diff --git a/.circleci/config.yml b/.circleci/config.yml index 72a6cff7e..645b031a2 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -791,10 +791,6 @@ workflows: - build: name: build-contour container-image: contour - - build: - name: build-coredns - container-image: coredns - scan: true - build: name: build-csi-attacher container-image: csi-attacher @@ -825,10 +821,6 @@ workflows: requires: - build-envoy scan: true - - build: - name: build-etcd - container-image: etcd - scan: true - build: name: build-external-dns container-image: external-dns @@ -896,10 +888,6 @@ workflows: container-image: storage-version-migration dir: kube-storage-version-migrator targets: initializer migrator trigger - - build: - name: build-kubernetes - container-image: kubernetes - scan: true - build: name: build-local-pv-provisioner container-image: local-pv-provisioner @@ -935,9 +923,6 @@ workflows: name: build-opentelemetry-collector container-image: opentelemetry-collector scan: true - - build: - name: build-pause - container-image: pause - build: name: build-pomerium container-image: pomerium @@ -998,9 +983,6 @@ workflows: - build: name: build-unbound container-image: unbound - - build: - name: build-unbound_exporter - container-image: unbound_exporter - build: name: build-vault container-image: vault diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 519ee8515..5c8adbf64 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -9,6 +9,18 @@ jobs: strategy: matrix: job: + - dir: "./bird" + container-image: "bird" + scan: "true" + - dir: "./coredns" + container-image: "coredns" + scan: "true" + - dir: "./etcd" + container-image: "etcd" + scan: "true" + - dir: "./fluent-bit" + container-image: "fluent-bit" + scan: "true" - dir: "./golang-all/golang-1.20-focal" container-image: "golang" enable_arm64: true @@ -28,32 +40,33 @@ jobs: - dir: "./haproxy" container-image: "haproxy" scan: "true" - - dir: "./trust-manager" - container-image: "trust-manager" - - dir: "./stakater-reloader" - container-image: "stakater-reloader" - - dir: "./trust-packages" - container-image: "trust-packages" + - dir: "./pause" + container-image: "pause" + - dir: "./kubernetes" + container-image: "kubernetes" + scan: "true" - dir: "./pod-delete-rate-limiter" container-image: "pod-delete-rate-limiter" make_test: true - - dir: "./spegel" - container-image: "spegel" - - dir: "./fluent-bit" - container-image: "fluent-bit" - scan: "true" - - dir: "./bird" - container-image: "bird" - scan: "true" - dir: "./serf" container-image: "serf" scan: "true" + - dir: "./trust-manager" + container-image: "trust-manager" + - dir: "./trust-packages" + container-image: "trust-packages" + - dir: "./stakater-reloader" + container-image: "stakater-reloader" + - dir: "./spegel" + container-image: "spegel" - dir: "./squid" container-image: "squid" scan: "true" - dir: "./unbound" container-image: "unbound" scan: "true" + - dir: "./unbound_exporter" + container-image: "unbound_exporter" - dir: "./vault" container-image: "vault" scan: "true" diff --git a/coredns/Dockerfile b/coredns/Dockerfile index 85324227e..c881806a4 100644 --- a/coredns/Dockerfile +++ b/coredns/Dockerfile @@ -1,4 +1,4 @@ -FROM quay.io/cybozu/golang:1.21-jammy AS build +FROM ghcr.io/cybozu/golang:1.21-jammy AS build ARG COREDNS_VERSION=1.11.1 @@ -11,7 +11,8 @@ RUN curl -sSLf https://github.com/coredns/coredns/archive/v${COREDNS_VERSION}.ta WORKDIR /go/src/github.com/coredns/coredns/ RUN make -FROM quay.io/cybozu/ubuntu:22.04 +FROM ghcr.io/cybozu/ubuntu:22.04 +LABEL org.opencontainers.image.source="https://github.com/cybozu/neco-containers" COPY --from=build /go/src/github.com/coredns/coredns/LICENSE /usr/local/coredns/LICENSE COPY --from=build /go/src/github.com/coredns/coredns/coredns /usr/local/coredns/bin/coredns diff --git a/coredns/README.md b/coredns/README.md index 905f65b4f..3155c1820 100644 --- a/coredns/README.md +++ b/coredns/README.md @@ -6,9 +6,9 @@ To launch server with specific config file. - $ docker run quay.io/cybozu/coredns:1.11 -v Corefile:/etc/coredns/Corefile -- \ + $ docker run ghcr.io/cybozu/coredns:1.11 -v Corefile:/etc/coredns/Corefile -- \ -conf /etc/coredns/Corefile ## Docker images -Docker images are available on [Quay.io](https://quay.io/repository/cybozu/coredns) +Docker images are available on [ghcr.io](https://github.com/cybozu/neco-containers/pkgs/container/coredns) diff --git a/coredns/TAG b/coredns/TAG index 44378b719..d2909f1f4 100644 --- a/coredns/TAG +++ b/coredns/TAG @@ -1 +1 @@ -1.11.1.1 +1.11.1.2 diff --git a/etcd/Dockerfile b/etcd/Dockerfile index 40bc1e19f..ef414f442 100644 --- a/etcd/Dockerfile +++ b/etcd/Dockerfile @@ -1,7 +1,7 @@ # etcd container # Stage1: build from source -FROM quay.io/cybozu/golang:1.21-jammy AS build +FROM ghcr.io/cybozu/golang:1.21-jammy AS build ARG ETCD_VERSION=3.5.10 @@ -14,7 +14,8 @@ WORKDIR /work/etcd RUN ./build.sh # Stage2: setup runtime container -FROM quay.io/cybozu/ubuntu:22.04 +FROM ghcr.io/cybozu/ubuntu:22.04 +LABEL org.opencontainers.image.source="https://github.com/cybozu/neco-containers" COPY --from=build /work/etcd/bin /usr/local/etcd/bin COPY --from=build /work/etcd/LICENSE /usr/local/etcd/LICENSE diff --git a/etcd/README.md b/etcd/README.md index e4e50e1a4..ef52ca71e 100644 --- a/etcd/README.md +++ b/etcd/README.md @@ -1,7 +1,7 @@ etcd-container ============== -[etcd](https://github.com/coreos/etcd) is a distributed reliable key-value +[etcd](https://github.com/etcd-io/etcd) is a distributed reliable key-value store provided by CoreOS. This repository provides a Dockerfile which contains `etcd` server and `etcdctl` for the client usage. @@ -13,7 +13,7 @@ To launch `etcd` by `docker run`: $ docker volume create etcd $ docker run -p 2379:2379 -p 2380:2380 --name etcd-1 \ --mount type=volume,src=etcd,target=/var/lib/etcd \ - quay.io/cybozu/etcd:3.5 \ + ghcr.io/cybozu/etcd:3.5 \ --advertise-client-urls http://0.0.0.0:2379 \ --listen-client-urls http://0.0.0.0:2379 @@ -22,7 +22,7 @@ To use `etcdctl`, first install it in a host directory `DIR`: $ docker run --rm -u root:root \ --entrypoint /usr/local/etcd/install-tools \ --mount type=bind,src=DIR,target=/host \ - quay.io/cybozu/etcd:3.5 + ghcr.io/cybozu/etcd:3.5 Then run `etcdctl` as follows: @@ -31,4 +31,4 @@ Then run `etcdctl` as follows: Docker images ------------- -Docker images are available on [Quay.io](https://quay.io/repository/cybozu/etcd) +Docker images are available on [ghcr.io](https://github.com/cybozu/neco-containers/pkgs/container/etcd) diff --git a/etcd/TAG b/etcd/TAG index 5ba1bf9d1..3841bc56e 100644 --- a/etcd/TAG +++ b/etcd/TAG @@ -1 +1 @@ -3.5.10.1 +3.5.10.2 diff --git a/kubernetes/Dockerfile b/kubernetes/Dockerfile index 4d76c2a33..2d5ea3c67 100644 --- a/kubernetes/Dockerfile +++ b/kubernetes/Dockerfile @@ -1,7 +1,7 @@ # kubernetes container # Stage1: build from source -FROM quay.io/cybozu/golang:1.21-jammy AS build +FROM ghcr.io/cybozu/golang:1.21-jammy AS build ARG K8S_VERSION=1.27.8 @@ -20,7 +20,8 @@ WORKDIR /go/src/k8s.io/kubernetes RUN make all WHAT="cmd/kube-apiserver cmd/kube-controller-manager cmd/kube-proxy cmd/kube-scheduler cmd/kubelet" GOLDFLAGS="-w -s" # Stage2: setup runtime container -FROM quay.io/cybozu/ubuntu:22.04 +FROM ghcr.io/cybozu/ubuntu:22.04 +LABEL org.opencontainers.image.source="https://github.com/cybozu/neco-containers" RUN apt-get update \ && apt-get -y install --no-install-recommends \ diff --git a/kubernetes/README.md b/kubernetes/README.md index 033b6a0d5..aab662c34 100644 --- a/kubernetes/README.md +++ b/kubernetes/README.md @@ -17,7 +17,7 @@ Usage To launch `apiserver` by `docker run`: $ docker run --net=host --name apiserver -d \ - quay.io/cybozu/kubernetes:1.27 kube-apiserver \ + ghcr.io/cybozu/kubernetes:1.27 kube-apiserver \ --advertise-address=192.168.1.101 \ --insecure-bind-address=0.0.0.0 \ --insecure-port=8080 \ @@ -28,4 +28,4 @@ To launch `apiserver` by `docker run`: Docker images ------------- -Docker images are available on [Quay.io](https://quay.io/repository/cybozu/kubernetes) +Docker images are available on [ghcr.io](https://github.com/cybozu/neco-containers/pkgs/container/kubernetes) diff --git a/kubernetes/TAG b/kubernetes/TAG index 278b8eb8e..f7c4fcd9c 100644 --- a/kubernetes/TAG +++ b/kubernetes/TAG @@ -1 +1 @@ -1.27.8.1 +1.27.8.2 diff --git a/pause/Dockerfile b/pause/Dockerfile index 2004ce9fb..e054d61ed 100644 --- a/pause/Dockerfile +++ b/pause/Dockerfile @@ -1,9 +1,9 @@ # pause container # Stage1: build from source -FROM quay.io/cybozu/ubuntu-dev:22.04 AS build +FROM ghcr.io/cybozu/ubuntu-dev:22.04 AS build -ARG K8S_VERSION=1.27.7 +ARG K8S_VERSION=1.27.8 ARG PAUSE_VERSION=3.9 RUN mkdir /work @@ -19,6 +19,7 @@ RUN curl -sSLf -O https://github.com/kubernetes/kubernetes/raw/v${K8S_VERSION}/L # Stage2: setup runtime container FROM scratch +LABEL org.opencontainers.image.source="https://github.com/cybozu/neco-containers" COPY --from=build /work/pause /pause COPY --from=build /work/LICENSE /LICENSE diff --git a/pause/README.md b/pause/README.md index c16bbc5ab..3b5182b52 100644 --- a/pause/README.md +++ b/pause/README.md @@ -11,4 +11,4 @@ Specify the image name for kubelet with `--pod-infra-container-image` option. Docker images ------------- -Docker images are available on [Quay.io](https://quay.io/repository/cybozu/pause) +Docker images are available on [ghcr.io](https://github.com/cybozu/neco-containers/pkgs/container/pause) diff --git a/pause/TAG b/pause/TAG index 294d21a62..5b35e4041 100644 --- a/pause/TAG +++ b/pause/TAG @@ -1 +1 @@ -3.9.0.2 +3.9.0.3 diff --git a/unbound_exporter/Dockerfile b/unbound_exporter/Dockerfile index 1445acd24..b73a31f46 100644 --- a/unbound_exporter/Dockerfile +++ b/unbound_exporter/Dockerfile @@ -1,7 +1,7 @@ # unbound_exporter container # Stage1: build from source -FROM quay.io/cybozu/golang:1.21-jammy AS build +FROM ghcr.io/cybozu/golang:1.21-jammy AS build #ARG UNBOUND_EXPORTER_REPO=letsencrypt/unbound_exporter ARG UNBOUND_EXPORTER_REPO=cybozu-go/unbound_exporter @@ -16,6 +16,7 @@ RUN curl -fsSL -o unbound_exporter.tar.gz "https://github.com/${UNBOUND_EXPORTER # Stage2: setup runtime container FROM scratch +LABEL org.opencontainers.image.source="https://github.com/cybozu/neco-containers" COPY --from=build /go/bin/unbound_exporter /bin/unbound_exporter COPY --from=build /work/LICENSE / diff --git a/unbound_exporter/README.md b/unbound_exporter/README.md index b6724385a..610901feb 100644 --- a/unbound_exporter/README.md +++ b/unbound_exporter/README.md @@ -8,4 +8,4 @@ This container contains unbound_exporter, a Prometheus exporter for Unbound. Docker images ------------- -Docker images are available on [Quay.io](https://quay.io/repository/cybozu/unbound_exporter) +Docker images are available on [ghcr.io](https://github.com/cybozu/neco-containers/pkgs/container/unbound_exporter) diff --git a/unbound_exporter/TAG b/unbound_exporter/TAG index f1cf2d1ad..3b77b494a 100644 --- a/unbound_exporter/TAG +++ b/unbound_exporter/TAG @@ -1 +1 @@ -0.4.4.1 +0.4.4.2