From 41158abd01b8098bd539086ec095a3fea18f3cb1 Mon Sep 17 00:00:00 2001
From: Suraj Deshmukh <suraj.deshmukh@microsoft.com>
Date: Thu, 25 Apr 2024 23:02:03 +0000
Subject: [PATCH 1/3] CI: Build & Push Cloudshell Images to GHCR

Signed-off-by: Suraj Deshmukh <suraj.deshmukh@microsoft.com>
---
 .github/workflows/cloudshell-build-push.yaml | 41 ++++++++++++++++++++
 linux/base.Dockerfile                        |  1 +
 linux/tools.Dockerfile                       | 12 +++---
 3 files changed, 49 insertions(+), 5 deletions(-)
 create mode 100644 .github/workflows/cloudshell-build-push.yaml

diff --git a/.github/workflows/cloudshell-build-push.yaml b/.github/workflows/cloudshell-build-push.yaml
new file mode 100644
index 00000000..777d54a7
--- /dev/null
+++ b/.github/workflows/cloudshell-build-push.yaml
@@ -0,0 +1,41 @@
+name: Build & Push Cloudshell Images
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  build_and_push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Login to GHCR
+      uses: docker/login-action@v3
+      with:
+        registry: ghcr.io
+        username: ${{ github.repository_owner }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Base image
+      uses: docker/build-push-action@v3
+      with:
+        context: .
+        file: linux/base.Dockerfile
+        push: true
+        tags: ghcr.io/cloudshell/base:${{ github.sha }},ghcr.io/cloudshell/base:latest
+
+    - name: Tools image
+      uses: docker/build-push-action@v3
+      with:
+        context: .
+        file: linux/tools.Dockerfile
+        push: true
+        tags: ghcr.io/cloudshell/tools:${{ github.sha }},ghcr.io/cloudshell/tools:latest
+        build-args: IMAGE_LOCATION=ghcr.io/cloudshell/base:${{ github.sha }}
diff --git a/linux/base.Dockerfile b/linux/base.Dockerfile
index bb64ed32..16f0a177 100644
--- a/linux/base.Dockerfile
+++ b/linux/base.Dockerfile
@@ -13,6 +13,7 @@
 # ability to stay current on Linux updates.
 # https://github.com/microsoft/CBL-Mariner
 FROM mcr.microsoft.com/cbl-mariner/base/core:2.0
+LABEL org.opencontainers.image.source="https://github.com/Azure/CloudShell"
 
 SHELL ["/bin/bash","-c"]
 COPY linux/tdnfinstall.sh .
diff --git a/linux/tools.Dockerfile b/linux/tools.Dockerfile
index 177c9ece..f87f7cbf 100644
--- a/linux/tools.Dockerfile
+++ b/linux/tools.Dockerfile
@@ -9,6 +9,8 @@ ARG IMAGE_LOCATION=cdpxb787066ec88f4e20ae65e42a858c42ca00.azurecr.io/official/cl
 # Copy from base build
 FROM ${IMAGE_LOCATION}
 
+LABEL org.opencontainers.image.source="https://github.com/Azure/CloudShell"
+
 RUN tdnf clean all && \
     tdnf repolist --refresh && \
     ACCEPT_EULA=Y tdnf update -y && \
@@ -22,8 +24,8 @@ RUN tdnf clean all && \
 
 # Install any Azure CLI extensions that should be included by default.
 RUN az extension add --system --name ai-examples -y \
-&& az extension add --system --name ssh -y \
-&& az extension add --system --name ml -y
+    && az extension add --system --name ssh -y \
+    && az extension add --system --name ml -y
 
 # Install kubectl
 RUN az aks install-cli \
@@ -49,9 +51,9 @@ RUN npm install -q -g @pnp/cli-microsoft365
 
 # Install Bicep CLI
 RUN curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 \
-  && chmod +x ./bicep \
-  && mv ./bicep /usr/local/bin/bicep \
-  && bicep --help
+    && chmod +x ./bicep \
+    && mv ./bicep /usr/local/bin/bicep \
+    && bicep --help
 
 # Temp: fix ansible modules. Proper fix is to update base layer to use regular python for Ansible.
 RUN mkdir -p /usr/share/ansible/collections/ansible_collections/azure/azcollection/ \

From 204618378860bd7b046ca12cbca2c34a3a751002 Mon Sep 17 00:00:00 2001
From: Suraj Deshmukh <suraj.deshmukh@microsoft.com>
Date: Wed, 1 May 2024 23:43:20 +0000
Subject: [PATCH 2/3] Update README about the pre-built images

Signed-off-by: Suraj Deshmukh <suraj.deshmukh@microsoft.com>
---
 README.md | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 0c13d1c9..7249c44f 100644
--- a/README.md
+++ b/README.md
@@ -82,7 +82,13 @@ changes to the tools.
 
 ## Building and Testing the image
 
-Required software
+### Building the images
+
+> [!NOTE]
+> If you would like to use the image that is built on each pull-request merge, then
+> You can skip this step and use a pre-built image. You can find the pre-built base image at `ghcr.io/cloudshell/base:latest` and `ghcr.io/cloudshell/tools:latest`.
+
+Required software:
 
 - Docker
 - Bash terminal / Powershell
@@ -96,22 +102,24 @@ docker build -t base_cloudshell -f linux/base.Dockerfile .
 Building tools.Dockerfile image
 
 ```bash
-docker build -t tools_cloudshell --build-arg IMAGE_LOCATION=base_cloudshell -f linux/tools.Dockerfile . 
+docker build -t tools_cloudshell --build-arg IMAGE_LOCATION=base_cloudshell -f linux/tools.Dockerfile .
 ```
 
-Running bash in the tools.Dockerfile image
+### Testing the images
+
+Running `bash` in the `tools.Dockerfile` based image:
 
 ```bash
 docker run -it tools_cloudshell /bin/bash
 ```
 
-Running pwsh in the tools.Dockerfile image
+Running `pwsh` in the `tools.Dockerfile` based image:
 
 ```bash
 docker run -it tools_cloudshell /usr/bin/pwsh
 ```
 
-Testing the Cloud Shell image
+Testing the Cloud Shell image:
 
 ```bash
 docker run --volume /path/to/CloudShell/folder/tests:/tests -it tools_cloudshell /tests/test.sh
@@ -152,7 +160,7 @@ _every_ Cloud Shell admin to have the tool available.
 For a tool to be included in Cloud Shell, it has to be:
 
 - widely useful to Azure administrators
-- well-maintained and supported,  
+- well-maintained and supported,
 - released under a license which permits us to include it
 - lightweight in terms of CPU requirements, size on disk, and memory
 
@@ -180,7 +188,7 @@ If you wish to contribute to The Cloud Shell documentation, see the Microsoft Le
 
 This project welcomes contributions and suggestions. Most contributions require you to agree to a
 Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
-the rights to use your contribution. For details, see 
+the rights to use your contribution. For details, see
 [https://cla.microsoft.com](https://cla.microsoft.com).
 
 When you submit a pull request, a CLA-bot will automatically determine whether you need to provide

From 77b332424fbd56f556ecd1cd25b136f97cd959c4 Mon Sep 17 00:00:00 2001
From: Mitchell Bifeld <mbifeld@gmail.com>
Date: Thu, 9 May 2024 18:50:15 -0500
Subject: [PATCH 3/3] Update wording for pre-built images

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 7249c44f..d07657c0 100644
--- a/README.md
+++ b/README.md
@@ -85,8 +85,9 @@ changes to the tools.
 ### Building the images
 
 > [!NOTE]
-> If you would like to use the image that is built on each pull-request merge, then
-> You can skip this step and use a pre-built image. You can find the pre-built base image at `ghcr.io/cloudshell/base:latest` and `ghcr.io/cloudshell/tools:latest`.
+> Cloud Shell publishes an image on each update to the master branch. If you would like to use the pre-built image, then
+> you can skip this step by downloading the latest [base image layer here](ghcr.io/cloudshell/base:latest)
+> and the latest [tools image layer here](ghcr.io/cloudshell/tools:latest). You can find all previously built image layers [here](https://github.com/orgs/Azure/packages?repo_name=CloudShell).
 
 Required software: