feat: Add better tooling and CI

- Improve the build of the image by introducing `build.sh`.
  It can be used with `podman` or `buildah` and
  also provides a way of building a `dev` or `prod`
  image for development purposes by
  `build.sh [dev|prod]`.

- CI runs this script as well with `buildah`.

Signed-off-by: Gabriel Nützi <gnuetzi@gmail.com>

.gitlab-ci.yml

@@ -1,5 +1,4 @@
 ---
-
 default:
   image: quay.io/buildah/stable:v1.32
   tags:
@@ -30,7 +29,7 @@ commit_check:
     - if: $CI_PIPELINE_SOURCE == "merge_request_event"
     - when: never
   variables:
-    BADRX: '^(squash!)|(fixup!)'
+    BADRX: "^(squash!)|(fixup!)"
   script: |
     dnf install -y git
     shortlogtmp=$(mktemp -p '' commit_check_tmp_XXXX)
@@ -51,23 +50,4 @@ build:
   before_script:
     - echo "$CI_REGISTRY_PASSWORD" | buildah login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
   script:
-    # N/B: There could be more than one merge-request open with this branch's HEAD
+    - scripts/build.sh
-    - |
-        IMAGE_TAG="${CI_COMMIT_REF_SLUG}";
-        if [[ -n "$CI_COMMIT_TAG" ]]; then
-            IMAGE_TAG="${CI_COMMIT_TAG}";
-        elif [[ -n "$CI_OPEN_MERGE_REQUESTS" ]]; then
-            IMAGE_TAG=mr$(echo "${CI_OPEN_MERGE_REQUESTS}" | cut -d, -f -1 | cut -d\! -f 2);
-        elif [[ "$CI_COMMIT_BRANCH" == "main" ]]; then
-            IMAGE_TAG="latest";
-        fi
-        echo "Building/Pushing to: ${CI_REGISTRY_IMAGE}:${IMAGE_TAG}";
-    - >-
-      buildah build \
-        --label "org.opencontainers.image.source=${CI_PROJECT_URL}" \
-        --label "org.opencontainers.image.revision=$CI_COMMIT_SHA" \
-        --label "org.opencontainers.image.created=$CI_JOB_STARTED_AT" \
-        --label "org.opencontainers.image.version=${IMAGE_TAG}" \
-        -t "${CI_REGISTRY_IMAGE}:${IMAGE_TAG}" "$CI_PROJECT_DIR"
-    - buildah images
-    - buildah push "${CI_REGISTRY_IMAGE}:${IMAGE_TAG}"

README.md

@@ -214,6 +214,9 @@ version of the gitlab runner.
 
 Several build arguments are available to control the output image:
 
+- `BUILD_TYPE`: The build type, either `prod` or `dev`. In `dev` mode, the package
+  manager is not deleted for development and debugging purposes. Please see
+  [`build.sh`](scripts/build.sh) for more details.
 - `PRUNE_INTERVAL`: A systemd.timer compatible `OnCalendar` value that
   determines how often to prune Podman's storage of disused containers and
   images. Defaults to `daily`, but should be adjusted based on desired

scripts/build.sh

@@ -0,0 +1,87 @@
+#!/usr/bin/env bash
+# Usage: build.sh [<build-type>]
+#
+# If the build type (second arg. `<build-type>`) is `prod`
+# the images are build in `release` mode. For all other build types
+# the images are build for development and testing purposes
+# By default the build type is `prod`.
+
+set -eu
+set -o pipefail
+
+ROOT_DIR="$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)/.."
+cd "$ROOT_DIR"
+
+function ci_running() {
+  [ "${CI:-}" = "true" ] && return 0
+  return 1
+}
+
+# Define the image tag depending on the context.
+function get_image_tag() {
+  local build_type="$1"
+  local image_tag="${build_type}-latest"
+
+  # Define image tag.
+  if ci_running; then
+    # The image tag gets adjusted depending on
+    # if it is a merge request or build on the
+    # main branch or on a tag.
+
+    image_tag="${CI_COMMIT_REF_SLUG:-}"
+
+    if [[ -n "${CI_COMMIT_TAG:-}" ]]; then
+      image_tag="${CI_COMMIT_TAG}"
+    elif [[ -n "${CI_OPEN_MERGE_REQUESTS:-}" ]]; then
+      image_tag=mr$(echo "${CI_OPEN_MERGE_REQUESTS}" | cut -d, -f -1 | cut -d\! -f 2)
+    elif [[ "${CI_COMMIT_BRANCH:-}" == "main" ]]; then
+      image_tag="latest"
+    fi
+  fi
+
+  echo "$image_tag"
+}
+
+function main() {
+  # Define common build variables.
+  local container_mgr=${CI_CONTAINER_MGR:-buildah}
+  local project_dir=${CI_PROJECT_DIR:-.}
+  local registry_name=${CI_REGISTRY_IMAGE:-"containers-storage:pipglr"}
+  local build_type=${CI_BUILD_TYPE:-${1:-prod}}
+
+  # Define image name and tag.
+  local image_tag image_name
+  image_tag=$(get_image_tag "$build_type")
+  image_name="${registry_name}:${image_tag}"
+
+  # Define OpenContainers labels.
+  local oc_project_url=${CI_PROJECT_URL:-file://$ROOT_DIR}
+  local oc_commit_sha=${CI_COMMIT_SHA:-$(git rev-parse HEAD)}
+  local oc_job_started_at=${CI_JOB_STARTED_AT:-$(date -u --iso-8601=seconds)}
+  local oc_version="${image_tag}"
+
+  BUILD_CMD=(
+    "${container_mgr}" build
+    --label "org.opencontainers.image.source=${oc_project_url}"
+    --label "org.opencontainers.image.revision=${oc_commit_sha}"
+    --label "org.opencontainers.image.created=${oc_job_started_at}"
+    --label "org.opencontainers.image.version=${oc_version}"
+    --build-arg "BUILD_TYPE=${build_type}"
+    -t "$image_name"
+    "${project_dir}")
+
+  echo "Build image: '$image_name'"
+  echo -e "Build command:\n" "${BUILD_CMD[@]}"
+
+  "${BUILD_CMD[@]}"
+
+  echo "Images are:"
+  "${container_mgr}" images
+
+  if ci_running; then
+    echo "Pushing image: ${image_name}"
+    "${container_mgr}" push "${image_name}"
+  fi
+}
+
+main "$@"