diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..3070d81 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,2 @@ +.github +.git diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..1598f5e --- /dev/null +++ b/.editorconfig @@ -0,0 +1,16 @@ +root = true + +[*] +charset = utf-8 +end_of_line = lf +trim_trailing_whitespace = true +insert_final_newline = true + +[{.,}*.{js{,*},y{a,}ml,sh}] +indent_style = space +indent_size = 2 + +[*.{md,txt}] +indent_style = space +indent_size = 2 +trim_trailing_whitespace = true diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9db8d11 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,9 @@ +* text=auto eol=lf + +# scripts +*.sh text eol=lf +*.bat text eol=crlf + +## DOCKER +*.dockerignore text +Dockerfile text diff --git a/.github/workflows/build-alpine.yml b/.github/workflows/build-alpine.yml deleted file mode 100644 index 597e9ad..0000000 --- a/.github/workflows/build-alpine.yml +++ /dev/null @@ -1,166 +0,0 @@ -name: Build alpine images - -on: - #schedule: - # - cron: 0 12 */7 * * - #push: - # paths: - # - '.github/workflows/build-alpine.yml' - # - 'linux/alpine/**' - # branches: - # - 'master' - #pull_request: - # paths: - # - '.github/workflows/build-alpine.yml' - # - 'linux/alpine/**' - workflow_dispatch: - -env: - SLUG: ${{ github.repository_owner }}/alpine - IMAGE: alpine - PLATFORMS: linux/amd64,linux/arm64,linux/arm/v7 - -jobs: - build-alpine: - runs-on: ubuntu-latest - environment: Images - steps: - - name: Login to GitHub Container Registry - id: ghcr - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to Quay - id: quay - uses: docker/login-action@v1 - with: - registry: quay.io - username: ${{ secrets.QUAY_USER }} - password: ${{ secrets.QUAY_TOKEN }} - - - name: Login to Docker Hub - id: dckr - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USER }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Print tag - id: print-tag - run: | - if [ ${{ github.event_name }} == 'pull_request'}} && ${{ !env.ACT }} ]; then - echo "::set-output name=tag::PR-${{ github.event.number }}" - elif [ "${ACT}" == "true" ]; then - echo "::set-output name=tag::dev" - else - echo "::set-output name=tag::$(date +%Y%m%d)" - fi - - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - uses: actions/checkout@v2 - - - name: Build and push ${{ env.SLUG }}:${{ env.TAG }} - uses: docker/build-push-action@v2 - env: - TAG: act-${{ steps.print-tag.outputs.tag }} - with: - context: . - push: true - file: ./linux/${{ env.IMAGE }}/act/Dockerfile - platforms: ${{ env.PLATFORMS }} - tags: | - ghcr.io/${{ env.SLUG }}:${{ env.TAG }} - quay.io/${{ env.SLUG }}:${{ env.TAG }} - docker.io/${{ env.SLUG }}:${{ env.TAG }} - build-args: | - DISTRO=${{ env.IMAGE }} - BUILD_TAG_VERSION=${{ steps.print-tag.outputs.tag }} - BUILD_TAG=act - BUILD_REF=${{ github.sha }} - - - name: Build and push ${{ env.SLUG }}:${{ env.TAG }} - uses: docker/build-push-action@v2 - env: - TAG: runner-${{ steps.print-tag.outputs.tag }} - with: - context: . - push: true - file: ./linux/${{ env.IMAGE }}/runner/Dockerfile - platforms: ${{ env.PLATFORMS }} - tags: | - ghcr.io/${{ env.SLUG }}:${{ env.TAG }} - quay.io/${{ env.SLUG }}:${{ env.TAG }} - docker.io/${{ env.SLUG }}:${{ env.TAG }} - build-args: | - IMAGE=ghcr.io/${{ env.SLUG }} - DISTRO=${{ env.IMAGE }} - TAG=act-${{ steps.print-tag.outputs.tag }} - BUILD_TAG_VERSION=${{ steps.print-tag.outputs.tag }} - BUILD_TAG=runner - BUILD_REF=${{ github.sha }} - - - uses: actions/setup-go@v2 - with: - go-version: 1.16 - - - uses: actions/checkout@v2 - with: - ref: cat/fix/change-image - repository: catthehacker/act-fork - path: act - - - env: - ACT_TEST_IMAGE: ghcr.io/${{ env.SLUG }}:act-${{ steps.print-tag.outputs.tag }} - ACT_REPOSITORY: catthehacker/act-fork - ACT_OWNER: catthehacker - run: | - cd act/ - go test ./... - - - name: Build and push ${{ env.SLUG }}:${{ env.TAG }} - uses: docker/build-push-action@v2 - env: - TAG: act - with: - context: . - push: ${{ ( github.event_name != 'pull_request' && !env.ACT ) }} - file: ./linux/${{ env.IMAGE }}/act/Dockerfile - platforms: ${{ env.PLATFORMS }} - tags: | - ghcr.io/${{ env.SLUG }}:${{ env.TAG }} - quay.io/${{ env.SLUG }}:${{ env.TAG }} - docker.io/${{ env.SLUG }}:${{ env.TAG }} - build-args: | - DISTRO=${{ env.IMAGE }} - BUILD_TAG_VERSION=${{ steps.print-tag.outputs.tag }} - BUILD_TAG=${{ env.TAG }} - BUILD_REF=${{ github.sha }} - - - name: Build and push ${{ env.SLUG }}:${{ env.TAG }} - uses: docker/build-push-action@v2 - env: - TAG: runner - with: - context: . - push: ${{ ( github.event_name != 'pull_request' && !env.ACT ) }} - file: ./linux/${{ env.IMAGE }}/runner/Dockerfile - platforms: ${{ env.PLATFORMS }} - tags: | - ghcr.io/${{ env.SLUG }}:${{ env.TAG }} - quay.io/${{ env.SLUG }}:${{ env.TAG }} - docker.io/${{ env.SLUG }}:${{ env.TAG }} - build-args: | - IMAGE=ghcr.io/${{ env.SLUG }} - DISTRO=${{ env.IMAGE }} - TAG=act-${{ steps.print-tag.outputs.tag }} - BUILD_TAG_VERSION=${{ steps.print-tag.outputs.tag }} - BUILD_TAG=${{ env.TAG }} - BUILD_REF=${{ github.sha }} diff --git a/.github/workflows/build-ubuntu.yml b/.github/workflows/build-ubuntu.yml index 9c0b011..6fc5750 100644 --- a/.github/workflows/build-ubuntu.yml +++ b/.github/workflows/build-ubuntu.yml @@ -17,11 +17,11 @@ on: env: SLUG: ${{ github.repository_owner }}/ubuntu - IMAGE: ubuntu + DISTRO: ubuntu PLATFORMS: linux/amd64 - NODE: '12' + NODE: '14' BUILD_REF: ${{ github.sha }} - SKIP_TEST: true + SKIP_TEST: false defaults: run: @@ -30,9 +30,6 @@ defaults: jobs: build-base: runs-on: ubuntu-latest - environment: Images - env: - PLATFORMS: linux/amd64,linux/arm64 strategy: fail-fast: true max-parallel: 4 @@ -83,28 +80,34 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@v1 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + - run: | + docker buildx create \ + --use \ + --name image-builder \ + --buildkitd-flags '--allow-insecure-entitlement network.host' \ + --driver docker-container \ + --driver-opt "env.BUILDKIT_STEP_LOG_MAX_SIZE=50000000" \ + --platform "${{ env.PLATFORMS }}" - uses: actions/checkout@v2 - name: Build and push ${{ env.SLUG }}:${{ env.TAG }} run: ./build.sh env: + RUNNER: root TAG: act-${{ matrix.TAG }}-${{ env.PART_TAG }} TYPE: act FROM_IMAGE: buildpack-deps FROM_TAG: ${{ env.RELEASE_TAG }} - DISTRO: ${{ env.IMAGE }} BUILD_TAG_VERSION: ${{ env.PART_TAG }} BUILD_TAG: act-${{ matrix.TAG }} - name: Build and push ${{ env.SLUG }}:${{ env.TAG }} run: ./build.sh env: + RUNNER: runner TAG: runner-${{ matrix.TAG }}-${{ env.PART_TAG }} TYPE: runner - DISTRO: ${{ env.IMAGE }} FROM_IMAGE: ghcr.io/${{ env.SLUG }} FROM_TAG: act-${{ matrix.TAG }}-${{ env.PART_TAG }} BUILD_TAG_VERSION: ${{ env.PART_TAG }} @@ -130,11 +133,11 @@ jobs: if: ${{ ( github.event_name != 'pull_request' && !env.ACT ) }} run: ./build.sh env: + RUNNER: root TAG: act-${{ matrix.TAG }} TYPE: act FROM_IMAGE: buildpack-deps FROM_TAG: ${{ env.RELEASE_TAG }} - DISTRO: ${{ env.IMAGE }} BUILD_TAG_VERSION: ${{ env.PART_TAG }} BUILD_TAG: act-${{ matrix.TAG }} @@ -142,9 +145,9 @@ jobs: if: ${{ ( github.event_name != 'pull_request' && !env.ACT ) }} run: ./build.sh env: + RUNNER: runner TAG: runner-${{ matrix.TAG }} TYPE: runner - DISTRO: ${{ env.IMAGE }} FROM_IMAGE: ghcr.io/${{ env.SLUG }} FROM_TAG: act-${{ matrix.TAG }} BUILD_TAG_VERSION: ${{ env.PART_TAG }} @@ -153,11 +156,16 @@ jobs: runs-on: ubuntu-latest needs: [build-base] strategy: - fail-fast: true - max-parallel: 4 + fail-fast: false + max-parallel: 2 matrix: - TAG: [latest, 20.04, 18.04, 16.04] - TYPE: [js, rust] + TAG: [latest, 20.04, 18.04] + TYPE: [js, pwsh] + env: + BUILD_TAG: ${{ matrix.TYPE }}-${{ matrix.TAG }} + TAG: ${{ matrix.TYPE }}-${{ matrix.TAG }} + TYPE: ${{ matrix.TYPE }} + RUNNER: root steps: - name: Login to GitHub Container Registry id: ghcr @@ -203,30 +211,29 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@v1 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + - run: | + docker buildx create \ + --use \ + --name image-builder \ + --buildkitd-flags '--allow-insecure-entitlement network.host' \ + --driver docker-container \ + --driver-opt "env.BUILDKIT_STEP_LOG_MAX_SIZE=50000000" \ + --platform "${{ env.PLATFORMS }}" - uses: actions/checkout@v2 - name: Build and push ${{ env.SLUG }}:${{ env.TAG }} run: ./build.sh env: - TAG: ${{ matrix.TYPE }}-${{ matrix.TAG }}-${{ env.PART_TAG }} - TYPE: ${{ matrix.TYPE }} + TAG: ${{ env.TAG }}-${{ env.PART_TAG }} FROM_IMAGE: ghcr.io/${{ env.SLUG }} FROM_TAG: act-${{ matrix.TAG }}-${{ env.PART_TAG }} - DISTRO: ${{ env.IMAGE }} BUILD_TAG_VERSION: ${{ env.PART_TAG }} - BUILD_TAG: ${{ matrix.TYPE }}-${{ matrix.TAG }} - name: Build and push ${{ env.SLUG }}:${{ env.TAG }} run: ./build.sh if: ${{ ( github.event_name != 'pull_request' && !env.ACT ) }} env: - TAG: ${{ matrix.TYPE }}-${{ matrix.TAG }} - TYPE: ${{ matrix.TYPE }} FROM_IMAGE: ghcr.io/${{ env.SLUG }} FROM_TAG: act-${{ matrix.TAG }}-${{ env.PART_TAG }} - DISTRO: ${{ env.IMAGE }} BUILD_TAG_VERSION: ${{ env.PART_TAG }} - BUILD_TAG: ${{ matrix.TYPE }}-${{ matrix.TAG }} diff --git a/.gitignore b/.gitignore index 5303835..90fcf32 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,6 @@ # mega-linter report + +# quick local actions for act +.github/workflows/act.yml diff --git a/.prettierrc.yml b/.prettierrc.yml index 7b1894d..30f2e2a 100644 --- a/.prettierrc.yml +++ b/.prettierrc.yml @@ -1,2 +1,3 @@ --- singleQuote: true +tabWidth: 2 diff --git a/README.md b/README.md index 7cdab6e..d5b6140 100644 --- a/README.md +++ b/README.md @@ -2,8 +2,6 @@ [![Scheduled build (Ubuntu)](https://github.com/catthehacker/docker_images/actions/workflows/build-ubuntu.yml/badge.svg?event=schedule)](https://github.com/catthehacker/docker_images/actions/workflows/build-ubuntu.yml) [![On-demand build (Ubuntu)](https://github.com/catthehacker/docker_images/actions/workflows/build-ubuntu.yml/badge.svg?event=workflow_dispatch)](https://github.com/catthehacker/docker_images/actions/workflows/build-ubuntu.yml) -[![Scheduled build (Alpine)](https://github.com/catthehacker/docker_images/actions/workflows/build-alpine.yml/badge.svg?event=schedule)](https://github.com/catthehacker/docker_images/actions/workflows/build-alpine.yml) -[![On-demand build (Alpine)](https://github.com/catthehacker/docker_images/actions/workflows/build-alpine.yml/badge.svg?event=workflow_dispatch)](https://github.com/catthehacker/docker_images/actions/workflows/build-alpine.yml) [![Linter](https://github.com/catthehacker/docker_images/actions/workflows/lint.yml/badge.svg)](https://github.com/catthehacker/docker_images/actions/workflows/lint.yml) ## When updates will be applied to images @@ -19,27 +17,36 @@ ## Images available -- [virtual-environments][catthehacker/runner-image] - GitHub Actions runner image containing all possible tools (image is extremely big, 20GB compressed, ~60GB extracted) +- [catthehacker/virtual-environments][catthehacker/virtual-environments] - GitHub Actions runner image containing all possible tools (image is extremely big, 20GB compressed, ~60GB extracted) + - `catthehacker/ubuntu:full-20.04` - this image is updated manually due to amount of changes in [actions/virtual-environments][actions/virtual-environments] - - more to come... -- [`/linux/ubuntu/runner/`](./linux/ubuntu/runner/) - `catthehacker/ubuntu:act-*` but with `runner` as user instead of `root` - - docker.io (DockerHub) - - `catthehacker/ubuntu:runner-16.04` - - `catthehacker/ubuntu:runner-18.04` - - `catthehacker/ubuntu:runner-20.04` - - `catthehacker/ubuntu:runner-latest` -- [`/linux/ubuntu/act/`](./linux/ubuntu/act/) - image used in [github.com/nektos/act](https://github.com/nektos/act) as medium size image retaining compatibility with most actions while maintaining small size - - docker.io (DockerHub) - - `catthehacker/ubuntu:act-16.04` - - `catthehacker/ubuntu:act-18.04` - - `catthehacker/ubuntu:act-20.04` - - `catthehacker/ubuntu:act-latest` -- [`/linux/alpine/act/`](./linux/alpine/act/) - Alpine base image for `act` - - docker.io (DockerHub) - - `catthehacker/alpine:act` - - `catthehacker/alpine:runner` + + see [catthehacker/virtual-environments][catthehacker/virtual-environments] for more information + +- [`/linux/ubuntu/act/`](./linux/ubuntu/scripts/act.sh) - image used in [github.com/nektos/act][nektos/act] as medium size image retaining compatibility with most actions while maintaining small size + - `catthehacker/ubuntu:act-16.04` + - `catthehacker/ubuntu:act-18.04` + - `catthehacker/ubuntu:act-20.04` + - `catthehacker/ubuntu:act-latest` +- [`/linux/ubuntu/runner/`](./linux/ubuntu/scripts/runner.sh) - `catthehacker/ubuntu:act-*` but with `runner` as user instead of `root` + - `catthehacker/ubuntu:runner-16.04` + - `catthehacker/ubuntu:runner-18.04` + - `catthehacker/ubuntu:runner-20.04` + - `catthehacker/ubuntu:runner-latest` +- [`/linux/ubuntu/js/`](./linux/ubuntu/scripts/js.sh) - `catthehacker/ubuntu:act-*` but with `js` tools installed (`yarn`, `nvm`, `node` v10/v12, `pnpm`, `grunt`, etc.) + - `catthehacker/ubuntu:js-18.04` + - `catthehacker/ubuntu:js-20.04` + - `catthehacker/ubuntu:js-latest` +- [`/linux/ubuntu/rust/`](./linux/ubuntu/scripts/rust.sh) - `catthehacker/ubuntu:act-*` but with `rust` tools installed (`rustfmt`, `clippy`, `cbindgen`, etc.) +- [`/linux/ubuntu/pwsh/`](./linux/ubuntu/scripts/pwsh.sh) - `catthehacker/ubuntu:act-*` but with `pwsh` tools and modules installed + - `catthehacker/ubuntu:pwsh-18.04` + - `catthehacker/ubuntu:pwsh-20.04` + - `catthehacker/ubuntu:pwsh-latest` + +## [`ubuntu-16.04` will be deprecated soon](https://github.com/actions/virtual-environments/issues/3287) ## Repository contains parts of [`actions/virtual-environments`][actions/virtual-environments] which is licenced under ["MIT License"](https://github.com/actions/virtual-environments/blob/main/LICENSE) +[nektos/act]: https://github.com/nektos/act [actions/virtual-environments]: https://github.com/actions/virtual-environments -[catthehacker/runner-image]: https://github.com/catthehacker/virtual-environments +[catthehacker/virtual-environments]: https://github.com/catthehacker/virtual-environments diff --git a/build.ps1 b/build.ps1 new file mode 100644 index 0000000..5bdf731 --- /dev/null +++ b/build.ps1 @@ -0,0 +1,36 @@ +param( + $slug = 'catthehacker/ubuntu', + $tag, + $node = '12', + $distro = 'ubuntu', + $type, + $image = 'ubuntu', + $platforms = 'linux/amd64', + $build_version = "master", + $build_tag, + $build_tag_version = "dev", + $build_ref = 'master', + $from_image, + $from_tag, + $runner +) + +& (Get-Command 'docker').source @( + 'buildx', + 'build', + '--progress=plain', + "--tag=ghcr.io/${slug}:${tag}", + "--tag=quay.io/${slug}:${tag}", + "--tag=docker.io/${slug}:${tag}", + "--build-arg=NODE_VERSION=${node}", + "--build-arg=DISTRO=${distro}", + "--build-arg=TYPE=${type}", + "--build-arg=BUILD_TAG=${build_tag}", + "--build-arg=BUILD_TAG_VERSION=${build_tag_version}", + "--build-arg=BUILD_REF=${build_ref}", + "--build-arg=FROM_IMAGE=${from_image}", + "--build-arg=FROM_TAG=${from_tag}", + "--file=./linux/${image}/Dockerfile", + "--platform=${platforms}", + '.' +) diff --git a/build.sh b/build.sh index 214bd25..167094b 100755 --- a/build.sh +++ b/build.sh @@ -1,19 +1,20 @@ #!/bin/sh docker buildx build \ - --pull \ - --push \ - --progress=plain \ - --tag="ghcr.io/${SLUG}:${TAG}" \ - --tag="quay.io/${SLUG}:${TAG}" \ - --tag="docker.io/${SLUG}:${TAG}" \ - --build-arg="NODE_VERSION=${NODE}" \ - --build-arg="DISTRO=${DISTRO}" \ - --build-arg="BUILD_TAG_VERSION=${BUILD_TAG_VERSION}" \ - --build-arg="BUILD_TAG=${BUILD_TAG}" \ - --build-arg="BUILD_REF=${BUILD_REF}" \ - --build-arg="FROM_IMAGE=${FROM_IMAGE}" \ - --build-arg="FROM_TAG=${FROM_TAG}" \ - --file="./linux/${IMAGE}/${TYPE}/Dockerfile" \ - --platform="${PLATFORMS}" \ - . + --push \ + --progress=plain \ + --tag="ghcr.io/${SLUG}:${TAG}" \ + --tag="quay.io/${SLUG}:${TAG}" \ + --tag="docker.io/${SLUG}:${TAG}" \ + --build-arg="NODE_VERSION=${NODE}" \ + --build-arg="DISTRO=${DISTRO}" \ + --build-arg="TYPE=${TYPE}" \ + --build-arg="RUNNER=${RUNNER}" \ + --build-arg="BUILD_TAG_VERSION=${BUILD_TAG_VERSION}" \ + --build-arg="BUILD_TAG=${BUILD_TAG}" \ + --build-arg="BUILD_REF=${BUILD_REF}" \ + --build-arg="FROM_IMAGE=${FROM_IMAGE}" \ + --build-arg="FROM_TAG=${FROM_TAG}" \ + --file="./linux/${DISTRO}/Dockerfile" \ + --platform="${PLATFORMS}" \ + . diff --git a/linux/alpine/act/Dockerfile b/linux/alpine/act/Dockerfile deleted file mode 100644 index e0d98d7..0000000 --- a/linux/alpine/act/Dockerfile +++ /dev/null @@ -1,69 +0,0 @@ -ARG IMAGE=alpine -ARG TAG=3.13 -FROM ${IMAGE}:${TAG} - -# > automatic buildx ARGs -ARG TARGETARCH -ARG TARGETVARIANT - -# > ARGs before FROM are not accessible -ARG IMAGE=alpine -ARG TAG=3.13 -ARG IMAGEOS=alpine - -SHELL [ "/bin/ash", "-l", "-o", "pipefail", "-c" ] - -# > setup environment required for GitHub Actions, install dependencies/packages -RUN set -euxo pipefail \ - && printf "\n\n\tšŸ‹\t Build started \tšŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹\t Adding environment variables \tšŸ‹\t\n\n" \ - && sed 's|"||g' -i /etc/environment \ - && echo "USER=$(whoami)" | tee -a /etc/environment \ - && echo "RUNNER_USER=$(whoami)" | tee -a /etc/environment \ - && echo "IMAGE_OS=${IMAGE}" | tee -a /etc/environment \ - && echo "ImageOS=${IMAGE}" | tee -a /etc/environment \ - #&& echo "LSB_RELEASE=${DISTRIB_RELEASE}" | tee -a /etc/environment \ - && AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache \ - && echo "AGENT_TOOLSDIRECTORY=${AGENT_TOOLSDIRECTORY}" | tee -a /etc/environment \ - && echo "RUN_TOOL_CACHE=${AGENT_TOOLSDIRECTORY}" | tee -a /etc/environment \ - && echo "DEPLOYMENT_BASEPATH=/opt/runner" | tee -a /etc/environment \ - && echo ". /etc/environment" | tee -a /etc/profile \ - && printf "\n\n\tšŸ‹\t Creating tool cache directory and '/github' \tšŸ‹\t\n\n" \ - && mkdir -p ${AGENT_TOOLSDIRECTORY} \ - && chown 1000:1000 ${AGENT_TOOLSDIRECTORY} \ - && chmod 0777 ${AGENT_TOOLSDIRECTORY} \ - && mkdir -p /github \ - && chown 1000:1000 /github \ - && chmod 0777 /github \ - && printf "\n\n\tšŸ‹\t Installing packages \tšŸ‹\t\n\n" \ - && apk --no-cache add bash openssh-client gawk jq curl git wget sudo gnupg ca-certificates yaml zstd zip unzip xz icu build-base python3 nodejs docker-cli \ - && ln -s $(which python3) /usr/local/bin/python \ - && printf "\n\n\tšŸ‹\t Docker: $(docker -v) \tšŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹\t Node: $(node -v) \tšŸ‹\t\n\n" \ - && apk list -I | sort \ - && printf "\n\n\tšŸ‹\t Creating ~/.ssh and adding 'github.com' \tšŸ‹\t\n\n" \ - && mkdir -p ~/.ssh \ - && chmod 700 ~/.ssh \ - && ssh-keyscan github.com | tee ~/.ssh/known_hosts \ - && printf "\n\n\tšŸ‹\t Installed base utils \tšŸ‹\t\n\n" \ - && sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' \ - && sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' \ - && sed -i /etc/sudoers -re 's/^#includedir.*/## **Removed the include directive** ##"/g' \ - && printf "\n\n\tšŸ‹\t Cleaning image \tšŸ‹\t\n\n" \ - && apk clean cache \ - && rm -rf /var/cache/* /var/log/* /tmp/* || echo 'Failed to delete directories' \ - && printf "\n\n\tšŸ‹\t Cleaned up image \tšŸ‹\t\n\n" - -ARG BUILD_TAG_VERSION="dev" -ARG BUILD_TAG="act" -ARG BUILD_REF="master" - -LABEL org.opencontainers.image.vendor="catthehacker" -LABEL org.opencontainers.image.authors="me@hackerc.at" -LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${IMAGEOS}/${BUILD_TAG}/" -LABEL org.opencontainers.image.source="https://github.com/catthehacker/docker_images" -LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} -LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}-${TARGETVARIANT} -LABEL org.opencontainers.image.revision=${BUILD_REF} - -USER root diff --git a/linux/alpine/go/Dockerfile b/linux/alpine/go/Dockerfile deleted file mode 100644 index 6fca5bb..0000000 --- a/linux/alpine/go/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -ARG IMAGE=ghcr.io/catthehacker/alpine -ARG TAG=act -FROM ${IMAGE}:${TAG} - -ARG TARGETARCH -ARG TARGETVARIANT - -SHELL [ "/bin/ash", "-l", "-o", "pipefail", "-c" ] - -RUN set -euxo pipefail \ - && printf "Installing Go(lang)\n" \ - && sudo apk add --no-cache go - -ARG BUILD_TAG_VERSION="dev" -ARG BUILD_TAG="go" -ARG BUILD_REF="master" - -LABEL org.opencontainers.image.vendor="catthehacker" -LABEL org.opencontainers.image.authors="me@hackerc.at" -LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/" -LABEL org.opencontainers.image.source="https://github.com/catthehacker/docker_images" -LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} -LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}-${TARGETVARIANT} -LABEL org.opencontainers.image.revision=${BUILD_REF} diff --git a/linux/alpine/runner/Dockerfile b/linux/alpine/runner/Dockerfile deleted file mode 100644 index 6af344c..0000000 --- a/linux/alpine/runner/Dockerfile +++ /dev/null @@ -1,39 +0,0 @@ -ARG IMAGE=ghcr.io/catthehacker/alpine -ARG TAG=act -FROM ${IMAGE}:${TAG} - -ARG TARGETARCH -ARG TARGETVARIANT - -SHELL [ "/bin/ash", "-l", "-o", "pipefail", "-c" ] - -ARG RUNNER=runner - -# > Create non-root user -RUN set -euxo pipefail \ - && printf "Creating non-root user\n" \ - && addgroup -S ${RUNNER} -g 1000 && adduser -S ${RUNNER} -u 1000 -G ${RUNNER} -s /usr/bin/fish \ - && sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' \ - && sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' \ - && sed -i /etc/sudoers -re 's/^#includedir.*/## **Removed the include directive** ##"/g' \ - && echo "${RUNNER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers \ - && printf "Runner user: $(su - ${RUNNER} -c id)\n" \ - && printf "Created non-root user $(grep ${RUNNER} /etc/passwd)\n" \ - && sed -i /etc/environment -e "s/USER=root/USER=${RUNNER}/g" \ - && echo "RUNNER_TEMP=/home/${RUNNER}/work/_temp" | tee -a /etc/environment \ - && mkdir -p "/home/${RUNNER}/work/_temp" \ - && chown -R ${RUNNER}:${RUNNER} "/home/${RUNNER}/work" \ - && mkdir -p "/home/${RUNNER}/.ssh" \ - && chmod 700 "/home/${RUNNER}/.ssh" \ - && ssh-keyscan github.com | tee "/home/${RUNNER}/.ssh/known_hosts" \ - && chmod 644 "/home/${RUNNER}/.ssh/known_hosts" \ - && chown -R ${RUNNER}:${RUNNER} "/home/${RUNNER}/.ssh" - -ARG BUILD_TAG_VERSION="dev" -ARG BUILD_TAG="runner" -ARG BUILD_REF="master" - -LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/" -LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} -LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}-${TARGETVARIANT} -LABEL org.opencontainers.image.revision=${BUILD_REF} diff --git a/linux/alpine/rust/Dockerfile b/linux/alpine/rust/Dockerfile deleted file mode 100644 index 0990734..0000000 --- a/linux/alpine/rust/Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -ARG IMAGE=ghcr.io/catthehacker/alpine -ARG TAG=act -FROM ${IMAGE}:${TAG} - -ARG TARGETARCH -ARG TARGETVARIANT - -SHELL [ "/bin/ash", "-l", "-o", "pipefail", "-c" ] - -RUN set -euxo pipefail \ - && printf "Installing Rust\n" \ - && curl https://sh.rustup.rs -sSf | sh -s -- -y - -ARG BUILD_TAG_VERSION="dev" -ARG BUILD_TAG="rust" -ARG BUILD_REF="master" - -LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/" -LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} -LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}-${TARGETVARIANT} -LABEL org.opencontainers.image.revision=${BUILD_REF} diff --git a/linux/ubuntu/Dockerfile b/linux/ubuntu/Dockerfile new file mode 100644 index 0000000..aaa79b8 --- /dev/null +++ b/linux/ubuntu/Dockerfile @@ -0,0 +1,38 @@ +ARG FROM_IMAGE +ARG FROM_TAG +FROM ${FROM_IMAGE}:${FROM_TAG} + +# > automatic buildx ARGs +ARG TARGETARCH + +# > ARGs before FROM are not accessible +ARG FROM_IMAGE +ARG FROM_TAG + +# > Our custom ARGs +ARG NODE_VERSION=14 +ARG DISTRO=ubuntu +ARG TYPE=act +ARG RUNNER=root + +# > Force apt to not be interactive/not ask +ENV DEBIAN_FRONTEND=noninteractive + +SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ] + +COPY ./linux/${DISTRO}/scripts /imagegeneration/installers +RUN /imagegeneration/installers/${TYPE}.sh + +ARG BUILD_TAG +ARG BUILD_REF="master" +ARG BUILD_TAG_VERSION="dev" + +LABEL org.opencontainers.image.vendor="catthehacker" +LABEL org.opencontainers.image.authors="me@hackerc.at" +LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${DISTRO}/${TYPE}/" +LABEL org.opencontainers.image.source="https://github.com/catthehacker/docker_images" +LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} +LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH} +LABEL org.opencontainers.image.revision=${BUILD_REF} + +USER ${RUNNER} diff --git a/linux/ubuntu/act/Dockerfile b/linux/ubuntu/act/Dockerfile deleted file mode 100644 index db8d08b..0000000 --- a/linux/ubuntu/act/Dockerfile +++ /dev/null @@ -1,88 +0,0 @@ -ARG FROM_IMAGE=buildpack-deps -ARG FROM_TAG=20.04 -FROM ${FROM_IMAGE}:${FROM_TAG} - -# > automatic buildx ARGs -ARG TARGETARCH - -# > ARGs before FROM are not accessible -ARG FROM_IMAGE=buildpack-deps -ARG FROM_TAG=20.04 - -# > NodeJS version -ARG NODE_VERSION=12 - -# > Distro -ARG DISTRO=ubuntu -ARG TYPE=act - -# > Force apt to not be interactive/not ask -ENV DEBIAN_FRONTEND=noninteractive - -SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ] - -# > setup environment required for GitHub Actions -RUN set -Eeuxo pipefail \ - && printf "\n\n\tšŸ‹ Build started šŸ‹\t\n\n" \ - && sed 's|"||g' -i /etc/environment \ - && echo "USER=$(whoami)" | tee -a /etc/environment \ - && echo "RUNNER_USER=$(whoami)" | tee -a /etc/environment \ - && ImageOS=ubuntu$(echo ${FROM_TAG} | cut -d'.' -f 1) \ - && echo "IMAGE_OS=$ImageOS" | tee -a /etc/environment \ - && echo "ImageOS=$ImageOS" | tee -a /etc/environment \ - && echo "LSB_RELEASE=${FROM_TAG}" | tee -a /etc/environment \ - && AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache \ - && echo "AGENT_TOOLSDIRECTORY=$AGENT_TOOLSDIRECTORY" | tee -a /etc/environment \ - && echo "RUN_TOOL_CACHE=$AGENT_TOOLSDIRECTORY" | tee -a /etc/environment \ - && echo "DEPLOYMENT_BASEPATH=/opt/runner" | tee -a /etc/environment \ - && echo ". /etc/environment" | tee -a /etc/profile \ - && mkdir -m 0777 -p $AGENT_TOOLSDIRECTORY \ - && chown -R 1001:1000 $AGENT_TOOLSDIRECTORY \ - && mkdir -m 0777 -p /github \ - && chown -R 1001:1000 /github \ - && printf "\n\n\tšŸ‹ Installing packages šŸ‹\t\n\n" \ - && apt-get -yq update \ - && apt-get -yq install --no-install-recommends ssh lsb-release gawk jq curl git wget sudo gnupg-agent ca-certificates software-properties-common apt-transport-https libyaml-0-2 zstd unzip xz-utils \ - && ln -s $(which python3) /usr/local/bin/python \ - && [[ "${FROM_TAG}" == "16.04" ]] && printf 'git-lfs not available for Xenial' || apt-get -yq install --no-install-recommends git-lfs \ - && printf "\n\n\tšŸ‹ Updated apt lists and upgraded packages šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Creating ~/.ssh and adding 'github.com' šŸ‹\t\n\n" \ - && mkdir -m 0700 -p ~/.ssh \ - && ssh-keyscan github.com | tee ~/.ssh/known_hosts \ - && printf "\n\n\tšŸ‹ Installed base utils šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Installing docker cli šŸ‹\t\n\n" \ - && curl -sSL https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add - \ - && sudo apt-add-repository https://packages.microsoft.com/ubuntu/${FROM_TAG}/prod \ - && apt-get -yq update \ - && apt-get -yq install --no-install-recommends moby-cli moby-buildx \ - && printf "\n\n\tšŸ‹ Installed moby-cli šŸ‹\t\n\n" \ - && docker -v \ - && printf "\n\n\tšŸ‹ Installed moby-buildx šŸ‹\t\n\n" \ - && docker buildx version \ - && printf "\n\n\tšŸ‹ Installing Node.JS šŸ‹\t\n\n" \ - && VER=$(curl https://nodejs.org/download/release/index.json | jq "[.[] | select(.version|test(\"^v${NODE_VERSION}\"))][0].version" -r) \ - && NODEPATH="$AGENT_TOOLSDIRECTORY/node/${VER:1}/x64" \ - && mkdir -v -m 0777 -p $NODEPATH \ - && curl "https://nodejs.org/download/release/latest-v${NODE_VERSION}.x/node-$VER-linux-x64.tar.xz" | tar -Jxf - --strip-components=1 -C $NODEPATH \ - && sed "s|^PATH=|PATH=$NODEPATH/bin:|mg" -i /etc/environment \ - && export PATH="$NODEPATH/bin:$PATH" \ - && printf "\n\n\tšŸ‹ Installed Node.JS $(node -v) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Installed NPM $(npm -v) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Cleaning image šŸ‹\t\n\n" \ - && apt-get clean \ - && rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' \ - && printf "\n\n\tšŸ‹ Cleaned up image šŸ‹\t\n\n" - -ARG BUILD_TAG_VERSION="dev" -ARG BUILD_TAG="act" -ARG BUILD_REF="master" - -LABEL org.opencontainers.image.vendor="catthehacker" -LABEL org.opencontainers.image.authors="me@hackerc.at" -LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${DISTRO}/${TYPE}/" -LABEL org.opencontainers.image.source="https://github.com/catthehacker/docker_images" -LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} -LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH} -LABEL org.opencontainers.image.revision=${BUILD_REF} - -USER root diff --git a/linux/ubuntu/go/Dockerfile b/linux/ubuntu/go/Dockerfile deleted file mode 100644 index d0e6024..0000000 --- a/linux/ubuntu/go/Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -ARG IMAGE=ghcr.io/catthehacker/alpine -ARG TAG=act-latest -FROM ${IMAGE}:${TAG} - -ARG TARGETARCH -ARG TARGETVARIANT - -SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ] - -RUN set -Eeuxo pipefail \ - && printf "Installing Go(lang)\n" \ - && sudo apk add --no-cache go - -ARG BUILD_TAG_VERSION="dev" -ARG BUILD_TAG="go" -ARG BUILD_REF="master" - -LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/" -LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} -LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}-${TARGETVARIANT} -LABEL org.opencontainers.image.revision=${BUILD_REF} diff --git a/linux/ubuntu/js/Dockerfile b/linux/ubuntu/js/Dockerfile deleted file mode 100644 index b4fe1a1..0000000 --- a/linux/ubuntu/js/Dockerfile +++ /dev/null @@ -1,41 +0,0 @@ -ARG FROM_IMAGE=ghcr.io/catthehacker/ubuntu -ARG FROM_TAG=act-latest -FROM ${FROM_IMAGE}:${FROM_TAG} - -ARG TARGETARCH -ARG TARGETVARIANT - -SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ] - -RUN set -Eeuxo pipefail \ - && printf "\n\n\tšŸ‹ Installing JS tools šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Installed NPM $(npm -v) šŸ‹\t\n\n" \ - && npm install -g npm \ - && npm install -g pnpm \ - && npm install -g yarn \ - && printf "\n\n\tšŸ‹ Installed NPM $(npm -v) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Installed PNPM $(pnpm -v) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Installed YARN $(yarn -v) šŸ‹\t\n\n" \ - && npm install -g grunt gulp n parcel-bundler typescript newman vercel webpack webpack-cli lerna \ - && npm install -g --unsafe-perm netlify-cli \ - && printf "\n\n\tšŸ‹ Installing NVM tools šŸ‹\t\n\n" \ - && VERSION=$(curl -s https://api.github.com/repos/nvm-sh/nvm/releases/latest | jq -r '.tag_name') \ - && curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/$VERSION/install.sh | bash \ - && export NVM_DIR=$HOME/.nvm \ - && echo 'NVM_DIR=$HOME/.nvm' | tee -a /etc/environment \ - && echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm' | tee -a /etc/skel/.bash_profile \ - && [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" \ - && printf "\n\n\tšŸ‹ Installed NVM $(nvm --version) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Cleaning image šŸ‹\t\n\n" \ - && apt-get clean \ - && rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' \ - && printf "\n\n\tšŸ‹ Cleaned up image šŸ‹\t\n\n" - -ARG BUILD_TAG_VERSION="dev" -ARG BUILD_TAG="js" -ARG BUILD_REF="master" - -LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/" -LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} -LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH} -LABEL org.opencontainers.image.revision=${BUILD_REF} diff --git a/linux/ubuntu/mega/Dockerfile b/linux/ubuntu/mega/Dockerfile deleted file mode 100644 index c2b5479..0000000 --- a/linux/ubuntu/mega/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -ARG IMAGE=ghcr.io/catthehacker/alpine -ARG TAG=act-latest -FROM ${IMAGE}:${TAG} - -ARG TARGETARCH -ARG TARGETVARIANT - -SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ] - -RUN #TODO - -ARG BUILD_TAG_VERSION="dev" -ARG BUILD_TAG="rust" -ARG BUILD_REF="master" - -LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/" -LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} -LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH}-${TARGETVARIANT} -LABEL org.opencontainers.image.revision=${BUILD_REF} diff --git a/linux/ubuntu/runner/Dockerfile b/linux/ubuntu/runner/Dockerfile deleted file mode 100644 index bb3c851..0000000 --- a/linux/ubuntu/runner/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -ARG FROM_IMAGE=ghcr.io/catthehacker/ubuntu -ARG FROM_TAG=act-latest -FROM ${FROM_IMAGE}:${FROM_TAG} - -ARG TARGETARCH -ARG TARGETVARIANT - -# > ARGs before FROM are not accessible -ARG FROM_IMAGE=catthehacker/ubuntu -ARG FROM_TAG=act-latest - -# > non-root user -ARG RUNNER=runner - -SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ] - -# > Create non-root user -RUN set -Eeuxo pipefail \ - && printf "\n\n\tšŸ‹ Creating runner users šŸ‹\t\n\n" \ - && groupadd -g 1001 ${RUNNER} \ - && groupadd -g 1000 ${RUNNER}admin \ - && useradd -u 1001 -g ${RUNNER} -G sudo -m -s /bin/bash ${RUNNER} \ - && useradd -u 1000 -g ${RUNNER}admin -G sudo -m -s /bin/bash ${RUNNER}admin \ - && echo "${RUNNER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers \ - && echo "${RUNNER}admin ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers \ - && printf "\n\n\tšŸ‹ Runner user: $(su - ${RUNNER} -c id) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Runner admin: $(su - ${RUNNER}admin -c id) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Created non-root user $(grep ${RUNNER} /etc/passwd) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Created non-root admin $(grep ${RUNNER}admin /etc/passwd) šŸ‹\t\n\n" \ - && sed -i /etc/environment -e "s/USER=root/USER=${RUNNER}/g" \ - && echo "RUNNER_TEMP=/home/${RUNNER}/work/_temp" | tee -a /etc/environment \ - && mkdir -p "/home/${RUNNER}/work/_temp" \ - && chown -R ${RUNNER}:${RUNNER} "/home/${RUNNER}/work" \ - && mkdir -m 0700 -p "/home/${RUNNER}/.ssh" \ - && ssh-keyscan github.com | tee "/home/${RUNNER}/.ssh/known_hosts" \ - && chmod 644 "/home/${RUNNER}/.ssh/known_hosts" \ - && chown -R ${RUNNER}:${RUNNER} "/home/${RUNNER}/.ssh" \ - && . /etc/environment \ - && chown -R ${RUNNER}:${RUNNER}admin $AGENT_TOOLSDIRECTORY \ - && printf "\n\n\tšŸ‹ Finished building šŸ‹\t\n\n" - -ARG BUILD_TAG_VERSION="dev" -ARG BUILD_TAG="runner" -ARG BUILD_REF="master" - -LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${ImageOS}/${BUILD_TAG}/" -LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} -LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH} -LABEL org.opencontainers.image.revision=${BUILD_REF} - -USER ${RUNNER} - -WORKDIR /home/runner diff --git a/linux/ubuntu/rust/Dockerfile b/linux/ubuntu/rust/Dockerfile deleted file mode 100644 index 2013317..0000000 --- a/linux/ubuntu/rust/Dockerfile +++ /dev/null @@ -1,47 +0,0 @@ -ARG FROM_IMAGE=ghcr.io/catthehacker/ubuntu -ARG FROM_TAG=act-latest -FROM ${FROM_IMAGE}:${FROM_TAG} - -ARG TARGETARCH -ARG TARGETVARIANT - -ARG DISTRO=ubuntu - -ARG RUSTUP_HOME=/usr/share/rust/.rustup -ARG CARGO_HOME=/usr/share/rust/.cargo - -SHELL [ "/bin/bash", "--noprofile", "--norc", "-e", "-o", "pipefail", "-c" ] - -RUN set -Eeuxo pipefail \ - && printf "\n\n\tšŸ‹ Installing dependencies šŸ‹\t\n\n" \ - && apt-get -yq update \ - && apt-get -yq install build-essential llvm \ - && printf "\n\n\tšŸ‹ Installing Rust šŸ‹\t\n\n" \ - && curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain=stable --profile=minimal \ - && source ${CARGO_HOME}/env \ - && rustup component add rustfmt clippy \ - && cargo install --locked bindgen cbindgen cargo-audit cargo-outdated \ - && chmod -R 777 $(dirname ${RUSTUP_HOME}) \ - && rm -rf ${CARGO_HOME}/registry/* \ - && sed "s|PATH=|PATH=${CARGO_HOME}/bin:|g" -i /etc/environment \ - && cd /root \ - && ln -sf ${CARGO_HOME} .cargo \ - && ln -sf ${RUSTUP_HOME} .rustup \ - && echo "RUSTUP_HOME=${RUSTUP_HOME}" | tee -a /etc/environment \ - && echo "CARGO_HOME=${CARGO_HOME}" | tee -a /etc/environment \ - && printf "\n\n\tšŸ‹ Installed RUSTUP $(rustup -V) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Installed CARGO $(cargo -V) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Installed RUSTC $(rustc -V) šŸ‹\t\n\n" \ - && printf "\n\n\tšŸ‹ Cleaning image šŸ‹\t\n\n" \ - && apt-get clean \ - && rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' \ - && printf "\n\n\tšŸ‹ Cleaned up image šŸ‹\t\n\n" - -ARG BUILD_TAG_VERSION="dev" -ARG BUILD_TAG="rust" -ARG BUILD_REF="master" - -LABEL org.opencontainers.image.url="https://github.com/catthehacker/docker_images/tree/${BUILD_REF}/linux/${DISTRO}/${BUILD_TAG}/" -LABEL org.opencontainers.image.version=${BUILD_TAG_VERSION} -LABEL org.opencontainers.image.title=${BUILD_TAG}-${TARGETARCH} -LABEL org.opencontainers.image.revision=${BUILD_REF} diff --git a/linux/ubuntu/scripts/act.sh b/linux/ubuntu/scripts/act.sh new file mode 100755 index 0000000..3196cc0 --- /dev/null +++ b/linux/ubuntu/scripts/act.sh @@ -0,0 +1,110 @@ +#!/bin/bash + +# disable warning about 'mkdir -m -p' +# shellcheck disable=SC2174 + +set -Eeuxo pipefail + +printf "\n\tšŸ‹ Build started šŸ‹\t\n" + +sed 's|"||g' -i "/etc/environment" + +echo "USER=$(whoami)" | tee -a "/etc/environment" +echo "RUNNER_USER=$(whoami)" | tee -a "/etc/environment" + +ImageOS=ubuntu$(echo "${FROM_TAG}" | cut -d'.' -f 1) +echo "IMAGE_OS=$ImageOS" | tee -a "/etc/environment" +echo "ImageOS=$ImageOS" | tee -a "/etc/environment" +echo "LSB_RELEASE=${FROM_TAG}" | tee -a "/etc/environment" + +AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache +echo "AGENT_TOOLSDIRECTORY=${AGENT_TOOLSDIRECTORY}" | tee -a "/etc/environment" +echo "RUN_TOOL_CACHE=${AGENT_TOOLSDIRECTORY}" | tee -a "/etc/environment" +echo "DEPLOYMENT_BASEPATH=/opt/runner" | tee -a "/etc/environment" +echo ". /etc/environment" | tee -a /etc/profile + +mkdir -m 0777 -p "${AGENT_TOOLSDIRECTORY}" +chown -R 1001:1000 "${AGENT_TOOLSDIRECTORY}" + +mkdir -m 0777 -p /github +chown -R 1001:1000 /github + +printf "\n\tšŸ‹ Installing packages šŸ‹\t\n" +packages=( + ssh + lsb-release + gawk + curl + git + wget + sudo + gnupg-agent + ca-certificates + software-properties-common + apt-transport-https + libyaml-0-2 + zstd + zip + unzip + xz-utils +) + +apt-get -yq update +apt-get -yq install --no-install-recommends "${packages[@]}" + +ln -s "$(which python3)" "/usr/local/bin/python" + +LSB_OS_VERSION=$(lsb_release -rs | sed 's|\.||g') +echo "LSB_OS_VERSION=${LSB_OS_VERSION}" | tee -a "/etc/environment" + +wget -qO "/imagegeneration/toolset.json" "https://raw.githubusercontent.com/actions/virtual-environments/main/images/linux/toolsets/toolset-${LSB_OS_VERSION}.json" + +wget -qO "/usr/bin/jq" "https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64" +chmod +x "/usr/bin/jq" + +if [[ "${FROM_TAG}" == "16.04" ]]; then + printf 'git-lfs not available for Xenial' +else + apt-get -yq install --no-install-recommends git-lfs +fi + +printf "\n\tšŸ‹ Updated apt lists and upgraded packages šŸ‹\t\n" + +printf "\n\tšŸ‹ Creating ~/.ssh and adding 'github.com' šŸ‹\t\n" +mkdir -m 0700 -p ~/.ssh +ssh-keyscan -t rsa github.com >>/etc/ssh/ssh_known_hosts +ssh-keyscan -t rsa ssh.dev.azure.com >>/etc/ssh/ssh_known_hosts + +printf "\n\tšŸ‹ Installed base utils šŸ‹\t\n" + +printf "\n\tšŸ‹ Installing docker cli šŸ‹\t\n" +curl -sSL https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add - +apt-add-repository "https://packages.microsoft.com/ubuntu/${FROM_TAG}/prod" +apt-get -yq update +apt-get -yq install --no-install-recommends moby-cli moby-buildx + +printf "\n\tšŸ‹ Installed moby-cli šŸ‹\t\n" +docker -v + +printf "\n\tšŸ‹ Installed moby-buildx šŸ‹\t\n" +docker buildx version + +printf "\n\tšŸ‹ Installing Node.JS šŸ‹\t\n" +VER=$(curl https://nodejs.org/download/release/index.json | jq "[.[] | select(.version|test(\"^v${NODE_VERSION}\"))][0].version" -r) +NODEPATH="$AGENT_TOOLSDIRECTORY/node/${VER:1}/x64" +mkdir -v -m 0777 -p "$NODEPATH" +curl -SsL "https://nodejs.org/download/release/latest-v${NODE_VERSION}.x/node-$VER-linux-x64.tar.xz" | tar -Jxf - --strip-components=1 -C "$NODEPATH" +sed "s|^PATH=|PATH=$NODEPATH/bin:|mg" -i /etc/environment +export PATH="$NODEPATH/bin:$PATH" + +printf "\n\tšŸ‹ Installed Node.JS šŸ‹\t\n" +node -v + +printf "\n\tšŸ‹ Installed NPM šŸ‹\t\n" +npm -v + +printf "\n\tšŸ‹ Cleaning image šŸ‹\t\n" +apt-get clean +rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' + +printf "\n\tšŸ‹ Cleaned up image šŸ‹\t\n" diff --git a/linux/ubuntu/scripts/go.sh b/linux/ubuntu/scripts/go.sh new file mode 100755 index 0000000..22f4f70 --- /dev/null +++ b/linux/ubuntu/scripts/go.sh @@ -0,0 +1,40 @@ +#!/bin/bash + +# disable warning about 'mkdir -m -p' +# shellcheck disable=SC2174 + +# source environment because Linux is beautiful and not really confusing like Windows, also you are apparently not supposed to source that file because it's not conforming to standard shell format but we already fix that in base image +# yes, this is sarcasm +# shellcheck disable=SC1091 +. /etc/environment + +# no -x because big json +set -Eeuo pipefail + +printf "\n\tšŸ‹ Installing Go(lang) šŸ‹\t\n" + +JSON=$(wget -qO- "$(jq -r '.toolcache[] | select(.name == "go") | .url' "/imagegeneration/toolset.json")" | jq --compact-output) + +for V in $(jq -r '.toolcache[] | select(.name == "go") | .versions[]' "/imagegeneration/toolset.json"); do + printf "\n\tšŸ‹ Installing GO=%s šŸ‹\t\n" "${V}" + VER=$(echo "${JSON}" | jq "[.[] | select(.version|test(\"^${V}\"))][0].version" -r) + GOPATH="$AGENT_TOOLSDIRECTORY/go/${VER}/x64" + + mkdir -v -m 0777 -p "$GOPATH" + wget -qO- "https://golang.org/dl/go${VER}.linux-amd64.tar.gz" | tar -zxf - --strip-components=1 -C "$GOPATH" + + ENVVAR="${V//\./_}" + echo "${ENVVAR}=${GOPATH}" >>/etc/environment + + printf "\n\tšŸ‹ Installed GO šŸ‹\t\n" + "$GOPATH/bin/go" version + + if [[ "${V}" == "1.15" ]]; then + ln -s "$GOPATH/bin/*" /usr/bin/ + fi +done + +printf "\n\tšŸ‹ Cleaning image šŸ‹\t\n" +apt-get clean +rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' +printf "\n\tšŸ‹ Cleaned up image šŸ‹\t\n" diff --git a/linux/ubuntu/scripts/js.sh b/linux/ubuntu/scripts/js.sh new file mode 100755 index 0000000..676c024 --- /dev/null +++ b/linux/ubuntu/scripts/js.sh @@ -0,0 +1,71 @@ +#!/bin/bash + +set -Eeuo pipefail + +# source environment because Linux is beautiful and not really confusing like Windows +# also you are apparently not supposed to source that file because it's not conforming to standard shell envvar +# format but we already fix that in base image +# yes, this is sarcasm +# shellcheck disable=SC1091 +. /etc/environment + +printf "\n\tšŸ‹ Installed NPM šŸ‹\t\n" +npm -v + +versions=("10" "12") +JSON=$(wget -qO- https://nodejs.org/download/release/index.json | jq --compact-output) + +for V in "${versions[@]}"; do + printf "\n\tšŸ‹ Installing NODE=%s šŸ‹\t\n" "${V}" + VER=$(echo "${JSON}" | jq "[.[] | select(.version|test(\"^v${V}\"))][0].version" -r) + NODEPATH="$AGENT_TOOLSDIRECTORY/node/${VER:1}/x64" + + # disable warning about 'mkdir -m -p' + # shellcheck disable=SC2174 + mkdir -v -m 0777 -p "$NODEPATH" + wget -qO- "https://nodejs.org/download/release/latest-v${V}.x/node-$VER-linux-x64.tar.xz" | tar -Jxf - --strip-components=1 -C "$NODEPATH" + + ENVVAR="${V//\./_}" + echo "${ENVVAR}=${NODEPATH}" >>/etc/environment + + printf "\n\tšŸ‹ Installed NODE šŸ‹\t\n" + "$NODEPATH/bin/node" -v +done + +printf "\n\tšŸ‹ Installing JS tools šŸ‹\t\n" +npm install -g npm +npm install -g pnpm +npm install -g yarn +npm install -g grunt gulp n parcel-bundler typescript newman vercel webpack webpack-cli lerna +npm install -g --unsafe-perm netlify-cli + +printf "\n\tšŸ‹ Installed NPM šŸ‹\t\n" +npm -v + +printf "\n\tšŸ‹ Installed PNPM šŸ‹\t\n" +pnpm -v + +printf "\n\tšŸ‹ Installed YARN šŸ‹\t\n" +yarn -v + +printf "\n\tšŸ‹ Installing NVM tools šŸ‹\t\n" +VERSION=$(curl -s https://api.github.com/repos/nvm-sh/nvm/releases/latest | jq -r '.tag_name') +curl -o- "https://raw.githubusercontent.com/nvm-sh/nvm/$VERSION/install.sh" | bash +export NVM_DIR=$HOME/.nvm +echo "NVM_DIR=$HOME/.nvm" | tee -a /etc/environment + +# Expressions don't expand in single quotes, use double quotes for that.shellcheck(SC2016) +# shellcheck disable=SC2016 +echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm' | tee -a /etc/skel/.bash_profile + +# Not following: ./nvm.sh was not specified as input (see shellcheck -x).shellcheck(SC1091) +# shellcheck disable=SC1091 +[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" + +printf "\n\tšŸ‹ Installed NVM šŸ‹\t\n" +nvm --version + +printf "\n\tšŸ‹ Cleaning image šŸ‹\t\n" +apt-get clean +rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' +printf "\n\tšŸ‹ Cleaned up image šŸ‹\t\n" diff --git a/linux/ubuntu/scripts/pwsh.sh b/linux/ubuntu/scripts/pwsh.sh new file mode 100755 index 0000000..51338b8 --- /dev/null +++ b/linux/ubuntu/scripts/pwsh.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +set -Eeuxo pipefail + +printf "\n\tšŸ‹ Installing PowerShell šŸ‹\t\n" +sudo apt-get -yq update +sudo apt-get -yq install powershell + +printf "\n\tšŸ‹ Installed PWSH šŸ‹\t\n" +pwsh -v + +printf "\n\tšŸ‹ Installing PowerShell modules šŸ‹\t\n" +modules=("MarkdownPS" "Pester" "PSScriptAnalyzer") + +for mod in "${modules[@]}"; do + printf "\n\tšŸ‹ Installing %s šŸ‹\t\n" "${mod}" + pwsh -nol -nop -c "Install-Module -Name ${mod} -Scope AllUsers -SkipPublisherCheck -Force" +done + +printf "\n\tšŸ‹ Cleaning image šŸ‹\t\n" +apt-get clean +rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' + +printf "\n\tšŸ‹ Cleaned up image šŸ‹\t\n" diff --git a/linux/ubuntu/scripts/runner.sh b/linux/ubuntu/scripts/runner.sh new file mode 100755 index 0000000..5b823b4 --- /dev/null +++ b/linux/ubuntu/scripts/runner.sh @@ -0,0 +1,47 @@ +#!/bin/bash + +# disable warning about 'mkdir -m -p' +# shellcheck disable=SC2174 + +set -Eeuxo pipefail + +printf "\n\tšŸ‹ Creating runner users šŸ‹\t\n" +groupadd -g 1001 "${RUNNER}" +groupadd -g 1000 "${RUNNER}admin" +useradd -u 1001 -g "${RUNNER}" -G sudo -m -s /bin/bash "${RUNNER}" +useradd -u 1000 -g "${RUNNER}admin" -G sudo -m -s /bin/bash "${RUNNER}admin" +echo "${RUNNER} ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers +echo "${RUNNER}admin ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers +printf "\n\tšŸ‹ Runner user šŸ‹\t\n" +su - "${RUNNER}" -c id + +printf "\n\tšŸ‹ Runner admin šŸ‹\t\n" +su - "${RUNNER}admin" -c id + +printf "\n\tšŸ‹ Created non-root user šŸ‹\t\n" +grep "${RUNNER}" /etc/passwd + +printf "\n\tšŸ‹ Created non-root admin šŸ‹\t\n" +grep "${RUNNER}admin" /etc/passwd + +sed -i /etc/environment -e "s/USER=root/USER=${RUNNER}/g" + +echo "RUNNER_TEMP=/home/${RUNNER}/work/_temp" | tee -a /etc/environment +mkdir -p "/home/${RUNNER}/work/_temp" +chown -R "${RUNNER}":"${RUNNER}" "/home/${RUNNER}/work" + +mkdir -m 0700 -p "/home/${RUNNER}/.ssh" +ssh-keyscan -t rsa github.com >>"/home/${RUNNER}/.ssh/known_hosts" +ssh-keyscan -t rsa ssh.dev.azure.com >>"/home/${RUNNER}/.ssh/known_hosts" + +chmod 644 "/home/${RUNNER}/.ssh/known_hosts" +chown -R "${RUNNER}":"${RUNNER}" "/home/${RUNNER}/.ssh" + +# shellcheck disable=SC1091 +. /etc/environment + +# Word is of the form "A"B"C" (B indicated). Did you mean "ABC" or "A\"B\"C"?shellcheck(SC2140) +# shellcheck disable=SC2140 +chown -R "${RUNNER}":"${RUNNER}admin" "$AGENT_TOOLSDIRECTORY" + +printf "\n\tšŸ‹ Finished building šŸ‹\t\n" diff --git a/linux/ubuntu/scripts/rust.sh b/linux/ubuntu/scripts/rust.sh new file mode 100755 index 0000000..00ea26e --- /dev/null +++ b/linux/ubuntu/scripts/rust.sh @@ -0,0 +1,51 @@ +#!/bin/bash + +set -Eeuxo pipefail + +# source environment because Linux is beautiful and not really confusing like Windows, also you are apparently not supposed to source that file because it's not conforming to standard shell format but we already fix that in base image +# yes, this is sarcasm +# shellcheck disable=SC1091 +. /etc/environment + +export RUSTUP_HOME=/usr/share/rust/.rustup +export CARGO_HOME=/usr/share/rust/.cargo + +printf "\n\tšŸ‹ Installing dependencies šŸ‹\t\n" +apt-get -yq update +apt-get -yq install build-essential llvm + +printf "\n\tšŸ‹ Installing Rust šŸ‹\t\n" +curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain=stable --profile=minimal + +# shellcheck disable=SC1091 +source "${CARGO_HOME}/env" + +rustup component add rustfmt clippy +cargo install --locked bindgen cbindgen cargo-audit cargo-outdated +chmod -R 777 "$(dirname "${RUSTUP_HOME}")" + +# cleanup +rm -rf "${CARGO_HOME}/registry/*" + +sed "s|PATH=|PATH=${CARGO_HOME}/bin:|g" -i /etc/environment + +cd /root +ln -sf "${CARGO_HOME}" .cargo +ln -sf "${RUSTUP_HOME}" .rustup +echo "RUSTUP_HOME=${RUSTUP_HOME}" >>/etc/environment +echo "CARGO_HOME=${CARGO_HOME}" >>/etc/environment + +printf "\n\tšŸ‹ Installed RUSTUP šŸ‹\t\n" +rustup -V + +printf "\n\tšŸ‹ Installed CARGO šŸ‹\t\n" +cargo -V + +printf "\n\tšŸ‹ Installed RUSTC šŸ‹\t\n" +rustc -V + +printf "\n\tšŸ‹ Cleaning image šŸ‹\t\n" +apt-get clean +rm -rf /var/cache/* /var/log/* /var/lib/apt/lists/* /tmp/* || echo 'Failed to delete directories' + +printf "\n\tšŸ‹ Cleaned up image šŸ‹\t\n"