made the images for building packages

.editorconfig

@@ -0,0 +1,12 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+[*]
+indent_style = space
+indent_size = 4
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true

.forgejo/workflows/steps/push/action.yml

@@ -0,0 +1,53 @@
+author: Sebastian Tobie
+description: pushes images via skopeo to an target
+name: push images
+
+inputs:
+  tags:
+    required: true
+    description: tags that are send to the registry
+  registry:
+    required: true
+    description: "the desired registry, default is the forgejo instance"
+  path:
+    required: true
+    description: "path under the registry for the image"
+  image:
+    required: true
+    description: |
+      the image that is copied with the storage.
+      Examples:
+
+      - dir:image
+      - container-storage:image:tag
+      - docker://registry/path:tag
+  username:
+    default: USER
+    description: "Username in case its important"
+  password:
+      required: true
+      description: "password for authentication"
+
+runs:
+  using: composite
+  steps:
+    - name: login
+      shell: sh
+      run: 'skopeo login -u "${{ inputs.username }}" -p "${{ inputs.password }}" ${{ inputs.registry }}'
+      env:
+        REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json
+    - name: skopeo copy
+      shell: sh
+      env:
+        REGISTRY_AUTH_FILE: ${{env.RUNNER_TEMP}}/auth.json
+        REGISTRY: "${{ inputs.registry }}"
+      run: |
+        server=${REGISTRY//https:/docker:}
+        if [[ "$server" != docker://* ]] ; then
+            server="docker://$server"
+        fi
+        for tag in ${{ inputs.tags }}; do
+            name="${server}/${{ inputs.path }}:${tag}"
+            printf "pushing image to %s" "$name"
+            skopeo copy -q -a --dest-precompute-digests ${{ inputs.image }} "$name"
+        done

.forgejo/workflows/workflows/container-build.yml

@@ -0,0 +1,65 @@
+on:
+  workflow_dispatch:
+  #push:
+  #  branches:
+  #    - stable
+  #schedule:
+  #  - cron: "0 0 1 * *"
+
+jobs:
+  debian:
+    runs-on: private-vault
+    strategy:
+      matrix:
+        version:
+          - bookworm
+    steps:
+      - name: Fetch repo
+        uses: actions/checkout@v3
+      - name: Container build
+        run: "./build_debian.sh ${{ matrix.version }}"
+      - uses: ./.forgejo/steps/push
+        with:
+          tags: ${{ matrix.version }}-${{ github.run_number }}
+          registry: ${{ github.server_url }}
+          path: ${{ github.repository_owner }}/debian
+          image: oci:debian:${{ matrix.version }}
+          password: ${{ secrets.DOCKER_TOKEN }}
+      - name: Cleanup
+        run: podman image prune -f
+  ubi:
+    runs-on: private-vault
+    strategy:
+      matrix:
+        version:
+          - 9
+    steps:
+      - name: Fetch repo
+        uses: actions/checkout@v3
+      - name: Container build
+        run: "./build_ubi.sh ${{ matrix.version }}"
+      - uses: ./.forgejo/steps/push
+        with:
+          tags: ${{ matrix.version }}-${{ github.run_number }}
+          registry: ${{ github.server_url }}
+          path: ${{ github.repository_owner }}/ubi
+          image: oci:ubi:${{ matrix.version }}
+          password: ${{ secrets.DOCKER_TOKEN }}
+      - name: Cleanup
+        run: podman image prune -f
+  archlinux:
+    runs-on: private-vault
+    steps:
+      - name: Fetch repo
+        uses: actions/checkout@v3
+      - name: Container build
+        run: "./build_arch.sh"
+      - uses: ./.forgejo/steps/push
+        with:
+          tags: latest ${{ github.run_number }}
+          registry: ${{ github.server_url }}
+          path: ${{ github.repository_owner }}/archlinux
+          image: oci:archlinux
+          password: ${{ secrets.DOCKER_TOKEN }}
+      - name: Cleanup
+        run: podman image prune -f

.gitignore

@@ -0,0 +1,3 @@
+/debian
+/ubi
+/archlinux

.shellcheckrc

@@ -0,0 +1 @@
+external-sources=true

README.md

@@ -0,0 +1,2 @@
+# Packagebuild
+

build_arch.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+. ./common.sh
+set -e
+
+init_container "archlinux" "docker.io/archlinux"
+
+buildah run --user 0:0 "archlinux" pacman --noconfirm -Syu nodejs git base-devel
+commit "archlinux" "oci:archlinux"

build_debian.sh

@@ -0,0 +1,22 @@
+#!/bin/sh
+. ./common.sh
+set -e
+version="$1"
+container="debian_${version}"
+
+
+debian_install(){
+    buildah run --user _apt --workdir /tmp "$1" curl -o package.deb "$2"
+    buildah run --user 0:0 "$1" apt install /tmp/package.deb
+}
+
+
+init_container "$container" "docker.io/debian:${version}"
+debian_list=$(mktemp)
+sed "s;VERSION;${version};g" repos/debian.list >"$debian_list"
+buildah run --user 0:0 "$container" apt update
+buildah run --user 0:0 "$container" apt install -y ca-certificates
+buildah copy  "$container" "$debian_list" /etc/apt/sources.list.d/eigene.list
+buildah run --user 0:0 "$container" apt update
+buildah run --user 0:0 "$container" apt install -y build-essential nodejs git
+commit "$container" "oci:debian:${version}"

build_ubi.sh

@@ -0,0 +1,23 @@
+#!/bin/sh
+. ./common.sh
+set -e
+version="${1}"
+container="ubi_${version}"
+
+add_repo(){
+    container="$1"
+    forgejo="$2"
+    org="$3"
+    group="$4"
+    if [ -z "$group" ] ; then
+        group="rpm.repo"
+    else
+        group="rpm/${group}.repo"
+    fi
+    buildah run --user 0:0 "$container" dnf config-manager --add-repo "${forgejo}/api/packages/${org}/${group}"
+}
+
+
+init_container "$container" "registry.access.redhat.com/ubi${version}:latest"
+buildah run --user 0:0 "$container" dnf install nodejs git rpm-build
+commit "$container" "oci:ubi:$version"

common.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+empty_dir=$(mktemp -d)
+
+init_container () {
+    local container_name="$1"
+    local image="$2"
+    buildah from -v "$empty_dir":/tmp:slave -v "$empty_dir":/var/cache:slave -v "$empty_dir":/var/tmp:slave -v "$empty_dir":/var/log:slave --pull=newer --name="$container_name" "${image}" >/dev/null
+    buildah run --user 0:0 "$container_name" chmod -c 1777 /tmp /var/tmp
+    buildah run --user 0:0 "$container_name" touch /tmp/test
+}
+
+commit(){
+    buildah config -e - -l - -a - -p - "$1"
+    buildah config -e PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin" "$1"
+    buildah commit --rm -f oci --squash "$1" "$2"
+}

repos/debian.list

@@ -0,0 +1 @@
+#deb https://gitea.sebastian-tobie.de/api/packages/packete/debian VERSION certs