Build Python Image

.github/workflows/build.yml

@@ -0,0 +1,32 @@
+name: Build Images
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+env:
+  REGISTRY: ghcr.io
+
+jobs:
+  bake:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and Push
+        uses: docker/bake-action@v4
+        with:
+          push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}

README.md

@@ -1,2 +1,8 @@
 # cdk8s-cmp
-Builds cdk8s images for use with ArgoCD
+Builds images for use with a custom 'cdk8s' ArgoCD Config Management Plugin.
+
+## Building Locally
+
+```sh
+docker bake
+```

docker-bake.hcl

@@ -0,0 +1,21 @@
+group "default" {
+  targets = ["python"]
+}
+
+variable "PYTHON_TAG" {
+  default = "3.13.5-slim-bookworm"
+}
+
+variable "PYTHON_SHA" {
+  default = "f2fdaec50160418e0c2867ba3e254755edd067171725886d5d303fd7057bbf81"
+}
+
+target "python" {
+  context = "docker/python"
+  args = {
+    PYTHON_TAG_SHA = "${PYTHON_TAG}@sha256:${PYTHON_SHA}"
+  }
+  tags = [
+    "ghcr.io/powerhome/cdk8s-cmp-python:${PYTHON_TAG}"
+  ]
+}

docker/python/Dockerfile

@@ -0,0 +1,41 @@
+ARG PYTHON_TAG_SHA=latest
+FROM python:${PYTHON_TAG_SHA}
+
+ENV VENV_PATH=/opt/venv
+ENV PATH="$VENV_PATH/bin:$PATH"
+
+USER root
+
+COPY plugin.yaml ./home/argocd/cmp-server/config/
+
+# Create argocd group and user
+RUN groupadd -g 1000 argocd && \
+    useradd -u 999 -g argocd -d /home/argocd -m -s /bin/bash argocd && \
+    chown argocd:root /home/argocd && \
+    chmod g=u /home/argocd
+
+# Install node and cdk8s-cli
+RUN apt-get update && apt-get install -y curl && \
+    curl -fsSL https://deb.nodesource.com/setup_22.x | bash - && \
+    apt-get install -y nodejs && \
+    npm install -g cdk8s-cli@2.200.103
+
+# Install helm
+RUN curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | tee /usr/share/keyrings/helm.gpg > /dev/null && \
+    apt-get install -y apt-transport-https && \
+    echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | tee /etc/apt/sources.list.d/helm-stable-debian.list && \
+    apt-get update && \
+    apt-get install helm=3.18.1-1
+
+# Install sops
+RUN curl -sSL https://github.com/getsops/sops/releases/download/v3.10.2/sops-v3.10.2.linux.amd64 \
+    -o /usr/local/bin/sops && \
+    chmod +x /usr/local/bin/sops
+
+# Set up pipenv
+RUN python3 -m venv $VENV_PATH && \
+    $VENV_PATH/bin/pip install --upgrade pip && \
+    $VENV_PATH/bin/pip install pipenv==2025.0.3
+
+USER argocd
+WORKDIR /home/argocd

docker/python/plugin.yaml

@@ -0,0 +1,21 @@
+apiVersion: argoproj.io/v1alpha1
+kind: ConfigManagementPlugin
+metadata:
+  name: cdk8s-python
+spec:
+  discover:
+    fileName: ./cdk8s.yaml
+  generate:
+    args:
+    - --stdout
+    command:
+    - cdk8s
+    - synth
+  init:
+    args:
+    - import
+    command:
+    - cdk8s
+  preserveFileMode: false
+  provideGitCreds: true
+  version: "3.13"