oci/base/alpine-image-builder/Dockerfile: debug

2024-03-04 20:22:01 +08:00 · 2024-03-04 20:22:01 +08:00 · 5833c1a1f2
commit 5833c1a1f2
parent 46f99c88f6
10 changed files with 299 additions and 36 deletions
--- a/.github/workflows/build-ci-images.yml
+++ b/.github/workflows/build-ci-images.yml
@ -3,43 +3,152 @@ name: build & push ci base images
 on:
  push:
    branches:
-      - dev
      - main
    paths:
      - '.github/workflows/build-ci-images.yml'
+      - 'oci/base/alpine-image-builder/Dockerfile' 
  pull_request:
    branches:
-      - dev
      - main
    paths:
      - '.github/workflows/build-ci-images.yml'
+      - 'oci/base/alpine-image-builder/Dockerfile' 
  workflow_dispatch:
    branches:
      - main
-
 env:
  IMAGE_REPO: "artifact.onwalk.net"
-  IMAGE_PATH: "public/base/code-lint"
-  IMAGE_TAG: "0.0.1"
-
+  IMAGE_PATH: "public/base/alpine-image-builder"
+  IMAGE_TAG: "latest"

 jobs:
-  build-images:
+  build-kaniko-image:
    runs-on: ubuntu-latest
-
+    name: Build kaniko image
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@master

-      - name: Login to Artifactory
-        uses: actions/login-action@v1
-        with:
-          registry: ${{ env.IMAGE_REPO }}
-          username: ${{ secrets.REPO_USER }}
-          password: ${{ secrets.HELM_REPO_PASSWORD }}
-
-      - name: Build & push code-lint images
-        working-directory: oci/base/debian-code-lint/
+      - name: Build & push kaniko images
+        working-directory: oci/base/alpine-image-builder
        run: |
+          docker login ${{ env.IMAGE_REPO }} -u ${{ secrets.REPO_USER }} -p ${{ secrets.HELM_REPO_PASSWORD }}
          docker build --network host -t "${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }}" -f Dockerfile .
          docker push "${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }}"
          docker rmi ${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }} || true
+
+#      - name: 'Artifact: build && push kaniko image'
+#        uses: aevea/action-kaniko@master
+#        with:
+#          registry: ${{ env.IMAGE_REPO }}
+#          username: ${{ secrets.REPO_USER }}
+#          password: ${{ secrets.HELM_REPO_PASSWORD }}
+#          path: 'oci/base/alpine-image-builder/'
+#          build_file: 'Dockerfile'
+#          image: public/base/alpine-image-builder
+#          tag: latest
+#          cache: false
+#          cache_registry: false
+
+  build-ansible-lint-image:
+    name: Build ansible lint image
+    uses: svc-design/actions/.github/workflows/build-images-with-kaniko.yaml@main
+    needs: [build-kaniko-image]
+    with:
+      registry_addr: "artifact.onwalk.net"
+      image_name: 'public/base/alpine-ansible-lint'
+      image_tag: 'latest'
+      dockerfile_path: 'oci/base/alpine-ansible-lint'
+    secrets:
+      artifactory_sa: ${{ secrets.REPO_USER }}
+      artifactory_pw: ${{ secrets.HELM_REPO_PASSWORD }}
+
+#jobs:
+#  build-images:
+#    runs-on: ubuntu-latest
+#    name: Build code-lint image
+#    steps:
+#      - uses: actions/checkout@master
+#
+#      - name: 'Artifact: build && push ansible-lint image'
+#        uses: aevea/action-kaniko@master
+#        with:
+#          registry: ${{ env.IMAGE_REPO }}
+#          username: ${{ secrets.REPO_USER }}
+#          password: ${{ secrets.HELM_REPO_PASSWORD }}
+#          path: 'oci/base/alpine-ansible-lint/'
+#          build_file: 'Dockerfile'
+#          image: public/base/alpine-ansible-lint
+#          tag: latest
+#          cache: true
+#          cache_registry: cache
+#
+#      - name: 'Artifact: build && push python-lint image'
+#        uses: aevea/action-kaniko@master
+#        with:
+#          registry: ${{ env.IMAGE_REPO }}
+#          username: ${{ secrets.REPO_USER }}
+#          password: ${{ secrets.HELM_REPO_PASSWORD }}
+#          path: 'oci/base/alpine-python-lint/'
+#          build_file: 'Dockerfile'
+#          image: public/base/alpine-python-lint
+#          tag: latest
+#          cache: true
+#          cache_registry: cache
+#
+#
+#      - name: 'Artifact: build && push go-lint image'
+#        uses: aevea/action-kaniko@master
+#        with:
+#          registry: ${{ env.IMAGE_REPO }}
+#          username: ${{ secrets.REPO_USER }}
+#          password: ${{ secrets.HELM_REPO_PASSWORD }}
+#          path: 'oci/base/alpine-go-lint/'
+#          build_file: 'Dockerfile'
+#          image: public/base/alpine-go-lint
+#          tag: latest
+#          cache: true
+#          cache_registry: cache
+#
+#      - name: 'Artifact: build && push es-lint image'
+#        uses: aevea/action-kaniko@master
+#        with:
+#          registry: ${{ env.IMAGE_REPO }}
+#          username: ${{ secrets.REPO_USER }}
+#          password: ${{ secrets.HELM_REPO_PASSWORD }}
+#          path: 'oci/base/alpine-es-lint/'
+#          build_file: 'Dockerfile'
+#          image: public/base/alpine-es-lint
+#          tag: latest
+#          cache: true
+#          cache_registry: cache
+#
+#      - name: 'Artifact: build && push yam-lint image'
+#        uses: aevea/action-kaniko@master
+#        with:
+#          registry: ${{ env.IMAGE_REPO }}
+#          username: ${{ secrets.REPO_USER }}
+#          password: ${{ secrets.HELM_REPO_PASSWORD }}
+#          path: 'oci/base/alpine-yaml-lint/'
+#          build_file: 'Dockerfile'
+#          image: public/base/alpine-yaml-lint
+#          tag: latest
+#          cache: true
+#          cache_registry: cache
+#
+#
+##    steps:
+##      - uses: actions/checkout@v3
+##
+##      - name: Login to Artifactory
+##        uses: actions/login-action@v1
+##        with:
+##          registry: ${{ env.IMAGE_REPO }}
+##          username: ${{ secrets.REPO_USER }}
+##          password: ${{ secrets.HELM_REPO_PASSWORD }}
+##
+##      - name: Build & push code-lint images
+##        working-directory: oci/base/debian-code-lint/
+##        run: |
+##          docker build --network host -t "${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }}" -f Dockerfile .
+##          docker push "${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }}"
+##          docker rmi ${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }} || true
--- a/oci/base/alpine-ansible-lint/Dockerfile
+++ b/oci/base/alpine-ansible-lint/Dockerfile
@ -0,0 +1,31 @@
+FROM alpine:3.18.3
+LABEL maintainer="Haitao Pan <manbuzhe2009@qq.com>"
+
+ARG GLIBC_VERSION=2.34-r0
+
+# install glibc compatibility for alpine
+RUN apk add --update --no-cache curl binutils \
+    && curl -sL https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub -o /etc/apk/keys/sgerrand.rsa.pub \
+    && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk \
+    && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-bin-${GLIBC_VERSION}.apk \
+    && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-i18n-${GLIBC_VERSION}.apk \
+    && apk add --no-cache --force-overwrite \
+       glibc-${GLIBC_VERSION}.apk           \
+       glibc-bin-${GLIBC_VERSION}.apk       \
+       glibc-i18n-${GLIBC_VERSION}.apk      \
+    && apk fix --force-overwrite alpine-baselayout-data \
+    && /usr/glibc-compat/bin/localedef -i en_US -f UTF-8 en_US.UTF-8 \
+    && rm -rf glibc-*.apk \
+    && rm -rf /var/cache/apk/*
+
+# Install system dependencies
+RUN apk add --no-cache git python3 py3-pip
+
+# Install ansible-lint
+RUN pip3 install --upgrade pip && pip3 install ansible-lint
+
+# Set work directory
+WORKDIR /src
+
+# Define an entrypoint
+ENTRYPOINT ["/bin/sh"]
--- a/oci/base/alpine-ansible-lint/alpine-code-lint/Dockerfile
+++ b/oci/base/alpine-ansible-lint/alpine-code-lint/Dockerfile
@ -0,0 +1,55 @@
+# Stage 1: Build environment
+FROM alpine:3.12 as builder
+
+# Install build dependencies
+RUN apk add --no-cache \
+    git \
+    curl \
+    python3 \
+    python3-dev \
+    py3-pip \
+    go \
+    nodejs \
+    npm \
+    yaml-dev \
+    libffi-dev \
+    gcc \
+    musl-dev
+
+# Install pip and Ansible
+RUN pip3 install --upgrade pip
+RUN pip3 install ansible ansible-lint
+
+# Set up Go, install Go dependencies
+RUN go get -u golang.org/x/lint/golint
+
+# Install yamllint
+RUN pip3 install yamllint
+
+# Set up Node.js and npm, install eslint and React plugin
+RUN npm install -g eslint eslint-plugin-react
+
+# Stage 2: Final image
+FROM alpine:3.12
+
+# Copy necessary files from the builder stage
+COPY --from=builder /usr/bin/python3 /usr/bin/python3
+COPY --from=builder /usr/lib/python3.8 /usr/lib/python3.8
+COPY --from=builder /usr/bin/go /usr/bin/go
+COPY --from=builder /root/go /root/go
+COPY --from=builder /usr/bin/node /usr/bin/node
+COPY --from=builder /usr/lib/node_modules /usr/lib/node_modules
+
+# Create symbolic links for python and pip
+RUN ln -s /usr/bin/python3 /usr/bin/python
+RUN ln -s /usr/bin/python3 /usr/bin/pip
+
+# Ensure the tools are in the PATH
+ENV PATH="/root/go/bin:/usr/lib/node_modules/.bin:${PATH}"
+
+# Set work directory
+WORKDIR /src
+
+# Define an entrypoint
+ENTRYPOINT ["/bin/sh"]
+
--- a/oci/app-runner/chart-builder-alpine/Dockerfile
+++ b/oci/app-runner/chart-builder-alpine/Dockerfile
@ -1,15 +1,12 @@
-FROM artifact.onwalk.net/public/alpine:latest
-MAINTAINER shenlan cloudsvcdesign@gmail.com
+alpine:latest
+MAINTAINER Haitao Pan manbuzhe2008@gmail.com

 ENV VERSION=3.11.1
 ENV BASE_URL="https://get.helm.sh"

 RUN case `uname -m` in \
-        armv7l) ARCH=arm; ;; \
-        s390x) ARCH=s390x; ;; \
        x86_64) ARCH=amd64; ;; \
        aarch64) ARCH=arm64; ;; \
-        ppc64le) ARCH=ppc64le; ;; \
        *) echo "un-supported arch, exit ..."; exit 1; ;; \
    esac && \
    apk add --update --no-cache openssh bash wget make curl jq unzip zip git ca-certificates && \
@ -21,7 +18,7 @@ RUN case `uname -m` in \
    helm plugin install https://github.com/chartmuseum/helm-push.git && \
    helm plugin install https://github.com/belitre/helm-push-artifactory-plugin.git --version v1.0.2

-ADD ca.crt /usr/share/ca-certificates/mozilla/Lets_Encrypt_ca.crt
-RUN echo "mozilla/Lets_Encrypt_ca.crt" >> /etc/ca-certificates.conf && update-ca-certificates
+#ADD ca.crt /usr/share/ca-certificates/mozilla/Lets_Encrypt_ca.crt
+#RUN echo "mozilla/Lets_Encrypt_ca.crt" >> /etc/ca-certificates.conf && update-ca-certificates

 CMD ["/bin/sh"]
--- a/oci/base/alpine-eslint/Dockerfile
+++ b/oci/base/alpine-eslint/Dockerfile
@ -0,0 +1,15 @@
+FROM alpine:3.12
+
+# Install Node.js and npm
+RUN apk add --no-cache \
+    nodejs \
+    npm
+
+# Install eslint
+RUN npm install -g eslint
+
+# Set work directory
+WORKDIR /src
+
+# Define an entrypoint
+ENTRYPOINT ["eslint"]
--- a/oci/base/alpine-glibc/Dockerfile
+++ b/oci/base/alpine-glibc/Dockerfile
@ -18,16 +18,6 @@ RUN apk add --update --no-cache curl binutils \
    && rm -rf glibc-*.apk \
    && rm -rf /var/cache/apk/*

-RUN cd /usr/local/share/ca-certificates/ && \
-    curl -k https://certinfo.roche.com/rootcerts/Roche%20Root%20CA%201.crt -o RocheRootCA1.cer    && \
-    curl -k https://certinfo.roche.com/rootcerts/RocheEnterpriseCA1.crt -o RocheEnterpriseCA1.cer && \
-    curl -k https://certinfo.roche.com/rootcerts/Roche%20Root%20CA%201%20-%20G2.crt -o RocheRootCA1-G2.cer.cer         && \
-    curl -k https://certinfo.roche.com/rootcerts/Roche%20Enterprise%20CA%201%20-%20G2.crt -o RocheEnterpriseCA1-G2.crt && \
-    curl -k https://certinfo.roche.com/rootcerts/Roche%20G3%20Root%20CA.crt -o RocheG3RootCA.crt                       && \
-    curl -k https://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%201.crt -o RocheG3IssuingCA1.crt            && \
-    curl -k https://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%202.crt -o RocheG3IssuingCA2.crt            && \
-    curl -k https://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%203.crt -o RocheG3IssuingCA3.crt            && \
-    curl -k https://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%204.crt -o RocheG3IssuingCA4.crt            && \
-    update-ca-certificates
+#RUN cd /usr/local/share/ca-certificates/ && curl -k https://extra-ca.crt -o ca.cer && update-ca-certificates

 ENTRYPOINT ["bash"]
--- a/oci/base/alpine-go-lint/Dockerfile
+++ b/oci/base/alpine-go-lint/Dockerfile
@ -0,0 +1,16 @@
+FROM alpine:latest
+
+# Install Go & Git
+RUN apk add --no-cache go go
+
+# Install golint
+RUN go get -u golang.org/x/lint/golint
+
+# Ensure the tools are in the PATH
+ENV PATH="/root/go/bin:${PATH}"
+
+# Set work directory
+WORKDIR /src
+
+# Define an entrypoint
+ENTRYPOINT ["golint"]
--- a/oci/base/alpine-image-builder/Dockerfile
+++ b/oci/base/alpine-image-builder/Dockerfile
@ -0,0 +1,19 @@
+# Builder stage
+FROM alpine:latest AS builder
+
+WORKDIR /src/
+
+RUN apk add --no-cache git gcc musl-dev go                         && \
+    export GOPATH=/src/go && mkdir -pv /src/go/bin/                && \
+    git clone https://github.com/GoogleContainerTools/kaniko.git   && \
+    cd kaniko && go install ./...
+
+# Final image
+FROM alpine:latest AS prod
+
+WORKDIR /src/
+
+RUN apk --no-cache add ca-certificates git && mkdir -pv /kaniko/
+COPY --from=builder /src/go/bin/executor /kaniko/
+
+ENTRYPOINT ["/bin/sh"]
--- a/oci/base/alpine-python-lint/Dockerfile
+++ b/oci/base/alpine-python-lint/Dockerfile
@ -0,0 +1,16 @@
+FROM alpine:3.12
+
+# Install system dependencies
+RUN apk add --no-cache \
+    python3 \
+    py3-pip
+
+# Install flake8
+RUN pip3 install flake8
+
+# Set work directory
+WORKDIR /src
+
+# Define an entrypoint
+ENTRYPOINT ["flake8"]
+
--- a/oci/base/alpine-yaml-lint/Dockerfile
+++ b/oci/base/alpine-yaml-lint/Dockerfile
@ -0,0 +1,15 @@
+FROM alpine:3.12
+
+# Install system dependencies
+RUN apk add --no-cache \
+    python3 \
+    py3-pip
+
+# Install yamllint
+RUN pip3 install yamllint
+
+# Set work directory
+WORKDIR /src
+
+# Define an entrypoint
+ENTRYPOINT ["/bin/sh"]