Add files to publish oci artifact

Signed-off-by: Manuel Morejon <manuel@mmorejon.io>

Author: mmorejon

.github/workflows/oci-publish.yml

@@ -0,0 +1,42 @@
+name: Publish OCI Artifact
+
+on:
+  push:
+    branches: [ "main" ]
+
+env:
+  REGISTRY: ghcr.io
+
+jobs:
+  publish-artifact:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      # 1. Download the repository code
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      # 2. Configure ORAS CLI (Using the official action)
+      # https://github.com/marketplace/actions/setup-oras
+      - name: Set up ORAS
+        uses: oras-project/setup-oras@v1
+        with:
+          version: 1.3.0
+
+      # 3. Install JQ (Required to manipulate the JSON in the script)
+      - name: Install JQ (JSON Processor)
+        run: sudo apt-get update && sudo apt-get install -y jq
+
+      # 4. Login to GitHub Container Registry
+      - name: Log into GHCR
+        run: echo "${{ secrets.GITHUB_TOKEN }}" | oras login ${{ env.REGISTRY }} -u ${{ github.actor }} --password-stdin
+
+      # 5. Execute the publish script
+      # The script will automatically read GITHUB_REPOSITORY, GITHUB_SHA, etc.
+      - name: Execute Publish Script
+        run: |
+          chmod +x publish.sh
+          ./publish.sh

README.en.md

@@ -0,0 +1,100 @@
+# erase-una-vez-5
+
+[![es](https://img.shields.io/badge/Leer_en-Español-blue.svg?style=flat-square)](README.md)
+
+<div align="center">
+
+<img src="./assets/book-cover.jpg" alt="Once Upon a Time Kubernetes Book Cover" width="300"/>
+
+### 📚 OCI Data Volumes
+
+Their function is to generate **"Data-Only" Container Images**: images that do not have an operating system or run anything; they simply serve as a "pen drive" to transport your files to any Kubernetes cluster or Docker environment.
+
+This repository is a practical example created for the book **"Érase una vez Kubernetes"**.
+
+👇 **Get the updated 2025 edition here:** 👇
+
+[![Amazon](https://img.shields.io/badge/Amazon-Buy_Paperback-orange?style=for-the-badge&logo=amazon)](https://www.amazon.es/dp/B0F9VPCJ7X)
+[![LeanPub](https://img.shields.io/badge/LeanPub-Download_Ebook-blue?style=for-the-badge&logo=leanpub)](https://leanpub.com/once-upon-a-time-kubernetes)
+
+</div>
+
+## ⚡ What makes it special?
+
+* **No Docker:** It is built using pure scripts (ORAS + Bash). You do not need anything else.
+* **Ultralight:** Based on `scratch`. The image size is equal to the size of your files.
+* **Multi-Architecture:** It works the same on Intel servers (`amd64`) as on Raspberry Pi/Mac (`arm64`).
+* **Automatic:** GitHub Actions automatically injects the version, author, and commit.
+
+---
+
+## 📦 How to consume the data
+
+Since this image has no operating system, you cannot run `docker run`. Use it to copy data to other applications:
+
+### Example in a Dockerfile:
+
+Create a container image that uses the data image as an intermediate layer.
+
+```dockerfile
+# 1. Pull our data
+FROM ghcr.io/mmorejon/erase-una-vez-5:v1 AS my-files
+
+# 2. Copy our files to our real application (e.g. Nginx)
+FROM nginx:alpine
+COPY --from=my-files / /usr/share/nginx/html/
+```
+
+Build the image and start the container.
+
+```bash
+docker image build --tag server . && \
+docker container run --detach --publish 8080:80 server
+```
+
+Access the files included in the image.
+
+```bash
+curl http://localhost:8080/example-1.txt
+> Érase una vez Kubernetes
+```
+
+### Example in Kubernetes:
+
+Create a pod that uses the data image as a volume. To use this example, you need a Kubernetes 1.35+ cluster.
+
+If you do not have a Kubernetes cluster, you can use the exercise repository from the book "Érase una vez Kubernetes".
+
+<https://github.com/mmorejon/erase-una-vez-k8s>
+
+```yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: erase-una-vez-5
+spec:
+  containers:
+  - name: server
+    image: nginx:alpine
+    volumeMounts:
+    - name: volume
+      mountPath: /usr/share/nginx/html/
+  volumes:
+  - name: volume
+    image:
+      reference: ghcr.io/mmorejon/erase-una-vez-5:main
+      pullPolicy: IfNotPresent
+```
+
+---
+
+## 🤝 Community and Feedback
+
+1.  ⭐ **Has this been useful to you?** Give a **star** to the repository (top right). It helps us reach more engineers.
+2.  📚 **Still don't have the book?** Buy the book on Amazon or Leanpub.
+
+<div align="center">
+    <a href="https://www.amazon.es/dp/B0F9VPCJ7X">
+        <img src="https://img.shields.io/badge/Amazon-See_price_and_reviews-orange?style=for-the-badge&logo=amazon" />
+    </a>
+</div>

README.md

@@ -1 +1,100 @@
-# erase-una-vez-5
+# erase-una-vez-5
+
+[![English](https://img.shields.io/badge/Read_in-English-blue?style=flat-square)](README.en.md)
+
+<div align="center">
+
+<img src="./assets/book-cover.jpg" alt="Portada Libro Érase una vez Kubernetes" width="300"/>
+
+### 📚 Volúmenes OCI de Datos
+
+Su función es generar **Imágenes de Contenedor "Data-Only"**: imágenes que no tienen sistema operativo ni ejecutan nada, simplemente sirven como un "pendrive" para transportar tus archivos a cualquier clúster de Kubernetes o entorno Docker.
+
+Este repositorio es un ejemplo práctico creado para el libro **"Érase una vez Kubernetes"**.
+
+👇 **Consigue la edición actualizada 2025 aquí:** 👇
+
+[![Amazon](https://img.shields.io/badge/Amazon-Comprar_en_Tapa_Blanda-orange?style=for-the-badge&logo=amazon)](https://www.amazon.es/dp/8409212765)
+[![LeanPub](https://img.shields.io/badge/LeanPub-Descargar_Ebook-blue?style=for-the-badge&logo=leanpub)](https://leanpub.com/erase-una-vez-kubernetes)
+
+</div>
+
+## ⚡ ¿Qué tiene de especial?
+
+* **Sin Docker:** Se construye usando scripts puros (ORAS + Bash). No necesitas nada más.
+* **Ultraligera:** Basada en `scratch`. El tamaño de la imagen es igual al tamaño de tus archivos.
+* **Multi-Arquitectura:** Funciona igual en servidores Intel (`amd64`) que en Raspberry Pi/Mac (`arm64`).
+* **Automática:** GitHub Actions inyecta la versión, el autor y el commit automáticamente.
+
+---
+
+## 📦 Cómo consumir los datos
+
+Como esta imagen no tiene sistema operativo, no puedes hacer `docker run`. Úsala para copiar datos a otras aplicaciones:
+
+### Ejemplo en un Dockerfile:
+
+Crea una imagen de contenedor que utilice la imagen de datos como capa intermedia.
+
+```dockerfile
+# 1. Pull our data
+FROM ghcr.io/mmorejon/erase-una-vez-5:v1 AS my-files
+
+# 2. Copy our files to our real application (e.g. Nginx)
+FROM nginx:alpine
+COPY --from=my-files / /usr/share/nginx/html/
+```
+
+Construye la imagen e inicia el contenedor.
+
+```bash
+docker image build --tag server . && \
+docker container run --detach --publish 8080:80 server
+```
+
+Accede a los ficheros incluidos en la imagen.
+
+```bash
+curl http://localhost:8080/example-1.txt
+> Érase una vez Kubernetes
+```
+
+### Ejemplo en Kubernetes:
+
+Crea un pod que utilice la imagen de datos como volumen. Para utilizar este ejemplo necesitas tener un clúster de Kubernentes 1.35+.
+
+Si no tienes un clúster de Kubernetes, puedes usar el repositorio de ejercicios del libro Érase una vez Kubernetes.
+
+<https://github.com/mmorejon/erase-una-vez-k8s>
+
+```yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: erase-una-vez-5
+spec:
+  containers:
+  - name: server
+    image: nginx:alpine
+    volumeMounts:
+    - name: volume
+      mountPath: /usr/share/nginx/html/
+  volumes:
+  - name: volume
+    image:
+      reference: ghcr.io/mmorejon/erase-una-vez-5:main
+      pullPolicy: IfNotPresent
+```
+
+---
+
+## 🤝 Comunidad y Feedback
+
+1.  ⭐ **¿Te ha sido útil?** Dale una **estrella** al repositorio (arriba a la derecha). Nos ayuda a llegar a más ingenieros.
+2.  📚 **¿Aún no tienes el libro?** Compra el libro en Amazon o Leanpub.
+
+<div align="center">
+    <a href="https://www.amazon.es/dp/8409212765">
+        <img src="https://img.shields.io/badge/Amazon-Ver_Precio_y_Opiniones-orange?style=for-the-badge&logo=amazon" />
+    </a>
+</div>

assets/book-cover.jpg

@@ -0,0 +1 @@
+Érase una vez Kubernetes

files/example-1.txt

@@ -0,0 +1 @@
+ORAS was used to create the OCI artifact.

files/example-2.txt

@@ -0,0 +1,81 @@
+#!/bin/bash
+set -e
+
+# --- CONFIGURATION ---
+# Detect the repository name (user/repo)
+FULL_REPO="${GITHUB_REPOSITORY:-local/test-repo}"
+REPO_URL="https://github.com/${FULL_REPO}"
+IMAGE="ghcr.io/$FULL_REPO"
+TAG="${GITHUB_REF_NAME:-v1}"
+SRC_DIR="./files"
+# ---------------------
+
+log_info() { echo -e "\033[1;34m[INFO]\033[0m $1"; }
+log_step() { echo -e "\033[1;33m[STEP $1]\033[0m $2"; }
+log_success() { echo -e "\033[1;32m[SUCCESS]\033[0m $1"; }
+
+log_info "Initializing OCI artifact publication sequence."
+
+# 0. Metadata Discovery
+log_step "0/5" "Gathering metadata from environment..."
+
+# 1. Prepare the data layer
+log_step "1/5" "Packaging filesystem layer from: $SRC_DIR"
+tar -czf layer.tar.gz -C "$SRC_DIR" .
+
+# Calculate the DiffID
+log_step "2/5" "Calculating data integrity checksums (DiffID)..."
+DIFF_ID=$(gzip -d -c layer.tar.gz | (sha256sum 2>/dev/null || shasum -a 256) | awk '{print $1}')
+
+# Upload the layer
+log_step "3/5" "Uploading raw data blob..."
+LAYER_DESC=$(oras blob push "$IMAGE" layer.tar.gz --descriptor)
+
+# --- BUILD FUNCTION ---
+build_arch() {
+    local ARCH=$1
+    echo "       [INFO] Processing architecture: $ARCH" >&2
+
+    # A. Config Blob
+    jq --arg arch "$ARCH" --arg diff "sha256:$DIFF_ID" \
+       '.architecture = $arch | .rootfs.diff_ids[0] = $diff' \
+       templates/config.json > "config-$ARCH.json"
+
+    local CFG_DESC=$(oras blob push "$IMAGE" "config-$ARCH.json" --descriptor)
+
+    # B. Manifest
+    jq --argjson cfg "$CFG_DESC" \
+       --argjson layer "$LAYER_DESC" \
+       --arg src "$REPO_URL" \
+       '.config.digest = $cfg.digest | .config.size = $cfg.size |
+        .layers[0].digest = $layer.digest | .layers[0].size = $layer.size |
+        .annotations["org.opencontainers.image.source"] = $src' \
+       templates/manifest.json > "manifest-$ARCH.json"
+
+    oras manifest push "$IMAGE" "manifest-$ARCH.json" --descriptor
+}
+
+# --- EXECUTION ---
+
+log_step "4/5" "Building manifests..."
+AMD_DESC=$(build_arch "amd64")
+ARM_DESC=$(build_arch "arm64")
+
+# Create Index
+log_step "5/5" "Constructing OCI Image Index..."
+jq --argjson amd "$AMD_DESC" \
+   --argjson arm "$ARM_DESC" \
+   --arg src "$REPO_URL" \
+   '.manifests[0].digest = $amd.digest | .manifests[0].size = $amd.size |
+    .manifests[1].digest = $arm.digest | .manifests[1].size = $arm.size |
+    .annotations["org.opencontainers.image.source"] = $src' \
+   templates/index.json > index_final.json
+
+log_info "Publishing final tag: $IMAGE:$TAG"
+oras manifest push "$IMAGE:$TAG" index_final.json > /dev/null
+
+# Cleanup
+rm layer.tar.gz config-*.json manifest-*.json index_final.json
+
+echo ""
+log_success "Artifact published successfully."

publish.sh

@@ -0,0 +1,8 @@
+{
+  "architecture": "__ARCH__",
+  "os": "linux",
+  "rootfs": {
+    "type": "layers",
+    "diff_ids": ["sha256:__DIFF_ID__"]
+  }
+}

templates/config.json

@@ -0,0 +1,27 @@
+{
+  "schemaVersion": 2,
+  "mediaType": "application/vnd.oci.image.index.v1+json",
+  "manifests": [
+    {
+      "mediaType": "application/vnd.oci.image.manifest.v1+json",
+      "digest": "",
+      "size": 0,
+      "platform": {
+        "architecture": "amd64",
+        "os": "linux"
+      }
+    },
+    {
+      "mediaType": "application/vnd.oci.image.manifest.v1+json",
+      "digest": "",
+      "size": 0,
+      "platform": {
+        "architecture": "arm64",
+        "os": "linux"
+      }
+    }
+  ],
+  "annotations": {
+    "org.opencontainers.image.source": ""
+  }
+}

templates/index.json

@@ -0,0 +1,17 @@
+{
+  "schemaVersion": 2,
+  "mediaType": "application/vnd.oci.image.manifest.v1+json",
+  "config": {
+    "mediaType": "application/vnd.oci.image.config.v1+json",
+    "digest": "", "size": 0
+  },
+  "layers": [
+    {
+      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
+      "digest": "", "size": 0
+    }
+  ],
+  "annotations": {
+    "org.opencontainers.image.source": ""
+  }
+}