diff --git a/common/jenkins-agents/golang/docker/Dockerfile.ubi9 b/common/jenkins-agents/golang/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..08e885aa7 --- /dev/null +++ b/common/jenkins-agents/golang/docker/Dockerfile.ubi9 @@ -0,0 +1,27 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +ARG goDistributionUrl +ARG golangciVersion + +RUN yum install -y gcc gcc-c++ + +RUN cd /tmp && \ + curl -LfSso /tmp/go.tar.gz $goDistributionUrl && \ + tar -C /usr/local -xzf go.tar.gz && \ + rm -f /tmp/go.tar.gz && \ + cd - && \ + mkdir /go && \ + /usr/local/go/bin/go version + +ENV PATH $PATH:/usr/local/go/bin +ENV GOBIN /usr/local/bin + +COPY install-golangci-lint.sh /tmp/install-golangci-lint.sh +RUN /tmp/install-golangci-lint.sh -b /usr/local/bin $golangciVersion && \ + rm -f /tmp/install-golangci-lint.sh + +RUN go install github.com/jstemmer/go-junit-report/v2@v2.1.0 + +RUN mkdir -p /home/jenkins/go && chmod -R g+w /home/jenkins + +WORKDIR /go diff --git a/common/jenkins-agents/jdk/docker/Dockerfile.ubi8 b/common/jenkins-agents/jdk/docker/Dockerfile.ubi8 index 87e20335f..8bc3713be 100644 --- a/common/jenkins-agents/jdk/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/jdk/docker/Dockerfile.ubi8 @@ -1,8 +1,8 @@ FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest # Labels consumed by Red Hat build service -LABEL com.redhat.component="jenkins-agent-jdk-35-rhel7-container" \ - name="openshift4/jenkins-agent-jdk-35-rhel7" \ +LABEL com.redhat.component="jenkins-agent-jdk-35-rhel8-container" \ + name="openshift4/jenkins-agent-jdk-35-rhel8" \ architecture="x86_64" \ io.k8s.display-name="Jenkins Agent JDK" \ io.k8s.description="The jenkins agent jdk image has java 11, 17 and 21 installed on top of the jenkins agent base image." \ diff --git a/common/jenkins-agents/jdk/docker/Dockerfile.ubi9 b/common/jenkins-agents/jdk/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..d0b83fa1c --- /dev/null +++ b/common/jenkins-agents/jdk/docker/Dockerfile.ubi9 @@ -0,0 +1,85 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-jdk-35-rhel9-container" \ + name="openshift4/jenkins-agent-jdk-35-rhel9" \ + architecture="x86_64" \ + io.k8s.display-name="Jenkins Agent JDK" \ + io.k8s.description="The jenkins agent jdk image has java 11, 17 and 21 installed on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,jdk" \ + maintainer="openshift-dev-services+jenkins@redhat.com" + +ARG nexusUrl +ARG nexusUsername +ARG nexusPassword + +ENV LANG=en_US.UTF-8 \ + LC_ALL=en_US.UTF-8 + +# Container support is now integrated in Java 11, the +UseCGroupMemoryLimitForHeap option has been pruned +ENV JAVA_TOOL_OPTIONS="-XX:+UnlockExperimentalVMOptions -Dsun.zip.disableMemoryMapping=true" + +# Workaround we use when running behind proxy +# Basically we put the proxy certificate in certs folder +# COPY certs/* /etc/pki/ca-trust/source/anchors/ +# RUN update-ca-trust force-enable && update-ca-trust extract + +# Install Java devel 11, 17 21 and binutils +# Note: use java scripts are executed to test the scripts but also use-j11.sh in called 3nd place to set is as default version +RUN yum install -y java-11-openjdk-devel java-17-openjdk-devel java-21-openjdk-devel binutils && \ + yum clean all -y && \ + rm -rf /var/cache/yum + +# Copy and use java scripts. +COPY use-j*.sh /usr/local/bin/ +RUN chmod +x /usr/local/bin/use-j*.sh && \ + chmod ugo+s /usr/local/bin/use-j*.sh && \ + sh -c 'chmod ugo+s $(which alternatives)' && \ + ls -la /usr/local/bin/use-j*.sh && \ + echo "--- STARTS JDK 11/17/21 TESTS ---" && \ + use-j11.sh && \ + use-j21.sh && \ + use-j17.sh && \ + echo "--- ENDS JDK 11/17/21 TESTS ---" + +# Set maven (nexus+proxy) and gradle (proxy) settings +ENV MAVEN_OPTS="-Duser.home=$HOME" \ + GRADLE_USER_HOME=/home/jenkins/.gradle +# TODO: Remove MAVEN_OPTS env once cri-o pushes the $HOME variable in /etc/passwd +ADD .m2/settings.xml $HOME/.m2/ +COPY set_maven_proxy.sh /tmp/set_maven_proxy.sh +COPY set_gradle_proxy.sh /tmp/set_gradle_proxy.sh +RUN mkdir -p $GRADLE_USER_HOME && \ + chmod +x /tmp/set_gradle_proxy.sh && \ + /tmp/set_gradle_proxy.sh && \ + mkdir -p $HOME/.m2 && \ + chmod +x /tmp/set_maven_proxy.sh && \ + mv $HOME/.m2/settings.xml $HOME/.m2/settings.xml.orig && \ + /tmp/set_maven_proxy.sh && \ + xpr=$(cat /tmp/mvn_proxy) && \ + xpr="${xpr//\//\\/}" && \ + xpr="${xpr//|/\\|}" && \ + cat $HOME/.m2/settings.xml.orig | sed -e "s||$xpr|g" > $HOME/.m2/settings.xml && \ + sed -i "s/__NEXUS_USER/$nexusUsername/gi" $HOME/.m2/settings.xml && \ + sed -i "s/__NEXUS_PW/$nexusPassword/gi" $HOME/.m2/settings.xml && \ + sed -i "s|__NEXUS_URL|$nexusUrl|gi" $HOME/.m2/settings.xml && \ + cat $HOME/.m2/settings.xml + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME && \ + chmod -c 666 /etc/pki/ca-trust/extracted/java/cacerts && \ + ls -la /etc/pki/ca-trust/extracted/java/cacerts + +# temporary java version switch bugfix +USER root +RUN chgrp -R 0 /var/lib/alternatives && \ + chmod -R g=u /var/lib/alternatives && \ + chgrp -R 0 /etc/alternatives && \ + chmod -R g=u /etc/alternatives && \ + chmod -R u+w /usr/bin && \ + chgrp -R 0 /usr/bin && \ + chmod -R g=u /usr/bin && \ + chgrp -R 0 /usr/share/man && \ + chmod -R g=u /usr/share/man + +USER 1001 diff --git a/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi8 b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi8 index b4b5e7634..8bd627b3d 100644 --- a/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi8 @@ -23,7 +23,7 @@ ENV NODEJS_VERSION=18 \ COPY contrib/bin/configure-agent /usr/local/bin/configure-agent # Generate machine ID -RUN dbus-uuidgen > /etc/machine-id +RUN cat /proc/sys/kernel/random/uuid > /etc/machine-id # Install NodeJS RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ @@ -39,7 +39,7 @@ RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERS # Install Cypress dependencies # https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo -COPY yum.repos.d/almalinux.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/almalinux8.repo /etc/yum.repos.d/almalinux.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ diff --git a/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..6b8ac9841 --- /dev/null +++ b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 @@ -0,0 +1,63 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-nodejs-18-rhel7-container" \ + name="openshift4/jenkins-agent-nodejs-18-rhel7" \ + architecture="x86_64" \ + io.k8s.display-name="Jenkins Agent Nodejs" \ + io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,nodejs" \ + maintainer="openshift-dev-services+jenkins@redhat.com" + +ARG nexusUrl +ARG nexusAuth + +ENV NODEJS_VERSION=18 \ + YARN_VERSION=1.22.18 \ + NPM_CONFIG_PREFIX=$HOME/.npm-global \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ + PATH=$HOME/.yarn/bin:$HOME/.config/yarn/global/node_modules/.bin:$HOME/node_modules/.bin/:$HOME/.npm-global/bin/:$PATH \ + LANG=en_US.UTF-8 \ + LC_ALL=en_US.UTF-8 + +COPY contrib/bin/configure-agent /usr/local/bin/configure-agent + +# Generate machine ID +RUN cat /proc/sys/kernel/random/uuid > /etc/machine-id + +# Install NodeJS +RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ + curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ + yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum clean all -y + +# Install Yarn +# https://classic.yarnpkg.com/en/docs/install +RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERSION + +# Install Cypress dependencies +# https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements +COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo +RUN yum repolist \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel nss libXScrnSaver alsa-lib \ + && yum install -y --enablerepo google-chrome google-chrome-stable \ + && yum install -y --enablerepo edge microsoft-edge-stable \ + && yum clean all -y + +RUN npm config set registry=$nexusUrl/repository/npmjs/ && \ + npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) && \ + npm config set email=no-reply@opendevstack.org && \ + npm config set strict-ssl=true && \ + yarn config set registry $nexusUrl/repository/npmjs/ -g && \ + echo node version: $(node --version) && \ + echo npm version: $(npm --version) && \ + echo npx version: $(npx --version) && \ + echo yarn version: $(yarn --version) + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME + +USER 1001 diff --git a/common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux.repo b/common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux8.repo similarity index 100% rename from common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux.repo rename to common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux8.repo diff --git a/common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file diff --git a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 index aba3bb7e9..ad4d72f2b 100644 --- a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 @@ -39,7 +39,7 @@ RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERS # Install Cypress dependencies # https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo -COPY yum.repos.d/almalinux.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/almalinux8.repo /etc/yum.repos.d/almalinux.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ diff --git a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..0eb0a8384 --- /dev/null +++ b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 @@ -0,0 +1,63 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-nodejs-20-rhel7-container" \ + name="openshift4/jenkins-agent-nodejs-20-rhel7" \ + architecture="x86_64" \ + io.k8s.display-name="Jenkins Agent Nodejs" \ + io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,nodejs" \ + maintainer="openshift-dev-services+jenkins@redhat.com" + +ARG nexusUrl +ARG nexusAuth + +ENV NODEJS_VERSION=20 \ + YARN_VERSION=1.22.19 \ + NPM_CONFIG_PREFIX=$HOME/.npm-global \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ + PATH=$HOME/.yarn/bin:$HOME/.config/yarn/global/node_modules/.bin:$HOME/node_modules/.bin/:$HOME/.npm-global/bin/:$PATH \ + LANG=en_US.UTF-8 \ + LC_ALL=en_US.UTF-8 + +COPY contrib/bin/configure-agent /usr/local/bin/configure-agent + +# Generate machine ID +RUN cat /proc/sys/kernel/random/uuid > /etc/machine-id + +# Install NodeJS +RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ + curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ + yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum clean all -y + +# Install Yarn +# https://classic.yarnpkg.com/en/docs/install +RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERSION + +# Install Cypress dependencies +# https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements +COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo +RUN yum repolist \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel nss libXScrnSaver alsa-lib \ + && yum install -y --enablerepo google-chrome google-chrome-stable \ + && yum install -y --enablerepo edge microsoft-edge-stable \ + && yum clean all -y + +RUN npm config set registry=$nexusUrl/repository/npmjs/ && \ + npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) && \ + npm config set email=no-reply@opendevstack.org && \ + npm config set strict-ssl=true && \ + yarn config set registry $nexusUrl/repository/npmjs/ -g && \ + echo node version: $(node --version) && \ + echo npm version: $(npm --version) && \ + echo npx version: $(npx --version) && \ + echo yarn version: $(yarn --version) + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME + +USER 1001 diff --git a/common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux.repo b/common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux8.repo similarity index 100% rename from common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux.repo rename to common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux8.repo diff --git a/common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file diff --git a/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi8 b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi8 index 5adc6a61b..76f794f09 100644 --- a/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi8 @@ -39,7 +39,7 @@ RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERS # Install Cypress dependencies # https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo -COPY yum.repos.d/almalinux.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/almalinux8.repo /etc/yum.repos.d/almalinux.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ diff --git a/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..173e3efd2 --- /dev/null +++ b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 @@ -0,0 +1,63 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-nodejs-22-rhel7-container" \ + name="openshift4/jenkins-agent-nodejs-22-rhel7" \ + architecture="x86_64" \ + io.k8s.display-name="Jenkins Agent Nodejs" \ + io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,nodejs" \ + maintainer="openshift-dev-services+jenkins@redhat.com" + +ARG nexusUrl +ARG nexusAuth + +ENV NODEJS_VERSION=22 \ + YARN_VERSION=1.22.19 \ + NPM_CONFIG_PREFIX=$HOME/.npm-global \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ + PATH=$HOME/.yarn/bin:$HOME/.config/yarn/global/node_modules/.bin:$HOME/node_modules/.bin/:$HOME/.npm-global/bin/:$PATH \ + LANG=en_US.UTF-8 \ + LC_ALL=en_US.UTF-8 + +COPY contrib/bin/configure-agent /usr/local/bin/configure-agent + +# Generate machine ID +RUN cat /proc/sys/kernel/random/uuid > /etc/machine-id + +# Install NodeJS +RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ + curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ + yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum clean all -y + +# Install Yarn +# https://classic.yarnpkg.com/en/docs/install +RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERSION + +# Install Cypress dependencies +# https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements +COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo +RUN yum repolist \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel nss libXScrnSaver alsa-lib \ + && yum install -y --enablerepo google-chrome google-chrome-stable \ + && yum install -y --enablerepo edge microsoft-edge-stable \ + && yum clean all -y + +RUN npm config set registry=$nexusUrl/repository/npmjs/ && \ + npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) && \ + npm config set email=no-reply@opendevstack.org && \ + npm config set strict-ssl=true && \ + yarn config set registry $nexusUrl/repository/npmjs/ -g && \ + echo node version: $(node --version) && \ + echo npm version: $(npm --version) && \ + echo npx version: $(npx --version) && \ + echo yarn version: $(yarn --version) + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME + +USER 1001 diff --git a/common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux.repo b/common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux8.repo similarity index 100% rename from common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux.repo rename to common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux8.repo diff --git a/common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..a8b694620 --- /dev/null +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -0,0 +1,53 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +LABEL maintainer="Gerard Castillo " + +ARG nexusHost +ARG nexusAuth + +ENV PYTHONUNBUFFERED=1 \ + PYTHONIOENCODING=UTF-8 \ + PIP_NO_CACHE_DIR=off \ + PATH=$JAVA_HOME/bin:$PATH + +# Install dependencies for Python build +RUN yum install -y gcc-c++ openssl-devel bzip2-devel libffi-devel zlib-devel autoconf automake libtool + +# Download, compile, and install Python 3.8 from source +RUN cd /usr/src && \ + wget https://www.python.org/ftp/python/3.8.12/Python-3.8.12.tgz && \ + tar xzf Python-3.8.12.tgz && \ + cd Python-3.8.12 && \ + ./configure --enable-optimizations && \ + make altinstall && \ + rm -f /usr/src/Python-3.8.12.tgz + +# Install pip, setuptools, and devel packages for Python 3.8 +RUN wget https://bootstrap.pypa.io/get-pip.py && \ + python3.8 get-pip.py && \ + rm get-pip.py && \ + python3.8 -m pip install --upgrade setuptools + +RUN yum install -y python3.9 python3.9-pip python3.9-devel python3.9-setuptools --allowerasing && \ + yum install -y python3.11 python3.11-pip python3.11-devel python3.11-setuptools --allowerasing && \ + yum install -y python3.12 python3.12-pip python3.12-devel python3.12-setuptools --allowerasing && \ + yum -y clean all + +RUN pipVersions=( pip3.8 pip3.9 pip3.11 pip3.12 ); \ + for pipV in "${pipVersions[@]}"; \ + do \ + if [ ! -z ${nexusHost} ] && [ ! -z ${nexusAuth} ]; \ + then $pipV config set global.index-url https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ + && $pipV config set global.trusted-host ${nexusHost} \ + && $pipV config set global.extra-index-url https://pypi.org/simple; \ + fi; \ + $pipV config set global.cert /etc/ssl/certs/ca-bundle.crt && \ + $pipV install --upgrade pip --user && \ + $pipV install virtualenv==20.26.3 setuptools==72.2.0 Cython==3.0.11 pypandoc==1.13; \ + done; + +# Enables default user to access $HOME folder +RUN chown -R 1001:0 $HOME && \ + chmod -R a+rw $HOME + +USER 1001 diff --git a/common/jenkins-agents/rust/docker/Dockerfile.ubi9 b/common/jenkins-agents/rust/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..5a142e29b --- /dev/null +++ b/common/jenkins-agents/rust/docker/Dockerfile.ubi9 @@ -0,0 +1,49 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +LABEL maintainer="Gerard C.L. " + +ARG rustVersion +ARG rustToolchain +ARG cargoNextestVersion +ARG cargoLlvmCovVersion +ARG cargoGenerateVersion +ARG cargoDenyVersion + +ENV PATH="$HOME/.cargo/bin:$PATH" +ENV USER="rust-agent" +ENV CARGO_NEXTEST_VERSION=${cargoNextestVersion} \ + CARGO_LLVM_COV_VERSION=${cargoLlvmCovVersion} \ + CARGO_GENERATE_VERSION=${cargoGenerateVersion} \ + CARGO_DENY_VERSION=${cargoDenyVersion} + +RUN yum install -y binutils cpp gcc glibc-devel glibc-headers kernel-headers libasan libatomic \ + libgomp libmpc libpkgconf libubsan libxcrypt-devel llvm-libs pkgconf pkgconf-m4 pkgconf-pkg-config \ + openssl-devel cpan perl-IPC-Cmd && \ + yum clean all -y && \ + rm -rf /var/cache/yum && \ + cpan install FindBin + +RUN cd /tmp && \ + curl -LfSsO https://static.rust-lang.org/dist/rust-${rustVersion}-${rustToolchain}.tar.gz && \ + tar -xzf rust-${rustVersion}-${rustToolchain}.tar.gz && \ + rm -f rust-${rustVersion}-${rustToolchain}.tar.gz && \ + cd rust-${rustVersion}-${rustToolchain} && \ + ./install.sh && \ + cargo -V && \ + mkdir -p $HOME/.cargo/bin && \ + # Download binaries and install to $HOME/.cargo/bin + curl --proto '=https' --tlsv1.2 -fsSL https://github.com/nextest-rs/nextest/releases/download/cargo-nextest-$CARGO_NEXTEST_VERSION/cargo-nextest-$CARGO_NEXTEST_VERSION-$rustToolchain.tar.gz | tar xzf - -C "$HOME/.cargo/bin" && \ + curl --proto '=https' --tlsv1.2 -fsSL https://github.com/cargo-generate/cargo-generate/releases/download/v$CARGO_GENERATE_VERSION/cargo-generate-v$CARGO_GENERATE_VERSION-$rustToolchain.tar.gz | tar xzf - -C "$HOME/.cargo/bin" && \ + # curl --proto '=https' --tlsv1.2 -fsSL https://github.com/taiki-e/cargo-llvm-cov/releases/download/v$CARGO_LLVM_COV_VERSION/cargo-llvm-cov-$rustToolchain.tar.gz | tar xzf - -C "$HOME/.cargo/bin" && \ + # cargo LLVM coverage crate is recommended to be compiled as it takes care to add the OS lib dependencies the proper way + cargo install cargo-llvm-cov --locked --version $CARGO_LLVM_COV_VERSION && \ + # install cargo deny as release sources do not provide our rust toolchain target + cargo install cargo-deny --locked --version $CARGO_DENY_VERSION && \ + cargo --version && \ + cargo nextest --version && \ + cargo llvm-cov --version && \ + cargo generate --version && \ + cargo deny --version + +RUN chgrp -R 0 $HOME/.cargo && \ + chmod -R g=u $HOME/.cargo diff --git a/common/jenkins-agents/scala/docker/Dockerfile.ubi9 b/common/jenkins-agents/scala/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..c6b15663d --- /dev/null +++ b/common/jenkins-agents/scala/docker/Dockerfile.ubi9 @@ -0,0 +1,68 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +LABEL maintainer="Jan Frank " + +ARG nexusUrl +ARG nexusUsername +ARG nexusPassword + +# Container support is now integrated in Java 11, the +UseCGroupMemoryLimitForHeap option has been pruned +ENV JAVA_TOOL_OPTIONS="-XX:+UnlockExperimentalVMOptions -Dsun.zip.disableMemoryMapping=true" + +# Install sbt and java devel 11/17 +ENV SBT_VERSION=1.8.2 +ENV SBT_CREDENTIALS="$HOME/.sbt/.credentials" +RUN rm -f /etc/yum.repos.d/bintray-rpm.repo && \ + curl -L https://www.scala-sbt.org/sbt-rpm.repo > sbt-rpm.repo && \ + mv sbt-rpm.repo /etc/yum.repos.d/ && \ + yum -y install sbt-$SBT_VERSION java-11-openjdk-devel java-17-openjdk-devel && \ + yum clean all && \ + rm -rf /var/cache/yum + +# Copy use java scripts. +COPY use-j*.sh /usr/local/bin/ +RUN chmod +x /usr/local/bin/use-j*.sh && \ + chmod ugo+s /usr/local/bin/use-j*.sh && \ + sh -c 'chmod ugo+s $(which alternatives)' && \ + ls -la /usr/local/bin/use-j*.sh && \ + echo "--- STARTS JDK 11/17 TESTS ---" && \ + use-j11.sh && \ + use-j17.sh && \ + echo "--- ENDS JDK 11/17 TESTS ---" + +COPY sbtconfig/repositories $HOME/.sbt/repositories +COPY sbtconfig/credentials.sbt $HOME/.sbt/1.0/plugins/credentials.sbt +COPY sbtconfig/credentials $HOME/.sbt/.credentials +COPY sbtconfig/sbtopts /etc/sbt/sbtopts +COPY set_sbt_proxy.sh /tmp/set_sbt_proxy.sh + +RUN cat $HOME/.sbt/repositories | sed -e "s|NEXUS_URL|$nexusUrl|g" > $HOME/.sbt/repositories.tmp && \ + mv $HOME/.sbt/repositories.tmp $HOME/.sbt/repositories && \ + nexusHost=$(echo $nexusUrl | sed -e "s|https://||g" | sed -e "s|http://||g") && \ + nexusHost=$(echo $nexusHost | sed -e "s|:.*||g") && \ + sed -i.bak -e "s|NEXUS_HOST|$nexusHost|g" $HOME/.sbt/.credentials && \ + sed -i.bak -e "s|NEXUS_USERNAME|$nexusUsername|g" $HOME/.sbt/.credentials && \ + sed -i.bak -e "s|NEXUS_PASSWORD|$nexusPassword|g" $HOME/.sbt/.credentials && \ + rm $HOME/.sbt/.credentials.bak && \ + cd /tmp && \ + /tmp/set_sbt_proxy.sh && \ + if [ ! -f "/usr/bin/sbt" ]; then echo "sbt path /usr/bin/sbt could not be found"; exit 1 ; fi + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME && \ + chmod -c 666 /etc/pki/ca-trust/extracted/java/cacerts && \ + ls -la /etc/pki/ca-trust/extracted/java/cacerts + +# temporary java version switch bugfix +USER root +RUN chgrp -R 0 /var/lib/alternatives && \ + chmod -R g=u /var/lib/alternatives && \ + chgrp -R 0 /etc/alternatives && \ + chmod -R g=u /etc/alternatives && \ + chmod -R u+w /usr/bin && \ + chgrp -R 0 /usr/bin && \ + chmod -R g=u /usr/bin && \ + chgrp -R 0 /usr/share/man && \ + chmod -R g=u /usr/share/man + +USER 1001 \ No newline at end of file diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..6586a4706 --- /dev/null +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -0,0 +1,219 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +LABEL maintainer="Erhard Wais , Frank Joas , Josef Hartmann , Steve Taylor " + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-terraform-ubi8-docker" \ + name="openshift/jenkins-agent-terraform-ubi8" \ + version="0.1" \ + architecture="x86_64" \ + release="1" \ + io.k8s.display-name="Jenkins Agent Terraform" \ + io.k8s.description="The jenkins agent image has terraform and other tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,terraform,aws,azure" + +ARG nexusUrl +ARG nexusAuth +ARG NPMJS_REGISTRY_FLAG + +ENV TERRAFORM_VERSION=1.4.6 \ + TERRAFORM_CONFIG_INSPECT_VERSION=0.2.0 \ + TERRAFORM_DOCS_VERSION=v0.16.0 \ + RUBY_VERSION=3.2.2 \ + PACKER_VERSION=1.8.7 \ + CONSUL_VERSION=1.15.2 \ + TFENV_VERSION=3.0.0 \ + TFLINT_VERSION=0.46.1 \ + NODEJS_VERSION=18 \ + BUNDLER_VERSION=2.4.13 \ + AGE_VERSION=1.1.1 \ + GEM_HOME=/opt/bundle \ + RBENV_ROOT=/opt/rbenv \ + RBENV_SHELL=bash \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem + +ENV INSTALL_PKGS="yum-utils gcc git-core zlib zlib-devel gcc-c++ patch \ + python3.9 python3.9-pip python3.9-setuptools \ + python3.11 python3.11-pip python3.11-setuptools \ + readline \ + libffi-devel libyaml-devel openssl-devel bzip2 bzip2-devel autoconf sqlite-devel xz \ + jq parallel" +ENV INSTALL_DNF_PKGS="readline-devel bison automake libtool" +ENV PATH=/opt/tfenv/bin:/opt/rbenv/shims:/opt/rbenv/bin:/opt/node/bin:$PATH +ENV HOME=/home/jenkins + +RUN sh -c "rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm || true" +COPY python_requirements /tmp/requirements.txt + +# Workaroud we use when running behind proxy +# Basically we put the proxy certificate in certs folder +# COPY certs/* /etc/pki/ca-trust/source/anchors/ +# RUN update-ca-trust force-enable && update-ca-trust extract + +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux.repo +RUN sed -i 's@^\s*enabled\s*=.*$@enabled = 1@g' /etc/yum.repos.d/*.repo \ + && sed -i 's@^\s*enabled\s*=.*$@enabled = 0@g' /etc/yum.repos.d/almalinux.repo \ + && grep -i '\(name\|enabled\)' /etc/yum.repos.d/*.repo + +RUN set -x \ + && dnf -y repolist \ + && dnf -y install $INSTALL_PKGS \ + && dnf -y install --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS \ + && dnf clean all + +# Download, compile, and install Python 3.8 from source +RUN cd /usr/src && \ + wget https://www.python.org/ftp/python/3.8.12/Python-3.8.12.tgz && \ + tar xzf Python-3.8.12.tgz && \ + cd Python-3.8.12 && \ + ./configure --enable-optimizations && \ + make altinstall && \ + rm -f /usr/src/Python-3.8.12.tgz + +# Install pip, setuptools, and devel packages for Python 3.8 +RUN wget https://bootstrap.pypa.io/get-pip.py && \ + python3.8 get-pip.py && \ + rm get-pip.py && \ + python3.8 -m pip install --upgrade setuptools + +# Upgrade pip +RUN pipVersions=( pip3 pip3.8 pip3.9 pip3.11 ); \ + for pipV in "${pipVersions[@]}"; \ + do \ + if [ ! -z ${nexusHost} ] && [ ! -z ${nexusAuth} ]; \ + then $pipV config set global.index-url https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ + && $pipV config set global.trusted-host ${nexusHost} \ + && $pipV config set global.extra-index-url https://pypi.org/simple; \ + fi; \ + $pipV config set global.cert /etc/ssl/certs/ca-bundle.crt && \ + $pipV install --upgrade pip --user && \ + $pipV install virtualenv pycodestyle; \ + done; \ + update-alternatives --install /usr/bin/python python /usr/bin/python3.11 1 \ + && update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.11 1 + +# Install python requirements +RUN dnf remove python3.8-chardet -y \ + && python3.8 -m pip install -r /tmp/requirements.txt \ + && dnf remove python3.9-chardet -y \ + && python3.9 -m pip install -r /tmp/requirements.txt \ + && dnf remove python3.11-chardet -y \ + && python3.11 -m pip install -r /tmp/requirements.txt \ + && rm -f /tmp/requirements.txt + +# Install awscli2 +RUN curl -sSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \ + && unzip -qq awscliv2.zip \ + && ./aws/install \ + && rm -f awscliv2.zip \ + && rm -Rf ./aws + +# Install awssamcli +RUN curl -sSL "https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip" -o "awssam.zip" \ + && unzip -qq -d awssam awssam.zip \ + && ./awssam/install && rm -f awssam.zip && rm -Rf ./awssam + +# Install NodeJS +RUN INSTALL_NODE="nodejs nodejs-nodemon" \ + && curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - \ + && yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_NODE \ + && rpm -V $INSTALL_NODE \ + && yum clean all -y \ + && rm -rf /var/cache/yum \ + && npm config set registry=$nexusUrl/repository/npmjs/ \ + && npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) \ + && npm config set email=no-reply@opendevstack.org \ + && npm config set strict-ssl=true + +# Install aws cdk +RUN npm install -g ${NPMJS_REGISTRY_FLAG} aws-cdk \ + && node --version \ + && cdk --version + +# Install terraform +RUN wget -q -O /tmp/terraform.zip "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip" \ + && unzip /tmp/terraform.zip -d /usr/local/bin \ + && rm -rf /tmp/terraform.zip \ + && terraform -h + +# Install tfenv +RUN umask 0002 && cd /opt && git clone --branch v${TFENV_VERSION} https://github.com/tfutils/tfenv.git \ + && TFENV_CURL_OUTPUT=0 /opt/tfenv/bin/tfenv install ${TERRAFORM_VERSION} \ + && /opt/tfenv/bin/tfenv use ${TERRAFORM_VERSION} \ + && chown -R 1001:0 /opt/tfenv \ + && chmod +x /opt/tfenv/bin/* \ + && terraform -version \ + && tfenv list + +# Install tflint +RUN wget -q -O /tmp/tflint.zip "https://github.com/terraform-linters/tflint/releases/download/v${TFLINT_VERSION}/tflint_linux_amd64.zip" \ + && unzip /tmp/tflint.zip -d /usr/local/bin \ + && rm -rf /tmp/tflint.zip \ + && tflint --version + +# Install packer +RUN wget -q -O /tmp/packer.zip "https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_amd64.zip" \ + && unzip /tmp/packer.zip -d /usr/local/bin \ + && rm -rf /tmp/packer.zip \ + && packer --version + +# Install terraform-config-inspect +RUN wget -q -O /tmp/terraform-config-inspect.tar.gz https://github.com/nichtraunzer/terraform-config-inspect/releases/download/v${TERRAFORM_CONFIG_INSPECT_VERSION}/terraform-config-inspect_${TERRAFORM_CONFIG_INSPECT_VERSION}_linux_amd64.tar.gz \ + && tar zxpf /tmp/terraform-config-inspect.tar.gz -C /usr/local/bin/ \ + && rm -f /tmp/terraform-config-inspect.tar.gz \ + && chmod 755 /usr/local/bin/terraform-config-inspect + +# Install terraform-docs +RUN wget -q -O /tmp/terraform-docs.tar.gz https://github.com/terraform-docs/terraform-docs/releases/download/${TERRAFORM_DOCS_VERSION}/terraform-docs-${TERRAFORM_DOCS_VERSION}-linux-amd64.tar.gz \ + && tar zxpf /tmp/terraform-docs.tar.gz -C /usr/local/bin/ terraform-docs \ + && chmod +x /usr/local/bin/terraform-docs + +# Install consul-cli +RUN wget -q "https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_amd64.zip" \ + && unzip consul_${CONSUL_VERSION}_linux_amd64.zip -d /usr/local/bin \ + && rm -f consul_${CONSUL_VERSION}_linux_amd64.zip \ + && chmod +x /usr/local/bin/consul \ + && /usr/local/bin/consul -version + +# Install age +RUN wget -q -O /tmp/age.tar.gz https://github.com/FiloSottile/age/releases/download/v${AGE_VERSION}/age-v${AGE_VERSION}-linux-amd64.tar.gz \ + && tar xzf /tmp/age.tar.gz -C /usr/local/bin \ + && rm -f /tmp/age.tar.gz + +RUN chmod +t /tmp \ + && chown -R 1001:0 $HOME \ + && chmod -R g+rwX $HOME \ + && mkdir -p $GEM_HOME \ + && chmod 2770 $GEM_HOME + +COPY Gemfile Gemfile.lock $GEM_HOME/ + +RUN chown -R 1001:0 $GEM_HOME \ + && chmod -R g+rw $GEM_HOME \ + && ls -lisa /home/jenkins $GEM_HOME + +# Setup ruby env and bundler gems +# RUBY https://syslint.com/blog/tutorial/how-to-install-ruby-on-rails-with-rbenv-on-centos-7-or-rhel-7/ +RUN cd /opt \ + && umask 0002 \ + && git clone https://github.com/rbenv/rbenv.git /opt/rbenv \ + && echo 'export PATH="/opt/rbenv/shims:/opt/rbenv/bin:$PATH"' >> ~/.bash_profile \ + && echo 'eval "$(rbenv init -)"' >> ~/.bash_profile \ + && source ~/.bash_profile \ + && git clone https://github.com/rbenv/ruby-build.git /opt/rbenv/plugins/ruby-build \ + && echo 'export PATH="/opt/rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bash_profile \ + && source ~/.bash_profile \ + && MAKE_OPTS='-j 4' rbenv install $RUBY_VERSION \ + && rbenv global $RUBY_VERSION \ + && gem install bundler -v $BUNDLER_VERSION \ + && RBENV_VERSION=$RUBY_VERSION gem install bundler -v $BUNDLER_VERSION \ + && bundle config default $BUNDLER_VERSION \ + && RBENV_VERSION=$RUBY_VERSION bundle config default $BUNDLER_VERSION \ + && bundle config set --global path $GEM_HOME \ + && RBENV_VERSION=$RUBY_VERSION bundle config set --global path $GEM_HOME \ + && cd $GEM_HOME \ + && BUNDLE_SILENCE_ROOT_WARNING=true bundle install --full-index --jobs=8 \ + && rm -Rf /home/jenkins/.bundle/cache + +USER 1001 + diff --git a/common/jenkins-agents/terraform-2306/docker/python_requirements b/common/jenkins-agents/terraform-2306/docker/python_requirements index 2f647a27f..40e1ca749 100644 --- a/common/jenkins-agents/terraform-2306/docker/python_requirements +++ b/common/jenkins-agents/terraform-2306/docker/python_requirements @@ -3,7 +3,7 @@ boto3~=1.26 requests~=2.27 simplejson~=3.19 argparse~=1.4 -botocore +botocore~=1.37 pipenv~=2023.4 python-hcl2~=2.0 pre-commit~=3.3.1 diff --git a/common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..32d508d7a --- /dev/null +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -0,0 +1,219 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +LABEL maintainer="Erhard Wais , Frank Joas , Josef Hartmann , Steve Taylor " + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-terraform-ubi8-docker" \ + name="openshift/jenkins-agent-terraform-ubi8" \ + version="0.1" \ + architecture="x86_64" \ + release="1" \ + io.k8s.display-name="Jenkins Agent Terraform" \ + io.k8s.description="The jenkins agent image has terraform and other tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,terraform,aws,azure" + +ARG nexusUrl +ARG nexusAuth +ARG NPMJS_REGISTRY_FLAG + +ENV TERRAFORM_VERSION=1.9.4 \ + TERRAFORM_CONFIG_INSPECT_VERSION=0.2.0 \ + TERRAFORM_DOCS_VERSION=v0.18.0 \ + RUBY_VERSION=3.3.4 \ + PACKER_VERSION=1.11.2 \ + CONSUL_VERSION=1.19.1 \ + TENV_VERSION=3.0.0 \ + TENV_AUTO_INSTALL=true \ + TENV_ROOT=/opt/tenv \ + GO_VERSION=1.21.13 \ + GOBIN=/usr/local/go/bin \ + TFLINT_VERSION=0.52.0 \ + NODEJS_VERSION=20 \ + BUNDLER_VERSION=2.5.17 \ + AGE_VERSION=1.2.0 \ + GEM_HOME=/opt/bundle \ + RBENV_ROOT=/opt/rbenv \ + RBENV_SHELL=bash \ + TASK_VERSION=3.38.0 \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem + +ENV INSTALL_PKGS="yum-utils gcc git-core zlib zlib-devel gcc-c++ patch \ + python3.9 python3.9-pip python3.9-setuptools \ + python3.11 python3.11-pip python3.11-setuptools \ + python3.12 python3.12-pip python3.12-setuptools \ + readline \ + libffi-devel libyaml-devel openssl-devel bzip2 autoconf sqlite-devel xz \ + jq parallel" +ENV INSTALL_DNF_PKGS="readline-devel bison automake libtool xorriso" +ENV PATH=/opt/rbenv/shims:/opt/rbenv/bin:/opt/node/bin:/usr/bin:/usr/local/go/bin:$PATH +ENV HOME=/home/jenkins + +RUN sh -c "rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm || true" +COPY python_requirements /tmp/requirements.txt + +# Workaroud we use when running behind proxy +# Basically we put the proxy certificate in certs folder +# COPY certs/* /etc/pki/ca-trust/source/anchors/ +# RUN update-ca-trust force-enable && update-ca-trust extract + +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux.repo +RUN sed -i 's@^\s*enabled\s*=.*$@enabled = 1@g' /etc/yum.repos.d/*.repo \ + && sed -i 's@^\s*enabled\s*=.*$@enabled = 0@g' /etc/yum.repos.d/almalinux.repo \ + && grep -i '\(name\|enabled\)' /etc/yum.repos.d/*.repo + +RUN set -x \ + && dnf -y repolist \ + && dnf -y install $INSTALL_PKGS \ + && dnf -y install --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS + +# Upgrade pip +RUN pipVersions=( pip3 pip3.9 pip3.11 pip3.12 ); \ + for pipV in "${pipVersions[@]}"; \ + do \ + if [ ! -z ${nexusHost} ] && [ ! -z ${nexusAuth} ]; \ + then $pipV config set global.index-url https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ + && $pipV config set global.trusted-host ${nexusHost} \ + && $pipV config set global.extra-index-url https://pypi.org/simple; \ + fi; \ + $pipV config set global.cert /etc/ssl/certs/ca-bundle.crt && \ + $pipV install --upgrade pip --user && \ + $pipV install --force-reinstall chardet && \ + $pipV install virtualenv pycodestyle; \ + done; \ + update-alternatives --install /usr/bin/python python /usr/bin/python3.12 1 \ + && update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.12 1 + +# Install python requirements +RUN dnf remove python3.9-chardet -y \ + && python3.9 -m pip install -r /tmp/requirements.txt \ + && dnf remove python3.11-chardet -y \ + && python3.11 -m pip install -r /tmp/requirements.txt \ + && dnf remove python3.12-chardet -y \ + && python3.12 -m pip install -r /tmp/requirements.txt \ + && rm -f /tmp/requirements.txt + +# Install awscli2 +RUN curl -sSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \ + && unzip -qq awscliv2.zip \ + && ./aws/install \ + && rm -f awscliv2.zip \ + && rm -Rf ./aws + +# Install awssamcli +RUN curl -sSL "https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip" -o "awssam.zip" \ + && unzip -qq -d awssam awssam.zip \ + && ./awssam/install && rm -f awssam.zip && rm -Rf ./awssam + +# Install NodeJS +RUN INSTALL_NODE="nodejs nodejs-nodemon" \ + && curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - \ + && yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_NODE \ + && rpm -V $INSTALL_NODE \ + && yum clean all -y \ + && rm -rf /var/cache/yum \ + && npm config set registry=$nexusUrl/repository/npmjs/ \ + && npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) \ + && npm config set email=no-reply@opendevstack.org \ + && npm config set strict-ssl=true + +# Install aws cdk +RUN npm install -g ${NPMJS_REGISTRY_FLAG} aws-cdk \ + && node --version \ + && cdk --version + +# Install tenv & install terraform +RUN mkdir -p "${TENV_ROOT}" && chmod 2775 "${TENV_ROOT}" && chown 1001:0 "${TENV_ROOT}" \ + && dnf install -y https://github.com/tofuutils/tenv/releases/download/v${TENV_VERSION}/tenv_v${TENV_VERSION}_amd64.rpm \ + && dnf clean all \ + && tenv tf install ${TERRAFORM_VERSION} \ + && tenv tf use ${TERRAFORM_VERSION} \ + && tenv version \ + && terraform -version \ + && tenv tf list \ + && echo 'export PATH=$(/usr/bin/tenv update-path)' > /etc/profile.d/tenv.sh \ + && chown -R 1001:0 "${TENV_ROOT}" \ + && chmod -R 2775 "${TENV_ROOT}" + +# Install GO for terratest +RUN cd /tmp \ + && curl -LfSso /tmp/go.tar.gz https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz \ + && tar -C /usr/local -xzf go.tar.gz \ + && rm -f /tmp/go.tar.gz \ + && /usr/local/go/bin/go version + +# Install go-task +RUN sh -c "$(curl --location https://taskfile.dev/install.sh)" -- -d v${TASK_VERSION} \ + && task --version + +# Install tflint +RUN wget -q -O /tmp/tflint.zip "https://github.com/terraform-linters/tflint/releases/download/v${TFLINT_VERSION}/tflint_linux_amd64.zip" \ + && unzip /tmp/tflint.zip -d /usr/local/bin \ + && rm -rf /tmp/tflint.zip \ + && tflint --version + +# Install packer +RUN wget -q -O /tmp/packer.zip "https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_amd64.zip" \ + && unzip /tmp/packer.zip -d /usr/local/bin packer \ + && rm -rf /tmp/packer.zip \ + && packer --version + +# Install terraform-config-inspect +RUN wget -q -O /tmp/terraform-config-inspect.tar.gz https://github.com/nichtraunzer/terraform-config-inspect/releases/download/v${TERRAFORM_CONFIG_INSPECT_VERSION}/terraform-config-inspect_${TERRAFORM_CONFIG_INSPECT_VERSION}_linux_amd64.tar.gz \ + && tar zxpf /tmp/terraform-config-inspect.tar.gz -C /usr/local/bin/ terraform-config-inspect \ + && rm -f /tmp/terraform-config-inspect.tar.gz \ + && chmod 755 /usr/local/bin/terraform-config-inspect + +# Install terraform-docs +RUN wget -q -O /tmp/terraform-docs.tar.gz https://github.com/terraform-docs/terraform-docs/releases/download/${TERRAFORM_DOCS_VERSION}/terraform-docs-${TERRAFORM_DOCS_VERSION}-linux-amd64.tar.gz \ + && tar zxpf /tmp/terraform-docs.tar.gz -C /usr/local/bin/ terraform-docs \ + && chmod +x /usr/local/bin/terraform-docs \ + && rm -f /tmp/terraform-docs.tar.gz + +# Install consul-cli +RUN wget -q "https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_amd64.zip" \ + && unzip consul_${CONSUL_VERSION}_linux_amd64.zip -d /usr/local/bin consul \ + && rm -f consul_${CONSUL_VERSION}_linux_amd64.zip \ + && chmod +x /usr/local/bin/consul \ + && /usr/local/bin/consul -version + +# Install age +RUN wget -q -O /tmp/age.tar.gz https://github.com/FiloSottile/age/releases/download/v${AGE_VERSION}/age-v${AGE_VERSION}-linux-amd64.tar.gz \ + && tar xzf /tmp/age.tar.gz -C /usr/local/bin \ + && rm -f /tmp/age.tar.gz + +RUN chmod +t /tmp \ + && chown -R 1001:0 $HOME \ + && chmod -R g+rwX $HOME \ + && mkdir -p $GEM_HOME \ + && chmod 2770 $GEM_HOME + +COPY Gemfile Gemfile.lock $GEM_HOME/ + +RUN chown -R 1001:0 $GEM_HOME \ + && chmod -R g+rw $GEM_HOME \ + && ls -lisa /home/jenkins $GEM_HOME + +# Setup ruby env and bundler gems +# RUBY https://syslint.com/blog/tutorial/how-to-install-ruby-on-rails-with-rbenv-on-centos-7-or-rhel-7/ +RUN cd /opt \ + && umask 0002 \ + && git clone https://github.com/rbenv/rbenv.git /opt/rbenv \ + && echo 'export PATH="/opt/rbenv/shims:/opt/rbenv/bin:$PATH"' >> ~/.bash_profile \ + && echo 'eval "$(rbenv init -)"' >> ~/.bash_profile \ + && source ~/.bash_profile \ + && git clone https://github.com/rbenv/ruby-build.git /opt/rbenv/plugins/ruby-build \ + && echo 'export PATH="/opt/rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bash_profile \ + && source ~/.bash_profile \ + && MAKE_OPTS='-j 4' rbenv install $RUBY_VERSION \ + && rbenv global $RUBY_VERSION \ + && gem install bundler -v $BUNDLER_VERSION \ + && RBENV_VERSION=$RUBY_VERSION gem install bundler -v $BUNDLER_VERSION \ + && bundle config default $BUNDLER_VERSION \ + && RBENV_VERSION=$RUBY_VERSION bundle config default $BUNDLER_VERSION \ + && bundle config set --global path $GEM_HOME \ + && RBENV_VERSION=$RUBY_VERSION bundle config set --global path $GEM_HOME \ + && cd $GEM_HOME \ + && BUNDLE_SILENCE_ROOT_WARNING=true bundle install --full-index --jobs=8 \ + && rm -Rf /home/jenkins/.bundle/cache + +USER 1001 diff --git a/common/jenkins-agents/terraform-2408/docker/python_requirements b/common/jenkins-agents/terraform-2408/docker/python_requirements index e85eaae86..e546ab4cb 100644 --- a/common/jenkins-agents/terraform-2408/docker/python_requirements +++ b/common/jenkins-agents/terraform-2408/docker/python_requirements @@ -3,7 +3,7 @@ boto3~=1.34 requests~=2.32 simplejson~=3.19 argparse~=1.4 -botocore +botocore~=1.37 pipenv~=2024.0 python-hcl2~=2.0 pre-commit~=3.8.0 diff --git a/common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file