diff --git a/applications/wg-easy/container/Containerfile b/applications/wg-easy/container/Containerfile index ccde16dc..3933e578 100644 --- a/applications/wg-easy/container/Containerfile +++ b/applications/wg-easy/container/Containerfile @@ -1,78 +1,25 @@ -# Base image for all shared Containerfiles for taskfiles -# Use this image as base image for app specific container files -FROM --platform=$BUILDPLATFORM ubuntu:24.04 - -ARG TARGETOS -ARG TARGETARCH - -WORKDIR /tools - -# Set environment variables -ENV DEBIAN_FRONTEND=noninteractive \ - HOME=/home/devuser \ - SHELL=/bin/bash - -# Install debian packages -RUN apt-get update && apt-get install -y \ - curl \ - jq \ - less \ - yq \ - gnupg \ - bash-completion \ - - # Install Google Cloud CLI - && echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list \ - && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor -o /usr/share/keyrings/cloud.google.gpg \ - && apt-get update \ - && apt-get install google-cloud-cli -y \ - - # Clean up - && apt-get purge -y gnupg \ - && rm -rf /var/lib/apt/lists/* - -# Install helm -RUN curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash \ - - # Install kubectl - && curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${TARGETARCH}/kubectl" \ - && chmod +x kubectl \ - && mv kubectl /usr/local/bin/ \ - - # Install Task - && sh -c "$(curl --location https://taskfile.dev/install.sh)" -- -d -b /usr/local/bin \ - - # Install Helmfile - && curl -Ls $(curl -s https://api.github.com/repos/helmfile/helmfile/releases/latest \ - | grep "browser_download_url.*linux_${TARGETARCH}.tar.gz" \ - | cut -d : -f 2,3 \ - | tr -d \") -o helmfile.tar.gz \ - && tar xf helmfile.tar.gz helmfile && rm helmfile.tar.gz \ - && mv helmfile /usr/local/bin/helmfile \ - - # Install Replicated CLI - && curl -Ls $(curl -s https://api.github.com/repos/replicatedhq/replicated/releases/latest \ - | grep "browser_download_url.*linux_amd64.tar.gz" \ - | cut -d : -f 2,3 \ - | tr -d \") -o replicated.tar.gz \ - && tar xf replicated.tar.gz replicated && rm replicated.tar.gz \ - && mv replicated /usr/local/bin/replicated - -# Create a non-root user for better security -RUN groupadd -r devuser && useradd -r -g devuser -m -s /bin/bash devuser - -# Copy shell completion scripts -COPY container/tool-completions.sh tool-completions.sh - -# Copy entrypoint script -COPY container/entrypoint.sh entrypoint.sh -RUN chmod +x entrypoint.sh - -# Set working directory -WORKDIR /workspace - -# Switch to non-root user -USER devuser - -# Set entrypoint -ENTRYPOINT ["/tools/entrypoint.sh", "-l"] +# initial stage container used just for fetching things +from --platform=$BUILDPLATFORM alpine:latest as build +arg TARGETOS +arg TARGETARCH +workdir /src +run apk add curl jq go git make + +# fetch Helmfile +run curl -Ls $(curl -s https://api.github.com/repos/helmfile/helmfile/releases/latest \ + | jq -r --arg arch ".+linux_$TARGETARCH.+" '.assets[] | select (.browser_download_url | test ($arch) ) |.browser_download_url ') \ + | tar xz helmfile + +# fetch Replicated CLI +# We don't release arm64 so to keep this image +# multi-arch friendly we'll build replicated cli ourselves +run git clone https://github.com/replicatedhq/replicated +run make -C replicated build + + +# final stage container should have minimal layers and only stuff we want at runtime +from --platform=$BUILDPLATFORM alpine:latest +copy container/install-gcloud.sh / +copy --from=build /src/helmfile /src/replicated/bin/replicated /usr/bin/ +run apk add curl bash python3 helm go-task kubectl jq yq && sh /install-gcloud.sh +workdir /workspace diff --git a/applications/wg-easy/container/entrypoint.sh b/applications/wg-easy/container/entrypoint.sh deleted file mode 100644 index 7f4e98c3..00000000 --- a/applications/wg-easy/container/entrypoint.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -# Uncomment force_color_prompt in bashrc -sed -i 's/#force_color_prompt=yes/force_color_prompt=yes/' $HOME/.bashrc - -# Source the tool completions -echo "source /tools/tool-completions.sh" >> $HOME/.bashrc - -# Execute the passed command or default to bash -exec "$@" diff --git a/applications/wg-easy/container/install-gcloud.sh b/applications/wg-easy/container/install-gcloud.sh new file mode 100644 index 00000000..1c020226 --- /dev/null +++ b/applications/wg-easy/container/install-gcloud.sh @@ -0,0 +1,14 @@ +case $(uname -m) in + aarch64|arm64) + export ARCH="arm";; + x86_64) + export ARCH="x86_64";; + *) + echo "unsupported arch"; exit 1;; +esac + +curl https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-linux-$ARCH.tar.gz | tar xz + +./google-cloud-sdk/install.sh -q + +find /google-cloud-sdk/bin -mindepth 1 -maxdepth 1 -type f -exec ln -s {} /usr/bin \; diff --git a/applications/wg-easy/container/tool-completions.sh b/applications/wg-easy/container/tool-completions.sh deleted file mode 100644 index 50edb3a1..00000000 --- a/applications/wg-easy/container/tool-completions.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -# kubectl completion -source <(kubectl completion bash) -alias k=kubectl -complete -o default -F __start_kubectl k - -# helm completion -source <(helm completion bash) - -# task completion -source <(task --completion bash) - -# helmfile completion -source <(helmfile completion bash) - -# replicated completion -source <(replicated completion bash) - -# gcloud completion -source /usr/share/google-cloud-sdk/completion.bash.inc