Trixie

buluma · buluma · commit bda3961ee068 · 2025-12-01T02:28:40.000+03:00
diff --git a/.github/workflows/debian12.yml b/.github/workflows/debian12.yml
@@ -88,7 +88,7 @@ jobs:
           platforms: linux/amd64, linux/arm64, linux/386, linux/arm/v7, linux/arm64/v8
           push: ${{ github.event_name != 'pull_request' }}
           tags: |
-            ${{ github.repository }}:debian12, ${{ github.repository }}:bookworm, ${{ github.repository }}:debian_latest
+            ${{ github.repository }}:debian12, ${{ github.repository }}:bookworm
           labels: ${{ steps.meta.outputs.labels }}
 
       - name: Docker Scout
diff --git a/.github/workflows/debian13.yml b/.github/workflows/debian13.yml
@@ -0,0 +1,105 @@
+---
+name: deb-trixie
+
+on:
+  pull_request:
+  push:
+    paths:
+      - 'debian13/**'
+      - '.github/workflows/debian13.yml'
+  schedule:
+    - cron: '10 6,15 * * 1,6'
+  workflow_dispatch:
+
+permissions: write-all
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
+
+jobs:
+  # Test the image builds and works correctly.
+  test:
+    name: Test debian13
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-22.04]
+
+    steps:
+      - uses: actions/checkout@v4.1.1
+
+      - name: Test building image.
+        run: cd debian13 && docker build -t debian13 .
+
+      - name: Run the built image.
+        run: docker run --name test-container -d --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:rw debian13
+
+  # If on master branch, build and release image.
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    needs: test
+    if: github.ref == 'refs/heads/master'
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          # list of Docker images to use as base name for tags
+          images: |
+            ${{ github.repository }}:debian13
+          # generate Docker tags based on the following events/attributes
+          tags: |
+            type=schedule
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+      - uses: docker/setup-qemu-action@v3
+      - uses: docker/setup-buildx-action@v3
+
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to GHCR
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push image.
+        uses: docker/build-push-action@v5
+        with:
+          context: debian13/
+          sbom: true
+          provenance: mode=max
+          file: debian13/Dockerfile
+          platforms: linux/amd64, linux/arm64, linux/386, linux/arm/v7, linux/arm64/v8
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: |
+            ${{ github.repository }}:debian13, ${{ github.repository }}:trixie, ${{ github.repository }}:debian_latest
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Docker Scout
+        id: docker-scout
+        if: ${{ github.event_name == 'push' || github.event_name == 'pull_request' }}
+        uses: docker/scout-action@v1.6.3
+        with:
+          command: quickview,cves,recommendations,sbom,environment
+          image: ${{ steps.meta.outputs.tags }}
+          environment: prod
+          organization: shadownet
+          only-severities: critical,high,medium
+          exit-code: true
+          only-fixed: true
diff --git a/debian13/Dockerfile b/debian13/Dockerfile
@@ -0,0 +1,30 @@
+# syntax=docker/dockerfile:1
+FROM debian:trixie
+
+LABEL maintainer="buluma"
+LABEL build_date="2025-12-01"
+
+LABEL org.opencontainers.image.title="Docker Debian Trixie Systemd" \
+      org.opencontainers.image.description="Ubuntu Container for Ansible Tests." \
+      org.opencontainers.image.url="https://github.com/buluma/docker-molecule-images/" \
+      org.opencontainers.image.source="https://github.com/buluma/docker-molecule-images" \
+      org.opencontainers.image.licenses="Apache-2.0"
+
+ENV container docker
+ENV DEBIAN_FRONTEND noninteractive
+
+# Enable systemd.
+RUN apt-get update ; \
+    apt-get install -y sudo systemd systemd-sysv; \
+    apt-get clean ; \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* ; \
+    rm -rf /lib/systemd/system/multi-user.target.wants/* ; \
+    rm -rf /etc/systemd/system/*.wants/* ; \
+    rm -rf /lib/systemd/system/local-fs.target.wants/* ; \
+    rm -rf /lib/systemd/system/sockets.target.wants/*udev* ; \
+    rm -rf /lib/systemd/system/sockets.target.wants/*initctl* ; \
+    rm -rf /lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup* ; \
+    rm -rf /lib/systemd/system/systemd-update-utmp*
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/lib/systemd/systemd"]
