From 25ca0f8ea384c81f706903705d02282a713c6e41 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Fri, 23 Jan 2026 11:03:11 -0500 Subject: [PATCH 01/19] refactor: use bindep for dynamic package resolution Replace shell conditionals with bindep to dynamically resolve packages based on the target platform. This provides a cleaner and more maintainable approach for handling different OS versions. Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- .github/workflows/build.yml | 6 ++++++ Dockerfile | 18 ++++++++++-------- bindep.txt | 8 ++++++++ 3 files changed, 24 insertions(+), 8 deletions(-) create mode 100644 bindep.txt diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ac8fb67..b310cea 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,4 +20,10 @@ jobs: - uses: vexxhost/docker-atmosphere/.github/actions/build-image@main with: image-name: python-base + build-args: FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 + push: ${{ github.event_name != 'pull_request' }} + - uses: vexxhost/docker-atmosphere/.github/actions/build-image@main + with: + image-name: debian-python-base + build-args: FROM=debian:trixie push: ${{ github.event_name != 'pull_request' }} diff --git a/Dockerfile b/Dockerfile index 0ec9301..f9915ed 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,18 @@ # SPDX-FileCopyrightText: © 2025 VEXXHOST, Inc. # SPDX-License-Identifier: GPL-3.0-or-later -FROM ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 +ARG FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 + +FROM ${FROM} AS bindep +COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /usr/local/bin +COPY bindep.txt /bindep.txt +RUN uvx bindep -b -f /bindep.txt -l newline > /packages.txt + +FROM ${FROM} ENV PATH=/var/lib/openstack/bin:$PATH +COPY --from=bindep /packages.txt /packages.txt RUN \ apt-get update -qq && \ - apt-get install -qq -y --no-install-recommends \ - ca-certificates \ - libpython3.12 \ - lsb-release \ - libpcre3 \ - python3-setuptools \ - sudo && \ + apt-get install -qq -y --no-install-recommends $(cat /packages.txt) && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* diff --git a/bindep.txt b/bindep.txt new file mode 100644 index 0000000..5ad5b7b --- /dev/null +++ b/bindep.txt @@ -0,0 +1,8 @@ +ca-certificates +libpython3.12 [platform:dpkg !platform:debian-trixie] +libpython3.13 [platform:dpkg] +lsb-release +libpcre3 [platform:dpkg !platform:debian-trixie] +libpcre2-8-0 [platform:dpkg] +python3-setuptools +sudo From c32596b845136ba2f253e317783d82d907825970 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Fri, 23 Jan 2026 14:15:05 -0500 Subject: [PATCH 02/19] fix: use explicit platform selectors in bindep.txt Signed-off-by: Mohammed Naser --- bindep.txt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/bindep.txt b/bindep.txt index 5ad5b7b..14f3014 100644 --- a/bindep.txt +++ b/bindep.txt @@ -1,8 +1,9 @@ ca-certificates -libpython3.12 [platform:dpkg !platform:debian-trixie] -libpython3.13 [platform:dpkg] +libpcre2-8-0 [platform:debian] +libpcre3 [platform:ubuntu] +libpython3.10 [platform:ubuntu-jammy] +libpython3.12 [platform:ubuntu-noble] +libpython3.13 [platform:debian-trixie platform:debian-sid] lsb-release -libpcre3 [platform:dpkg !platform:debian-trixie] -libpcre2-8-0 [platform:dpkg] python3-setuptools sudo From 630f3e9cdbcf0ef8b71347927f4bdb20e1d53674 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Fri, 23 Jan 2026 14:21:54 -0500 Subject: [PATCH 03/19] refactor: simplify bindep.txt for single distro version per branch Signed-off-by: Mohammed Naser --- bindep.txt | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/bindep.txt b/bindep.txt index 14f3014..bb2d8b8 100644 --- a/bindep.txt +++ b/bindep.txt @@ -1,9 +1,8 @@ ca-certificates libpcre2-8-0 [platform:debian] libpcre3 [platform:ubuntu] -libpython3.10 [platform:ubuntu-jammy] -libpython3.12 [platform:ubuntu-noble] -libpython3.13 [platform:debian-trixie platform:debian-sid] +libpython3.12 [platform:ubuntu] +libpython3.13 [platform:debian] lsb-release python3-setuptools sudo From f7f18c6763f29e5244c3ce588a22dd0df0e59622 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Fri, 23 Jan 2026 14:39:38 -0500 Subject: [PATCH 04/19] feat: add install_packages script for distro-agnostic package installation Signed-off-by: Mohammed Naser --- Dockerfile | 7 ++----- install-packages | 24 ++++++++++++++++++++++++ 2 files changed, 26 insertions(+), 5 deletions(-) create mode 100755 install-packages diff --git a/Dockerfile b/Dockerfile index f9915ed..9285fc2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,9 +10,6 @@ RUN uvx bindep -b -f /bindep.txt -l newline > /packages.txt FROM ${FROM} ENV PATH=/var/lib/openstack/bin:$PATH +COPY install-packages /usr/local/bin/install-packages COPY --from=bindep /packages.txt /packages.txt -RUN \ - apt-get update -qq && \ - apt-get install -qq -y --no-install-recommends $(cat /packages.txt) && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* +RUN install-packages $(cat /packages.txt) diff --git a/install-packages b/install-packages new file mode 100755 index 0000000..d3c287e --- /dev/null +++ b/install-packages @@ -0,0 +1,24 @@ +#!/bin/sh +# SPDX-FileCopyrightText: © 2025 VEXXHOST, Inc. +# SPDX-License-Identifier: GPL-3.0-or-later + +set -e + +if command -v apt-get >/dev/null; then + export DEBIAN_FRONTEND=noninteractive + apt-get update -qq + apt-get install -y --no-install-recommends "$@" + apt-get clean + rm -rf /var/lib/apt/lists/* +elif command -v dnf >/dev/null; then + dnf install -y --setopt=install_weak_deps=False "$@" + dnf clean all +elif command -v yum >/dev/null; then + yum install -y "$@" + yum clean all +elif command -v apk >/dev/null; then + apk add --no-cache "$@" +elif command -v zypper >/dev/null; then + zypper install -y --no-recommends "$@" + zypper clean -a +fi From 42220363ebbbe75cb0da32f1866b4cce7e7f6bb9 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:18:19 -0500 Subject: [PATCH 05/19] ci: use matrix strategy for parallel image builds Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- .github/workflows/build.yml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b310cea..d9a4910 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,6 +11,14 @@ on: jobs: image: runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + - image-name: python-base + from: ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 + - image-name: debian-python-base + from: debian:trixie permissions: contents: read id-token: write @@ -19,11 +27,6 @@ jobs: steps: - uses: vexxhost/docker-atmosphere/.github/actions/build-image@main with: - image-name: python-base - build-args: FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 - push: ${{ github.event_name != 'pull_request' }} - - uses: vexxhost/docker-atmosphere/.github/actions/build-image@main - with: - image-name: debian-python-base - build-args: FROM=debian:trixie + image-name: ${{ matrix.image-name }} + build-args: FROM=${{ matrix.from }} push: ${{ github.event_name != 'pull_request' }} From 25288ba4e047bdef49338dd61f152ff6e1bafaf7 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:30:43 -0500 Subject: [PATCH 06/19] ci: add job name for cleaner matrix labels Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d9a4910..cb93068 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,6 +10,7 @@ on: jobs: image: + name: ${{ matrix.image-name }} runs-on: ubuntu-latest strategy: fail-fast: false From 5eaa828f3a7bb76eea3e52c3e368c77c9c848402 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:33:25 -0500 Subject: [PATCH 07/19] ci: use generic OS names for branch protection rules Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- .github/workflows/build.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index cb93068..00b431d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,15 +10,17 @@ on: jobs: image: - name: ${{ matrix.image-name }} + name: ${{ matrix.name }} runs-on: ubuntu-latest strategy: fail-fast: false matrix: include: - - image-name: python-base + - name: ubuntu + image-name: python-base from: ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 - - image-name: debian-python-base + - name: debian + image-name: debian-python-base from: debian:trixie permissions: contents: read From 5af40f4921640d5364b599c2ed9a77ed7d2bed3a Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:36:31 -0500 Subject: [PATCH 08/19] ci: expand matrix to support multiple OS bases Add support for: - ubuntu (24.04) - ubuntu-cloud-archive - debian (trixie) - rockylinux (9) - almalinux (9) Update bindep.txt with RHEL-family package names. Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- .github/workflows/build.yml | 9 +++++++++ bindep.txt | 5 ++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 00b431d..2d763ec 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,11 +17,20 @@ jobs: matrix: include: - name: ubuntu + image-name: ubuntu-python-base + from: ubuntu:24.04 + - name: ubuntu-cloud-archive image-name: python-base from: ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 - name: debian image-name: debian-python-base from: debian:trixie + - name: rockylinux + image-name: rockylinux-python-base + from: rockylinux:9 + - name: almalinux + image-name: almalinux-python-base + from: almalinux:9 permissions: contents: read id-token: write diff --git a/bindep.txt b/bindep.txt index bb2d8b8..bbd91c2 100644 --- a/bindep.txt +++ b/bindep.txt @@ -3,6 +3,9 @@ libpcre2-8-0 [platform:debian] libpcre3 [platform:ubuntu] libpython3.12 [platform:ubuntu] libpython3.13 [platform:debian] -lsb-release +pcre2 [platform:redhat] +python3-libs [platform:redhat] +lsb-release [platform:dpkg] +redhat-lsb-core [platform:redhat] python3-setuptools sudo From ad8a586633022ca6eaa05ecf5609ae2a6aee47b6 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:37:45 -0500 Subject: [PATCH 09/19] fix: remove redhat-lsb-core (not available on EL9) Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- bindep.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/bindep.txt b/bindep.txt index bbd91c2..d6e598c 100644 --- a/bindep.txt +++ b/bindep.txt @@ -6,6 +6,5 @@ libpython3.13 [platform:debian] pcre2 [platform:redhat] python3-libs [platform:redhat] lsb-release [platform:dpkg] -redhat-lsb-core [platform:redhat] python3-setuptools sudo From b128314059025a6569d759294b29a2d9c4d5b435 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:44:50 -0500 Subject: [PATCH 10/19] ci: standardize image naming to python-base- pattern - python-base-ubuntu - python-base-ubuntu-cloud-archive - python-base (legacy, same as ubuntu-cloud-archive) - python-base-debian - python-base-rockylinux - python-base-almalinux Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- .github/workflows/build.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2d763ec..5f75759 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,19 +17,22 @@ jobs: matrix: include: - name: ubuntu - image-name: ubuntu-python-base + image-name: python-base-ubuntu from: ubuntu:24.04 - name: ubuntu-cloud-archive + image-name: python-base-ubuntu-cloud-archive + from: ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 + - name: ubuntu-cloud-archive-legacy image-name: python-base from: ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 - name: debian - image-name: debian-python-base + image-name: python-base-debian from: debian:trixie - name: rockylinux - image-name: rockylinux-python-base + image-name: python-base-rockylinux from: rockylinux:9 - name: almalinux - image-name: almalinux-python-base + image-name: python-base-almalinux from: almalinux:9 permissions: contents: read From 5a1bd736243d4f34ce872e99615eb924af4df5d8 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:48:08 -0500 Subject: [PATCH 11/19] refactor: use BuildKit mount for packages.txt Avoids leaving packages.txt in the final image layer. Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9285fc2..c369f2a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,5 +11,5 @@ RUN uvx bindep -b -f /bindep.txt -l newline > /packages.txt FROM ${FROM} ENV PATH=/var/lib/openstack/bin:$PATH COPY install-packages /usr/local/bin/install-packages -COPY --from=bindep /packages.txt /packages.txt -RUN install-packages $(cat /packages.txt) +RUN --mount=type=bind,from=bindep,source=/packages.txt,target=/packages.txt \ + install-packages $(cat /packages.txt) From 3272c7ec739cf50509864e5572f740ea4fd2debe Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:49:21 -0500 Subject: [PATCH 12/19] refactor: use BuildKit mount for uvx binary Mount uvx directly from uv image instead of copying it. Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index c369f2a..d1ea69e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,9 +4,9 @@ ARG FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 FROM ${FROM} AS bindep -COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /usr/local/bin COPY bindep.txt /bindep.txt -RUN uvx bindep -b -f /bindep.txt -l newline > /packages.txt +RUN --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uvx,target=/uvx \ + /uvx bindep -b -f /bindep.txt -l newline > /packages.txt FROM ${FROM} ENV PATH=/var/lib/openstack/bin:$PATH From f1d812f8bdfc4ba95d081557a018c50249511dc0 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:50:04 -0500 Subject: [PATCH 13/19] fix: mount both uv and uvx binaries uvx requires uv to function. Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d1ea69e..58c830f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,8 @@ ARG FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8 FROM ${FROM} AS bindep COPY bindep.txt /bindep.txt -RUN --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uvx,target=/uvx \ +RUN --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uv,target=/uv \ + --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uvx,target=/uvx \ /uvx bindep -b -f /bindep.txt -l newline > /packages.txt FROM ${FROM} From ee0bef0a92540603ca8a5078afa9f62435c247ad Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:51:08 -0500 Subject: [PATCH 14/19] refactor: mount bindep.txt from build context No from= parameter means it mounts from context. Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 58c830f..ccacdc9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,8 +4,8 @@ ARG FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 FROM ${FROM} AS bindep -COPY bindep.txt /bindep.txt -RUN --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uv,target=/uv \ +RUN --mount=type=bind,source=bindep.txt,target=/bindep.txt \ + --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uv,target=/uv \ --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uvx,target=/uvx \ /uvx bindep -b -f /bindep.txt -l newline > /packages.txt From c6a31a882a6229a5cef671e7c2ff33c521d8f03f Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:52:33 -0500 Subject: [PATCH 15/19] refactor: simplify to single stage with inline bindep Eliminates the separate bindep stage by running bindep inline in the install-packages command. Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- Dockerfile | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index ccacdc9..23d0155 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,14 +3,10 @@ ARG FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 -FROM ${FROM} AS bindep -RUN --mount=type=bind,source=bindep.txt,target=/bindep.txt \ - --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uv,target=/uv \ - --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uvx,target=/uvx \ - /uvx bindep -b -f /bindep.txt -l newline > /packages.txt - FROM ${FROM} ENV PATH=/var/lib/openstack/bin:$PATH COPY install-packages /usr/local/bin/install-packages -RUN --mount=type=bind,from=bindep,source=/packages.txt,target=/packages.txt \ - install-packages $(cat /packages.txt) +RUN --mount=type=bind,source=bindep.txt,target=/bindep.txt \ + --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uv,target=/uv \ + --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uvx,target=/uvx \ + install-packages $(/uvx bindep -b -f /bindep.txt) From 0be32ebe6591972e37a34e7bf919a1c72e73d2ad Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 10:53:55 -0500 Subject: [PATCH 16/19] refactor: mount all build tools, nothing left in final image - Mount install-packages from context - Mount uv/uvx to /usr/local/bin (in PATH) - Final image only contains installed packages Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 23d0155..d0cec8e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,8 +5,8 @@ ARG FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8 FROM ${FROM} ENV PATH=/var/lib/openstack/bin:$PATH -COPY install-packages /usr/local/bin/install-packages RUN --mount=type=bind,source=bindep.txt,target=/bindep.txt \ - --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uv,target=/uv \ - --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uvx,target=/uvx \ - install-packages $(/uvx bindep -b -f /bindep.txt) + --mount=type=bind,source=install-packages,target=/usr/local/bin/install-packages \ + --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uv,target=/usr/local/bin/uv \ + --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uvx,target=/usr/local/bin/uvx \ + install-packages $(uvx bindep -b -f /bindep.txt) From eda5421953cf9b3de969460e8fdaee4a075b8300 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 11:15:38 -0500 Subject: [PATCH 17/19] refactor: use centralized build-utils image - Remove local install-packages script - Mount from ghcr.io/vexxhost/build-utils:latest - Use install-bindep-packages for simpler invocation Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- Dockerfile | 6 ++---- install-packages | 24 ------------------------ 2 files changed, 2 insertions(+), 28 deletions(-) delete mode 100755 install-packages diff --git a/Dockerfile b/Dockerfile index d0cec8e..328f6ce 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,5 @@ ARG FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8 FROM ${FROM} ENV PATH=/var/lib/openstack/bin:$PATH RUN --mount=type=bind,source=bindep.txt,target=/bindep.txt \ - --mount=type=bind,source=install-packages,target=/usr/local/bin/install-packages \ - --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uv,target=/usr/local/bin/uv \ - --mount=type=bind,from=ghcr.io/astral-sh/uv:latest,source=/uvx,target=/usr/local/bin/uvx \ - install-packages $(uvx bindep -b -f /bindep.txt) + --mount=type=bind,from=ghcr.io/vexxhost/build-utils:latest,source=/bin,target=/buildtools \ + /buildtools/install-bindep-packages diff --git a/install-packages b/install-packages deleted file mode 100755 index d3c287e..0000000 --- a/install-packages +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# SPDX-FileCopyrightText: © 2025 VEXXHOST, Inc. -# SPDX-License-Identifier: GPL-3.0-or-later - -set -e - -if command -v apt-get >/dev/null; then - export DEBIAN_FRONTEND=noninteractive - apt-get update -qq - apt-get install -y --no-install-recommends "$@" - apt-get clean - rm -rf /var/lib/apt/lists/* -elif command -v dnf >/dev/null; then - dnf install -y --setopt=install_weak_deps=False "$@" - dnf clean all -elif command -v yum >/dev/null; then - yum install -y "$@" - yum clean all -elif command -v apk >/dev/null; then - apk add --no-cache "$@" -elif command -v zypper >/dev/null; then - zypper install -y --no-recommends "$@" - zypper clean -a -fi From 04f32734050b6863a7fa2ecb5bbc1218acc2f259 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 11:16:12 -0500 Subject: [PATCH 18/19] chore: mount build-utils at /build Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 328f6ce..e9eed96 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,5 +6,5 @@ ARG FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8 FROM ${FROM} ENV PATH=/var/lib/openstack/bin:$PATH RUN --mount=type=bind,source=bindep.txt,target=/bindep.txt \ - --mount=type=bind,from=ghcr.io/vexxhost/build-utils:latest,source=/bin,target=/buildtools \ - /buildtools/install-bindep-packages + --mount=type=bind,from=ghcr.io/vexxhost/build-utils:latest,source=/bin,target=/build \ + /build/install-bindep-packages From 3fac097f16e5047731f03ecb4c08b174195b55ad Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Sun, 25 Jan 2026 11:17:46 -0500 Subject: [PATCH 19/19] refactor: remove default FROM arg, require it via build-args Co-Authored-By: Claude Signed-off-by: Mohammed Naser --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index e9eed96..a6926af 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # SPDX-FileCopyrightText: © 2025 VEXXHOST, Inc. # SPDX-License-Identifier: GPL-3.0-or-later -ARG FROM=ghcr.io/vexxhost/ubuntu-cloud-archive:main@sha256:de1f31c2017c1928ec9c8f5f22c00cc4779a4f303b1ca647072fcd12b5184d90 +ARG FROM FROM ${FROM} ENV PATH=/var/lib/openstack/bin:$PATH