ratigorsk/podman-in-docker
2
0
Fork 0
Code Actions Packages Activity

Adding on the nss-tools package for certutil

Browse Source
This commit is contained in:
James Jones
2025-02-01 17:36:06 +00:00
parent 94000acba6
commit c37c8989bb
2 changed files with 28 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
.github/workflows/build.yml vendored
View File

@@ -21,20 +21,27 @@ env:
jobs:
build-and-push:
runs-on: [ self-hosted, medium, build ]
runs-on: jamesjonesconsulting-arch-gha-set
# runs-on: [ self-hosted, medium, build ]
timeout-minutes: 720
container:
image: nexus.jamesjonesconsulting.com:5444/podman/stable:latest
# image: quay.io/podman/stable:latest
options: --userns=keep-id --group-add keep-groups --privileged --user root
credentials:
username: ${{ secrets.HOME_NEXUS_DOCKER_USER }}
password: ${{ secrets.HOME_NEXUS_DOCKER_PASSWORD }}
# options: '--user root'
options: >-
--user root:root
# --privileged
# --group-add keep-groups
# --userns=keep-id
# credentials:
# username: ${{ secrets.HOME_NEXUS_DOCKER_USER }}
# password: ${{ secrets.HOME_NEXUS_DOCKER_PASSWORD }}
strategy:
fail-fast: false
max-parallel: 2
matrix:
registry: [ 'ghcr.io', 'nexus.jamesjonesconsulting.com:5443' ]
# registry: [ 'ghcr.io', 'nexus.jamesjonesconsulting.com:5443' ]
registry: [ 'ghcr.io' ]
include:
- registry: ghcr.io
user: GITHUB_DOCKER_USER
@@ -42,12 +49,12 @@ jobs:
registry_proxy: $NEXUS_PROXY_REGISTRY
proxy_user: NEXUS_DOCKER_USER
proxy_password: HOME_NEXUS_DOCKER_PASSWORD
- registry: nexus.jamesjonesconsulting.com:5443
user: NEXUS_DOCKER_USER
password: HOME_NEXUS_DOCKER_PASSWORD
registry_proxy: $NEXUS_PROXY_REGISTRY
proxy_user: NEXUS_DOCKER_USER
proxy_password: HOME_NEXUS_DOCKER_PASSWORD
# - registry: nexus.jamesjonesconsulting.com:5443
# user: NEXUS_DOCKER_USER
# password: HOME_NEXUS_DOCKER_PASSWORD
# registry_proxy: $NEXUS_PROXY_REGISTRY
# proxy_user: NEXUS_DOCKER_USER
# proxy_password: HOME_NEXUS_DOCKER_PASSWORD
steps:
# Downloads a copy of the code in your repository before running CI tests
- name: Check out repository code
@@ -61,12 +68,12 @@ jobs:
login-server: ${{ matrix.registry }}
username: ${{ env[matrix.user] }}
password: ${{ secrets[matrix.password] }}
- name: Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ matrix.registry_proxy }}
username: ${{ env[matrix.proxy_user] }}
password: ${{ secrets[matrix.proxy_password] }}
# - name: Docker Login
# uses: azure/docker-login@v1
# with:
# login-server: ${{ matrix.registry_proxy }}
# username: ${{ env[matrix.proxy_user] }}
# password: ${{ secrets[matrix.proxy_password] }}
# This requires docker buildx which podman doesn't support
# - name: Extract metadata (tags, labels) for Docker
# id: meta
@@ -88,7 +95,8 @@ jobs:
else
VERSION=$(echo "${GITHUB_REF_NAME}" | sed 's|/|-|g')
fi
podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry_proxy }}
podman build . --userns-gid-map-group=1001 --userns-uid-map-user=1001 --file Dockerfile \
--tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry_proxy }}
if [[ "$GITHUB_REF" =~ ^refs/pull.* ]]; then
echo "Pull requests do not get published. Only for testing"
else

2
Dockerfile
View File

@@ -16,7 +16,7 @@ RUN dnf install -y --nogpgcheck \
# docker-compose - broken dependencies in F38 so removing
RUN dnf install -y podman-docker buildah skopeo \
util-linux ansible-core openssh-clients krb5-devel krb5-libs krb5-workstation git jq wget curl unzip coreutils \
samba-client samba-common cifs-utils helm doctl gnupg2 pinentry expect gh awscli glab yq \
nss-tools samba-client samba-common cifs-utils helm doctl gnupg2 pinentry expect gh awscli glab yq \
python3-jsonpatch python3-requests-oauthlib python3-kubernetes python3-pyyaml python3-pip \
&& curl -k -s -o - \
https://nexus.jamesjonesconsulting.com/repository/package-config/dist/proxy/rpmfusion/rpmfusion-setup-proxy-repos.sh |\