Skip to content

Commit

Permalink
cleaned up jenkins agents to use common base image (#683)
Browse files Browse the repository at this point in the history
* cleaned up jenkins agents to use common base image

* switched to rh-cop image

* reverted local change
  • Loading branch information
garethahealy authored Dec 18, 2023
1 parent 889fd09 commit b65ea74
Show file tree
Hide file tree
Showing 44 changed files with 462 additions and 344 deletions.
5 changes: 5 additions & 0 deletions .github/workflows/jenkins-agent-ansible-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile
ignore: DL3041

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/jenkins-agent-arachni-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/jenkins-agent-argocd-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/jenkins-agent-cosign-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/jenkins-agent-erlang-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
5 changes: 5 additions & 0 deletions .github/workflows/jenkins-agent-golang-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile
ignore: DL3041

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
5 changes: 5 additions & 0 deletions .github/workflows/jenkins-agent-gradle-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile
ignore: DL3041

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/jenkins-agent-hugo-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/jenkins-agent-image-mgmt-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,10 @@ jobs:
with:
IMAGE_CONTEXT_DIR: ${{ env.context }}

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/jenkins-agent-mongodb-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
5 changes: 5 additions & 0 deletions .github/workflows/jenkins-agent-mvn-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile
ignore: DL3041

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
46 changes: 46 additions & 0 deletions .github/workflows/jenkins-agent-mvn-publish.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
name: jenkins-agent-mvn-publish
on:
push:
paths:
- jenkins-agents/jenkins-agent-mvn/version.json
- .github/workflows/jenkins-agent-mvn-publish.yaml

# Declare default permissions as read only.
permissions: read-all

jobs:
build:
env:
context: jenkins-agents/jenkins-agent-mvn
image_name: jenkins-agent-mvn
runs-on: ubuntu-latest
permissions:
packages: write
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- name: Get image tags
id: image_tags
uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4
with:
IMAGE_CONTEXT_DIR: ${{ env.context }}

- name: Build image
id: build_image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
context: ${{ env.context }}
dockerfiles: |
./${{ env.context }}/Dockerfile
image: ${{ env.image_name }}
tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}"

- name: Push to ghcr.io
uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2
if: ${{ !contains(github.ref, 'renovate') }}
with:
image: ${{ steps.build_image.outputs.image }}
registry: ghcr.io/${{ github.repository }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
tags: ${{ steps.build_image.outputs.tags }}
5 changes: 5 additions & 0 deletions .github/workflows/jenkins-agent-npm-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile
ignore: DL3041

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
7 changes: 6 additions & 1 deletion .github/workflows/jenkins-agent-python-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:

- name: Check if version.json has been bumped
id: changes
run: echo "changed=$(git --no-pager diff --name-only origin/master HEAD | grep "${context}/version.json" | wc -l)" >> $GITHUB_OUTPUT
run: echo "changed=$(git --no-pager diff --name-only origin/main HEAD | grep "${context}/version.json" | wc -l)" >> $GITHUB_OUTPUT

- name: Fail if version.json not bumped
if: steps.changes.outputs.changed == 0
Expand All @@ -35,6 +35,11 @@ jobs:
with:
IMAGE_CONTEXT_DIR: ${{ env.context }}

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile
ignore: DL3041

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
5 changes: 5 additions & 0 deletions .github/workflows/jenkins-agent-ruby-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile
ignore: DL3041

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
5 changes: 5 additions & 0 deletions .github/workflows/jenkins-agent-rust-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ jobs:
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

- uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
dockerfile: ${{ env.context }}/Dockerfile
ignore: DL3041

- name: Build image
uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
with:
Expand Down
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,5 @@ policy/

# BATS
_test/test_helper/

jenkins-agents/jenkins-agent-npm/node_modules
51 changes: 11 additions & 40 deletions jenkins-agents/jenkins-agent-ansible/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,46 +1,17 @@
FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4
FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14

# renovate: datasource=pypi depName=ansible-core
ARG ANSIBLE_CORE_VERSION=2.16.2

LABEL \
release="1" \
version="4.14" \
architecture="x86_64" \
LABEL name="redhat-cop/jenkins-agent-ansible" \
io.k8s.display-name="Jenkins Agent Ansible" \
name="openshift/origin-jenkins-agent-ansible-ubi8" \
io.openshift.tags="openshift,jenkins,agent,ansible" \
com.redhat.component="jenkins-agent-ansible-ubi8-docker" \
io.k8s.description="The jenkins agent ansible image has ansible on top of the jenkins agent base image."

ARG DNF_FLAGS="-y"
io.k8s.description="The jenkins agent ansible image has ansible on top of the jenkins agent base image." \
com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-ansible"

ARG PIP_PKGS="\
molecule \
paramiko \
openshift \
kubernetes \
ansible-core==${ANSIBLE_CORE_VERSION} \
"
ARG DNF_PKGS="python311"
USER root

ADD ubi8.repo /tmp/ubi8.repo

RUN set -x \
&& rm -f /etc/yum.repos.d/*.repo \
&& mv /tmp/ubi8.repo /etc/yum.repos.d/ \
&& dnf install ${DNF_FLAGS} ${DNF_PKGS} \
&& dnf ${DNF_FLAGS} clean all \
&& rm -rf /var/cache/dnf \
&& alternatives --set python3 /usr/bin/python3.11 \
&& python3 -m ensurepip --default-pip \
&& python3 -m pip install --upgrade pip \
&& python3 -m pip install ${PIP_PKGS} \
&& chmod -R 775 /etc/alternatives \
&& chmod -R 775 /var/lib/alternatives \
&& echo
COPY requirements.txt /requirements.txt
RUN dnf -y install --nodocs python3.11 python3.11-pip && \
dnf clean all && \
pip3.11 install --no-cache-dir -r /requirements.txt

USER 1001
ENV \
LANG=en_US.UTF-8 \
LC_ALL=en_US.UTF-8 \

RUN ansible --version
5 changes: 5 additions & 0 deletions jenkins-agents/jenkins-agent-ansible/requirements.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
molecule
paramiko
openshift
kubernetes
ansible-core==2.16.2
20 changes: 0 additions & 20 deletions jenkins-agents/jenkins-agent-ansible/ubi8.repo

This file was deleted.

29 changes: 23 additions & 6 deletions jenkins-agents/jenkins-agent-arachni/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,14 +1,31 @@
FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4
# Builder
FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder

ARG ARACHNI_VERSION=1.5.1
ARG WEB_VERSION=0.5.12
SHELL ["/bin/bash", "-c"]

WORKDIR /arachni
# renovate: datasource=github-releases depName=Arachni/arachni
ARG ARACHNI_VERSION=v1.5.1
ARG WEB_VERSION=0.5.12

RUN curl -sLo- https://github.com/Arachni/arachni/releases/download/v${ARACHNI_VERSION}/arachni-${ARACHNI_VERSION}-${WEB_VERSION}-linux-x86_64.tar.gz | tar xvz -C /arachni --strip-components=1 && \
RUN curl -L "https://github.com/Arachni/arachni/releases/download/${ARACHNI_VERSION}/arachni-${ARACHNI_VERSION//v}-${WEB_VERSION}-linux-x86_64.tar.gz" -o /tmp/arachni.tar.gz && \
tar --no-same-owner -xzf /tmp/arachni.tar.gz && \
mv "/arachni-${ARACHNI_VERSION//v}-${WEB_VERSION}" /arachni && \
chown -R root:root /arachni && \
chmod -R 775 /arachni

COPY reporters ./system/gems/gems/arachni-${ARACHNI_VERSION}/components/reporters
# Runnable
FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14

LABEL name="redhat-cop/jenkins-agent-arachni" \
io.k8s.display-name="Jenkins Agent Arachni" \
io.k8s.description="The jenkins agent arachni." \
com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-arachni"

COPY --from=builder /arachni /arachni
COPY reporters /arachni/system/gems/gems/arachni-${ARACHNI_VERSION}/components/reporters

WORKDIR /arachni

USER 1001

RUN /arachni/bin/arachni --version
Loading

0 comments on commit b65ea74

Please sign in to comment.