build: add tool for managing repos
diff --git a/internal/pkg/image_repositories/build_workflow.go b/internal/pkg/image_repositories/build_workflow.go
new file mode 100644
index 0000000..ba40d9d
--- /dev/null
+++ b/internal/pkg/image_repositories/build_workflow.go
@@ -0,0 +1,138 @@
+package image_repositories
+
+import (
+ "fmt"
+ "strings"
+)
+
+var PROFILES map[string]string = map[string]string{
+ "cinder": "ceph qemu",
+ "nova": "ceph openvswitch configdrive qemu migration",
+ "neutron": "openvswitch vpn",
+ "keystone": "apache ldap openidc",
+ "horizon": "apache",
+ "monasca-api": "apache influxdb",
+ "ironic": "ipxe ipmi qemu tftp",
+ "glance": "ceph",
+ "monasca-persister": "influxdb",
+ "placement": "apache",
+}
+var DIST_PACAKGES map[string]string = map[string]string{
+ "heat": "curl",
+ "designate": "bind9utils",
+ "nova": "ovmf qemu-efi-aarch64",
+ "neutron": "jq ethtool lshw",
+ "monasca-agent": "iproute2 libvirt-clients lshw",
+ "ironic": "ethtool lshw iproute2",
+}
+var PIP_PACKAGES map[string]string = map[string]string{
+ "neutron": "neutron-vpnaas",
+ "monasca-agent": "libvirt-python python-glanceclient python-neutronclient python-novaclient py3nvml",
+ "horizon": "designate-dashboard heat-dashboard ironic-ui magnum-ui neutron-vpnaas-dashboard octavia-dashboard senlin-dashboard monasca-ui",
+ "ironic": "python-dracclient sushy",
+ "placement": "httplib2",
+}
+var PLATFORMS map[string]string = map[string]string{
+ "nova": "linux/amd64,linux/arm64",
+ "neutron": "linux/amd64,linux/arm64",
+}
+
+func NewBuildWorkflow(project string) *GithubWorkflow {
+ profiles := ""
+ if val, ok := PROFILES[project]; ok {
+ profiles = val
+ }
+
+ distPackages := ""
+ if val, ok := DIST_PACAKGES[project]; ok {
+ distPackages = val
+ }
+
+ pipPackages := ""
+ if val, ok := PIP_PACKAGES[project]; ok {
+ pipPackages = val
+ }
+
+ platforms := "linux/amd64"
+ if val, ok := PLATFORMS[project]; ok {
+ platforms = val
+ }
+
+ buildArgs := []string{
+ "RELEASE=${{ matrix.release }}",
+ fmt.Sprintf("PROJECT=%s", project),
+ "PROJECT_REF=${{ env.PROJECT_REF }}",
+ fmt.Sprintf("PROFILES=%s", profiles),
+ fmt.Sprintf("DIST_PACKAGES=%s", distPackages),
+ fmt.Sprintf("PIP_PACKAGES=%s", pipPackages),
+ }
+
+ return &GithubWorkflow{
+ Name: "build",
+ On: GithubWorkflowTrigger{
+ PullRequest: GithubWorkflowPullRequest{},
+ Push: GithubWorkflowPush{
+ Branches: []string{"main"},
+ },
+ },
+ Jobs: map[string]GithubWorkflowJob{
+ "image": {
+ RunsOn: "ubuntu-latest",
+ Strategy: GithubWorkflowStrategy{
+ Matrix: map[string][]string{
+ "release": {"wallaby", "xena", "yoga"},
+ },
+ },
+ Steps: []GithubWorkflowStep{
+ {
+ Name: "Install QEMU static binaries",
+ Uses: "docker/setup-qemu-action@v2",
+ },
+ {
+ Name: "Configure Buildkit",
+ Uses: "docker/setup-buildx-action@v2",
+ },
+ {
+ Name: "Checkout project",
+ Uses: "actions/checkout@v3",
+ },
+ {
+ Name: "Setup environment variables",
+ Run: "echo PROJECT_REF=$(cat manifest.yml | yq \".${{ matrix.release }}.sha\") >> $GITHUB_ENV",
+ },
+ {
+ Name: "Authenticate with Quay.io",
+ Uses: "docker/login-action@v2",
+ With: map[string]string{
+ "registry": "quay.io",
+ "username": "${{ secrets.QUAY_USERNAME }}",
+ "password": "${{ secrets.QUAY_ROBOT_TOKEN }}",
+ },
+ },
+ {
+ Name: "Build image",
+ Uses: "docker/build-push-action@v3",
+ With: map[string]string{
+ "context": ".",
+ "cache-from": "type=gha,scope=${{ matrix.release }}",
+ "cache-to": "type=gha,mode=max,scope=${{ matrix.release }}",
+ "platforms": platforms,
+ "push": "true",
+ "build-args": strings.Join(buildArgs, "\n"),
+ "tags": fmt.Sprintf("quay.io/vexxhost/%s:${{ env.PROJECT_REF }}", project),
+ },
+ },
+ {
+ Name: "Promote image",
+ Uses: "akhilerm/tag-push-action@v2.0.0",
+ If: "github.ref == 'refs/heads/main'",
+ With: map[string]string{
+ "src": fmt.Sprintf("quay.io/vexxhost/%s:${{ env.PROJECT_REF }}", project),
+ "dst": fmt.Sprintf("quay.io/vexxhost/%s:${{ matrix.release }}", project),
+ },
+ },
+ },
+ },
+ },
+ }
+}
diff --git a/internal/pkg/image_repositories/dependabot.go b/internal/pkg/image_repositories/dependabot.go
new file mode 100644
index 0000000..b430146
--- /dev/null
+++ b/internal/pkg/image_repositories/dependabot.go
@@ -0,0 +1,50 @@
+package image_repositories
+
+import (
+ "io"
+
+ "github.com/go-git/go-billy/v5"
+ "github.com/goccy/go-yaml"
+)
+
+type DependabotConfig struct {
+ Version int `yaml:"version"`
+ Updates []DependabotUpdate `yaml:"updates"`
+}
+
+type DependabotUpdate struct {
+ PackageEcosystem string `yaml:"package-ecosystem"`
+ Directory string `yaml:"directory"`
+ Schedule DependabotSchedule `yaml:"schedule"`
+}
+
+type DependabotSchedule struct {
+ Interval string `yaml:"interval"`
+}
+
+func NewDependabotConfig() *DependabotConfig {
+ return &DependabotConfig{
+ Version: 2,
+ Updates: []DependabotUpdate{},
+ }
+}
+
+func (d *DependabotConfig) Write(wr io.Writer) error {
+ bytes, err := yaml.Marshal(d)
+ if err != nil {
+ return err
+ }
+
+ _, err = wr.Write(bytes)
+ return err
+}
+
+func (d *DependabotConfig) WriteFile(fs billy.Filesystem) error {
+ f, err := fs.Create(".github/dependabot.yml")
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ return d.Write(f)
+}
diff --git a/internal/pkg/image_repositories/dockerfile.go b/internal/pkg/image_repositories/dockerfile.go
new file mode 100644
index 0000000..9f89286
--- /dev/null
+++ b/internal/pkg/image_repositories/dockerfile.go
@@ -0,0 +1,55 @@
+package image_repositories
+
+import (
+ _ "embed"
+ "io"
+ "text/template"
+
+ "github.com/go-git/go-billy/v5"
+)
+
+//go:embed template/Dockerfile
+var dockerfileTemplate string
+
+type Dockerfile struct {
+ BindepImage string
+ BindepImageTag string
+ BuilderImage string
+ BuilderImageTag string
+ RuntimeImage string
+ RuntimeImageTag string
+
+ template *template.Template
+}
+
+func NewDockerfile() (*Dockerfile, error) {
+ tmpl, err := template.New("Dockerfile").Parse(dockerfileTemplate)
+ if err != nil {
+ return nil, err
+ }
+
+ return &Dockerfile{
+ BindepImage: "quay.io/vexxhost/bindep-loci",
+ BindepImageTag: "latest",
+ BuilderImage: "quay.io/vexxhost/openstack-builder-focal",
+ BuilderImageTag: "latest",
+ RuntimeImage: "quay.io/vexxhost/openstack-runtime-focal",
+ RuntimeImageTag: "latest",
+
+ template: tmpl,
+ }, nil
+}
+
+func (d *Dockerfile) Write(wr io.Writer) error {
+ return d.template.Execute(wr, d)
+}
+
+func (d *Dockerfile) WriteFile(fs billy.Filesystem) error {
+ f, err := fs.Create("Dockerfile")
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ return d.Write(f)
+}
diff --git a/internal/pkg/image_repositories/dockerignore.go b/internal/pkg/image_repositories/dockerignore.go
new file mode 100644
index 0000000..bc81f36
--- /dev/null
+++ b/internal/pkg/image_repositories/dockerignore.go
@@ -0,0 +1,29 @@
+package image_repositories
+
+import (
+ "io"
+
+ "github.com/go-git/go-billy/v5"
+)
+
+type DockerIgnore struct {
+}
+
+func NewDockerIgnore() *DockerIgnore {
+ return &DockerIgnore{}
+}
+
+func (d *DockerIgnore) Write(wr io.Writer) error {
+ _, err := wr.Write([]byte("*\n"))
+ return err
+}
+
+func (d *DockerIgnore) WriteFile(fs billy.Filesystem) error {
+ f, err := fs.Create(".dockerignore")
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ return d.Write(f)
+}
diff --git a/internal/pkg/image_repositories/github_workflow.go b/internal/pkg/image_repositories/github_workflow.go
new file mode 100644
index 0000000..06e523a
--- /dev/null
+++ b/internal/pkg/image_repositories/github_workflow.go
@@ -0,0 +1,64 @@
+package image_repositories
+
+import (
+ "io"
+
+ "github.com/go-git/go-billy/v5"
+ "github.com/goccy/go-yaml"
+)
+
+type GithubWorkflow struct {
+ Name string `yaml:"name"`
+ On GithubWorkflowTrigger `yaml:"on"`
+ Jobs map[string]GithubWorkflowJob `yaml:"jobs"`
+}
+
+type GithubWorkflowTrigger struct {
+ PullRequest GithubWorkflowPullRequest `yaml:"pull_request"`
+ Push GithubWorkflowPush `yaml:"push"`
+}
+
+type GithubWorkflowPullRequest struct {
+}
+
+type GithubWorkflowPush struct {
+ Branches []string `yaml:"branches"`
+}
+
+type GithubWorkflowJob struct {
+ RunsOn string `yaml:"runs-on"`
+ Strategy GithubWorkflowStrategy `yaml:"strategy"`
+ Steps []GithubWorkflowStep `yaml:"steps"`
+}
+
+type GithubWorkflowStrategy struct {
+ Matrix map[string][]string `yaml:"matrix"`
+}
+
+type GithubWorkflowStep struct {
+ Name string `yaml:"name"`
+ Run string `yaml:"run,omitempty"`
+ Uses string `yaml:"uses,omitempty"`
+ If string `yaml:"if,omitempty"`
+ With map[string]string `yaml:"with,omitempty"`
+}
+
+func (g *GithubWorkflow) Write(wr io.Writer) error {
+ bytes, err := yaml.Marshal(g)
+ if err != nil {
+ return err
+ }
+
+ _, err = wr.Write(bytes)
+ return err
+}
+
+func (g *GithubWorkflow) WriteFile(fs billy.Filesystem) error {
+ f, err := fs.Create(".github/workflows/build.yml")
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ return g.Write(f)
+}
diff --git a/internal/pkg/image_repositories/image_repository.go b/internal/pkg/image_repositories/image_repository.go
new file mode 100644
index 0000000..bcb9f7a
--- /dev/null
+++ b/internal/pkg/image_repositories/image_repository.go
@@ -0,0 +1,295 @@
+package image_repositories
+
+import (
+ "context"
+ "fmt"
+ "net/http"
+ "os"
+
+ "github.com/go-git/go-billy/v5"
+ "github.com/go-git/go-billy/v5/memfs"
+ "github.com/go-git/go-git/v5"
+ "github.com/go-git/go-git/v5/config"
+ "github.com/go-git/go-git/v5/plumbing"
+ git_http "github.com/go-git/go-git/v5/plumbing/transport/http"
+ "github.com/go-git/go-git/v5/storage/memory"
+ "github.com/google/go-github/v47/github"
+ log "github.com/sirupsen/logrus"
+ "golang.org/x/oauth2"
+)
+
+type ImageRepository struct {
+ Project string
+
+ githubClient *github.Client
+ gitAuth *git_http.BasicAuth
+}
+
+func NewImageRepository(project string) *ImageRepository {
+ githubToken := os.Getenv("GITHUB_TOKEN")
+
+ ctx := context.TODO()
+ ts := oauth2.StaticTokenSource(
+ &oauth2.Token{AccessToken: os.Getenv("GITHUB_TOKEN")},
+ )
+ tc := oauth2.NewClient(ctx, ts)
+
+ return &ImageRepository{
+ Project: project,
+
+ githubClient: github.NewClient(tc),
+ gitAuth: &git_http.BasicAuth{
+ Username: githubToken,
+ },
+ }
+}
+
+func (i *ImageRepository) WriteFiles(fs billy.Filesystem) error {
+ // .github/workflows/build.yml
+ build := NewBuildWorkflow(i.Project)
+ err := build.WriteFile(fs)
+ if err != nil {
+ return err
+ }
+
+ // .github/workflows/sync.yml
+
+ // .github/dependabot.yml
+ dab := NewDependabotConfig()
+ err = dab.WriteFile(fs)
+ if err != nil {
+ return err
+ }
+
+ // .dockerignore
+ di := NewDockerIgnore()
+ err = di.WriteFile(fs)
+ if err != nil {
+ return err
+ }
+
+ // .pre-commit-config.yaml
+ pcc := NewPreCommitConfig()
+ err = pcc.WriteFile(fs)
+ if err != nil {
+ return err
+ }
+
+ // Dockerfile
+ df, err := NewDockerfile()
+ if err != nil {
+ return err
+ }
+ err = df.WriteFile(fs)
+ if err != nil {
+ return err
+ }
+
+ // manifest.yml
+ mf, err := NewImageManifest(i.Project)
+ if err != nil {
+ return err
+ }
+ err = mf.WriteFile(fs)
+ if err != nil {
+ return err
+ }
+
+ // README.md
+ rm, err := NewReadme(i.Project)
+ if err != nil {
+ return err
+ }
+ err = rm.WriteFile(fs)
+ if err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (i *ImageRepository) CreateOrGet(ctx context.Context) (*github.Repository, error) {
+ projectName := fmt.Sprintf("docker-openstack-%s", i.Project)
+
+ _, resp, err := i.githubClient.Repositories.Get(ctx, "vexxhost", projectName)
+ if err != nil && resp.StatusCode == http.StatusNotFound {
+ _, _, err = i.githubClient.Repositories.Create(ctx, "vexxhost", &github.Repository{
+ Name: github.String(projectName),
+ })
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ // Description
+ description := fmt.Sprintf("Docker image for OpenStack: %s", i.Project)
+
+ // Updated repository
+ repo := &github.Repository{
+ AllowMergeCommit: github.Bool(false),
+ AllowRebaseMerge: github.Bool(true),
+ AllowSquashMerge: github.Bool(false),
+ DeleteBranchOnMerge: github.Bool(true),
+ Description: github.String(description),
+ Visibility: github.String("public"),
+ HasWiki: github.Bool(false),
+ HasIssues: github.Bool(false),
+ HasProjects: github.Bool(false),
+ }
+
+ // Update the repository with the correct settings
+ repo, _, err = i.githubClient.Repositories.Edit(ctx, "vexxhost", projectName, repo)
+ if err != nil {
+ return nil, err
+ }
+
+ // Branch protection
+ protection := &github.ProtectionRequest{
+ RequiredPullRequestReviews: &github.PullRequestReviewsEnforcementRequest{
+ RequiredApprovingReviewCount: 1,
+ DismissStaleReviews: true,
+ BypassPullRequestAllowancesRequest: &github.BypassPullRequestAllowancesRequest{
+ Users: []string{"mnaser"},
+ Teams: []string{},
+ Apps: []string{},
+ },
+ },
+ RequiredStatusChecks: &github.RequiredStatusChecks{
+ Strict: true,
+ Contexts: nil,
+ Checks: []*github.RequiredStatusCheck{
+ {
+ Context: "image (wallaby)",
+ },
+ {
+ Context: "image (xena)",
+ },
+ {
+ Context: "image (yoga)",
+ },
+ },
+ },
+ RequiredConversationResolution: github.Bool(true),
+ RequireLinearHistory: github.Bool(true),
+ EnforceAdmins: true,
+ AllowForcePushes: github.Bool(false),
+ AllowDeletions: github.Bool(false),
+ }
+ _, _, err = i.githubClient.Repositories.UpdateBranchProtection(ctx, *repo.Owner.Login, *repo.Name, "main", protection)
+ if err != nil {
+ return nil, err
+ }
+
+ return repo, err
+}
+
+func (i *ImageRepository) Synchronize(ctx context.Context) error {
+ githubRepo, err := i.CreateOrGet(ctx)
+ if err != nil {
+ return err
+ }
+
+ storer := memory.NewStorage()
+ fs := memfs.New()
+
+ repo, err := git.Clone(storer, fs, &git.CloneOptions{
+ Auth: i.gitAuth,
+ URL: *githubRepo.SSHURL,
+ })
+ if err != nil {
+ return err
+ }
+
+ headRef, err := repo.Head()
+ if err != nil {
+ return err
+ }
+
+ ref := plumbing.NewHashReference("refs/heads/sync/atmosphere-ci", headRef.Hash())
+ err = repo.Storer.SetReference(ref)
+ if err != nil {
+ return err
+ }
+
+ worktree, err := repo.Worktree()
+ if err != nil {
+ return err
+ }
+
+ err = worktree.Checkout(&git.CheckoutOptions{
+ Branch: ref.Name(),
+ })
+ if err != nil {
+ return err
+ }
+
+ err = i.WriteFiles(fs)
+ if err != nil {
+ return err
+ }
+
+ status, err := worktree.Status()
+ if err != nil {
+ return err
+ }
+
+ if status.IsClean() {
+ log.Info("No changes to commit")
+ return nil
+ }
+
+ _, err = worktree.Add(".")
+ if err != nil {
+ return err
+ }
+
+ commit, err := worktree.Commit("chore: sync using `atmosphere-ci`", &git.CommitOptions{
+ All: true,
+ })
+ if err != nil {
+ return err
+ }
+
+ err = repo.Push(&git.PushOptions{
+ Auth: i.gitAuth,
+ RefSpecs: []config.RefSpec{"refs/heads/sync/atmosphere-ci:refs/heads/sync/atmosphere-ci"},
+ Force: true,
+ })
+ if err != nil {
+ return err
+ }
+
+ err = i.CreatePullRequest(ctx, githubRepo, commit)
+ if err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (i *ImageRepository) CreatePullRequest(ctx context.Context, repo *github.Repository, commit plumbing.Hash) error {
+ newPR := &github.NewPullRequest{
+ Title: github.String("⚙️ Automatic sync from `atmosphere-ci`"),
+ Head: github.String("sync/atmosphere-ci"),
+ Base: github.String("main"),
+ Body: github.String("This is an automatic pull request from `atmosphere-ci`"),
+ }
+
+ prs, _, err := i.githubClient.PullRequests.ListPullRequestsWithCommit(ctx, *repo.Owner.Login, *repo.Name, commit.String(), &github.PullRequestListOptions{})
+ if err != nil {
+ return err
+ }
+
+ if len(prs) > 0 {
+ log.Info("Pull request already exists: ", prs[0].GetHTMLURL())
+ return nil
+ }
+
+ pr, resp, err := i.githubClient.PullRequests.Create(ctx, *repo.Owner.Login, *repo.Name, newPR)
+ if err != nil && resp.StatusCode != http.StatusUnprocessableEntity {
+ return err
+ }
+
+ log.Info("PR created: ", pr.GetHTMLURL())
+ return nil
+}
diff --git a/internal/pkg/image_repositories/manifest.go b/internal/pkg/image_repositories/manifest.go
new file mode 100644
index 0000000..d27bbe0
--- /dev/null
+++ b/internal/pkg/image_repositories/manifest.go
@@ -0,0 +1,81 @@
+package image_repositories
+
+import (
+ "fmt"
+ "io"
+
+ "code.gitea.io/sdk/gitea"
+ "github.com/go-git/go-billy/v5"
+ "github.com/goccy/go-yaml"
+)
+
+type ReleaseManifest struct {
+ SHA string `json:"sha"`
+}
+
+type ImageManifest struct {
+ Wallaby *ReleaseManifest `yaml:"wallaby"`
+ Xena *ReleaseManifest `yaml:"xena"`
+ Yoga *ReleaseManifest `yaml:"yoga"`
+}
+
+func NewImageManifest(project string) (*ImageManifest, error) {
+ client, err := gitea.NewClient("https://opendev.org")
+ if err != nil {
+ return nil, err
+ }
+
+ wallaby, err := getReleaseManifest(client, project, "wallaby")
+ if err != nil {
+ return nil, err
+ }
+
+ xena, err := getReleaseManifest(client, project, "xena")
+ if err != nil {
+ return nil, err
+ }
+
+ yoga, err := getReleaseManifest(client, project, "yoga")
+ if err != nil {
+ return nil, err
+ }
+
+ return &ImageManifest{
+ Wallaby: wallaby,
+ Xena: xena,
+ Yoga: yoga,
+ }, nil
+}
+
+func (m *ImageManifest) Write(wr io.Writer) error {
+ bytes, err := yaml.Marshal(m)
+ if err != nil {
+ return err
+ }
+
+ _, err = wr.Write(bytes)
+ return err
+}
+
+func (m *ImageManifest) WriteFile(fs billy.Filesystem) error {
+ f, err := fs.Create("manifest.yml")
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ return m.Write(f)
+}
+
+func getReleaseManifest(client *gitea.Client, project, release string) (*ReleaseManifest, error) {
+ branchName := fmt.Sprintf("stable/%s", release)
+
+ branch, _, err := client.GetRepoBranch("openstack", project, branchName)
+ if err != nil {
+ return nil, err
+ }
+
+ return &ReleaseManifest{
+ SHA: branch.Commit.ID,
+ }, nil
+}
diff --git a/internal/pkg/image_repositories/pre_commit_config.go b/internal/pkg/image_repositories/pre_commit_config.go
new file mode 100644
index 0000000..7c98576
--- /dev/null
+++ b/internal/pkg/image_repositories/pre_commit_config.go
@@ -0,0 +1,60 @@
+package image_repositories
+
+import (
+ "io"
+
+ "github.com/go-git/go-billy/v5"
+ "github.com/goccy/go-yaml"
+)
+
+type PreCommitConfig struct {
+ Repositories []PreCommitRepository `yaml:"repos"`
+}
+
+type PreCommitRepository struct {
+ Repository string `yaml:"repo"`
+ Revision string `yaml:"rev"`
+ Hooks []PreCommitHook `yaml:"hooks"`
+}
+
+type PreCommitHook struct {
+ ID string `yaml:"id"`
+ Stages []string `yaml:"stages"`
+}
+
+func NewPreCommitConfig() *PreCommitConfig {
+ return &PreCommitConfig{
+ Repositories: []PreCommitRepository{
+ {
+ Repository: "https://github.com/compilerla/conventional-pre-commit",
+ Revision: "v2.0.0",
+ Hooks: []PreCommitHook{
+ {
+ ID: "conventional-pre-commit",
+ Stages: []string{"commit-msg"},
+ },
+ },
+ },
+ },
+ }
+}
+
+func (c *PreCommitConfig) Write(wr io.Writer) error {
+ bytes, err := yaml.Marshal(c)
+ if err != nil {
+ return err
+ }
+
+ _, err = wr.Write(bytes)
+ return err
+}
+
+func (c *PreCommitConfig) WriteFile(fs billy.Filesystem) error {
+ f, err := fs.Create(".pre-commit-config.yaml")
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ return c.Write(f)
+}
diff --git a/internal/pkg/image_repositories/readme.go b/internal/pkg/image_repositories/readme.go
new file mode 100644
index 0000000..8bd3890
--- /dev/null
+++ b/internal/pkg/image_repositories/readme.go
@@ -0,0 +1,45 @@
+package image_repositories
+
+import (
+ _ "embed"
+ "io"
+ "text/template"
+
+ "github.com/go-git/go-billy/v5"
+)
+
+//go:embed template/README.md
+var readmeTemplate string
+
+type Readme struct {
+ Project string
+
+ template *template.Template
+}
+
+func NewReadme(project string) (*Readme, error) {
+ tmpl, err := template.New("README.md").Parse(readmeTemplate)
+ if err != nil {
+ return nil, err
+ }
+
+ return &Readme{
+ Project: project,
+
+ template: tmpl,
+ }, nil
+}
+
+func (r *Readme) Write(wr io.Writer) error {
+ return r.template.Execute(wr, r)
+}
+
+func (r *Readme) WriteFile(fs billy.Filesystem) error {
+ f, err := fs.Create("README.md")
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ return r.Write(f)
+}
diff --git a/internal/pkg/image_repositories/template/Dockerfile b/internal/pkg/image_repositories/template/Dockerfile
new file mode 100644
index 0000000..95d0f0f
--- /dev/null
+++ b/internal/pkg/image_repositories/template/Dockerfile
@@ -0,0 +1,10 @@
+# syntax=docker/dockerfile:1.4
+
+FROM {{ .BindepImage }}:{{ .BindepImageTag }} AS bindep
+
+FROM {{ .BuilderImage }}:{{ .BuilderImageTag }} AS builder
+COPY --from=bindep --link /runtime-pip-packages /runtime-pip-packages
+
+FROM {{ .RuntimeImage }}:{{ .RuntimeImageTag }} AS runtime
+COPY --from=bindep --link /runtime-dist-packages /runtime-dist-packages
+COPY --from=builder --link /var/lib/openstack /var/lib/openstack
diff --git a/internal/pkg/image_repositories/template/README.md b/internal/pkg/image_repositories/template/README.md
new file mode 100644
index 0000000..81229c1
--- /dev/null
+++ b/internal/pkg/image_repositories/template/README.md
@@ -0,0 +1,9 @@
+# OpenStack Image for `{{ .Project }}`
+
+This is an automatically generated and synchronzied repository for the `{{ .Project }}`
+project images. The repository is built using the `atmosphere-ci` tool that
+lives inside of the [Atmosphere](https://github.com/vexxhost/atmosphere) project.
+
+If you need to make any changes or files issues, please propose them to the
+[Atmosphere](https://github.com/vexxhost/atmosphere) repository or else they
+will be wiped out the next time the repository is synchronized.