-
Notifications
You must be signed in to change notification settings - Fork 11
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
17 changed files
with
346 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
FROM mikefarah/yq:4.35.1 AS yq | ||
FROM docker:23.0.6-cli AS docker | ||
FROM gcr.io/kaniko-project/executor:v1.14.0 AS kaniko | ||
|
||
FROM mcr.microsoft.com/dotnet/sdk:6.0-jammy | ||
|
||
ENV TZ="Asia/Shanghai" \ | ||
ROOT_PASSWORD="changeit" \ | ||
HELM_VERSION="v3.12.3" \ | ||
PATH="/kaniko:${PATH}" | ||
|
||
# install yq | ||
COPY --from=yq /usr/bin/yq /usr/bin/yq | ||
|
||
# install kaniko | ||
COPY --from=kaniko /kaniko /kaniko | ||
COPY --from=kaniko /etc/nsswitch.conf /etc/nsswitch.conf | ||
|
||
# install docker-client-cli | ||
COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker | ||
COPY --from=docker /usr/local/libexec/docker/cli-plugins/docker-buildx /usr/local/libexec/docker/cli-plugins/docker-buildx | ||
|
||
# install base packages | ||
RUN set -eux; \ | ||
apt-get update; \ | ||
DEBIAN_FRONTEND=noninteractive \ | ||
apt-get install -y \ | ||
jq \ | ||
vim \ | ||
git \ | ||
tar \ | ||
curl \ | ||
wget \ | ||
unzip \ | ||
pylint \ | ||
gnupg2 \ | ||
skopeo \ | ||
xmlstarlet \ | ||
openssh-server \ | ||
mariadb-client \ | ||
ca-certificates \ | ||
build-essential \ | ||
apt-transport-https; \ | ||
rm -rf /var/lib/apt/lists/*; \ | ||
ARCH="$(dpkg --print-architecture)"; \ | ||
# install helm | ||
wget -qO "/tmp/helm-${HELM_VERSION}-linux-${ARCH}.tar.gz" \ | ||
"https://get.helm.sh/helm-${HELM_VERSION}-linux-${ARCH}.tar.gz"; \ | ||
tar xzf "/tmp/helm-${HELM_VERSION}-linux-${ARCH}.tar.gz" -C /tmp; \ | ||
mv /tmp/linux-${ARCH}/helm /usr/bin/helm; \ | ||
# post install | ||
helm plugin install https://github.com/chartmuseum/helm-push; \ | ||
ln -s /kaniko/executor /kaniko/kaniko; \ | ||
ln -s /usr/bin/xmlstarlet /usr/bin/xml; \ | ||
docker-credential-gcr config --token-source=env; \ | ||
# Modify `sshd_config` | ||
sed -ri 's/^#PermitEmptyPasswords no/PermitEmptyPasswords yes/' /etc/ssh/sshd_config; \ | ||
sed -ri 's/^#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config; \ | ||
sed -ri 's/^UsePAM yes/UsePAM no/' /etc/ssh/sshd_config; \ | ||
# Delete root password (set as empty) | ||
passwd -d root; \ | ||
mkdir -p /run/sshd; \ | ||
rm -r /tmp/*; | ||
|
||
# Add trivy | ||
RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.44.1; \ | ||
trivy image --download-db-only;\ | ||
trivy image --download-java-db-only; | ||
|
||
# Add mirror source | ||
RUN cp /etc/apt/sources.list /etc/apt/sources.list.bak; \ | ||
sed -i "s@http://.*archive.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list; \ | ||
sed -i "s@http://.*security.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list; \ | ||
sed -i "s@http://ftp.debian.org@https://repo.huaweicloud.com@g" /etc/apt/sources.list; \ | ||
sed -i "s@http://security.debian.org@https://repo.huaweicloud.com@g" /etc/apt/sources.list | ||
|
||
EXPOSE 22 | ||
|
||
CMD [ "/bin/sh","-c","/usr/sbin/sshd -D" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
FROM mikefarah/yq:4.35.1 AS yq | ||
FROM docker:23.0.6-cli AS docker | ||
FROM gcr.io/kaniko-project/executor:v1.14.0 AS kaniko | ||
|
||
FROM golang:1.21-bookworm | ||
RUN go install github.com/jstemmer/go-junit-report/v2@latest | ||
|
||
ENV TZ="Asia/Shanghai" \ | ||
ROOT_PASSWORD="changeit" \ | ||
HELM_VERSION="v3.12.3" \ | ||
PATH="/kaniko:${PATH}" | ||
|
||
# install yq | ||
COPY --from=yq /usr/bin/yq /usr/bin/yq | ||
|
||
# install kaniko | ||
COPY --from=kaniko /kaniko /kaniko | ||
COPY --from=kaniko /etc/nsswitch.conf /etc/nsswitch.conf | ||
|
||
# install docker-client-cli | ||
COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker | ||
COPY --from=docker /usr/local/libexec/docker/cli-plugins/docker-buildx /usr/local/libexec/docker/cli-plugins/docker-buildx | ||
|
||
# install base packages | ||
RUN set -eux; \ | ||
apt-get update; \ | ||
DEBIAN_FRONTEND=noninteractive \ | ||
apt-get install -y \ | ||
jq \ | ||
vim \ | ||
git \ | ||
tar \ | ||
curl \ | ||
wget \ | ||
unzip \ | ||
pylint \ | ||
gnupg2 \ | ||
skopeo \ | ||
xmlstarlet \ | ||
openssh-server \ | ||
mariadb-client \ | ||
ca-certificates \ | ||
build-essential \ | ||
apt-transport-https; \ | ||
rm -rf /var/lib/apt/lists/*; \ | ||
ARCH="$(dpkg --print-architecture)"; \ | ||
# install helm | ||
wget -qO "/tmp/helm-${HELM_VERSION}-linux-${ARCH}.tar.gz" \ | ||
"https://get.helm.sh/helm-${HELM_VERSION}-linux-${ARCH}.tar.gz"; \ | ||
tar xzf "/tmp/helm-${HELM_VERSION}-linux-${ARCH}.tar.gz" -C /tmp; \ | ||
mv /tmp/linux-${ARCH}/helm /usr/bin/helm; \ | ||
# post install | ||
helm plugin install https://github.com/chartmuseum/helm-push; \ | ||
ln -s /kaniko/executor /kaniko/kaniko; \ | ||
ln -s /usr/bin/xmlstarlet /usr/bin/xml; \ | ||
docker-credential-gcr config --token-source=env; \ | ||
# Modify `sshd_config` | ||
sed -ri 's/^#PermitEmptyPasswords no/PermitEmptyPasswords yes/' /etc/ssh/sshd_config; \ | ||
sed -ri 's/^#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config; \ | ||
sed -ri 's/^UsePAM yes/UsePAM no/' /etc/ssh/sshd_config; \ | ||
# Delete root password (set as empty) | ||
passwd -d root; \ | ||
mkdir -p /run/sshd; \ | ||
rm -r /tmp/*; | ||
|
||
# Add trivy | ||
RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.44.1; \ | ||
trivy image --download-db-only;\ | ||
trivy image --download-java-db-only; | ||
|
||
# Add mirror source | ||
RUN cp /etc/apt/sources.list /etc/apt/sources.list.bak; \ | ||
sed -i "s@http://.*archive.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list; \ | ||
sed -i "s@http://.*security.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list; \ | ||
sed -i "s@http://ftp.debian.org@https://repo.huaweicloud.com@g" /etc/apt/sources.list; \ | ||
sed -i "s@http://security.debian.org@https://repo.huaweicloud.com@g" /etc/apt/sources.list | ||
|
||
EXPOSE 22 | ||
|
||
CMD [ "/bin/sh","-c","/usr/sbin/sshd -D" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
FROM mikefarah/yq:4.35.1 AS yq | ||
FROM docker:23.0.6-cli AS docker | ||
FROM gcr.io/kaniko-project/executor:v1.14.0 AS kaniko | ||
|
||
FROM maven:3.9.3-eclipse-temurin-8 | ||
# disable 'maven-default-http-blocker' | ||
RUN sed -i '160,166d' /usr/share/maven/conf/settings.xml | ||
|
||
ENV TZ="Asia/Shanghai" \ | ||
ROOT_PASSWORD="changeit" \ | ||
HELM_VERSION="v3.12.3" \ | ||
PATH="/kaniko:${PATH}" | ||
|
||
# install yq | ||
COPY --from=yq /usr/bin/yq /usr/bin/yq | ||
|
||
# install kaniko | ||
COPY --from=kaniko /kaniko /kaniko | ||
COPY --from=kaniko /etc/nsswitch.conf /etc/nsswitch.conf | ||
|
||
# install docker-client-cli | ||
COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker | ||
COPY --from=docker /usr/local/libexec/docker/cli-plugins/docker-buildx /usr/local/libexec/docker/cli-plugins/docker-buildx | ||
|
||
# install base packages | ||
RUN set -eux; \ | ||
apt-get update; \ | ||
DEBIAN_FRONTEND=noninteractive \ | ||
apt-get install -y \ | ||
jq \ | ||
vim \ | ||
git \ | ||
tar \ | ||
curl \ | ||
wget \ | ||
unzip \ | ||
pylint \ | ||
gnupg2 \ | ||
skopeo \ | ||
xmlstarlet \ | ||
openssh-server \ | ||
mariadb-client \ | ||
ca-certificates \ | ||
build-essential \ | ||
apt-transport-https; \ | ||
rm -rf /var/lib/apt/lists/*; \ | ||
ARCH="$(dpkg --print-architecture)"; \ | ||
# install helm | ||
wget -qO "/tmp/helm-${HELM_VERSION}-linux-${ARCH}.tar.gz" \ | ||
"https://get.helm.sh/helm-${HELM_VERSION}-linux-${ARCH}.tar.gz"; \ | ||
tar xzf "/tmp/helm-${HELM_VERSION}-linux-${ARCH}.tar.gz" -C /tmp; \ | ||
mv /tmp/linux-${ARCH}/helm /usr/bin/helm; \ | ||
# post install | ||
helm plugin install https://github.com/chartmuseum/helm-push; \ | ||
ln -s /kaniko/executor /kaniko/kaniko; \ | ||
ln -s /usr/bin/xmlstarlet /usr/bin/xml; \ | ||
docker-credential-gcr config --token-source=env; \ | ||
# Modify `sshd_config` | ||
sed -ri 's/^#PermitEmptyPasswords no/PermitEmptyPasswords yes/' /etc/ssh/sshd_config; \ | ||
sed -ri 's/^#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config; \ | ||
sed -ri 's/^UsePAM yes/UsePAM no/' /etc/ssh/sshd_config; \ | ||
# Delete root password (set as empty) | ||
passwd -d root; \ | ||
mkdir -p /run/sshd; \ | ||
rm -r /tmp/*; | ||
|
||
# Add trivy | ||
RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.44.1; \ | ||
trivy image --download-db-only;\ | ||
trivy image --download-java-db-only; | ||
|
||
# Add mirror source | ||
RUN cp /etc/apt/sources.list /etc/apt/sources.list.bak; \ | ||
sed -i "s@http://.*archive.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list; \ | ||
sed -i "s@http://.*security.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list; \ | ||
sed -i "s@http://ftp.debian.org@https://repo.huaweicloud.com@g" /etc/apt/sources.list; \ | ||
sed -i "s@http://security.debian.org@https://repo.huaweicloud.com@g" /etc/apt/sources.list | ||
|
||
EXPOSE 22 | ||
|
||
CMD [ "/bin/sh","-c","/usr/sbin/sshd -D" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
FROM choerodon/cibase:1.2.0-base | ||
|
||
# install base packages | ||
RUN set -eux; \ | ||
curl -sSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -; \ | ||
echo "deb https://deb.nodesource.com/node_14.x "$(. /etc/os-release && echo "$VERSION_CODENAME")" main" > /etc/apt/sources.list.d/nodesource.list; \ | ||
apt-get update; \ | ||
apt-get install -y \ | ||
nodejs; \ | ||
rm -rf /var/lib/apt/lists/*; \ | ||
# install yarn typescript npm-cli-login | ||
npm install -g yarn; \ | ||
npm install -g typescript; \ | ||
npm install -g npm-cli-login |
Oops, something went wrong.