chore: split images into base and normal

Automattic · Feb 19, 2025 · d246a76 · d246a76
1 parent 18dd822
commit d246a76
Show file tree

Hide file tree

Showing 29 changed files with 148 additions and 22 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -10,23 +10,23 @@ updates:
         patterns:
           - "docker/*"
 
-  - directory: images/src/alpine-base
+  - directory: base-images/src/alpine-base
     package-ecosystem: docker
     schedule:
       interval: daily
 
-  - directory: images/src/ubuntu-base
+  - directory: base-images/src/ubuntu-base
     package-ecosystem: docker
     schedule:
       interval: daily
 
-  - directory: images/src/wpvip-base
-    package-ecosystem: docker
+  - directory: base-images/src/ubuntu-base
+    package-ecosystem: devcontainers
     schedule:
       interval: daily
 
-  - directory: images/src/ubuntu-base
-    package-ecosystem: devcontainers
+  - directory: images/src/wpvip-base
+    package-ecosystem: docker
     schedule:
       interval: daily
 

diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml
@@ -1,4 +1,4 @@
-name: Build and Push Docker Image
+name: Build and Push Base Image
 
 on:
   push:
@@ -10,8 +10,21 @@ permissions:
   contents: read
 
 jobs:
-  prepare:
-    name: Prepare list of images to build
+  prepare-base:
+    name: Prepare list of base images to build
+    runs-on: ubuntu-latest
+    outputs:
+      images: ${{ steps.set-matrix.outputs.images }}
+    steps:
+      - name: Check out the source code
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+
+      - name: Set matrix
+        id: set-matrix
+        run: echo images="$(jq '."x-build"' base-images/src/*/.devcontainer.json | jq --slurp -c .)" >> "${GITHUB_OUTPUT}"
+
+  prepare-others:
+    name: Prepare list of other images to build
     runs-on: ubuntu-latest
     outputs:
       images: ${{ steps.set-matrix.outputs.images }}
@@ -23,8 +36,8 @@ jobs:
         id: set-matrix
         run: echo images="$(jq '."x-build"' images/src/*/.devcontainer.json | jq --slurp -c .)" >> "${GITHUB_OUTPUT}"
 
-  publish-images:
-    needs: prepare
+  publish-base-images:
+    needs: prepare-base
     name: 'Publish ${{ matrix.image.name }}'
     runs-on: ubuntu-latest
     permissions:
@@ -33,7 +46,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        image: ${{ fromJson(needs.prepare.outputs.images) }}
+        image: ${{ fromJson(needs.prepare-base.outputs.images) }}
     steps:
       - name: Check out the repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -49,7 +62,7 @@ jobs:
             else
               base="${{ github.event.before }}"
               head="${{ github.event.after }}"
-              image="images/src/${{ matrix.image.image-name }}"
+              image="base-images/src/${{ matrix.image.image-name }}"
               changes="$(git diff --name-only "${base}" "${head}" -- "${image}" | grep -Fv "${image}/README.md" || true)"
               if [ -n "${changes}" ]; then
                 echo needs_build=true >> "${GITHUB_OUTPUT}"
@@ -73,7 +86,7 @@ jobs:
                 "containerd-snapshotter": true
               }
             }
-  
+
       - name: Set up QEMU
         uses: docker/setup-qemu-action@4574d27a4764455b42196d70a065bc6853246a25 # v3.4.0
         if: steps.changes.outputs.needs_build == 'true'
@@ -118,7 +131,7 @@ jobs:
       - name: Build image
         run: |
           devcontainer build \
-            --workspace-folder images/src/${{ matrix.image.image-name }} \
+            --workspace-folder base-images/src/${{ matrix.image.image-name }} \
             --platform linux/amd64,linux/arm64 \
             --image-name=ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:${{ steps.set-versions.outputs.major }}.${{ steps.set-versions.outputs.minor }}.${{ steps.set-versions.outputs.patch }} \
             --image-name=ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:${{ steps.set-versions.outputs.major }}.${{ steps.set-versions.outputs.minor }} \
@@ -222,3 +235,116 @@ jobs:
       - name: Publish templates
         run: devcontainer templates publish templates/src --namespace "${{ github.repository }}"
         if: steps.changes.outputs.needs_build == 'true'
+
+  publish-other-images:
+    needs:
+      - prepare-others
+      - publish-base-images
+      - publish-features
+    name: 'Publish ${{ matrix.image.name }}'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    strategy:
+      fail-fast: false
+      matrix:
+        image: ${{ fromJson(needs.prepare-others.outputs.images) }}
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          fetch-depth: 0
+
+      - name: Check changed files
+        id: changes
+        run: |
+          if [ "${{ github.event_name }}" = "push" ]; then
+            if [ "${{ github.event.forced }}" = "true" ]; then
+              echo needs_build=true >> "${GITHUB_OUTPUT}"
+            else
+              base="${{ github.event.before }}"
+              head="${{ github.event.after }}"
+              image="images/src/${{ matrix.image.image-name }}"
+              changes="$(git diff --name-only "${base}" "${head}" -- "${image}" | grep -Fv "${image}/README.md" || true)"
+              if [ -n "${changes}" ]; then
+                echo needs_build=true >> "${GITHUB_OUTPUT}"
+              else
+                echo needs_build=false >> "${GITHUB_OUTPUT}"
+              fi
+            fi
+          else
+            echo needs_build=true >> "${GITHUB_OUTPUT}"
+          fi
+
+      - name: Expose GitHub Runtime
+        uses: Automattic/vip-actions/expose-github-runtime@e1faabf165941008de4c0c1381df153e49d8ad2c # v0.6.0
+
+      - name: Set up Docker
+        uses: docker/setup-docker-action@370a7dad4b8ce8dbf00f9363e1652e5074dd6abe # v4.1.0
+        with:
+          daemon-config: |
+            {
+              "features": {
+                "containerd-snapshotter": true
+              }
+            }
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@4574d27a4764455b42196d70a065bc6853246a25 # v3.4.0
+        if: steps.changes.outputs.needs_build == 'true'
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0
+        if: steps.changes.outputs.needs_build == 'true'
+
+      - name: Log in to GitHub Docker Registry
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        if: steps.changes.outputs.needs_build == 'true'
+        with:
+          registry: https://ghcr.io
+          username: ${{ github.actor }}}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Lowercase repository name
+        run: echo "REPO=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]')" >> "${GITHUB_ENV}"
+
+      - name: Set versions
+        if: steps.changes.outputs.needs_build == 'true'
+        id: set-versions
+        run: |
+          echo major="$(echo "${{ matrix.image.image-version }}" | cut -d. -f1)" >> "${GITHUB_OUTPUT}"
+          echo minor="$(echo "${{ matrix.image.image-version }}" | cut -d. -f2)" >> "${GITHUB_OUTPUT}"
+          echo patch="$(echo "${{ matrix.image.image-version }}" | cut -d. -f3)" >> "${GITHUB_OUTPUT}"
+
+      - name: Check if image already exists
+        if: steps.changes.outputs.needs_build == 'true'
+        id: exists
+        run: |
+          if docker buildx imagetools inspect "ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:${{ steps.set-versions.outputs.major }}.${{ steps.set-versions.outputs.minor }}.${{ steps.set-versions.outputs.patch }}" > /dev/null 2>&1; then
+            echo exists=true >> "${GITHUB_OUTPUT}"
+          else
+            echo exists=false >> "${GITHUB_OUTPUT}"
+          fi
+
+      - name: Install @devcontainers/cli
+        run: npm install -g @devcontainers/cli
+        if: ${{ steps.changes.outputs.needs_build == 'true' && steps.exists.outputs.exists != 'true' }}
+
+      - name: Build image
+        run: |
+          devcontainer build \
+            --workspace-folder images/src/${{ matrix.image.image-name }} \
+            --platform linux/amd64,linux/arm64 \
+            --image-name=ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:${{ steps.set-versions.outputs.major }}.${{ steps.set-versions.outputs.minor }}.${{ steps.set-versions.outputs.patch }} \
+            --image-name=ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:${{ steps.set-versions.outputs.major }}.${{ steps.set-versions.outputs.minor }} \
+            --image-name=ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:${{ steps.set-versions.outputs.major }} \
+            --image-name=ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:latest \
+            --output type=docker \
+            --cache-from type=gha \
+            --cache-to type=gha,mode=max
+        if: ${{ steps.changes.outputs.needs_build == 'true' && steps.exists.outputs.exists != 'true' }}
+
+      - name: Publish image
+        run: docker push --all-tags ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}
+        if: ${{ steps.changes.outputs.needs_build == 'true' && steps.exists.outputs.exists != 'true' }}
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,4 +1,4 @@
-name: Build Docker Image
+name: Build Base Image
 
 on:
   pull_request:
@@ -22,7 +22,7 @@ jobs:
 
       - name: Set matrix
         id: set-matrix
-        run: echo images="$(jq '."x-build"' images/src/*/.devcontainer.json | jq --slurp -c .)" >> "${GITHUB_OUTPUT}"
+        run: echo images="$(jq '."x-build"' base-images/src/*/.devcontainer.json | jq --slurp -c .)" >> "${GITHUB_OUTPUT}"
 
   build:
     needs: prepare
@@ -43,7 +43,7 @@ jobs:
         run: |
           base="${{ github.event.pull_request.base.sha }}"
           head="${{ github.event.pull_request.head.sha }}"
-          image="images/src/${{ matrix.image.image-name }}"
+          image="base-images/src/${{ matrix.image.image-name }}"
           changes="$(git diff --name-only "${base}" "${head}" -- "${image}" | grep -Fv "${image}/README.md" || true)"
           if [ -n "${changes}" ]; then
             echo needs_build=true >> "${GITHUB_OUTPUT}"
@@ -70,7 +70,7 @@ jobs:
       - name: Build image
         run: |
           devcontainer build \
-            --workspace-folder "images/src/${{ matrix.image.image-name }}" \
+            --workspace-folder "base-images/src/${{ matrix.image.image-name }}" \
             --platform linux/amd64,linux/arm64 \
             --output type=image \
             --cache-from type=gha \

diff --git a/.github/workflows/features-global.yml b/.github/workflows/features-global.yml
@@ -50,7 +50,7 @@ jobs:
             IMAGE=ubuntu-base
           fi
           devcontainer build \
-            --workspace-folder "images/src/${IMAGE}" \
+            --workspace-folder "base-images/src/${IMAGE}" \
             --image-name="ghcr.io/${REPO}/${IMAGE}:latest" \
             --cache-from type=gha
 

diff --git a/.github/workflows/features-scenarios.yml b/.github/workflows/features-scenarios.yml
@@ -71,7 +71,7 @@ jobs:
           REPO="$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]')"
           for image in alpine-base ubuntu-base; do
             devcontainer build \
-              --workspace-folder images/src/${image} \
+              --workspace-folder base-images/src/${image} \
               --image-name="ghcr.io/${REPO}/${image}:latest" \
               --cache-from type=gha
           done

diff --git a/.github/workflows/sanity-checks.yml b/.github/workflows/sanity-checks.yml
@@ -20,7 +20,7 @@ jobs:
         run: |
           base="${{ github.event.pull_request.base.sha }}"
           head="${{ github.event.pull_request.head.sha }}"
-          for image in images/src/*; do
+          for image in base-images/src/*; do
             changes="$(git diff --merge-base --name-only "${base}" "${head}" -- "${image}" | grep -Fv "${image}/README.md" || true)"
             if [ -n "${changes}" ]; then
               if ! echo "${changes}" | grep -q "${image}/.devcontainer.json"; then

diff --git a/images/src/alpine-base/.devcontainer.json → ...images/src/alpine-base/.devcontainer.json b/images/src/alpine-base/.devcontainer.json → ...images/src/alpine-base/.devcontainer.json
diff --git a/images/src/alpine-base/.dockerignore → base-images/src/alpine-base/.dockerignore b/images/src/alpine-base/.dockerignore → base-images/src/alpine-base/.dockerignore
diff --git a/images/src/alpine-base/Dockerfile → base-images/src/alpine-base/Dockerfile b/images/src/alpine-base/Dockerfile → base-images/src/alpine-base/Dockerfile
diff --git a/...rc/alpine-base/rootfs/etc/conf.d/.gitkeep → ...rc/alpine-base/rootfs/etc/conf.d/.gitkeep b/...rc/alpine-base/rootfs/etc/conf.d/.gitkeep → ...rc/alpine-base/rootfs/etc/conf.d/.gitkeep
diff --git a/...rc/alpine-base/rootfs/etc/default/useradd → ...rc/alpine-base/rootfs/etc/default/useradd b/...rc/alpine-base/rootfs/etc/default/useradd → ...rc/alpine-base/rootfs/etc/default/useradd
diff --git a/images/src/alpine-base/rootfs/etc/runit/1 → ...images/src/alpine-base/rootfs/etc/runit/1 b/images/src/alpine-base/rootfs/etc/runit/1 → ...images/src/alpine-base/rootfs/etc/runit/1
diff --git a/images/src/alpine-base/rootfs/etc/runit/2 → ...images/src/alpine-base/rootfs/etc/runit/2 b/images/src/alpine-base/rootfs/etc/runit/2 → ...images/src/alpine-base/rootfs/etc/runit/2
diff --git a/images/src/alpine-base/rootfs/etc/runit/3 → ...images/src/alpine-base/rootfs/etc/runit/3 b/images/src/alpine-base/rootfs/etc/runit/3 → ...images/src/alpine-base/rootfs/etc/runit/3
diff --git a/...src/alpine-base/rootfs/etc/service/syslog → ...src/alpine-base/rootfs/etc/service/syslog b/...src/alpine-base/rootfs/etc/service/syslog → ...src/alpine-base/rootfs/etc/service/syslog
diff --git a/...pine-base/rootfs/etc/skel.useradd/.bashrc → ...pine-base/rootfs/etc/skel.useradd/.bashrc b/...pine-base/rootfs/etc/skel.useradd/.bashrc → ...pine-base/rootfs/etc/skel.useradd/.bashrc
diff --git a/...ine-base/rootfs/etc/skel.useradd/.profile → ...ine-base/rootfs/etc/skel.useradd/.profile b/...ine-base/rootfs/etc/skel.useradd/.profile → ...ine-base/rootfs/etc/skel.useradd/.profile
diff --git a/.../src/alpine-base/rootfs/etc/sv/syslog/run → .../src/alpine-base/rootfs/etc/sv/syslog/run b/.../src/alpine-base/rootfs/etc/sv/syslog/run → .../src/alpine-base/rootfs/etc/sv/syslog/run
diff --git a/...e-base/rootfs/usr/local/bin/runit-wrapper → ...e-base/rootfs/usr/local/bin/runit-wrapper b/...e-base/rootfs/usr/local/bin/runit-wrapper → ...e-base/rootfs/usr/local/bin/runit-wrapper
diff --git a/...s/src/ubuntu-base/.devcontainer-lock.json → ...s/src/ubuntu-base/.devcontainer-lock.json b/...s/src/ubuntu-base/.devcontainer-lock.json → ...s/src/ubuntu-base/.devcontainer-lock.json
diff --git a/images/src/ubuntu-base/.devcontainer.json → ...images/src/ubuntu-base/.devcontainer.json b/images/src/ubuntu-base/.devcontainer.json → ...images/src/ubuntu-base/.devcontainer.json
diff --git a/...eatures/cleanup/devcontainer-feature.json → ...eatures/cleanup/devcontainer-feature.json b/...eatures/cleanup/devcontainer-feature.json → ...eatures/cleanup/devcontainer-feature.json
diff --git a/...ntainer/local-features/cleanup/install.sh → ...ntainer/local-features/cleanup/install.sh b/...ntainer/local-features/cleanup/install.sh → ...ntainer/local-features/cleanup/install.sh
diff --git a/...l-features/sudo/devcontainer-feature.json → ...l-features/sudo/devcontainer-feature.json b/...l-features/sudo/devcontainer-feature.json → ...l-features/sudo/devcontainer-feature.json
diff --git a/...vcontainer/local-features/sudo/install.sh → ...vcontainer/local-features/sudo/install.sh b/...vcontainer/local-features/sudo/install.sh → ...vcontainer/local-features/sudo/install.sh
diff --git a/...features/syslog/devcontainer-feature.json → ...features/syslog/devcontainer-feature.json b/...features/syslog/devcontainer-feature.json → ...features/syslog/devcontainer-feature.json
diff --git a/...ontainer/local-features/syslog/install.sh → ...ontainer/local-features/syslog/install.sh b/...ontainer/local-features/syslog/install.sh → ...ontainer/local-features/syslog/install.sh
diff --git a/...ntainer/local-features/syslog/service-run → ...ntainer/local-features/syslog/service-run b/...ntainer/local-features/syslog/service-run → ...ntainer/local-features/syslog/service-run
diff --git a/images/src/ubuntu-base/Dockerfile → base-images/src/ubuntu-base/Dockerfile b/images/src/ubuntu-base/Dockerfile → base-images/src/ubuntu-base/Dockerfile