feat!: use ubi9 upstream (#33)

* Python 3.11 * AlmaLinux 9 * mkdocs + backstage catalog entry * reuseable actions
radiorabe · Jun 12, 2023 · 859fdbd · 859fdbd
1 parent 7d54b08
commit 859fdbd
Show file tree

Hide file tree

Showing 9 changed files with 115 additions and 107 deletions.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -1,4 +1,4 @@
-name: Publish Container Images
+name: Release
 
 on:
   push:
@@ -9,97 +9,12 @@ on:
   pull_request:
 
 jobs:
-  docker:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Prepare additional Metadata
-        id: addtional_meta
-        run: |
-          echo created=$(date -u +'%Y-%m-%dT%H:%M:%SZ') >> $GITHUB_OUTPUT
-
-      - name: Prepare Image Metadata
-        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            ghcr.io/radiorabe/python-minimal
-          tags: |
-            type=schedule
-            type=ref,event=branch
-            type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=semver,pattern={{major}}
-            type=sha
-          labels: |
-            name=python-minimal
-            summary=${{ github.event.repository.description }}
-            description=The RaBe Python Base Image Minimal is a stripped down image that uses microdnf as a package manager and includes the latest python.
-            url=${{ github.event.repository.html_url }}
-            vcs-ref=${{ github.sha }}
-            revision=${{ github.sha }}
-            release=${{ github.sha }}
-            build-date=${{ steps.addtional_meta.outputs.created }}
-            io.k8s.display-name=RaBe Python Base Image Minimal
-            io.k8s.description=${{ github.event.repository.description }}
-            io.openshift.tags=minimal rhel8 rabe python python39
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
-      - name: Build Container Image
-        id: docker_build
-        uses: docker/build-push-action@v4
-        with:
-          context: .
-          file: ./Dockerfile
-          platforms: linux/amd64
-          load: true
-          push: false
-          tags: ${{ steps.meta.outputs.tags }}
-          cache-to: type=gha,mode=max
-          labels: |
-            ${{ steps.meta.outputs.labels }}
-            version=${{ steps.meta.outputs.version }}
-
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
-        with:
-          image-ref: 'ghcr.io/radiorabe/python-minimal:${{ steps.meta.outputs.version }}'
-          format: 'sarif'
-          ignore-unfixed: true
-          output: 'trivy-results.sarif'
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
-        if: always()
-        with:
-          sarif_file: 'trivy-results.sarif'
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
-        if: github.event_name != 'pull_request'
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Push Container Image
-        id: docker_push
-        uses: docker/build-push-action@v4
-        with:
-          context: .
-          file: ./Dockerfile
-          platforms: linux/amd64
-          push: ${{ github.event_name != 'pull_request' && startsWith(github.event.ref, 'refs/tags/v') }}
-          tags: ${{ steps.meta.outputs.tags }}
-          cache-from: type=gha
-          labels: |
-            ${{ steps.meta.outputs.labels }}
-            version=${{ steps.meta.outputs.version }}
+  release-container:
+    uses: radiorabe/actions/.github/workflows/[email protected]
+    with:
+      image: ghcr.io/radiorabe/python-minimal
+      name: python-minimal
+      display-name: RaBe Python Base Image Minimal
+      tags: minimal rhel8 rabe python python311
+  mkdocs:
+    uses: radiorabe/actions/.github/workflows/[email protected]
diff --git a/.github/workflows/schedule.yaml b/.github/workflows/schedule.yaml
@@ -7,6 +7,6 @@ on:
 
 jobs:
   call-workflow:
-    uses: radiorabe/actions/.github/workflows/schedule-trivy.yaml@main
+    uses: radiorabe/actions/.github/workflows/schedule-trivy.yaml@v0.12.0
     with:
       image-ref: 'ghcr.io/radiorabe/python-minimal:latest'
diff --git a/.github/workflows/semantic-release.yaml b/.github/workflows/semantic-release.yaml
@@ -1,12 +1,13 @@
-name: Run semantic-release
+name: Semantic Release
 
 on:
   push:
     branches:
       - main
+      - release/*
 
 jobs:
   call-workflow:
-    uses: radiorabe/actions/.github/workflows/semantic-release.yaml@main
+    uses: radiorabe/actions/.github/workflows/semantic-release.yaml@v0.12.0
     secrets:
       RABE_ITREAKTION_GITHUB_TOKEN: ${{ secrets.RABE_ITREAKTION_GITHUB_TOKEN }}
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,7 @@
-FROM ghcr.io/radiorabe/ubi8-minimal:1.1.0
+FROM ghcr.io/radiorabe/ubi9-minimal:0.4.0
 
-RUN    microdnf install -y python39 \
-    && microdnf clean all \
+RUN    microdnf install -y \
+         python3.11 \
+    && microdnf clean all \
+    && ln /usr/bin/python3.11 /usr/bin/python \
+    && ln /usr/bin/pydoc3.11 /usr/bin/pydoc
diff --git a/README.md b/README.md
@@ -3,14 +3,15 @@
 The RaBe Python Base Image Minimal is a stripped down image that uses microdnf as a package
 manager and includes the latest python.
 
-The image is based on the [RaBe Universal Base Image 8 Minimal](https://github.com/radiorabe/container-image-ubi8-minimal)
-which is in turn based on the [Red Hat Universal Base Image 8 Minimal](https://catalog.redhat.com/software/containers/ubi8/ubi-minimal/5c359a62bed8bd75a2c3fba8)
-container provided by Red Hat.
+The image is based on the [RaBe Universal Base Image 9 Minimal](https://github.com/radiorabe/container-image-ubi9-minimal)
+which is in turn based on the [AlmaLinux 9 UBI9 variant image](https://github.com/AlmaLinux/docker-images)
+container provided by AlmaLinux and based on the work from [Red Hat](https://catalog.redhat.com/software/containers/ubi9-minimal/61832888c0d15aff4912fe0d).
+
 
 ## Features
 
-- Based on RaBe Universal Base Image 8 Minimal
-- Contains the latest Python 3.x available in UBI8
+- Based on RaBe Universal Base Image 9 Minimal
+- Contains the latest Python 3.x available in UBI9
 
 ## Usage
 
@@ -68,7 +69,7 @@ FROM ghcr.io/radiorabe/python-minimal:latest AS build
 
 FROM ghcr.io/radiorabe/python-minimal:latest AS app
 
-RUN    microdnf install python39-psycopg2 \
+RUN    microdnf install python311-psycopg2 \
     && microdnf clean all \
     && python3 -mpip --no-cache-dir install /tmp/dist/*.whl \
     && rm -rf /tmp/dist/

diff --git a/catalog-info.yaml b/catalog-info.yaml
@@ -0,0 +1,19 @@
+---
+apiVersion: backstage.io/v1alpha1
+kind: Component
+metadata:
+  name: python-minimal
+  title: Python on UBI9 Minimal
+  description: Python 3.11 on UBI9 Minimal.
+  annotations:
+    backstage.io/techdocs-ref: dir:.
+    github.com/project-slug: radiorabe/container-image-python-minimal
+  links:
+    - url: https://catalog.redhat.com/software/containers/ubi9/python-311/63f764b03f0b02a2e2d63fff
+      title: Red Hat Python 3.11
+spec:
+  type: baseimage
+  lifecycle: experimental
+  owner: it-reaktion
+  dependsOn:
+    - component:default/rabe-ubi9-minimal
diff --git a/docs/css/style.css b/docs/css/style.css
@@ -0,0 +1,10 @@
+/* set primary color */
+:root {
+  --md-primary-fg-color:        #00C9BF;
+  --md-accent-fg-color:         #00C9BF;
+}
+
+/* make code selectable on main */
+.highlight .o {
+    user-select: none;
+}
diff --git a/docs/gen_ref_pages.py b/docs/gen_ref_pages.py
@@ -0,0 +1,12 @@
+"""Generate the code reference pages and navigation.
+
+From https://mkdocstrings.github.io/recipes/
+"""
+
+from pathlib import Path
+
+import mkdocs_gen_files
+
+readme = Path("README.md").open("r")
+with mkdocs_gen_files.open("index.md", "w", encoding="utf-8") as index_file:
+    index_file.writelines(readme.read())
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -0,0 +1,47 @@
+site_name: UBI9 Python Minimal
+repo_url: https://github.com/radiorabe/container-image-python-minimal
+repo_name: radiorabe/container-image-python-minimal
+
+theme:
+  name: "material"
+  palette:
+    # Palette toggle for dark mode
+    - scheme: slate
+      toggle:
+        icon: material/brightness-4
+        name: Switch to light mode
+    # Palette toggle for light mode
+    - scheme: default
+      toggle:
+        icon: material/brightness-7
+        name: Switch to dark mode
+  icon:
+    repo: fontawesome/brands/git-alt
+  features:
+    - content.code.copy
+    - content.code.annotate
+    - toc.integrate
+
+markdown_extensions:
+- pymdownx.highlight:
+    anchor_linenums: true
+- pymdownx.inlinehilite
+- pymdownx.snippets
+- pymdownx.superfences
+
+extra_css:
+- css/style.css
+
+plugins:
+- search
+- gen-files:
+    scripts:
+    - docs/gen_ref_pages.py
+- literate-nav
+- section-index
+
+nav:
+  - README: index.md
+
+watch:
+  - README.md