From a2a08d0f816973bc9616486239ed0a8e20dbcc36 Mon Sep 17 00:00:00 2001 From: Jacob Johansen Date: Wed, 30 Jun 2021 16:10:22 -0500 Subject: [PATCH 1/4] add docker image build for aws to support ECR scanning --- Dockerfile.amazon2 | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 Dockerfile.amazon2 diff --git a/Dockerfile.amazon2 b/Dockerfile.amazon2 new file mode 100644 index 00000000..25b37eab --- /dev/null +++ b/Dockerfile.amazon2 @@ -0,0 +1,37 @@ +FROM amazonlinux:2 + +# This Dockerfile is much lighter but won't work with gke whitelisting. Getting this error when the google gke sdk is called: +# +# Error loading shared library ld-linux-x86-64.so.2: No such file or directory #986 +# +# If you don't need gke whitelisting, then this image should work and is lighter. + +ENV AWS_DEFAULT_REGION "us-east-1" + +# https://github.com/sgerrand/alpine-pkg-glibc/releases +ENV KUBERNETES_VER=1.19.0 + +RUN amazon-linux-extras install ruby3.0 -y \ + && amazon-linux-extras install python3.8 -y \ + && amazon-linux-extras install docker -y + + RUN yum -y install curl wget jq unzip gcc ruby-devel make + +RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \ + && unzip awscliv2.zip \ + && ./aws/install + +RUN wget https://storage.googleapis.com/kubernetes-release/release/v${KUBERNETES_VER}/bin/linux/amd64/kubectl +RUN chmod u+x kubectl && mv kubectl /bin/kubectl + +WORKDIR /app +ADD . /app +RUN bundle install +RUN rake install + +RUN yum -y remove wget jq unzip gcc ruby-devel make +RUN yum -y autoremove +RUN yum clean all && rm -rf /var/cache/yum + + +ENTRYPOINT ["/usr/local/bundle/bin/kubes"] From 1de484e64edd0e6725f8035d94b4e1a5b9bd1bfd Mon Sep 17 00:00:00 2001 From: Jacob Johansen Date: Wed, 30 Jun 2021 16:22:04 -0500 Subject: [PATCH 2/4] add basic gitlab pipeline to build and self register image in project --- .gitlab-ci.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 00000000..3d89a376 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,29 @@ +--- +variables: + DEFAULT_DOCKER_FILE: "Dockerfile.amazon2" + +build-n-push-latest: + stage: build + image: docker:stable + rules: + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + services: + - docker:dind + stage: prepare + script: + - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY + - docker build -t $CI_REGISTRY/$CI_PROJECT_PATH_SLUG/kubes:latest -f $DEFAULT_DOCKER_FILE . + - docker push $CI_REGISTRY/$CI_PROJECT_PATH_SLUG/kubes:latest + +build-n-push-version: + stage: build + image: docker:stable + rules: + - if: $CI_COMMIT_TAG =~ /[v][0-9]+[.][0-9]+[.][0-9]+/ + services: + - docker:dind + stage: prepare + script: + - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY + - docker build -t $CI_REGISTRY/$CI_PROJECT_PATH_SLUG/kubes:CI_COMMIT_TAG -f $DEFAULT_DOCKER_FILE . + - docker push $CI_REGISTRY/$CI_PROJECT_PATH_SLUG/kubes:$CI_COMMIT_TAG From c1fa199462cd222b07f34b192775c06277805790 Mon Sep 17 00:00:00 2001 From: Jacob Johansen Date: Wed, 30 Jun 2021 17:29:05 -0500 Subject: [PATCH 3/4] add basic gitlab pipeline to build and self register image in project --- .gitlab-ci.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3d89a376..e8c7cabc 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -2,6 +2,9 @@ variables: DEFAULT_DOCKER_FILE: "Dockerfile.amazon2" +stages: + - build + build-n-push-latest: stage: build image: docker:stable @@ -9,11 +12,10 @@ build-n-push-latest: - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH services: - docker:dind - stage: prepare script: - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - - docker build -t $CI_REGISTRY/$CI_PROJECT_PATH_SLUG/kubes:latest -f $DEFAULT_DOCKER_FILE . - - docker push $CI_REGISTRY/$CI_PROJECT_PATH_SLUG/kubes:latest + - docker build -t $CI_REGISTRY/$CI_PROJECT_PATH/kubes:latest -f $DEFAULT_DOCKER_FILE . + - docker push $CI_REGISTRY/$CI_PROJECT_PATH/kubes:latest build-n-push-version: stage: build @@ -22,8 +24,7 @@ build-n-push-version: - if: $CI_COMMIT_TAG =~ /[v][0-9]+[.][0-9]+[.][0-9]+/ services: - docker:dind - stage: prepare script: - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - - docker build -t $CI_REGISTRY/$CI_PROJECT_PATH_SLUG/kubes:CI_COMMIT_TAG -f $DEFAULT_DOCKER_FILE . - - docker push $CI_REGISTRY/$CI_PROJECT_PATH_SLUG/kubes:$CI_COMMIT_TAG + - docker build -t $CI_REGISTRY/$CI_PROJECT_PATH/kubes:CI_COMMIT_TAG -f $DEFAULT_DOCKER_FILE . + - docker push $CI_REGISTRY/$CI_PROJECT_PATH/kubes:$CI_COMMIT_TAG From 92ee93e07e3479f6df72b2e6694291a3bcdf30e9 Mon Sep 17 00:00:00 2001 From: Jacob Johansen Date: Wed, 30 Jun 2021 19:00:24 -0500 Subject: [PATCH 4/4] add libxml to support aws sdk --- Dockerfile.amazon2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.amazon2 b/Dockerfile.amazon2 index 25b37eab..9a569873 100644 --- a/Dockerfile.amazon2 +++ b/Dockerfile.amazon2 @@ -15,7 +15,7 @@ RUN amazon-linux-extras install ruby3.0 -y \ && amazon-linux-extras install python3.8 -y \ && amazon-linux-extras install docker -y - RUN yum -y install curl wget jq unzip gcc ruby-devel make + RUN yum -y install curl wget jq unzip gcc ruby-devel make libxml RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \ && unzip awscliv2.zip \