don't use build cache

set labels, move makefile logic into dockerfile, pr pipeline

.gitea/workflows/build-docker-images.yml

@@ -0,0 +1,90 @@
+name: Docker Image CI
+
+on:
+  workflow_dispatch:
+    branches: [ main ]
+  push:
+    branches: [ master, verbose-dockerfile-pipeline-test ]
+  pull_request:
+    branches: [ master ]
+  schedule:
+    - cron: '0 5 * * 3'
+  
+jobs:
+
+  build:
+    runs-on: ubuntu-latest
+    timeout-minutes: 90
+    strategy:
+      fail-fast: true
+      matrix:
+        images:
+          [
+            openrc
+          ]
+    env:
+      REGISTRY: gitea.artixlinux.org
+      DH_REGISTRY: docker.io
+      REPO_ORG: ${{ gitea.repository_owner }}
+      IMAGE_NAME: artixlinux
+      ABSOLUTE_IMAGE: ${{ env.REGISTRY }}/${{ env.REPO_ORG }}/${{ env.IMAGE_NAME }}
+      ABSOLUTE_DH_IMAGE: ${{ env.DH_REGISTRY }}/artixlinux/${{ env.IMAGE_NAME }}
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+    - name: Checkout repository
+      uses: https://github.com/actions/checkout@v4
+    - name: Set up docker
+      run: curl -fsSL https://get.docker.com | sh
+    # - name: Define metadata variables
+    #   run: |
+    #     sed -i "s/ARG version=.*/ARG version=$(date +'%Y%m%d').0.${{ gitea.sha }}/" Dockerfile
+    #     sed -i "s/ARG githash=.*/ARG githash=${{ gitea.sha }}/" Dockerfile
+    #     sed -i "s/ARG created=.*/ARG created=$(date -u +'%Y-%m-%dT%H:%M:%S%:z')/" Dockerfile
+    #     cat Dockerfile
+    - name: Build Docker image
+      uses: https://github.com/docker/build-push-action@v5
+      with:
+        push: false
+        pull: true
+        no-cache: true
+        context: .
+        build-args:  |
+          img=${{ matrix.images }}          
+        tags: "${{ env.ABSOLUTE_IMAGE }}:base-${{ matrix.images }}-test,${{ env.ABSOLUTE_DH_IMAGE }}:${{ matrix.images }}-test"
+    - name: Create latest tag
+      if: matrix.images == 'devel'
+      uses: https://github.com/docker/build-push-action@v5
+      with:
+        push: false
+        pull: false
+        context: .
+        build-args:  |
+          img=${{ matrix.images }}          
+        tags: "${{ env.ABSOLUTE_IMAGE }}:latest,${{ env.ABSOLUTE_DH_IMAGE }}:latest"
+    - name: Log in to the Container registry
+      uses: https://github.com/docker/login-action@v2
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ gitea.actor }}
+        password: ${{ secrets.PAT }}
+    - name: Push to Gitea
+      if: ( gitea.event_name == 'push' && github.ref == 'refs/heads/master' ) || gitea.event_name == 'schedule'
+      run: docker push "${{ env.ABSOLUTE_IMAGE }}:base-${{ matrix.images }}-test"
+    - name: Push latest tag
+      if: ( ( gitea.event_name == 'push' && github.ref == 'refs/heads/master' ) || gitea.event_name == 'schedule' ) && matrix.images == 'devel'
+      run: docker push "${{ env.ABSOLUTE_IMAGE }}:latest"
+    - name: Log in to the Docker Hub
+      uses: https://github.com/docker/login-action@v2
+      with:
+        registry: ${{ env.DH_REGISTRY }}
+        username: ${{ secrets.DOCKERHUB_USER }}
+        password: ${{ secrets.DOCKERHUB }}
+    - name: Push to Docker Hub
+      if: ( gitea.event_name == 'push' && github.ref == 'refs/heads/master' ) || gitea.event_name == 'schedule'
+      run: docker push "${{ env.ABSOLUTE_DH_IMAGE }}:${{ matrix.images }}-test"
+    - name: Push latest tag
+      if: ( ( gitea.event_name == 'push' && github.ref == 'refs/heads/master' ) || gitea.event_name == 'schedule' ) && matrix.images == 'devel'
+      run: docker push "${{ env.ABSOLUTE_DH_IMAGE }}:latest"

.gitea/workflows/push-docker-description.yml

@@ -0,0 +1,25 @@
+name: Docker Hub Description
+
+on:
+  push:
+    branches: [ master ]
+    paths: [ dockerhub-readme.md ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    timeout-minutes: 90
+  
+    steps:
+    - name: Checkout repository
+      uses: https://github.com/actions/checkout@v4
+    - name: Push Docker Hub description
+      uses: https://github.com/christian-korneck/update-container-description-action@v1
+      env:
+        DOCKER_USER: ${{ secrets.DOCKERHUB_USER }}
+        DOCKER_PASS: ${{ secrets.DOCKERHUB }}
+      with:
+        destination_container_repo: artixlinux/artixlinux
+        provider: dockerhub
+        short_description: 'Artix Linux is a fork of Arch Linux that respects init freedom.'
+        readme_file: 'dockerhub-readme.md'

Dockerfile

@@ -0,0 +1,59 @@
+FROM gitea.artixlinux.org/artixdocker/artixlinux:latest as base
+
+RUN pacman -Syu --noconfirm && \
+  pacman -Sy --noconfirm artools curl make fakechroot fakeroot
+WORKDIR /usr/artixlinux-docker
+COPY . .
+
+FROM base as build
+ARG img=base-devel
+ENV working=/usr/artixlinux-docker
+ENV BUILDDIR=${working}/build
+ENV OUTPUTDIR=${working}/output
+WORKDIR ${working}
+RUN mkdir -vp ${BUILDDIR}/alpm-hooks/usr/share/libalpm/hooks && \
+  find /usr/share/libalpm/hooks -exec ln -sf /dev/null ${BUILDDIR}/alpm-hooks{} \; && \
+  mkdir -vp ${BUILDDIR}/var/lib/pacman/ ${OUTPUTDIR} && \
+  install -Dm644 /usr/share/artools/pacman.conf.d/galaxy-x86_64.conf ${BUILDDIR}/etc/pacman.conf && \
+  cat pacman-conf.d-noextract.conf >> ${BUILDDIR}/etc/pacman.conf && \
+  fakechroot fakeroot pacman -Sy -r ${BUILDDIR} --noconfirm --dbpath ${BUILDDIR}/var/lib/pacman --config ${BUILDDIR}/etc/pacman.conf --noscriptlet --hookdir ${BUILDDIR}/alpm-hooks/usr/share/libalpm/hooks/ ${img} && \
+  rsync -rt --backup --suffix=.pacnew rootfs/* ${BUILDDIR}/ && \
+  fakechroot fakeroot chroot ${BUILDDIR} update-ca-trust && \
+  fakechroot fakeroot chroot ${BUILDDIR} sh -c 'pacman-key --init && pacman-key --populate && rm -rf etc/pacman.d/gnupg/{openpgp-revocs.d/,private-keys-v1.d/,pubring.gpg~,gnupg.S.}*' && \
+  ln -fs /usr/lib/os-release ${BUILDDIR}/etc/os-release && \
+  sed -i -e 's/^root::/root:!:/' "${BUILDDIR}/etc/shadow" && \
+  fakeroot tar --numeric-owner --xattrs --acls --exclude-from=exclude -C ${BUILDDIR} -c . -f ${OUTPUTDIR}/${img}.tar
+WORKDIR ${OUTPUTDIR}
+RUN zstd --long -T0 -8 ${img}.tar; sha256sum ${img}.tar.zst > ${img}.tar.zst.SHA256
+
+
+WORKDIR ${OUTPUTDIR}
+RUN ROOTFS=${img}.tar.zst && \
+    sha256sum -c ${img}.tar.zst.SHA256 && \
+    mkdir /rootfs && \
+    tar -C /rootfs --extract --file "${ROOTFS}"
+
+FROM scratch AS root
+ARG img=base-devel
+ARG version=VERSION
+ARG githash=REVISION
+ARG created=CREATED
+LABEL org.opencontainers.image.title="Artix Linux ${img} Image"
+LABEL org.opencontainers.image.description="Official containerd image of Artix Linux, a fork of Arch Linux that respects init freedom."
+LABEL org.opencontainers.image.vendor="Artix Linux"
+LABEL org.opencontainers.image.authors="Cory Sanin <corysanin@artixlinux.org>, artoo <artoo@artixlinux.org>, Chris Cromer <cromer@artixlinux.org>"
+LABEL org.opencontainers.image.url="https://gitea.artixlinux.org/artixdocker"
+LABEL org.opencontainers.image.documentation="https://wiki.artixlinux.org/"
+LABEL org.opencontainers.image.source="https://gitea.artixlinux.org/artixdocker/artixlinux-docker"
+LABEL org.opencontainers.image.licenses="GPL-3.0-or-later"
+LABEL org.opencontainers.image.version="${version}"
+LABEL org.opencontainers.image.revision="${githash}"
+LABEL org.opencontainers.image.created="${created}"
+
+COPY --from=build /rootfs/ /
+
+RUN ldconfig && \
+    sed -i "/BUILD_ID/a VERSION_ID=${version}" /etc/os-release
+
+ENV LANG=C.UTF-8
+CMD ["/usr/bin/bash"]

Jenkinsfile

@@ -1,3 +1,3 @@
-@Library('docker-ci@base-openrc') import org.artixlinux.DockerImage
+@Library('docker-ci') import org.artixlinux.DockerImage
 
 ImagePipeline(new DockerImage(this))

Makefile

@@ -9,7 +9,7 @@ define rootfs
 	find /usr/share/libalpm/hooks -exec ln -sf /dev/null $(BUILDDIR)/alpm-hooks{} \;
 
 	mkdir -vp $(BUILDDIR)/var/lib/pacman/ $(OUTPUTDIR)
-	install -Dm644 /usr/share/artools/pacman-default.conf $(BUILDDIR)/etc/pacman.conf
+	install -Dm644 /usr/share/artools/pacman.conf.d/galaxy-x86_64.conf $(BUILDDIR)/etc/pacman.conf
 	cat pacman-conf.d-noextract.conf >> $(BUILDDIR)/etc/pacman.conf
 
 	fakechroot fakeroot pacman -Sy -r $(BUILDDIR) \
@@ -28,7 +28,7 @@ define rootfs
 	ln -fs /usr/lib/os-release $(BUILDDIR)/etc/os-release
 
 	# add system users
-	fakechroot fakeroot chroot $(BUILDDIR) /usr/bin/sysusers --root "/"
+	#fakechroot fakeroot chroot $(BUILDDIR) /usr/bin/sysusers --root "/"
 
 	# remove passwordless login for root (see CVE-2019-5021 for reference)
 	sed -i -e 's/^root::/root:!:/' "$(BUILDDIR)/etc/shadow"

README.md

@@ -6,16 +6,35 @@ This repository contains all scripts and files needed to create a Docker images
 
 Install the following Artix Linux packages:
 * make
-* artools
+* fakechroot
 * docker
+* fakeroot
+* artools
 
 ## Usage
 
-Run `make docker-image` to build the base image.
+Run `make image-base-devel` to build the base devel image.
 
-Run `make docker-image-openrc` to build the openrc image.
+Run `make image-base-openrc` to build the openrc base image.
 
-Run `make docker-image-runit` to build the runit image.
+Run `make image-base-runit` to build the runit base image.
+
+Run `make image-base-s6` to build the s6 base image.
+
+Run `make image-base-dinit` to build the dinit base image.
+
+
+Alternatively:
+
+Run `make dockerfile-base-devel` to build the base devel dockerfile.
+
+Run `make dockerfile-base-openrc` to build the openrc base dockerfile.
+
+Run `make dockerfile-base-runit` to build the runit base dockerfile.
+
+Run `make dockerfile-base-s6` to build the s6 base dockerfile.
+
+Run `make dockerfile-base-dinit` to build the dinit base dockerfile.
 
 ## Purpose
 

dockerhub-readme.md

@@ -0,0 +1,38 @@
+# Quick reference
+
+* **Maintained by**:
+
+  [Cory Sanin](https://artixlinux.org/kotnr.php#Cory%20Sanin), [artoo](https://artixlinux.org/kotor.php#Marcus%20von%20Ditfurth), [Chris Cromer](https://artixlinux.org/kotor.php#Chris%20Cromer)
+
+* **Where to get help**:
+
+  [Artix Wiki](https://wiki.artixlinux.org/), [Artix Linux Forum](https://forum.artixlinux.org/)
+
+# Supported tags
+
+* latest, devel
+* dinit
+* openrc
+* runit
+* s6
+
+## Dockerfile repo
+
+[artixlinux-docker](https://gitea.artixlinux.org/artixdocker/artixlinux-docker)
+
+# Purpose
+
+* Provide Artix Linux in a Docker Image
+* Provide the most simple but complete image to base every other upon
+* `pacman` needs to work out of the box
+* All installed packages have to be kept unmodified
+
+
+# How to run
+
+```
+docker pull artixlinux/artixlinux:devel
+docker run -it --rm artixlinux/artixlinux:devel /bin/bash
+```
+
+Note that `--rm` removes the container on exit.