fivestars-os · jarojasm95 · Feb 12, 2025 · Feb 12, 2025 · Feb 12, 2025 · Feb 12, 2025
diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml
@@ -2,27 +2,42 @@
 # At this time it only ensures the docker image is buildable
 # In the future it could run linting, tests, etc
 name: Pull Request
+
 on:
   pull_request:
     branches:
       - main
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
 jobs:
   build:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
     steps:
 
       - name: Check Out Repo
         uses: actions/checkout@v2
 
       # QEMU is needed to support multi-platform builds
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: linux/amd64, linux/arm64
 
-      - name: Build
-        uses: docker/build-push-action@v2
+      - uses: werf/actions/install@v2
         with:
-          push: false  # don't push to Dockerhub for all PRs
-          platforms: linux/amd64,linux/arm64  # ensure builds succeed for both platforms
+          version: v2.26.6
+
+      - name: werf build
+        run: |
+          . $(werf ci-env github --as-file)
+
+          werf cr login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ${{ env.REGISTRY }}
+
+          werf build
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -1,54 +1,80 @@
 # This workflow is setup to build and publish aladdin to Dockerhub
 name: Push to Docker Hub
+
 on:
   push:
     branches:
       - 'main'
     tags:
       - '*.*.*'
       - '*.*.*.*'
-jobs:
 
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
   build:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
     steps:
 
       - name: Check Out Repo
         uses: actions/checkout@v2
 
       # QEMU is needed to support multi-platform builds
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: linux/amd64, linux/arm64
+
+      - uses: werf/actions/install@v2
+        with:
+          version: v2.26.6
 
       # this will select the right tags depending on the Github event
-      # master branch will build the "latest" and "master" Dockerhub tags
+      # master branch will build the "latest" and "main" Dockerhub tags
       # git tags will build the Dockerhub tag matching the git tag
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v5
         with:
-          images: fivestarsos/aladdin
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           tags: |
             type=ref,event=branch
             type=ref,event=tag
 
-      - name: Login to Docker Hub
-        uses: docker/login-action@v1
+      - uses: actions/github-script@v7
+        id: werf-args
         with:
-          # these creds are setup in the repository secrets
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+          result-encoding: string
+          script: |
+            const tags = '${{ steps.meta.outputs.tags }}'.split(',')
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+            return tags.map((tag) => `--tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag}`)
 
-      - name: Build and push
-        id: docker_build
-        uses: docker/build-push-action@v2
-        with:
-          push: true  # push to Dockerhub
-          platforms: linux/amd64,linux/arm64
-          tags: ${{ steps.meta.outputs.tags }}
+      - name: werf publish
+        run: |
+          . $(werf ci-env github --as-file)
 
-      - name: Image digest
-        run: echo ${{ steps.docker_build.outputs.digest }}
+          werf cr login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ${{ env.REGISTRY }}
+
+          werf export --repo ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} ${{ steps.werf-args.outputs.result }}
+
+  cleanup:
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Fetch all history for all tags and branches
+        run: git fetch --prune --unshallow
+
+      - name: Cleanup
+        uses: werf/actions/cleanup@v2
+        with:
+          version: v2.26.6
diff --git a/.jira b/.jira
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.10.6-bullseye as build
+FROM python:3.10.16-bookworm as build
 
 WORKDIR /root/aladdin
 
@@ -25,7 +25,7 @@ ARG VIRTUAL_ENV=/root/.venv
 COPY pyproject.toml poetry.lock ./
 RUN poetry install --no-root --only main
 
-FROM python:3.10.6-slim-bullseye
+FROM python:3.10.16-slim-bookworm
 
 # Remove the default $PS1 manipulation
 RUN rm /etc/bash.bashrc
@@ -66,18 +66,13 @@ RUN curl -L \
         -o /usr/local/bin/aws-iam-authenticator && \
     chmod 755 /usr/local/bin/aws-iam-authenticator
 
-ARG DOCKER_VERSION=20.10.22
-RUN curl -fsSL https://get.docker.com -o /tmp/get-docker.sh && \
-    VERSION=$DOCKER_VERSION sh /tmp/get-docker.sh
+ARG DOCKER_VERSION=27.3.1
+RUN curl -fsSL https://get.docker.com | bash -s -- --version ${DOCKER_VERSION}
 
-ARG DOCKER_COMPOSE_VERSION=1.29.2
-RUN curl -L "https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose && \
+ARG DOCKER_COMPOSE_2_VERSION=v2.32.4
+RUN curl -L "https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_2_VERSION/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose && \
     chmod 755 /usr/local/bin/docker-compose
 
-ARG DOCKER_COMPOSE_2_VERSION=v2.14.2
-RUN curl -L "https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_2_VERSION/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose-2 && \
-    chmod 755 /usr/local/bin/docker-compose-2
-
 ARG GITHUB_CLI_VERSION=2.57.0
 RUN curl -Ls "https://github.com/cli/cli/releases/download/v$GITHUB_CLI_VERSION/gh_${GITHUB_CLI_VERSION}_linux_$(dpkg --print-architecture).tar.gz" -o github_cli.tar.gz && \
     tar -xzf github_cli.tar.gz && \

diff --git a/aladdin/config.py b/aladdin/config.py
@@ -8,7 +8,7 @@
 
 
 PROJECT_ROOT = pathlib.Path(__file__).parent.parent
-ALADDIN_DOCKER_REPO = "fivestarsos/aladdin"
+ALADDIN_DOCKER_REPO = "ghcr.io/fivestars-os/aladdin/aladdin"
 
 
 emitted_warnings = set()

diff --git a/config-example/config.json b/config-example/config.json
@@ -1,6 +1,6 @@
 {
     "aladdin": {
-      "repo": "fivestarsos/aladdin"
+      "repo": "ghcr.io/fivestars-os/aladdin/aladdin"
     },
     "git": {
         "account": "fivestars-os"

diff --git a/docs/create_aladdin_configuration.md b/docs/create_aladdin_configuration.md
@@ -31,7 +31,7 @@ The config.json file in the root of your config directory will contain non clust
 ```
 {
     "aladdin": {
-      "repo": "fivestarsos/aladdin"
+      "repo": "ghcr.io/fivestars-os/aladdin/aladdin"
     },
     "git": {
         "account": "fivestars-os"

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "aladdin"
-version = "1.29.8.11"
+version = "1.29.8.12"
 description = ""
 authors = ["Fivestars <dev@fivestars.com>"]
 include = [

diff --git a/werf.yaml b/werf.yaml
@@ -0,0 +1,10 @@
+project: aladdin
+configVersion: 1
+build:
+  platform:
+    - linux/arm64
+    - linux/amd64
+---
+image: aladdin
+context: .
+dockerfile: Dockerfile