Sorry for the delay getting back to you, I’ve been heads-down on a project and let my inbox get out of control.
So we’re building an open source Kubernetes distribution over at GitHub - nforgeio/neonKUBE: Projects for neonFORGE, LLC. and to improve cluster setup reliability and speed, we’re prebuilding the Kubernetes node VM images to include everything required including the Kubernetes and other binaries as well all of the required container images (over 90 containers required now). This means that user cluster nodes won’t need to pull container images during cluster creation, possibly being impacted by source registry throttling (i.e. by DockerHub) or network issues.
We need to build two sets of container images during this process that land in two different GitHub package registries. The first are essentially copies of other opensource container images which we call base images and the second are tweaked copies of the base images we call setup images which are what we preload on the VM images.
We have GitHub workflows to manage this that we’d like to go something like:
- Remove all of the base container images from the base image registry
- Rebuild and publish all of the base images (e.g. to Packages · neonkube-base-dev · GitHub)
- Make all of the base images public
- Build the setup container images from the base images and publish (e.g. to Packages · neonkube-dev · GitHub)
- Make all of the setup container images public
- Build our VM images from the setup images
We want to be able to delete all of the base images first because it’s too easy to leave a reference to an old base container image in our scripts and deleting all of the old base container images will at result in a not found error in the build workflows so we’ll know there’s a problem.
We need to be able to automate changing the visibility to public for both the base and setup images since they’ll are initially private after they are first pushed to GHCR.
For other projects, we’d like our GitHub workflows to be able to automatically publish new public container images without having to go back and manually make them public via the portal.