Updated the wolfi-base-image build (#55)

luke-kucing · web-flow · commit 70ac5f68ca71 · 2024-12-19T13:44:49.000-05:00
* changed from wget to aws cli to pull packages from s3. Removed the mesa install script since mesa-libgallium is now available in wolfi.

* fixed 1 linter problem in the dockerfile

* add aws creds to the ci workflow

* changed python version to just python-3.11 instead of a specific latest version
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -41,6 +41,12 @@ jobs:
           password: ${{ secrets.QUAY_IO_ROBOT_TOKEN }}
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v3
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
       - name: Download APKs for chainguard/wolfi-base
         env:
           ARCH: ${{ matrix.architecture }}
diff --git a/dockerfiles/wolfi-base/Dockerfile b/dockerfiles/wolfi-base/Dockerfile
@@ -6,11 +6,9 @@ COPY ./scripts/install-wolfi-tesseract.sh install-wolfi-tesseract.sh
 COPY ./scripts/install-wolfi-mesa-gl.sh install-wolfi-mesa-gl.sh
 
 USER root
-# NOTE(robinson) - the mesa-gl section is a temporary workaround to install mesa-gl 24.1.0 because
-# libgallum is missing in mesa-gl 24.2.0 from the wolfi package manager
 RUN apk update && \
-    apk add py3.11-pip glib cmake bash libmagic wget git openjpeg && \
-    ./install-wolfi-mesa-gl.sh && rm install-wolfi-mesa-gl.sh && \
+    apk add python-3.11 python-3.11-base py3.11-pip glib \
+      mesa-gl mesa-libgallium cmake bash libmagic wget git openjpeg && \
     apk add --allow-untrusted packages/pandoc-3.1.8-r0.apk && \
     apk add --allow-untrusted packages/poppler-23.09.0-r0.apk && \
     ./install-wolfi-tesseract.sh && rm install-wolfi-tesseract.sh && \
diff --git a/scripts/build-base-images.sh b/scripts/build-base-images.sh
@@ -6,7 +6,7 @@ BUILD_REPO="${BUILD_REPO:-build-base-images}"
 PIP_VERSION="${PIP_VERSION:-22.2.1}"
 GITHUB_REF="${GITHUB_REF:-none}"
 DOCKER_PLATFORM="${DOCKER_PLATFORM:-linux/amd64}"
-DOCKERFILE="${DOCKERFILE:-rocky9.2}"
+DOCKERFILE="${DOCKERFILE:-wolfi-base}"
 CI="${CI:-false}"
 SHORT_SHA="${SHORT_SHA:-$(git rev-parse --short HEAD)}"
 
diff --git a/scripts/docker-dl-wolfi-packages.sh b/scripts/docker-dl-wolfi-packages.sh
@@ -21,7 +21,7 @@ mkdir -p "${directory}"
 
 for file in "${files[@]}"; do
   echo "Downloading ${file}"
-  wget "https://utic-public-cf.s3.amazonaws.com/$file" -P "$directory"
+  aws s3 cp "s3://utic-public-cf/$file" "$directory/"
 done
 
 # NOTE(robinson) - renames the aarch64 specific APKs to replace -aarch.apk with .apk
