diff --git a/.github/workflows/jenkins-agent-ansible-pr.yaml b/.github/workflows/jenkins-agent-ansible-pr.yaml index 5c7b7bd0a..0e7ac2d5c 100644 --- a/.github/workflows/jenkins-agent-ansible-pr.yaml +++ b/.github/workflows/jenkins-agent-ansible-pr.yaml @@ -18,6 +18,11 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + ignore: DL3041 + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-arachni-pr.yaml b/.github/workflows/jenkins-agent-arachni-pr.yaml index 106428a34..bc88b8372 100644 --- a/.github/workflows/jenkins-agent-arachni-pr.yaml +++ b/.github/workflows/jenkins-agent-arachni-pr.yaml @@ -18,6 +18,10 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-argocd-pr.yaml b/.github/workflows/jenkins-agent-argocd-pr.yaml index 625835e49..f8d52d30c 100644 --- a/.github/workflows/jenkins-agent-argocd-pr.yaml +++ b/.github/workflows/jenkins-agent-argocd-pr.yaml @@ -18,6 +18,10 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-cosign-pr.yaml b/.github/workflows/jenkins-agent-cosign-pr.yaml index 8995457d8..a4b978572 100644 --- a/.github/workflows/jenkins-agent-cosign-pr.yaml +++ b/.github/workflows/jenkins-agent-cosign-pr.yaml @@ -18,6 +18,10 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-erlang-pr.yaml b/.github/workflows/jenkins-agent-erlang-pr.yaml index 9122e0101..96f397b46 100644 --- a/.github/workflows/jenkins-agent-erlang-pr.yaml +++ b/.github/workflows/jenkins-agent-erlang-pr.yaml @@ -18,6 +18,10 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-golang-pr.yaml b/.github/workflows/jenkins-agent-golang-pr.yaml index eb5626eb9..0619a0685 100644 --- a/.github/workflows/jenkins-agent-golang-pr.yaml +++ b/.github/workflows/jenkins-agent-golang-pr.yaml @@ -18,6 +18,11 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + ignore: DL3041 + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-gradle-pr.yaml b/.github/workflows/jenkins-agent-gradle-pr.yaml index 5e8bf17d7..456ebefd8 100644 --- a/.github/workflows/jenkins-agent-gradle-pr.yaml +++ b/.github/workflows/jenkins-agent-gradle-pr.yaml @@ -18,6 +18,11 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + ignore: DL3041 + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-hugo-pr.yaml b/.github/workflows/jenkins-agent-hugo-pr.yaml index f4511a890..596f7461f 100644 --- a/.github/workflows/jenkins-agent-hugo-pr.yaml +++ b/.github/workflows/jenkins-agent-hugo-pr.yaml @@ -18,6 +18,10 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-image-mgmt-pr.yaml b/.github/workflows/jenkins-agent-image-mgmt-pr.yaml index a83288622..3ca61577b 100644 --- a/.github/workflows/jenkins-agent-image-mgmt-pr.yaml +++ b/.github/workflows/jenkins-agent-image-mgmt-pr.yaml @@ -23,6 +23,10 @@ jobs: with: IMAGE_CONTEXT_DIR: ${{ env.context }} + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-mongodb-pr.yaml b/.github/workflows/jenkins-agent-mongodb-pr.yaml index 694e8e4c6..e4bc8c3c5 100644 --- a/.github/workflows/jenkins-agent-mongodb-pr.yaml +++ b/.github/workflows/jenkins-agent-mongodb-pr.yaml @@ -18,6 +18,10 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-mvn-pr.yaml b/.github/workflows/jenkins-agent-mvn-pr.yaml index 5bdc76f2c..02bfa2236 100644 --- a/.github/workflows/jenkins-agent-mvn-pr.yaml +++ b/.github/workflows/jenkins-agent-mvn-pr.yaml @@ -18,6 +18,11 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + ignore: DL3041 + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-mvn-publish.yaml b/.github/workflows/jenkins-agent-mvn-publish.yaml new file mode 100644 index 000000000..a83d95c1d --- /dev/null +++ b/.github/workflows/jenkins-agent-mvn-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-mvn-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent-mvn/version.json + - .github/workflows/jenkins-agent-mvn-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent-mvn + image_name: jenkins-agent-mvn + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} diff --git a/.github/workflows/jenkins-agent-npm-pr.yaml b/.github/workflows/jenkins-agent-npm-pr.yaml index 4fe56d662..eafd0d008 100644 --- a/.github/workflows/jenkins-agent-npm-pr.yaml +++ b/.github/workflows/jenkins-agent-npm-pr.yaml @@ -18,6 +18,11 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + ignore: DL3041 + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-python-pr.yaml b/.github/workflows/jenkins-agent-python-pr.yaml index 50b9167ea..572c792e5 100644 --- a/.github/workflows/jenkins-agent-python-pr.yaml +++ b/.github/workflows/jenkins-agent-python-pr.yaml @@ -21,7 +21,7 @@ jobs: - name: Check if version.json has been bumped id: changes - run: echo "changed=$(git --no-pager diff --name-only origin/master HEAD | grep "${context}/version.json" | wc -l)" >> $GITHUB_OUTPUT + run: echo "changed=$(git --no-pager diff --name-only origin/main HEAD | grep "${context}/version.json" | wc -l)" >> $GITHUB_OUTPUT - name: Fail if version.json not bumped if: steps.changes.outputs.changed == 0 @@ -35,6 +35,11 @@ jobs: with: IMAGE_CONTEXT_DIR: ${{ env.context }} + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + ignore: DL3041 + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-ruby-pr.yaml b/.github/workflows/jenkins-agent-ruby-pr.yaml index a51d1733e..0dd9a135d 100644 --- a/.github/workflows/jenkins-agent-ruby-pr.yaml +++ b/.github/workflows/jenkins-agent-ruby-pr.yaml @@ -18,6 +18,11 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + ignore: DL3041 + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.github/workflows/jenkins-agent-rust-pr.yaml b/.github/workflows/jenkins-agent-rust-pr.yaml index b0884abd8..73e3fdaf6 100644 --- a/.github/workflows/jenkins-agent-rust-pr.yaml +++ b/.github/workflows/jenkins-agent-rust-pr.yaml @@ -18,6 +18,11 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + ignore: DL3041 + - name: Build image uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 with: diff --git a/.gitignore b/.gitignore index 6cb1cb5df..e315e52cc 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,5 @@ policy/ # BATS _test/test_helper/ + +jenkins-agents/jenkins-agent-npm/node_modules diff --git a/jenkins-agents/jenkins-agent-ansible/Dockerfile b/jenkins-agents/jenkins-agent-ansible/Dockerfile index e657fed6f..7344db02d 100644 --- a/jenkins-agents/jenkins-agent-ansible/Dockerfile +++ b/jenkins-agents/jenkins-agent-ansible/Dockerfile @@ -1,46 +1,17 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 -# renovate: datasource=pypi depName=ansible-core -ARG ANSIBLE_CORE_VERSION=2.16.2 - -LABEL \ - release="1" \ - version="4.14" \ - architecture="x86_64" \ +LABEL name="redhat-cop/jenkins-agent-ansible" \ io.k8s.display-name="Jenkins Agent Ansible" \ - name="openshift/origin-jenkins-agent-ansible-ubi8" \ - io.openshift.tags="openshift,jenkins,agent,ansible" \ - com.redhat.component="jenkins-agent-ansible-ubi8-docker" \ - io.k8s.description="The jenkins agent ansible image has ansible on top of the jenkins agent base image." - -ARG DNF_FLAGS="-y" + io.k8s.description="The jenkins agent ansible image has ansible on top of the jenkins agent base image." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-ansible" -ARG PIP_PKGS="\ - molecule \ - paramiko \ - openshift \ - kubernetes \ - ansible-core==${ANSIBLE_CORE_VERSION} \ -" -ARG DNF_PKGS="python311" +USER root -ADD ubi8.repo /tmp/ubi8.repo - -RUN set -x \ - && rm -f /etc/yum.repos.d/*.repo \ - && mv /tmp/ubi8.repo /etc/yum.repos.d/ \ - && dnf install ${DNF_FLAGS} ${DNF_PKGS} \ - && dnf ${DNF_FLAGS} clean all \ - && rm -rf /var/cache/dnf \ - && alternatives --set python3 /usr/bin/python3.11 \ - && python3 -m ensurepip --default-pip \ - && python3 -m pip install --upgrade pip \ - && python3 -m pip install ${PIP_PKGS} \ - && chmod -R 775 /etc/alternatives \ - && chmod -R 775 /var/lib/alternatives \ - && echo +COPY requirements.txt /requirements.txt +RUN dnf -y install --nodocs python3.11 python3.11-pip && \ + dnf clean all && \ + pip3.11 install --no-cache-dir -r /requirements.txt USER 1001 -ENV \ - LANG=en_US.UTF-8 \ - LC_ALL=en_US.UTF-8 \ + +RUN ansible --version \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-ansible/requirements.txt b/jenkins-agents/jenkins-agent-ansible/requirements.txt new file mode 100644 index 000000000..0053eaca9 --- /dev/null +++ b/jenkins-agents/jenkins-agent-ansible/requirements.txt @@ -0,0 +1,5 @@ +molecule +paramiko +openshift +kubernetes +ansible-core==2.16.2 \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-ansible/ubi8.repo b/jenkins-agents/jenkins-agent-ansible/ubi8.repo deleted file mode 100644 index 80cce40a4..000000000 --- a/jenkins-agents/jenkins-agent-ansible/ubi8.repo +++ /dev/null @@ -1,20 +0,0 @@ -[rhel-8-baseos] -id = rhel-8-baseos-cop -name = Red Hat Universal Base Image 8 Baseos (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-appstream] -id = rhel-8-appstream-cop -name = Red Hat Universal Base Image 8 Appstream (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-codeready-builder-rpms] -id = rhel-8-codeready-builder-rpms-cop -name = Red Hat Universal Base Image 8 Codeready Builder (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/os -enabled = 1 -gpgcheck = 1 diff --git a/jenkins-agents/jenkins-agent-arachni/Dockerfile b/jenkins-agents/jenkins-agent-arachni/Dockerfile index 11d3f602e..2d94f7cbb 100644 --- a/jenkins-agents/jenkins-agent-arachni/Dockerfile +++ b/jenkins-agents/jenkins-agent-arachni/Dockerfile @@ -1,14 +1,31 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder -ARG ARACHNI_VERSION=1.5.1 -ARG WEB_VERSION=0.5.12 +SHELL ["/bin/bash", "-c"] -WORKDIR /arachni +# renovate: datasource=github-releases depName=Arachni/arachni +ARG ARACHNI_VERSION=v1.5.1 +ARG WEB_VERSION=0.5.12 -RUN curl -sLo- https://github.com/Arachni/arachni/releases/download/v${ARACHNI_VERSION}/arachni-${ARACHNI_VERSION}-${WEB_VERSION}-linux-x86_64.tar.gz | tar xvz -C /arachni --strip-components=1 && \ +RUN curl -L "https://github.com/Arachni/arachni/releases/download/${ARACHNI_VERSION}/arachni-${ARACHNI_VERSION//v}-${WEB_VERSION}-linux-x86_64.tar.gz" -o /tmp/arachni.tar.gz && \ + tar --no-same-owner -xzf /tmp/arachni.tar.gz && \ + mv "/arachni-${ARACHNI_VERSION//v}-${WEB_VERSION}" /arachni && \ chown -R root:root /arachni && \ chmod -R 775 /arachni -COPY reporters ./system/gems/gems/arachni-${ARACHNI_VERSION}/components/reporters +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 + +LABEL name="redhat-cop/jenkins-agent-arachni" \ + io.k8s.display-name="Jenkins Agent Arachni" \ + io.k8s.description="The jenkins agent arachni." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-arachni" + +COPY --from=builder /arachni /arachni +COPY reporters /arachni/system/gems/gems/arachni-${ARACHNI_VERSION}/components/reporters + +WORKDIR /arachni USER 1001 + +RUN /arachni/bin/arachni --version \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-argocd/Dockerfile b/jenkins-agents/jenkins-agent-argocd/Dockerfile index 122e24f8c..879bee7f7 100644 --- a/jenkins-agents/jenkins-agent-argocd/Dockerfile +++ b/jenkins-agents/jenkins-agent-argocd/Dockerfile @@ -1,13 +1,31 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder + +SHELL ["/bin/bash", "-c"] # renovate: datasource=github-releases depName=argoproj/argo-cd -ENV ARGOCD_VERSION=v2.9.3 +ARG ARGOCD_VERSION=v2.9.3 # renovate: datasource=github-releases depName=mikefarah/yq -ENV YQ_VERSION=v4.40.5 +ARG YQ_VERSION=v4.40.5 + +RUN curl -L "https://github.com/argoproj/argo-cd/releases/download/${ARGOCD_VERSION}/argocd-linux-amd64" -o /usr/local/bin/argocd && \ + chmod +x /usr/local/bin/argocd && \ + argocd version --client + +RUN curl -L "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" -o /usr/local/bin/yq && \ + chmod +x /usr/local/bin/yq && \ + yq --version + +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 + +LABEL name="redhat-cop/jenkins-agent-argocd" \ + io.k8s.display-name="Jenkins Agent ArgoCD" \ + io.k8s.description="The jenkins agent argocd." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-argocd" -RUN curl -sL https://github.com/argoproj/argo-cd/releases/download/${ARGOCD_VERSION}/argocd-linux-amd64 -o /usr/local/bin/argocd && \ - chmod -R 775 /usr/local/bin/argocd && \ - curl -sL https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64 -o /usr/local/bin/yq && \ - chmod -R 775 /usr/local/bin/yq +COPY --from=builder /usr/local/bin/argocd /usr/local/bin/argocd +COPY --from=builder /usr/local/bin/yq /usr/local/bin/yq -USER 1001 +RUN argocd version --client && \ + yq --version \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-cosign/Dockerfile b/jenkins-agents/jenkins-agent-cosign/Dockerfile index 8c4ab0865..5eb5e2cd7 100644 --- a/jenkins-agents/jenkins-agent-cosign/Dockerfile +++ b/jenkins-agents/jenkins-agent-cosign/Dockerfile @@ -1,12 +1,20 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 - -USER root +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder # renovate: datasource=github-releases depName=sigstore/cosign ARG COSIGN_VERSION=v2.2.2 +RUN curl -L "https://github.com/sigstore/cosign/releases/download/${COSIGN_VERSION}/cosign-linux-amd64" -o /usr/local/bin/cosign && \ + chmod +x /usr/local/bin/cosign && \ + cosign version + +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 + +LABEL name="redhat-cop/jenkins-agent-cosign" \ + io.k8s.display-name="Jenkins Agent Cosign" \ + io.k8s.description="The jenkins agent cosign." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-cosign" -# Install cosign -RUN curl -L -o /usr/local/bin/cosign https://github.com/sigstore/cosign/releases/download/${COSIGN_VERSION}/cosign-linux-amd64 && \ - chmod 755 /usr/local/bin/cosign +COPY --from=builder /usr/local/bin/cosign /usr/local/bin/cosign -USER 1001 +RUN cosign version \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-erlang/Dockerfile b/jenkins-agents/jenkins-agent-erlang/Dockerfile index 5f7fd2059..8d5f78f81 100644 --- a/jenkins-agents/jenkins-agent-erlang/Dockerfile +++ b/jenkins-agents/jenkins-agent-erlang/Dockerfile @@ -1,14 +1,31 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder -# renovate: datasource=github-releases depName=rabbitmq/erlang-rpm -ARG ERLANG_VERSION=v26.2 # renovate: datasource=github-releases depName=erlang/rebar3 ARG REBAR3_VERSION=3.22.1 +RUN curl -L "https://github.com/erlang/rebar3/releases/download/${REBAR3_VERSION}/rebar3" -o /usr/local/bin/rebar3 && \ + chmod +x /usr/local/bin/rebar3 + +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 + +SHELL ["/bin/bash", "-c"] + +LABEL name="redhat-cop/jenkins-agent-erlang" \ + io.k8s.display-name="Jenkins Agent erlang" \ + io.k8s.description="The jenkins agent erlang." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-erlang" -RUN set -xe && \ - dnf install -y https://github.com/rabbitmq/erlang-rpm/releases/download/${ERLANG_VERSION}/erlang-${ERLANG_VERSION//v}-1.el8.x86_64.rpm && \ - curl -Lo /usr/local/bin/rebar3 https://github.com/erlang/rebar3/releases/download/${REBAR3_VERSION}/rebar3 && \ - chmod +x /usr/local/bin/rebar3 && \ - dnf clean all -y +# renovate: datasource=github-releases depName=rabbitmq/erlang-rpm +ARG ERLANG_VERSION=v26.2 + +USER root + +COPY --from=builder /usr/local/bin/rebar3 /usr/local/bin/rebar3 +RUN dnf install -y "https://github.com/rabbitmq/erlang-rpm/releases/download/${ERLANG_VERSION}/erlang-${ERLANG_VERSION//v}-1.el8.x86_64.rpm" && \ + dnf clean all USER 1001 + +RUN erl -version && \ + rebar3 version \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-golang/Dockerfile b/jenkins-agents/jenkins-agent-golang/Dockerfile index 99c8ad83a..e5c2c94d8 100644 --- a/jenkins-agents/jenkins-agent-golang/Dockerfile +++ b/jenkins-agents/jenkins-agent-golang/Dockerfile @@ -1,34 +1,48 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder + +RUN dnf install -y unzip && \ + dnf clean all + +# renovate: datasource=github-releases depName=SonarSource/sonar-scanner-cli +ARG SONAR_SCANNER_VERSION=4.8.1.3023 +RUN curl -L "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}.zip" -o /tmp/sonar-scanner.zip && \ + unzip /tmp/sonar-scanner.zip && \ + mv sonar-scanner-* /opt/sonar-scanner && \ + chmod +x /opt/sonar-scanner/bin/sonar-scanner # renovate: datasource=golang-version depName=go -ARG GO_VERSION=1.20 -ARG SONAR_SCANNER_VERSION=4.5.0.2216 +ARG GO_VERSION=1.21.5 +RUN curl -L "https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz" -o /tmp/go.tar.gz && \ + tar -C /usr/local/ -xzf /tmp/go.tar.gz + +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 + +LABEL name="redhat-cop/jenkins-agent-golang" \ + io.k8s.display-name="Jenkins Agent golang" \ + io.k8s.description="The jenkins agent golang." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-golang" + ENV GOROOT=/usr/local/go \ GOPATH=/usr/src/go -ENV PATH=$GOPATH/bin:$GOROOT/bin:$PATH \ - LANG=en_US.UTF-8 \ - LANGUAGE=en_US:en \ - LC_ALL=en_US.UTF-8 -WORKDIR /opt -RUN curl -L -o /tmp/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}.zip && \ - unzip /tmp/sonar-scanner.zip && \ - rm /tmp/sonar-scanner.zip && \ - mv sonar-scanner-* sonar-scanner && \ - ln -s /opt/sonar-scanner/bin/sonar-scanner /usr/local/bin/sonar-scanner && \ - chmod 755 /usr/local/bin/sonar-scanner - -RUN curl -L https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz \ - | tar zxf - -C /usr/local/ && \ - mkdir -p /usr/src/go/src/redhat && \ - mkdir -p ${HOME}/.cache/go-build && \ +ENV PATH="$PATH:$GOPATH/bin:$GOROOT/bin" + +USER root + +COPY --from=builder /opt/sonar-scanner /opt/sonar-scanner +RUN ln -s /opt/sonar-scanner/bin/sonar-scanner /usr/local/bin/sonar-scanner && \ + sonar-scanner -v + +COPY --from=builder /usr/local/go /usr/local/go +RUN mkdir -p /usr/src/go/src/redhat && \ + mkdir -p "${HOME}/.cache/go-build" && \ chown -R 1001 /usr/src/go && \ chown -R 1001 /usr/local/go && \ - chown -R 1001 ${HOME}/.cache/go-build && \ - rm -f /usr/go${GO_VERSION}.linux-amd64.tar.gz + chown -R 1001 "${HOME}/.cache/go-build" USER 1001 -# useful for verification of install -# RUN go version -# RUN go env +RUN go version && \ + go env \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-golang/Jenkinsfile.test b/jenkins-agents/jenkins-agent-golang/Jenkinsfile.test index 9942f48b6..6d5b2f297 100644 --- a/jenkins-agents/jenkins-agent-golang/Jenkinsfile.test +++ b/jenkins-agents/jenkins-agent-golang/Jenkinsfile.test @@ -8,7 +8,7 @@ pipeline { steps { sh """ go version - JAVA_HOME=/usr/lib/jvm/jre-11 sonar-scanner -v + sonar-scanner -v """ } } diff --git a/jenkins-agents/jenkins-agent-gradle/Dockerfile b/jenkins-agents/jenkins-agent-gradle/Dockerfile index 520e278b7..a379d5926 100644 --- a/jenkins-agents/jenkins-agent-gradle/Dockerfile +++ b/jenkins-agents/jenkins-agent-gradle/Dockerfile @@ -1,17 +1,32 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder + +RUN dnf install -y unzip && \ + dnf clean all # renovate: datasource=github-releases depName=gradle/gradle -ENV GRADLE_VERSION=8.5 -ENV GRADLE_USER_HOME=/home/jenkins/.gradle - -RUN curl -sL -o /tmp/gradle-bin.zip https://services.gradle.org/distributions/gradle-$GRADLE_VERSION-bin.zip && \ - mkdir -p /opt/gradle && \ - unzip -q /tmp/gradle-bin.zip -d /opt/gradle && \ - ln -sf /opt/gradle/gradle-$GRADLE_VERSION/bin/gradle /usr/local/bin/gradle && \ - rm -f /tmp/gradle-bin.zip && \ - chown -R 1001:0 /opt/gradle && \ - chmod -R g+rw /opt/gradle && \ - mkdir /home/jenkins/.gradle && \ - chmod 775 /home/jenkins/.gradle +ARG GRADLE_VERSION=8.5 +RUN curl -L "https://services.gradle.org/distributions/gradle-${GRADLE_VERSION}-bin.zip" -o /tmp/gradle-bin.zip && \ + unzip -q /tmp/gradle-bin.zip -d /opt/gradle-bin && \ + mv /opt/gradle-bin/gradle-${GRADLE_VERSION} /opt/gradle + +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 + +LABEL name="redhat-cop/jenkins-agent-gradle" \ + io.k8s.display-name="Jenkins Agent gradle" \ + io.k8s.description="The jenkins agent gradle." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-gradle" + +USER root + +COPY --from=builder /opt/gradle /opt/gradle +RUN chown -R 1001:0 /opt/gradle && \ + chmod -R g+rw /opt/gradle + +ENV GRADLE_HOME=/opt/gradle +ENV PATH="${PATH}:${GRADLE_HOME}/bin" USER 1001 + +RUN gradle --version -g ~/.gradle diff --git a/jenkins-agents/jenkins-agent-hugo/Dockerfile b/jenkins-agents/jenkins-agent-hugo/Dockerfile index 000fd9796..4bac63b25 100644 --- a/jenkins-agents/jenkins-agent-hugo/Dockerfile +++ b/jenkins-agents/jenkins-agent-hugo/Dockerfile @@ -1,9 +1,26 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder -# renovate: datasource=github-releases depName=gohugoio/hugo -ENV HUGO_VERSION=v0.121.1 +SHELL ["/bin/bash", "-c"] + +USER root -RUN curl -sL https://github.com/gohugoio/hugo/releases/download/${HUGO_VERSION}/hugo_extended_${HUGO_VERSION//v}_Linux-64bit.tar.gz \ - | tar zxf - -C /usr/local/bin hugo +# renovate: datasource=github-releases depName=gohugoio/hugo +ARG HUGO_VERSION=v0.121.1 +RUN curl -L "https://github.com/gohugoio/hugo/releases/download/${HUGO_VERSION}/hugo_extended_${HUGO_VERSION//v}_Linux-64bit.tar.gz" -o /tmp/hugo.tar.gz && \ + tar -xzf /tmp/hugo.tar.gz && \ + mv hugo /usr/local/bin/hugo && \ + hugo version USER 1001 + +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 + +LABEL name="redhat-cop/jenkins-agent-hugo" \ + io.k8s.display-name="Jenkins Agent hugo" \ + io.k8s.description="The jenkins agent hugo." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-hugo" + +COPY --from=builder /usr/local/bin/hugo /usr/local/bin/hugo +RUN hugo version \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-image-mgmt/Dockerfile b/jenkins-agents/jenkins-agent-image-mgmt/Dockerfile index 9f434ed60..39c01840f 100644 --- a/jenkins-agents/jenkins-agent-image-mgmt/Dockerfile +++ b/jenkins-agents/jenkins-agent-image-mgmt/Dockerfile @@ -1,35 +1,34 @@ -FROM registry.access.redhat.com/ubi8/go-toolset:1.20.10-3@sha256:c78305ff7360bdacdd790225ca10478e08dd6fcbc037bcd176acdf4a552995da as builder +# Builder +FROM registry.access.redhat.com/ubi9/go-toolset:1.20.10-6@sha256:077f292da8bea9ce7f729489cdbd217dd268ce300f3e216cb1fffb38de7daeb9 AS builder -# renovate: datasource=github-releases depName=containers/skopeo -ARG SKOPEO_VERSION=v1.14.0 +SHELL ["/bin/bash", "-c"] USER root -RUN curl -L https://github.com/containers/skopeo/archive/${SKOPEO_VERSION}.tar.gz | tar -C /tmp -zxf - && \ - mv /tmp/skopeo-${SKOPEO_VERSION//v} /tmp/skopeo && \ - cd /tmp/skopeo && \ +# renovate: datasource=github-releases depName=containers/skopeo +ARG SKOPEO_VERSION=v1.14.0 +RUN curl -L "https://github.com/containers/skopeo/archive/${SKOPEO_VERSION}.tar.gz" -o /tmp/skopeo.tar.gz && \ + tar -xzf /tmp/skopeo.tar.gz && \ + mv skopeo-${SKOPEO_VERSION//v} /skopeo && \ + pushd /skopeo && \ make BUILDTAGS=containers_image_openpgp DISABLE_DOCS=1 CGO_ENABLED=0 GO_DYN_FLAGS= -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 - -# renovate: datasource=repology depName=homebrew/openshift-cli -ARG OC_VERSION=4.14.5 +USER 1001 -MAINTAINER Andrew Block +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 -LABEL com.redhat.component="jenkins-agent-image-mgmt" \ - name="jenkins-agent-image-mgmt" \ - architecture="x86_64" \ +LABEL name="redhat-cop/jenkins-agent-image-mgmt" \ io.k8s.display-name="Jenkins Agent Image Management" \ io.k8s.description="Image management tools on top of the jenkins agent base image" \ - io.openshift.tags="openshift,jenkins,agent,copy" + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-image-mgmt" USER root -RUN mkdir -p /etc/containers && \ - curl -L https://mirror.openshift.com/pub/openshift-v4/clients/ocp/${OC_VERSION}/openshift-client-linux.tar.gz | tar zxvf - -C /usr/bin oc - -COPY --from=builder /tmp/skopeo/default-policy.json /etc/containers/policy.json -COPY --from=builder /tmp/skopeo/bin/skopeo /usr/bin/ +RUN mkdir -p /etc/containers +COPY --from=builder /skopeo/default-policy.json /etc/containers/policy.json +COPY --from=builder /skopeo/bin/skopeo /usr/local/bin/skopeo USER 1001 + +RUN skopeo --version diff --git a/jenkins-agents/jenkins-agent-mongodb/Dockerfile b/jenkins-agents/jenkins-agent-mongodb/Dockerfile index 1e61d8ef7..d5f4e2ae5 100644 --- a/jenkins-agents/jenkins-agent-mongodb/Dockerfile +++ b/jenkins-agents/jenkins-agent-mongodb/Dockerfile @@ -1,13 +1,16 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 -USER root +LABEL name="redhat-cop/jenkins-agent-mongodb" \ + io.k8s.display-name="Jenkins Agent mongodb" \ + io.k8s.description="The jenkins agent mongodb." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-mongodb" -COPY mongodb-org-3.6.repo /tmp/ +USER root -RUN rm -f /etc/yum.repos.d/*.repo && \ - mv /tmp/*.repo /etc/yum.repos.d/ && \ - dnf --setopt=tsflags=nodocs install -y mongodb-org-tools mongodb-org-shell && \ - dnf clean all -y && \ - rm -rf /var/cache/dnf +COPY mongodb-org.repo /etc/yum.repos.d/ +RUN dnf install --nodocs -y mongodb-org-tools mongodb-org-shell && \ + dnf clean all USER 1001 + +RUN mongo --version \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-mongodb/mongodb-org-3.6.repo b/jenkins-agents/jenkins-agent-mongodb/mongodb-org-3.6.repo deleted file mode 100644 index 97d6d472f..000000000 --- a/jenkins-agents/jenkins-agent-mongodb/mongodb-org-3.6.repo +++ /dev/null @@ -1,6 +0,0 @@ -[mongodb-org-3.6] -name=MongoDB Repository -baseurl=https://repo.mongodb.org/yum/redhat/8/mongodb-org/3.6/x86_64/ -gpgcheck=1 -enabled=1 -gpgkey=https://www.mongodb.org/static/pgp/server-3.6.asc diff --git a/jenkins-agents/jenkins-agent-mongodb/mongodb-org.repo b/jenkins-agents/jenkins-agent-mongodb/mongodb-org.repo new file mode 100644 index 000000000..114c6d9be --- /dev/null +++ b/jenkins-agents/jenkins-agent-mongodb/mongodb-org.repo @@ -0,0 +1,6 @@ +[mongodb-org-5.0] +name=MongoDB Repository +baseurl=https://repo.mongodb.org/yum/redhat/8/mongodb-org/5.0/x86_64/ +gpgcheck=1 +enabled=1 +gpgkey=https://www.mongodb.org/static/pgp/server-5.0.asc diff --git a/jenkins-agents/jenkins-agent-mvn/Dockerfile b/jenkins-agents/jenkins-agent-mvn/Dockerfile index 2f99c45ec..29ea1633a 100644 --- a/jenkins-agents/jenkins-agent-mvn/Dockerfile +++ b/jenkins-agents/jenkins-agent-mvn/Dockerfile @@ -1,2 +1,20 @@ -FROM quay.io/openshift/origin-jenkins-agent-maven:4.14@sha256:4a8671c25216b1b44bf47a363ec37d503568fa2f75ef1a010e2284ac1cc5df46 -ADD settings.xml $HOME/.m2/settings.xml +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 + +LABEL name="redhat-cop/jenkins-agent-mvn" \ + io.k8s.display-name="Jenkins Agent mvn" \ + io.k8s.description="The jenkins agent mvn." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-mvn" + +# renovate: datasource=repology depName=ubi_8/maven +ARG MAVEN_VERSION=3.8.5 + +USER root + +COPY settings.xml $HOME/.m2/settings.xml +RUN dnf module enable -y maven:${MAVEN_VERSION%.*} && \ + dnf install --nodocs -y maven && \ + dnf clean all + +USER 1001 + +RUN mvn --version \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-mvn/version.json b/jenkins-agents/jenkins-agent-mvn/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent-mvn/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-npm/Dockerfile b/jenkins-agents/jenkins-agent-npm/Dockerfile index 62b9c38f3..78d3ad1d5 100644 --- a/jenkins-agents/jenkins-agent-npm/Dockerfile +++ b/jenkins-agents/jenkins-agent-npm/Dockerfile @@ -1,34 +1,47 @@ -#invoke npm in jenkinsfile: sh "scl enable rh-nodejs6 'npm run build'" -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder -# renovate: datasource=github-releases depName=stedolan/jq -ARG JQ_VERSION=1.6 -# renovate: datasource=repology depName=homebrew/openshift-cli -ARG OC_VERSION=4.14.5 # renovate: datasource=github-releases depName=mikefarah/yq ARG YQ_VERSION=v4.40.5 +# renovate: datasource=github-releases depName=stedolan/jq +ARG JQ_VERSION=1.6 -ENV NODEJS_VERSION=16 \ - NPM_CONFIG_PREFIX=$HOME/.npm-global \ - PATH=$HOME/node_modules/.bin/:$HOME/.npm-global/bin/:$PATH - -RUN curl -sL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - - -RUN INSTALL_PKGS="nodejs" && \ - dnf $DISABLE_REPOS install -y --setopt=tsflags=nodocs --disablerepo='rhel-*' \ - $INSTALL_PKGS && \ - rpm -V $INSTALL_PKGS && \ - dnf clean all -y && \ - rm -rf /var/cache/yum && \ - npm install --unsafe-perm -g npm-audit-html npm-audit-ci-wrapper sonar-scanner || cat /home/jenkins/.npm/_logs/*-debug.log && \ - chown root:root /home/jenkins -R && \ - chmod 775 /home/jenkins/.npm -R && \ - curl -Lo /usr/local/bin/jq https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 && \ - chmod +x /usr/local/bin/jq && \ - curl -Lo /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v${YQ_VERSION}/yq_linux_amd64 && \ +RUN curl -L "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" -o /usr/local/bin/yq && \ chmod +x /usr/local/bin/yq && \ - rm -f /usr/bin/oc && \ - curl -sL https://mirror.openshift.com/pub/openshift-v4/clients/ocp/${OC_VERSION}/openshift-client-linux.tar.gz \ - | tar zxf - -C /usr/local/bin oc kubectl + yq --version + +RUN curl -L "https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64" -o /usr/local/bin/jq && \ + chmod +x /usr/local/bin/jq && \ + jq --version + +# Runnable +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 + +# renovate: datasource=repology depName=ubi_8/nodejs +ARG NODEJS_VERSION=20 + +LABEL name="redhat-cop/jenkins-agent-npm" \ + io.k8s.display-name="Jenkins Agent npm" \ + io.k8s.description="The jenkins agent npm." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-npm" + +ENV NPM_CONFIG_PREFIX="$HOME/.npm-global" \ + PATH="$HOME/node_modules/.bin/:$HOME/.npm-global/bin/:$PATH" + +USER root + +COPY package.json /tmp/package.json +RUN dnf module enable -y nodejs:${NODEJS_VERSION} && \ + dnf install --nodocs -y nodejs && \ + dnf clean all && \ + npm install -g /tmp + +COPY --from=builder /usr/local/bin/yq /usr/local/bin/yq +COPY --from=builder /usr/local/bin/jq /usr/local/bin/jq USER 1001 + +RUN yq --version && \ + jq --version && \ + npm -v && \ + node -v diff --git a/jenkins-agents/jenkins-agent-npm/package.json b/jenkins-agents/jenkins-agent-npm/package.json new file mode 100644 index 000000000..4bcd070e0 --- /dev/null +++ b/jenkins-agents/jenkins-agent-npm/package.json @@ -0,0 +1,8 @@ +{ + "name": "jenkins-agent-npm", + "version": "1.0.0", + "description": "Provides a docker image of the nodejs v12 runtime with npm for use as a Jenkins agent.", + "devDependencies": { + "sonar-scanner": "^3.1.0" + } +} diff --git a/jenkins-agents/jenkins-agent-python/Dockerfile b/jenkins-agents/jenkins-agent-python/Dockerfile index 940c4993c..4bf18277b 100644 --- a/jenkins-agents/jenkins-agent-python/Dockerfile +++ b/jenkins-agents/jenkins-agent-python/Dockerfile @@ -1,29 +1,17 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 -EXPOSE 8080 +LABEL name="redhat-cop/jenkins-agent-python" \ + io.k8s.display-name="Jenkins Agent python" \ + io.k8s.description="The jenkins agent python." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-python" -ENV PYTHON_VERSION=3.9 \ - PATH=$HOME/.local/bin/:$PATH \ - PYTHONUNBUFFERED=1 \ - PYTHONIOENCODING=UTF-8 \ - LC_ALL=en_US.UTF-8 \ - LANG=en_US.UTF-8 \ - PIP_NO_CACHE_DIR=off +USER root -ADD ubi8.repo /tmp/ubi8.repo - -RUN INSTALL_PKGS=" \ - python39 python39-devel nss_wrapper httpd httpd-devel mod_ssl mod_ldap \ - mod_session atlas-devel gcc-gfortran libffi-devel libtool-ltdl enchant" && \ - rm -f /etc/yum.repos.d/*.repo && \ - mv /tmp/ubi8.repo /etc/yum.repos.d && \ - dnf -y --setopt=tsflags=nodocs install $INSTALL_PKGS && \ - rpm -V $INSTALL_PKGS && \ - dnf -y clean all && \ - alternatives --set python3 /usr/bin/python3.9 && \ - python3 -m pip install --upgrade pip && \ - python3 -m pip install twine && \ - chmod -R 775 /var/lib/alternatives && \ - chmod -R 775 /etc/alternatives +COPY requirements.txt /requirements.txt +RUN dnf -y install --nodocs python3.11 python3.11-devel python3.11-pip nss_wrapper httpd httpd-devel mod_ssl mod_ldap mod_session atlas-devel gcc-gfortran libffi-devel libtool-ltdl enchant && \ + dnf clean all && \ + pip3.11 install --no-cache-dir -r /requirements.txt USER 1001 + +RUN python -V \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-python/requirements.txt b/jenkins-agents/jenkins-agent-python/requirements.txt new file mode 100644 index 000000000..c9133d67e --- /dev/null +++ b/jenkins-agents/jenkins-agent-python/requirements.txt @@ -0,0 +1 @@ +twine \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-python/ubi8.repo b/jenkins-agents/jenkins-agent-python/ubi8.repo deleted file mode 100644 index 80cce40a4..000000000 --- a/jenkins-agents/jenkins-agent-python/ubi8.repo +++ /dev/null @@ -1,20 +0,0 @@ -[rhel-8-baseos] -id = rhel-8-baseos-cop -name = Red Hat Universal Base Image 8 Baseos (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-appstream] -id = rhel-8-appstream-cop -name = Red Hat Universal Base Image 8 Appstream (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-codeready-builder-rpms] -id = rhel-8-codeready-builder-rpms-cop -name = Red Hat Universal Base Image 8 Codeready Builder (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/os -enabled = 1 -gpgcheck = 1 diff --git a/jenkins-agents/jenkins-agent-python/version.json b/jenkins-agents/jenkins-agent-python/version.json index 198f2f877..7805748c6 100644 --- a/jenkins-agents/jenkins-agent-python/version.json +++ b/jenkins-agents/jenkins-agent-python/version.json @@ -1 +1 @@ -{"version":"v1.2.1"} +{"version":"v4.14.0"} diff --git a/jenkins-agents/jenkins-agent-ruby/Dockerfile b/jenkins-agents/jenkins-agent-ruby/Dockerfile index 270822b51..1e4f4eb33 100644 --- a/jenkins-agents/jenkins-agent-ruby/Dockerfile +++ b/jenkins-agents/jenkins-agent-ruby/Dockerfile @@ -1,54 +1,26 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 - -ARG RUBY_VERSION=3.1 -# renovate: datasource=repology depName=homebrew/openshift-cli -ARG OC_VERSION=4.14.5 - -ENV SUMMARY="Platform for building and running Ruby $RUBY_VERSION applications" \ - DESCRIPTION="Ruby $RUBY_VERSION available as docker container is a base platform for \ -building and running various Ruby $RUBY_VERSION applications and frameworks. \ -Ruby is the interpreted scripting language for quick and easy object-oriented programming. \ -It has many features to process text files and to do system management tasks (as in Perl). \ -It is simple, straight-forward, and extensible." \ - PATH=$PATH:/home/jenkins/bin \ - HOME=/home/jenkins - - -LABEL summary="$SUMMARY" \ - description="$DESCRIPTION" \ - io.k8s.description="$DESCRIPTION" \ - io.k8s.display-name="Ruby $RUBY_VERSION" \ - io.openshift.expose-services="8080:http" \ - io.openshift.tags="builder,ruby,ruby$RUBY_SHORT_VERSION,rh-ruby$RUBY_SHORT_VERSION" \ - com.redhat.component="rh-ruby$RUBY_SHORT_VERSION-docker" \ - name="centos/ruby-$RUBY_SHORT_VERSION-centos7" \ - version="$RUBY_VERSION" \ - release="1" \ - maintainer="SoftwareCollections.org " - -ADD ubi8.repo /tmp/ubi8.repo - -RUN rm -f /etc/yum.repos.d/*.repo && \ - mv /tmp/ubi8.repo /etc/yum.repos.d/ubi8.repo && \ - dnf -y distro-sync && \ - dnf -y module list ruby && \ - dnf -y module reset ruby && \ - dnf -y module enable ruby:${RUBY_VERSION} && \ - dnf --allowerasing -y distro-sync && \ - dnf -y module install ruby:${RUBY_VERSION} && \ - INSTALL_PKGS="ruby ruby-devel rubygem-rake rubygem-bundler libyaml-devel autoconf automake gcc make redhat-rpm-config" && \ - dnf install -y --setopt=tsflags=nodocs $INSTALL_PKGS && rpm -V $INSTALL_PKGS && \ - dnf remove -y origin-clients && \ - dnf clean all -y && \ - rm -rf /var/cache/dnf - -RUN curl -sL https://mirror.openshift.com/pub/openshift-v4/clients/ocp/${OC_VERSION}/openshift-client-linux.tar.gz \ - | tar zxf - -C /usr/local/bin oc kubectl +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 + +LABEL name="redhat-cop/jenkins-agent-ruby" \ + io.k8s.display-name="Jenkins Agent Ruby" \ + io.k8s.description="The jenkins agent ruby." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-ruby" + +# renovate: datasource=repology depName=ubi_8/ruby +ARG RUBY_VERSION=3.1.2 + +USER root + +RUN dnf -y module enable ruby:${RUBY_VERSION%.*} && \ + dnf install --nodocs -y ruby ruby-devel rubygem-rake rubygem-bundler libyaml-devel autoconf automake gcc make redhat-rpm-config && \ + dnf clean all -y # Copy extra files to the image. COPY ./root/ / - RUN chown -R 1001:0 /opt/app-root && \ chmod -R ug+rwx /opt/app-root +USER 1001 + WORKDIR /opt/app-root + +RUN ruby -v \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-ruby/ubi8.repo b/jenkins-agents/jenkins-agent-ruby/ubi8.repo deleted file mode 100644 index 80cce40a4..000000000 --- a/jenkins-agents/jenkins-agent-ruby/ubi8.repo +++ /dev/null @@ -1,20 +0,0 @@ -[rhel-8-baseos] -id = rhel-8-baseos-cop -name = Red Hat Universal Base Image 8 Baseos (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-appstream] -id = rhel-8-appstream-cop -name = Red Hat Universal Base Image 8 Appstream (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-codeready-builder-rpms] -id = rhel-8-codeready-builder-rpms-cop -name = Red Hat Universal Base Image 8 Codeready Builder (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/os -enabled = 1 -gpgcheck = 1 diff --git a/jenkins-agents/jenkins-agent-rust/Dockerfile b/jenkins-agents/jenkins-agent-rust/Dockerfile index 37db65ff7..4aaef3818 100644 --- a/jenkins-agents/jenkins-agent-rust/Dockerfile +++ b/jenkins-agents/jenkins-agent-rust/Dockerfile @@ -1,23 +1,20 @@ -FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 +FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14 -LABEL com.redhat.component="jenkins-agent-rust-ubi7-docker" \ - name="openshift/origin-jenkins-agent-rust-ubi7" \ - version="4.14" \ - architecture="x86_64" \ - release="1" \ - io.k8s.display_name="Jenkins Agent Rust" \ - io.k8s.description="The jenkins agent Rust image has the Rust toolchain on top of the jenkins agent base image" \ - io.openshift.tag="openshift,jenkins,agent,rust" +SHELL ["/bin/bash", "-o", "pipefail", "-c"] -ENV PATH=$PATH:$HOME/.cargo/bin +LABEL name="redhat-cop/jenkins-agent-rust" \ + io.k8s.display-name="Jenkins Agent rust" \ + io.k8s.description="The jenkins agent rust." \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-rust" -ADD ubi8.repo /tmp/ubi8.repo +ENV PATH="$PATH:$HOME/.cargo/bin" -RUN INSTALL_PKGS="gcc" && \ - rm -f /etc/yum.repos.d/*.repo && \ - mv /tmp/ubi8.repo /etc/yum.repos.d && \ - dnf install -y $INSTALL_PKGS && \ - rm -rf /var/cache/dnf && \ +USER root + +RUN dnf install --nodocs -y gcc && \ + dnf clean all && \ curl https://sh.rustup.rs -sSf | sh -s -- -y USER 1001 + +RUN rustc -V \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent-rust/ubi8.repo b/jenkins-agents/jenkins-agent-rust/ubi8.repo deleted file mode 100644 index 80cce40a4..000000000 --- a/jenkins-agents/jenkins-agent-rust/ubi8.repo +++ /dev/null @@ -1,20 +0,0 @@ -[rhel-8-baseos] -id = rhel-8-baseos-cop -name = Red Hat Universal Base Image 8 Baseos (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-appstream] -id = rhel-8-appstream-cop -name = Red Hat Universal Base Image 8 Appstream (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/os -enabled = 1 -gpgcheck = 1 - -[rhel-8-codeready-builder-rpms] -id = rhel-8-codeready-builder-rpms-cop -name = Red Hat Universal Base Image 8 Codeready Builder (RPMs) -baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/os -enabled = 1 -gpgcheck = 1