Automate image building and add some images

.gitmodules

@@ -1,3 +0,0 @@
-[submodule "go-import-redirector/go-import-redirector"]
-	path = go-import-redirector/go-import-redirector
-	url = https://github.com/rsc/go-import-redirector

.woodpecker.yml

@@ -0,0 +1,11 @@
+platform: linux/amd64
+steps:
+  build:
+    image: gitea.elara.ws/elara6331/builder
+    environment:
+      - REGISTRY=gitea.elara.ws
+      - REGISTRY_USERNAME=Elara6331
+    secrets: [ registry_password ]
+    commands:
+      - registry-login
+      - ./build.sh

build.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+
+# info prints an informational message
+info() {
+  echo $'\x1b[32m[INFO]\x1b[0m' "$@"
+}
+
+# error prints an error message and exits with exit code 1
+error() {
+  echo $'\x1b[31;1m[ERR]\x1b[0m' "$@"
+  exit 1
+}
+
+# Check if the required environment variables are set
+if [ -z "${CI_PREV_COMMIT_SHA}" ] || [ -z "${CI_COMMIT_SHA}" ]; then
+    error "CI_PREV_COMMIT_SHA and CI_COMMIT_SHA environment variables must be set."
+fi
+
+# Get the list of changed files between the previous commit and the current commit
+changed_files=$(git diff --name-only "${CI_PREV_COMMIT_SHA}" "${CI_COMMIT_SHA}")
+
+# Declare an associative array to store unique changed directories
+declare -A changed_directories
+
+# Iterate over changed files and extract the directories
+for file in $changed_files; do
+    directory=$(dirname "$file")
+    # We don't want to execute this script recursively, so skip the current directory if it shows up
+    if [[ "$directory" != "." ]]; then
+    	changed_directories["$directory"]=1
+    fi
+done
+
+if [[ "${#changed_directories[@]}" == 0 ]]; then
+	info "Nothing to do. Exiting..."
+	exit 0
+fi
+
+# Iterate over changed directories and execute build.sh if it exists
+for dir in "${!changed_directories[@]}"; do
+    build_script="${dir}/build.sh"
+    if [ -f "${build_script}" ]; then
+    	info "Entering ${dir}..."
+    	pushd "${dir}" >/dev/null || error "pushd failed"
+    	info "Executing ${build_script}..."
+        # ./build.sh || error "${build_script} failed"
+        info "Finished executing ${build_script}"
+        popd >/dev/null || error "popd failed"
+        info "Exited ${dir}"
+    fi
+done
+
+info "Done!"

builder/Dockerfile

@@ -0,0 +1,7 @@
+FROM alpine:edge
+RUN apk add --no-cache go git gcc bash abuild
+RUN apk add --no-cache ko --repository=https://dl-cdn.alpinelinux.org/alpine/edge/testing
+RUN apk add --no-cache --allow-untrusted apko --repository=https://packages.wolfi.dev/os
+RUN wget -O /usr/bin/lure https://api.minio.elara.ws/adl/lure/lure-amd64 && chmod +x /usr/bin/lure
+COPY lure.toml /root/.config/lure/lure.toml
+COPY login.sh /bin/registry-login

builder/README.md

@@ -0,0 +1,3 @@
+# builder
+
+This is the image used to build the other images. It includes [ko](https://ko.build/), [apko](https://github.com/chainguard-dev/apko), [lure](https://lure.elara.ws), and [abuild](https://wiki.alpinelinux.org/wiki/Abuild_and_Helpers).

builder/login.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# Check if the required environment variables are set
+if [ -z "${REGISTRY}" ] || [ -z "${REGISTRY_USERNAME}" ] || [ -z "${REGISTRY_PASSWORD}" ]; then
+    echo "The REGISTRY, REGISTRY_USERNAME, and REGISTRY_PASSWORD environment variables must be set."
+    exit 1
+fi
+
+# Log in to the registry using ko. This should generate a config.json with the authentication info.
+echo "Logging in to ${REGISTRY}..."
+ko login "${REGISTRY}" -u "${REGISTRY_USERNAME}" --password-stdin <<<"${REGISTRY_PASSWORD}" || exit 2

builder/lure.toml

@@ -0,0 +1,10 @@
+rootCmd = 'sudo'
+pagerStyle = 'native'
+ignorePkgUpdates = []
+
+[[repo]]
+name = 'default'
+url = 'https://github.com/Elara6331/lure-repo.git'
+
+[unsafe]
+allowRunAsRoot = true

builder/update-builder.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+set -e
+
+docker build . -t gitea.elara.ws/elara6331/builder:latest --no-cache
+docker login gitea.elara.ws
+docker push gitea.elara.ws/elara6331/builder:latest

go-import-redirector/build.sh

@@ -1,7 +1,17 @@
 #!/bin/bash
 
+set -e
+
+# Clone go-import-redirector and enter its directory
+git clone https://github.com/rsc/go-import-redirector
 pushd go-import-redirector
-KO_DOCKER_REPO=gitea.elara.ws/elara6331 ko build -B \
+
+# Build and publish the image
+KO_DOCKER_REPO=gitea.elara.ws/elara6331 \
+KO_DEFAULTBASEIMAGE=gitea.elara.ws/elara6331/static \
+ko build -B \
 	--platform=linux/amd64,linux/arm64,linux/riscv64 \
 	--sbom=none
+
+# Leave the go-import-redirector directory
 popd

go-import-redirector/go-import-redirector

@@ -1 +0,0 @@
-Subproject commit 4b5c2b9050dfbdc8830f5220e610adb0d75c539f

golang/Dockerfile

@@ -1,3 +0,0 @@
-FROM alpine:edge
-RUN apk add --no-cache go
-CMD go

golang/apko.yaml

@@ -0,0 +1,27 @@
+contents:
+  keyring:
+    - ./pkgs/keyring.rsa.pub
+  repositories:
+    - https://dl-cdn.alpinelinux.org/alpine/edge/main
+    - ./pkgs
+  packages:
+    - alpine-base
+    - go-bin
+
+accounts:
+  groups:
+    - groupname: nonroot
+      gid: 65532
+  users:
+    - username: nonroot
+      uid: 65532
+      gid: 65532
+  run-as: 65532
+
+entrypoint:
+  command: go
+
+archs:
+  - amd64
+  - arm64
+  - riscv64

golang/build.sh

@@ -1,10 +1,23 @@
 #!/bin/bash
 
-if [[ $# == 0 ]]; then
-	echo "Usage: $0 <arch>"
-	exit 1
-fi
+set -e
 
-docker login gitea.elara.ws
-docker build . -t "gitea.elara.ws/elara6331/golang:$1" --no-cache
-docker push "gitea.elara.ws/elara6331/golang:$1"
+lure_cmd="lure --interactive=false build -p default/go-bin"
+LURE_ARCH="amd64" $lure_cmd
+LURE_ARCH="arm64" $lure_cmd
+LURE_ARCH="riscv64" $lure_cmd
+
+mkdir -p pkgs/{x86_64,aarch64,riscv64}
+file=(*_x86_64.apk) && mv "$file" "pkgs/x86_64/$(sed -e 's/_x86_64//g' -e 's/_/-/g' <<<$file)"
+file=(*_aarch64.apk) && mv "$file" "pkgs/aarch64/$(sed -e 's/_aarch64//g' -e 's/_/-/g' <<<$file)"
+file=(*_riscv64.apk) && mv "$file" "pkgs/riscv64/$(sed -e 's/_riscv64//g' -e 's/_/-/g' <<<$file)"
+
+abuild-keygen -na
+cp ~/.abuild/*.rsa.pub pkgs/keyring.rsa.pub
+
+for arch in pkgs/*/; do	
+	apk index "$arch"/*.apk > "$arch/APKINDEX.tar.gz"
+	abuild-sign "$arch/APKINDEX.tar.gz"
+done
+
+apko publish --sbom=false apko.yaml gitea.elara.ws/elara6331/golang:latest

golang/manifest.sh

@@ -1,11 +0,0 @@
-#!/bin/bash
-
-tag="$1"
-tag="${tag:=latest}"
-
-docker login gitea.elara.ws
-docker manifest create "gitea.elara.ws/elara6331/golang:$tag" \
-	--amend gitea.elara.ws/elara6331/golang:amd64 \
-	--amend gitea.elara.ws/elara6331/golang:arm64 \
-	--amend gitea.elara.ws/elara6331/golang:riscv64
-docker manifest push "gitea.elara.ws/elara6331/golang:$tag"

static/README.md

@@ -0,0 +1,5 @@
+# static
+
+The [static image](https://gitea.elara.ws/Elara6331/-/packages/container/static/latest) is a basic image with just enough iles to run static binaries. It's meant to be used as a base image and is useless outside of that.
+
+This image will only run static binaries (i.e. Go binaries with `CGO_ENABLED=0`) as it doesn't include musl or glibc

static/apko.yaml

@@ -0,0 +1,23 @@
+contents:
+  repositories:
+    - https://dl-cdn.alpinelinux.org/alpine/edge/main
+  packages:
+    - alpine-baselayout-data
+    - alpine-release
+    - ca-certificates-bundle
+    - tzdata
+
+accounts:
+  groups:
+    - groupname: nonroot
+      gid: 65532
+  users:
+    - username: nonroot
+      uid: 65532
+      gid: 65532
+  run-as: 65532
+
+archs:
+  - amd64
+  - arm64
+  - riscv64

static/build.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+set -e
+apko publish --sbom=false apko.yaml gitea.elra.ws/elara6331/static:latest 

webserver/build.sh

@@ -1,7 +1,11 @@
 #!/bin/bash
 
+set -e
+
 pushd cmd
-KO_DOCKER_REPO=gitea.elara.ws/elara6331 ko build -B \
+KO_DOCKER_REPO=gitea.elara.ws/elara6331 \
+KO_DEFAULTBASEIMAGE=gitea.elara.ws/elara6331/static \
+ko build -B \
 	--platform=linux/amd64,linux/arm64,linux/riscv64 \
 	--sbom=none
 popd