makecache",
"dnf update -y",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
@@ -1,6 +1,13 @@
# almalinux/9.7/jupyterlab
# almalinux/9.5/jupyterlab
deploy_files_from_common = true
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
docker_source = "git.query.consul/unkin/almalinux9-base:latest"
packages = [
"uv",
"python3.11",
"python3.11-pip",
"python3.12",
"python3.12-pip"
]
scripts_pre_file_copy = [
"dnf install -y sudo",
]
@@ -1,12 +1,11 @@
# fedora/44/rpmbuilder
docker_source = "git.unkin.net/unkin/fedora44-base:latest"
# almalinux/9.5/rpmbuilder
docker_source = "git.query.consul/unkin/almalinux9-base:latest"
packages = [
"asciidoc",
"autoconf",
"automake",
"binutils",
"bison",
"buildah",
"byacc",
"cmake",
"diffstat",
@@ -20,6 +19,7 @@ packages = [
"intltool",
"jna",
"ltrace",
"make",
"nfpm",
"patchutils",
"perl-Fedora-VSP",
-1
View File
@@ -1 +0,0 @@
20260606
@@ -1,22 +0,0 @@
# almalinux/9.7/artifactapi
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"sudo"
]
scripts_post_packages = [
"git clone https://git.unkin.net/unkin/artifactapi.git /app/artifactapi && uv build --wheel /app/artifactapi",
"useradd -m -r -s /bin/sh appuser && chown -R appuser:appuser /app",
"sudo -u appuser uv tool install --from /app/artifactapi/dist/*.whl artifactapi",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
docker_changes = [
"EXPOSE 8000",
"HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 CMD curl -f http://localhost:8000/health || exit 1",
"USER appuser",
"ENV PATH=\"/home/appuser/.local/bin:$PATH\"",
"WORKDIR /app",
"CMD [\"artifactapi\"]"
]
-1
View File
@@ -1 +0,0 @@
2.1.2
@@ -1,6 +0,0 @@
[appstream]
name=appstream repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux-vault/9.7/AppStream/x86_64/os
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux-vault/9.7/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[baseos]
name=baseos repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux-vault/9.7/BaseOS/x86_64/os
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux-vault/9.7/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,7 +0,0 @@
# new repo for EL9+, replaces PowerTools repo
[crb]
name=crb repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux-vault/9.7/CRB/x86_64/os
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux-vault/9.7/CRB/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[epel]
name=epel repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/epel/9/Everything/x86_64
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/epel/RPM-GPG-KEY-EPEL-9
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[ha]
name=ha repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux-vault/9.7/HighAvailability/x86_64/os
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/almalinux-vault/9.7/HighAvailability/x86_64/os/RPM-GPG-KEY-AlmaLinux-9
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[unkin]
name=unkin repository
baseurl=https://git.unkin.net/api/packages/unkin/rpm/almalinux/el9
gpgkey=https://git.unkin.net/api/packages/unkin/rpm/repository.key
enabled=1
gpgcheck=0
@@ -1,29 +0,0 @@
# almalinux/9.7/base
deploy_files_from_image = true
deploy_files_from_common = true
use_incus = true
packages = [
"git",
"jq",
"make",
"python3.11",
"python3.11-pip",
"python3.12",
"python3.12-pip",
"unkin-ca-certificates",
"uv",
"wget",
]
scripts_pre_file_copy = [
"rm -f /etc/yum.repos.d/*.repo",
"curl -k -o internal-ca-certificates.rpm https://git.unkin.net/unkin/-/packages/rpm/internal-ca-certificates/20240825-1.el8/files/756 && rpm -i internal-ca-certificates.rpm"
]
scripts_pre_packages = [
"dnf makecache",
"dnf update -y",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
-1
View File
@@ -1 +0,0 @@
20260606
@@ -1,12 +0,0 @@
# almalinux/9.7/makerun
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"g10k"
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
docker_changes = [
"CMD /usr/bin/g10k -config /etc/puppetlabs/r10k.yaml"
]
-1
View File
@@ -1 +0,0 @@
20260606
-1
View File
@@ -1 +0,0 @@
docker
@@ -1,10 +0,0 @@
# almalinux/9.7/gobuilder
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"go",
"nfpm"
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
-1
View File
@@ -1 +0,0 @@
20260606
-1
View File
@@ -1 +0,0 @@
docker
-1
View File
@@ -1 +0,0 @@
20260606
-1
View File
@@ -1 +0,0 @@
docker
@@ -1,11 +0,0 @@
# almalinux/9.7/makerun
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"kubeconform",
"kustomize",
"helm-4.0.5-1"
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
-1
View File
@@ -1 +0,0 @@
20260606
-1
View File
@@ -1 +0,0 @@
docker
@@ -1,12 +0,0 @@
# almalinux/9.7/makerun
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"sudo"
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
docker_changes = [
"CMD /usr/local/bin/run.sh"
]
-1
View File
@@ -1 +0,0 @@
20260606
-1
View File
@@ -1 +0,0 @@
docker
@@ -1,11 +0,0 @@
# almalinux/9.7/makerun
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"opentofu",
"tflint",
"terragrunt"
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
-1
View File
@@ -1 +0,0 @@
20260606
-1
View File
@@ -1 +0,0 @@
incus
@@ -1,64 +0,0 @@
# Beware! This file is rewritten by htop when settings are changed in the interface.
# The parser is also very primitive, and not human-friendly.
htop_version=3.3.0
config_reader_min_version=3
fields=0 48 17 18 38 39 40 2 46 47 49 1
hide_kernel_threads=1
hide_userland_threads=0
hide_running_in_container=0
shadow_other_users=0
show_thread_names=0
show_program_path=1
highlight_base_name=0
highlight_deleted_exe=1
shadow_distribution_path_prefix=0
highlight_megabytes=1
highlight_threads=1
highlight_changes=0
highlight_changes_delay_secs=5
find_comm_in_cmdline=1
strip_exe_from_cmdline=1
show_merged_command=0
header_margin=1
screen_tabs=1
detailed_cpu_time=0
cpu_count_from_one=0
show_cpu_usage=1
show_cpu_frequency=0
show_cpu_temperature=0
degree_fahrenheit=0
update_process_names=0
account_guest_in_cpu_meter=0
color_scheme=0
enable_mouse=1
delay=15
hide_function_bar=0
topology_affinity=0
header_layout=two_50_50
column_meters_0=CPU Memory Swap DiskIO
column_meter_modes_0=1 1 1 2
column_meters_1=Tasks LoadAverage Uptime NetworkIO
column_meter_modes_1=2 2 2 2
tree_view=1
sort_key=46
tree_sort_key=0
sort_direction=-1
tree_sort_direction=1
tree_view_always_by_pid=0
all_branches_collapsed=0
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
.sort_key=PERCENT_CPU
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=1
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE PERCENT_SWAP_DELAY PERCENT_IO_DELAY Command
.sort_key=IO_RATE
.tree_sort_key=PID
.tree_view_always_by_pid=0
.tree_view=0
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
@@ -1,6 +0,0 @@
[puppet]
name=puppet repository
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/openvox/openvox7/el/9/x86_64
gpgkey=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/openvox/GPG-KEY-openvox.pub
enabled=1
gpgcheck=1
@@ -1,19 +0,0 @@
# almalinux/9.7/puppet-base
incus_source = "almalinux9/base/latest"
deploy_files_from_image = true
use_incus = true
packages = [
"htop",
"openssh-server",
"puppet-agent",
"puppet-initial"
]
scripts_pre_packages = [
"dnf makecache",
"dnf update -y",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf",
"systemctl enable sshd"
]
-1
View File
@@ -1 +0,0 @@
20260112
@@ -1 +0,0 @@
docker
@@ -1,20 +0,0 @@
# almalinux/9.7/puppet-validator
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"rubygems",
"ruby-devel",
"gcc",
"make",
"redhat-rpm-config",
"glibc-headers",
"glibc-devel",
"libffi",
"libffi-devel"
]
scripts_pre_packages = [
"dnf -y group install \"Development Tools\""
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
@@ -1 +0,0 @@
20260317
-1
View File
@@ -1 +0,0 @@
docker
@@ -1,47 +0,0 @@
# almalinux/9.7/rpmbuilder
docker_source = "git.unkin.net/unkin/almalinux9-base:latest"
packages = [
"asciidoc",
"autoconf",
"automake",
"binutils",
"bison",
"buildah",
"byacc",
"cmake",
"diffstat",
"flex",
"gcc",
"gcc-c++",
"gdb",
"glibc-devel",
"go",
"gzip",
"intltool",
"jna",
"ltrace",
"nfpm",
"patchutils",
"perl-Fedora-VSP",
"perl-generators",
"pesign",
"pkgconf",
"pkgconf-m4",
"pkgconf-pkg-config",
"redhat-rpm-config",
"rpm",
"rpm-build",
"rpm-sign",
"rpmdevtools",
"rpmlint",
"source-highlight",
"strace",
"systemtap",
"tar",
"valgrind",
"valgrind-devel",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
-1
View File
@@ -1 +0,0 @@
20260606
-1
View File
@@ -1 +0,0 @@
docker
@@ -1,6 +0,0 @@
[updates]
name=Fedora 42 - x86_64 - Updates
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/fedora/updates/42/Everything/x86_64
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-42-primary
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[fedora]
name=Fedora 42 - x86_64
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/fedora/releases/42/Everything/x86_64/os
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-42-primary
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[gitea-unkin-fedora-42]
name=Unkin Fedora 42
baseurl=https://git.unkin.net/api/packages/unkin/rpm/fedora/42
enabled=1
gpgcheck=1
gpgkey=https://git.unkin.net/api/packages/unkin/rpm/repository.key
@@ -1,24 +0,0 @@
# fedora/42/base
docker_source = "artifactapi.k8s.syd1.au.unkin.net/dockerhub/library/fedora:42"
deploy_files_from_image = true
deploy_files_from_common = false
scripts_pre_file_copy = [
"rm -f /etc/yum.repos.d/*.repo",
"curl -sk -o unkin-ca-certificates.rpm https://git.unkin.net/unkin/-/packages/rpm/unkin-ca-certificates/2025.7.13-1.fc42/files/15674 && rpm -i unkin-ca-certificates.rpm",
]
packages = [
"git",
"jq",
"make",
"python3",
"python3-pip",
"wget",
]
scripts_pre_packages = [
"dnf makecache",
"dnf update -y",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
-1
View File
@@ -1 +0,0 @@
20260521
-1
View File
@@ -1 +0,0 @@
docker
@@ -1,47 +0,0 @@
# fedora/42/rpmbuilder
docker_source = "git.unkin.net/unkin/fedora42-base:latest"
packages = [
"asciidoc",
"autoconf",
"automake",
"binutils",
"bison",
"buildah",
"byacc",
"cmake",
"diffstat",
"flex",
"gcc",
"gcc-c++",
"gdb",
"glibc-devel",
"go",
"gzip",
"intltool",
"jna",
"ltrace",
"nfpm",
"patchutils",
"perl-Fedora-VSP",
"perl-generators",
"pesign",
"pkgconf",
"pkgconf-m4",
"pkgconf-pkg-config",
"redhat-rpm-config",
"rpm",
"rpm-build",
"rpm-sign",
"rpmdevtools",
"rpmlint",
"source-highlight",
"strace",
"systemtap",
"tar",
"valgrind",
"valgrind-devel",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
-1
View File
@@ -1 +0,0 @@
20260521
-1
View File
@@ -1 +0,0 @@
docker
@@ -1,6 +0,0 @@
[updates]
name=Fedora 43 - x86_64 - Updates
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/fedora/updates/43/Everything/x86_64
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-43-primary
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[fedora]
name=Fedora 43 - x86_64
baseurl=https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/fedora/releases/43/Everything/x86_64/os
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-43-primary
enabled=1
gpgcheck=1
@@ -1,6 +0,0 @@
[gitea-unkin-fedora-43]
name=Unkin Fedora 43
baseurl=https://git.unkin.net/api/packages/unkin/rpm/fedora/43
enabled=1
gpgcheck=1
gpgkey=https://git.unkin.net/api/packages/unkin/rpm/repository.key
@@ -1,24 +0,0 @@
# fedora/43/base
docker_source = "artifactapi.k8s.syd1.au.unkin.net/dockerhub/library/fedora:43"
deploy_files_from_image = true
deploy_files_from_common = false
scripts_pre_file_copy = [
"rm -f /etc/yum.repos.d/*.repo",
"curl -sk -o unkin-ca-certificates.rpm https://git.unkin.net/unkin/-/packages/rpm/unkin-ca-certificates/2025.7.13-1.fc43/files/15602 && rpm -i unkin-ca-certificates.rpm",
]
packages = [
"git",
"jq",
"make",
"python3",
"python3-pip",
"wget",
]
scripts_pre_packages = [
"dnf makecache",
"dnf update -y",
]
scripts_final = [
"dnf clean all",
"rm -rf /var/cache/dnf"
]
-1
View File
@@ -1 +0,0 @@
20260521
-1
View File
@@ -1 +0,0 @@
docker

Some files were not shown because too many files have changed in this diff Show More