From 9dbd33a8f49a9f4361a09e640aa333fdcba4dc87 Mon Sep 17 00:00:00 2001
From: Lucas Bickel <hairmare@rabe.ch>
Date: Sat, 23 Apr 2022 13:07:54 +0200
Subject: [PATCH] feat: init s2i-core

---
 .dockerignore                           |  2 +
 .github/dependabot.yml                  | 16 ++++++
 .github/workflows/release.yaml          | 76 +++++++++++++++++++++++++
 .github/workflows/semantic-release.yaml | 24 ++++++++
 Dockerfile                              | 46 +++++++++++++++
 README.md                               | 71 +++++++++++++++++++++++
 6 files changed, 235 insertions(+)
 create mode 100644 .dockerignore
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/release.yaml
 create mode 100644 .github/workflows/semantic-release.yaml
 create mode 100644 Dockerfile
 create mode 100644 README.md

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..bfd9c8f
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,2 @@
+.github/
+README.md
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..c551361
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,16 @@
+
+version: 2
+updates:
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    commit-message:
+      prefix: "feat: "
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    commit-message:
+      prefix: "chore(ci): "
+    open-pull-requests-limit: 10
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
new file mode 100644
index 0000000..935c99a
--- /dev/null
+++ b/.github/workflows/release.yaml
@@ -0,0 +1,76 @@
+name: Publish Container Images
+
+on:
+  push:
+    tags:
+      - 'v*.*.*'
+  pull_request:
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Prepare additional Metadata
+        id: addtional_meta
+        run: |
+          echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
+
+      - name: Prepare Image Metadata
+        id: meta
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            ghcr.io/radiorabe/ubi8-minimal
+          tags: |
+            type=schedule
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+          labels: |
+            name=s21-core-minimal
+            summary=${{ github.event.repository.description }}
+            url=${{ github.event.repository.html_url }}
+            vcs-ref=${{ github.sha }}
+            revision=${{ github.sha }}
+            release=${{ github.sha }}
+            build-date=${{ steps.addtional_meta.outputs.created }}
+            io.k8s.display-name=RaBe S2I Core Minimal
+            io.k8s.description=${{ github.event.repository.description }}
+            io.openshift.tags=minimal rhel8 rabe s2i
+            io.openshift.s2i.scripts-url=image:///usr/libexec/s2i
+            io.s2i.scripts-url=image:///usr/libexec/s2i
+            version=1
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        if: github.event_name != 'pull_request'
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: |
+            ${{ steps.meta.outputs.labels }}
+            version=${{ steps.meta.outputs.version }}
diff --git a/.github/workflows/semantic-release.yaml b/.github/workflows/semantic-release.yaml
new file mode 100644
index 0000000..6597750
--- /dev/null
+++ b/.github/workflows/semantic-release.yaml
@@ -0,0 +1,24 @@
+name: Run semantic-release
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  semantic-release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Run go-semantic-release
+        id: semrel
+        uses: go-semantic-release/action@v1
+        with:
+          github-token: ${{ secrets.RABE_ITREAKTION_GITHUB_TOKEN }}
+          allow-initial-development-versions: true
+          dry: ${{ github.ref != 'refs/heads/main' }}
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..08a3f93
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,46 @@
+FROM ghcr.io/radiorabe/ubi8-minimal:0.2.4
+
+ENV \
+    # Path to be used in other layers to place s2i scripts into
+    STI_SCRIPTS_PATH=/usr/libexec/s2i \
+    APP_ROOT=/opt/app-root \
+    # The $HOME is not set by default, but some applications needs this variable
+    HOME=/opt/app-root/src \
+    PATH=/opt/app-root/src/bin:/opt/app-root/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
+    PLATFORM="el8"
+
+COPY --from=registry.access.redhat.com/ubi8/s29-core:1-282 \
+     /usr/bin/base-usage \
+     /usr/bin/container-entrypoint \
+     /usr/bin/cgroups-limit \
+     /usr/bin/fix-permissions \
+     /usr/bin/prepare-yum-repositories \
+     /usr/bin/rpm-file-permissions \
+     /usr/bin/
+COPY --from=registry.access.redhat.com/ubi8/s29-core:1-282 \
+     /opt/app-root/etc/scl_enable \
+     /opt/app-root/etc
+
+RUN  microdnf install -y \
+       bsdtar \
+       findutils \
+       gettext \
+       glibc-locale-source \
+       glibc-langpack-en \
+       groff-base \
+       rsync \
+       scl-utils \
+       tar \
+       unzip \
+       xz \
+    && microdnf clean all
+
+WORKDIR ${HOME}
+
+ENTRYPOINT ["container-entrypoint"]
+CMD ["base-usage"]
+
+RUN    rpm-file-permissions \
+    && useradd -u 1001 -r -g 0 -d ${HOME} -s /sbin/nologin \
+       -c "Default Application User" default \
+    && chown -R 1001:0 ${APP_ROOT}
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..e52d085
--- /dev/null
+++ b/README.md
@@ -0,0 +1,71 @@
+# RaBe S2I Core Minimal Image
+
+The RaBe S2I Core Minimal Image resembles a classic [sclorg/s2i-core](https://github.com/sclorg/s2i-base-container)
+image with the main difference being that it does not include `yum` since it is based on the RaBe UBI8 Minimal Image.
+It's main use is as a downstream for RaBe S2I tooling.
+
+The image is based on the [RaBe Universal Base Image 8 Minimal](https://github.com/radiorabe/container-image-ubi8-minimal)
+which is in turn based on the [Red Hat Universal Base Image 8 Minimal](https://catalog.redhat.com/software/containers/ubi8/ubi-minimal/5c359a62bed8bd75a2c3fba8)
+container provided by Red Hat. It uses parts of the [Red Hat S2I Core Image](https://catalog.redhat.com/software/containers/ubi8/s2i-core/5c83967add19c77a15918c27).
+
+## Features
+
+- Based on RaBe Universal Base Image 8 Minimal
+- Builds the base for RaBe S2I Base Minimal
+
+## Usage
+
+Create a downstream image from `ghcr.io/radiorabe/s2i-core`. Replace `:latest` with a specific version in the examples below.
+
+```Dockerfile
+FROM ghcr.io/radiorabe/s2i-core:latest AS build
+
+RUN "hello world"
+```
+
+Preferably you should use a downstream base image for you needs.
+
+## Downstream Base Images
+
+* [RaBe S2I Base Image](https://github.com/radiorabe/container-image-rabe-s2i-base-minimal)
+
+## Release Management
+
+The CI/CD setup uses semantic commit messages following the [conventional commits standard](https://www.conventionalcommits.org/en/v1.0.0/).
+There is a GitHub Action in [.github/workflows/semantic-release.yaml](./.github/workflows/semantic-release.yaml)
+that uses [go-semantic-commit](https://go-semantic-release.xyz/) to create new
+releases.
+
+The commit message should be structured as follows:
+
+```
+<type>[optional scope]: <description>
+
+[optional body]
+
+[optional footer(s)]
+```
+
+The commit contains the following structural elements, to communicate intent to the consumers of your library:
+
+1. **fix:** a commit of the type `fix` patches gets released with a PATCH version bump
+1. **feat:** a commit of the type `feat` gets released as a MINOR version bump
+1. **BREAKING CHANGE:** a commit that has a footer `BREAKING CHANGE:` gets released as a MAJOR version bump
+1. types other than `fix:` and `feat:` are allowed and don't trigger a release
+
+If a commit does not contain a conventional commit style message you can fix
+it during the squash and merge operation on the PR.
+
+## Build Process
+
+The CI/CD setup uses the [Docker build-push Action](https://github.com/docker/build-push-action) to publish container images. This is managed in [.github/workflows/release.yaml](./.github/workflows/release.yaml).
+
+## License
+
+This application is free software: you can redistribute it and/or modify it under
+the terms of the GNU Affero General Public License as published by the Free
+Software Foundation, version 3 of the License.
+
+## Copyright
+
+Copyright (c) 2022 [Radio Bern RaBe](http://www.rabe.ch)