From 988202d44f92bd80c96dcf1da865b2d79a0adeef Mon Sep 17 00:00:00 2001 From: Dwi Fahni Denni Date: Mon, 1 Aug 2022 03:51:37 +0700 Subject: [PATCH] Refactoring helm install plugins for container alpine & ubuntu --- compose/docker/cicd-alpine/Dockerfile | 8 +- .../docker/cicd-alpine/Dockerfile-Alpine-3.15 | 147 ++++++++++++++++++ .../docker/cicd-alpine/Dockerfile-Alpine-3.16 | 147 ++++++++++++++++++ compose/docker/cicd-ubuntu/Dockerfile | 6 +- .../cicd-ubuntu/Dockerfile-Ubuntu-16.04 | 6 +- .../cicd-ubuntu/Dockerfile-Ubuntu-18.04 | 6 +- .../cicd-ubuntu/Dockerfile-Ubuntu-20.04 | 6 +- .../cicd-ubuntu/Dockerfile-Ubuntu-22.04 | 6 +- 8 files changed, 313 insertions(+), 19 deletions(-) create mode 100644 compose/docker/cicd-alpine/Dockerfile-Alpine-3.15 create mode 100644 compose/docker/cicd-alpine/Dockerfile-Alpine-3.16 diff --git a/compose/docker/cicd-alpine/Dockerfile b/compose/docker/cicd-alpine/Dockerfile index 6da37003..d426b01a 100644 --- a/compose/docker/cicd-alpine/Dockerfile +++ b/compose/docker/cicd-alpine/Dockerfile @@ -14,7 +14,7 @@ ENV IMG_DESC="Docker Image CI/CD" ENV IMG_ARCH="amd64/x86_64" ENV ALPINE_VERSION="3.16" -ENV CICD_VERSION="1.0.4" +ENV CICD_VERSION="1.0.5" LABEL maintainer="$AUTHOR" \ architecture="$IMG_ARCH" \ @@ -99,8 +99,8 @@ RUN wget -O terraform_${TERRAFORM_VERSION}_linux_amd64.zip \ ./get_helm.sh; sync # install helm plugins -RUN helm plugin install https://github.com/databus23/helm-diff \ - helm plugin install https://github.com/hypnoglow/helm-s3.git \ +RUN helm plugin install https://github.com/databus23/helm-diff &&\ + helm plugin install https://github.com/hypnoglow/helm-s3.git &&\ helm repo add stable https://charts.helm.sh/stable; sync # install helmfile @@ -114,7 +114,7 @@ RUN wget -O /usr/local/bin/kubectl \ chmod +x /usr/local/bin/kubectl; sync # install python libraries -RUN python3 -m pip install pip==21.3.1 &&\ +RUN python3 -m pip install pip==22.0.4 &&\ pip3 install --upgrade pip cffi awscli &&\ # install ansible pip3 install --no-cache-dir \ diff --git a/compose/docker/cicd-alpine/Dockerfile-Alpine-3.15 b/compose/docker/cicd-alpine/Dockerfile-Alpine-3.15 new file mode 100644 index 00000000..e4e900bc --- /dev/null +++ b/compose/docker/cicd-alpine/Dockerfile-Alpine-3.15 @@ -0,0 +1,147 @@ +# FROM alpine:${ALPINE_VERSION:-3.15} +FROM nginx:${NGINX_VERSION:-1.21-alpine} + +ARG BUILD_DATE +ARG BUILD_VERSION +ARG GIT_COMMIT +ARG GIT_URL + +ENV VENDOR="DevOpsCornerId" +ENV AUTHOR="DevOpsCorner.id " +ENV IMG_NAME="cicd-alpine" +ENV IMG_VERSION="3.15" +ENV IMG_DESC="Docker Image CI/CD" +ENV IMG_ARCH="amd64/x86_64" + +ENV ALPINE_VERSION="3.15" +ENV CICD_VERSION="1.0.5" + +LABEL maintainer="$AUTHOR" \ + architecture="$IMG_ARCH" \ + alpine-version="$ALPINE_VERSION" \ + cicd-version="$CICD_VERSION" \ + org.label-schema.build-date="$BUILD_DATE" \ + org.label-schema.name="$IMG_NAME" \ + org.label-schema.description="$IMG_DESC" \ + org.label-schema.vcs-ref="$GIT_COMMIT" \ + org.label-schema.vcs-url="$GIT_URL" \ + org.label-schema.vendor="$VENDOR" \ + org.label-schema.version="$BUILD_VERSION" \ + org.label-schema.schema-version="$IMG_VERSION" \ + org.opencontainers.image.authors="$AUTHOR" \ + org.opencontainers.image.description="$IMG_DESC" \ + org.opencontainers.image.vendor="$VENDOR" \ + org.opencontainers.image.version="$IMG_VERSION" \ + org.opencontainers.image.revision="$GIT_COMMIT" \ + org.opencontainers.image.created="$BUILD_DATE" \ + fr.hbis.docker.base.build-date="$BUILD_DATE" \ + fr.hbis.docker.base.name="$IMG_NAME" \ + fr.hbis.docker.base.vendor="$VENDOR" \ + fr.hbis.docker.base.version="$BUILD_VERSION" + +COPY rootfs / + +ENV ANSIBLE_VERSION=2.12.2 +ENV ANSIBLE_TOWER_CLI_VERSION=3.3.4 +ENV PACKER_VERSION=1.7.10 +ENV TERRAFORM_VERSION=1.1.7 +ENV TERRAGRUNT_VERSION=v0.36.1 +ENV TERRASCAN_VERSION=1.14.0 +ENV HELMFILE_VERSION=v0.144.0 +ENV KUBECTL_VERSION=v1.24.0 + +USER root +RUN apk add --no-cache \ + build-base \ + git \ + bash \ + curl \ + jq \ + libffi-dev \ + wget \ + ca-certificates \ + openssh \ + openssh-server \ + vim \ + nano \ + zip \ + unzip \ + python3 \ + python3-dev \ + py3-pip &&\ + set -ex; sync + +# install terraform +RUN wget -O terraform_${TERRAFORM_VERSION}_linux_amd64.zip \ + https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip &&\ + unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin &&\ + rm -f terraform_${TERRAFORM_VERSION}_linux_amd64.zip; sync &&\ + # install terragrunt + wget -O /usr/local/bin/terragrunt \ + https://github.com/gruntwork-io/terragrunt/releases/download/${TERRAGRUNT_VERSION}/terragrunt_linux_amd64 &&\ + chmod +x /usr/local/bin/terragrunt; sync &&\ + # install packer + wget -O packer_${PACKER_VERSION}_linux_amd64.zip \ + https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_amd64.zip &&\ + unzip packer_${PACKER_VERSION}_linux_amd64.zip -d /usr/local/bin &&\ + rm -f packer_${PACKER_VERSION}_linux_amd64.zip; sync &&\ + # install terrascan + wget -O terrascan.tar.gz \ + https://github.com/accurics/terrascan/releases/download/v${TERRASCAN_VERSION}/terrascan_${TERRASCAN_VERSION}_Linux_x86_64.tar.gz &&\ + tar -zxf terrascan.tar.gz -C /usr/local/bin &&\ + chmod +x /usr/local/bin/terrascan &&\ + rm terrascan.tar.gz; sync &&\ + # install infracost + curl -fsSL https://raw.githubusercontent.com/infracost/infracost/master/scripts/install.sh | bash; sync &&\ + # install helm + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 \ + chmod 700 get_helm.sh \ + ./get_helm.sh; sync + +# install helm plugins +RUN helm plugin install https://github.com/databus23/helm-diff &&\ + helm plugin install https://github.com/hypnoglow/helm-s3.git &&\ + helm repo add stable https://charts.helm.sh/stable; sync + +# install helmfile +RUN wget -O /usr/local/bin/helmfile \ + https://github.com/roboll/helmfile/releases/download/${HELMFILE_VERSION}/helmfile_linux_amd64 &&\ + chmod +x /usr/local/bin/helmfile; sync + +# install kubectl +RUN wget -O /usr/local/bin/kubectl \ + https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl &&\ + chmod +x /usr/local/bin/kubectl; sync + +# install python libraries +RUN python3 -m pip install pip==21.3.1 &&\ + pip3 install --upgrade pip cffi awscli &&\ + # install ansible + pip3 install --no-cache-dir \ + ansible-core==${ANSIBLE_VERSION} \ + ansible-tower-cli==${ANSIBLE_TOWER_CLI_VERSION} \ + PyYaml \ + Jinja2 \ + httplib2 \ + six \ + requests \ + boto3 \ + # install checkov + checkov &&\ + # setup root .ssh directory + mkdir -p /root/.ssh && chmod 0700 /root/.ssh && chown -R root. /root/.ssh + +RUN chmod +x /tmp/*.sh + +# cleanup cache +RUN rm -rf /var/cache/apk/* /root/.cache /tmp/* + +WORKDIR /root + +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 22 80 + +STOPSIGNAL SIGQUIT + +CMD ["nginx", "-g", "daemon off;"] diff --git a/compose/docker/cicd-alpine/Dockerfile-Alpine-3.16 b/compose/docker/cicd-alpine/Dockerfile-Alpine-3.16 new file mode 100644 index 00000000..d426b01a --- /dev/null +++ b/compose/docker/cicd-alpine/Dockerfile-Alpine-3.16 @@ -0,0 +1,147 @@ +# FROM alpine:${ALPINE_VERSION:-3.16} +FROM nginx:${NGINX_VERSION:-1.21-alpine} + +ARG BUILD_DATE +ARG BUILD_VERSION +ARG GIT_COMMIT +ARG GIT_URL + +ENV VENDOR="DevOpsCornerId" +ENV AUTHOR="DevOpsCorner.id " +ENV IMG_NAME="cicd-alpine" +ENV IMG_VERSION="3.16" +ENV IMG_DESC="Docker Image CI/CD" +ENV IMG_ARCH="amd64/x86_64" + +ENV ALPINE_VERSION="3.16" +ENV CICD_VERSION="1.0.5" + +LABEL maintainer="$AUTHOR" \ + architecture="$IMG_ARCH" \ + alpine-version="$ALPINE_VERSION" \ + cicd-version="$CICD_VERSION" \ + org.label-schema.build-date="$BUILD_DATE" \ + org.label-schema.name="$IMG_NAME" \ + org.label-schema.description="$IMG_DESC" \ + org.label-schema.vcs-ref="$GIT_COMMIT" \ + org.label-schema.vcs-url="$GIT_URL" \ + org.label-schema.vendor="$VENDOR" \ + org.label-schema.version="$BUILD_VERSION" \ + org.label-schema.schema-version="$IMG_VERSION" \ + org.opencontainers.image.authors="$AUTHOR" \ + org.opencontainers.image.description="$IMG_DESC" \ + org.opencontainers.image.vendor="$VENDOR" \ + org.opencontainers.image.version="$IMG_VERSION" \ + org.opencontainers.image.revision="$GIT_COMMIT" \ + org.opencontainers.image.created="$BUILD_DATE" \ + fr.hbis.docker.base.build-date="$BUILD_DATE" \ + fr.hbis.docker.base.name="$IMG_NAME" \ + fr.hbis.docker.base.vendor="$VENDOR" \ + fr.hbis.docker.base.version="$BUILD_VERSION" + +COPY rootfs / + +ENV ANSIBLE_VERSION=2.12.2 +ENV ANSIBLE_TOWER_CLI_VERSION=3.3.4 +ENV PACKER_VERSION=1.7.10 +ENV TERRAFORM_VERSION=1.1.7 +ENV TERRAGRUNT_VERSION=v0.36.1 +ENV TERRASCAN_VERSION=1.14.0 +ENV HELMFILE_VERSION=v0.144.0 +ENV KUBECTL_VERSION=v1.24.0 + +USER root +RUN apk add --no-cache \ + build-base \ + git \ + bash \ + curl \ + jq \ + libffi-dev \ + wget \ + ca-certificates \ + openssh \ + openssh-server \ + vim \ + nano \ + zip \ + unzip \ + python3 \ + python3-dev \ + py3-pip &&\ + set -ex; sync + +# install terraform +RUN wget -O terraform_${TERRAFORM_VERSION}_linux_amd64.zip \ + https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip &&\ + unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin &&\ + rm -f terraform_${TERRAFORM_VERSION}_linux_amd64.zip; sync &&\ + # install terragrunt + wget -O /usr/local/bin/terragrunt \ + https://github.com/gruntwork-io/terragrunt/releases/download/${TERRAGRUNT_VERSION}/terragrunt_linux_amd64 &&\ + chmod +x /usr/local/bin/terragrunt; sync &&\ + # install packer + wget -O packer_${PACKER_VERSION}_linux_amd64.zip \ + https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_amd64.zip &&\ + unzip packer_${PACKER_VERSION}_linux_amd64.zip -d /usr/local/bin &&\ + rm -f packer_${PACKER_VERSION}_linux_amd64.zip; sync &&\ + # install terrascan + wget -O terrascan.tar.gz \ + https://github.com/accurics/terrascan/releases/download/v${TERRASCAN_VERSION}/terrascan_${TERRASCAN_VERSION}_Linux_x86_64.tar.gz &&\ + tar -zxf terrascan.tar.gz -C /usr/local/bin &&\ + chmod +x /usr/local/bin/terrascan &&\ + rm terrascan.tar.gz; sync &&\ + # install infracost + curl -fsSL https://raw.githubusercontent.com/infracost/infracost/master/scripts/install.sh | bash; sync &&\ + # install helm + curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 \ + chmod 700 get_helm.sh \ + ./get_helm.sh; sync + +# install helm plugins +RUN helm plugin install https://github.com/databus23/helm-diff &&\ + helm plugin install https://github.com/hypnoglow/helm-s3.git &&\ + helm repo add stable https://charts.helm.sh/stable; sync + +# install helmfile +RUN wget -O /usr/local/bin/helmfile \ + https://github.com/roboll/helmfile/releases/download/${HELMFILE_VERSION}/helmfile_linux_amd64 &&\ + chmod +x /usr/local/bin/helmfile; sync + +# install kubectl +RUN wget -O /usr/local/bin/kubectl \ + https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl &&\ + chmod +x /usr/local/bin/kubectl; sync + +# install python libraries +RUN python3 -m pip install pip==22.0.4 &&\ + pip3 install --upgrade pip cffi awscli &&\ + # install ansible + pip3 install --no-cache-dir \ + ansible-core==${ANSIBLE_VERSION} \ + ansible-tower-cli==${ANSIBLE_TOWER_CLI_VERSION} \ + PyYaml \ + Jinja2 \ + httplib2 \ + six \ + requests \ + boto3 \ + # install checkov + checkov &&\ + # setup root .ssh directory + mkdir -p /root/.ssh && chmod 0700 /root/.ssh && chown -R root. /root/.ssh + +RUN chmod +x /tmp/*.sh + +# cleanup cache +RUN rm -rf /var/cache/apk/* /root/.cache /tmp/* + +WORKDIR /root + +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 22 80 + +STOPSIGNAL SIGQUIT + +CMD ["nginx", "-g", "daemon off;"] diff --git a/compose/docker/cicd-ubuntu/Dockerfile b/compose/docker/cicd-ubuntu/Dockerfile index 8f5f63d3..213eebcd 100644 --- a/compose/docker/cicd-ubuntu/Dockerfile +++ b/compose/docker/cicd-ubuntu/Dockerfile @@ -104,8 +104,8 @@ RUN wget -O terraform_${TERRAFORM_VERSION}_linux_amd64.zip \ ./get_helm.sh; sync # install helm plugins -RUN helm plugin install https://github.com/databus23/helm-diff \ - helm plugin install https://github.com/hypnoglow/helm-s3.git \ +RUN helm plugin install https://github.com/databus23/helm-diff &&\ + helm plugin install https://github.com/hypnoglow/helm-s3.git &&\ helm repo add stable https://charts.helm.sh/stable; sync # install helmfile @@ -119,7 +119,7 @@ RUN wget -O /usr/local/bin/kubectl \ chmod +x /usr/local/bin/kubectl; sync # install python libraries -RUN python3 -m pip install pip==21.3.1 &&\ +RUN python3 -m pip install pip==22.0.4 &&\ pip3 install --upgrade pip cffi awscli &&\ # install ansible pip3 install --no-cache-dir \ diff --git a/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-16.04 b/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-16.04 index 5f8db99f..9b93fb5a 100644 --- a/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-16.04 +++ b/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-16.04 @@ -104,8 +104,8 @@ RUN wget -O terraform_${TERRAFORM_VERSION}_linux_amd64.zip \ ./get_helm.sh; sync # install helm plugins -RUN helm plugin install https://github.com/databus23/helm-diff \ - helm plugin install https://github.com/hypnoglow/helm-s3.git \ +RUN helm plugin install https://github.com/databus23/helm-diff &&\ + helm plugin install https://github.com/hypnoglow/helm-s3.git &&\ helm repo add stable https://charts.helm.sh/stable; sync # install helmfile @@ -119,7 +119,7 @@ RUN wget -O /usr/local/bin/kubectl \ chmod +x /usr/local/bin/kubectl; sync # install python libraries -RUN python3 -m pip install pip==21.3.1 &&\ +RUN python3 -m pip install pip==22.0.4 &&\ pip3 install --upgrade pip cffi awscli &&\ # install ansible pip3 install --no-cache-dir \ diff --git a/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-18.04 b/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-18.04 index c7b2a515..43254cdf 100644 --- a/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-18.04 +++ b/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-18.04 @@ -104,8 +104,8 @@ RUN wget -O terraform_${TERRAFORM_VERSION}_linux_amd64.zip \ ./get_helm.sh; sync # install helm plugins -RUN helm plugin install https://github.com/databus23/helm-diff \ - helm plugin install https://github.com/hypnoglow/helm-s3.git \ +RUN helm plugin install https://github.com/databus23/helm-diff &&\ + helm plugin install https://github.com/hypnoglow/helm-s3.git &&\ helm repo add stable https://charts.helm.sh/stable; sync # install helmfile @@ -119,7 +119,7 @@ RUN wget -O /usr/local/bin/kubectl \ chmod +x /usr/local/bin/kubectl; sync # install python libraries -RUN python3 -m pip install pip==21.3.1 &&\ +RUN python3 -m pip install pip==22.0.4 &&\ pip3 install --upgrade pip cffi awscli &&\ # install ansible pip3 install --no-cache-dir \ diff --git a/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-20.04 b/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-20.04 index 77163129..b58b5ccd 100644 --- a/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-20.04 +++ b/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-20.04 @@ -104,8 +104,8 @@ RUN wget -O terraform_${TERRAFORM_VERSION}_linux_amd64.zip \ ./get_helm.sh; sync # install helm plugins -RUN helm plugin install https://github.com/databus23/helm-diff \ - helm plugin install https://github.com/hypnoglow/helm-s3.git \ +RUN helm plugin install https://github.com/databus23/helm-diff &&\ + helm plugin install https://github.com/hypnoglow/helm-s3.git &&\ helm repo add stable https://charts.helm.sh/stable; sync # install helmfile @@ -119,7 +119,7 @@ RUN wget -O /usr/local/bin/kubectl \ chmod +x /usr/local/bin/kubectl; sync # install python libraries -RUN python3 -m pip install pip==21.3.1 &&\ +RUN python3 -m pip install pip==22.0.4 &&\ pip3 install --upgrade pip cffi awscli &&\ # install ansible pip3 install --no-cache-dir \ diff --git a/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-22.04 b/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-22.04 index 8f5f63d3..213eebcd 100644 --- a/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-22.04 +++ b/compose/docker/cicd-ubuntu/Dockerfile-Ubuntu-22.04 @@ -104,8 +104,8 @@ RUN wget -O terraform_${TERRAFORM_VERSION}_linux_amd64.zip \ ./get_helm.sh; sync # install helm plugins -RUN helm plugin install https://github.com/databus23/helm-diff \ - helm plugin install https://github.com/hypnoglow/helm-s3.git \ +RUN helm plugin install https://github.com/databus23/helm-diff &&\ + helm plugin install https://github.com/hypnoglow/helm-s3.git &&\ helm repo add stable https://charts.helm.sh/stable; sync # install helmfile @@ -119,7 +119,7 @@ RUN wget -O /usr/local/bin/kubectl \ chmod +x /usr/local/bin/kubectl; sync # install python libraries -RUN python3 -m pip install pip==21.3.1 &&\ +RUN python3 -m pip install pip==22.0.4 &&\ pip3 install --upgrade pip cffi awscli &&\ # install ansible pip3 install --no-cache-dir \