tiararodney/oci-images
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Tiara's workflow for actively managing OCI (Docker) image ownership - factory for building, publishing and archiving OCI images with a verifiable chain of trust
2 commits 1 branch 0 tags 59 KiB
Find a file
Tiara Rodney a3e833df54
feat: remove build-ubuntu Makefile target 
This results in the build-ubuntu alias image not being targeted for scanning
publishing and archiving.
2025-06-01 23:11:05 +02:00
src init 2025-06-01 22:37:33 +02:00
.gitignore init 2025-06-01 22:37:33 +02:00
bitbucket-pipelines.yml init 2025-06-01 22:37:33 +02:00
configure init 2025-06-01 22:37:33 +02:00
configure.ac init 2025-06-01 22:37:33 +02:00
Makefile feat: remove build-ubuntu Makefile target 2025-06-01 23:11:05 +02:00
README.md init 2025-06-01 22:37:33 +02:00
TARGET feat: remove build-ubuntu Makefile target 2025-06-01 23:11:05 +02:00

README.md

Tiara's OCI Images

Standardization for building, archiving, vulnerability scanning and publishing lots of actively managed GNU/Linux and Microsoft Windows OCI (Docker) images under a multitude of circumstances - Do it fast, conveniently and conventionally.

Images

Image OS Arch
atlassian-bitbucketrunner323-windowsservercore Microsoft Windows amd64
build-node19-ubuntu GNU/Linux amd64
build-node20-ubuntu GNU/Linux amd64
build-node21-ubuntu GNU/Linux amd64
build-node22-ubuntu GNU/Linux amd64
build-node23-ubuntu GNU/Linux amd64
build-openjdk21-windowsservercore Microsoft Windows amd64
build-python39-ubuntu GNU/Linux amd64
build-python310-ubuntu GNU/Linux amd64
build-python311-ubuntu GNU/Linux amd64
build-python312-ubuntu GNU/Linux amd64
build-python313-ubuntu GNU/Linux amd64
build-ubuntu GNU/Linux amd64
build-windowsservercore Microsoft Windows amd64

Usage

Set up and verify your build environment

$> sh ./configure

Build Images

make <group>-<program><programversion>-<platform>
make all-<group>-<program>-<platform>
make all-<group>-<platform>
make <group>-<platform>
make all-<platform>

$> make build-python39-ubuntu
$> make all-build-python-ubuntu
$> make all-build-ubuntu
$> make build-ubuntu
$> make all-ubuntu

Archive Images

Generate a GZip-compressed tarball archive of an image under dist/.

$> make build-python39-ubuntu ARCHIVE=1

Output path can be adjusted via $ARCHIVE_DIST_PATH.

$> make build-python39-ubuntu ARCHIVE=1 ARCHIVE_DIST_PATH=dist2

Publish Images

Push image to a Docker registry.

Login to Docker registry, prior to executing.

$> make build-python39-ubuntu PUBLISH=1

By default, will publish to docker.io/byteb4rb1e. Can be modified through DOCKER_REGISTRY and DOCKER_REPO_SLUG.

$> make all-ubuntu \
    PUBLISH=1 \
    DOCKER_REGISTRY=contoso.com \
    DOCKER_REPO_SLUG=not-byteb4rb1e

Scan Images

Scan image with AquaSecurity Trivy Scanner for vulnerabilities and publish reports under test-reports/.

$> make all-ubuntu SCAN=1

Mix & Match

Define specific sequences of what to make.

$> make build-node23-ubuntu build-python313-ubuntu SCAN=1 ARCHIVE=1 PUBLISH=1

Parallelize

Run independent image builds and other jobs in parallel.

make all-ubuntu -j8

Setup

Ensure the following tools are installed before proceeding:

* GNU Make (make)  Required for executing automation scripts.
* Docker CLI (docker)  Used for building and managing OCI images.
* curl, gzip, and tar  Needed for archiving and uploading image dumps.

Requirements

You need the optional Containers feature enabled, which is possible with at least Microsoft Windows 11 Professional (and Windows Server Editions).

Additionally you need the Docker daemon and Docker client and have configured them.

Also, you will need a build of GNU Make, which is available through environments such as Cygwin, MinGW or MSYS2. I suggest using MSYS2