Merge pull request #7 from JamesJonesConsulting/develop

Adding some additional tweaks for Ansible execution

.github/workflows/build.yml

@@ -22,6 +22,7 @@ env:
 jobs:
   build-and-push:
     runs-on: [ self-hosted, medium, build ]
+    timeout-minutes: 720
     container:
       image: nexus.jamesjonesconsulting.com:5444/podman/stable:latest
       # image: quay.io/podman/stable:latest
@@ -88,8 +89,12 @@ jobs:
             VERSION=$(echo "${GITHUB_REF_NAME}" | sed 's|/|-|g')
           fi
           podman build . --file Dockerfile --tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" --build-arg ARTIFACTORY=${{ matrix.registry_proxy }}
+          if [[ "$GITHUB_REF" =~ ^refs/pull.* ]]; then
+            echo "Pull requests do not get published. Only for testing"
+          else
             podman push "${{ matrix.registry }}/$IMAGE_NAME:$VERSION"
             if [[ "$GITHUB_REF" =~ ^refs/tags.* ]]; then
               podman tag "${{ matrix.registry }}/$IMAGE_NAME:$VERSION" "${{ matrix.registry }}/$IMAGE_NAME:latest"
               podman push "${{ matrix.registry }}/$IMAGE_NAME:latest"
             fi
+          fi

.gitlab-ci.yml

@@ -6,6 +6,7 @@ stages:
   variables:
     DOCKER_AUTH_CONFIG: ${HOME_NEXUS_DOCKER_AUTH_CONFIG}
   image: "$HOME_NEXUS_DOCKER_REGISTRY_SHARED/podman/stable:latest"
+  timeout: 3h 30m
   parallel:
     matrix:
       - REGISTRY_USER: $CI_REGISTRY_USER

Dockerfile

@@ -1,34 +1,28 @@
 ARG ARTIFACTORY
 FROM ${ARTIFACTORY}/podman/stable:latest
 
-# Adding on the docker alias, docker-compose and other useful stuff
+# Adding on the docker alias, docker-compose and other useful stuff including the Azure CLI and RPM build tools along with FPM
 RUN dnf install -y podman-docker buildah skopeo docker-compose \
   util-linux ansible-core openssh-clients krb5-devel krb5-libs krb5-workstation git jq wget curl unzip coreutils \
-  helm doctl kubernetes-client gnupg2 pinentry expect gh awscli
-
-# Adding the Azure CLI
-RUN rpm --import https://packages.microsoft.com/keys/microsoft.asc \
+  helm doctl kubernetes-client gnupg2 pinentry expect gh awscli \
+  && rpm --import https://packages.microsoft.com/keys/microsoft.asc \
   && dnf install -y https://packages.microsoft.com/config/rhel/9.0/packages-microsoft-prod.rpm \
-  && dnf install -y azure-cli
+  && dnf install -y azure-cli \
+  && dnf install -y rpm-build rpm-sign rubygems ruby-devel gcc gcc-c++ make libffi-devel \
+  && dnf clean all \
+  && rm -rf /var/cache/yum \
+  && wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq \
+  && chmod +x /usr/bin/yq \
+  && touch /etc/containers/nodocker
 
-# Adding some Ansible Key and Timeout setting
-ENV ANSIBLE_HOST_KEY_CHECKING=False
-ENV ANSIBLE_TIMEOUT=60
-RUN printf "\nStrictHostKeyChecking no\n" >> /etc/ssh/ssh_config
-ENV GPG_TTY /dev/console
+# Adding some Ansible Key and Timeout setting as well as accepting ssh-rsa
+ENV ANSIBLE_HOST_KEY_CHECKING=False \
+  ANSIBLE_TIMEOUT=120 \
+  GPG_TTY=/dev/console
+COPY ssh_ansible.conf /etc/ssh/ssh_config.d/99-ansible.conf
 
-# Adding RPM build tools along with FPM
-RUN dnf install -y rpm-build rpm-sign rubygems ruby-devel gcc gcc-c++ make libffi-devel
-
-RUN gem install ffi \
-    && gem install fpm
+# Ensuring the fpm tool is installed to build distro packages such as RPM and DEB
 COPY rpm-sign-expect /usr/bin
-
-RUN chmod +x /usr/bin/rpm-sign-expect
-
-# Get the latest version of the unpackage yq utility
-RUN wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq \
-  && chmod +x /usr/bin/yq
-
-# Remove the Emulate Docker CLI using podman messages
-RUN touch /etc/containers/nodocker
+RUN gem install ffi \
+  && gem install fpm \
+  && chmod +x /usr/bin/rpm-sign-expect

ssh_ansible.conf

@@ -0,0 +1,3 @@
+StrictHostKeyChecking no
+PubkeyAcceptedKeyTypes +ssh-rsa
+HostKeyAlgorithms +ssh-rsa