From cc537c55c471d07a899e68c17d28dfdade87ee91 Mon Sep 17 00:00:00 2001 From: Masayuki Ishii Date: Mon, 4 Dec 2023 03:57:34 +0000 Subject: [PATCH 1/6] sort Signed-off-by: Masayuki Ishii --- .github/workflows/main.yaml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 519ee8515..90de10631 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -9,6 +9,12 @@ jobs: strategy: matrix: job: + - dir: "./bird" + container-image: "bird" + scan: "true" + - dir: "./fluent-bit" + container-image: "fluent-bit" + scan: "true" - dir: "./golang-all/golang-1.20-focal" container-image: "golang" enable_arm64: true @@ -28,26 +34,20 @@ jobs: - dir: "./haproxy" container-image: "haproxy" scan: "true" - - dir: "./trust-manager" - container-image: "trust-manager" - - dir: "./stakater-reloader" - container-image: "stakater-reloader" - - dir: "./trust-packages" - container-image: "trust-packages" - dir: "./pod-delete-rate-limiter" container-image: "pod-delete-rate-limiter" make_test: true - - dir: "./spegel" - container-image: "spegel" - - dir: "./fluent-bit" - container-image: "fluent-bit" - scan: "true" - - dir: "./bird" - container-image: "bird" - scan: "true" - dir: "./serf" container-image: "serf" scan: "true" + - dir: "./trust-manager" + container-image: "trust-manager" + - dir: "./trust-packages" + container-image: "trust-packages" + - dir: "./stakater-reloader" + container-image: "stakater-reloader" + - dir: "./spegel" + container-image: "spegel" - dir: "./squid" container-image: "squid" scan: "true" From a9713f9ffbe9df2159a98960d31a8bb07cff5fda Mon Sep 17 00:00:00 2001 From: Masayuki Ishii Date: Mon, 4 Dec 2023 04:05:40 +0000 Subject: [PATCH 2/6] Migrate etcd container to ghcr.io Signed-off-by: Masayuki Ishii --- .circleci/config.yml | 4 ---- .github/workflows/main.yaml | 3 +++ etcd/Dockerfile | 5 +++-- etcd/README.md | 8 ++++---- etcd/TAG | 2 +- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 72a6cff7e..cf2ddc5b5 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -825,10 +825,6 @@ workflows: requires: - build-envoy scan: true - - build: - name: build-etcd - container-image: etcd - scan: true - build: name: build-external-dns container-image: external-dns diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 90de10631..baa183707 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -12,6 +12,9 @@ jobs: - dir: "./bird" container-image: "bird" scan: "true" + - dir: "./etcd" + container-image: "etcd" + scan: "true" - dir: "./fluent-bit" container-image: "fluent-bit" scan: "true" diff --git a/etcd/Dockerfile b/etcd/Dockerfile index 40bc1e19f..ef414f442 100644 --- a/etcd/Dockerfile +++ b/etcd/Dockerfile @@ -1,7 +1,7 @@ # etcd container # Stage1: build from source -FROM quay.io/cybozu/golang:1.21-jammy AS build +FROM ghcr.io/cybozu/golang:1.21-jammy AS build ARG ETCD_VERSION=3.5.10 @@ -14,7 +14,8 @@ WORKDIR /work/etcd RUN ./build.sh # Stage2: setup runtime container -FROM quay.io/cybozu/ubuntu:22.04 +FROM ghcr.io/cybozu/ubuntu:22.04 +LABEL org.opencontainers.image.source="https://github.com/cybozu/neco-containers" COPY --from=build /work/etcd/bin /usr/local/etcd/bin COPY --from=build /work/etcd/LICENSE /usr/local/etcd/LICENSE diff --git a/etcd/README.md b/etcd/README.md index e4e50e1a4..ef52ca71e 100644 --- a/etcd/README.md +++ b/etcd/README.md @@ -1,7 +1,7 @@ etcd-container ============== -[etcd](https://github.com/coreos/etcd) is a distributed reliable key-value +[etcd](https://github.com/etcd-io/etcd) is a distributed reliable key-value store provided by CoreOS. This repository provides a Dockerfile which contains `etcd` server and `etcdctl` for the client usage. @@ -13,7 +13,7 @@ To launch `etcd` by `docker run`: $ docker volume create etcd $ docker run -p 2379:2379 -p 2380:2380 --name etcd-1 \ --mount type=volume,src=etcd,target=/var/lib/etcd \ - quay.io/cybozu/etcd:3.5 \ + ghcr.io/cybozu/etcd:3.5 \ --advertise-client-urls http://0.0.0.0:2379 \ --listen-client-urls http://0.0.0.0:2379 @@ -22,7 +22,7 @@ To use `etcdctl`, first install it in a host directory `DIR`: $ docker run --rm -u root:root \ --entrypoint /usr/local/etcd/install-tools \ --mount type=bind,src=DIR,target=/host \ - quay.io/cybozu/etcd:3.5 + ghcr.io/cybozu/etcd:3.5 Then run `etcdctl` as follows: @@ -31,4 +31,4 @@ Then run `etcdctl` as follows: Docker images ------------- -Docker images are available on [Quay.io](https://quay.io/repository/cybozu/etcd) +Docker images are available on [ghcr.io](https://github.com/cybozu/neco-containers/pkgs/container/etcd) diff --git a/etcd/TAG b/etcd/TAG index 5ba1bf9d1..3841bc56e 100644 --- a/etcd/TAG +++ b/etcd/TAG @@ -1 +1 @@ -3.5.10.1 +3.5.10.2 From bf152de5a822e7c136344e3acaf7b6d0e0eb9295 Mon Sep 17 00:00:00 2001 From: Masayuki Ishii Date: Mon, 4 Dec 2023 04:54:59 +0000 Subject: [PATCH 3/6] Migrate pause container to ghcr.io Signed-off-by: Masayuki Ishii --- .circleci/config.yml | 3 --- .github/workflows/main.yaml | 2 ++ pause/Dockerfile | 5 +++-- pause/README.md | 2 +- pause/TAG | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index cf2ddc5b5..db5eca5cb 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -931,9 +931,6 @@ workflows: name: build-opentelemetry-collector container-image: opentelemetry-collector scan: true - - build: - name: build-pause - container-image: pause - build: name: build-pomerium container-image: pomerium diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index baa183707..172ef03b0 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -37,6 +37,8 @@ jobs: - dir: "./haproxy" container-image: "haproxy" scan: "true" + - dir: "./pause" + container-image: "pause" - dir: "./pod-delete-rate-limiter" container-image: "pod-delete-rate-limiter" make_test: true diff --git a/pause/Dockerfile b/pause/Dockerfile index 2004ce9fb..e054d61ed 100644 --- a/pause/Dockerfile +++ b/pause/Dockerfile @@ -1,9 +1,9 @@ # pause container # Stage1: build from source -FROM quay.io/cybozu/ubuntu-dev:22.04 AS build +FROM ghcr.io/cybozu/ubuntu-dev:22.04 AS build -ARG K8S_VERSION=1.27.7 +ARG K8S_VERSION=1.27.8 ARG PAUSE_VERSION=3.9 RUN mkdir /work @@ -19,6 +19,7 @@ RUN curl -sSLf -O https://github.com/kubernetes/kubernetes/raw/v${K8S_VERSION}/L # Stage2: setup runtime container FROM scratch +LABEL org.opencontainers.image.source="https://github.com/cybozu/neco-containers" COPY --from=build /work/pause /pause COPY --from=build /work/LICENSE /LICENSE diff --git a/pause/README.md b/pause/README.md index c16bbc5ab..3b5182b52 100644 --- a/pause/README.md +++ b/pause/README.md @@ -11,4 +11,4 @@ Specify the image name for kubelet with `--pod-infra-container-image` option. Docker images ------------- -Docker images are available on [Quay.io](https://quay.io/repository/cybozu/pause) +Docker images are available on [ghcr.io](https://github.com/cybozu/neco-containers/pkgs/container/pause) diff --git a/pause/TAG b/pause/TAG index 294d21a62..5b35e4041 100644 --- a/pause/TAG +++ b/pause/TAG @@ -1 +1 @@ -3.9.0.2 +3.9.0.3 From 8b5280345e7d22e996354a4b86312a9528669534 Mon Sep 17 00:00:00 2001 From: Masayuki Ishii Date: Mon, 4 Dec 2023 04:56:57 +0000 Subject: [PATCH 4/6] Migrate coredns container to ghcr.io Signed-off-by: Masayuki Ishii --- .circleci/config.yml | 4 ---- .github/workflows/main.yaml | 3 +++ coredns/Dockerfile | 5 +++-- coredns/README.md | 4 ++-- coredns/TAG | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index db5eca5cb..496383164 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -791,10 +791,6 @@ workflows: - build: name: build-contour container-image: contour - - build: - name: build-coredns - container-image: coredns - scan: true - build: name: build-csi-attacher container-image: csi-attacher diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 172ef03b0..8c7e63058 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -12,6 +12,9 @@ jobs: - dir: "./bird" container-image: "bird" scan: "true" + - dir: "./coredns" + container-image: "coredns" + scan: "true" - dir: "./etcd" container-image: "etcd" scan: "true" diff --git a/coredns/Dockerfile b/coredns/Dockerfile index 85324227e..c881806a4 100644 --- a/coredns/Dockerfile +++ b/coredns/Dockerfile @@ -1,4 +1,4 @@ -FROM quay.io/cybozu/golang:1.21-jammy AS build +FROM ghcr.io/cybozu/golang:1.21-jammy AS build ARG COREDNS_VERSION=1.11.1 @@ -11,7 +11,8 @@ RUN curl -sSLf https://github.com/coredns/coredns/archive/v${COREDNS_VERSION}.ta WORKDIR /go/src/github.com/coredns/coredns/ RUN make -FROM quay.io/cybozu/ubuntu:22.04 +FROM ghcr.io/cybozu/ubuntu:22.04 +LABEL org.opencontainers.image.source="https://github.com/cybozu/neco-containers" COPY --from=build /go/src/github.com/coredns/coredns/LICENSE /usr/local/coredns/LICENSE COPY --from=build /go/src/github.com/coredns/coredns/coredns /usr/local/coredns/bin/coredns diff --git a/coredns/README.md b/coredns/README.md index 905f65b4f..3155c1820 100644 --- a/coredns/README.md +++ b/coredns/README.md @@ -6,9 +6,9 @@ To launch server with specific config file. - $ docker run quay.io/cybozu/coredns:1.11 -v Corefile:/etc/coredns/Corefile -- \ + $ docker run ghcr.io/cybozu/coredns:1.11 -v Corefile:/etc/coredns/Corefile -- \ -conf /etc/coredns/Corefile ## Docker images -Docker images are available on [Quay.io](https://quay.io/repository/cybozu/coredns) +Docker images are available on [ghcr.io](https://github.com/cybozu/neco-containers/pkgs/container/coredns) diff --git a/coredns/TAG b/coredns/TAG index 44378b719..d2909f1f4 100644 --- a/coredns/TAG +++ b/coredns/TAG @@ -1 +1 @@ -1.11.1.1 +1.11.1.2 From 93a94f47c2b6b938c7a856d2216ca00f4bcfd69f Mon Sep 17 00:00:00 2001 From: Masayuki Ishii Date: Mon, 4 Dec 2023 05:05:02 +0000 Subject: [PATCH 5/6] Migrate unbound_exporter container to ghcr.io Signed-off-by: Masayuki Ishii --- .circleci/config.yml | 3 --- .github/workflows/main.yaml | 2 ++ unbound_exporter/Dockerfile | 3 ++- unbound_exporter/README.md | 2 +- unbound_exporter/TAG | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 496383164..74b29f073 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -987,9 +987,6 @@ workflows: - build: name: build-unbound container-image: unbound - - build: - name: build-unbound_exporter - container-image: unbound_exporter - build: name: build-vault container-image: vault diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 8c7e63058..d5826488d 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -62,6 +62,8 @@ jobs: - dir: "./unbound" container-image: "unbound" scan: "true" + - dir: "./unbound_exporter" + container-image: "unbound_exporter" - dir: "./vault" container-image: "vault" scan: "true" diff --git a/unbound_exporter/Dockerfile b/unbound_exporter/Dockerfile index 1445acd24..b73a31f46 100644 --- a/unbound_exporter/Dockerfile +++ b/unbound_exporter/Dockerfile @@ -1,7 +1,7 @@ # unbound_exporter container # Stage1: build from source -FROM quay.io/cybozu/golang:1.21-jammy AS build +FROM ghcr.io/cybozu/golang:1.21-jammy AS build #ARG UNBOUND_EXPORTER_REPO=letsencrypt/unbound_exporter ARG UNBOUND_EXPORTER_REPO=cybozu-go/unbound_exporter @@ -16,6 +16,7 @@ RUN curl -fsSL -o unbound_exporter.tar.gz "https://github.com/${UNBOUND_EXPORTER # Stage2: setup runtime container FROM scratch +LABEL org.opencontainers.image.source="https://github.com/cybozu/neco-containers" COPY --from=build /go/bin/unbound_exporter /bin/unbound_exporter COPY --from=build /work/LICENSE / diff --git a/unbound_exporter/README.md b/unbound_exporter/README.md index b6724385a..610901feb 100644 --- a/unbound_exporter/README.md +++ b/unbound_exporter/README.md @@ -8,4 +8,4 @@ This container contains unbound_exporter, a Prometheus exporter for Unbound. Docker images ------------- -Docker images are available on [Quay.io](https://quay.io/repository/cybozu/unbound_exporter) +Docker images are available on [ghcr.io](https://github.com/cybozu/neco-containers/pkgs/container/unbound_exporter) diff --git a/unbound_exporter/TAG b/unbound_exporter/TAG index f1cf2d1ad..3b77b494a 100644 --- a/unbound_exporter/TAG +++ b/unbound_exporter/TAG @@ -1 +1 @@ -0.4.4.1 +0.4.4.2 From 145ed5aaf880fb8e4b6837c9cb78e3b0d0c40f6e Mon Sep 17 00:00:00 2001 From: Masayuki Ishii Date: Mon, 4 Dec 2023 05:08:16 +0000 Subject: [PATCH 6/6] Migrate kubernetes containers to ghcr.io Signed-off-by: Masayuki Ishii --- .circleci/config.yml | 4 ---- .github/workflows/main.yaml | 3 +++ kubernetes/Dockerfile | 5 +++-- kubernetes/README.md | 4 ++-- kubernetes/TAG | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 74b29f073..645b031a2 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -888,10 +888,6 @@ workflows: container-image: storage-version-migration dir: kube-storage-version-migrator targets: initializer migrator trigger - - build: - name: build-kubernetes - container-image: kubernetes - scan: true - build: name: build-local-pv-provisioner container-image: local-pv-provisioner diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index d5826488d..5c8adbf64 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -42,6 +42,9 @@ jobs: scan: "true" - dir: "./pause" container-image: "pause" + - dir: "./kubernetes" + container-image: "kubernetes" + scan: "true" - dir: "./pod-delete-rate-limiter" container-image: "pod-delete-rate-limiter" make_test: true diff --git a/kubernetes/Dockerfile b/kubernetes/Dockerfile index 4d76c2a33..2d5ea3c67 100644 --- a/kubernetes/Dockerfile +++ b/kubernetes/Dockerfile @@ -1,7 +1,7 @@ # kubernetes container # Stage1: build from source -FROM quay.io/cybozu/golang:1.21-jammy AS build +FROM ghcr.io/cybozu/golang:1.21-jammy AS build ARG K8S_VERSION=1.27.8 @@ -20,7 +20,8 @@ WORKDIR /go/src/k8s.io/kubernetes RUN make all WHAT="cmd/kube-apiserver cmd/kube-controller-manager cmd/kube-proxy cmd/kube-scheduler cmd/kubelet" GOLDFLAGS="-w -s" # Stage2: setup runtime container -FROM quay.io/cybozu/ubuntu:22.04 +FROM ghcr.io/cybozu/ubuntu:22.04 +LABEL org.opencontainers.image.source="https://github.com/cybozu/neco-containers" RUN apt-get update \ && apt-get -y install --no-install-recommends \ diff --git a/kubernetes/README.md b/kubernetes/README.md index 033b6a0d5..aab662c34 100644 --- a/kubernetes/README.md +++ b/kubernetes/README.md @@ -17,7 +17,7 @@ Usage To launch `apiserver` by `docker run`: $ docker run --net=host --name apiserver -d \ - quay.io/cybozu/kubernetes:1.27 kube-apiserver \ + ghcr.io/cybozu/kubernetes:1.27 kube-apiserver \ --advertise-address=192.168.1.101 \ --insecure-bind-address=0.0.0.0 \ --insecure-port=8080 \ @@ -28,4 +28,4 @@ To launch `apiserver` by `docker run`: Docker images ------------- -Docker images are available on [Quay.io](https://quay.io/repository/cybozu/kubernetes) +Docker images are available on [ghcr.io](https://github.com/cybozu/neco-containers/pkgs/container/kubernetes) diff --git a/kubernetes/TAG b/kubernetes/TAG index 278b8eb8e..f7c4fcd9c 100644 --- a/kubernetes/TAG +++ b/kubernetes/TAG @@ -1 +1 @@ -1.27.8.1 +1.27.8.2