331 dockerhub rate limit - Explicitly state docker.io repo in base im…

…ages, update fabric8 to use own .docker config location and test build2

.github/workflows/build2.yml

@@ -0,0 +1,130 @@
+# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
+
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+name: Build aissemble 2
+
+on:
+  workflow_dispatch:
+    inputs:
+      buildBranch:
+        description: "Branch you want to build"
+        required: true
+        type: string
+        default: "331-dockerhub-rate-limit"
+  push:
+    branches: [ "331-dockerhub-rate-limit" ]
+
+jobs:
+  build:
+    runs-on: arc-runner-set-aissemble
+    env:
+      DOCKER_CONFIG: /home/runner/.docker
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.buildBranch }}
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Install required packages
+        run: |
+          sudo apt-get update
+          sudo apt install -y build-essential libssl-dev zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev curl \
+              git libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev zip unzip \
+              libpython3.11 jq
+      - name: Get Baseline Unauthenticated Requests Limit
+        run: |
+          docker image ls
+          TOKEN=$(curl "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ratelimitpreview/test:pull" | jq -r .token)
+          curl --head -H "Authorization: Bearer $TOKEN" https://registry-1.docker.io/v2/ratelimitpreview/test/manifests/latest 2>&1
+      - name: Install Python
+        uses: gabrielfalcao/pyenv-action@v18
+        with:
+          default: 3.11.4
+      - name: Load m2 repository cache # Manually caching .m2 repo as the setup-java caching isn't falling back to older caches
+        id: cached-m2-repo
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2/repository
+          key: maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            maven-
+      - name: Load m2 build cache
+        id: cached-m2-build
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2/build-cache
+          key: maven-build-cache-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            maven-build-cache-
+      - name: Install Poetry
+        uses: snok/install-poetry@v1
+      - name: Poetry cache
+        id: cached-poetry
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/pypoetry
+          key: poetry-cache-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            poetry-
+      - name: Install Helm
+        run: |
+          curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
+          chmod 700 get_helm.sh
+          ./get_helm.sh
+      - name: Install Helm Unittest Plugin
+        run: |
+          echo "Updating helm unittest plugin to latest version..."
+          helm plugin install https://github.com/helm-unittest/helm-unittest.git
+      - name: Set up JDK 11
+        uses: actions/setup-java@v4
+        with:
+          java-version: '11'
+          distribution: 'temurin'
+      - name: Create Docker Builder Config File
+        run: sudo touch /etc/buildkitd.toml
+      # Generate the settings.xml for ghcr.io, pypi, & dev-pypi server profiles
+      - name: Create settings.xml
+        run: |
+          echo "<settings><servers><server><id>ghcr.io</id><username>${{ secrets.GHCR_IO_USERNAME }}</username><password>${{ secrets.GHCR_IO_TOKEN }}</password></server><server><id>pypi</id><username>${{ secrets.PYPI_USERNAME }}</username><password>${{ secrets.PYPI_TOKEN }}</password></server><server><id>dev-pypi</id><username>${{ secrets.TEST_PYPI_USERNAME }}</username><password>${{ secrets.TEST_PYPI_TOKEN }}</password></server> </servers></settings>" > $HOME/.m2/settings.xml
+      # Run build with the gh-build profile
+      - name: Build aiSSEMBLE
+        run: |
+          ./mvnw -B clean install -U -file pom.xml -Pintegration-test,gh-build --settings $HOME/.m2/settings.xml
+      # Install Maven which is needed for archetype tests
+      - name: Set up Maven
+        uses: stCarolas/setup-maven@v5
+        with:
+          maven-version: 3.9.9
+      # Execute archetype tests
+      - name: Run Archetype Tests
+        run: |
+          ./mvnw -B clean install -Parchetype-test -pl :foundation-archetype
+      #NB: The following two explicit cache saves are necessary to ensure caches are saved on build failure,
+      # until https://github.com/actions/cache/issues/1315 is resolved
+      - name: Save m2 repository cache
+        id: save-m2-repo
+        uses: actions/cache/save@v4
+        if: always()
+        with:
+          path: ~/.m2/repository
+          key: maven-${{ hashFiles('**/pom.xml') }}
+      - name: Save m2 build cache
+        id: save-m2-build
+        uses: actions/cache/save@v4
+        if: always()
+        with:
+          path: ~/.m2/build-cache
+          key: maven-build-cache-${{ hashFiles('**/pom.xml') }}
+      - name: Get Final Unauthenticated Requests Limit
+        run: |
+          docker image ls
+          TOKEN=$(curl "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ratelimitpreview/test:pull" | jq -r .token)
+          curl --head -H "Authorization: Bearer $TOKEN" https://registry-1.docker.io/v2/ratelimitpreview/test/manifests/latest 2>&1

build-parent/pom.xml

@@ -599,7 +599,7 @@
                                     </args>
                                     <buildx>
                                         <builderName>default</builderName>
-                                        <dockerStateDir>~/.docker</dockerStateDir>
+                                        <dockerStateDir>~/.docker/fabric8</dockerStateDir>
                                         <platforms>
                                             <platform>${docker.platforms}</platform>
                                         </platforms>

extensions/extensions-docker/aissemble-fastapi/src/main/resources/docker/Dockerfile

@@ -1,6 +1,6 @@
 # Script for creating base FastAPI Docker image
 
-FROM python:3.11
+FROM docker.io/python:3.11
 
 LABEL org.opencontainers.image.source="https://github.com/boozallen/aissemble"
 
@@ -10,7 +10,7 @@ WORKDIR /app
 COPY ./src/main/resources/docker/requirements.txt /tmp/requirements.txt
 RUN pip install --no-cache-dir --upgrade -r /tmp/requirements.txt
 
-# Custom start script to run fastAPI with specific 
+# Custom start script to run fastAPI with specific
 # module (defined using MODULE environment variable)
 COPY ./src/main/resources/docker/scripts/start.sh /start.sh
 RUN chmod +x /start.sh

extensions/extensions-docker/aissemble-hive-service/src/main/resources/docker/Dockerfile

@@ -1,7 +1,7 @@
 ARG METASTORE_VERSION
-FROM apache/hive:${METASTORE_VERSION} AS appsource
+FROM docker.io/apache/hive:${METASTORE_VERSION} AS appsource
 
-FROM eclipse-temurin:17-jre AS final
+FROM docker.io/eclipse-temurin:17-jre AS final
 
 LABEL org.opencontainers.image.source="https://github.com/boozallen/aissemble"
 

extensions/extensions-docker/aissemble-jenkins/aissemble-jenkins-agent/src/main/resources/docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM jenkins/ssh-agent:latest-debian-jdk11
+FROM docker.io/jenkins/ssh-agent:latest-debian-jdk11
 
 LABEL org.opencontainers.image.source="https://github.com/boozallen/aissemble"
 

extensions/extensions-docker/aissemble-jenkins/aissemble-jenkins-controller/src/main/resources/docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM jenkins/jenkins:lts-jdk11
+FROM docker.io/jenkins/jenkins:lts-jdk11
 
 LABEL org.opencontainers.image.source="https://github.com/boozallen/aissemble"
 

extensions/extensions-docker/aissemble-nvidia/src/main/resources/docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM nvidia/cuda:12.1.1-base-ubuntu22.04
+FROM docker.io/nvidia/cuda:12.1.1-base-ubuntu22.04
 
 LABEL org.opencontainers.image.source="https://github.com/boozallen/aissemble"
 

extensions/extensions-docker/aissemble-spark-operator/src/main/resources/docker/Dockerfile

@@ -16,7 +16,7 @@
 ARG DOCKER_BASELINE_REPO_ID
 ARG VERSION_AISSEMBLE
 
-FROM kubeflow/spark-operator:v1beta2-1.6.2-3.5.0 AS builder
+FROM docker.io/kubeflow/spark-operator:v1beta2-1.6.2-3.5.0 AS builder
 
 # We would be able to use the kubeflow image directly, except that it is on Spark 3.5 instead of 3.4
 FROM ${DOCKER_BASELINE_REPO_ID}boozallen/aissemble-spark:${VERSION_AISSEMBLE}

extensions/extensions-docker/aissemble-spark/src/main/resources/docker/Dockerfile

@@ -1,7 +1,7 @@
 # Script for creating base Spark Docker image
 #
 ARG SPARK_VERSION
-FROM apache/spark-py:v${SPARK_VERSION}
+FROM docker.io/apache/spark-py:v${SPARK_VERSION}
 
 LABEL org.opencontainers.image.source="https://github.com/boozallen/aissemble"
 

extensions/extensions-docker/aissemble-vault/src/main/resources/docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM alpine:3.13
+FROM docker.io/alpine:3.13
 
 LABEL org.opencontainers.image.source="https://github.com/boozallen/aissemble"
 

extensions/extensions-docker/aissemble-versioning/src/main/resources/docker/Dockerfile

@@ -20,7 +20,7 @@ RUN --mount=type=cache,target=/.cache/pypoetry/ \
     poetry bundle venv /opt/venv
 #HABUSHU_BUILDER_STAGE - HABUSHU GENERATED CODE (END)
 
-FROM python:3.11 AS builder
+FROM docker.io/python:3.11 AS builder
 
 # Download Maven
 ARG MAVEN_VERSION=3.9.6

extensions/extensions-docker/pom.xml

@@ -18,30 +18,6 @@
     </properties>
 
     <profiles>
-        <profile>
-            <id>ci</id>
-            <build>
-                <pluginManagement>
-                    <plugins>
-                        <plugin>
-                            <groupId>${group.fabric8.plugin}</groupId>
-                            <artifactId>docker-maven-plugin</artifactId>
-                            <configuration><images>
-                                    <image>
-                                        <build>
-                                            <buildx>
-                                                <!-- use registry mirror to avoid docker pull too many request issues -->
-                                                <configFile>/etc/buildkitd.toml</configFile>
-                                            </buildx>
-                                        </build>
-                                    </image>
-                                </images>
-                            </configuration>
-                        </plugin>
-                    </plugins>
-                </pluginManagement>
-            </build>
-        </profile>
         <profile>
             <id>ensure-docker-dependencies</id>
             <!-- This profile is used to ensure that the docker dependencies are encoded in Maven properly. Because of