From 8bb1ee89c2ba18d596d266e8b1aaed7a8f1183e2 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Wed, 29 Oct 2025 08:39:14 +0000 Subject: [PATCH 01/18] feat: add renovate --- .github/renovate.json5 | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/renovate.json5 diff --git a/.github/renovate.json5 b/.github/renovate.json5 new file mode 100644 index 0000000..c34b9a1 --- /dev/null +++ b/.github/renovate.json5 @@ -0,0 +1,24 @@ +{ + $schema: 'https://docs.renovatebot.com/renovate-schema.json', + extends: [ + 'config:best-practices', + 'security:openssf-scorecard', + ':semanticCommits', + ':pinVersions', + ], + configMigration: true, + dockerfile: { + managerFilePatterns: ['/Earthfile/'], + }, + customManagers: [ + { + customType: 'regex', + description: 'Update _version ARGs and ENVs in Earthfile', + managerFilePatterns: ['/^Earthfile$/'], + matchStrings: [ + '#\\s*renovate:\\s*datasource=(?[a-z-]+?)(?:\\s+depName=(?.+?))?\\s+packageName=(?.+?)(?:\\s+versioning=(?[a-z-]+?))?\\s+(?:ENV|ARG)\\s+.+?(_VERSION|_VER|_version)=(?.+?)\\s', + ], + }, + ], + labels: ['renovate'], +} From ce3be2163687379584feaba8d6f2185970204e8d Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Wed, 29 Oct 2025 09:01:45 +0000 Subject: [PATCH 02/18] feat: make ci work --- .github/CODEOWNERS | 2 -- .github/workflows/ci.yml | 46 ++++++++++++++++----------------------- CONTRIBUTING.md | 10 --------- utils/git/tests/Earthfile | 10 ++++----- 4 files changed, 24 insertions(+), 44 deletions(-) delete mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS deleted file mode 100644 index e2d3d45..0000000 --- a/.github/CODEOWNERS +++ /dev/null @@ -1,2 +0,0 @@ -# PRs require approval from the earthly core team -* @earthly/core diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 785fb7f..86d18ff 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,54 +9,46 @@ on: concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true - + jobs: test: name: +test - runs-on: [earthly-satellite#gha-lib] # https://docs.earthly.dev/earthly-cloud/satellites/gha-runners + runs-on: ubuntu-latest env: FORCE_COLOR: 1 EARTHLY_CONVERSION_PARALLELISM: "5" EARTHLY_TOKEN: "${{ secrets.EARTHLY_TOKEN }}" EARTHLY_INSTALL_ID: "earthly-lib-githubactions" steps: - - uses: actions/checkout@v2 - - name: Docker mirror login (non fork only) - run: docker login registry-1.docker.io.mirror.corp.earthly.dev --username "${{ secrets.DOCKERHUB_MIRROR_USERNAME }}" --password "${{ secrets.DOCKERHUB_MIRROR_PASSWORD }}" - if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository - - name: Configure Earthly to use mirror (non fork only) - run: |- - earthly config global.buildkit_additional_config "'[registry.\"docker.io\"] - mirrors = [\"registry-1.docker.io.mirror.corp.earthly.dev\"]'" - if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 + - uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Run tests run: |- - earthly config git "{github.com: {auth: ssh, user: git}}" && \ - eval $(ssh-agent) && \ - earthly secrets --org earthly-technologies --project core get littleredcorvette-id_rsa | ssh-add - && \ + # earthly config git "{github.com: {auth: ssh, user: git}}" && \ + # eval $(ssh-agent) && \ + # earthly secrets --org earthly-technologies --project core get littleredcorvette-id_rsa | ssh-add - && \ earthly --ci -P +test test-native-arm: name: +test-native-arm - runs-on: [earthly-satellite#gha-arm-lib] # https://docs.earthly.dev/earthly-cloud/satellites/gha-runners + runs-on: ubuntu-latest-arm env: FORCE_COLOR: 1 EARTHLY_CONVERSION_PARALLELISM: "5" EARTHLY_TOKEN: "${{ secrets.EARTHLY_TOKEN }}" EARTHLY_INSTALL_ID: "earthly-lib-githubactions" steps: - - uses: actions/checkout@v2 - - name: Docker mirror login (non fork only) - run: docker login registry-1.docker.io.mirror.corp.earthly.dev --username "${{ secrets.DOCKERHUB_MIRROR_USERNAME }}" --password "${{ secrets.DOCKERHUB_MIRROR_PASSWORD }}" - if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository - - name: Configure Earthly to use mirror (non fork only) - run: |- - earthly config global.buildkit_additional_config "'[registry.\"docker.io\"] - mirrors = [\"registry-1.docker.io.mirror.corp.earthly.dev\"]'" - if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 + - uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Run tests run: |- - earthly config git "{github.com: {auth: ssh, user: git}}" && \ - eval $(ssh-agent) && \ - earthly secrets --org earthly-technologies --project core get littleredcorvette-id_rsa | ssh-add - && \ + # earthly config git "{github.com: {auth: ssh, user: git}}" && \ + # eval $(ssh-agent) && \ + # earthly secrets --org earthly-technologies --project core get littleredcorvette-id_rsa | ssh-add - && \ earthly --ci -P ./utils/dind+test diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a83ba7d..2c1d7ac 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -3,13 +3,3 @@ ## Code of Conduct Please refer to the [CNCF Community Code of Conduct v1.0](https://github.com/cncf/foundation/blob/main/code-of-conduct.md) - -## CLA - -### Individual - -All contributions must indicate agreement to the [Earthly Contributor License Agreement](https://gist.github.com/vladaionescu/ed990fa149a38a53ac74b64155bc6766) by logging into GitHub via the CLA assistant and signing the provided CLA. The CLA assistant will automatically notify the PRs that require CLA signing. - -### Entity - -If you are an entity, please use the [Earthly Contributor License Agreement form](https://earthly.dev/cla-form) in addition to requiring your individual contributors to sign all contributions. diff --git a/utils/git/tests/Earthfile b/utils/git/tests/Earthfile index 0280ce7..1ca98bc 100644 --- a/utils/git/tests/Earthfile +++ b/utils/git/tests/Earthfile @@ -11,11 +11,11 @@ all: --base_image=ubuntu:latest \ --base_image=amazonlinux:1 \ --base_image=amazonlinux:2 \ - --GIT_URL=https://github.com/earthly/hello-world.git \ - --GIT_URL=git@github.com:earthly/hello-world.git \ - --GIT_URL=git@github.com:earthly/hello-world \ - --SECRET_PATH="" \ - --SECRET_PATH="littleredcorvette-id_rsa" \ + --GIT_URL=https://github.com/EarthBuild/hello-world.git \ + --GIT_URL=git@github.com:EarthBuild/hello-world.git \ + --GIT_URL=git@github.com:EarthBuild/hello-world \ + # --SECRET_PATH="" \ + # --SECRET_PATH="littleredcorvette-id_rsa" \ --DEST_DIR="" \ --DEST_DIR="some-other-dir" From 7fc3534ce5db646741fe326dd902e29e3672ed90 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Wed, 29 Oct 2025 09:09:47 +0000 Subject: [PATCH 03/18] fix: install earthly --- .github/workflows/ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 86d18ff..a6237b2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,6 +25,9 @@ jobs: with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - uses: earthly/actions-setup@bda7cee4972033c6d6b77d77165e787f389f8752 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} - name: Run tests run: |- # earthly config git "{github.com: {auth: ssh, user: git}}" && \ @@ -46,6 +49,9 @@ jobs: with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - uses: earthly/actions-setup@bda7cee4972033c6d6b77d77165e787f389f8752 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} - name: Run tests run: |- # earthly config git "{github.com: {auth: ssh, user: git}}" && \ From 9522ff699fc8a2c695ec185e164f1779fd1e61b4 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Thu, 30 Oct 2025 08:43:27 +0000 Subject: [PATCH 04/18] fix: point to a real machine type --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a6237b2..abdfe55 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -37,7 +37,7 @@ jobs: test-native-arm: name: +test-native-arm - runs-on: ubuntu-latest-arm + runs-on: ubuntu-24.04-arm env: FORCE_COLOR: 1 EARTHLY_CONVERSION_PARALLELISM: "5" From 6ebe55372dea2f452712b6f28813c6739b338043 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Thu, 30 Oct 2025 09:09:20 +0000 Subject: [PATCH 05/18] feat: less layers --- utils/git/tests/Earthfile | 2 -- utils/ssh/Earthfile | 5 +++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/utils/git/tests/Earthfile b/utils/git/tests/Earthfile index 1ca98bc..2633de3 100644 --- a/utils/git/tests/Earthfile +++ b/utils/git/tests/Earthfile @@ -1,7 +1,5 @@ VERSION --arg-scope-and-set --pass-args 0.7 -PROJECT earthly-technologies/core - all: BUILD --platform=linux/amd64 --platform=linux/arm64 +test-deep-clone-image \ --base_image=alpine/git:latest \ diff --git a/utils/ssh/Earthfile b/utils/ssh/Earthfile index 0485e57..d50a38e 100644 --- a/utils/ssh/Earthfile +++ b/utils/ssh/Earthfile @@ -6,8 +6,9 @@ ADD_KNOWN_HOSTS: ARG target_file=~/.ssh/known_hosts LET expanded_target_file="$(eval echo $target_file)" COPY +known-hosts/known_hosts /tmp/. - RUN mkdir -p $(dirname $expanded_target_file) && cat /tmp/known_hosts >> $expanded_target_file - RUN rm /tmp/known_hosts + RUN mkdir -p $(dirname $expanded_target_file) \ + && cat /tmp/known_hosts >> $expanded_target_file \ + && rm /tmp/known_hosts # known-hosts is used to copy the known_hosts file into the build context (internal use) known-hosts: From b6642f61174b88346d2db0fdb07e6f34cd3393e5 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Mon, 3 Nov 2025 07:37:02 +0000 Subject: [PATCH 06/18] fix: use ssh + upgrade crypto --- .github/workflows/ci.yml | 32 ++++++++++++++++++++++---------- utils/git/Earthfile | 2 +- utils/git/tests/Earthfile | 4 ++-- 3 files changed, 25 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index abdfe55..a81b68a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,11 +29,17 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} - name: Run tests - run: |- - # earthly config git "{github.com: {auth: ssh, user: git}}" && \ - # eval $(ssh-agent) && \ - # earthly secrets --org earthly-technologies --project core get littleredcorvette-id_rsa | ssh-add - && \ - earthly --ci -P +test + run: | + earthly config git "{github.com: {auth: ssh, user: git}}" + eval $(ssh-agent) + mkdir -p ~/.ssh + chmod 700 ~/.ssh + cat > ~/.ssh/id_ed25519 <<'EOF' + ${{ secrets.EARTHBUILDCI_GITHUB_USER_SSH_PRIVATE_KEY }} + EOF + chmod 600 ~/.ssh/id_ed25519 + ssh-add ~/.ssh/id_ed25519 + earthly --ci -P --secret-file earthbuildci_id_ed25519=~/.ssh/id_ed25519 +test test-native-arm: name: +test-native-arm @@ -53,8 +59,14 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} - name: Run tests - run: |- - # earthly config git "{github.com: {auth: ssh, user: git}}" && \ - # eval $(ssh-agent) && \ - # earthly secrets --org earthly-technologies --project core get littleredcorvette-id_rsa | ssh-add - && \ - earthly --ci -P ./utils/dind+test + run: | + earthly config git "{github.com: {auth: ssh, user: git}}" + eval $(ssh-agent) + mkdir -p ~/.ssh + chmod 700 ~/.ssh + cat > ~/.ssh/id_ed25519 <<'EOF' + ${{ secrets.EARTHBUILDCI_GITHUB_USER_SSH_PRIVATE_KEY }} + EOF + chmod 600 ~/.ssh/id_ed25519 + ssh-add ~/.ssh/id_ed25519 + earthly --ci -P --secret-file earthbuildci_id_ed25519=~/.ssh/id_ed25519 ./utils/dind+test diff --git a/utils/git/Earthfile b/utils/git/Earthfile index 88c022e..71bca29 100644 --- a/utils/git/Earthfile +++ b/utils/git/Earthfile @@ -22,7 +22,7 @@ DEEP_CLONE: IF [ -z $SECRET_PATH ] RUN --ssh git fetch --unshallow ELSE - RUN --mount=type=secret,id=$SECRET_PATH,mode=0400,target=/root/.ssh/id_rsa \ + RUN --mount=type=secret,id=$SECRET_PATH,mode=0400,target=/root/.ssh/id_ed25519 \ git fetch --unshallow END diff --git a/utils/git/tests/Earthfile b/utils/git/tests/Earthfile index 2633de3..01b4b87 100644 --- a/utils/git/tests/Earthfile +++ b/utils/git/tests/Earthfile @@ -12,8 +12,8 @@ all: --GIT_URL=https://github.com/EarthBuild/hello-world.git \ --GIT_URL=git@github.com:EarthBuild/hello-world.git \ --GIT_URL=git@github.com:EarthBuild/hello-world \ - # --SECRET_PATH="" \ - # --SECRET_PATH="littleredcorvette-id_rsa" \ + --SECRET_PATH="" \ + --SECRET_PATH="earthbuildci_id_ed25519" \ --DEST_DIR="" \ --DEST_DIR="some-other-dir" From 6b7291c7f8cac56d439a665e9cc8769f03c46ea4 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Mon, 3 Nov 2025 07:45:16 +0000 Subject: [PATCH 07/18] fix: use ssh + upgrade crypto --- .github/workflows/ci.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a81b68a..17a63fb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,9 +34,7 @@ jobs: eval $(ssh-agent) mkdir -p ~/.ssh chmod 700 ~/.ssh - cat > ~/.ssh/id_ed25519 <<'EOF' - ${{ secrets.EARTHBUILDCI_GITHUB_USER_SSH_PRIVATE_KEY }} - EOF + printf '%s\n' "${{ secrets.EARTHBUILDCI_GITHUB_USER_SSH_PRIVATE_KEY }}" | tr -d '\r' > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-add ~/.ssh/id_ed25519 earthly --ci -P --secret-file earthbuildci_id_ed25519=~/.ssh/id_ed25519 +test @@ -64,9 +62,10 @@ jobs: eval $(ssh-agent) mkdir -p ~/.ssh chmod 700 ~/.ssh - cat > ~/.ssh/id_ed25519 <<'EOF' - ${{ secrets.EARTHBUILDCI_GITHUB_USER_SSH_PRIVATE_KEY }} - EOF + printf '%s\n' "${{ secrets.EARTHBUILDCI_GITHUB_USER_SSH_PRIVATE_KEY }}" | tr -d '\r' > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-add ~/.ssh/id_ed25519 + ssh-keyscan -t rsa,ecdsa,ed25519 -H github.com >> ~/.ssh/known_hosts + ssh-keyscan -p 443 -t rsa,ecdsa,ed25519 -H ssh.github.com >> ~/.ssh/known_hosts + chmod 644 ~/.ssh/known_hosts earthly --ci -P --secret-file earthbuildci_id_ed25519=~/.ssh/id_ed25519 ./utils/dind+test From 75eb7fedc660e57c46f7d24f290f52ad1bbde94b Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Mon, 3 Nov 2025 08:20:59 +0000 Subject: [PATCH 08/18] fix: amazonlinux:1 emulator crashes on arm mac --- utils/dind/tests/Earthfile | 2 +- utils/git/tests/Earthfile | 2 +- utils/ssh/tests/Earthfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/utils/dind/tests/Earthfile b/utils/dind/tests/Earthfile index a207ce7..9d40211 100644 --- a/utils/dind/tests/Earthfile +++ b/utils/dind/tests/Earthfile @@ -8,7 +8,7 @@ all: --base_image=debian:stable-slim \ --base_image=debian:oldstable \ --base_image=ubuntu:latest \ - --base_image=amazonlinux:1 \ + # --base_image=amazonlinux:1 \ --base_image=amazonlinux:2 \ --base_image=earthly/dind:alpine \ --base_image=earthly/dind:ubuntu diff --git a/utils/git/tests/Earthfile b/utils/git/tests/Earthfile index 01b4b87..a8598c6 100644 --- a/utils/git/tests/Earthfile +++ b/utils/git/tests/Earthfile @@ -7,7 +7,7 @@ all: --base_image=debian:stable \ --base_image=debian:stable-slim \ --base_image=ubuntu:latest \ - --base_image=amazonlinux:1 \ + # --base_image=amazonlinux:1 \ --base_image=amazonlinux:2 \ --GIT_URL=https://github.com/EarthBuild/hello-world.git \ --GIT_URL=git@github.com:EarthBuild/hello-world.git \ diff --git a/utils/ssh/tests/Earthfile b/utils/ssh/tests/Earthfile index 58d6241..3ee6094 100644 --- a/utils/ssh/tests/Earthfile +++ b/utils/ssh/tests/Earthfile @@ -6,7 +6,7 @@ all: --base_image=debian:stable \ --base_image=debian:stable-slim \ --base_image=ubuntu:latest \ - --base_image=amazonlinux:1 \ + # --base_image=amazonlinux:1 \ --base_image=amazonlinux:2 \ --target_file=~/to_interpolate/known_hosts \ --target_file=no_dir_new_known_hosts \ From bcce1db2b12d144b14bbfede55f872ac5fa68d48 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Mon, 3 Nov 2025 08:24:25 +0000 Subject: [PATCH 09/18] fix: temp pause alpine --- utils/ssh/tests/Earthfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/ssh/tests/Earthfile b/utils/ssh/tests/Earthfile index 3ee6094..1ee983c 100644 --- a/utils/ssh/tests/Earthfile +++ b/utils/ssh/tests/Earthfile @@ -2,7 +2,7 @@ VERSION --pass-args --arg-scope-and-set 0.7 all: BUILD --platform=linux/amd64 --platform=linux/arm64 +test-add-known-hosts-image \ - --base_image=alpine:latest \ + # --base_image=alpine:latest \ --base_image=debian:stable \ --base_image=debian:stable-slim \ --base_image=ubuntu:latest \ From c90e611c5cad1280b4e208fc06d96750a86be0bb Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Mon, 3 Nov 2025 08:28:14 +0000 Subject: [PATCH 10/18] fix: reduce emulation --- utils/ssh/tests/Earthfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/utils/ssh/tests/Earthfile b/utils/ssh/tests/Earthfile index 1ee983c..c63bd64 100644 --- a/utils/ssh/tests/Earthfile +++ b/utils/ssh/tests/Earthfile @@ -1,8 +1,9 @@ VERSION --pass-args --arg-scope-and-set 0.7 + # --platform=linux/amd64 --platform=linux/arm64 all: - BUILD --platform=linux/amd64 --platform=linux/arm64 +test-add-known-hosts-image \ - # --base_image=alpine:latest \ + BUILD +test-add-known-hosts-image \ + --base_image=alpine:latest \ --base_image=debian:stable \ --base_image=debian:stable-slim \ --base_image=ubuntu:latest \ From 529af1dce189a68e63ad0513883ad9f69fc7adc4 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Mon, 3 Nov 2025 08:30:24 +0000 Subject: [PATCH 11/18] fix: reduce emulation --- utils/git/tests/Earthfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/utils/git/tests/Earthfile b/utils/git/tests/Earthfile index a8598c6..02a59cb 100644 --- a/utils/git/tests/Earthfile +++ b/utils/git/tests/Earthfile @@ -1,7 +1,8 @@ VERSION --arg-scope-and-set --pass-args 0.7 +# --platform=linux/amd64 --platform=linux/arm64 all: - BUILD --platform=linux/amd64 --platform=linux/arm64 +test-deep-clone-image \ + BUILD +test-deep-clone-image \ --base_image=alpine/git:latest \ --base_image=alpine:latest \ --base_image=debian:stable \ From adba4b8ca302592c746885237aac17a45101859b Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Mon, 3 Nov 2025 08:35:33 +0000 Subject: [PATCH 12/18] fix: turn on all arm tests --- .github/workflows/ci.yml | 2 +- utils/git/tests/Earthfile | 1 - utils/ssh/tests/Earthfile | 1 - 3 files changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 17a63fb..3998214 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -68,4 +68,4 @@ jobs: ssh-keyscan -t rsa,ecdsa,ed25519 -H github.com >> ~/.ssh/known_hosts ssh-keyscan -p 443 -t rsa,ecdsa,ed25519 -H ssh.github.com >> ~/.ssh/known_hosts chmod 644 ~/.ssh/known_hosts - earthly --ci -P --secret-file earthbuildci_id_ed25519=~/.ssh/id_ed25519 ./utils/dind+test + earthly --ci -P --secret-file earthbuildci_id_ed25519=~/.ssh/id_ed25519 +test diff --git a/utils/git/tests/Earthfile b/utils/git/tests/Earthfile index 02a59cb..a44b645 100644 --- a/utils/git/tests/Earthfile +++ b/utils/git/tests/Earthfile @@ -1,6 +1,5 @@ VERSION --arg-scope-and-set --pass-args 0.7 -# --platform=linux/amd64 --platform=linux/arm64 all: BUILD +test-deep-clone-image \ --base_image=alpine/git:latest \ diff --git a/utils/ssh/tests/Earthfile b/utils/ssh/tests/Earthfile index c63bd64..51f144d 100644 --- a/utils/ssh/tests/Earthfile +++ b/utils/ssh/tests/Earthfile @@ -1,6 +1,5 @@ VERSION --pass-args --arg-scope-and-set 0.7 - # --platform=linux/amd64 --platform=linux/arm64 all: BUILD +test-add-known-hosts-image \ --base_image=alpine:latest \ From 9aad9b65344d534696da7ccc75077a80c06ede75 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Mon, 3 Nov 2025 08:49:57 +0000 Subject: [PATCH 13/18] fix: add amazonlinux:1 back in now emulation off --- utils/dind/tests/Earthfile | 2 +- utils/git/tests/Earthfile | 2 +- utils/ssh/tests/Earthfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/utils/dind/tests/Earthfile b/utils/dind/tests/Earthfile index 9d40211..a207ce7 100644 --- a/utils/dind/tests/Earthfile +++ b/utils/dind/tests/Earthfile @@ -8,7 +8,7 @@ all: --base_image=debian:stable-slim \ --base_image=debian:oldstable \ --base_image=ubuntu:latest \ - # --base_image=amazonlinux:1 \ + --base_image=amazonlinux:1 \ --base_image=amazonlinux:2 \ --base_image=earthly/dind:alpine \ --base_image=earthly/dind:ubuntu diff --git a/utils/git/tests/Earthfile b/utils/git/tests/Earthfile index a44b645..6a2c1b6 100644 --- a/utils/git/tests/Earthfile +++ b/utils/git/tests/Earthfile @@ -7,7 +7,7 @@ all: --base_image=debian:stable \ --base_image=debian:stable-slim \ --base_image=ubuntu:latest \ - # --base_image=amazonlinux:1 \ + --base_image=amazonlinux:1 \ --base_image=amazonlinux:2 \ --GIT_URL=https://github.com/EarthBuild/hello-world.git \ --GIT_URL=git@github.com:EarthBuild/hello-world.git \ diff --git a/utils/ssh/tests/Earthfile b/utils/ssh/tests/Earthfile index 51f144d..6fd717e 100644 --- a/utils/ssh/tests/Earthfile +++ b/utils/ssh/tests/Earthfile @@ -6,7 +6,7 @@ all: --base_image=debian:stable \ --base_image=debian:stable-slim \ --base_image=ubuntu:latest \ - # --base_image=amazonlinux:1 \ + --base_image=amazonlinux:1 \ --base_image=amazonlinux:2 \ --target_file=~/to_interpolate/known_hosts \ --target_file=no_dir_new_known_hosts \ From e2d355d0e31041d5551154c2548a1587d163cbb7 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Tue, 4 Nov 2025 08:42:46 +0000 Subject: [PATCH 14/18] fix: add back CODEOWNERS --- CODEOWNERS | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 CODEOWNERS diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000..bea3553 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,2 @@ +# PRs require approval from the EarthBuild core team +* @EarthBuild/fork-admins From d5c08d33ce69512639a9445f1e7af73c06bca9c8 Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Tue, 4 Nov 2025 08:44:09 +0000 Subject: [PATCH 15/18] fix: mv CODEOWNERS to under .github --- CODEOWNERS => .github/CODEOWNERS | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename CODEOWNERS => .github/CODEOWNERS (100%) diff --git a/CODEOWNERS b/.github/CODEOWNERS similarity index 100% rename from CODEOWNERS rename to .github/CODEOWNERS From 133d43e505bf1a06c454f46eac156e10a69fa4db Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Tue, 4 Nov 2025 08:52:53 +0000 Subject: [PATCH 16/18] fix: pin ubuntu runner version --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3998214..19cc363 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,7 +13,7 @@ concurrency: jobs: test: name: +test - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 env: FORCE_COLOR: 1 EARTHLY_CONVERSION_PARALLELISM: "5" From 1c5ddcb1ccd892c46c59c30b5feda076045e6ddc Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Tue, 4 Nov 2025 09:05:39 +0000 Subject: [PATCH 17/18] fix: allow build to get further if fork. Will still fail further down. --- .github/workflows/ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 19cc363..63bbca5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,6 +22,8 @@ jobs: steps: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 - uses: docker/login-action@v3 + # if fork no secret access, so skip and take chances on rate limiting. + if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -50,6 +52,8 @@ jobs: steps: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 - uses: docker/login-action@v3 + # if fork no secret access, so skip and take chances on rate limiting. + if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} From 4e81e36d7aa9d053b350b76af95569ebe1c0a76a Mon Sep 17 00:00:00 2001 From: Giles Cope Date: Tue, 25 Nov 2025 08:29:55 +0000 Subject: [PATCH 18/18] fix: wasn't interpreting var correctly --- utils/dind/tests/Earthfile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/utils/dind/tests/Earthfile b/utils/dind/tests/Earthfile index a207ce7..45f2a92 100644 --- a/utils/dind/tests/Earthfile +++ b/utils/dind/tests/Earthfile @@ -1,9 +1,12 @@ -VERSION 0.7 +VERSION 0.8 all: + # renovate: datasource=docker packageName=alpine + LET alpine_version=3.22.2 + BUILD +test-install-dind-for-image \ --base_image=docker:dind \ - --base_image=alpine:latest \ + --base_image=alpine:${alpine_version} \ --base_image=debian:stable \ --base_image=debian:stable-slim \ --base_image=debian:oldstable \