From 81aae07221cbb2229a6ebd8a52f990257235cb7c Mon Sep 17 00:00:00 2001
From: Pat Garrity <pfm@garrity.co>
Date: Sun, 24 Mar 2024 11:09:51 -0500
Subject: [PATCH] Tested/Working Image

---
 .pre-commit-config.yaml | 13 +++++++++++++
 Containerfile           | 18 ++++++++++++++++++
 README.md               |  9 +++++++++
 build-and-push          |  6 ++++++
 build-and-run           |  6 ++++++
 registry.garrity.co.crt | 35 +++++++++++++++++++++++++++++++++++
 6 files changed, 87 insertions(+)
 create mode 100644 .pre-commit-config.yaml
 create mode 100644 Containerfile
 create mode 100644 README.md
 create mode 100755 build-and-push
 create mode 100755 build-and-run
 create mode 100644 registry.garrity.co.crt

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..7f16c0e
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,13 @@
+---
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.5.0
+    hooks:
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+      - id: fix-byte-order-marker
+      - id: mixed-line-ending
+        args: ['--fix=lf']
+        description: Enforces using only 'LF' line endings.
+      - id: trailing-whitespace
+      - id: check-yaml
diff --git a/Containerfile b/Containerfile
new file mode 100644
index 0000000..cf4b025
--- /dev/null
+++ b/Containerfile
@@ -0,0 +1,18 @@
+FROM docker.io/mgoltzsche/podman:4.9-minimal
+
+RUN apk add --update --no-cache bash git nodejs python3 py3-pip ca-certificates
+RUN pip3 install pre-commit --break-system-packages
+
+# Ensure that this image recognizes the self-signed registry certificate.
+COPY registry.garrity.co.crt /usr/local/share/ca-certificates
+RUN update-ca-certificates
+
+# Prepare a directory for the podman user
+RUN mkdir /home/podman; chown -R podman:podman /home/podman
+
+# Switch to the build user. Everything else is done at this level.
+USER podman
+WORKDIR /home/podman
+
+# Make Git not complain.
+RUN git config --global init.defaultBranch main
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..2d1f8fc
--- /dev/null
+++ b/README.md
@@ -0,0 +1,9 @@
+# ci-containers
+
+Produces a container image suitable for Container Image builds within the
+Garrity Software ecosystem. This image is not useable outside of the GS build
+environment.
+
+```
+registry.garrity.co:8443/gs/ci-containers:latest
+```
diff --git a/build-and-push b/build-and-push
new file mode 100755
index 0000000..11fd9b8
--- /dev/null
+++ b/build-and-push
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+readonly image_tag="registry.garrity.co:8443/gs/ci-containers:latest"
+
+podman build --tag "$image_tag" .
+podman push "$image_tag"
diff --git a/build-and-run b/build-and-run
new file mode 100755
index 0000000..62dd397
--- /dev/null
+++ b/build-and-run
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+readonly image_tag="registry.garrity.co:8443/gs/ci-containers:latest"
+
+podman build --tag "$image_tag" .
+podman run --rm -it --entrypoint bash "$image_tag"
diff --git a/registry.garrity.co.crt b/registry.garrity.co.crt
new file mode 100644
index 0000000..a74fcba
--- /dev/null
+++ b/registry.garrity.co.crt
@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIIGITCCBAmgAwIBAgIUR4lgvhfqxhyfD/gwLpA4U/V26UMwDQYJKoZIhvcNAQEL
+BQAwgY8xCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlNaW5uZXNvdGExFDASBgNVBAcM
+C0Jsb29taW5ndG9uMRkwFwYDVQQKDBBHYXJyaXR5IFNvZnR3YXJlMRwwGgYDVQQD
+DBNyZWdpc3RyeS5nYXJyaXR5LmNvMR0wGwYJKoZIhvcNAQkBFg5wZm1AZ2Fycml0
+eS5jbzAeFw0yNDAzMTYxNDQ1MjNaFw0yNTAzMTYxNDQ1MjNaMIGPMQswCQYDVQQG
+EwJVUzESMBAGA1UECAwJTWlubmVzb3RhMRQwEgYDVQQHDAtCbG9vbWluZ3RvbjEZ
+MBcGA1UECgwQR2Fycml0eSBTb2Z0d2FyZTEcMBoGA1UEAwwTcmVnaXN0cnkuZ2Fy
+cml0eS5jbzEdMBsGCSqGSIb3DQEJARYOcGZtQGdhcnJpdHkuY28wggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQDvX5tz1Ujod4fxrJuLmwr6CsFVofYeoKlh
+Bpy8qFS0JDHGL5nXHGNoy96zJd9Do7A//e3S1mJDAgKAlCBuCy6VkI1cdOBQoHPx
+GjmtcvvryZBx+jTHKterlZPkdb2orrsfULpnpINH3ymGngXrNCcDTt6JoNeq1XfP
+/YPXRtklaK0h1pe6w3p/69D7KmwtJVFjQe22JnSC1tT4CXwwK2vRT+Q6lrIn9nk0
+ZLTCu592CELpyvqLiasv3zO8gpmD+Am3Yo2RuCd2imkV6urg7iXd5w4cikNlxreZ
+LDidnbsUM3U+q5IcNufO28+KlDETOQALYHVhtT4FE6eSqCPeXm2NTuxG2ENbDz3U
+n24GduSFC+F2im2Aejtz2QtMVcgGK03cmTXJj86UVVPweEerZ/lS8LenX1jpZoju
+QGV/9/EDv5+DZWyP1oKjbQ7936/4gF4toobvASaPOsbB0WMvhi/Iaqpp0JNpymfB
+xcsmJoBC67EAYLijtpfa5qoeQwaNSLRlByb3+pI6FkE7Sh4W/l15lnyDXVJ+9z78
+CvxCU6+6zrpJqWQFMA55Izz1d2lRNRKvzWzxcRW4CXUOaRBniI4M1ZGZrkx09DLm
+9VX0JqAbiUbltuEY8ul9V/lOOyX5YkXNOxT6XTfX2NTglZr8n6/7b+v9leJr/HsS
+WwrT/iYObQIDAQABo3MwcTAdBgNVHQ4EFgQU0r57vD+mMmIztQqN/BvBHNvtk60w
+HwYDVR0jBBgwFoAU0r57vD+mMmIztQqN/BvBHNvtk60wDwYDVR0TAQH/BAUwAwEB
+/zAeBgNVHREEFzAVghNyZWdpc3RyeS5nYXJyaXR5LmNvMA0GCSqGSIb3DQEBCwUA
+A4ICAQAxLuEHrl5SQOdHqVUna51K6PzMkChqo2RttymIRE1o1eXnE2dvhMH7lg8b
+rr8e0hZkjLHo8E1kJiBXpf1NOHqCt8BHf0BAvXO8iOuJNgZvC6TPoSa7c7ASXWE+
+wuhJZO4jvnPRXnwSNXPnqqBAahMCD7KAClOxdySiS5TS+IPPUu4fZMowKMPeUg6z
+p70K1F3tT2AVLxlMJrwANX2nqWyRKo91pM+rOp7A+++NBlxHQ3gU7dMmDUpq7mjv
+HdNlox9tPup+/vhFivtdSii9y7pitz3UEk3gvRQ2pLdzJq0tfnkVEwqQf4TalxEO
+zedZqzEeWmeJ8500CQExROV/ezgYdKtPxHr5M5KsEHILjfDZdREvY7WaUqa7Jz7k
+cIcbD6RyzobL+Ha3hOR9tmd09d2EeCbCFF9Mz65JM0ZzPiS4xhJVEajgUSTkS+Xm
+NEzDUkpZ+3YyCmFvClXnEKT4m3YVSDR2DzGe4pzjL2d38j9xSR6PKTPelCyWWOgb
+GLrDvUfgd3O1jRPCGoWk6eVJjE0frHthqUUt8nZsqGuzvnfKw0pzxorcAqM1Nm31
+FwrAIzyD6kGMrVDTWL+IAcZhmCJqIYxp09V6fn5kX4agJtvA9WrLIVsXjaM2VHSK
+B2a8Xtk+g7MBT4OUOl6/c3H3URvXZxEKM2yi/9Mr6DmBo57HMA==
+-----END CERTIFICATE-----