kernald/talosctl-image
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages 1 Wiki Activity Actions

Compare commits

base: kernald:10dbb5518e152e10991a55b617b0235a5e34bed2
Branches Tags
kernald:main
kernald:init
..
compare: kernald:04f100e18d9efc43052d4b30b4a3028ca6032c2c
Branches Tags
kernald:main
kernald:init

1 commit
10dbb5518e ... 04f100e18d

Author SHA1 Message Date
Marc Plano-Lesay
04f100e18d
Init
Some checks failed
Build talosctl+talhelper+sops image (push on main only) / build (push) Failing after 3m32s
Details
2025-11-24 16:11:32 +11:00
2 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Dockerfile
View file

@ -14,7 +14,7 @@ ARG TALOSCTL_VERSION=1.9.2
# renovate: datasource=github-releases depName=budimanjojo/talhelper versioning=semver # renovate: datasource=github-releases depName=budimanjojo/talhelper versioning=semver
ARG TALHELPER_VERSION=3.0.39 ARG TALHELPER_VERSION=3.0.39
# renovate: datasource=github-releases depName=getsops/sops versioning=semver # renovate: datasource=github-releases depName=getsops/sops versioning=semver
ARG SOPS_VERSION=3.9.1 ARG SOPS_VERSION=3.11.0
# renovate: datasource=docker depName=cgr.dev/chainguard/wolfi-base # renovate: datasource=docker depName=cgr.dev/chainguard/wolfi-base
FROM cgr.dev/chainguard/wolfi-base:latest AS downloader FROM cgr.dev/chainguard/wolfi-base:latest AS downloader
@ -83,7 +83,7 @@ RUN . /tmp/arches.env; \
if curl -fsSL -o /tmp/sops.sha256 "${SOPS_URL}.sha256"; then \ if curl -fsSL -o /tmp/sops.sha256 "${SOPS_URL}.sha256"; then \
SOPS_SHA=$(tr -d ' \n\r' < /tmp/sops.sha256); \ SOPS_SHA=$(tr -d ' \n\r' < /tmp/sops.sha256); \
else \ else \
curl -fsSL -o /tmp/sops_checksums.txt "https://github.com/getsops/sops/releases/download/v${SOPS_VERSION}/checksums.txt"; \ curl -fsSL -o /tmp/sops_checksums.txt "https://github.com/getsops/sops/releases/download/v${SOPS_VERSION}/sops-v${SOPS_VERSION}.checksums.txt"; \
SOPS_SHA=$(grep "$(basename ${SOPS_URL})" /tmp/sops_checksums.txt | awk '{print $1}' | tr -d ' \n\r'); \ SOPS_SHA=$(grep "$(basename ${SOPS_URL})" /tmp/sops_checksums.txt | awk '{print $1}' | tr -d ' \n\r'); \
fi; \ fi; \
echo "${SOPS_SHA} /tmp/sops" | sha256sum -c -; \ echo "${SOPS_SHA} /tmp/sops" | sha256sum -c -; \

6
README.md
View file

@ -6,7 +6,7 @@ An OCI image (Wolfi-based) containing:
- sops - sops
The image is built on Wolfi to keep size and surface area minimal, then built via Forgejo Actions. On pushes to `main` (or `master`), the image is pushed to your Forgejo container registry. On other branches, the workflow builds the image but does not push it (to validate PRs). The published tag encodes the versions of all three tools: The image is built on Wolfi to keep size and surface area minimal, then built via Forgejo Actions. On pushes to `main` (or `master`), the image is pushed to your Forgejo container registry. On other branches, the workflow builds the image but does not push it (to validate PRs). The published tag encodes the versions of all three tools:
- Tag format: `v<TALOSCTL>-<TALHELPER>-<SOPS>` (for example: `v1.9.2-3.0.39-3.9.1`), plus `latest`. - Tag format: `v<TALOSCTL>-<TALHELPER>-<SOPS>` (for example: `v1.9.2-3.0.39-3.11.0`), plus `latest`.
Contents are defined in `Dockerfile`. Versions are pinned via build `ARG`s so they can be updated automatically by Renovate. Contents are defined in `Dockerfile`. Versions are pinned via build `ARG`s so they can be updated automatically by Renovate.
Additionally, the build verifies SHA256 checksums for all downloaded binaries and includes their source URLs and checksums inside the image at `/usr/local/share/checksums/`. Additionally, the build verifies SHA256 checksums for all downloaded binaries and includes their source URLs and checksums inside the image at `/usr/local/share/checksums/`.
@ -39,13 +39,13 @@ To build locally (example versions):
docker build \ docker build \
--build-arg TALOSCTL_VERSION=1.9.2 \ --build-arg TALOSCTL_VERSION=1.9.2 \
--build-arg TALHELPER_VERSION=3.0.39 \ --build-arg TALHELPER_VERSION=3.0.39 \
--build-arg SOPS_VERSION=3.9.1 \ --build-arg SOPS_VERSION=3.11.0 \
-t talos-tools:dev . -t talos-tools:dev .
``` ```
Image usage Image usage
``` ```
docker run --rm -it your.registry/owner/talos-tools:v1.9.2-3.0.39-3.9.1 talosctl version --client docker run --rm -it your.registry/owner/talos-tools:v1.9.2-3.0.39-3.11.0 talosctl version --client
``` ```
Notes Notes