Merge branch 'release-1.2.0' into stable

osixia · Jun 15, 2020 · 4065205 · 4065205
2 parents 807519d + 3292d04
commit 4065205
Show file tree

Hide file tree

Showing 34 changed files with 896 additions and 773 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -0,0 +1,110 @@
+language: bash
+
+services:
+  - docker
+env:
+  global:
+    - NAME="osixia/light-baseimage"
+    - VERSION="${TRAVIS_BRANCH}-dev"
+  matrix:
+    - TARGET_ARCH=amd64 QEMU_ARCH=x86_64
+    - TARGET_ARCH=i386 QEMU_ARCH=i386
+    - TARGET_ARCH=arm32v7 QEMU_ARCH=arm
+    - TARGET_ARCH=arm64v8 QEMU_ARCH=aarch64
+
+addons:
+  apt:
+    # The docker manifest command was added in docker-ee version 18.x
+    # So update our current installation and we also have to enable the experimental features.
+    sources:
+      - sourceline: "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
+        key_url: "https://download.docker.com/linux/ubuntu/gpg"
+    packages:
+      - docker-ce
+
+before_install:
+  - docker --version
+  - mkdir $HOME/.docker
+  - 'echo "{" > $HOME/.docker/config.json'
+  - 'echo "  \"experimental\": \"enabled\"" >> $HOME/.docker/config.json'
+  - 'echo "}" >> $HOME/.docker/config.json'
+  - sudo service docker restart
+
+install:
+  # For cross buidling our images
+  # This is necessary because travis-ci.org has only x86_64 machines.
+  # If travis-ci.org gets native arm builds, probably this step is not
+  # necessary any more.
+  - docker run --rm --privileged multiarch/qemu-user-static:register --reset
+    # Bats is necessary for the UT
+  - curl -o bats.tar.gz -SL https://github.com/bats-core/bats-core/archive/v1.1.0.tar.gz
+  - mkdir bats-core && tar -xf bats.tar.gz -C bats-core --strip-components=1
+  - cd bats-core/
+  - sudo ./install.sh /usr/local
+  - cd ..
+
+before_script:
+  # Injecting the necessary information and binaries for cross-compiling the images.
+  # In native builds this information and binaries are not necessary and that is why
+  # we are injecting them in the build scripts and we do not include them in the Dockerfiles
+  - if [[ "${TARGET_ARCH}" != 'amd64' ]]; then
+    sed -i "s/FROM debian/FROM ${TARGET_ARCH}\/debian/" image/Dockerfile;
+    fi
+  - if [[ "${TARGET_ARCH}" != 'amd64' ]]; then
+    sed -i "/${TARGET_ARCH}\/debian/a COPY \
+    --from=multiarch/qemu-user-static:x86_64-${QEMU_ARCH} \
+    /usr/bin/qemu-${QEMU_ARCH}-static /usr/bin/" image/Dockerfile;
+    fi
+  - cat image/Dockerfile;
+  # If this is a tag then change the VERSION variable to only have the
+  # tag name and not also the commit hash.
+  - if [ -n "$TRAVIS_TAG" ]; then
+    VERSION=$(echo "${TRAVIS_TAG}" | sed -e 's/\(.*\)[-v]\(.*\)/\1\2/g');
+    fi
+
+script:
+  - make build-nocache NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH}
+  # Run the test and if the test fails mark the build as failed.
+  - make test NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH}
+
+before_deploy:
+  - docker run -d --name test_image ${NAME}:${VERSION}-${TARGET_ARCH} sleep 10
+  - sleep 5
+  - sudo docker ps | grep -q test_image
+  # To have `DOCKER_USER` and `DOCKER_PASS`
+  # use `travis env set`.
+  - docker login -u "$DOCKER_USER" -p "$DOCKER_PASS";
+  - make tag NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH}
+
+deploy:
+  provider: script
+  on:
+    all_branches: true
+  script: make push NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH}
+
+jobs:
+  include:
+    - stage: Manifest creation
+      install: skip
+      script: skip
+      after_deploy:
+        - docker login -u "$DOCKER_USER" -p "$DOCKER_PASS";
+        - docker manifest create ${NAME}:${VERSION} ${NAME}:${VERSION}-amd64 ${NAME}:${VERSION}-i386 ${NAME}:${VERSION}-arm32v7 ${NAME}:${VERSION}-arm64v8;
+          docker manifest annotate ${NAME}:${VERSION} ${NAME}:${VERSION}-amd64 --os linux --arch amd64;
+          docker manifest annotate ${NAME}:${VERSION} ${NAME}:${VERSION}-i386 --os linux --arch 386;
+          docker manifest annotate ${NAME}:${VERSION} ${NAME}:${VERSION}-arm32v7 --os linux --arch arm --variant v7;
+          docker manifest annotate ${NAME}:${VERSION} ${NAME}:${VERSION}-arm64v8 --os linux --arch arm64 --variant v8;
+
+        # The latest tag is coming from the stable branch of the repo
+        - if [ "${TRAVIS_BRANCH}" == 'stable' ]; then
+          docker manifest create ${NAME}:latest ${NAME}:${VERSION}-amd64 ${NAME}:${VERSION}-i386 ${NAME}:${VERSION}-arm32v7 ${NAME}:${VERSION}-arm64v8;
+          docker manifest annotate ${NAME}:latest ${NAME}:${VERSION}-amd64 --os linux --arch amd64;
+          docker manifest annotate ${NAME}:latest ${NAME}:${VERSION}-i386 --os linux --arch 386;
+          docker manifest annotate ${NAME}:latest ${NAME}:${VERSION}-arm32v7 --os linux --arch arm --variant v7;
+          docker manifest annotate ${NAME}:latest ${NAME}:${VERSION}-arm64v8 --os linux --arch arm64 --variant v8;
+          fi
+
+        - docker manifest push ${NAME}:${VERSION};
+          if [ "${TRAVIS_BRANCH}" == 'stable' ]; then
+          docker manifest push ${NAME}:latest;
+          fi
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,18 @@
 # Changelog
 
+## [1.2.0] - 2020-06-15
+### Added
+  - Add multiarch support. Thanks to @ndanyluk and @anagno !
+  - Allow usage of additional hostnames in self signed certificate #19. Thanks to @Bobonium
+
+### Changed 
+  - Use debian buster-slim as baseimage
+  - Upgrade python script to python3
+  - Upgrade CFSSL version to 1.4.1
+
+### Fixed
+  - Fix shellcheck errors and warnings on all scripts
+
 ## [1.1.2] - 2019-04-05
 ### Added
   - jsonssl add support for traefik >= v1.6 acme.json file
@@ -146,6 +159,7 @@
 ## 0.1.0 - 2015-07-23
 Initial release
 
+[1.2.0]: https://github.com/osixia/docker-light-baseimage/compare/v1.1.2...v1.2.0
 [1.1.2]: https://github.com/osixia/docker-light-baseimage/compare/v1.1.1...v1.1.2
 [1.1.1]: https://github.com/osixia/docker-light-baseimage/compare/v1.1.0...v1.1.1
 [1.1.0]: https://github.com/osixia/docker-light-baseimage/compare/v1.0.0...v1.1.0

diff --git a/Makefile b/Makefile
@@ -1,17 +1,20 @@
 NAME = osixia/light-baseimage
-VERSION = 1.1.2
+VERSION = 1.2.0
 
 .PHONY: build build-nocache test tag-latest push push-latest release git-tag-version
 
 build:
-	docker build -t $(NAME):$(VERSION) --rm image
+	docker build -f image/Dockerfile -t $(NAME):$(VERSION) --rm image
 
 build-nocache:
-	docker build -t $(NAME):$(VERSION) --no-cache --rm image
+	docker build -f image/Dockerfile -t $(NAME):$(VERSION) --no-cache --rm image
 
 test:
 	env NAME=$(NAME) VERSION=$(VERSION) bats test/test.bats
 
+tag:
+	docker tag $(NAME):$(VERSION) $(NAME):$(VERSION)
+
 tag-latest:
 	docker tag $(NAME):$(VERSION) $(NAME):latest
 

diff --git a/README.md b/README.md
@@ -6,16 +6,15 @@
 
 [hub]: https://hub.docker.com/r/osixia/light-baseimage/
 
-Latest release: 1.1.2 (debian stretch) - 1.0.2 (debian jessie) [Changelog](CHANGELOG.md)
+Latest release: 1.2.0 [Changelog](CHANGELOG.md)
  | [Docker Hub](https://hub.docker.com/r/osixia/light-baseimage/) 
 
-A Debian 9 (Stretch) based docker image to build reliable image quickly. This image provide a simple opinionated solution to build multiple or single process image with minimum of layers and an optimized build.
+A **Debian 10 (Buster)** based docker image to build reliable image quickly. This image provide a simple opinionated solution to build multiple or single process image with minimum of layers and an optimized build.
 
 The aims of this image is to be used as a base for your own Docker images. It's base on the awesome work of: [phusion/baseimage-docker](https://github.com/phusion/baseimage-docker)
 
 Other base distribution are available:
-- [Alpine 3.6](https://github.com/osixia/docker-light-baseimage/tree/feature-linux-alpine) | Beta | [Docker Hub](https://hub.docker.com/r/osixia/alpine-light-baseimage/) | [![](https://images.microbadger.com/badges/image/osixia/alpine-light-baseimage.svg)](http://microbadger.com/images/osixia/alpine-light-baseimage "Get your own image badge on microbadger.com")
-- [Ubuntu 16:04](https://github.com/osixia/docker-light-baseimage/tree/ubuntu) | [Docker Hub](https://hub.docker.com/r/osixia/ubuntu-light-baseimage/) | [![](https://images.microbadger.com/badges/image/osixia/ubuntu-light-baseimage.svg)](http://microbadger.com/images/osixia/ubuntu-light-baseimage "Get your own image badge on microbadger.com")
+- [Alpine](https://github.com/osixia/docker-light-baseimage/tree/alpine) | [Docker Hub](https://hub.docker.com/r/osixia/alpine-light-baseimage/) | [![](https://images.microbadger.com/badges/image/osixia/alpine-light-baseimage.svg)](http://microbadger.com/images/osixia/alpine-light-baseimage "Get your own image badge on microbadger.com")
 
 Table of Contents
 - [osixia/light-baseimage](#osixialight-baseimage)
@@ -150,8 +149,7 @@ In the Dockerfile we are going to:
 
         # Use osixia/light-baseimage
         # https://github.com/osixia/docker-light-baseimage
-        FROM osixia/light-baseimage:1.1.2
-        MAINTAINER Your Name <[email protected]>
+        FROM osixia/light-baseimage:1.2.0
 
         # Download nginx from apt-get and clean apt-get files
         RUN apt-get -y update \
@@ -393,8 +391,7 @@ In the Dockerfile we are going to:
 
       # Use osixia/light-baseimage
       # https://github.com/osixia/docker-light-baseimage
-      FROM osixia/light-baseimage:1.1.2
-      MAINTAINER Your Name <[email protected]>
+      FROM osixia/light-baseimage:1.2.0
 
       # Install multiple process stack, nginx and php7.0-fpm and clean apt-get files
       # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/add-multiple-process-stack
@@ -595,8 +592,7 @@ Here simple Dockerfile example how to add a service-available to an image:
 
         # Use osixia/light-baseimage
         # https://github.com/osixia/docker-light-baseimage
-        FROM osixia/light-baseimage:1.1.2
-        MAINTAINER Your Name <[email protected]>
+        FROM osixia/light-baseimage:1.2.0
 
         # Add cfssl and cron service-available
         # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/add-service-available
@@ -665,7 +661,7 @@ What it does:
 
 *Run tool* takes several options, to list them:
 
-    docker run osixia/light-baseimage:1.1.2 --help
+    docker run osixia/light-baseimage:1.2.0 --help
     usage: run [-h] [-e] [-s] [-p] [-f] [-o {startup,process,finish}]
                [-c COMMAND [WHEN={startup,process,finish} ...]] [-k]
                [--wait-state FILENAME] [--wait-first-startup] [--keep-startup-env]
@@ -758,7 +754,7 @@ The container environment is then exported to /container/run/environment and in
 
 If a main command is set for example:
 
-    docker run -it osixia/openldap:1.1.0 bash
+    docker run -it osixia/openldap:1.4.0 bash
 
 *Run tool* will execute the single process and the main command. If the main command exits the container exits. This is useful to debug or image development purpose.
 
@@ -768,15 +764,15 @@ In a multiple process image *run tool* execute runit witch supervise /container/
 
 If a main command is set for example:
 
-    docker run -it osixia/phpldapadmin:0.6.7 bash
+    docker run -it osixia/phpldapadmin:0.9.0 bash
 
 *run tool* will execute runit and the main command. If the main command exits the container exits. This is still useful to debug or image development purpose.
 
 ###### No process image
 If a main command is set *run tool* launch it otherwise bash is launched.
 Example:
 
-    docker run -it osixia/light-baseimage:1.1.2
+    docker run -it osixia/light-baseimage:1.2.0
 
 
 ##### Extra environment variables
@@ -852,14 +848,14 @@ Note this yaml definition:
 
 Can also be set by command line converted in python or json:
 
-    docker run -it --env FRUITS="#PYTHON2BASH:['orange','apple']" osixia/light-baseimage:1.1.2 printenv
-    docker run -it --env FRUITS="#JSON2BASH:[\"orange\",\"apple\"]" osixia/light-baseimage:1.1.2 printenv
+    docker run -it --env FRUITS="#PYTHON2BASH:['orange','apple']" osixia/light-baseimage:1.2.0 printenv
+    docker run -it --env FRUITS="#JSON2BASH:[\"orange\",\"apple\"]" osixia/light-baseimage:1.2.0 printenv
 
 ### Tests
 
 We use **Bats** (Bash Automated Testing System) to test this image:
 
-> [https://github.com/sstephenson/bats](https://github.com/sstephenson/bats)
+> [https://github.com/bats-core/bats-core](https://github.com/bats-core/bats-core)
 
 Install Bats, and in this project directory run:
 

diff --git a/example/multiple-process-image/Dockerfile b/example/multiple-process-image/Dockerfile
@@ -1,15 +1,14 @@
 # Use osixia/light-baseimage
 # https://github.com/osixia/docker-light-baseimage
-FROM osixia/light-baseimage:1.1.2
-MAINTAINER Your Name <[email protected]>
+FROM osixia/light-baseimage:1.2.0
 
 # Install multiple process stack, nginx and php7.0-fpm and clean apt-get files
 # https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/add-multiple-process-stack
 RUN apt-get -y update \
     && /container/tool/add-multiple-process-stack \
     && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
-       nginx \
-       php7.0-fpm \
+    nginx \
+    php7.0-fpm \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 

diff --git a/example/single-process-image/Dockerfile b/example/single-process-image/Dockerfile
@@ -1,14 +1,13 @@
 # Use osixia/light-baseimage
 # https://github.com/osixia/docker-light-baseimage
-FROM osixia/light-baseimage:1.1.2
-MAINTAINER Your Name <[email protected]>
+FROM osixia/light-baseimage:1.2.0
 
 # Download nginx from apt-get and clean apt-get files
 RUN apt-get -y update \
     && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
-       nginx \
-   && apt-get clean \
-   && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+    nginx \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
 # Add service directory to /container/service
 ADD service /container/service

diff --git a/image/Dockerfile b/image/Dockerfile
@@ -1,4 +1,4 @@
-FROM debian:stretch-slim
+FROM debian:buster-slim
 
 COPY . /container
 RUN /container/build.sh

diff --git a/image/build.sh b/image/build.sh
@@ -22,7 +22,7 @@ MINIMAL_APT_GET_INSTALL='apt-get install -y --no-install-recommends'
 ## https://journal.paul.querna.org/articles/2013/10/15/docker-ubuntu-on-rackspace/
 ## http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594189
 export INITRD=no
-echo -n no > /container/environment/INITRD
+printf no > /container/environment/INITRD
 
 apt-get update
 
@@ -39,7 +39,7 @@ dpkg-divert --local --rename --add /usr/bin/ischroot
 ln -sf /bin/true /usr/bin/ischroot
 
 ## Install apt-utils.
-$MINIMAL_APT_GET_INSTALL apt-utils apt-transport-https ca-certificates locales procps dirmngr gnupg iproute python-minimal python-yaml
+$MINIMAL_APT_GET_INSTALL apt-utils apt-transport-https ca-certificates locales procps dirmngr gnupg iproute2 python3-minimal python3-yaml
 
 ## Upgrade all packages.
 apt-get dist-upgrade -y --no-install-recommends -o Dpkg::Options::="--force-confold"
@@ -49,9 +49,9 @@ echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
 locale-gen en_US
 update-locale LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8
 
-echo -n en_US.UTF-8 > /container/environment/LANG
-echo -n en_US.UTF-8 > /container/environment/LANGUAGE
-echo -n en_US.UTF-8 > /container/environment/LC_CTYPE
+printf en_US.UTF-8 > /container/environment/LANG
+printf en_US.UTF-8 > /container/environment/LANGUAGE
+printf en_US.UTF-8 > /container/environment/LC_CTYPE
 
 apt-get clean
 rm -rf /tmp/* /var/tmp/*

diff --git a/image/service-available/:cron/download.sh b/image/service-available/:cron/download.sh
@@ -2,5 +2,3 @@
 
 # download cron from apt-get
 LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends cron
-
-exit 0
diff --git a/image/service-available/:cron/install.sh b/image/service-available/:cron/install.sh
@@ -12,5 +12,3 @@ rm -f /etc/cron.daily/upstart
 rm -f /etc/cron.daily/dpkg
 rm -f /etc/cron.daily/password
 rm -f /etc/cron.weekly/fstrim
-
-exit 0
diff --git a/image/service-available/:cron/startup.sh b/image/service-available/:cron/startup.sh
@@ -10,5 +10,3 @@ find /etc/cron.daily/ -exec touch {} \;
 find /etc/cron.hourly/ -exec touch {} \;
 find /etc/cron.monthly/ -exec touch {} \;
 find /etc/cron.weekly/ -exec touch {} \;
-
-exit 0
diff --git a/image/service-available/:logrotate/download.sh b/image/service-available/:logrotate/download.sh
@@ -2,5 +2,3 @@
 
 # download logrotate from apt-get
 LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends logrotate
-
-exit 0
diff --git a/image/service-available/:logrotate/install.sh b/image/service-available/:logrotate/install.sh
@@ -2,5 +2,3 @@
 
 rm -f /etc/logrotate.conf
 rm -f /etc/logrotate.d/syslog-ng
-
-exit 0
diff --git a/image/service-available/:logrotate/startup.sh b/image/service-available/:logrotate/startup.sh
@@ -1,8 +1,6 @@
 #!/bin/sh -e
 log-helper level eq trace && set -x
-ln -sf ${CONTAINER_SERVICE_DIR}/:logrotate/assets/config/logrotate.conf /etc/logrotate.conf
-ln -sf ${CONTAINER_SERVICE_DIR}/:logrotate/assets/config/logrotate_syslogng /etc/logrotate.d/syslog-ng
+ln -sf "${CONTAINER_SERVICE_DIR}/:logrotate/assets/config/logrotate.conf" /etc/logrotate.conf
+ln -sf "${CONTAINER_SERVICE_DIR}/:logrotate/assets/config/logrotate_syslogng" /etc/logrotate.d/syslog-ng
 
-chmod 444 -R ${CONTAINER_SERVICE_DIR}/:logrotate/assets/config/*
-
-exit 0
+chmod 444 -R "${CONTAINER_SERVICE_DIR}"/:logrotate/assets/config/*
diff --git a/image/service-available/:runit/download.sh b/image/service-available/:runit/download.sh
@@ -2,5 +2,3 @@
 
 # download runit from apt-get
 LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends runit
-
-exit 0