-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.alpine
97 lines (88 loc) · 4.14 KB
/
Dockerfile.alpine
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
FROM twdps/circleci-remote-docker:alpine-2024.12
LABEL org.opencontainers.image.title="circleci-base-image" \
org.opencontainers.image.description="Alpine-based CircleCI executor image" \
org.opencontainers.image.documentation="https://github.com/ThoughtWorks-DPS/circleci-base-image" \
org.opencontainers.image.source="https://github.com/ThoughtWorks-DPS/circleci-base-image" \
org.opencontainers.image.url="https://github.com/ThoughtWorks-DPS/circleci-base-image" \
org.opencontainers.image.vendor="ThoughtWorks, Inc." \
org.opencontainers.image.authors="[email protected]" \
org.opencontainers.image.licenses="MIT" \
org.opencontainers.image.created="CREATED" \
org.opencontainers.image.version="VERSION"
ENV ONEPASSWORD_VERSION=2.30.3
ENV VAULT_VERSION=1.18.1
ENV BUILDEVENTS_VERSION=0.17.0
# ENV TELLER_VERSION=2.0.7
# hadolint ignore=DL3044
ENV MUSL_LOCPATH=/usr/share/i18n/locales/musl \
LANG="C.UTF-8" \
LANGUAGE="en_US.UTF-8" \
LC_ALL="en_US.UTF-8"
# hadolint ignore=DL3003,DL3004,DL4001,SC2035
RUN apk add --no-cache \
sudo==1.9.16_p2-r0 \
github-cli=2.63.0-r0 \
tzdata=2024b-r1 \
gettext-dev=0.22.5-r0 \
libintl=0.22.5-r0 \
build-base=0.5-r3 \
musl=1.2.5-r8 \
musl-dev=1.2.5-r8 \
musl-utils=1.2.5-r8 \
gcc=14.2.0-r4 \
g++=14.2.0-r4 \
cmake=3.31.1-r0 \
make=4.4.1-r2 \
curl=8.11.0-r2 \
libcurl=8.11.0-r2 \
curl-dev=8.11.0-r2 \
openssl-dev=3.3.2-r4 \
wget=1.25.0-r0 \
unzip=6.0-r15 \
zip=3.0-r13 \
bzip2=1.0.8-r6 \
jq=1.7.1-r0 \
git-lfs=3.6.0-r0 \
gnupg=2.4.7-r0 \
docker=27.3.1-r0 \
openrc=0.55.1-r2 \
bash=5.2.37-r0 && \
wget -q https://gitlab.com/rilian-la-te/musl-locales/-/archive/master/musl-locales-master.zip && \
unzip musl-locales-master.zip && cd musl-locales-master && \
cmake -DLOCALE_PROFILE=OFF -D CMAKE_INSTALL_PREFIX:PATH=/usr . && \
make && make install && \
cd .. && rm -r musl-locales-master* && \
curl -sL https://cache.agilebits.com/dist/1P/op2/pkg/v${ONEPASSWORD_VERSION}/op_linux_amd64_v${ONEPASSWORD_VERSION}.zip -o op.zip && \
unzip op.zip && sudo mv op /usr/local/bin/op && \
rm op.zip && rm op.sig && \
curl -sL "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip" -o "vault_${VAULT_VERSION}_linux_amd64.zip" && \
unzip "vault_${VAULT_VERSION}_linux_amd64.zip" -d /usr/local/bin && \
rm "vault_${VAULT_VERSION}_linux_amd64.zip" && \
curl -sL "https://github.com/honeycombio/buildevents/releases/download/v${BUILDEVENTS_VERSION}/buildevents-linux-amd64" -o buildevents && \
chmod +x buildevents && \
mv buildevents /usr/local/bin/buildevents && \
addgroup --gid 3434 -S circleci && \
adduser --uid 3434 --ingroup circleci --disabled-password circleci && \
echo "circleci ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/circleci && \
chmod 0440 /etc/sudoers.d/circleci && \
sudo -u circleci mkdir /home/circleci/project && \
sudo -u circleci mkdir /home/circleci/.gnupg && \
sudo -u circleci bash -c "echo 'allow-loopback-pinentry' > /home/circleci/.gnupg/gpg-agent.conf" && \
sudo -u circleci bash -c "echo 'pinentry-mode loopback' > /home/circleci/.gnupg/gpg.conf" && \
chmod 700 /home/circleci/.gnupg && chmod 600 /home/circleci/.gnupg/* && \
rc-update add docker boot
USER circleci
WORKDIR /home/circleci/project
# it is possible to build Teller v2 and get a functioning install
# still can't decide if this tool is imploading
#
# apk add --no-cache --virtual build-dependencies \
# protoc=24.4-r1 \
# cargo=1.78.0-r0
# # hadolint ignore=DL3003
# RUN git clone --depth 1 --branch v${TELLER_VERSION} https://github.com/tellerops/teller.git && \
# sed -i 's/\.with_native_roots()/\.with_native_roots()?/g' teller/teller-providers/src/providers/google_secretmanager.rs && \
# cd teller/teller-cli && cargo install --path . && \
# cp /root/.cargo/bin/teller /usr/local/bin/teller && \
# rm -rf /teller && \
# rm -rf /root/.cargo