CCCHH/oci-images
1
1
Fork 0
Code Issues 1 Pull requests Packages 5 Activity Actions

Compare commits

base: CCCHH:main
Branches Tags
CCCHH:main
CCCHH:attribute-endpoints-provider
CCCHH:alertmanager-ntfy
CCCHH:penpot-image
CCCHH:nextcloud
CCCHH:testing
..
compare: CCCHH:testing
Branches Tags
CCCHH:main
CCCHH:attribute-endpoints-provider
CCCHH:alertmanager-ntfy
CCCHH:penpot-image
CCCHH:nextcloud
CCCHH:testing

1 commit
main ... testing

Author SHA1 Message Date
Julian Schacher
5ebf3f40b8
 		testing
Some checks failed
ci/woodpecker/push/keycloak Pipeline failed
Details
2024-07-27 19:08:50 +02:00
12 changed files with 69 additions and 343 deletions
Download patch file Download diff file Expand all files Collapse all files

47
.forgejo/workflows/build_keycloak.yml
View file

@ -1,47 +0,0 @@
name: Build Keycloak
on:
workflow_dispatch: {}
push: {}
schedule:
- cron: "@daily"
jobs:
build-container:
name: Build Keycloak Image
runs-on: docker
container:
image: ghcr.io/osscontainertools/kaniko:alpine
strategy:
matrix:
# renovate: datasource=docker depName=quay.io/keycloak/keycloak
keycloak-version: [ 26.6.0 ]
steps:
- name: Install required system packages
run: apk add --no-cache nodejs maven git
- name: Checkout Source Code
uses: actions/checkout@v6
- name: Build attribute-endpoints-provider
run: |
git clone https://git.hamburg.ccc.de/CCCHH/keycloak-attribute-endpoints-provider.git
cd keycloak-attribute-endpoints-provider
mvn -f attribute-endpoints-provider verify
cp attribute-endpoints-provider/target/attribute-endpoints-provider-1.0-SNAPSHOT.jar ${{ forgejo.workspace }}/keycloak/attribute-endpoints-provider.jar
- name: Build Container
env:
KANIKO_NO_PUSH: ${{ forgejo.ref_name != 'main' }}
KANIKO_GIT_HAMBURG_CCC_DE_USER: forgejo-actions
KANIKO_GIT_HAMBURG_CCC_DE_PASSWORD: ${{ secrets.PACKAGES_TOKEN }}
run: /kaniko/executor
--dockerfile="${{forgejo.workspace }}/keycloak/Containerfile"
--context="dir://${{ forgejo.workspace }}/keycloak"
--build-arg=TAG=${{ matrix.keycloak-version }}
--destination=git.hamburg.ccc.de/ccchh/oci-images/keycloak:${{ matrix.keycloak-version }}
--no-push-cache
--credential-helpers=env
--annotation=org.opencontainers.image.ref.name=keycloak
--annotation=org.opencontainers.image.url=${{ forgejo.server_url }}/${{ forgejo.repository }}
--annotation=org.opencontainers.image.source=${{ forgejo.server_url }}/${{ forgejo.repository }}

39
.forgejo/workflows/build_nextcloud.yml
View file

@ -1,39 +0,0 @@
name: Build Nextcloud
on:
workflow_dispatch: {}
push: {}
schedule:
- cron: "@daily"
jobs:
build-container:
name: Build Nextcloud ${{ matrix.nextcloud-version }} Image
runs-on: docker
container:
image: ghcr.io/osscontainertools/kaniko:alpine
strategy:
matrix:
nextcloud-version: [ 32, 33 ]
steps:
- name: Install required system packages
run: apk add --no-cache nodejs
- name: Checkout Source Code
uses: actions/checkout@v6
- name: Build Container
env:
KANIKO_NO_PUSH: ${{ forgejo.ref_name != 'main' }}
KANIKO_GIT_HAMBURG_CCC_DE_USER: forgejo-actions
KANIKO_GIT_HAMBURG_CCC_DE_PASSWORD: ${{ secrets.PACKAGES_TOKEN }}
run: /kaniko/executor
--dockerfile="${{forgejo.workspace }}/nextcloud/Containerfile"
--context="dir://${{ forgejo.workspace }}/nextcloud"
--build-arg=TAG=${{ matrix.nextcloud-version }}
--destination=git.hamburg.ccc.de/ccchh/oci-images/nextcloud:${{ matrix.nextcloud-version }}
--no-push-cache
--credential-helpers=env
--annotation=org.opencontainers.image.ref.name=nextcloud
--annotation=org.opencontainers.image.url=${{ forgejo.server_url }}/${{ forgejo.repository }}
--annotation=org.opencontainers.image.source=${{ forgejo.server_url }}/${{ forgejo.repository }}

61
.forgejo/workflows/build_penpot.yml
View file

@ -1,61 +0,0 @@
name: Build Penpot
on:
workflow_dispatch: {}
push: {}
schedule:
- cron: "@daily"
jobs:
build-container:
name: Build Image penpot-${{ matrix.image-type }}:${{ matrix.penpot-version }}
runs-on: docker
container:
image: ghcr.io/osscontainertools/kaniko:alpine
strategy:
matrix:
penpot-version: [ "2.1.2" ]
image-type: [ frontend, backend, exporter ]
steps:
- name: Install required system packages
run: apk add --no-cache nodejs git curl
- name: Clone penpot repo
run: |
git clone --branch="${{ matrix.penpot-version }}" https://github.com/penpot/penpot.git "${{ forgejo.workspace }}/penpot"
cd "${{ forgejo.workspace }}/penpot"
git submodule update --init --recursive
- name: Patch penpot to work with kaniko
run: |
cd "${{ forgejo.workspace }}/penpot"
# Get build system patch allowing for building images with kaniko.
# https://github.com/penpot/penpot/pull/4945
# https://github.com/penpot/penpot/pull/4945/commits/752574bac789cc90cc218004bb9545cc6239895d
curl -sSL https://github.com/penpot/penpot/commit/752574bac789cc90cc218004bb9545cc6239895d.patch > 0001-move-entire-image-build-process-into-Dockerfiles.patch
# Get patch disallowing registration with invitation token, when disable-login-with-password flag is set.
# https://github.com/penpot/penpot/issues/4975
# https://github.com/june128/penpot/commit/f799da132bf5a51015859031f45154172fbf7cd0
curl -sSL https://github.com/june128/penpot/commit/f799da132bf5a51015859031f45154172fbf7cd0.patch > 0002-hotfix-dont-allow-registration-with-invite-if-password-login-
# apply patches
git config user.name "Woodpecker"
git config user.email "woodpecker@woodpecker.invalid"
git am *.patch
- name: Build Container
env:
KANIKO_NO_PUSH: ${{ forgejo.ref_name != 'main' }}
KANIKO_GIT_HAMBURG_CCC_DE_USER: forgejo-actions
KANIKO_GIT_HAMBURG_CCC_DE_PASSWORD: ${{ secrets.PACKAGES_TOKEN }}
run: /kaniko/executor
--dockerfile="${{forgejo.workspace }}/penpot/docker/images/Dockerfile.${{ matrix.image-type }}"
--context="dir://${{ forgejo.workspace }}/penpot/"
--destination=git.hamburg.ccc.de/ccchh/oci-images/penpot-${{ matrix.image-type }}:${{ matrix.penpot-version }}
--no-push-cache
--credential-helpers=env
--annotation=org.opencontainers.image.ref.name=penpot-${{ matrix.image-type }}
--annotation=org.opencontainers.image.url=${{ forgejo.server_url }}/${{ forgejo.repository }}
--annotation=org.opencontainers.image.source=${{ forgejo.server_url }}/${{ forgejo.repository }}

69
.woodpecker/keycloak.yaml Normal file
View file

@ -0,0 +1,69 @@
when:
- event: push
- event: cron
cron: daily
# Manually set a workspace path, so we can use it literally, without using
# ${CI_WORKSPACE}, when running kaniko, since using ${CI_WORKSPACE} doesn't work.
# https://github.com/woodpecker-ci/woodpecker/issues/3982
workspace:
path: src
# Use matrix to set KEYCLOAK_VERSION instead of setting the KEYCLOAK_VERSION as
# an environment variable in the build-images step, since string substitution
# doesn't work for custom environment variables.
# https://github.com/woodpecker-ci/woodpecker/issues/3983
# Also because global environment variables aren't a thing.
matrix:
KEYCLOAK_VERSION:
- 25.0
IMAGE_NAME:
- git.hamburg.ccc.de/ccchh/oci-images/keycloak
steps:
- name: setup-image-path
image: alpine
commands:
- mkdir /woodpecker/images
- name: test
image: debian
commands:
- echo "miau" > test
- name: test-2
image: debian
environment:
MY_COOL_TEST_VAR: test
entrypoint:
- /usr/bin/cat
- $${MY_COOL_TEST_VAR}"
- name: build-image
image: gcr.io/kaniko-project/executor
environment:
MY_COOL_TEST_VAR: 25.0
entrypoint:
- /kaniko/executor
- --context=dir:///woodpecker/src/keycloak
- --dockerfile=./Containerfile
- --build-arg=TAG=$${MY_COOL_TEST_VAR}
- --destination=${IMAGE_NAME}:$${MY_COOL_TEST_VAR}
- --no-push
- --tar-path=/woodpecker/images/keycloak.tar
- name: publish-image
image: alpine
secrets:
- GIT_API_TOKEN
commands:
- apk -u add crane
- crane auth login git.hamburg.ccc.de -u woodpecker -p $GIT_API_TOKEN
- crane push /woodpecker/images/keycloak.tar $IMAGE_NAME:$CI_COMMIT_BRANCH
- name: tag-version-and-latest
image: alpine
when:
- branch: main
secrets:
- GIT_API_TOKEN
commands:
- apk -u add crane
- crane auth login git.hamburg.ccc.de -u woodpecker -p $GIT_API_TOKEN
- crane tag $IMAGE_NAME:$CI_COMMIT_BRANCH $KEYCLOAK_VERSION
- crane tag $IMAGE_NAME:$CI_COMMIT_BRANCH latest

4
README.md
View file

@ -11,7 +11,3 @@ Tools in use:
## Images
- `git.hamburg.ccc.de/CCCHH/oci-images/keycloak`
- `git.hamburg.ccc.de/CCCHH/oci-images/nextcloud`
- `git.hamburg.ccc.de/CCCHH/oci-images/penpot/frontend`
- `git.hamburg.ccc.de/CCCHH/oci-images/penpot/backend`
- `git.hamburg.ccc.de/CCCHH/oci-images/penpot/exporter`

2
keycloak/Containerfile
View file

@ -2,10 +2,8 @@ ARG TAG=latest
FROM quay.io/keycloak/keycloak:${TAG} as builder
ENV KC_DB=postgres
ENV KC_FEATURES=declarative-ui
WORKDIR /opt/keycloak
ADD --chown=keycloak:keycloak --chmod=644 attribute-endpoints-provider.jar /opt/keycloak/providers/attribute-endpoints-provider.jar
RUN /opt/keycloak/bin/kc.sh build
FROM quay.io/keycloak/keycloak:${TAG}

11
keycloak/themes/ccchh/login/resources/css/ccchh/login.css
View file

@ -2,15 +2,4 @@
background: url("../../img/blur-more-blur-edit.jpg") no-repeat center center fixed;
background-size: cover;
height: 100%;
}
div.kc-logo-text {
background: url("../../img/CCCHH.svg") no-repeat center center;
background-size: contain;
filter: invert(1);
height: 100px;
}
div.kc-logo-text span {
display: none;
}

123
keycloak/themes/ccchh/login/resources/img/CCCHH.svg
View file

@ -1,123 +0,0 @@
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN" "http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd">
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width='270.000mm' height='78.923mm' viewBox="0 0 270.000 78.923">
<title>Exported SVG</title>
<style><![CDATA[
polygon {
shape-rendering:crispEdges;
stroke-width:0.270000;
}
.s1 {
stroke:#000000;
stroke-width:0.245682;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.s2 {
stroke:#19b219;
stroke-width:0.245682;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.s3 {
stroke:#7f4c00;
stroke-width:0.245682;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.s4 {
stroke:#00cc00;
stroke-width:0.245682;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.s5 {
stroke:#000000;
stroke-width:0.163788;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.s6 {
stroke:#ff19ff;
stroke-width:0.163788;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.s7 {
stroke:#ff0000;
stroke-width:0.245682;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.s8 {
stroke:#ffff00;
stroke-width:0.245682;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.s9 {
stroke:#001919;
stroke-width:0.163788;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.sa {
stroke:#006666;
stroke-width:0.163788;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.sb {
stroke:#00ffff;
stroke-width:0.491365;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.sc {
stroke:#ff0000;
stroke-width:1.310307;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.sd {
stroke:#191919;
stroke-width:0.163788;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
.se {
stroke:#000000;
stroke-width:0.163788;
stroke-linecap:round;
stroke-linejoin:round;
stroke-dasharray:2.457,2.457;
fill:none;
}
.sf {
stroke:#000000;
stroke-width:0.491365;
stroke-linecap:round;
stroke-linejoin:round;
fill:none;
}
]]></style>
<path d='M62.272 26.962 A30.000,30.000 0 0,0 28.603,10.152 A30.000,30.000 0 0,0 5.000,39.462 A30.000,30.000 0 0,0 28.603,68.772 A30.000,30.000 0 0,0 62.272,51.962 L56.651,51.962 A25.000,25.000 0 0,1 28.530,63.610 A25.000,25.000 0 0,1 10.000,39.462 A25.000,25.000 0 0,1 28.530,15.313 A25.000,25.000 0 0,1 56.651,26.962 L62.272,26.962 ' class='s0' />
<path d='M53.540 31.962 A20.000,20.000 0 0,0 31.180,19.830 A20.000,20.000 0 0,0 15.000,39.462 A20.000,20.000 0 0,0 31.180,59.093 A20.000,20.000 0 0,0 53.540,46.962 L65.953,46.962 A30.000,30.000 0 0,0 92.347,69.344 A30.000,30.000 0 0,0 122.272,51.962 L116.651,51.962 A25.000,25.000 0 0,1 89.747,63.903 A25.000,25.000 0 0,1 70.125,41.962 L49.790,41.962 A15.000,15.000 0 0,1 33.746,54.409 A15.000,15.000 0 0,1 20.000,39.462 A15.000,15.000 0 0,1 33.746,24.514 A15.000,15.000 0 0,1 49.790,36.962 L70.125,36.962 A25.000,25.000 0 0,1 89.747,15.020 A25.000,25.000 0 0,1 116.651,26.962 L122.272,26.962 A30.000,30.000 0 0,0 92.347,9.579 A30.000,30.000 0 0,0 65.953,31.962 L53.540,31.962 ' class='s0' />
<path d='M113.540 31.962 A20.000,20.000 0 0,0 91.180,19.830 A20.000,20.000 0 0,0 75.000,39.462 A20.000,20.000 0 0,0 91.180,59.093 A20.000,20.000 0 0,0 113.540,46.962 L125.953,46.962 A30.000,30.000 0 0,0 152.347,69.344 A30.000,30.000 0 0,0 182.272,51.962 L176.651,51.962 A25.000,25.000 0 0,1 149.747,63.903 A25.000,25.000 0 0,1 130.125,41.962 L109.790,41.962 A15.000,15.000 0 0,1 93.746,54.409 A15.000,15.000 0 0,1 80.000,39.462 A15.000,15.000 0 0,1 93.746,24.514 A15.000,15.000 0 0,1 109.790,36.962 L130.125,36.962 A25.000,25.000 0 0,1 149.747,15.020 A25.000,25.000 0 0,1 176.651,26.962 L182.272,26.962 A30.000,30.000 0 0,0 152.347,9.579 A30.000,30.000 0 0,0 125.953,31.962 L113.540,31.962 ' class='s0' />
<path d='M173.540 31.962 A20.000,20.000 0 0,0 151.180,19.830 A20.000,20.000 0 0,0 135.000,39.462 A20.000,20.000 0 0,0 151.180,59.093 A20.000,20.000 0 0,0 173.540,46.962 L190.000,46.962 L190.000,69.462 L205.000,69.462 L205.000,46.962 L220.000,46.962 L220.000,69.462 L235.000,69.462 L235.000,46.962 L250.000,46.962 L250.000,69.462 L265.000,69.462 L265.000,9.462 L250.000,9.462 L250.000,31.962 L235.000,31.962 L235.000,9.462 L220.000,9.462 L220.000,31.962 L205.000,31.962 L205.000,9.462 L190.000,9.462 L190.000,31.962 L173.540,31.962 M169.790 36.962 L195.000,36.962 L195.000,14.462 L200.000,14.462 L200.000,36.962 L225.000,36.962 L225.000,14.462 L230.000,14.462 L230.000,36.962 L255.000,36.962 L255.000,14.462 L260.000,14.462 L260.000,64.462 L255.000,64.462 L255.000,41.962 L230.000,41.962 L230.000,64.462 L225.000,64.462 L225.000,41.962 L200.000,41.962 L200.000,64.462 L195.000,64.462 L195.000,41.962 L169.790,41.962 A15.000,15.000 0 0,1 153.746,54.409 A15.000,15.000 0 0,1 140.000,39.462 A15.000,15.000 0 0,1 153.746,24.514 A15.000,15.000 0 0,1 169.790,36.962 ' class='s0' />
</svg>
Side by side

Before

Width:  |  Height:  |  Size: 4.8 KiB

0
nextcloud/.keep
View file

16
nextcloud/Containerfile
View file

@ -1,16 +0,0 @@
ARG TAG=latest
FROM docker.io/library/nextcloud:${TAG}
RUN apt-get update \
&& apt-get install -y supervisor \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p /var/log/supervisord /var/run/supervisord
# We need to copy a file to the supervisord folder in /var/run so it exists when the container starts.
COPY .keep /var/run/supervisord/
COPY supervisord.conf /
ENV NEXTCLOUD_UPDATE=1
CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]

22
nextcloud/supervisord.conf
View file

@ -1,22 +0,0 @@
[supervisord]
nodaemon=true
logfile=/var/log/supervisord/supervisord.log
pidfile=/var/run/supervisord/supervisord.pid
childlogdir=/var/log/supervisord/
logfile_maxbytes=50MB ; maximum size of logfile before rotation
logfile_backups=10 ; number of backed up logfiles
loglevel=error
[program:apache2]
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
command=apache2-foreground
[program:cron]
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
command=/cron.sh

18
renovate.json
View file

@ -1,18 +0,0 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:recommended"
],
"customManagers": [
// Custom manager using regex for letting Renovate find dependencies in woodpecker Matrix variables.
{
"customType": "regex",
"managerFilePatterns": [
"/^\\.woodpecker/.*\\.ya?ml$/"
],
"matchStrings": [
"# renovate: datasource=(?<datasource>[a-zA-Z0-9-._]+?) depName=(?<depName>[^\\s]+?)(?: packageName=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[^\\s]+?))?\\s*-\\s*[\"']?(?<currentValue>.+?)[\"']?\\s"
]
}
]
}