(feature): healthz

src/Dockerfile

@@ -1,32 +1,40 @@
 FROM registry.fedoraproject.org/fedora:40
 
-# Set environment variables for storage configuration
+# Environment for Podman storage
 ENV CONTAINERS_STORAGE_CONF=/etc/containers/storage.conf \
     STORAGE_RUNROOT=/run/containers/storage \
     STORAGE_GRAPHROOT=/var/lib/containers/storage \
     _CONTAINERS_USERNS_CONFIGURED=""
 
-# Install necessary packages
-RUN dnf install -y podman fuse-overlayfs shadow-utils && \
-    dnf clean all
+# Install runtime dependencies (Podman + Python)
+RUN dnf install -y \
+        podman \
+        fuse-overlayfs \
+        shadow-utils \
+        python3 \
+    && dnf clean all
 
-# Set the setuid bit on newuidmap and newgidmap
+# Allow unprivileged user namespaces
 RUN chmod u+s /usr/bin/newuidmap /usr/bin/newgidmap
 
-# Create a non-root user and group with UID/GID 1000
-RUN groupadd -g 1000 podmanuser && \
-    useradd -u 1000 -g podmanuser -m -s /bin/bash podmanuser && \
-    mkdir -p /run/containers/storage /var/lib/containers/storage && \
-    chown -R podmanuser:podmanuser /run/containers/storage /var/lib/containers/storage
+# Create podmanuser with UID/GID 1000 and storage dirs
+RUN groupadd -g 1000 podmanuser \
+ && useradd -u 1000 -g podmanuser -m -s /bin/bash podmanuser \
+ && mkdir -p /run/containers/storage /var/lib/containers/storage /home/podmanuser/workspace \
+ && chown -R podmanuser:podmanuser /run/containers/storage /var/lib/containers/storage /home/podmanuser/workspace 
 
-# Copy the storage.conf file from the host to the container
+# Copy in your host storage.conf
 COPY storage.conf /etc/containers/storage.conf
 
-# Switch to the non-root user
+# Create minimal health-check server script
+COPY healthz.py /home/podmanuser/healthz.py
+RUN chown podmanuser:podmanuser /home/podmanuser/healthz.py
+
+# Switch to non-root user
 USER podmanuser
 
-# Create a volume for persistent storage if needed
-# VOLUME /home/podmanuser/.local/share/containers/storage
+# Expose port for Kubernetes probes
+EXPOSE 8080
 
-# Run an infinite sleep to keep the container running
-CMD ["sleep", "infinity"]
+# Launch health-check server
+CMD ["python3", "/home/podmanuser/healthz.py"]

src/build.ps1

@@ -1,11 +1,12 @@
+param(
+    [string]$ContainerRuntime = $containerRuntime
+)
+
 $containerRuntime = "docker"
 
 $registryUrl = "cr.maks-it.com"  # Modify this line to set your registry URL
 $imageName = "library/podman:latest"  # Modify this line to set your desired image name
 
-param(
-    [string]$ContainerRuntime = $containerRuntime
-)
 
 if ($ContainerRuntime -ne "docker" -and $ContainerRuntime -ne "podman") {
     Write-Host "Error: Unsupported container runtime. Use 'docker' or 'podman'." -ForegroundColor Red
@@ -40,9 +41,19 @@ $jsonString | Set-Content -Path $configFile
 & $ContainerRuntime build -t "$registryUrl/$ImageName" -f Dockerfile .
 
 # Push the container image using the generated config.json
-& $ContainerRuntime --config $configFile push "$registryUrl/$ImageName"
+if ($ContainerRuntime -eq "podman") {
+    & podman push --authfile $configFile "$registryUrl/$imageName"
+}
+elseif ($ContainerRuntime -eq "docker") {
+    $dockerConfigDir = "$env:USERPROFILE\.docker"
+    if (-not (Test-Path $dockerConfigDir)) {
+        New-Item -ItemType Directory -Path $dockerConfigDir | Out-Null
+    }
+    Copy-Item -Path $configFile -Destination "$dockerConfigDir\config.json" -Force
+    & docker push "$registryUrl/$imageName"
+}
 
-# Delete the config.json file after the push
+# Cleanup
 Remove-Item -Path $configFile -Force
 
 Write-Host "Build and push completed successfully." -ForegroundColor Green

src/healthz.py

@@ -0,0 +1,12 @@
+from http.server import BaseHTTPRequestHandler, HTTPServer
+
+class HealthzHandler(BaseHTTPRequestHandler):
+    def do_GET(self):
+        if self.path == '/healthz':
+            self.send_response(200)
+        else:
+            self.send_response(404)
+        self.end_headers()
+
+if __name__ == '__main__':
+    HTTPServer(('0.0.0.0', 8080), HealthzHandler).serve_forever()