FROM python:2-alpine3.11 as common CMD ["/bin/sh"] RUN apk --no-cache --update add git bash yaml sed lsof findutils diffutils RUN apk --no-cache --update add libxslt FROM common as builder RUN apk --update add curl ## would love to use args... but I need it as an environment variable ENV KAL_SHLIB_ARRAY_VERSION="0.2.0" \ KAL_SHLIB_CACHE_VERSION="0.0.1" \ KAL_SHLIB_CHARM_VERSION="0.5.3" \ KAL_SHLIB_CMDLINE_VERSION="0.0.5" \ KAL_SHLIB_COMMON_VERSION="0.4.22" \ KAL_SHLIB_CONFIG_VERSION="0.0.2" \ KAL_SHLIB_CORE_VERSION="0.7.0" \ KAL_SHLIB_FIREWALL_VERSION="0.2.0" \ KAL_SHLIB_DOCKER_VERSION="0.0.9" \ KAL_SHLIB_OTHER_VERSION="0.2.2" \ KAL_SHLIB_PRETTY_VERSION="0.4.3" ARG DOCKER_CLI_VERSION="17.06.2-ce" ARG DOCKER_COMPOSE_VERSION="1.24.0" ## install docker ENV DOCKER_DOWNLOAD_URL="https://download.docker.com/linux/static/stable/x86_64/docker-$DOCKER_CLI_VERSION.tgz" RUN mkdir -p /tmp/docker \ && curl -L "$DOCKER_DOWNLOAD_URL" | tar -xz -C /tmp/docker \ && mv /tmp/docker/docker/docker /usr/local/bin/ \ && rm -rf /tmp/docker ## install docker-compose # ENV DOCKER_COMPOSE_DOWNLOAD_URL="https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-Linux-x86_64" # RUN curl -L "$DOCKER_COMPOSE_DOWNLOAD_URL" > /usr/local/bin/docker-compose \ # && chmod +x /usr/local/bin/docker-compose ## install kal-shlibs RUN apk --update add binutils && \ mkdir /tmp/kal-shlibs && cd /tmp/kal-shlibs && \ export pkg && \ for pkg in core common array cache charm cmdline config firewall other pretty docker; do \ echo "Installing kal-shlib-$pkg" ; \ bash -c -- 'eval curl -L http://deb.kalysto.org/pool/no-dist/kal-alpha/kal-shlib-${pkg}_\${KAL_SHLIB_${pkg^^}_VERSION}-1_all.deb' > pkg.deb || exit 1 ; \ ar x pkg.deb || exit 1; \ tar xf /tmp/kal-shlibs/data.tar.* -C / || exit 1; \ rm /tmp/kal-shlibs/data.tar.* ; \ done ## install shyaml RUN apk add python-dev build-base RUN apk add yaml-dev cython cython-dev && \ pip install shyaml RUN pip install crudini RUN apk add libffi-dev openssl-dev && \ pip install pip==19.3.1 cffi==1.12.3 pyrsistent==0.16.0 docker==4.3.0 cryptography==3.0 \ git+https://github.com/0k/compose@run_ignore_orphans # docker-compose==$DOCKER_COMPOSE_VERSION # pip install git+https://github.com/vaab/colour@master ENV SCRIPT_CHARM_SHA="2da0d3f" \ SCRIPT_GIT_SUB_SHA="9c1c88b" \ SCRIPT_DUPD_SHA="08c71ec" \ SCRIPT_XPATH_SHA="0.4.5" RUN export pkg ; \ for pkg in charm git-sub dupd xpath; do \ echo "Getting $pkg..." ; \ bash -c -- 'varname=${pkg^^} ; varname=${varname//-/_} ; \ eval curl https://docker.0k.io/downloads/$pkg-\${SCRIPT_${varname^^}_SHA}' > \ /usr/local/bin/"$pkg" || exit 1 ; \ chmod +x /usr/local/bin/"$pkg" ; \ done RUN curl http://docker.0k.io/get/ca.0k.io.pem > /usr/local/share/ca-certificates/ca.0k.io.pem ##force install pyyaml with libyaml RUN cd /tmp && \ wget https://github.com/yaml/pyyaml/archive/5.4.1.tar.gz && \ tar xvzf 5.4.1.tar.gz && \ cd pyyaml-5.4.1 && \ pip install cython==0.29.32 && \ PYTHONPATH=/usr/lib/python2.7/site-packages python setup.py --with-libyaml install ## needed by 'xpath' script from kal-scripts for parsing html output RUN apk add libxslt-dev && \ pip install lxml==4.5.2 html5lib==1.1 webencodings==0.5.1 FROM common COPY --from=builder /etc/shlib /etc/shlib COPY --from=builder /usr/bin/bash-shlib /usr/bin/bash-shlib COPY --from=builder /usr/lib/shlib /usr/lib/shlib COPY --from=builder /usr/local /usr/local RUN cp /usr/local/share/ca-certificates/ca.0k.io.pem /etc/ssl/ca.0k.io.pem && \ apk add ca-certificates && update-ca-certificates && \ mkdir -p /etc/docker/certs.d/docker.0k.io && \ ln -sfn /etc/ssl/ca.0k.io.pem /etc/docker/certs.d/docker.0k.io/ca.crt ## requiring ``stdbuf`` for actions RUN apk add coreutils ## requiring ``openssl`` command for certificate generation in charms RUN apk add openssl ## requiring ``htpasswd`` command for BCrypt encryption RUN apk add apache2-utils ## requiring ``jq`` command for json querying/modifying in charms RUN apk add jq ## requiring ``getfacl/setfacl`` command for allowing to setup some permissions in charms RUN apk add acl ## required by git through ssh (for host-resources for instance) RUN apk add openssh-client ## handy in some charms to poke at some services RUN apk add curl wget ## handy in some charms or action to recode some output RUN apk add recode ## handy yaml2json converter for charm RUN wget https://github.com/bronze1man/yaml2json/releases/download/v1.3/yaml2json_linux_amd64 \ -O /usr/local/bin/yaml2json && \ chmod +x /usr/local/bin/yaml2json ## ``yq`` will probably replace shyaml RUN wget https://github.com/mikefarah/yq/releases/download/v4.26.1/yq_linux_amd64 \ -O /usr/local/bin/yq && \ chmod +x /usr/local/bin/yq ## handy in some charms or action to recode some output RUN apk add patch ## Fixing Let's encrypt CA issue from 2021-10-01, probably can remove ## with newer alpine version (was added with alpine 3.7.1) RUN sed -ri 's%^(mozilla/DST_Root_CA_X3.crt)%!\\1%g' /etc/ca-certificates.conf && \ update-ca-certificates ## install compose COPY ./bin/ /usr/local/bin/ ## Fixes Ctrl-C handling: ## see https://github.com/moby/moby/issues/2838#issuecomment-402491110 RUN apk add --no-cache tini # Tini is now available at /sbin/tini ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/compose-core"]