Remove support for dockerfile-based builds

.github/ISSUE_TEMPLATE/--onboarding.yaml

@@ -44,17 +44,6 @@ body:
     validations:
       required: true
 
-  - type: dropdown
-    id: type
-    attributes:
-      label: Image type
-      description: Is this a ROCK or a Dockerfile-based image?
-      options:
-        - ROCK
-        - Docker image
-    validations:
-      required: true
-
   - type: checkboxes
     id: terms
     attributes:
@@ -67,7 +56,7 @@ body:
             I understand and acknowledge the [CONTRIBUTING](https://github.com/canonical/oci-factory/blob/main/CONTRIBUTING.md) guidelines and [Image Maintainer Agreement](https://github.com/canonical/oci-factory/blob/main/IMAGE_MAINTAINER_AGREEMENT.md)
           required: true
         - label: |
-            This image is either a ROCK or a Docker image which already exists in the 'ubuntu' namespace
+            This image is a rock which already exists in the 'ubuntu' namespace
           required: false
         - label: |
             I agree to be the image's Maintainer and thus own it and be responsible for it, thus committing to maintaining it throughout its lifetime

.github/workflows/Image.yaml

@@ -149,65 +149,24 @@ jobs:
       - name: Validate image naming and base
         working-directory: ${{ matrix.directory }}
         run: |
-          if [ -z ${{ matrix.dockerfile-build }} ]
+          rock_name=`cat rockcraft.y*ml | yq -r .name`
+          if [[ "${{ matrix.path }}" != *"${rock_name}"* ]]
           then
-            rock_name=`cat rockcraft.y*ml | yq -r .name`
-            if [[ "${{ matrix.path }}" != *"${rock_name}"* ]]
-            then
-              echo "ERROR: the ROCK's name '${rock_name}' must match the OCI folder name!"
-              exit 1
-            fi
-          else
-            grep 'FROM' Dockerfile | tail -1 | grep ubuntu || \
-              (echo "ERROR: the image '${rock_name}' must be based on Ubuntu!" \
-                && exit 1)
+            echo "ERROR: the ROCK's name '${rock_name}' must match the OCI folder name!"
+            exit 1
           fi
 
-      # If this is a ROCK...
       - name: Build ROCK ${{ matrix.name }}
-        if: matrix.dockerfile-build == ''
         id: rockcraft
         uses: canonical/craft-actions/rockcraft-pack@main
         with:
           path: "${{ matrix.directory }}"
           verbosity: debug
 
       - name: Rename ROCK OCI archive
-        if: matrix.dockerfile-build == ''
         run: |
           mv ${{ steps.rockcraft.outputs.rock }} ${{ env.OCI_ARCHIVE_NAME }}
 
-      # If this is a Dockerfile-based image...
-      - name: Set up QEMU
-        if: matrix.dockerfile-build != ''
-        uses: docker/setup-qemu-action@v2
-
-      - name: Set up Docker Buildx
-        if: matrix.dockerfile-build != ''
-        id: buildx
-        uses: docker/setup-buildx-action@v2
-
-      - name: Form the platforms string
-        if: matrix.dockerfile-build != ''
-        id: buildx-platforms
-        run: |
-          sudo apt install -y jq
-          platforms=$(echo linux/$(echo '${{ toJSON(matrix.dockerfile-build.platforms) }}' | jq -r 'join(",linux/")'))
-          echo "platforms=${platforms}" >> "$GITHUB_OUTPUT"
-
-      - name: Build OCI image ${{ matrix.name }}
-        if: matrix.dockerfile-build != ''
-        uses: docker/build-push-action@v4
-        with:
-          context: "${{ matrix.directory }}"
-          outputs: "type=oci,dest=${{ env.OCI_ARCHIVE_NAME }}"
-          platforms: ${{ steps.buildx-platforms.outputs.platforms }}
-          push: false
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-          provenance: false
-          sbom: false
-
       - uses: actions/cache/save@v3
         with:
           path: ${{ env.OCI_ARCHIVE_NAME }}
@@ -223,7 +182,6 @@ jobs:
     with:
       oci-image-name: "${{ matrix.name }}_${{ matrix.commit }}_${{ matrix.revision }}"
       oci-image-path: "oci/${{ matrix.name }}"
-      is-a-rock: ${{ matrix.dockerfile-build == '' && true || false }}
       test-from: "cache"
       cache-key: "${{ github.run_id }}-${{ matrix.name }}_${{ matrix.commit }}_${{ matrix.revision }}"
     secrets: inherit
@@ -284,8 +242,6 @@ jobs:
 
       - name: Infer track name
         id: get-track
-        env:
-          DOCKERFILE_IMAGE_VERSION: ${{ matrix.dockerfile-build.version }}
         run: |
           ./src/uploads/infer_image_track.py --recipe-dirname source/${{ matrix.directory }}
 

.github/workflows/Tests.yaml

@@ -21,11 +21,6 @@ on:
         description: 'Cache key (when fetching from cache)'
         required: false
         type: string
-      is-a-rock:
-        description: 'Run additional ROCK-specific tests'
-        required: true
-        type: boolean
-        default: false
       vulnerability-report-suffix:
         description: 'Suffix for the vulnerability report artefact'
         required: false
@@ -51,11 +46,6 @@ on:
         description: 'Cache key (when fetching from cache)'
         required: false
         type: string
-      is-a-rock:
-        description: 'Run additional ROCK-specific tests'
-        required: true
-        type: boolean
-        default: false
       vulnerability-report-suffix:
         description: 'Suffix for the vulnerability report artefact'
         required: true
@@ -167,7 +157,6 @@ jobs:
             docker-daemon:${{ env.TEST_IMAGE_NAME}}:${{ env.TEST_IMAGE_TAG }}
       
       - name: Test ROCK
-        if: ${{ inputs.is-a-rock }}
         run: |
           set -ex
           docker run --rm ${{ env.TEST_IMAGE_NAME}}:${{ env.TEST_IMAGE_TAG }} \

IMAGE_MAINTAINER_AGREEMENT.md

@@ -31,7 +31,7 @@ registry namespace.
 |---|---|
 | CI/CD | Continuous Integration and Continuous Deployment |
 | Maintainer | Canonical entity who owns and is responsible for an Ubuntu ROCK/Image. |
-| OCI image | Any OCI-complaint image, be it a ROCK or a Dockerfile-based image. |
+| OCI image | Currently limited to rock images only. |
 | Registry | An OCI container registry, as [defined](https://oras.land/#what-are-oci-registries) by the OCI specification. |
 | ROCKs | Canonical’s OCI images, built via Rockcraft. See the definition [here](https://canonical-rockcraft.readthedocs-hosted.com/en/latest/explanation.html#what-is-a-rock). |
 | Rockcraft | A craft tool to create ROCKs. Read more about it [here](https://canonical-rockcraft.readthedocs-hosted.com/en/latest/index.html). |
@@ -92,11 +92,9 @@ within Canonical, potentially affecting their workflows.
 
 ### Verify eligibility
 
-This [Maintainer Agreement](#maintainer-agreement) is only eligible for individuals/teams whose proposed OCI images abide by the following rules:
+This [Maintainer Agreement](#maintainer-agreement) is only eligible for individuals/teams whose proposed OCI images abide by the following rule:
 
-- it is a ROCK, i.e. built by a Canonical-maintained version of Rockcraft. There are exceptions where a standard Dockerfile-based OCI image may be considered:
-  - Exception 1) it is a Dockerfile-based OCI image that already exists in the “ubuntu” namespace. In this case, the contributor commits to migrating said legacy image to a ROCK,
-  - Exception 2) it is a Dockerfile-based OCI image which is not designed to be a ROCK (eg. the “ubuntu/ubuntu” base image),
+- it is a rock, i.e. built by a Canonical-maintained version of Rockcraft.
 
 ### Acknowledge accountability
 

README.md

@@ -93,7 +93,6 @@ An `oci` folder name **must match the OCI image's name in the registry** (i.e.
 the field “name” in the `rockcraft.yaml` file). Also, each `oci` folder will
 host the Maintainer files upon which the OCI Factory will rely to understand:
 
-- how to build, i.e. whether it is a ROCK or a Dockerfile-based image;
 - what image to build;
 - what metadata to rely on (like the developer’s contact information);
 - how to tag and release the OCI image;
@@ -147,10 +146,7 @@ Having said that this trigger's syntax is as follows:
 | upload | False | conlist[Dict[str, Any], min_items=1] | List of image builds. Equivalent to `rockcraft pack && rockcraft upload` |
 | upload[*].source | True | str | Git repository hosting the image's project. |
 | upload[*].commit | True | str | Specific reference in the source, where to run the build from. |
-| upload[*].directory | True | str | Path to the "rockcraft.yaml"/"Dockerfile". Where the build will run from. |
-| upload[*].dockerfile-build | False | Dict[str, Any] | In case this is not a ROCK but rather a Dockerfile-based image. |
-| upload[*].dockerfile-build.version | True | str | Same meaning as the `version` field in rockcraft.yaml. |
-| upload[*].dockerfile-build.platforms | True | conlist[str, min_items=1] | Same meaning as the "platforms" field in rockcraft.yaml. |
+| upload[*].directory | True | str | Path to the "rockcraft.yaml". Where the build will run from. |
 | upload[*].release | False | Dict[Dict[str, Any]] | Immediately release this (yet unknown) revision to the given channels. Same as using `--release <channels>` with `rockcraft upload`. |
 | upload[*].release.\<track\> | True | Dict[str, Any] | Track to release this revision to. Canonical track `<version>-<base>` MUST be explicit, always! |
 | upload[*].release.\<track\>.end-of-life | True* | str | Same as `release.<track>` above. |

oci/mock-rock/_releases.json

@@ -1,32 +1,32 @@
 {
     "latest": {
         "candidate": {
-            "target": "141"
+            "target": "1.0-22.04_candidate"
         },
         "beta": {
-            "target": "141"
+            "target": "latest_candidate"
         },
         "edge": {
-            "target": "141"
+            "target": "latest_beta"
         }
     },
     "1.0-22.04": {
         "candidate": {
-            "target": "141"
+            "target": "142"
         },
         "beta": {
-            "target": "141"
+            "target": "142"
         },
         "edge": {
-            "target": "141"
+            "target": "142"
         }
     },
     "test": {
         "beta": {
-            "target": "141"
+            "target": "1.0-22.04_beta"
         },
         "edge": {
-            "target": "141"
+            "target": "test_beta"
         }
     }
 }

src/image/utils/schema/triggers.py

@@ -12,16 +12,6 @@ class ImageTriggerValidationError(Exception):
     """Error validating image trigger file."""
 
 
-class ImageUploadDockerfileSchema(pydantic.BaseModel):
-    """Schema of the optional dockerfile-build section."""
-
-    version: str
-    platforms: List[str]
-
-    class Config:
-        extra = pydantic.Extra.forbid
-
-
 class ImageUploadReleaseSchema(pydantic.BaseModel):
     """Schema of the release option for uploads in the image.yaml trigger"""
 
@@ -40,9 +30,6 @@ class ImageUploadSchema(pydantic.BaseModel):
     source: str
     commit: str
     directory: str
-    dockerfile_build: Optional[ImageUploadDockerfileSchema] = pydantic.Field(
-        alias="dockerfile-build"
-    )
     release: Optional[Dict[str, ImageUploadReleaseSchema]]
 
     class Config:

src/uploads/infer_image_track.py

@@ -8,8 +8,6 @@
 
 logging.basicConfig()
 
-DOCKERFILE_IMAGE_VERSION = os.getenv("DOCKERFILE_IMAGE_VERSION", None)
-
 
 def get_release_from_codename(codename: str) -> str:
     """Uses distro-info tools to infer the Ubuntu release from its codename."""
@@ -25,51 +23,33 @@ def get_release_from_codename(codename: str) -> str:
 parser = argparse.ArgumentParser()
 parser.add_argument(
     "--recipe-dirname",
-    help="Path to the directory where rockcraft.yaml/Dockerfile is",
+    help="Path to the directory where rockcraft.yaml is",
     required=True,
 )
 args = parser.parse_args()
 
-if DOCKERFILE_IMAGE_VERSION:
-    with open(
-        f"{args.recipe_dirname.rstrip('/')}/Dockerfile", encoding="UTF-8"
-    ) as dockerfile:
-        dockerfile_content = dockerfile.read().splitlines()
-
-    base = list(filter(lambda x: "FROM" in x, dockerfile_content))[-1]
-
-    try:
-        base_release = float(base.split(":")[-1])
-    except ValueError:
-        logging.warning(
-            f"Could not infer Ubuntu release from {base}. Trying with codename."
-        )
-        base_release = float(get_release_from_codename(base.split(":")[-1]))
+with open(
+    f"{args.recipe_dirname.rstrip('/')}/rockcraft.yaml", encoding="UTF-8"
+) as rockcraft_file:
+    rockcraft_yaml = yaml.safe_load(rockcraft_file)
 
-    version = DOCKERFILE_IMAGE_VERSION
-else:
-    with open(
-        f"{args.recipe_dirname.rstrip('/')}/rockcraft.yaml", encoding="UTF-8"
-    ) as rockcraft_file:
-        rockcraft_yaml = yaml.safe_load(rockcraft_file)
+rock_base = (
+    rockcraft_yaml["base"]
+    if rockcraft_yaml["base"] != "bare"
+    else rockcraft_yaml["build-base"]
+)
 
-    rock_base = (
-        rockcraft_yaml["base"]
-        if rockcraft_yaml["base"] != "bare"
-        else rockcraft_yaml["build-base"]
+try:
+    base_release = float(rock_base.replace(":", "@").split("@")[-1])
+except ValueError:
+    logging.warning(
+        f"Could not infer ROCK's base release from {rock_base}. Trying with codename."
+    )
+    base_release = float(
+        get_release_from_codename(rock_base.replace(":", "@").split("@")[-1])
     )
 
-    try:
-        base_release = float(rock_base.replace(":", "@").split("@")[-1])
-    except ValueError:
-        logging.warning(
-            f"Could not infer ROCK's base release from {rock_base}. Trying with codename."
-        )
-        base_release = float(
-            get_release_from_codename(rock_base.replace(":", "@").split("@")[-1])
-        )
-
-    version = rockcraft_yaml["version"]
+version = rockcraft_yaml["version"]
 
 track = f"{version}-{base_release}"
 print(f"ROCK track: {track}")