.gitlab-ci.yml

-stages:
-  - build
-  - scan
-  - deploy
-  - rebuild
-
 include:
-  # build and publish _this_ image
-  - local: '.gitlab/ci/build.yml'
-  # trigger rebuilds of downstream images
-  - local: '.gitlab/ci/trigger.yml'
+  # configure build/scan/push jobs
+  - component: git.ligo.org/computing/gitlab/components/docker/all@1
+    inputs:
+      # path of main project
+      upstream_project_path: docker/base
+      # compare container_scanning results of new images to this one
+      default_image_name: "docker/base:el9-testing"
+      # run these commands to test the image
+      test_script:
+        - dnf info igwn-testing-config
+      # this project deploys all branches of the main project
+      deploy_when: all
+      # remote registry repositories:
+      docker_io_repository: igwn/base
+      quay_io_repository: igwn/base
+      # trigger rebuilds of the same branch in other projects
+      trigger_projects:
+        - docker/builder

.gitlab/ci/build.yml

-# ---------------------------
-# Build workflow
-# ---------------------------
-
-include:
-  # https://computing.docs.ligo.org/gitlab-ci-templates/
-  - project: computing/gitlab-ci-templates
-    # https://computing.docs.ligo.org/gitlab-ci-templates/docker/
-    file: docker.yml
-  # https://docs.gitlab.com/ee/user/application_security/container_scanning/
-  - template: Security/Container-Scanning.gitlab-ci.yml
-
-# -- build the image --------
-
-build:
-  stage: build
-  extends:
-    # https://computing.docs.ligo.org/gitlab-ci-templates/docker/#.docker:build
-    - .docker:build
-  variables:
-    # use the branch name as the tag
-    CI_REGISTRY_TAG: '$CI_COMMIT_REF_SLUG'
-
-# -- scan the image ---------
-
-# check the image for vulnerabilities, see
-# https://docs.gitlab.com/ee/user/application_security/container_scanning/
-container_scanning:
-  stage: scan
-  needs: [build]
-  variables:
-    DOCKER_IMAGE: '$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG'
-
-# -- push the image ---------
-
-.push:
-  stage: deploy
-  needs: [build]
-  variables:
-    # pull the branch image
-    PULL_IMAGE: "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG"
-    # push to igwn namespace
-    PUSH_IMAGE: "igwn/$CI_PROJECT_NAME:$CI_COMMIT_REF_SLUG"
-  rules:
-    # only run on pushes to the upstream repo (not on forks)
-    - if: '$CI_PROJECT_NAMESPACE == "docker" && $CI_COMMIT_BRANCH'
-
-push:docker_io:
-  extends:
-    # https://computing.docs.ligo.org/gitlab-ci-templates/docker/#.docker:push:docker_io
-    - .docker:push:docker_io
-    - .push
-
-push:quay_io:
-  extends:
-    # https://computing.docs.ligo.org/gitlab-ci-templates/docker/#.docker:push:quay_io
-    - .docker:push:quay_io
-    - .push

.gitlab/ci/trigger.yml

-# ---------------------------
-# Downstream trigger workflow
-# ---------------------------
-
-.rebuild:
-  stage: rebuild
-  rules:
-    # only run on pushes to the upstream repo (not on forks)
-    - if: '$CI_PROJECT_NAMESPACE == "docker" && $CI_COMMIT_BRANCH'
-  trigger:
-    # default rebuilds to trigger on the same branch
-    branch: $CI_COMMIT_BRANCH

Dockerfile

@@ -16,12 +16,12 @@ RUN dnf -y install https://research.cs.wisc.edu/htcondor/repo/23.x/htcondor-rele
     dnf config-manager -q --save --setopt="htcondor.skip_if_unavailable=true" &> /dev/null
 
 # add osg repository
-RUN dnf -y install https://repo.opensciencegrid.org/osg/3.6/osg-3.6-el9-release-latest.rpm && \
+RUN dnf -y install https://repo.opensciencegrid.org/osg/23-main/osg-23-main-el9-release-latest.rpm && \
     dnf config-manager --set-enabled osg-testing && \
     dnf config-manager -q --save --setopt="osg.skip_if_unavailable=true" &> /dev/null && \
-    dnf config-manager -q --save --setopt="osg.exclude=*condor*,pegasus*" &> /dev/null && \
+    dnf config-manager -q --save --setopt="osg.exclude=*condor*" &> /dev/null && \
     dnf config-manager -q --save --setopt="osg-testing.skip_if_unavailable=true" &> /dev/null && \
-    dnf config-manager -q --save --setopt="osg-testing.exclude=*condor*,pegasus*" &> /dev/null
+    dnf config-manager -q --save --setopt="osg-testing.exclude=*condor*" &> /dev/null
 
 # install extra packages
 RUN dnf -y install \