sandialabs
diff --git a/‎.github/workflows/image-build.yml‎
Lines changed: 34 additions & 101 deletions b/‎.github/workflows/image-build.yml‎
Lines changed: 34 additions & 101 deletions
diff --git a/‎.github/workflows/release-cleanup.yml‎
Lines changed: 5 additions & 2 deletions b/‎.github/workflows/release-cleanup.yml‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎Makefile‎
Lines changed: 81 additions & 0 deletions b/‎Makefile‎
Lines changed: 81 additions & 0 deletions
@@ -29,14 +29,16 @@ jobs:
             /opt/minimega/bin/miniccc
             /opt/minimega/bin/minirouter
 
-  # Job: Build the bennu image using the phenix image builder
-  build-bennu:
+  # Job: Build images using the phenix image builder
+  build-images:
+    strategy:
+      matrix:
+        build: [bookworm, kali, jammy, noble, bennu, docker-hello-world, ntp]
     needs: get-miniccc
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/sandialabs/sceptre-phenix/phenix:31ce034
+      image: ghcr.io/sandialabs/sceptre-phenix/phenix:main
       options: --privileged # needed for kernel device-mapper permissions
-
     steps:
       # Install oras CLI for pushing images to OCI registries
       - name: oras install
@@ -48,140 +50,71 @@ jobs:
         uses: actions/download-artifact@v4.1.8
         with:
           name: miniexes
-
-      # Add the miniccc binary to the overlay for image build
-      # The systemd service is already included in base scripts
+      # Add the miniccc binary to the filesystem for image build. This is used
+      # at the end of the image builds via `phenix image inject-miniexe ...`
       - name: add miniccc
         run: |
-          mkdir -p ./overlays/miniccc/opt/minimega/bin
-          cp ./miniccc ./overlays/miniccc/opt/minimega/bin
-          chmod +x ./overlays/miniccc/opt/minimega/bin/miniccc
-
-      # Build the bennu image using phenix
-      - name: bennu image build
-        run: |
-          phenix version
-          mkdir ./out
-          phenix image create -O ./overlays/bennu,./overlays/brash,./overlays/miniccc -T ./scripts/aptly,./scripts/bennu --format qcow2 --release jammy -c bennu --size 10G
-          phenix image build bennu -o ./out -x
-
-      # Optionally upload bennu.qc2 as artifact (currently commented out)
-      # - name: upload qc2
-      #   uses: actions/upload-artifact@v4
-      #   with:
-      #     name: bennu.qc2
-      #     path: ./out/bennu.qc2
-
+          mkdir /phenix/
+          cp ./miniccc /phenix/
+          chmod +x /phenix/miniccc
+      # Build the image using phenix
+      - name: ${{ matrix.build }} image build
+        run: make ${{ matrix.build }}
       # Publish the built image to GitHub Container Registry using oras
       - name: publish package with oras
         # Only push package if on the default branch (e.g., main)
         if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
         shell: bash
         run: |
-          cd ./out
           oras login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io
-          oras push "ghcr.io/${{ github.repository }}/bennu.qc2:${GITHUB_SHA:0:7}" bennu.qc2
+          oras push "ghcr.io/${{ github.repository }}/bennu.qc2:${GITHUB_SHA:0:7}" ${{ matrix.build }}.qc2
 
-  # Job: Build the ubuntu image using the phenix image builder
-  build-ubuntu:
-    needs: get-miniccc
-    runs-on: ubuntu-latest
-    container:
-      image: ghcr.io/sandialabs/sceptre-phenix/phenix:31ce034
-      options: --privileged # needed for kernel device-mapper permissions
-
-    steps:
-      # Install oras CLI
-      - name: oras install
-        uses: oras-project/setup-oras@v1
-      # Checkout repository code
-      - uses: actions/checkout@v4
-      # Download miniexes artifact
-      - name: get miniexes
-        uses: actions/download-artifact@v4.1.8
-        with:
-          name: miniexes
-
-      # Add the miniccc binary to the overlay for image build
-      - name: add miniccc
-        run: |
-          mkdir -p ./overlays/miniccc/opt/minimega/bin
-          cp ./miniccc ./overlays/miniccc/opt/minimega/bin
-          chmod +x ./overlays/miniccc/opt/minimega/bin/miniccc
-
-      # Build the ubuntu image using phenix
-      - name: ubuntu image build
-        run: |
-          phenix version
-          mkdir ./out
-          phenix image create -O ./overlays/miniccc -T ./scripts/ubuntu,./scripts/ubuntu-user --format qcow2 --release noble -c ubuntu --size 10G
-          phenix image build ubuntu -o ./out -x
-
-      # Optionally upload ubuntu.qc2 as artifact (currently commented out)
-      # - name: upload qc2
-      #   uses: actions/upload-artifact@v4
-      #   with:
-      #     name: ubuntu.qc2
-      #     path: ./out/ubuntu.qc2
-
-      # Publish the built image to GitHub Container Registry using oras
-      - name: publish package with oras
-        # Only push package if on the default branch (e.g., main)
-        if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch)      
-        shell: bash
-        run: |
-          cd ./out
-          oras login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io
-          oras push "ghcr.io/${{ github.repository }}/ubuntu.qc2:${GITHUB_SHA:0:7}" ubuntu.qc2
-
-  # Job: Tag and release images after successful builds
-  release:
+  # Job: Tag images after successful builds
+  tag-images:
+    strategy:
+      matrix:
+        build: [bookworm, kali, jammy, noble, bennu, docker-hello-world, ntp]
     # Only run on main branch for scheduled or manual workflow_dispatch events
     if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch) && (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch')
-    needs:
-      - build-bennu
-      - build-ubuntu
+    needs: build-images
     runs-on: ubuntu-latest
+    outputs:
+      date: ${{ steps.date.outputs.value }}
     steps:
       # Get current date for tagging
       - name: Get current date
         id: date
         run: echo "date=$(date +'%Y%m%d')" >> $GITHUB_OUTPUT
-      # Download built images from artifacts (if uploaded)
-      # Not needed with oras push, but kept for reference
-      # - name: get images from artifacts
-      #   uses: actions/download-artifact@v4.1.8
-      #   with:
-      #     pattern: "*.qc2"
-      #     path: ./images
-      #     merge-multiple: true
-
       # Install oras CLI
       - name: oras install
         uses: oras-project/setup-oras@v1
-
       # Tag images in the registry with 'latest' and date-based tags
       - name: tag images with date and latest
         run: |
           oras version
           oras login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io
-          oras tag ghcr.io/${{ github.repository }}/bennu.qc2:${GITHUB_SHA:0:7} latest ${{ steps.date.outputs.date }}
-          oras tag ghcr.io/${{ github.repository }}/ubuntu.qc2:${GITHUB_SHA:0:7} latest ${{ steps.date.outputs.date }}
+          oras tag ghcr.io/${{ github.repository }}/${{ matrix.build }}.qc2:${GITHUB_SHA:0:7} latest ${{ steps.date.outputs.date }}
 
+  # Job: Create release successful build
+  release:
+    # Only run on main branch for scheduled or manual workflow_dispatch events
+    if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch) && (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch')
+    needs: tag-images
+    runs-on: ubuntu-latest
+    steps:
       # Create a GitHub release with notes and usage instructions
       - name: create release
         uses: ncipollo/release-action@v1.15.0
         with:
-          name: release-${{ steps.date.outputs.date }}
+          name: release-${{ needs.tag-images.outputs.date }}
           body: |
             Images can be downloaded from the registry using the oras client: https://oras.land/docs/installation
             e.g.:
-            ```
+            ```bash
             oras pull ghcr.io/${{ github.repository }}/bennu.qc2:latest
             ```
             You can view the available image builds from the [Package List](https://github.com/orgs/${{ github.repository_owner }}/packages?repo_name=${{ github.event.repository.name }})
-
-          tag: release-${{ steps.date.outputs.date }}
+          tag: release-${{ needs.tag-images.outputs.date }}
           commit: main
           generateReleaseNotes: true
           makeLatest: true
@@ -18,6 +18,9 @@ jobs:
           keep_latest_days: 90
 
   cleanup-old-images:
+    strategy:
+      matrix:
+        build: [bookworm, kali, jammy, noble, bennu, docker-hello-world, ntp]
     name: Delete Untagged Images
     runs-on: ubuntu-latest
     permissions:
@@ -26,6 +29,6 @@ jobs:
       - uses: dataaxiom/ghcr-cleanup-action@v1
         with:
           older-than: 90 day
-          packages: sceptre-phenix-images/bennu.qc2,sceptre-phenix-images/ubuntu.qc2
+          packages: sceptre-phenix-images/${{ matrix.build }}.qc2
           keep-n-tagged: 5
-          exclude-tags: latest
+          exclude-tags: latest
@@ -0,0 +1,81 @@
+.PHONY: help check_clean bookworm kali jammy noble bennu docker-hello-world ntp clean
+
+.ONESHELL: # for heredoc and exit
+
+PHENIX=docker exec -t phenix phenix
+PHENIX_IMAGE_BUILD=$(PHENIX) image build -o /phenix/vmdb2 -c -x
+CHECK_IMAGE=if $(PHENIX) cfg list | grep Image | awk '{print $$6}' | grep "^$(@)$$" >/dev/null; then echo "\n\tphenix image already exists: '$(@)' - run 'phenix image delete $(@)' first\n"; exit; fi
+INJECT_MINICCC=if test -f $(@).qc2; then $(PHENIX) image inject-miniexe /phenix/miniccc /phenix/vmdb2/$(@).qc2; echo "----- Injected miniccc into $(@).qc2 -----"; fi
+COMPRESS=-c
+
+# Show this help
+help:
+	@cat $(MAKEFILE_LIST) | docker run --rm -i xanders/make-help
+
+check_clean:
+	@echo -n "Are you sure you want to delete [*.log *.qc2 *.tar *.vmdb]? [y/N] " && read ans && [ $${ans:-N} = y ]
+
+##
+## --------------------------------------- Vanilla image builds ---------------------------------------
+##
+
+# Build bookworm.qc2	-- Debian Bookworm, GUI
+bookworm:
+	@$(CHECK_IMAGE)
+	@$(PHENIX) image create -r bookworm -v mingui $(COMPRESS) $(@)
+	@$(PHENIX_IMAGE_BUILD) $(@)
+	@$(INJECT_MINICCC)
+
+# Build kali.qc2		-- Kali, GUI
+kali:
+	@$(CHECK_IMAGE)
+	@$(PHENIX) image create -P kali-tools-top10 -r kali-rolling -v mingui $(COMPRESS) $(@)
+	@$(PHENIX_IMAGE_BUILD) $(@)
+	@$(INJECT_MINICCC)
+
+# Build jammy.qc2		-- Ubuntu Jammy, GUI
+jammy:
+	@$(CHECK_IMAGE)
+	@$(PHENIX) image create -v mingui $(COMPRESS) $(@)
+	@$(PHENIX_IMAGE_BUILD) $(@)
+	@$(INJECT_MINICCC)
+
+# Build noble.qc2		-- Ubuntu Noble, GUI
+noble:
+	@$(CHECK_IMAGE)
+	@$(PHENIX) image create -r noble -v mingui $(COMPRESS) $(@)
+	@$(PHENIX_IMAGE_BUILD) $(@)
+	@$(INJECT_MINICCC)
+
+##
+## ------------------------------------- Experiment image builds --------------------------------------
+##
+
+# Build bennu.qc2				-- Ubuntu Jammy, bennu, brash
+bennu:
+	@$(CHECK_IMAGE)
+	@$(PHENIX) image create -O /phenix/vmdb2/overlays/bennu,/phenix/vmdb2/overlays/brash -T /phenix/vmdb2/scripts/atomic/aptly.sh,/phenix/vmdb2/scripts/bennu $(COMPRESS) $(@)
+	@$(PHENIX_IMAGE_BUILD) $(@)
+	@$(INJECT_MINICCC)
+
+# Build docker-hello-world.qc2	-- Ubuntu Jammy, Docker hello-world
+docker-hello-world:
+	@$(CHECK_IMAGE)
+	@$(PHENIX) image create -T /phenix/vmdb2/scripts/atomic/docker.sh $(COMPRESS) $(@)
+	@$(PHENIX_IMAGE_BUILD) $(@)
+
+# Build ntp.qc2					-- Ubuntu Jammy, ntpd
+ntp:
+	@$(CHECK_IMAGE)
+	@$(PHENIX) image create -P ntp $(COMPRESS) $(@)
+	@$(PHENIX_IMAGE_BUILD) $(@)
+	@$(INJECT_MINICCC)
+
+##
+## ------------------------------------------ Administration ------------------------------------------
+##
+
+# Delete files [*.log *.qc2 *.tar *.vmdb]
+clean: check_clean
+	@echo "Deleting *.log *.qc2 *.tar *.vmdb..."
+	rm -f *.log *.qc2 *.tar *.vmdb