From 5833c1a1f2382fce0a0893e7acca804989f93ed8 Mon Sep 17 00:00:00 2001 From: Haitao Pan Date: Mon, 4 Mar 2024 20:22:01 +0800 Subject: [PATCH] oci/base/alpine-image-builder/Dockerfile: debug --- .github/workflows/build-ci-images.yml | 145 +++++++++++++++--- oci/base/alpine-ansible-lint/Dockerfile | 31 ++++ .../alpine-code-lint/Dockerfile | 55 +++++++ .../alpine-chart-builder}/Dockerfile | 11 +- oci/base/alpine-eslint/Dockerfile | 15 ++ oci/base/alpine-glibc/Dockerfile | 12 +- oci/base/alpine-go-lint/Dockerfile | 16 ++ oci/base/alpine-image-builder/Dockerfile | 19 +++ oci/base/alpine-python-lint/Dockerfile | 16 ++ oci/base/alpine-yaml-lint/Dockerfile | 15 ++ 10 files changed, 299 insertions(+), 36 deletions(-) create mode 100644 oci/base/alpine-ansible-lint/Dockerfile create mode 100644 oci/base/alpine-ansible-lint/alpine-code-lint/Dockerfile rename oci/{app-runner/chart-builder-alpine => base/alpine-chart-builder}/Dockerfile (67%) create mode 100644 oci/base/alpine-eslint/Dockerfile create mode 100644 oci/base/alpine-go-lint/Dockerfile create mode 100644 oci/base/alpine-image-builder/Dockerfile create mode 100644 oci/base/alpine-python-lint/Dockerfile create mode 100644 oci/base/alpine-yaml-lint/Dockerfile diff --git a/.github/workflows/build-ci-images.yml b/.github/workflows/build-ci-images.yml index b1e7b76..b1ec301 100644 --- a/.github/workflows/build-ci-images.yml +++ b/.github/workflows/build-ci-images.yml @@ -3,43 +3,152 @@ name: build & push ci base images on: push: branches: - - dev - main paths: - '.github/workflows/build-ci-images.yml' + - 'oci/base/alpine-image-builder/Dockerfile' pull_request: branches: - - dev - main paths: - '.github/workflows/build-ci-images.yml' + - 'oci/base/alpine-image-builder/Dockerfile' workflow_dispatch: branches: - main - env: IMAGE_REPO: "artifact.onwalk.net" - IMAGE_PATH: "public/base/code-lint" - IMAGE_TAG: "0.0.1" - + IMAGE_PATH: "public/base/alpine-image-builder" + IMAGE_TAG: "latest" jobs: - build-images: + build-kaniko-image: runs-on: ubuntu-latest - + name: Build kaniko image steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@master - - name: Login to Artifactory - uses: actions/login-action@v1 - with: - registry: ${{ env.IMAGE_REPO }} - username: ${{ secrets.REPO_USER }} - password: ${{ secrets.HELM_REPO_PASSWORD }} - - - name: Build & push code-lint images - working-directory: oci/base/debian-code-lint/ + - name: Build & push kaniko images + working-directory: oci/base/alpine-image-builder run: | + docker login ${{ env.IMAGE_REPO }} -u ${{ secrets.REPO_USER }} -p ${{ secrets.HELM_REPO_PASSWORD }} docker build --network host -t "${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }}" -f Dockerfile . docker push "${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }}" docker rmi ${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }} || true + +# - name: 'Artifact: build && push kaniko image' +# uses: aevea/action-kaniko@master +# with: +# registry: ${{ env.IMAGE_REPO }} +# username: ${{ secrets.REPO_USER }} +# password: ${{ secrets.HELM_REPO_PASSWORD }} +# path: 'oci/base/alpine-image-builder/' +# build_file: 'Dockerfile' +# image: public/base/alpine-image-builder +# tag: latest +# cache: false +# cache_registry: false + + build-ansible-lint-image: + name: Build ansible lint image + uses: svc-design/actions/.github/workflows/build-images-with-kaniko.yaml@main + needs: [build-kaniko-image] + with: + registry_addr: "artifact.onwalk.net" + image_name: 'public/base/alpine-ansible-lint' + image_tag: 'latest' + dockerfile_path: 'oci/base/alpine-ansible-lint' + secrets: + artifactory_sa: ${{ secrets.REPO_USER }} + artifactory_pw: ${{ secrets.HELM_REPO_PASSWORD }} + +#jobs: +# build-images: +# runs-on: ubuntu-latest +# name: Build code-lint image +# steps: +# - uses: actions/checkout@master +# +# - name: 'Artifact: build && push ansible-lint image' +# uses: aevea/action-kaniko@master +# with: +# registry: ${{ env.IMAGE_REPO }} +# username: ${{ secrets.REPO_USER }} +# password: ${{ secrets.HELM_REPO_PASSWORD }} +# path: 'oci/base/alpine-ansible-lint/' +# build_file: 'Dockerfile' +# image: public/base/alpine-ansible-lint +# tag: latest +# cache: true +# cache_registry: cache +# +# - name: 'Artifact: build && push python-lint image' +# uses: aevea/action-kaniko@master +# with: +# registry: ${{ env.IMAGE_REPO }} +# username: ${{ secrets.REPO_USER }} +# password: ${{ secrets.HELM_REPO_PASSWORD }} +# path: 'oci/base/alpine-python-lint/' +# build_file: 'Dockerfile' +# image: public/base/alpine-python-lint +# tag: latest +# cache: true +# cache_registry: cache +# +# +# - name: 'Artifact: build && push go-lint image' +# uses: aevea/action-kaniko@master +# with: +# registry: ${{ env.IMAGE_REPO }} +# username: ${{ secrets.REPO_USER }} +# password: ${{ secrets.HELM_REPO_PASSWORD }} +# path: 'oci/base/alpine-go-lint/' +# build_file: 'Dockerfile' +# image: public/base/alpine-go-lint +# tag: latest +# cache: true +# cache_registry: cache +# +# - name: 'Artifact: build && push es-lint image' +# uses: aevea/action-kaniko@master +# with: +# registry: ${{ env.IMAGE_REPO }} +# username: ${{ secrets.REPO_USER }} +# password: ${{ secrets.HELM_REPO_PASSWORD }} +# path: 'oci/base/alpine-es-lint/' +# build_file: 'Dockerfile' +# image: public/base/alpine-es-lint +# tag: latest +# cache: true +# cache_registry: cache +# +# - name: 'Artifact: build && push yam-lint image' +# uses: aevea/action-kaniko@master +# with: +# registry: ${{ env.IMAGE_REPO }} +# username: ${{ secrets.REPO_USER }} +# password: ${{ secrets.HELM_REPO_PASSWORD }} +# path: 'oci/base/alpine-yaml-lint/' +# build_file: 'Dockerfile' +# image: public/base/alpine-yaml-lint +# tag: latest +# cache: true +# cache_registry: cache +# +# +## steps: +## - uses: actions/checkout@v3 +## +## - name: Login to Artifactory +## uses: actions/login-action@v1 +## with: +## registry: ${{ env.IMAGE_REPO }} +## username: ${{ secrets.REPO_USER }} +## password: ${{ secrets.HELM_REPO_PASSWORD }} +## +## - name: Build & push code-lint images +## working-directory: oci/base/debian-code-lint/ +## run: | +## docker build --network host -t "${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }}" -f Dockerfile . +## docker push "${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }}" +## docker rmi ${{ env.IMAGE_REPO }}/${{ env.IMAGE_PATH }}:${{ env.IMAGE_TAG }} || true diff --git a/oci/base/alpine-ansible-lint/Dockerfile b/oci/base/alpine-ansible-lint/Dockerfile new file mode 100644 index 0000000..f8241f7 --- /dev/null +++ b/oci/base/alpine-ansible-lint/Dockerfile @@ -0,0 +1,31 @@ +FROM alpine:3.18.3 +LABEL maintainer="Haitao Pan " + +ARG GLIBC_VERSION=2.34-r0 + +# install glibc compatibility for alpine +RUN apk add --update --no-cache curl binutils \ + && curl -sL https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub -o /etc/apk/keys/sgerrand.rsa.pub \ + && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk \ + && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-bin-${GLIBC_VERSION}.apk \ + && curl -sLO https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-i18n-${GLIBC_VERSION}.apk \ + && apk add --no-cache --force-overwrite \ + glibc-${GLIBC_VERSION}.apk \ + glibc-bin-${GLIBC_VERSION}.apk \ + glibc-i18n-${GLIBC_VERSION}.apk \ + && apk fix --force-overwrite alpine-baselayout-data \ + && /usr/glibc-compat/bin/localedef -i en_US -f UTF-8 en_US.UTF-8 \ + && rm -rf glibc-*.apk \ + && rm -rf /var/cache/apk/* + +# Install system dependencies +RUN apk add --no-cache git python3 py3-pip + +# Install ansible-lint +RUN pip3 install --upgrade pip && pip3 install ansible-lint + +# Set work directory +WORKDIR /src + +# Define an entrypoint +ENTRYPOINT ["/bin/sh"] diff --git a/oci/base/alpine-ansible-lint/alpine-code-lint/Dockerfile b/oci/base/alpine-ansible-lint/alpine-code-lint/Dockerfile new file mode 100644 index 0000000..3e682c8 --- /dev/null +++ b/oci/base/alpine-ansible-lint/alpine-code-lint/Dockerfile @@ -0,0 +1,55 @@ +# Stage 1: Build environment +FROM alpine:3.12 as builder + +# Install build dependencies +RUN apk add --no-cache \ + git \ + curl \ + python3 \ + python3-dev \ + py3-pip \ + go \ + nodejs \ + npm \ + yaml-dev \ + libffi-dev \ + gcc \ + musl-dev + +# Install pip and Ansible +RUN pip3 install --upgrade pip +RUN pip3 install ansible ansible-lint + +# Set up Go, install Go dependencies +RUN go get -u golang.org/x/lint/golint + +# Install yamllint +RUN pip3 install yamllint + +# Set up Node.js and npm, install eslint and React plugin +RUN npm install -g eslint eslint-plugin-react + +# Stage 2: Final image +FROM alpine:3.12 + +# Copy necessary files from the builder stage +COPY --from=builder /usr/bin/python3 /usr/bin/python3 +COPY --from=builder /usr/lib/python3.8 /usr/lib/python3.8 +COPY --from=builder /usr/bin/go /usr/bin/go +COPY --from=builder /root/go /root/go +COPY --from=builder /usr/bin/node /usr/bin/node +COPY --from=builder /usr/lib/node_modules /usr/lib/node_modules + +# Create symbolic links for python and pip +RUN ln -s /usr/bin/python3 /usr/bin/python +RUN ln -s /usr/bin/python3 /usr/bin/pip + +# Ensure the tools are in the PATH +ENV PATH="/root/go/bin:/usr/lib/node_modules/.bin:${PATH}" + +# Set work directory +WORKDIR /src + +# Define an entrypoint +ENTRYPOINT ["/bin/sh"] + diff --git a/oci/app-runner/chart-builder-alpine/Dockerfile b/oci/base/alpine-chart-builder/Dockerfile similarity index 67% rename from oci/app-runner/chart-builder-alpine/Dockerfile rename to oci/base/alpine-chart-builder/Dockerfile index 4ab4b5a..29ac857 100644 --- a/oci/app-runner/chart-builder-alpine/Dockerfile +++ b/oci/base/alpine-chart-builder/Dockerfile @@ -1,15 +1,12 @@ -FROM artifact.onwalk.net/public/alpine:latest -MAINTAINER shenlan cloudsvcdesign@gmail.com +alpine:latest +MAINTAINER Haitao Pan manbuzhe2008@gmail.com ENV VERSION=3.11.1 ENV BASE_URL="https://get.helm.sh" RUN case `uname -m` in \ - armv7l) ARCH=arm; ;; \ - s390x) ARCH=s390x; ;; \ x86_64) ARCH=amd64; ;; \ aarch64) ARCH=arm64; ;; \ - ppc64le) ARCH=ppc64le; ;; \ *) echo "un-supported arch, exit ..."; exit 1; ;; \ esac && \ apk add --update --no-cache openssh bash wget make curl jq unzip zip git ca-certificates && \ @@ -21,7 +18,7 @@ RUN case `uname -m` in \ helm plugin install https://github.com/chartmuseum/helm-push.git && \ helm plugin install https://github.com/belitre/helm-push-artifactory-plugin.git --version v1.0.2 -ADD ca.crt /usr/share/ca-certificates/mozilla/Lets_Encrypt_ca.crt -RUN echo "mozilla/Lets_Encrypt_ca.crt" >> /etc/ca-certificates.conf && update-ca-certificates +#ADD ca.crt /usr/share/ca-certificates/mozilla/Lets_Encrypt_ca.crt +#RUN echo "mozilla/Lets_Encrypt_ca.crt" >> /etc/ca-certificates.conf && update-ca-certificates CMD ["/bin/sh"] diff --git a/oci/base/alpine-eslint/Dockerfile b/oci/base/alpine-eslint/Dockerfile new file mode 100644 index 0000000..a675da4 --- /dev/null +++ b/oci/base/alpine-eslint/Dockerfile @@ -0,0 +1,15 @@ +FROM alpine:3.12 + +# Install Node.js and npm +RUN apk add --no-cache \ + nodejs \ + npm + +# Install eslint +RUN npm install -g eslint + +# Set work directory +WORKDIR /src + +# Define an entrypoint +ENTRYPOINT ["eslint"] diff --git a/oci/base/alpine-glibc/Dockerfile b/oci/base/alpine-glibc/Dockerfile index 6d00012..8ee1550 100644 --- a/oci/base/alpine-glibc/Dockerfile +++ b/oci/base/alpine-glibc/Dockerfile @@ -18,16 +18,6 @@ RUN apk add --update --no-cache curl binutils \ && rm -rf glibc-*.apk \ && rm -rf /var/cache/apk/* -RUN cd /usr/local/share/ca-certificates/ && \ - curl -k https://certinfo.roche.com/rootcerts/Roche%20Root%20CA%201.crt -o RocheRootCA1.cer && \ - curl -k https://certinfo.roche.com/rootcerts/RocheEnterpriseCA1.crt -o RocheEnterpriseCA1.cer && \ - curl -k https://certinfo.roche.com/rootcerts/Roche%20Root%20CA%201%20-%20G2.crt -o RocheRootCA1-G2.cer.cer && \ - curl -k https://certinfo.roche.com/rootcerts/Roche%20Enterprise%20CA%201%20-%20G2.crt -o RocheEnterpriseCA1-G2.crt && \ - curl -k https://certinfo.roche.com/rootcerts/Roche%20G3%20Root%20CA.crt -o RocheG3RootCA.crt && \ - curl -k https://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%201.crt -o RocheG3IssuingCA1.crt && \ - curl -k https://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%202.crt -o RocheG3IssuingCA2.crt && \ - curl -k https://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%203.crt -o RocheG3IssuingCA3.crt && \ - curl -k https://certinfo.roche.com/rootcerts/Roche%20G3%20Issuing%20CA%204.crt -o RocheG3IssuingCA4.crt && \ - update-ca-certificates +#RUN cd /usr/local/share/ca-certificates/ && curl -k https://extra-ca.crt -o ca.cer && update-ca-certificates ENTRYPOINT ["bash"] diff --git a/oci/base/alpine-go-lint/Dockerfile b/oci/base/alpine-go-lint/Dockerfile new file mode 100644 index 0000000..0807c61 --- /dev/null +++ b/oci/base/alpine-go-lint/Dockerfile @@ -0,0 +1,16 @@ +FROM alpine:latest + +# Install Go & Git +RUN apk add --no-cache go go + +# Install golint +RUN go get -u golang.org/x/lint/golint + +# Ensure the tools are in the PATH +ENV PATH="/root/go/bin:${PATH}" + +# Set work directory +WORKDIR /src + +# Define an entrypoint +ENTRYPOINT ["golint"] diff --git a/oci/base/alpine-image-builder/Dockerfile b/oci/base/alpine-image-builder/Dockerfile new file mode 100644 index 0000000..579796a --- /dev/null +++ b/oci/base/alpine-image-builder/Dockerfile @@ -0,0 +1,19 @@ +# Builder stage +FROM alpine:latest AS builder + +WORKDIR /src/ + +RUN apk add --no-cache git gcc musl-dev go && \ + export GOPATH=/src/go && mkdir -pv /src/go/bin/ && \ + git clone https://github.com/GoogleContainerTools/kaniko.git && \ + cd kaniko && go install ./... + +# Final image +FROM alpine:latest AS prod + +WORKDIR /src/ + +RUN apk --no-cache add ca-certificates git && mkdir -pv /kaniko/ +COPY --from=builder /src/go/bin/executor /kaniko/ + +ENTRYPOINT ["/bin/sh"] diff --git a/oci/base/alpine-python-lint/Dockerfile b/oci/base/alpine-python-lint/Dockerfile new file mode 100644 index 0000000..46a1fc9 --- /dev/null +++ b/oci/base/alpine-python-lint/Dockerfile @@ -0,0 +1,16 @@ +FROM alpine:3.12 + +# Install system dependencies +RUN apk add --no-cache \ + python3 \ + py3-pip + +# Install flake8 +RUN pip3 install flake8 + +# Set work directory +WORKDIR /src + +# Define an entrypoint +ENTRYPOINT ["flake8"] + diff --git a/oci/base/alpine-yaml-lint/Dockerfile b/oci/base/alpine-yaml-lint/Dockerfile new file mode 100644 index 0000000..3251545 --- /dev/null +++ b/oci/base/alpine-yaml-lint/Dockerfile @@ -0,0 +1,15 @@ +FROM alpine:3.12 + +# Install system dependencies +RUN apk add --no-cache \ + python3 \ + py3-pip + +# Install yamllint +RUN pip3 install yamllint + +# Set work directory +WORKDIR /src + +# Define an entrypoint +ENTRYPOINT ["/bin/sh"]