[wip] cleanup local dev ux

.github/workflows/build.yml

@@ -14,11 +14,14 @@ on:
   workflow_dispatch:
 
 env:
+  IMAGE_NAME: "main"
   IMAGE_DESC: "CentOS Stream-based images"
   IMAGE_REGISTRY: "ghcr.io/${{ github.repository_owner }}"
+  DEFAULT_TAG: "latest"
+  CENTOS_VERSION: "stream10"
 
 concurrency:
-  group: ${{ github.workflow }}-${{ github.ref || github.run_id }}-${{ inputs.brand_name}}-${{ inputs.stream_name }}
+  group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
   cancel-in-progress: true
 
 jobs:
@@ -36,68 +39,60 @@ jobs:
       - name: Checkout Push to Registry action
         uses: actions/checkout@v4
 
-      - name: Install Just
-        shell: bash
-        run: |
-          set -eoux pipefail
-          JUST_VERSION=$(curl -L https://api.github.com/repos/casey/just/releases/latest | jq -r '.tag_name')
-          curl -sSLO https://github.com/casey/just/releases/download/${JUST_VERSION}/just-${JUST_VERSION}-x86_64-unknown-linux-musl.tar.gz
-          tar -zxvf just-${JUST_VERSION}-x86_64-unknown-linux-musl.tar.gz -C /tmp just
-          sudo mv /tmp/just /usr/local/bin/just
-          rm -f just-${JUST_VERSION}-x86_64-unknown-linux-musl.tar.gz
+      - name: Setup Just
+        uses: extractions/setup-just@v2
 
       - name: Check Just Syntax
         shell: bash
         run: |
           just check
 
-      - name: Image Name
-        shell: bash
-        run: |
-          IMAGE_NAME="$(just image_name)"
-          echo "IMAGE_NAME=${IMAGE_NAME}" >> $GITHUB_ENV
-
-      - name: Default Tag
-        shell: bash
-        run: |
-          DEFAULT_TAG="$(just generate-default-tag)"
-          echo "Default Tag: ${DEFAULT_TAG}"
-          echo "DEFAULT_TAG=${DEFAULT_TAG}" >> $GITHUB_ENV
-
       - name: Maximize build space
         uses: ublue-os/remove-unwanted-software@v7
         with:
           remove-codeql: true
 
-      - name: Build Image
-        id: build-image
-        shell: bash
-        run: |
-          just build
-
       - name: Generate tags
         id: generate-tags
         shell: bash
         run: |
-          alias_tags="$(just generate-build-tags \
-                     "latest" \
-                     "1" \
-                     "$(podman inspect ${{ env.IMAGE_NAME }}:${{ env.DEFAULT_TAG }} | jq -r '.[].Config.Labels["org.opencontainers.image.version"]')" \
-                     "${{ github.event_name }}" \
-                     "${{ github.event.number }}")"
-
-          echo "Tags for this Action..."
-          echo "$alias_tags"
-          echo "alias_tags=${alias_tags}" >> $GITHUB_OUTPUT
-
-      # Tag Images
-      - name: Tag Images
-        shell: bash
-        run: |
-          set -eoux pipefail
-          just tag-images "${{ env.IMAGE_NAME }}" \
-                          "${{ env.DEFAULT_TAG }}" \
-                          "${{ steps.generate-tags.outputs.alias_tags }}"
+          # Generate a timestamp for creating an image version history
+          TIMESTAMP="$(date +%Y%m%d)"
+          COMMIT_TAGS=()
+          BUILD_TAGS=()
+
+          # Have tags for tracking builds during pull request
+          SHA_SHORT="${GITHUB_SHA::7}"
+          COMMIT_TAGS+=("pr-${{ github.event.number }}")
+          COMMIT_TAGS+=("${SHA_SHORT}")
+
+          # Append matching timestamp tags to keep a version history
+          for TAG in "${BUILD_TAGS[@]}"; do
+              BUILD_TAGS+=("${TAG}-${TIMESTAMP}")
+          done
+
+          BUILD_TAGS+=("${TIMESTAMP}")
+          BUILD_TAGS+=("${DEFAULT_TAG}")
+          BUILD_TAGS+=("${CENTOS_VERSION}")
+          BUILD_TAGS+=("${CENTOS_VERSION}.${TIMESTAMP}")
+
+          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+              echo "Generated the following commit tags: "
+              for TAG in "${COMMIT_TAGS[@]}"; do
+                  echo "${TAG}"
+              done
+
+              alias_tags=("${COMMIT_TAGS[@]}")
+          else
+              alias_tags=("${BUILD_TAGS[@]}")
+          fi
+
+          echo "Generated the following build tags: "
+          for TAG in "${BUILD_TAGS[@]}"; do
+              echo "${TAG}"
+          done
+
+          echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT
 
       # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR.
       # https://github.com/macbre/push-to-ghcr/issues/12
@@ -107,6 +102,13 @@ jobs:
         with:
           string: ${{ env.IMAGE_REGISTRY }}
 
+      - name: Build Image
+        id: build-image
+        shell: bash
+        run: |
+          IMAGE_FULL="${{ steps.registry_case.outputs.lowercase }}/${IMAGE_NAME}"
+          just build "${IMAGE_FULL}" "${DEFAULT_TAG}"
+
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
@@ -124,11 +126,12 @@ jobs:
           command: |
             set -euox pipefail
 
+            IMAGE_FULL="${{ steps.registry_case.outputs.lowercase }}/${IMAGE_NAME}"
             for tag in ${{ steps.generate-tags.outputs.alias_tags }}; do
-              podman push ${{ env.IMAGE_NAME }}:${tag} ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}:${tag}
+              podman push "${IMAGE_FULL}:${DEFAULT_TAG}" "${IMAGE_FULL}:${tag}"
             done
 
-            digest=$(skopeo inspect docker://${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}:${{ env.DEFAULT_TAG }} --format '{{.Digest}}')
+            digest=$(skopeo inspect "docker://${IMAGE_FULL}:${DEFAULT_TAG}" --format '{{.Digest}}')
 
             echo "digest=${digest}" >> $GITHUB_OUTPUT
 
@@ -139,7 +142,8 @@ jobs:
       - name: Sign container image
         if: github.event_name != 'pull_request'
         run: |
-          cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS}
+          IMAGE_FULL="${{ steps.registry_case.outputs.lowercase }}/${IMAGE_NAME}"
+          cosign sign -y --key env://COSIGN_PRIVATE_KEY ${IMAGE_FULL}@${TAGS}
         env:
           TAGS: ${{ steps.push.outputs.outputs && fromJSON(steps.push.outputs.outputs).digest }}
           COSIGN_EXPERIMENTAL: false

Justfile

@@ -1,6 +1,7 @@
-export repo_organization := "centos-workstation"
-export image_name := "main"
-export centos_version := "stream10"
+export repo_organization := env("GITHUB_REPOSITORY_OWNER", "centos-workstation")
+export image_name := env("IMAGE_NAME", "main")
+export centos_version := env("CENTOS_VERSION", "stream10")
+export default_tag := env("DEFAULT_TAG", "latest")
 
 [private]
 default:
@@ -63,7 +64,7 @@ sudoif command *args:
     }
     sudoif {{ command }} {{ args }}
 
-build $centos_version="stream10" $tag="latest":
+build $target_image=image_name $tag=default_tag:
     #!/usr/bin/env bash
 
     # Get Version
@@ -88,10 +89,10 @@ build $centos_version="stream10" $tag="latest":
     podman build \
         "${BUILD_ARGS[@]}" \
         "${LABELS[@]}" \
-        --tag "${image_name}:${tag}" \
+        --tag "${target_image}:${tag}" \
         .
 
-build-vm $target_image=("localhost/" + image_name) $tag="latest" $type="qcow2":
+build-vm $target_image=("localhost/" + image_name) $tag=default_tag $type="qcow2":
     #!/usr/bin/env bash
     set -euo pipefail
 
@@ -143,84 +144,3 @@ run-vm:
     --graphics vnc
 
     virsh start centos-workstation-main
-
-[private]
-centos_version:
-    echo "{{ centos_version }}"
-
-[private]
-image_name:
-    echo "{{ image_name }}"
-
-# Generate Default Tag
-[group('Utility')]
-generate-default-tag tag="latest":
-    #!/usr/bin/bash
-    set -eou pipefail
-
-    echo "{{ tag }}"
-
-# Generate Tags
-[group('Utility')]
-generate-build-tags tag="latest" ghcr="0" $version="" github_event="" github_number="":
-    #!/usr/bin/bash
-    set -eoux pipefail
-
-    TODAY="$(date +%A)"
-    if [[ {{ ghcr }} == "0" ]]; then
-        rm -f /tmp/manifest.json
-    fi
-    CENTOS_VERSION="{{ centos_version }}"
-    DEFAULT_TAG=$(just generate-default-tag {{ tag }})
-    IMAGE_NAME={{ image_name }}
-    # Use Build Version from Rechunk
-    if [[ -z "${version:-}" ]]; then
-        version="{{ tag }}-${CENTOS_VERSION}.$(date +%Y%m%d)"
-    fi
-    version=${version#{{ tag }}-}
-
-    # Arrays for Tags
-    BUILD_TAGS=()
-    COMMIT_TAGS=()
-
-    BUILD_TAGS+=($(date +%Y%m%d))
-
-    # Commit Tags
-    github_number="{{ github_number }}"
-    SHA_SHORT="$(git rev-parse --short HEAD)"
-    if [[ "{{ ghcr }}" == "1" ]]; then
-        COMMIT_TAGS+=(pr-${github_number:-}-{{ tag }}-${version})
-        COMMIT_TAGS+=(${SHA_SHORT}-{{ tag }}-${version})
-    fi
-
-    # Convenience Tags
-    BUILD_TAGS+=("{{ tag }}")
-
-    # Weekly Stable / Rebuild Stable on workflow_dispatch
-    github_event="{{ github_event }}"
-    BUILD_TAGS+=("${CENTOS_VERSION}" "${version}")
-
-    if [[ "${github_event}" == "pull_request" ]]; then
-        alias_tags=("${COMMIT_TAGS[@]}")
-    else
-        alias_tags=("${BUILD_TAGS[@]}")
-    fi
-
-    echo "${alias_tags[*]}"
-
-[group('Utility')]
-tag-images image_name="" default_tag="" tags="":
-    #!/usr/bin/bash
-    set -eou pipefail
-
-    # Get Image, and untag
-    IMAGE=$(podman inspect localhost/{{ image_name }}:{{ default_tag }} | jq -r .[].Id)
-    podman untag localhost/{{ image_name }}:{{ default_tag }}
-
-    # Tag Image
-    for tag in {{ tags }}; do
-        podman tag $IMAGE {{ image_name }}:${tag}
-    done
-
-    # Show Images
-    podman images