diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 5fc4e5a..2bfac31 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -65,7 +65,14 @@ jobs: fail-fast: false matrix: IMAGES: - - "library/fedora/31 library/fedora/32 library/fedora/33 library/fedora/34 library/fedora/latest library/fedora/rawhide" + - "library/fedora/rawhide" + - "library/fedora/latest" + - "library/fedora/42 library/fedora/41" + - "library/fedora/40 library/fedora/39 library/fedora/38 library/fedora/37" + - "library/fedora/36 library/fedora/35 library/fedora/34 library/fedora/33" + - "library/fedora/32 library/fedora/31 library/fedora/30 library/fedora/29" + - "library/fedora/28 library/fedora/27 library/fedora/26 library/fedora/25" + - "library/fedora/24 library/fedora/23 library/fedora/22 library/fedora/20" #- "corpusops/test/a corpusops/test/b corpusops/test/c" # all images that werent explicitly told to be built would be built in the next batches # we span them onto N jobs diff --git a/Dockerfile.args b/Dockerfile.args index cc6975d..bd8e2a9 100644 --- a/Dockerfile.args +++ b/Dockerfile.args @@ -1,11 +1,13 @@ ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers diff --git a/Dockerfile.base b/Dockerfile.base index c6199f3..0b00711 100755 --- a/Dockerfile.base +++ b/Dockerfile.base @@ -2,6 +2,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -16,14 +17,14 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go diff --git a/Dockerfile.clean b/Dockerfile.clean index af16813..ad62706 100644 --- a/Dockerfile.clean +++ b/Dockerfile.clean @@ -1,7 +1,11 @@ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' diff --git a/Dockerfile.labels b/Dockerfile.labels index f480af4..2c5356e 100644 --- a/Dockerfile.labels +++ b/Dockerfile.labels @@ -1 +1,2 @@ +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/Dockerfile.squash b/Dockerfile.squash new file mode 100644 index 0000000..6012c74 --- /dev/null +++ b/Dockerfile.squash @@ -0,0 +1,4 @@ +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" diff --git a/Dockerfile.squashexec b/Dockerfile.squashexec new file mode 100644 index 0000000..598dbe5 --- /dev/null +++ b/Dockerfile.squashexec @@ -0,0 +1,4 @@ +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] diff --git a/Dockerfile.squashpre b/Dockerfile.squashpre new file mode 100644 index 0000000..0c89fb5 --- /dev/null +++ b/Dockerfile.squashpre @@ -0,0 +1,2 @@ +ARG ANCESTOR=${_cops_BASE}:${_cops_VERSION} +ARG RSYNC=corpusops/rsync diff --git a/helpers/add_confd.sh b/helpers/add_confd.sh index 3a0d745..b0281be 100755 --- a/helpers/add_confd.sh +++ b/helpers/add_confd.sh @@ -3,6 +3,7 @@ SDEBUG=${SDEBUG-} GITHUB_PAT="${GITHUB_PAT:-$(echo 'OGUzNjkwMDZlMzNhYmNmMGRiNmE5Yjg1NWViMmJkNWVlNjcwYTExZg=='|base64 -d)}" CONFD_RELEASE="${CONFD_RELEASE:-latest}" CURL_SSL_OPTS="${CURL_SSL_OPTS:-"--tlsv1"}" +COPS_HELPERS=${COPS_HELPERS:-/cops_helpers} do_curl() { if ! ( curl "$@" );then curl $CURL_SSL_OPTS "$@";fi; } install() { if [ "x${SDEBUG}" != "x" ];then set -x;fi @@ -18,8 +19,10 @@ install() { | grep -E -i "($(uname -s).*$arch|sha)" )" \ && : :: confd: download and unpack artefacts \ && for u in $urls;do do_curl -sLO $u;done \ - && mv -vf confd* /usr/bin/confd \ - && chmod +x /usr/bin/confd && cd / && rm -rf /tmp/confd + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && ln -sfv $COPS_HELPERS/confd /usr/bin \ + && mv -vf confd* $COPS_HELPERS/confd \ + && chmod +x $COPS_HELPERS/confd && cd / && rm -rf /tmp/confd } install;ret=$?;if [ "x$ret" != "x0" ];then SDEBUG=1 install;fi;exit $ret # vim:set et sts=4 ts=4 tw=80: diff --git a/helpers/add_dockerize.sh b/helpers/add_dockerize.sh index 721f8b4..6af2bf3 100755 --- a/helpers/add_dockerize.sh +++ b/helpers/add_dockerize.sh @@ -3,6 +3,7 @@ SDEBUG=${SDEBUG-} GITHUB_PAT="${GITHUB_PAT:-$(echo 'OGUzNjkwMDZlMzNhYmNmMGRiNmE5Yjg1NWViMmJkNWVlNjcwYTExZg=='|base64 -d)}" DOCKERIZE_RELEASE="${DOCKERIZE_RELEASE:-latest}" CURL_SSL_OPTS="${CURL_SSL_OPTS:-"--tlsv1"}" +COPS_HELPERS=${COPS_HELPERS:-/cops_helpers} do_curl() { if ! ( curl "$@" );then curl $CURL_SSL_OPTS "$@";fi; } install() { if [ "x${SDEBUG}" != "x" ];then set -x;fi @@ -19,8 +20,10 @@ install() { | grep -E -i "($(uname -s).*$arch|sha)" )" \ && : :: dockerize: download and unpack artefacts \ && for u in $urls;do do_curl -sLO $u && tar -xzf $(basename $u);done \ - && mv -vf dockerize /usr/bin/dockerize \ - && chmod +x /usr/bin/dockerize && cd / && rm -rf /tmp/dockerize + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && ln -sfv $COPS_HELPERS/dockerize /usr/bin \ + && mv -vf dockerize $COPS_HELPERS/dockerize \ + && chmod +x $COPS_HELPERS/dockerize && cd / && rm -rf /tmp/dockerize } install;ret=$?;if [ "x$ret" != "x0" ];then SDEBUG=1 install;fi;exit $ret # vim:set et sts=4 ts=4 tw=80: diff --git a/helpers/add_forego.sh b/helpers/add_forego.sh index ffeba93..baa173b 100755 --- a/helpers/add_forego.sh +++ b/helpers/add_forego.sh @@ -3,6 +3,7 @@ SDEBUG=${SDEBUG-} GITHUB_PAT="${GITHUB_PAT:-$(echo 'OGUzNjkwMDZlMzNhYmNmMGRiNmE5Yjg1NWViMmJkNWVlNjcwYTExZg=='|base64 -d)}" FOREGO_RELEASE="${FOREGO_RELEASE:-latest}" CURL_SSL_OPTS="${CURL_SSL_OPTS:-"--tlsv1"}" +COPS_HELPERS=${COPS_HELPERS:-/cops_helpers} do_curl() { if ! ( curl "$@" );then curl $CURL_SSL_OPTS "$@";fi; } install () { if [ "x${SDEBUG}" != "x" ];then set -x;fi @@ -19,8 +20,11 @@ install () { && : :: forego: integrity check \ && grep forego.gz forego.gz.sha | sha256sum -c - >/dev/null \ && : :: forego: filesystem install \ - && gunzip forego.gz && mv -vf forego /usr/bin/forego \ - && chmod +x /usr/bin/forego && cd / && rm -rf /tmp/forego + && gunzip forego.gz \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && ln -sfv $COPS_HELPERS/forego /usr/bin \ + && mv -vf forego $COPS_HELPERS/forego \ + && chmod +x $COPS_HELPERS/forego && cd / && rm -rf /tmp/forego } install;ret=$?;if [ "x$ret" != "x0" ];then SDEBUG=1 install;fi;exit $ret # vim:set et sts=4 ts=4 tw=80: diff --git a/helpers/add_frep.sh b/helpers/add_frep.sh index d6c8c11..e02882a 100755 --- a/helpers/add_frep.sh +++ b/helpers/add_frep.sh @@ -6,6 +6,7 @@ CURL_SSL_OPTS="${CURL_SSL_OPTS:-"--tlsv1"}" # original but does not work on alpine PKG="corpusops/frep" PKG="subchen/frep" +COPS_HELPERS=${COPS_HELPERS:-/cops_helpers} do_curl() { if ! ( curl "$@" );then curl $CURL_SSL_OPTS "$@";fi; } install() { if [ "x${SDEBUG}" != "x" ];then set -x;fi @@ -21,9 +22,12 @@ install() { | grep -E -i "($(uname -s).*$arch|sha)" )" \ && : :: frep: download and unpack artefacts \ && for u in $urls;do do_curl -sLO $u;done \ - && sha256sum -c frep-*-linux-$arch.sha256 >/dev/nulm 2>&1 \ - && mv -vf frep*-linux*$arch /usr/bin/frep \ - && chmod +x /usr/bin/frep && cd / && rm -rf /tmp/frep + && echo $(cat frep-*-linux-$arch.sha256|awk '{print $1}'; ls frep-*-linux-$arch )|sed "s/ / /g" > frep-*-linux-$arch.sha256.v \ + && sha256sum -wc frep-*-linux-$arch.sha256.v >/dev/null 2>&1 \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && ln -sfv $COPS_HELPERS/frep /usr/bin \ + && mv -vf frep*-linux*$arch $COPS_HELPERS/frep \ + && chmod +x $COPS_HELPERS/frep && cd / && rm -rf /tmp/frep } install;ret=$?;if [ "x$ret" != "x0" ];then SDEBUG=1 install;fi;exit $ret -# vim:set et sts=4 ts=4 tw=80: +# vim:set et sts=4 ts=4 tw=0: diff --git a/helpers/add_gosu.sh b/helpers/add_gosu.sh index 621ec68..01fc26c 100755 --- a/helpers/add_gosu.sh +++ b/helpers/add_gosu.sh @@ -5,6 +5,7 @@ GOSU_RELEASE="${GOSU_RELEASE:-latest}" CURL_SSL_OPTS="${CURL_SSL_OPTS:-"--tlsv1"}" GOSU_GPG_KEYS="${GOSU_GPG_KEYS:-B42F6819007F00F88E364FD4036A9C25BF357DD4}" GPG_KEYS_SERVERS="${GPG_KEYS_SERVERS:-"hkp://p80.pool.sks-keyservers.net:80 hkp://ipv4.pool.sks-keyservers.net hkp://keyserver.ubuntu.com:80 hkp://pgp.mit.edu:80"}" +COPS_HELPERS=${COPS_HELPERS:-/cops_helpers} do_curl() { if ! ( curl "$@" );then curl $CURL_SSL_OPTS "$@";fi; } install() { if [ "x${SDEBUG}" != "x" ];then set -x;fi @@ -23,8 +24,10 @@ install() { && : :: gosu: integrity check \ && grep gosu-$arch SHA256SUMS | sha256sum -c - >/dev/null \ && : :: gosu: filesystem install \ - && mv -vf gosu-$arch /usr/bin/gosu \ - && chmod +x /usr/bin/gosu && cd / && rm -rf /tmp/gosu + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && ln -sfv $COPS_HELPERS/gosu /usr/bin \ + && mv -vf gosu-$arch $COPS_HELPERS/gosu \ + && chmod +x $COPS_HELPERS/gosu && cd / && rm -rf /tmp/gosu } install;ret=$?;if [ "x$ret" != "x0" ];then SDEBUG=1 install;fi;exit $ret # vim:set et sts=4 ts=4 tw=0: diff --git a/helpers/add_opt_pkgs.sh b/helpers/add_opt_pkgs.sh index cf00448..74999a1 100755 --- a/helpers/add_opt_pkgs.sh +++ b/helpers/add_opt_pkgs.sh @@ -7,5 +7,4 @@ export FORCE_INSTALL=y WANTED_PACKAGES="" \ WANTED_EXTRA_PACKAGES="$pkgs" \ ./cops_pkgmgr_install.sh -wait # vim:set et sts=4 ts=4 tw=0: diff --git a/helpers/add_remco.sh b/helpers/add_remco.sh index 6401836..42fe72a 100755 --- a/helpers/add_remco.sh +++ b/helpers/add_remco.sh @@ -4,6 +4,7 @@ GITHUB_PAT="${GITHUB_PAT:-$(echo 'OGUzNjkwMDZlMzNhYmNmMGRiNmE5Yjg1NWViMmJkNWVlNj REMCO_RELEASE="${REMCO_RELEASE:-latest}" CURL_SSL_OPTS="${CURL_SSL_OPTS:-"--tlsv1"}" PKG="HeavyHorst/remco" +COPS_HELPERS=${COPS_HELPERS:-/cops_helpers} do_curl() { if ! ( curl "$@" );then curl $CURL_SSL_OPTS "$@";fi; } install() { if [ "x${SDEBUG}" != "x" ];then set -x;fi @@ -20,8 +21,10 @@ install() { && : :: remco: download and unpack artefacts \ && for u in $urls;do do_curl -sLO $u;done \ && 7z x -y remco_*_linux_amd64.zip >/dev/null \ - && mv -vf remco_linux /usr/bin/remco \ - && chmod +x /usr/bin/remco && cd / && rm -rf /tmp/remco + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && ln -sfv $COPS_HELPERS/remco /usr/bin \ + && mv -vf remco_linux $COPS_HELPERS/remco \ + && chmod +x $COPS_HELPERS/remco && cd / && rm -rf /tmp/remco } install;ret=$?;if [ "x$ret" != "x0" ];then SDEBUG=1 install;fi;exit $ret # vim:set et sts=4 ts=4 tw=80: diff --git a/helpers/common_clean.sh b/helpers/common_clean.sh new file mode 100755 index 0000000..9e2b68f --- /dev/null +++ b/helpers/common_clean.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +set -exo pipefail +: "cleanup packages" +rm -rf /var/cache/apk/* +# misc +find /etc/rsyslog.d -name "*.conf" -not -type d|while read f;do mv -vf "$f" "$f.sample";done +# vim:set et sts=4 ts=4 tw=80: diff --git a/helpers/cops_pkgmgr_install.sh b/helpers/cops_pkgmgr_install.sh index 3c8fbed..682fabb 100755 --- a/helpers/cops_pkgmgr_install.sh +++ b/helpers/cops_pkgmgr_install.sh @@ -36,14 +36,17 @@ SYSTEM_COPS_ROOT=${SYSTEM_COPS_ROOT-$DEFAULT_COPS_ROOT} DOCKER_COPS_ROOT=${DOCKER_COPS_ROOT-$SYSTEM_COPS_ROOT} COPS_URL=${COPS_URL-$DEFAULT_COPS_URL} BASE_PREPROVISION_IMAGES="ubuntu:latest_preprovision" +BASE_PREPROVISION_IMAGES="$BASE_PREPROVISION_IMAGES corpusops/ubuntu:24.04_preprovision" +BASE_PREPROVISION_IMAGES="$BASE_PREPROVISION_IMAGES corpusops/ubuntu:22.04_preprovision" BASE_PREPROVISION_IMAGES="$BASE_PREPROVISION_IMAGES corpusops/ubuntu:20.04_preprovision" BASE_PREPROVISION_IMAGES="$BASE_PREPROVISION_IMAGES corpusops/ubuntu:18.04_preprovision" BASE_PREPROVISION_IMAGES="$BASE_PREPROVISION_IMAGES corpusops/ubuntu:16.04_preprovision" BASE_PREPROVISION_IMAGES="$BASE_PREPROVISION_IMAGES corpusops/ubuntu:14.04_preprovision" BASE_PREPROVISION_IMAGES="$BASE_PREPROVISION_IMAGES corpusops/centos:7_preprovision" -BASE_CORE_IMAGES="$BASE_CORE_IMAGES corpusops/ubuntu:latest" BASE_CORE_IMAGES="$BASE_CORE_IMAGES corpusops/ubuntu:latest" +BASE_CORE_IMAGES="$BASE_CORE_IMAGES corpusops/ubuntu:24.04" +BASE_CORE_IMAGES="$BASE_CORE_IMAGES corpusops/ubuntu:22.04" BASE_CORE_IMAGES="$BASE_CORE_IMAGES corpusops/ubuntu:20.04" BASE_CORE_IMAGES="$BASE_CORE_IMAGES corpusops/ubuntu:18.04" BASE_CORE_IMAGES="$BASE_CORE_IMAGES corpusops/ubuntu:16.04" @@ -53,14 +56,18 @@ BASE_IMAGES="$BASE_PREPROVISION_IMAGES $BASE_CORE_IMAGES" EXP_PREPROVISION_IMAGES="" EXP_PREPROVISION_IMAGES="$EXP_PREPROVISION_IMAGES archlinux:latest_preprovision" EXP_PREPROVISION_IMAGES="$EXP_PREPROVISION_IMAGES debian:latest_preprovision" -EXP_PREPROVISION_IMAGES="$EXP_PREPROVISION_IMAGES debian:stretch_preprovision" +#EXP_PREPROVISION_IMAGES="$EXP_PREPROVISION_IMAGES debian:stretch_preprovision" +EXP_PREPROVISION_IMAGES="$EXP_PREPROVISION_IMAGES debian:bookworm_preprovision" +EXP_PREPROVISION_IMAGES="$EXP_PREPROVISION_IMAGES debian:bullseye_preprovision" EXP_PREPROVISION_IMAGES="$EXP_PREPROVISION_IMAGES debian:buster_preprovision" EXP_PREPROVISION_IMAGES="$EXP_PREPROVISION_IMAGES debian:sid_preprovision" EXP_CORE_IMAGES="" EXP_CORE_IMAGES="$EXP_CORE_IMAGES corpusops/archlinux:latest" EXP_CORE_IMAGES="$EXP_CORE_IMAGES corpusops/debian:latest" -EXP_CORE_IMAGES="$EXP_CORE_IMAGES corpusops/debian:stretch" +#EXP_CORE_IMAGES="$EXP_CORE_IMAGES corpusops/debian:stretch" +EXP_CORE_IMAGES="$EXP_CORE_IMAGES corpusops/debian:bullseye" EXP_CORE_IMAGES="$EXP_CORE_IMAGES corpusops/debian:buster" +EXP_CORE_IMAGES="$EXP_CORE_IMAGES corpusops/debian:bookworm" EXP_CORE_IMAGES="$EXP_CORE_IMAGES corpusops/debian:sid" EXP_IMAGES="$EXP_PREPROVISION_IMAGES $EXP_CORE_IMAGES" # ansible related @@ -74,6 +81,14 @@ NORMAL="\\e[0;0m" NO_COLOR=${NO_COLORS-${NO_COLORS-${NOCOLOR-${NOCOLORS-}}}} LOGGER_NAME=${LOGGER_NAME:-corpusops_build} ERROR_MSG="There were errors" +is_container() { + if ( grep -q container= /proc/1/environ 2>/dev/null ) \ + || ( grep -E -q 'docker|lxc' /proc/1/cgroup 2>/dev/null ) \ + || [ -e /.dockerenv ];then + return 0 + fi + return 1 +} uniquify_string() { local pattern=$1 shift @@ -262,7 +277,7 @@ is_debian_like() { echo $DISTRIB_ID | grep -E -iq "debian|ubuntu|mint"; } is_suse_like() { echo $DISTRIB_ID | grep -E -iq "suse"; } is_alpine_like() { echo $DISTRIB_ID | grep -E -iq "alpine" || test -e /etc/alpine-release; } is_redhat_like() { echo $DISTRIB_ID \ - | grep -E -iq "((^ol$)|rhel|redhat|red-hat|centos|fedora)"; } + | grep -E -iq "((^ol$)|rhel|redhat|red-hat|centos|fedora|amzn)"; } set_lang() { locale=${1:-C};export LANG=${locale};export LC_ALL=${locale}; } is_darwin () { if [ "x${FORCE_DARWIN-}" != "x" ];then return 0;fi @@ -311,6 +326,10 @@ detect_os() { if [ $DISTRIB_MAJOR -eq 7 ];then DISTRIB_CODENAME="wheezy";fi if [ $DISTRIB_MAJOR -eq 8 ];then DISTRIB_CODENAME="jessie";fi if [ $DISTRIB_MAJOR -eq 9 ];then DISTRIB_CODENAME="stretch";fi + if [ $DISTRIB_MAJOR -eq 10 ];then DISTRIB_CODENAME="buster";fi + if [ $DISTRIB_MAJOR -eq 11 ];then DISTRIB_CODENAME="bullseye";fi + if [ $DISTRIB_MAJOR -eq 12 ];then DISTRIB_CODENAME="bookworm";fi + if [ $DISTRIB_MAJOR -eq 13 ];then DISTRIB_CODENAME="trixie";fi elif [ -e /etc/SuSE-brand ] || [ -e /etc/SuSE-release ];then for i in /etc/SuSE-brand /etc/SuSE-release;do if [ -e $i ];then @@ -503,8 +522,8 @@ get_python2() { get_python3() { local py_ver=3 get_python_ $py_ver \ - python3.9 python3.8 python3.7 python3.6 python3.5 python3.4 \ - python-3.9 python-3.8 python-3.7 python-3.6 python-3.5 python-3.4 \ + python3.12 python3.11 python3.10 python3.9 python3.8 python3.7 python3.6 python3.5 python3.4 \ + python-3.12 python-3.11 python-3.10 python-3.9 python-3.8 python-3.7 python-3.6 python-3.5 python-3.4 \ python-${py_ver} python${py_ver} python } has_python_module() { @@ -523,9 +542,19 @@ pymod_ver() { get_setuptools() { local py=${1:-python} local setuptoolsreq="setuptools" - if ( is_python2 $py );then setuptoolsreq="setuptools<=45"; else setuptoolsreq="setuptools<50"; fi + local cpyver=$($py -c "import sys;print(sys.version.split()[0])") + if ( is_python2 $py );then + setuptoolsreq="setuptools<=45" + elif ( version_lt $cpyver 3.12.0 );then + setuptoolsreq="setuptools<66" + else + setuptoolsreq="setuptools>=75" + fi echo "$setuptoolsreq" } +setup_setuptools_requirement() { + sed -i -re "s/^setuptools\s*(>|<|=|$)/$(get_setuptools $py)/g" requirements/python_requirements.txt +} install_pip() { local py="${1:-python}" local DEFAULT_PIP_URL="https://bootstrap.pypa.io/get-pip.py" @@ -745,8 +774,8 @@ ensure_command() { ### archlinux (pacman) is_pacman_available() { for i in $@;do - if ! ( pacman -Si $(i_y) "$i" >/devnull 2>&1 ||\ - pacman -Sg $(i_y) "$i" >/devnull 2>&1; );then + if ! ( pacman -Si $(i_y) "$i" >/dev/null 2>&1 ||\ + pacman -Sg $(i_y) "$i" >/dev/null 2>&1; );then return 1 fi done @@ -755,7 +784,7 @@ is_pacman_available() { is_pacman_installed() { for i in $@;do - if ! ( pacman -Qi $(i_y) "$i" >/devnull 2>&1; ); then + if ! ( pacman -Qi $(i_y) "$i" >/dev/null 2>&1; ); then return 1 fi done @@ -790,7 +819,7 @@ microdnf_repoquery() { is_microdnf_available() { pkgs="$(microdnf repoquery --available)" for i in $@;do - if ! ( echo "$pkgs" | grep -E -iq "${i}" ; ); then + if ! ( echo "$pkgs" | grep -E -iq "^${i}" ; ); then return 1 fi done @@ -799,7 +828,7 @@ is_microdnf_available() { is_microdnf_installed() { pkgs="$(microdnf repoquery --installed)" for i in $@;do - if ! ( echo "$pkgs" | grep -E -iq "${i}" ; ); then + if ! ( echo "$pkgs" | grep -E -iq "^${i}" ; ); then return 1 fi done diff --git a/helpers/redhat_clean.sh b/helpers/redhat_clean.sh index 55e6b04..3b313e3 100755 --- a/helpers/redhat_clean.sh +++ b/helpers/redhat_clean.sh @@ -1,4 +1,6 @@ #!/usr/bin/env bash -: "cleanup packages" \ - && yum clean all +set -ex +: "cleanup packages" +if (yum --help &> /dev/null );then yum clean all;fi +if (microdnf --help &> /dev/null );then microdnf clean all;fi # vim:set et sts=4 ts=4 tw=80: diff --git a/helpers/setup_locales.sh b/helpers/setup_locales.sh index 67e3be1..daf52fa 100755 --- a/helpers/setup_locales.sh +++ b/helpers/setup_locales.sh @@ -102,7 +102,7 @@ if [ "x${INSTALL_DEFAULT_LOCALE}" != "x" ];then | awk '{print tolower($0)}' \ |sed -re "s/([-_.])/\1?/g" )$" \ |head -n1) - if [[ -n "$AUTODETECTED_LOCALE" ]];then + if [ "x$AUTODETECTED_LOCALE" != "x" ];then log "Installing autodetected locale: $AUTODETECTED_LOCALE" INSTALL_DEFAULT_LOCALE="$AUTODETECTED_LOCALE" fi diff --git a/helpers/system_detect.sh b/helpers/system_detect.sh index 32b0bbf..b13df47 100755 --- a/helpers/system_detect.sh +++ b/helpers/system_detect.sh @@ -5,7 +5,7 @@ if [ -e /etc/arch-release ];then system=archlinux elif [ -e /etc/alpine-release ];then system=alpine -elif ( grep -E -iq "suse" $(find /etc/ImageVersion /etc/*-release 2>/dev/null||/bin/true 2>/dev/null) 2>/dev/null);then +elif ( grep -E -iq "suse" $(ls /etc/ImageVersion /etc/*-release 2>/dev/null||/bin/true 2>/dev/null) 2>/dev/null);then system=suse elif ( grep -E -iq "debian|mint|ubuntu" /etc/*-release 2>/dev/null);then system=apt diff --git a/helpers/up.sh b/helpers/up.sh index 02b4560..c7f6947 100755 --- a/helpers/up.sh +++ b/helpers/up.sh @@ -1,5 +1,5 @@ #!/usr/bin/env sh -set -e +set -ex log() { echo "${@}" >&2; } vv() { log "${@}";"${@}"; } DO_UPDATE=1 @@ -18,10 +18,31 @@ _cops_SYSTEM=$(system_detect.sh||./system_detect.sh||"$W/system_detect.sh") DISTRIB_ID= DISTRIB_CODENAME= DISTRIB_RELEASE= -oldubuntu="^(10\.|12\.|13\.|14.10|15\.|16.10|17\.04|17\.10|18\.10|19\.04|19\.10)" +oldubuntu="^(10\.|12\.|13\.|14\.|15\.|16\.|17\.|18\.10|19\.|20\.10|21\.|22\.10)" # oldubuntu="^(10\.|12\.|13\.|14.10|15\.|16.10|17\.04)" NOSOCAT="" +CENTOS_OLDSTABLE=8 +CENTOS_OLDSTABLES="6|7|8" +# was to support latest dev release, but disabled as missing packages in epel (p7*) +CENTOS_STABLE=9999 OAPTMIRROR="${OAPTMIRROR:-}" +OYUMMIRROR="${OYUMMIRROR:-}" +NYUMMIRROR="${NYUMMIRROR:-}" +OUBUNTUMIRROR="${OUBUNTUMIRROR:-old-releases.ubuntu.com}" +ODEBIANMIRROR="${ODEBIANMIRROR:-archive.debian.org}" +NDEBIANMIRROR="${NDEBIANMIRROR:-http.debian.net|httpredir.debian.org|deb.debian.org}" +NUBUNTUMIRROR="${NUBUNTUMIRROR:-archive.ubuntu.com|security.ubuntu.com}" +IS_OLD_CENTOS_STABLE="" +SNCENTOSMIRROR="$(echo "${NCENTOSMIRROR}"|sed -re "s/\|.*//g")" +SNDEBIANMIRROR="$(echo "${NDEBIANMIRROR}"|sed -re "s/\|.*//g")" +SNUBUNTUMIRROR="$(echo "${NUBUNTUMIRROR}"|sed -re "s/\|.*//g")" +yuminstall () { + if (yum --version >/dev/null 2>&1 );then + ( vv yum -y install $@ || vv yum --disablerepo=epel -y install $@ ) || /bin/true + else + ( vv microdnf install $@ || vv yum --disablerepo=epel -y install $@ ) || /bin/true + fi +} if [ -e /etc/lsb-release ];then DISTRIB_ID=$(. /etc/lsb-release;echo ${DISTRIB_ID}) DISTRIB_CODENAME=$(. /etc/lsb-release;echo ${DISTRIB_CODENAME}) @@ -40,17 +61,60 @@ elif [ -e /etc/redhat-release ];then DISTRIB_CODENAME=$(echo $(head /etc/issue)|awk '{print substr(substr($4,2),1,length($4)-2)}');echo $DISTRIB_RELEASE DISTRIB_RELEASE=$(echo $(head /etc/issue)|awk '{print tolower($3)}') fi +DISTRIB_MAJOR="$(echo ${DISTRIB_RELEASE}|sed -re "s/\..*//g")" +EPEL_BASE_URL="https://dl.fedoraproject.org/pub/epel" +EPEL_RPM_URL="$EPEL_BASE_URL/epel-release-latest-${DISTRIB_MAJOR}.noarch.rpm" +DISTRIB_ARCH="x86_64" +EPEL_PACKAGES_URL="$EPEL_BASE_URL/${DISTRIB_MAJOR}/Everything/$DISTRIB_ARCH/Packages/e" +if [ "x${DISTRIB_ID}" = "xcentos" ] && ( echo "${DISTRIB_MAJOR}" | grep -Eq "$CENTOS_OLDSTABLES");then + IS_OLD_CENTOS_STABLE="1" + EPEL_RPM_URL="https://archives.fedoraproject.org/pub/archive/epel/7/x86_64/Packages/e/epel-release-7-14.noarch.rpm" + if (echo "$DISTRIB_RELEASE"|egrep -q "8|7");then + OCENTOSMIRROR="${OCENTOSMIRROR:-mirror.centos.org}" + NCENTOSMIRROR="${NCENTOSMIRROR:-vault.centos.org}" + elif [ $DISTRIB_RELEASE -le $CENTOS_OLDSTABLE ];then + OCENTOSMIRROR="${OCENTOSMIRROR:-vault.centos.org}" + NCENTOSMIRROR="${NCENTOSMIRROR:-mirror.centos.org}" + else + OCENTOSMIRROR="${OCENTOSMIRROR:-mirror.centos.org}" + NCENTOSMIRROR="${NCENTOSMIRROR:-vault.centos.org}" + fi + OYUMMIRROR="${OCENTOSMIRROR}" + NYUMMIRROR="${NCENTOSMIRROR}" + if [ "$OYUMMIRROR" != "x" ];then + sed -i -r -e 's!'$OCENTOSMIRROR'!'$NCENTOSMIRROR'!g' $( find /etc/yum.repos.d -type f; ) + fi + sed -i "s/^#.*baseurl=http/baseurl=http/g" $( find /etc/yum.repos.d -type f; ) + sed -i "s/^mirrorlist=http/#mirrorlist=http/g" $( find /etc/yum.repos.d -type f; ) +fi +if ( grep -q amzn /etc/os-release );then + yuminstall findutils + if ( amazon-linux-extras help >/dev/null 2>&1 );then + amazon-linux-extras install -y epel + else + if ( yum list | grep -q epel );then + yum install -y epel-release + yum-config-manager --enable epel + fi + fi +fi if [ -e /etc/redhat-release ];then if [ -e /etc/fedora-release ];then vv yum upgrade -y --nogpg fedora-gpg-keys fedora-repos fi + if [ ! -e /etc/yum.repos.d/epel.repo ];then + if [ "x${DISTRIB_ID}" = "xcentos" ] && [ "${DISTRIB_MAJOR}" -gt $CENTOS_STABLE ];then + EPEL_RPM_URL="$EPEL_PACKAGES_URL/$(curl -sSlL $EPEL_PACKAGES_URL 2>&1|grep epel-release|sed -re 's/.*href="([^"]+)".*/\1/')" + fi + curl -sSLO "$EPEL_RPM_URL" + rpm -ivh $(pwd)/$(basename $EPEL_RPM_URL) + fi if ! ( find --version >/dev/null 2>&1);then - for pkg in findutils;do - ( vv yum -y install $pkg || vv yum --disablerepo=epel -y install $pkg ) || /bin/true - done + yuminstall findutils fi fi -DEBIAN_OLDSTABLE=8 +DEBIAN_OLDSTABLE=9 +PG_DEBIAN_OLDSTABLE=10 find /etc -name "*.reactivate" | while read f;do mv -fv "$f" "$(basename $f .reactivate)" done @@ -68,11 +132,14 @@ if (echo $DISTRIB_ID | grep -E -iq "debian");then if (echo $DISTRIB_RELEASE | grep -E -iq stretch );then DISTRIB_CODENAME="$DISTRIB_RELEASE";DISTRIB_RELEASE="9" ;fi if (echo $DISTRIB_RELEASE | grep -E -iq buster );then DISTRIB_CODENAME="$DISTRIB_RELEASE";DISTRIB_RELEASE="10";fi if (echo $DISTRIB_RELEASE | grep -E -iq bullseye );then DISTRIB_CODENAME="$DISTRIB_RELEASE";DISTRIB_RELEASE="11";fi + if (echo $DISTRIB_RELEASE | grep -E -iq bookworm );then DISTRIB_CODENAME="$DISTRIB_RELEASE";DISTRIB_RELEASE="12";fi fi sed -i -re "s/(old)?oldstable/$DISTRIB_CODENAME/g" $(find /etc/apt/sources.list* -type f) - NAPTMIRROR="http.debian.net|httpredir.debian.org|deb.debian.org" + NAPTMIRROR="${NDEBIANMIRROR}" + SNAPTMIRROR="${SNDEBIANMIRROR}" elif ( echo $DISTRIB_ID | grep -E -iq "mint|ubuntu" );then - NAPTMIRROR="archive.ubuntu.com|security.ubuntu.com" + NAPTMIRROR="${NUBUNTUMIRROR}" + SNAPTMIRROR="${SNUBUNTUMIRROR}" fi DEBIAN_LTS_SOURCELIST=" deb http://security.debian.org/ $DISTRIB_CODENAME/updates main contrib non-free @@ -100,43 +167,67 @@ if ( echo $DISTRIB_ID | grep -E -iq "centos|red|fedora" ) && ! ( echo $DISTRIB_I fi if ( echo $DISTRIB_ID | grep -E -iq "debian|mint|ubuntu" );then if (echo $DISTRIB_ID|grep -E -iq debian);then - sed -i -r -e '/(((squeeze)-(lts))|testing-backports)/d' \ - $( find /etc/apt/sources.list* -type f; ) + sed -i -r -e '/(((squeeze)-(lts))|testing-backports)/d' $( find /etc/apt/sources.list* -type f; ) fi if (echo $DISTRIB_ID|grep -E -iq debian) && [ $DISTRIB_RELEASE -le $DEBIAN_OLDSTABLE ];then # fix old debian unstable images sed -i -re "s!sid(/)?!$DISTRIB_CODENAME\1!" $(find /etc/apt/sources.list* -type f) - OAPTMIRROR="archive.debian.org" - sed -i -r -e '/-updates|security.debian.org/d' \ - $( find /etc/apt/sources.list* -type f; ) - if (echo $DISTRIB_ID|grep -E -iq debian) && [ $DISTRIB_RELEASE -eq $DEBIAN_OLDSTABLE ];then + OAPTMIRROR="${OAPTMIRROR:-$ODEBIANMIRROR}" + sed -i -r -e '/-updates|security.debian.org/d' $( find /etc/apt/sources.list* -type f; ) + if (echo $DISTRIB_ID|grep -E -iq debian) && [ $DISTRIB_RELEASE -eq $DEBIAN_OLDSTABLE ] && [ $DEBIAN_OLDSTABLE -lt 9 ];then log "Using debian LTS packages" echo "$DEBIAN_LTS_SOURCELIST" >> /etc/apt/sources.list rm -rvf /var/lib/apt/* fi fi - if ( echo $DISTRIB_ID | grep -E -iq "mint|ubuntu" ) && \ - ( echo $DISTRIB_RELEASE |grep -E -iq $oldubuntu);then - OAPTMIRROR="old-releases.ubuntu.com" - sed -i -r \ - -e 's/^(deb.*ubuntu)\/?(.*-(security|backport|updates).*)/#\1\/\2/g' \ - -e 's!'$NAPTMIRROR'!'$OAPTMIRROR'!g' \ - $( find /etc/apt/sources.list* -type f; ) + if ( echo $DISTRIB_ID | grep -E -iq "mint|ubuntu" ) && ( echo $DISTRIB_RELEASE |grep -E -iq $oldubuntu);then + OAPTMIRROR="${OAPTMIRROR:-$OUBUNTUMIRROR}" + fi + if (echo $DISTRIB_ID|grep -E -iq debian) && [ -e $pglist ] && [ $DISTRIB_RELEASE -le $PG_DEBIAN_OLDSTABLE ] && [ -e /etc/apt/sources.list.d/pgdg.list ];then + sed -i -re "s/apt.postgresql/apt-archive.postgresql/g" -e "s/http:/https:/g" /etc/apt/sources.list.d/pgdg.list + fi + if [ "x$OAPTMIRROR" != "x" ];then + printf 'Acquire::Check-Valid-Until no;\nAPT{ Get { AllowUnauthenticated "1"; }; };\n\n'>/etc/apt/apt.conf.d/nogpgverif + # 16.04/14.04 is not yet on old mirrors and were switched back to regular mirrors + if (echo $DISTRIB_RELEASE |grep -E -iq "14.04|16.04|18.04");then + echo "Patching APT to use $SNAPTMIRROR" >&2 + sed -i -r \ + -e 's/^(deb.*ubuntu)\/?(.*-(security|backport|updates).*)/#\1\/\2/g' \ + -e 's!'$OAPTMIRROR'!'$SNAPTMIRROR'!g' \ + $( find /etc/apt/sources.list* -type f; ) + echo "deb http://$SNAPTMIRROR/ubuntu/ $DISTRIB_CODENAME-security main restricted universe multiverse" >> /etc/apt/sources.list + else + echo "Patching APT to use $OAPTMIRROR" >&2 + sed -i -r \ + -e 's/^(deb.*ubuntu)\/?(.*-(security|backport|updates).*)/#\1\/\2/g' \ + -e 's!'$NAPTMIRROR'!'$OAPTMIRROR'!g' \ + $( find /etc/apt/sources.list* -type f; ) + fi + fi + if (echo $DISTRIB_RELEASE |grep -E -iq "18.04") && (grep -q cuda $(find /etc/apt/sources.list* -type f));then + wget https://developer.download.nvidia.com/compute/cuda/repos/ubuntu1804/x86_64/cuda-keyring_1.0-1_all.deb || curl -O https://developer.download.nvidia.com/compute/cuda/repos/ubuntu1804/x86_64/cuda-keyring_1.0-1_all.deb + dpkg -i cuda-keyring_1.0-1_all.deb + sed -i -re "/cuda/d" /etc/apt/sources.list + rm -f /etc/apt/sources.list.d/cuda-ubuntu1804-x86_64.list || true + apt-key adv --keyserver keyserver.ubuntu.com --recv A4B469963BF863CC F60F4B3D7FA2AF80 + fi + if ( (echo $DISTRIB_ID|grep -E -iq "mint|ubuntu" ) && ( echo $DISTRIB_RELEASE |grep -E -iq $oldubuntu); ) ||\ + ( (echo $DISTRIB_ID|grep -E -iq debian) && [ $DISTRIB_RELEASE -le $DEBIAN_OLDSTABLE ]; ) ||\ + ( (echo $DISTRIB_ID|grep -E -iq debian) && [ -e $pglist ] && [ $DISTRIB_RELEASE -le $PG_DEBIAN_OLDSTABLE ]; );then + if (dpkg -l|grep -vq apt-transport-https);then sed -i -re "s/^(deb.*https:.*)/#\1 #httpsfix/g" $(find /etc/apt/sources.list* -type f);fi + apt-get update || true + if ! (apt-get install -y ca-certificates apt-transport-https apt bzip2);then + apt-get full-upgrade -y + apt-get install -y ca-certificates apt-transport-https apt bzip2 + fi + sed -i -re "s/^#(.*)#httpsfix/\1/g" $(find /etc/apt/sources.list* -type f) + apt-get update fi -fi - -if [ "x$OAPTMIRROR" != "x" ];then - echo "Patching APT to use $OAPTMIRROR" >&2 - printf 'Acquire::Check-Valid-Until "0";\n' \ - > /etc/apt/apt.conf.d/noreleaseexpired.conf - sed -i -r -e 's!'$NAPTMIRROR'!'$OAPTMIRROR'!g' \ - $( find /etc/apt/sources.list* -type f; ) fi # fix broken curl if needed curl_updated= if ( echo $DISTRIB_ID | grep -E -iq "debian|mint|ubuntu" );then if ( dpkg -l libcurl3 );then - set -x for i in curl libcurl3;do if ( dpkg -l $i );then dpkg --purge --force-all $i @@ -178,11 +269,19 @@ if [ -e /etc/fedora-release ];then fi if [ "x$DISTRO_SYNC" != "x" ];then vv yum -y distro-sync;fi # be sure to install locales - yum install $yumopts -y glibc-common + yuminstall $yumopts -y glibc-common fi if ( echo "$DISTRIB_ID $DISTRIB_RELEASE $DISTRIB_CODENAME" | grep -E -iq alpine );then log "Upgrading alpine" - apk upgrade --update-cache --available + apk update && apk add bash + if !(apk upgrade --update-cache --available);then + apk upgrade --update-cache && apk upgrade --update-cache --available + fi +fi +./bin/fix_letsencrypt.sh +if ( echo $DISTRIB_ID | grep -E -iq "centos|red|fedora|amzn" );then + # ensure no conflict between curl & curl-minimal + yum install -y --allowerasing curl || yum install -y curl fi export FORCE_INSTALL=y DO_UPDATE="$DO_UPDATE" WANTED_PACKAGES="$pkgs" ./cops_pkgmgr_install.sh @@ -194,6 +293,5 @@ if ! ( echo foo|envsubst >/dev/null 2>&1);then echo "envsubst is missing" fi fi -find /etc/rsyslog.d -name "*.conf" -not -type d \ - | while read f;do mv -vf "$f" "$f.sample";done -# vim:set et sts=4 ts=4 tw=0: +find /etc/rsyslog.d -name "*.conf" -not -type d |while read f;do mv -vf "$f" "$f.sample";done +# Vim:set et sts=4 ts=4 tw=0: diff --git a/library/fedora/20/Dockerfile b/library/fedora/20/Dockerfile index 69e8938..e4b97ed 100644 --- a/library/fedora/20/Dockerfile +++ b/library/fedora/20/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:20 +ARG ANCESTOR=library/fedora:20 +ARG RSYNC=corpusops/rsync +FROM library/fedora:20 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/22/Dockerfile b/library/fedora/22/Dockerfile index 5f70721..0a0be3f 100644 --- a/library/fedora/22/Dockerfile +++ b/library/fedora/22/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:22 +ARG ANCESTOR=library/fedora:22 +ARG RSYNC=corpusops/rsync +FROM library/fedora:22 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/23/Dockerfile b/library/fedora/23/Dockerfile index 973f749..5e578ba 100644 --- a/library/fedora/23/Dockerfile +++ b/library/fedora/23/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:23 +ARG ANCESTOR=library/fedora:23 +ARG RSYNC=corpusops/rsync +FROM library/fedora:23 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/24/Dockerfile b/library/fedora/24/Dockerfile index 9d7d37e..888f9ad 100644 --- a/library/fedora/24/Dockerfile +++ b/library/fedora/24/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:24 +ARG ANCESTOR=library/fedora:24 +ARG RSYNC=corpusops/rsync +FROM library/fedora:24 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/25/Dockerfile b/library/fedora/25/Dockerfile index 1479f45..699888c 100644 --- a/library/fedora/25/Dockerfile +++ b/library/fedora/25/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:25 +ARG ANCESTOR=library/fedora:25 +ARG RSYNC=corpusops/rsync +FROM library/fedora:25 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/26/Dockerfile b/library/fedora/26/Dockerfile index c6f5868..19c6c91 100644 --- a/library/fedora/26/Dockerfile +++ b/library/fedora/26/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:26 +ARG ANCESTOR=library/fedora:26 +ARG RSYNC=corpusops/rsync +FROM library/fedora:26 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/27/Dockerfile b/library/fedora/27/Dockerfile index 63c609e..9db477b 100644 --- a/library/fedora/27/Dockerfile +++ b/library/fedora/27/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:27 +ARG ANCESTOR=library/fedora:27 +ARG RSYNC=corpusops/rsync +FROM library/fedora:27 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/28/Dockerfile b/library/fedora/28/Dockerfile index 2bffd0f..dcf0240 100644 --- a/library/fedora/28/Dockerfile +++ b/library/fedora/28/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:28 +ARG ANCESTOR=library/fedora:28 +ARG RSYNC=corpusops/rsync +FROM library/fedora:28 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/29/Dockerfile b/library/fedora/29/Dockerfile index 77471ff..0006ecc 100644 --- a/library/fedora/29/Dockerfile +++ b/library/fedora/29/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:29 +ARG ANCESTOR=library/fedora:29 +ARG RSYNC=corpusops/rsync +FROM library/fedora:29 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/30/Dockerfile b/library/fedora/30/Dockerfile index ce514bc..9bfa4d1 100644 --- a/library/fedora/30/Dockerfile +++ b/library/fedora/30/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:30 +ARG ANCESTOR=library/fedora:30 +ARG RSYNC=corpusops/rsync +FROM library/fedora:30 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/31/Dockerfile b/library/fedora/31/Dockerfile index cff2d03..bbb7930 100644 --- a/library/fedora/31/Dockerfile +++ b/library/fedora/31/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:31 +ARG ANCESTOR=library/fedora:31 +ARG RSYNC=corpusops/rsync +FROM library/fedora:31 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/32/Dockerfile b/library/fedora/32/Dockerfile index 177f413..7f65f28 100644 --- a/library/fedora/32/Dockerfile +++ b/library/fedora/32/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:32 +ARG ANCESTOR=library/fedora:32 +ARG RSYNC=corpusops/rsync +FROM library/fedora:32 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/33/Dockerfile b/library/fedora/33/Dockerfile index a9b1758..f0fb860 100644 --- a/library/fedora/33/Dockerfile +++ b/library/fedora/33/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:33 +ARG ANCESTOR=library/fedora:33 +ARG RSYNC=corpusops/rsync +FROM library/fedora:33 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/34/Dockerfile b/library/fedora/34/Dockerfile index 44d648b..9517294 100644 --- a/library/fedora/34/Dockerfile +++ b/library/fedora/34/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:34 +ARG ANCESTOR=library/fedora:34 +ARG RSYNC=corpusops/rsync +FROM library/fedora:34 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/branched/Dockerfile b/library/fedora/35/Dockerfile similarity index 61% rename from library/fedora/branched/Dockerfile rename to library/fedora/35/Dockerfile index cf9663b..eefee88 100644 --- a/library/fedora/branched/Dockerfile +++ b/library/fedora/35/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:branched +ARG ANCESTOR=library/fedora:35 +ARG RSYNC=corpusops/rsync +FROM library/fedora:35 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/heisenbug/Dockerfile b/library/fedora/36/Dockerfile similarity index 61% rename from library/fedora/heisenbug/Dockerfile rename to library/fedora/36/Dockerfile index c25b07b..5548608 100644 --- a/library/fedora/heisenbug/Dockerfile +++ b/library/fedora/36/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:heisenbug +ARG ANCESTOR=library/fedora:36 +ARG RSYNC=corpusops/rsync +FROM library/fedora:36 AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/37/Dockerfile b/library/fedora/37/Dockerfile new file mode 100644 index 0000000..2c28191 --- /dev/null +++ b/library/fedora/37/Dockerfile @@ -0,0 +1,97 @@ +ARG ANCESTOR=library/fedora:37 +ARG RSYNC=corpusops/rsync +FROM library/fedora:37 AS final +ARG DO_UPDATE=y +ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive +ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" +ARG EXTRA_FILES_LIST="" +ARG COPS_SYSTEM=${_cops_SYSTEM-} +ARG FOREGO_RELEASE=latest +ARG REMCO_RELEASE=latest +ARG GOSU_RELEASE=latest +ARG DOCKERIZE_RELEASE=latest +ARG CURL_SSL_OPTS=--tlsv1 +ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers +ADD \ + helpers/up.sh \ + helpers/add_gosu.sh \ + helpers/system_detect.sh \ + helpers/add_frep.sh \ + helpers/add_confd.sh \ + helpers/add_dockerize.sh \ + helpers/add_forego.sh \ + helpers/add_opt_pkgs.sh \ + helpers/add_remco.sh \ + helpers/setup_locales.sh \ + helpers/cops_pkgmgr_install.sh \ + helpers/*_up.sh \ + helpers/*_clean.sh \ + rootfs/ \ + packages/*packages*.txt \ + ${EXTRA_FILES_LIST} \ + /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && cd /tmp/corpusopssteroids \ + && : \ + && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && export PATH=$(pwd):$PATH \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ + && cat ${_cops_SYSTEM}_packages*.txt > packages.txt \ + && : fix logrorate global conf \ + && if [ -e /var/log ];then touch /var/log/syslog /var/log/messages;fi \ + && ./${_cops_SYSTEM}_up.sh \ + && ./add_opt_pkgs.sh \ + && ./add_frep.sh \ + && ./add_remco.sh \ + && ./add_confd.sh \ + && ./add_dockerize.sh \ + && ./add_gosu.sh \ + && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ + && DEBUG=1 ./setup_locales.sh \ + && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ + && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ + && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ + printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ + && ./${_cops_SYSTEM}_clean.sh \ + ' +COPY --from=ochinchina/supervisord:latest \ + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go +ADD \ + rootfs/etc/rsyslog.d/ \ + /etc/rsyslog.d/ +ADD \ + rootfs/etc/rsyslog.conf.frep \ + /etc/rsyslog.conf.frep +ADD \ + rootfs/etc/supervisor.d/rsyslog \ + rootfs/etc/supervisor.d/cron \ + /etc/supervisor.d/ +ADD rootfs/etc/logrotate.conf /etc/ +ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ + && cd /tmp/corpusopssteroids \ + && chmod +x *sh \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && ./${_cops_SYSTEM}_clean.sh \ + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" +LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/38/Dockerfile b/library/fedora/38/Dockerfile new file mode 100644 index 0000000..8a9e498 --- /dev/null +++ b/library/fedora/38/Dockerfile @@ -0,0 +1,97 @@ +ARG ANCESTOR=library/fedora:38 +ARG RSYNC=corpusops/rsync +FROM library/fedora:38 AS final +ARG DO_UPDATE=y +ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive +ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" +ARG EXTRA_FILES_LIST="" +ARG COPS_SYSTEM=${_cops_SYSTEM-} +ARG FOREGO_RELEASE=latest +ARG REMCO_RELEASE=latest +ARG GOSU_RELEASE=latest +ARG DOCKERIZE_RELEASE=latest +ARG CURL_SSL_OPTS=--tlsv1 +ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers +ADD \ + helpers/up.sh \ + helpers/add_gosu.sh \ + helpers/system_detect.sh \ + helpers/add_frep.sh \ + helpers/add_confd.sh \ + helpers/add_dockerize.sh \ + helpers/add_forego.sh \ + helpers/add_opt_pkgs.sh \ + helpers/add_remco.sh \ + helpers/setup_locales.sh \ + helpers/cops_pkgmgr_install.sh \ + helpers/*_up.sh \ + helpers/*_clean.sh \ + rootfs/ \ + packages/*packages*.txt \ + ${EXTRA_FILES_LIST} \ + /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && cd /tmp/corpusopssteroids \ + && : \ + && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && export PATH=$(pwd):$PATH \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ + && cat ${_cops_SYSTEM}_packages*.txt > packages.txt \ + && : fix logrorate global conf \ + && if [ -e /var/log ];then touch /var/log/syslog /var/log/messages;fi \ + && ./${_cops_SYSTEM}_up.sh \ + && ./add_opt_pkgs.sh \ + && ./add_frep.sh \ + && ./add_remco.sh \ + && ./add_confd.sh \ + && ./add_dockerize.sh \ + && ./add_gosu.sh \ + && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ + && DEBUG=1 ./setup_locales.sh \ + && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ + && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ + && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ + printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ + && ./${_cops_SYSTEM}_clean.sh \ + ' +COPY --from=ochinchina/supervisord:latest \ + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go +ADD \ + rootfs/etc/rsyslog.d/ \ + /etc/rsyslog.d/ +ADD \ + rootfs/etc/rsyslog.conf.frep \ + /etc/rsyslog.conf.frep +ADD \ + rootfs/etc/supervisor.d/rsyslog \ + rootfs/etc/supervisor.d/cron \ + /etc/supervisor.d/ +ADD rootfs/etc/logrotate.conf /etc/ +ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ + && cd /tmp/corpusopssteroids \ + && chmod +x *sh \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && ./${_cops_SYSTEM}_clean.sh \ + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" +LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/39/Dockerfile b/library/fedora/39/Dockerfile new file mode 100644 index 0000000..19290aa --- /dev/null +++ b/library/fedora/39/Dockerfile @@ -0,0 +1,97 @@ +ARG ANCESTOR=library/fedora:39 +ARG RSYNC=corpusops/rsync +FROM library/fedora:39 AS final +ARG DO_UPDATE=y +ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive +ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" +ARG EXTRA_FILES_LIST="" +ARG COPS_SYSTEM=${_cops_SYSTEM-} +ARG FOREGO_RELEASE=latest +ARG REMCO_RELEASE=latest +ARG GOSU_RELEASE=latest +ARG DOCKERIZE_RELEASE=latest +ARG CURL_SSL_OPTS=--tlsv1 +ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers +ADD \ + helpers/up.sh \ + helpers/add_gosu.sh \ + helpers/system_detect.sh \ + helpers/add_frep.sh \ + helpers/add_confd.sh \ + helpers/add_dockerize.sh \ + helpers/add_forego.sh \ + helpers/add_opt_pkgs.sh \ + helpers/add_remco.sh \ + helpers/setup_locales.sh \ + helpers/cops_pkgmgr_install.sh \ + helpers/*_up.sh \ + helpers/*_clean.sh \ + rootfs/ \ + packages/*packages*.txt \ + ${EXTRA_FILES_LIST} \ + /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && cd /tmp/corpusopssteroids \ + && : \ + && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && export PATH=$(pwd):$PATH \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ + && cat ${_cops_SYSTEM}_packages*.txt > packages.txt \ + && : fix logrorate global conf \ + && if [ -e /var/log ];then touch /var/log/syslog /var/log/messages;fi \ + && ./${_cops_SYSTEM}_up.sh \ + && ./add_opt_pkgs.sh \ + && ./add_frep.sh \ + && ./add_remco.sh \ + && ./add_confd.sh \ + && ./add_dockerize.sh \ + && ./add_gosu.sh \ + && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ + && DEBUG=1 ./setup_locales.sh \ + && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ + && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ + && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ + printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ + && ./${_cops_SYSTEM}_clean.sh \ + ' +COPY --from=ochinchina/supervisord:latest \ + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go +ADD \ + rootfs/etc/rsyslog.d/ \ + /etc/rsyslog.d/ +ADD \ + rootfs/etc/rsyslog.conf.frep \ + /etc/rsyslog.conf.frep +ADD \ + rootfs/etc/supervisor.d/rsyslog \ + rootfs/etc/supervisor.d/cron \ + /etc/supervisor.d/ +ADD rootfs/etc/logrotate.conf /etc/ +ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ + && cd /tmp/corpusopssteroids \ + && chmod +x *sh \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && ./${_cops_SYSTEM}_clean.sh \ + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" +LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/40/Dockerfile b/library/fedora/40/Dockerfile new file mode 100644 index 0000000..4076796 --- /dev/null +++ b/library/fedora/40/Dockerfile @@ -0,0 +1,97 @@ +ARG ANCESTOR=library/fedora:40 +ARG RSYNC=corpusops/rsync +FROM library/fedora:40 AS final +ARG DO_UPDATE=y +ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive +ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" +ARG EXTRA_FILES_LIST="" +ARG COPS_SYSTEM=${_cops_SYSTEM-} +ARG FOREGO_RELEASE=latest +ARG REMCO_RELEASE=latest +ARG GOSU_RELEASE=latest +ARG DOCKERIZE_RELEASE=latest +ARG CURL_SSL_OPTS=--tlsv1 +ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers +ADD \ + helpers/up.sh \ + helpers/add_gosu.sh \ + helpers/system_detect.sh \ + helpers/add_frep.sh \ + helpers/add_confd.sh \ + helpers/add_dockerize.sh \ + helpers/add_forego.sh \ + helpers/add_opt_pkgs.sh \ + helpers/add_remco.sh \ + helpers/setup_locales.sh \ + helpers/cops_pkgmgr_install.sh \ + helpers/*_up.sh \ + helpers/*_clean.sh \ + rootfs/ \ + packages/*packages*.txt \ + ${EXTRA_FILES_LIST} \ + /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && cd /tmp/corpusopssteroids \ + && : \ + && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && export PATH=$(pwd):$PATH \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ + && cat ${_cops_SYSTEM}_packages*.txt > packages.txt \ + && : fix logrorate global conf \ + && if [ -e /var/log ];then touch /var/log/syslog /var/log/messages;fi \ + && ./${_cops_SYSTEM}_up.sh \ + && ./add_opt_pkgs.sh \ + && ./add_frep.sh \ + && ./add_remco.sh \ + && ./add_confd.sh \ + && ./add_dockerize.sh \ + && ./add_gosu.sh \ + && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ + && DEBUG=1 ./setup_locales.sh \ + && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ + && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ + && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ + printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ + && ./${_cops_SYSTEM}_clean.sh \ + ' +COPY --from=ochinchina/supervisord:latest \ + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go +ADD \ + rootfs/etc/rsyslog.d/ \ + /etc/rsyslog.d/ +ADD \ + rootfs/etc/rsyslog.conf.frep \ + /etc/rsyslog.conf.frep +ADD \ + rootfs/etc/supervisor.d/rsyslog \ + rootfs/etc/supervisor.d/cron \ + /etc/supervisor.d/ +ADD rootfs/etc/logrotate.conf /etc/ +ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ + && cd /tmp/corpusopssteroids \ + && chmod +x *sh \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && ./${_cops_SYSTEM}_clean.sh \ + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" +LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/41/Dockerfile b/library/fedora/41/Dockerfile new file mode 100644 index 0000000..8750d2f --- /dev/null +++ b/library/fedora/41/Dockerfile @@ -0,0 +1,97 @@ +ARG ANCESTOR=library/fedora:41 +ARG RSYNC=corpusops/rsync +FROM library/fedora:41 AS final +ARG DO_UPDATE=y +ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive +ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" +ARG EXTRA_FILES_LIST="" +ARG COPS_SYSTEM=${_cops_SYSTEM-} +ARG FOREGO_RELEASE=latest +ARG REMCO_RELEASE=latest +ARG GOSU_RELEASE=latest +ARG DOCKERIZE_RELEASE=latest +ARG CURL_SSL_OPTS=--tlsv1 +ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers +ADD \ + helpers/up.sh \ + helpers/add_gosu.sh \ + helpers/system_detect.sh \ + helpers/add_frep.sh \ + helpers/add_confd.sh \ + helpers/add_dockerize.sh \ + helpers/add_forego.sh \ + helpers/add_opt_pkgs.sh \ + helpers/add_remco.sh \ + helpers/setup_locales.sh \ + helpers/cops_pkgmgr_install.sh \ + helpers/*_up.sh \ + helpers/*_clean.sh \ + rootfs/ \ + packages/*packages*.txt \ + ${EXTRA_FILES_LIST} \ + /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && cd /tmp/corpusopssteroids \ + && : \ + && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && export PATH=$(pwd):$PATH \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ + && cat ${_cops_SYSTEM}_packages*.txt > packages.txt \ + && : fix logrorate global conf \ + && if [ -e /var/log ];then touch /var/log/syslog /var/log/messages;fi \ + && ./${_cops_SYSTEM}_up.sh \ + && ./add_opt_pkgs.sh \ + && ./add_frep.sh \ + && ./add_remco.sh \ + && ./add_confd.sh \ + && ./add_dockerize.sh \ + && ./add_gosu.sh \ + && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ + && DEBUG=1 ./setup_locales.sh \ + && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ + && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ + && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ + printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ + && ./${_cops_SYSTEM}_clean.sh \ + ' +COPY --from=ochinchina/supervisord:latest \ + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go +ADD \ + rootfs/etc/rsyslog.d/ \ + /etc/rsyslog.d/ +ADD \ + rootfs/etc/rsyslog.conf.frep \ + /etc/rsyslog.conf.frep +ADD \ + rootfs/etc/supervisor.d/rsyslog \ + rootfs/etc/supervisor.d/cron \ + /etc/supervisor.d/ +ADD rootfs/etc/logrotate.conf /etc/ +ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ + && cd /tmp/corpusopssteroids \ + && chmod +x *sh \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && ./${_cops_SYSTEM}_clean.sh \ + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" +LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/42/Dockerfile b/library/fedora/42/Dockerfile new file mode 100644 index 0000000..7f41f05 --- /dev/null +++ b/library/fedora/42/Dockerfile @@ -0,0 +1,97 @@ +ARG ANCESTOR=library/fedora:42 +ARG RSYNC=corpusops/rsync +FROM library/fedora:42 AS final +ARG DO_UPDATE=y +ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive +ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" +ARG EXTRA_FILES_LIST="" +ARG COPS_SYSTEM=${_cops_SYSTEM-} +ARG FOREGO_RELEASE=latest +ARG REMCO_RELEASE=latest +ARG GOSU_RELEASE=latest +ARG DOCKERIZE_RELEASE=latest +ARG CURL_SSL_OPTS=--tlsv1 +ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers +ADD \ + helpers/up.sh \ + helpers/add_gosu.sh \ + helpers/system_detect.sh \ + helpers/add_frep.sh \ + helpers/add_confd.sh \ + helpers/add_dockerize.sh \ + helpers/add_forego.sh \ + helpers/add_opt_pkgs.sh \ + helpers/add_remco.sh \ + helpers/setup_locales.sh \ + helpers/cops_pkgmgr_install.sh \ + helpers/*_up.sh \ + helpers/*_clean.sh \ + rootfs/ \ + packages/*packages*.txt \ + ${EXTRA_FILES_LIST} \ + /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && cd /tmp/corpusopssteroids \ + && : \ + && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ + && export PATH=$(pwd):$PATH \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ + && cat ${_cops_SYSTEM}_packages*.txt > packages.txt \ + && : fix logrorate global conf \ + && if [ -e /var/log ];then touch /var/log/syslog /var/log/messages;fi \ + && ./${_cops_SYSTEM}_up.sh \ + && ./add_opt_pkgs.sh \ + && ./add_frep.sh \ + && ./add_remco.sh \ + && ./add_confd.sh \ + && ./add_dockerize.sh \ + && ./add_gosu.sh \ + && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ + && DEBUG=1 ./setup_locales.sh \ + && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ + && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ + && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ + printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ + && ./${_cops_SYSTEM}_clean.sh \ + ' +COPY --from=ochinchina/supervisord:latest \ + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go +ADD \ + rootfs/etc/rsyslog.d/ \ + /etc/rsyslog.d/ +ADD \ + rootfs/etc/rsyslog.conf.frep \ + /etc/rsyslog.conf.frep +ADD \ + rootfs/etc/supervisor.d/rsyslog \ + rootfs/etc/supervisor.d/cron \ + /etc/supervisor.d/ +ADD rootfs/etc/logrotate.conf /etc/ +ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ +RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ + && cd /tmp/corpusopssteroids \ + && chmod +x *sh \ + && _cops_SYSTEM=$(./system_detect.sh) \ + && ./${_cops_SYSTEM}_clean.sh \ + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" +LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/imagetags b/library/fedora/imagetags index 6280835..850cf32 100644 --- a/library/fedora/imagetags +++ b/library/fedora/imagetags @@ -12,7 +12,13 @@ 32 33 34 -branched -heisenbug +35 +36 +37 +38 +39 +40 +41 +42 latest rawhide diff --git a/library/fedora/imagetags.raw b/library/fedora/imagetags.raw index 7ed5e29..c917b00 100644 --- a/library/fedora/imagetags.raw +++ b/library/fedora/imagetags.raw @@ -1,18 +1,26 @@ 20 21 -22 23 +22 +23 24 -25 +26 26-modular -27 26 +27 28 29 30 31 32 33 -34 -branched +35 34 +36 +37 +38 +39 +40 +41 +42 +branched 25 heisenbug modular rawhide diff --git a/library/fedora/latest/Dockerfile b/library/fedora/latest/Dockerfile index 8a1abb0..9316e01 100644 --- a/library/fedora/latest/Dockerfile +++ b/library/fedora/latest/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:latest +ARG ANCESTOR=library/fedora:latest +ARG RSYNC=corpusops/rsync +FROM library/fedora:latest AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/library/fedora/rawhide/Dockerfile b/library/fedora/rawhide/Dockerfile index a33e289..147dc38 100644 --- a/library/fedora/rawhide/Dockerfile +++ b/library/fedora/rawhide/Dockerfile @@ -1,15 +1,19 @@ -FROM library/fedora:rawhide +ARG ANCESTOR=library/fedora:rawhide +ARG RSYNC=corpusops/rsync +FROM library/fedora:rawhide AS final ARG DO_UPDATE=y ARG NONINTERACTIVE=y +ARG DEBIAN_FRONTEND=noninteractive ARG INSTALL_DEFAULT_LOCALE="fr_FR.UTF-8" ARG EXTRA_FILES_LIST="" -ARG COPS_SYSTEM=${_cops_SYSTEM} +ARG COPS_SYSTEM=${_cops_SYSTEM-} ARG FOREGO_RELEASE=latest ARG REMCO_RELEASE=latest ARG GOSU_RELEASE=latest ARG DOCKERIZE_RELEASE=latest ARG CURL_SSL_OPTS=--tlsv1 ARG DOCKER_IMAGES_COMMIT=master +ARG COPS_HELPERS=/cops_helpers ADD \ helpers/up.sh \ helpers/add_gosu.sh \ @@ -32,6 +36,7 @@ RUN sh -c 'set -ex \ && cd /tmp/corpusopssteroids \ && : \ && chmod +x *sh \ + && if [ ! -e $COPS_HELPERS ];then mkdir -p "$COPS_HELPERS";fi \ && export PATH=$(pwd):$PATH \ && _cops_SYSTEM=$(./system_detect.sh) \ && cat ${_cops_SYSTEM}_optional_packages*.txt optional_packages*.txt > optional_packages.txt \ @@ -46,17 +51,17 @@ RUN sh -c 'set -ex \ && ./add_dockerize.sh \ && ./add_gosu.sh \ && ./add_forego.sh \ + && ln -sfv ${COPS_HELPERS}/supervisord-go /bin/supervisord-go \ && DEBUG=1 ./setup_locales.sh \ && sed -i -re "/var\\/log\\/messages \\{\\}/d" /etc/logrotate.conf\ && sed -i -re "s/ dateext/nodateext/g" /etc/logrotate.conf\ && if ! (grep -q /var/log/messages /etc/logrotate.conf);then\ printf "\\n/var/log/messages {\\nmissingok\\n}\\n\\n" >>/etc/logrotate.conf;fi\ - && cp -v bin/* system_detect.sh setup_locales.sh \ - cops_pkgmgr_install.sh /bin \ + && for i in bin/* system_detect.sh setup_locales.sh cops_pkgmgr_install.sh;do j=$(basename $i);cp -v $i /cops_helpers && ln -sfv /cops_helpers/$j /bin/$j;done\ && ./${_cops_SYSTEM}_clean.sh \ ' COPY --from=ochinchina/supervisord:latest \ - /usr/local/bin/supervisord /bin/supervisord-go + /usr/local/bin/supervisord ${COPS_HELPERS}/supervisord-go ADD \ rootfs/etc/rsyslog.d/ \ /etc/rsyslog.d/ @@ -69,11 +74,24 @@ ADD \ /etc/supervisor.d/ ADD rootfs/etc/logrotate.conf /etc/ ADD rootfs/etc/logrotate.d/* /etc/logrotate.d/ -ADD helpers/*_clean.sh /tmp/corpusopssteroids/ +ADD helpers/system_detect.sh helpers/*_clean.sh /tmp/corpusopssteroids/ RUN sh -c 'set -ex \ + && echo fixperms >&2 \ + && ( chmod -vf g-wx,o-wx /etc/logrotate.d/* /etc/logrotate.conf || true ) \ + && echo cleanup >&2 \ && cd /tmp/corpusopssteroids \ && chmod +x *sh \ && _cops_SYSTEM=$(./system_detect.sh) \ && ./${_cops_SYSTEM}_clean.sh \ - && cd / && rm -rf /tmp/corpusopssteroids' + && ./common_clean.sh \ + && cd / && rm -rf /tmp/corpusopssteroids /var/cache/apk/* /var/lib/apt/lists/*' +FROM $RSYNC AS squashed-rsync +FROM $ANCESTOR AS squashed-ancestor +ARG ROOTFS="/BASE_ROOTFS_TO_COPY_THAT_WONT_COLLIDE_1234567890" +ARG PATH="${ROOTFS}_rsync/bin:$PATH" +SHELL ["busybox", "sh", "-c"] +RUN --mount=type=bind,from=final,target=$ROOTFS --mount=type=bind,from=squashed-rsync,target=${ROOTFS}_rsync \ +rsync -Aaz --delete ${ROOTFS}/ / --exclude=/proc --exclude=/sys --exclude=/etc/resolv.conf --exclude=/etc/hosts --exclude=$ROOTFS* --exclude=dev/shm --exclude=dev/pts --exclude=dev/mqueue +SHELL ["/bin/sh", "-c"] +ARG DOCKER_IMAGES_COMMIT="$DOCKER_IMAGES_COMMIT" LABEL com.github.corpusops.docker-images-commit="$DOCKER_IMAGES_COMMIT" diff --git a/main.sh b/main.sh index ef8ec28..96ea34a 100755 --- a/main.sh +++ b/main.sh @@ -1,6 +1,9 @@ #!/usr/bin/env bash set -e shopt -s extglob +export DOCKER_BUILDKIT=${DOCKER_BUILDKIT-1} +export COMPOSE_DOCKER_CLI_BUILD=${COMPOSE_DOCKER_CLI_BUILD-1} +export BUILDKIT_PROGRESS=${BUILDKIT_PROGRESS-plain} ## refresh from corpsusops.bootstrap/hacking/shell_glue (copy paste until last function) readlinkf() { if ( uname | grep -E -iq "darwin|bsd" );then @@ -23,6 +26,12 @@ NORMAL="\\e[0;0m" NO_COLOR=${NO_COLORS-${NO_COLORS-${NOCOLOR-${NOCOLORS-}}}} LOGGER_NAME=${LOGGER_NAME:-corpusops_build} ERROR_MSG="There were errors" +ver_ge() { [ "$2" = "`echo -e "$1\n$2" | sort -V | head -n1`" ]; } +ver_gt() { [ "$1" = "$2" ] && return 1 || ver_ge $1 $2; } +ver_le() { [ "$1" = "`echo -e "$1\n$2" | sort -V | head -n1`" ]; } +ver_lt() { [ "$1" = "$2" ] && return 1 || ver_le $1 $2; } +join_by() { a="";s=$1;shift;for i in $@;do if [[ -z $a ]];then a="$(printf "$i")";else a="$(printf "$a$s$i")";fi;done;echo "$a"; } +filter_last_line_but_keep_at_least_once() { lines="$@";if [ $( echo "$lines" | wc -l ) -gt 1 ];then echo "$lines"|sed -re '$ d';else echo "$lines";fi; } uniquify_string() { local pattern=$1 shift @@ -221,21 +230,20 @@ FORCE_REBUILD=${FORCE_REBUILD-} DRYRUN=${DRYRUN-} NOREFRESH=${NOREFRESH-} NBPARALLEL=${NBPARALLEL-2} +SKIP_TAGS_REBUILD=${SKIP_TAGS_REBUILD-} +SKIP_TAGS_REFRESH=${SKIP_TAGS_REFRESH-${SKIP_TAGS_REBUILD}} SKIP_IMAGES_SCAN=${SKIP_IMAGES_SCAN-} -SKIP_MINOR_ES="((elasticsearch):.*([0-5]\.?){3}(-32bit.*)?)" -SKIP_MINOR_ES2="$SKIP_MINOR_ES|(elasticsearch:(5\.[0-4]\.)|(6\.8\.[0-8])|(6\.[0-7])|(7\.9\.[0-2])|(7\.[0-8]))" # SKIP_MINOR_NGINX="((nginx):.*[0-9]+\.[0-9]+\.[0-9]+(-32bit.*)?)" MINOR_IMAGES="(golang|mariadb|memcached|mongo|mysql|nginx|node|php|postgres|python|rabbitmq|redis|redmine|ruby|solr)" SKIP_MINOR_OS="$MINOR_IMAGES:.*alpine[0-9].*" SKIP_MINOR="$MINOR_IMAGES:.*[0-9]+\.([0-9]+\.)[0-9]+(-32bit.*)?" -SKIP_PRE="((redis|node|ruby|php|golang|python|mariadb|mysql|postgres|solr|elasticsearch|mongo|rabbitmq):.*(alpha|beta|rc)[0-9]*(-32bit.*)?)" +SKIP_PRE="((redis|node|ruby|php|golang|python|mariadb|mysql|postgres|solr|elasticsearch|mongo|rabbitmq|opensearch):.*(alpha|beta|rc)[0-9]*(-32bit.*)?)" SKIP_OS="(((archlinux|suse|centos|fedora|redhat|alpine|debian|ubuntu|oldstable|oldoldstable):.*[0-9]{8}.*)" SKIP_OS="$SKIP_OS|((node):[0-9]+[0-9]+\.[0-9]+.*)" SKIP_OS="$SKIP_OS|((debian|redis):[0-9]+\.[0-9]+.*)" SKIP_OS="$SKIP_OS|(centos:.\..\.....|centos.\..\.....)" SKIP_OS="$SKIP_OS|(alpine:.\.[0-9]+\.[0-9]+)" SKIP_OS="$SKIP_OS|(debian:(6.*|squeeze))" -SKIP_OS="$SKIP_OS|(ubuntu:(([0-9][0-9]\.[0-9][0-9]\..*)|(14.10|12|10|11|13|15)))" SKIP_OS="$SKIP_OS|(lucid|maverick|natty|precise|quantal|raring|saucy)" SKIP_OS="$SKIP_OS|(centos:(centos)?5)" SKIP_OS="$SKIP_OS|(fedora.*(modular|21))" @@ -250,15 +258,23 @@ SKIP_TF="(tensorflow.serving:[0-9].*)" SKIP_MINIO="(k8s-operator|((minio|mc):(RELEASE.)?[0-9]{4}-.{7}))" SKIP_MAILU="(mailu.*(feat|patch|merg|refactor|revert|upgrade|fix-|pr-template))" SKIP_DOCKER="docker(\/|:)([0-9]+\.[0-9]+\.|17|18.0[1-6]|1$|1(\.|-)).*" -SKIPPED_TAGS="$SKIP_TF|$SKIP_MINOR_OS|$SKIP_NODE|$SKIP_DOCKER|$SKIP_MINIO|$SKIP_MAILU|$SKIP_MINOR_ES2|$SKIP_MINOR|$SKIP_PRE|$SKIP_OS|$SKIP_PHP|$SKIP_WINDOWS|$SKIP_MISC" +SKIPPED_TAGS="$SKIP_TF|$SKIP_MINOR_OS|$SKIP_NODE|$SKIP_DOCKER|$SKIP_MINIO|$SKIP_MAILU|$SKIP_MINOR|$SKIP_PRE|$SKIP_OS|$SKIP_PHP|$SKIP_WINDOWS|$SKIP_MISC" CURRENT_TS=$(date +%s) IMAGES_SKIP_NS="((mailhog|postgis|pgrouting(-bare)?|^library|dejavu|(minio/(minio|mc))))" +FEDORA_SKIPPED_TAGS="fedora:(heisenbug|branched|tag|21|26-modular|modular)" +SKIPPED_TAGS="$FEDORA_SKIPPED_TAGS" +# (see docker-elasticsearch for example on how to use) +PROTECTED_VERSIONS="" default_images=" library/fedora " - +ONLY_LAST_MINOR="y" +ONLY_ONE_MINOR="postgres|elasticsearch|nginx|bitwardenrs/server(-(mysql|postgresql))?" +ONE_MINOR="elasticsearch" +PROTECTED_VERSIONS="" +PROTECTED_TAGS="corpusops/rsyslog" find_top_node_() { img=library/node if [ ! -e $img ];then return;fi @@ -279,12 +295,14 @@ NODE_TOP="$(echo $(find_top_node))" MAILU_VERSiON=1.7 BATCHED_IMAGES="\ -library/fedora/31\ - library/fedora/32\ - library/fedora/33\ - library/fedora/34\ - library/fedora/latest\ - library/fedora/rawhide::7 +library/fedora/rawhide::30 +library/fedora/latest::30 +library/fedora/42 library/fedora/41::30 +library/fedora/40 library/fedora/39 library/fedora/38 library/fedora/37::30 +library/fedora/36 library/fedora/35 library/fedora/34 library/fedora/33::30 +library/fedora/32 library/fedora/31 library/fedora/30 library/fedora/29::30 +library/fedora/28 library/fedora/27 library/fedora/26 library/fedora/25::30 +library/fedora/24 library/fedora/23 library/fedora/22 library/fedora/20::30 " SKIP_REFRESH_ANCESTORS=${SKIP_REFRESH_ANCESTORS-} @@ -421,6 +439,7 @@ get_image_changeset() { echo "$ret" } +do_gen_image() { gen_image "$@"; } gen_image() { local image=$1 tag=$2 local ldir="$TOPDIR/$image/$tag" @@ -447,7 +466,11 @@ gen_image() { local df="$folder/Dockerfile.override" if [ -e "$df" ];then dockerfiles="$dockerfiles $df" && break;fi done - local parts="from args argspost helpers pre base post clean cleanpost labels labelspost" + local parts="" + for partsstep in squashpre from args argspost helpers pre base post postextra clean cleanpost predosquash squash squashpreexec squashexec postdosquash extra labels labelspost;do + parts="$parts pre_${partsstep} ${partsstep} post_${partsstep}" + done + parts=$(echo "$parts"|xargs) for order in $parts;do for folder in . .. ../../..;do local df="$folder/Dockerfile.$order" @@ -468,6 +491,11 @@ gen_image() { is_skipped() { local ret=1 t="$@" + if [[ -z $SKIPPED_TAGS ]];then return 1;fi + if [[ -n "${PROTECTED_VERSIONS}" ]] && ( echo "$t" | grep -E -q "$PROTECTED_VERSIONS" );then + debug "$t is protected, no skip" + return 1 + fi if ( echo "$t" | grep -E -q "$SKIPPED_TAGS" );then ret=0 fi @@ -476,11 +504,9 @@ is_skipped() { # fi return $ret } -# echo $(set -x && is_skipped library/redis/3.0.4-32bit;echo $?) -# exit 1 skip_local() { - grep -E -v "(.\/)?local" + grep -E -v "(.\/)?local|\.git" } # get_namespace_tag libary/foo/bar : get image tag with its final namespace @@ -501,11 +527,22 @@ do_get_namespace_tag() { # ubuntu-bare / postgis if [ -e $i/tag ];then tag=$( cat $i/tag );break;fi done + for i in $image $image/.. $image/../../..;do + # ubuntu-bare / postgis + if [ -e $i/version ];then version=$( cat $i/version );break;fi + done echo "$repo/$tag:$version" \ - | sed -re "s/(-?(server)?-(web-vault|postgresql|mysql)):/-server:\3-/g" + | sed -re "s/(-?(server)?-(web-vault|elasticsearch|opensearch|postgresql|mysql|mongo|mongodb|maria|mariadb)):/-server:\3-/g" done } +filter_tags() { + for j in $@ ;do for i in $j;do + if is_skipped "$n:$i";then debug "Skipped: $n:$i";else printf "$i\n";fi + done;done | awk '!seen[$0]++' | sort -V +} + +do_get_image_tags() { get_image_tags "$@"; } get_image_tags() { local n=$1 local results="" result="" @@ -519,7 +556,7 @@ get_image_tags() { else has_more=0 fi - if [ $has_more -eq 0 ];then + if [[ -z ${SKIP_TAGS_REFRESH} ]] && [ $has_more -eq 0 ];then while [ $has_more -eq 0 ];do i=$((i+1)) result=$( curl "${u}?page=${i}" 2>/dev/null \ @@ -528,12 +565,81 @@ get_image_tags() { if [[ -n "${result}" ]];then results="${results} ${result}";else has_more=256;fi done if [ ! -e "$TOPDIR/$n" ];then mkdir -p "$TOPDIR/$n";fi - printf "$results\n" | sort -V > "$t.raw" + printf "$results\n" | xargs -n 1 | sed -e "s/ //g" | sort -V > "$t.raw" + fi + atags="$(filter_tags "$(cat $t.raw|xargs -n1)")" + # cleanup minor images (keep latest minor only) + # if $ONLY_ONE_MINOR is set, then for each flavor, test for each a.b.c version: + # if $ONLY_LAST_MINOR is set: keep only one minor amongst all subminors a.b version + # if $ONLY_LAST_MINOR is not set: keep only one minor for all subminors a.b + # This works by calling this func which will update the $SKIPPED_TAGS variable, + # then further calls to `is_skipped $tags` or `filter_tags $tags` will filter appropriate minor tags + local fatags="$(echo $atags | xargs -n1 | grep -E "^[0-9]+\.[0-9]+\.")" + debug "$n: initial atags/fatags: $(echo $atags) //// $(echo $fatags)" + local NB_LOOPS=1000; local EARLY_QUIT=30 + if [[ "x${ONLY_ONE_MINOR}" != "x" ]] && ( echo $n | grep -E -q "$ONLY_ONE_MINOR" );then + flavors="alpine|alpine3.16|alpine3.15|alpine3.14|alpine3.13|alpine3.5|noble|jammy|focal|bionic|xenial|trusty|bookworm|bullseye|stretch|buster|jessie" + for flavor in $(echo $flavors | sed -re "s/[|]/ /g") "";do + notselected="" + if [[ -n $flavor ]];then + fvatags="$( ( echo "$fatags" | grep -E ".*$flavor$" || true ) | sort -V )" + else + fvatags="$( ( echo "$fatags" | grep -vE "^.*($flavors)$" || true ) | sort -V )" + fi + if [[ -z "$fvatags" ]];then debug "---> flavor: $flavor is nul / $(echo $fatags) / $(echo $fvatags)"; continue;fi + for ix in $(seq 0 $NB_LOOPS);do + f1atags="$( ( echo "$fvatags" | grep -E "^$ix\." ) || true )" + if [[ -z $f1atags ]];then + # break ASAP first level loop, but do not overoptimize: only after a long while + if [[ $ix -gt $EARLY_QUIT ]];then + f1ratags="$(echo "$f1atags" | grep -E "^($(echo $(seq $ix $NB_LOOPS)|sed -re "s/ /|/g"))\.")" + if [[ -z $f1ratags ]];then debug "Quit earlier1: $n/$flavor/$ix";break;fi + fi + continue + fi + for j in $(seq 0 $NB_LOOPS);do + f2atags="$( ( echo "$f1atags" | grep -E "^$ix\.$j\." ) || true )" + if [[ -z $f2atags ]];then + # break ASAP second level loop, but do not overoptimize: only after a long while + if [[ $j -gt $EARLY_QUIT ]];then + f2ratags="$( ( echo "$f1atags" | grep -E "^$ix\.($(echo $(seq $j $NB_LOOPS)|sed -re "s/ /|/g"))\." ) || true)" + if [[ -z $f2ratags ]];then debug "Quit earlier2: $n/$flavor/$ix/$j";break;fi + fi + continue + fi + mnotselected="" + for k in $(seq 0 $NB_LOOPS);do + f3atags="$( ( ( echo "$f2atags" | grep -E "^$ix\.$j\.${k}([^0-9].*$|$)" ) || true ) | xargs -n1 )" + if [[ -z $f3atags ]];then + # break ASAP third level loop, but do not overoptimize: only after a long while + if [[ $k -gt $EARLY_QUIT ]];then + f3ratags="$( ( echo "$f2atags" | grep -E "^$ix\.($(echo $(seq $j $NB_LOOPS)|sed -re "s/ /|/g"))\.($(echo $(seq $k $NB_LOOPS)|sed -re "s/ /|/g"))" ) || true)" + if [[ -z $f3ratags ]];then debug "Quit earlier3: $n/$flavor/$ix/$j/$k";break;fi + fi + continue + fi + mnotselected="$(join_by " " "$mnotselected" $( for pt in $f3atags;do if [[ -z "${PROTECTED_VERSIONS}" ]] || ! ( echo "$n:$pt" | grep -q "${PROTECTED_VERSIONS}" );then echo $pt;fi;done ) )" + done + # if ONLY_ONE_MINOR is not set: keep one subminor per minor release + if [[ -z "${ONLY_LAST_MINOR}" ]];then mnotselected=$(filter_last_line_but_keep_at_least_once "$(echo "${mnotselected}" | xargs -n1)");fi + if [[ -n $mnotselected ]];then + debug "mnotselected FOR $flavor $ix $j: $(echo $mnotselected)" + notselected="$(join_by " " "$notselected" "${mnotselected}")" + fi + done + # if ONLY_ONE_MINOR is set: keep the latest subminor amongst all releases + if [[ -n "${ONLY_LAST_MINOR}" ]];then notselected=$(filter_last_line_but_keep_at_least_once "$(echo "${notselected}" | xargs -n1)");fi + done + if [[ -n $notselected ]];then + debug "flavor $flavor: notselected: $(echo $notselected)" + SKIPPED_TAGS="$SKIPPED_TAGS|(($ONLY_ONE_MINOR):($(join_by '|' $notselected ))$)" + fi + done + fi + if [[ -z ${SKIP_TAGS_REBUILD} ]];then + rm -f "$t" + filter_tags "$atags" > "$t" fi - rm -f "$t" - ( for i in $(cat "$t.raw");do - if is_skipped "$n:$i";then debug "Skipped: $n:$i";else printf "$i\n";fi - done | awk '!seen[$0]++' | sort -V ) >> "$t" set -e if [ -e "$t" ];then cat "$t";fi } @@ -568,16 +674,25 @@ do_clean_tags() { # refresh_images library/ubuntu: only refresh ubuntu images do_refresh_images() { local imagess="${@:-$default_images}" + cp -vf local/corpusops.bootstrap/bin/cops_pkgmgr_install.sh helpers/ + if [[ -z ${SKIP_REFRESH_COPS-} ]];then + if ! ( grep -q corpusops/docker-images .git/config );then if [ ! -e local/docker-images ];then git clone https://github.com/corpusops/docker-images local/docker-images fi ( cd local/docker-images && git fetch --all && git reset --hard origin/master \ && cp -rf helpers Dock* rootfs packages ../..; ) + fi + fi while read images;do for image in $images;do if [[ -n $image ]];then - make_tags $image - do_clean_tags $image + if [[ -z "${SKIP_MAKE_TAGS-}" ]];then + make_tags $image + fi + if ( echo "$image" | grep -E -vq "${PROTECTED_TAGS-}" ) || [[ -z ${PROTECTED_TAGS-} ]];then + do_clean_tags $image + fi fi done done <<< "$imagess" @@ -606,20 +721,20 @@ is_same_commit_label() { return $ret } -get_docker_squash_args() { - DOCKER_DO_SQUASH=${DOCKER_DO_SQUASH-init} - if ! ( echo "${NO_SQUASH-}"|grep -E -q "^(no)?$" );then - DOCKER_DO_SQUASH="" - log "no squash" - elif [[ "$DOCKER_DO_SQUASH" = init ]];then - DOCKER_DO_SQUASH="--squash" - if ! (printf "FROM alpine\nRUN touch foo\n" | docker build --squash - >/dev/null 2>&1 );then - DOCKER_DO_SQUASH= - log "docker squash isnt not supported" - fi - fi - echo $DOCKER_DO_SQUASH -} +#get_docker_squash_args() { +# DOCKER_DO_SQUASH=${DOCKER_DO_SQUASH-init} +# if ! ( echo "${NO_SQUASH-}"|grep -E -q "^(no)?$" );then +# DOCKER_DO_SQUASH="" +# log "no squash" +# elif [[ "$DOCKER_DO_SQUASH" = init ]];then +# DOCKER_DO_SQUASH="--squash" +# if ! (printf "FROM alpine\nRUN touch foo\n" | docker build --squash - >/dev/null 2>&1 );then +# DOCKER_DO_SQUASH= +# log "docker squash isnt not supported" +# fi +# fi +# echo $DOCKER_DO_SQUASH +#} record_build_image() { # library/ubuntu/latest / corpusops/postgis/latest @@ -635,7 +750,7 @@ record_build_image() { log "Image $itag is update to date, skipping build" return fi - dargs="${DOCKER_BUILD_ARGS-} $(get_docker_squash_args)" + dargs="${DOCKER_BUILD_ARGS-}" local dbuild="cat $image/$df|docker build ${dargs-} -t $itag . -f - --build-arg=DOCKER_IMAGES_COMMIT=$git_commit" local retries=${DOCKER_BUILD_RETRIES:-2} local cmd="dret=8 && for i in \$(seq $retries);do if ($dbuild);then dret=0;break;else dret=6;fi;done" @@ -912,7 +1027,7 @@ do_usage() { do_main() { local args=${@:-usage} - local actions="make_tags|refresh_corpusops|refresh_images|build|gen_travis|gen_gh|gen|list_images|clean_tags|get_namespace_tag" + local actions="make_tags|refresh_corpusops|refresh_images|build|gen_travis|gen_gh|gen|list_images|clean_tags|get_namespace_tag|gen_image|get_image_tags" actions="@($actions)" action=${1-}; if [[ -n "$@" ]];then shift;fi diff --git a/packages/apt_optional_packages.txt b/packages/apt_optional_packages.txt index 6101333..9e51d0e 100644 --- a/packages/apt_optional_packages.txt +++ b/packages/apt_optional_packages.txt @@ -3,3 +3,4 @@ acl iproute2 apt-tranport-https jq +netcat diff --git a/packages/apt_packages.txt b/packages/apt_packages.txt index 9a520d6..2291db4 100644 --- a/packages/apt_packages.txt +++ b/packages/apt_packages.txt @@ -1,7 +1,6 @@ cron curl locales -netcat logrotate socat tzdata diff --git a/packages/redhat_optional_packages.txt b/packages/redhat_optional_packages.txt index dd37db3..7c4952b 100644 --- a/packages/redhat_optional_packages.txt +++ b/packages/redhat_optional_packages.txt @@ -1,9 +1,11 @@ # fedora locales # glibc-all-langpacks glibc-locale-source +p7zip p7zip-plugins busybox acl iproute cronie jq +nc diff --git a/packages/redhat_packages.txt b/packages/redhat_packages.txt index 4610aa6..c68b423 100644 --- a/packages/redhat_packages.txt +++ b/packages/redhat_packages.txt @@ -6,6 +6,5 @@ socat tar tzdata wget -p7zip rsyslog openssl diff --git a/rootfs/bin/cops_gen_cert.sh b/rootfs/bin/cops_gen_cert.sh index 9a94f7a..1706796 100755 --- a/rootfs/bin/cops_gen_cert.sh +++ b/rootfs/bin/cops_gen_cert.sh @@ -24,6 +24,22 @@ export SSL_CERT_VALIDITY=${SSL_CERT_VALIDITY:-$SSL_INFINITE_VALIDATY} export SSL_DIR_MODE=${SSL_DIR_MODE:-"u+x,g+x,o+x"} export SSL_CERT_MODE=${SSL_CERT_MODE:-0644} export SSL_KEY_MODE=${SSL_KEY_MODE:-0640} + +SSL_DIRECTORY=${SSL_DIRECTORY-} +if [ "x${SSL_DIRECTORY}" = "x" ];then + for i in /etc/ssl /etc/ssl1.2 /etc/ssl1.1 /etc/ssl1.0 /etc/openssl;do + if [ -e $i/openssl.cnf ];then + SSL_DIRECTORY=$i + break + fi + done +fi +if [ "x${SSL_DIRECTORY}" = "x" ];then + echo "no SSL_DIRECTORY found" >&2;exit 1 +else + echo "SSL_DIRECTORY: $SSL_DIRECTORY" >&2 +fi + log() { echo "$@" >&2; } vv() { log "$@";"$@"; } open_dir_perms() { @@ -51,7 +67,7 @@ gen_cert() { done sans="$(echo "$sans"|sed -re "s/,$//g")" fi - cp -f /etc/ssl/openssl.cnf "$tmpcfg" + cp -f ${SSL_DIRECTORY}/openssl.cnf "$tmpcfg" printf "\n\n[SAN]\nsubjectAltName = $sans\n\n" >> $tmpcfg openssl req -x509 -nodes \ -key "$SSL_KEY_PATH" \ diff --git a/rootfs/bin/cron.sh b/rootfs/bin/cron.sh index bc4d45d..9f68ee2 100755 --- a/rootfs/bin/cron.sh +++ b/rootfs/bin/cron.sh @@ -12,17 +12,51 @@ DCRON_ARGS=${DCRON_ARGS:-"-b -l $DCRON_VERBOSE -S -f"} CRONIE_ARGS=${CRONIE_ARGS:-"-n -s"} CRON_CMD=${CRON_CMD-} CRON_IMPLEMENTATION=${CRON_IMPLEMENTATION-} +LOGROTATE_WEB_PATTERN=${LOGROTATE_WEB_PATTERN:-365} +LOGROTATE_DAYS_PATTERN=${LOGROTATE_DAYS_PATTERN:-"[0-9]"} +LOGROTATE_WEB_DAYS=${LOGROTATE_WEB_DAYS:-365} +LOGROTATE_DAYS=${LOGROTATE_DAYS:-7} +LOGROTATE_LONGRETENTION_DAYS=${LOGROTATE_LONGRETENTION_DAYS:-${LOGROTATE_DAYS:-30}} +LOGROTATE_SIZE=${LOGROTATE_SIZE:-5M} +RSYSLOG_DOCKER_LOGS_PATH="${RSYSLOG_DOCKER_LOGS_PATH:-"/var/log/docker"}" +RSYSLOG_DOCKER_LONGRETENTION_LOGS_PATH="${RSYSLOG_DOCKER_LONGRETENTION_LOGS_PATH:-"/var/log/docker/longretention"}" + +export SYSLOG_ONLY=${SYSLOG_ONLY-} # update default values of PAM environment variables (used by CRON scripts) if [ -e /etc/pam.d/cron ];then sed -i -re "s/^session required pam_loginuid.so/#session required pam_loginuid.so/g" /etc/pam.d/cron fi +logrotateconf=/etc/logrotate.d/rsyslog +fixlogrotateconf() { + if [ ! -e $1 ];then return;fi + if [ "x${2-}" != "x" ];then shift;fi + chmod -v g-wx,o-wx $@ +} +if [ -e $logrotateconf ];then + sed -i -r \ + -e "s/rotate $LOGROTATE_WEB_PATTERN/rotate $LOGROTATE_WEB_DAYS/g" \ + -e "s/rotate ${LOGROTATE_DAYS_PATTERN}$/rotate $LOGROTATE_DAYS/g" \ + -e "s/size .*/size $LOGROTATE_SIZE/g" \ + -e "s|/var/log/docker/\*|$RSYSLOG_DOCKER_LOGS_PATH/*|g" \ + -e "s|/var/log/docker/longretention|$RSYSLOG_DOCKER_LONGRETENTION_LOGS_PATH|g" \ + $logrotateconf + if [ "x$SYSLOG_ONLY" != "x" ];then + for i in /etc/logrotate.d/nginx;do if [ -e "$i" ];then rm -f "$i";fi;done + fi + fixlogrotateconf /etc/logrotate.d "/etc/logrotate.d/*" + fixlogrotateconf /etc/logrotate.conf +fi if [ -e /etc/security/pam_env.conf ];then - env | grep -- = | while read -r line; do # read STDIN by line - # split LINE by "=" - var=$(echo "$line"|sed -re "s/\s*=.*//g") - val=$(echo "$line"|sed -re "s/^[^=]+=\s*//g") + # split LINE by "=", multiline values are unsupported as pam_env wont eat them + for var in $(awk 'BEGIN{for (i in ENVIRON) {print i}}');do + val="$(eval echo '"$'"$var"'"')" + if $(echo "$val"|grep -qzP "\\n.*\\n");then + echo "Unsetting multiline envvar: \$$var" + eval "unset $var" || true + continue + fi # remove existing definition of environment variable, ignoring exit code - sed --in-place "/^${var}[[:blank:]=]/d" /etc/security/pam_env.conf || true + sed --in-place "/^$(echo ${var})[[:blank:]=]/d" /etc/security/pam_env.conf || true # append new default value of environment variable echo "${var} DEFAULT=\"${val}\"" >> /etc/security/pam_env.conf done diff --git a/rootfs/bin/fix_letsencrypt.sh b/rootfs/bin/fix_letsencrypt.sh new file mode 100755 index 0000000..c25366c --- /dev/null +++ b/rootfs/bin/fix_letsencrypt.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash +set -e +if [ -e /etc/lsb-release ];then + DISTRIB_ID=$(. /etc/lsb-release;echo ${DISTRIB_ID}) + DISTRIB_CODENAME=$(. /etc/lsb-release;echo ${DISTRIB_CODENAME}) + DISTRIB_RELEASE=$(. /etc/lsb-release;echo ${DISTRIB_RELEASE}) +elif [ -e /etc/os-release ];then + DISTRIB_ID=$(. /etc/os-release;echo $ID) + DISTRIB_CODENAME=$(. /etc/os-release;echo $VERSION) + DISTRIB_CODENAME=$(echo $DISTRIB_CODENAME |sed -e "s/.*(\([^)]\+\))/\1/") + DISTRIB_RELEASE=$(. /etc/os-release;echo $VERSION_ID) +elif [ -e /etc/debian_version ];then + DISTRIB_ID=debian + DISTRIB_CODENAME=$(head -n1 /etc/apt/sources.list | awk '{print $3}') + DISTRIB_RELEASE=$(echo $(head /etc/issue)|awk '{print substr($3,1,1)}') +elif [ -e /etc/redhat-release ];then + DISTRIB_ID=$(echo $(head /etc/issue)|awk '{print tolower($1)}') + DISTRIB_CODENAME=$(echo $(head /etc/issue)|awk '{print substr(substr($4,2),1,length($4)-2)}');echo $DISTRIB_RELEASE + DISTRIB_RELEASE=$(echo $(head /etc/issue)|awk '{print tolower($3)}') +fi +if ( echo ${DISTRIB_ID}${DISTRIB_CODENAME} | grep -E -iq ubuntutrusty ) ;then + set -x + sed -i -re 's/mozilla\/DST_Root_CA_X3.crt/!mozilla\/DST_Root_CA_X3.crt/' /etc/ca-certificates.conf + dpkg-reconfigure -fnoninteractive ca-certificates + update-ca-certificates + set -x +fi +if (apt-get --version &>/dev/null) && (curl --version &>/dev/null) && ! (curl https://community.letsencrypt.org &>/dev/null);then + apt-get update -yqq + apt-get install -y $(dpkg -l|grep -E "ii.*(ssl|ca-certificates|gnutls)"|awk '{print $2}') +fi +# vim:set et sts=4 ts=4 tw=80: diff --git a/rootfs/bin/infest.sh b/rootfs/bin/infest.sh new file mode 100755 index 0000000..4ba7097 --- /dev/null +++ b/rootfs/bin/infest.sh @@ -0,0 +1,42 @@ +#!/usr/bin/env sh +set -e +# to be added inside vanilla images to infest from corpusops image mounted via buildkit in /s prefix +NO_PKGS_INSTALL=${NO_PKGS_INSTALL-} +NO_HELPERS_SYNC=${NO_HELPERS_SYNC-} +# assuming we are in $prefix/bin +if [ "x${SDEBUG-}" != "x" ];then set -x;fi +W=$(cd $(dirname $(readlink -f $0)) && pwd) +T=$(cd $W/.. && pwd) +log() { echo $@ >&2; } +pkgs="" +cd "$T" +if [ "x$NO_PKGS_INSTALL" = "x" ];then + for i in logrotate rsync rsyslog curl openssh-client;do + if ! ( $i --version &>/dev/null );then + log "installing $i" + pkgs="$pkgs $i" + fi + done + if ( apk --version &>/dev/null );then + pkgs="$pkgs dcron" + else + pkgs="$pkgs cron" + fi + if [ "x$pkgs" != "x" ];then + WANTED_EXTRA_PACKAGES="$pkgs" $W/cops_pkgmgr_install.sh + fi +fi +if [ "x$NO_HELPERS_SYNC" = "x" ] && ! ( echo $T | grep -E -q "^/$" );then + for i in \ + etc/rsyslog.d/ \ + etc/supervisor.d/ \ + etc/logrotate.d/ \ + bin/cron.sh \ + bin/rsyslog.sh \ + cops_helpers/ + do + rsync -aAHv --numeric-ids $i /$i + done +fi +cd - +# vim:set et sts=4 ts=4 tw=0: diff --git a/rootfs/bin/install_cops_helpers.sh b/rootfs/bin/install_cops_helpers.sh new file mode 100755 index 0000000..107a5e8 --- /dev/null +++ b/rootfs/bin/install_cops_helpers.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env sh +SKIP_HELPERS_SERVICE="${SKIP_HELPERS_SERVICE-}" +HELPERS_DIR="${HELPERS_DIR:-/helpers}" +HELPERS_FLAG="${HELPERS_FLAG:-$HELPERS_DIR/.started}" +HELPERS_PORT="${HELPERS_PORT:-8080}" +if [ ! -e "$HELPERS_DIR" ];then mkdir -pv "$HELPERS_DIR";fi +if [ -e "$HELPERS_FLAG" ];then rm -f "$HELPERS_FLAG";fi +if ( rsync --version >/dev/null 2>&1 );then + rsync -av /cops_helpers/ $HELPERS_DIR/ +else + cp -arfv /cops_helpers/* $HELPERS_DIR/ +fi +touch "$HELPERS_FLAG" +if [ "x${SKIP_HELPERS_SERVICE}" = "x" ];then + echo "Starting dummy HTTP server on port $HELPERS_PORT" + while true;do printf "HTTP/1.1 200 OK\nContent-Length: 8\n\nstarted\n" | ( nc -l -p $HELPERS_PORT || /bin/true );done +fi +# vim:set et sts=4 ts=4 tw=0: diff --git a/rootfs/bin/nginx.sh b/rootfs/bin/nginx.sh index e7521db..d249111 100755 --- a/rootfs/bin/nginx.sh +++ b/rootfs/bin/nginx.sh @@ -15,6 +15,7 @@ export SSL_CERTS_PATH=${SSL_CERTS_PATH:-"/certs"} export SSL_CERT_BASENAME="${SSL_CERT_BASENAME:-"cert"}" export SSL_CERT_PATH=${SSL_CERT_PATH:-"${SSL_CERTS_PATH}/$SSL_CERT_BASENAME.crt"} export SSL_KEY_PATH=${SSL_KEY_PATH:-"${SSL_CERTS_PATH}/$SSL_CERT_BASENAME.key"} +export NGINX_INJECT_DIR="${NGINX_INJECT_DIR:-/nginx.d}" export NGINX_HTTP_PROTECT_USER=${NGINX_HTTP_PROTECT_USER:-root} export NGINX_HTTP_PROTECT_PASSWORD=${NGINX_HTTP_PROTECT_PASSWORD-} export NGINX_SKIP_CHECK="${NGINX_SKIP_CHECK-}" @@ -34,23 +35,76 @@ export NGINX_FREP_SKIP=${NGINX_FREP_SKIP:-"(\.skip|\.skipped)$"} export NGINX_SKIP_EXPOSE_HOST="${NGINX_SKIP_EXPOSE_HOST-}" export NGINX_DH_FILE="${NGINX_DH_FILE-/certs/dhparams.pem}" export NGINX_DH_FILES="$NGINX_DH_FILE" +export NGINX_PASSWORDS_DIR="${NGINX_PASSWORDS_DIR:-/etc/htpasswd}" +export NGINX_PASSWORD_FILE="${NGINX_PASSWORD_FILE:-${NGINX_PASSWORDS_DIR}/protect}" export NGINX_CONF_RENDER_DIR="${NGINX_CONF_RENDER_DIR:-"/tmp/nginxconf"}" -export NGINX_CONFIGS="${NGINX_CONFIGS-"$( \ - find "$NGINX_CONF_DIR" -type f \ - |grep -E -v "$NGINX_FREP_SKIP|\.template$") +# let cron wrapper script use the custom nginx conf +export NO_NGINX_LOGROTATE=${NO_NGINX_LOGROTATE-} +export VHOST_TEMPLATES="${VHOST_TEMPLATES-"/etc/nginx/conf.d/default.conf"}" +export VHOST_TEMPLATE_EXTS="${VHOST_TEMPLATE_EXTS:-frep template}" +export NGINX_CONFIGS="${NGINX_CONFIGS-" +$(find "$NGINX_CONF_DIR" -type f |grep -E -v "$NGINX_FREP_SKIP|\.($(echo $VHOST_TEMPLATE_EXTS|sed -re "s/ /|/g"))$") /etc/logrotate.d/nginx"}" +create_file() { + for i in $@;do + if [ ! -e "$(dirname $i)" ];then mkdir -p "$(dirname $i)";fi + if [ -d "$i" ];then if [ "x$(ls -A "$i"||true)" = "x" ];then rm -rf "$i";fi;fi + touch "$i" && chown $NGINX_USER:$NGINX_USER "$i" && chmod 640 "$i" + done +} log() { echo "$@" >&2; } vv() { log "$@";"$@"; } -touch /etc/htpasswd-protect -chmod 644 /etc/htpasswd-protect -if [ "x$NGINX_HTTP_PROTECT_PASSWORD" != "x" ];then - echo "Activating htpasswd for $NGINX_HTTP_PROTECT_USER">&2 - echo "$NGINX_HTTP_PROTECT_PASSWORD" \ - | htpasswd -bim /etc/htpasswd-protect "$NGINX_HTTP_PROTECT_USER" +# refresh /etc/hosts for adjacents services & job container in gitab-ci +if [ "x${REFRESH_HOSTS_FROM_CI-}" = "x1" ] && [ "x${COMMON_HOSTS_FILE}" != "x" ];then + while [ ! -e $COMMON_HOSTS_FILE ];do sleep 1;done + cat ${COMMON_HOSTS_FILE}>>/etc/hosts +fi +# refresh VHOST from current CI checkout +if [ "x${REFRESH_VHOST_FROM_CI-}" = "x1" ];then + CI_VHOST=${CI_VHOST:-$CI_PROJECT_DIR/sys/etc/nginx/vhost.conf.template} + cp -vf $CI_VHOST /etc/nginx/conf.d/default.conf.template fi -if [[ -z ${NGINX_SKIP_EXPOSE_HOST} ]];then - ip -4 route list match 0/0 \ - | awk '{print $3" host.docker.internal"}' >> /etc/hosts +if [ "x${NGINX_USER}" = "x" ];then + for i in www-data nginx www root;do + if (getent passwd $i >/dev/null 2>&1);then NGINX_USER=$i;fi + done +fi +# patch rsyslog default conf not to interfer with nginx self contained +for i in /etc/logrotate.d/rsyslog;do + if [ -e $i ];then + # do not crash on this + ( sed -i -re "/\/nginx\/|nginx.log|\/\*-(error|access)/ d" $i || true) + fi +done +# We search for XXX_HTTP_PROTECT_PASSWORD/XXX_HTTP_PROTECT_USER/XXX_HTTP_PROTECT_FILE envvars +# to generate relative htpasswd files +# Note that $NGINX_PASSWORD_FILE will receive all defined password pairs +OIFS=${IFS-} +IFS=$'\n' +for envline in $(env|grep -E "^([^\s ]+_)?HTTP_PROTECT_PASSWORD=");do + password="$(echo $envline|sed -re "s/^([^=]+)=(.*)/\2/g")" + variable="$(echo $envline|sed -re "s/^([^=]+)=(.*)/\1/g")" + if [ "x${password}" != "x" ];then + uservariable="$(echo $variable|sed -re "s/PASSWORD$/USER/g")" + filevariable="$(echo $variable|sed -re "s/PASSWORD$/FILE/g")" + prefix="$(echo "$variable"|tr '[:upper:]' '[:lower:]'|sed -re "s/_http_protect_password//gi")" + default_passwdfile="$NGINX_PASSWORDS_DIR/${prefix}protect" + passwd_file="$(eval "echo "\${${filevariable}:-\$default_passwdfile}"")" + passwd_user="$(eval "echo "\${${uservariable}:-root}"")" + log "Generating HTPASSWD for $uservariable ($passwd_file & $NGINX_PASSWORD_FILE)" + for i in "$passwd_file" "$NGINX_PASSWORD_FILE";do + create_file "$i" && echo "$password"| htpasswd -bim "$i" "$passwd_user" + done + fi +done +IFS=${OIFS} +# retrocompat: link all subpassword files in /etc/htpasswd/* to /etc/htpasswd-$i counterparts +for i in $(find "$NGINX_PASSWORDS_DIR" -type f -maxdepth 1);do ln -sfv "$i" "/etc/htpasswd-$(basename $i)";done +### +if [ "x${NGINX_SKIP_EXPOSE_HOST}" = "x" ];then + if ( ip -4 route list match 0/0 >/dev/null 2>&1 );then + ip -4 route list match 0/0 | awk '{print $3" host.docker.internal"}' >> /etc/hosts + fi fi if [ "x$NGINX_STD_OUTPUT" = "x" ] && [ "x$NGINX_AUTOCLEANUP_LOGS" != "x" ];then for i in $NGINX_LOGS_DIR;do rm -fv $NGINX_LOGS_DIR/*;done @@ -60,16 +114,19 @@ for e in $NGINX_LOGS_DIRS $NGINX_CONF_DIR;do if [ "x$NO_CHOWN" != "x" ] && [ -e "$e" ];then chown "$NGINX_USER" "$e";fi done if [ "x$SKIP_CONF_RENDER" = "x" ];then - for i in $NGINX_CONFIGS;do frep $i:$i --overwrite;done + for i in $NGINX_CONFIGS;do frep "$i:$i" --overwrite;done + for v in ${VHOST_TEMPLATES};do + for e in ${VHOST_TEMPLATE_EXTS};do + if [ -e $v.$e ];then frep "${v}.$e:$v" --overwrite;fi + done + done fi # also render an eventual /nginx.d folder -if [ "x$SKIP_EXTRA_CONF" = "x" ] && [ -e /nginx.d ];then +if [ "x$SKIP_EXTRA_CONF" = "x" ] && [ -e "$NGINX_INJECT_DIR" ];then log "Nginx conf injection directory present, processing" - if [ -e "$NGINX_CONF_RENDER_DIR" ];then - rm -rf "$NGINX_CONF_RENDER_DIR" - fi + if [ -e "$NGINX_CONF_RENDER_DIR" ];then rm -rf "$NGINX_CONF_RENDER_DIR";fi mkdir -p "$NGINX_CONF_RENDER_DIR" - cp -rf /nginx.d/* "$NGINX_CONF_RENDER_DIR" + cp -rf "$NGINX_INJECT_DIR"/* "$NGINX_CONF_RENDER_DIR" if [ "x$SKIP_CONF_RENDER" = "x" ];then for v in $(cd "$NGINX_CONF_RENDER_DIR" && find . -type f);do if (echo "$f" |grep -E -v "$NGINX_FREP_SKIP");then @@ -95,15 +152,15 @@ else if ( $NGINX_BIN -h 2>&1|grep -q -- -T; );then if ( nginx -t &>/dev/null );then for i in $($NGINX_BIN -T \ - | grep -E "\s*ssl_dhparam"\ + | grep -E "\s*ssl_dhparam" | grep -v "{{" \ | awk '{print $2}'|sed -re "s/;//g"|awk '!seen[$0]++' );do NGINX_DH_FILES="$NGINX_DH_FILES $i" done else nginxconfs="$(find /etc/nginx/ -type f|xargs cat)" - if [ "x$nginxconfs" != "x0" ];then + if [ "x$(echo "$nginxconfs"|wc -l)" != "x0" ];then for i in $( echo "$nginxconfs"\ - | grep -E "\s*ssl_dhparam"\ + | grep -E "\s*ssl_dhparam" | grep -v "{{" \ | awk '{print $2}'|sed -re "s/;//g"|awk '!seen[$0]++' );do NGINX_DH_FILES="$NGINX_DH_FILES $i" done @@ -148,7 +205,7 @@ fi DEFAULT_NGINX_DEBUG_BIN=$(which nginx-debug 2>/dev/null ) NGINX_DEBUG_BIN=${NGINX_DEBUG_BIN-$DEFAULT_NGINX_DEBUG_BIN} # if debug is enabled, try to see if we need to switch binary -if ( grep -E -rvh "^(\s|\t| )*#" $NGINX_CONF_DIR | grep -E -rq "error_log .* debug" ) && \ +if ( grep -E -rvh "^(\s|\t| )*#" $NGINX_CONF_DIR | grep -E -q "error_log .* debug" ) && \ [ "x$NGINX_DEBUG_BIN" != "x" ];then NGINX_BIN="$NGINX_DEBUG_BIN" fi @@ -157,4 +214,4 @@ if [ "x$NGINX_SKIP_CHECK" = "x" ];then fi set -x exec $NGINX_BIN "$@" -# vim:set et sts=4 ts=4 tw=80: +# vim:set et sts=4 ts=4 tw=0: diff --git a/rootfs/bin/project_dbsetup.sh b/rootfs/bin/project_dbsetup.sh new file mode 100755 index 0000000..33bd98e --- /dev/null +++ b/rootfs/bin/project_dbsetup.sh @@ -0,0 +1,72 @@ +#!/usr/bin/env sh +set -e +export DEBUG="${DEBUG-}" +export DB_SLEEP_TIME="${DB_SLEEP_TIME:-0.1}" +export DB_SERVICE_MODE=${DB_SERVICE_MODE-} +export DB_STARTUP_TIMEOUT="${DB_STARTUP_TIMEOUT-45s}" +export DB_MODE="${DB_MODE-postgresql}" +if ( echo "$DB_MODE" | grep -q post );then DB_MODE="postgres";fi +if ( echo "$DB_MODE" | grep -qE "maria|mysql" );then DB_MODE="mysql";fi +if ( echo $DB_MODE|grep -q mysql );then + export MYSQL_USER=${MYSQL_USER-} + export MYSQL_PASSWORD=${MYSQL_PASSWORD-} + export MYSQL_HOST=${MYSQL_HOST-} + export MYSQL_PORT=${MYSQL_PORT-} + export MYSQL_DB=${MYSQL_DB-} +fi +if ( echo $DB_MODE|grep -q post );then + export POSTGRES_HAS_POSTGIS="${POSTGRES_HAS_POSTGIS-}" + export POSTGRES_USER=${POSTGRES_USER-} + export POSTGRES_PASSWORD=${POSTGRES_PASSWORD-} + export POSTGRES_HOST=${POSTGRES_HOST-} + export POSTGRES_PORT=${POSTGRES_PORT-} + export POSTGRES_DB=${POSTGRES_DB-} +fi +if [ "x${SDEBUG-}" = "x1" ];then set -x;fi + +debuglog() { if [ "x$DEBUG" != "x" ];then echo "$@" >&2;fi; } + +log() { echo "$@" >&2; } + +vv() { log "$@";"$@"; } + +wait_for_mysql() { + flag=/tmp/started_$(echo $MYSQL_DB|sed -re "s![/:]!__!g") + if [ -e "$flag" ];then rm -f "$flag";fi + debuglog "Try connection to mysql: $MYSQL_DB & wait for db init" >&2 + set +x + ( while true;do if ( \ + echo "select 1;"\ + | mysql --user="$MYSQL_USER" --password="$MYSQL_PASSWORD" --host="$MYSQL_HOST" "$MYSQL_DB" );then touch $flag && break;fi;done )& + dockerize -wait file://$flag -timeout ${DB_STARTUP_TIMEOUT} 2>/dev/null +} + +wait_for_postgres() { + flag=/tmp/started_$(echo $POSTGRES_DB|sed -re "s![/:]!__!g") + if [ -e "$flag" ];then rm -f "$flag";fi + debuglog "Try connection to pgsql: $POSTGRES_DB & wait for db init" + query="\pset pager off\n\pset tuples_only\nselect 1" + if [ "x${POSTGRES_HAS_POSTGIS}" = "x1" ];then query="$query from spatial_ref_sys limit 1;select postgis_version();\n";fi + ( while true;do if ( set +x && \ + printf "$query"|psql -qv ON_ERROR_STOP=1 \ + "postgres://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB" >/dev/null );then touch $flag && break;fi;sleep ${DB_SLEEP_TIME};done; )& + + dockerize -wait file://$flag -timeout ${DB_STARTUP_TIMEOUT} 2>/dev/null +} + +wait_for_zeo() { + flag=/tmp/started_$(echo ${ZEO_ADDRESS}|sed -re "s![/:]!__!g") + if [ -e "$flag" ];then rm -f "$flag";fi + debuglog "Try connection to zeo: $ZEO_ADDRESS" + ( while true;do if ( set +x && \ + echo is_up|busybox nc $(echo "${ZEO_ADDRESS}"|sed -re "s![/:]! !g") >/dev/null );then touch $flag && break;fi;sleep ${DB_SLEEP_TIME};done; )& + dockerize -wait file://$flag -timeout ${DB_STARTUP_TIMEOUT} 2>/dev/null +} + +if [ "x${DB_MODE}" != "x" ] && [ "x${SKIP_STARTUP_DB}" = "x" ]; then + if ! ( "wait_for_${DB_MODE}"; );then log "DB not available";exit 1;fi + if [ "x${DB_SERVICE_MODE}" = "x1" ];then + while true;do printf "HTTP/1.1 200 OK\nContent-Length: 8\n\nstarted"| ( busybox nc -l -p 80 || /bin/true );done + fi +fi +# vim:set et sts=4 ts=4 tw=0: diff --git a/rootfs/bin/project_mailhog.sh b/rootfs/bin/project_mailhog.sh new file mode 100755 index 0000000..41e05ec --- /dev/null +++ b/rootfs/bin/project_mailhog.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash +set -e + +export MH_STORAGE="${MH_STORAGE:-maildir}" +export MH_MAILDIR_PATH="${MH_MAILDIR_PATH:-/mails}" +export MH_SMTP_BIND_ADDR="${MH_SMTP_BIND_ADDR:-0.0.0.0:1025}" +export MH_API_BIND_ADDR="${MH_API_BIND_ADDR:-0.0.0.0:8025}" +export MH_UI_BIND_ADDR="${MH_UI_BIND_ADDR:-${MH_API_BIND_ADDR:-0.0.0.0:8025}}" +export MH_UI_WEB_PATH="${MH_UI_WEB_PATH:-/mailcatcher}" +export MH_AUTH_FILE="${MH_AUTH_FILE:-/home/mailhog/pw}" + +if [ ! -e "$MH_MAILDIR_PATH" ];then mkdir "$MH_MAILDIR_PATH";fi +chown mailhog "$MH_MAILDIR_PATH" +pw=$(MH_AUTH_FILE="" MailHog bcrypt "${MAILCATCHER_PASSWORD:-mailcatcher}") +echo "${MAILCATCHER_USER:-mailcatcher}:$pw" > $MH_AUTH_FILE +if [[ -n $@ ]];then + "$@" +else + gosu mailhog MailHog "$@" +fi +# vim:set et sts=4 ts=4 tw=80: diff --git a/rootfs/bin/rsyslog.sh b/rootfs/bin/rsyslog.sh index 7bcb732..2d26be5 100755 --- a/rootfs/bin/rsyslog.sh +++ b/rootfs/bin/rsyslog.sh @@ -1,12 +1,36 @@ #!/usr/bin/env sh set -e +if [ "x${SDEBUG}" = "x" ];then set x;fi RSYSLOGD_BIN=${RSYSLOGD_BIN:-"rsyslogd"} RSYSLOGD_ARGS=${RSYSLOGD_ARGS:-"-n"} +NO_DEFAULT_RSYSLOGD_CONF=${NO_DEFAULT_RSYSLOGD_CONF-} NO_DEFAULT_RSYSLOG_CONF=${NO_DEFAULT_RSYSLOG_CONF-} +NO_DEFAULT_LOGROTATE_CONF=${NO_DEFAULT_LOGROTATE_CONF-} +export RSYSLOG_INJECT_DIR=${RSYSLOG_INJECT_DIR:-/entry} +export LOGROTATE_CONF_DIR=${LOGROTATE_CONF_DIR:-/etc/logrotate.d} +export RSYSLOG_CONF_DIR=${RSYSLOG_CONF_DIR:-/etc/rsyslog.d} +export RSYSLOG_SPLITTED_CONFIGS=${RSYSLOG_SPLITTED_CONFIGS-} SDEBUG=${SDEBUG-} if [ "x$SDEBUG" != "x" ];then set -x;fi +if [ -e "$RSYSLOG_INJECT_DIR" ];then + cp -rfv "$RSYSLOG_INJECT_DIR"/. /etc/ +fi if [ "x${NO_DEFAULT_RSYSLOG_CONF}" = "x" ] && [ -e /etc/rsyslog.conf.frep ];then frep --overwrite /etc/rsyslog.conf.frep:/etc/rsyslog.conf fi +if [ "x${NO_DEFAULT_LOGROTATE_CONF}" = "x" ] && [ -e $LOGROTATE_CONF_DIR ];then + for i in $(ls $LOGROTATE_CONF_DIR/*.conf.frep 2>/dev/null || true);do + frep "$i:$LOGROTATE_CONF_DIR/$(basename $i .frep)" --overwrite + rm -fv "$i" + done +fi +if [ "x${NO_DEFAULT_RSYSLOGD_CONF}" = "x" ] && [ -e $RSYSLOG_CONF_DIR ];then + for i in $(ls $RSYSLOG_CONF_DIR/*.conf.frep 2>/dev/null || true);do + frep "$i:$RSYSLOG_CONF_DIR/$(basename $i .frep)" --overwrite + done +fi +if [ "x${RSYSLOG_SPLITTED_CONFIGS}" = "x" ];then + rm -f $RSYSLOG_CONF_DIR/50-dockerlog.conf || true +fi exec $RSYSLOGD_BIN $RSYSLOGD_ARGS # vim:set et sts=4 ts=4 tw=80: diff --git a/rootfs/bin/supervisord.sh b/rootfs/bin/supervisord.sh index 3f01978..904b6d4 100755 --- a/rootfs/bin/supervisord.sh +++ b/rootfs/bin/supervisord.sh @@ -5,6 +5,7 @@ if [ "x$SDEBUG" != "x" ];then set -x;fi export NO_SUPERVISORD_LOGTAIL="${NO_SUPERVISORD_LOGTAIL-1}" export SUPERVISORD_USER="${SUPERVISORD_USER:-supervisord}" export SUPERVISORD_PASSWORD="${SUPERVISORD_PASSWORD:-supervisord}" +export SUPERVISORD_CONFIGS_DIR="${SUPERVISORD_CONFIGS_DIR:-"/etc/supervisor.d"}" export SUPERVISORD_DIR="${SUPERVISORD_DIR:-"/etc/supervisord-go"}" export SUPERVISORD_DEFAULT_CFG="${SUPERVISORD_DEFAULT_CFG:-"$SUPERVISORD_DIR/supervisord.conf"}" export SUPERVISORD_SOCKET_PATH="${SUPERVISORD_SOCKET_PATH:-"$SUPERVISORD_DIR/sock/supervisord.sock"}" @@ -106,7 +107,7 @@ for i in $SUPERVISORD_LOGSDIR $SUPERVISORD_DIR;do done SUPERVISORD_CFG="${SUPERVISORD_CFG:-"$SUPERVISORD_DIR/supervisord.conf"}" DEFAULT_SUPERVISORD_CONFIGS=" -$( (find /etc/supervisord.d /etc/supervisor.d -type f 2>/dev/null || /bin/true)|grep -v $SUPERVISORD_CFG|sort -d|awk '!seen[$0]++') +$( (find /etc/supervisord.d "$SUPERVISORD_CONFIGS_DIR" -type f 2>/dev/null || /bin/true)|grep -v $SUPERVISORD_CFG|sort -d|awk '!seen[$0]++') $( (find \ /etc/supervisor $SUPERVISORD_DIR /etc/supervisord \ -type f -and \( -name '*.conf' -or -name '*.ini' \) -and min-depth 2\ @@ -117,7 +118,7 @@ SUPERVISORD_CONFIGS_= for i in $SUPERVISORD_CONFIGS;do j=$i if ! ( echo $i | grep -E -q ^/ );then - j=/etc/supervisor.d/$j + j="$SUPERVISORD_CONFIGS_DIR/$j" fi if [ "x$SUPERVISORD_CONFIGS_" != "x" ];then SUPERVISORD_CONFIGS_="${SUPERVISORD_CONFIGS_} " diff --git a/rootfs/etc/logrotate.conf b/rootfs/etc/logrotate.conf index 92daa8a..ecdaa6d 100644 --- a/rootfs/etc/logrotate.conf +++ b/rootfs/etc/logrotate.conf @@ -14,6 +14,7 @@ create # use date as a suffix of the rotated file #dateext +tabooext + .apk-new # uncomment this if you want your log files compressed #compress diff --git a/rootfs/etc/logrotate.d/nginx b/rootfs/etc/logrotate.d/nginx index 0df7920..22f359f 100644 --- a/rootfs/etc/logrotate.d/nginx +++ b/rootfs/etc/logrotate.d/nginx @@ -11,6 +11,7 @@ /var/log/nginx/*.log { daily + nodateext missingok rotate {{.Env.NGINX_ROTATE}} compress diff --git a/rootfs/etc/logrotate.d/rsyslog b/rootfs/etc/logrotate.d/rsyslog index cb6feec..b46d095 100644 --- a/rootfs/etc/logrotate.d/rsyslog +++ b/rootfs/etc/logrotate.d/rsyslog @@ -1,14 +1,34 @@ -/var/log/syslog +# to be processed by frep +/log/apache*/*-error.log +/log/apache*/*-access.log +/logs/apache*/*-error.log +/logs/apache*/*-access.log +/log/nginx/*-error.log +/log/nginx/*-access.log +/logs/nginx/*-error.log +/logs/nginx/*-access.log +/log/*-error.log +/log/*-access.log +/logs/*-error.log +/logs/*-access.log +/var/log/apache2/*.log +/var/log/apache/*.log +/var/log/haproxy/*.log +/var/log/nginx/*.log +/var/log/docker/longretention/*.log { - rotate 7 + rotate 365 + nodateext daily + size 200M missingok notifempty - delaycompress compress + sharedscripts postrotate - if [ -e /usr/lib/rsyslog/rsyslog-rotate ];then /usr/lib/rsyslog/rsyslog-rotate;fi + if [ -e /usr/lib/rsyslog/rsyslog-rotate ];then /usr/lib/rsyslog/rsyslog-rotate;else /usr/bin/killall -HUP rsyslogd;fi endscript + } /var/log/mail.info @@ -23,15 +43,33 @@ /var/log/cron.log /var/log/debug /var/log/messages +/var/log/syslog { - rotate 4 - weekly + rotate 7 + nodateext + daily + size 200M missingok notifempty compress delaycompress sharedscripts postrotate - if [ -e /usr/lib/rsyslog/rsyslog-rotate ];then /usr/lib/rsyslog/rsyslog-rotate;fi + if [ -e /usr/lib/rsyslog/rsyslog-rotate ];then /usr/lib/rsyslog/rsyslog-rotate;else /usr/bin/killall -HUP rsyslogd;fi + endscript +} + +/var/log/docker/*.log +{ + rotate 4 + nodateext + daily + size 200M + missingok + notifempty + compress + nosharedscripts + postrotate + if [ -e /usr/lib/rsyslog/rsyslog-rotate ];then /usr/lib/rsyslog/rsyslog-rotate;else /usr/bin/killall -HUP rsyslogd;fi endscript } diff --git a/rootfs/etc/rsyslog.conf.frep b/rootfs/etc/rsyslog.conf.frep index a6e465f..f6f7bde 100644 --- a/rootfs/etc/rsyslog.conf.frep +++ b/rootfs/etc/rsyslog.conf.frep @@ -1,13 +1,20 @@ +$RepeatedMsgReduction {{ .Env.RSYSLOG_REPEATED_MSG_REDUCTION | default "on" }} +# The default value is 8k. When the size of one log line > 8k, the line +# is truncated and causes mess in log file directory +$MaxMessageSize 32k +# provides support for local system logging $ModLoad imuxsock $outchannel rsyslog_outfile,{{ .Env.RSYSLOG_OUTFILE|default "/var/log/messages" }}, {{ .Env.RSYSLOG_OUTFILE_SIZE|default "500000000" }},/etc/periodic/daily/logrotate $template dockerFormat,"{{ .Env.RSYSLOG_LOGFORMAT|default "<%PRI%> %timegenerated% %HOSTNAME% %syslogtag% %msg%\\n" }}" $ActionFileDefaultTemplate dockerFormat {{ $outstdout := .Env.RSYSLOG_OUT_SDTOUT |default "notset" }} {{ $outlogfile := .Env.RSYSLOG_OUT_LOGFILE|default "notset" }} +{{ $confdir := .Env.RSYSLOG_CONF_DIR|default "/etc/rsyslog.d" }} +{{ $splitconf := .Env.RSYSLOG_SPLITTED_CONFIGS|default "0" }} {{ if ne $outstdout "n" }} *.*;auth,authpriv.none /dev/stdout {{ end }} -{{ if ne $outlogfile "n" }} +{{ if and (ne $outlogfile "n") (ne $splitconf "1") }} *.*;auth,authpriv.none :omfile:$rsyslog_outfile {{ end }} -$IncludeConfig /etc/rsyslog.d/*.conf +$IncludeConfig {{$confdir}}/*.conf diff --git a/rootfs/etc/rsyslog.d/50-dockerlog.conf.frep b/rootfs/etc/rsyslog.d/50-dockerlog.conf.frep new file mode 100644 index 0000000..04bc0ac --- /dev/null +++ b/rootfs/etc/rsyslog.d/50-dockerlog.conf.frep @@ -0,0 +1,13 @@ +# Rsyslog configuration file for docker. +{{ $LOGS_PATH := .Env.RSYSLOG_DOCKER_LOGS_PATH | default "/var/log/docker" }} +{{ $LONGRETENTION_LOGS_PATH := .Env.RSYSLOG_DOCKER_LONGRETENTION_LOGS_PATH | default "/var/log/docker/longretention" }} +{{ $LONGRETENTION_LOGS_PATTERN := .Env.RSYSLOG_DOCKER_LONGRETENTION_PATTERN | default "^(lb|ftp|ssh|nginx|proxy|traefik|haproxy|apache)" }} +template(name="DynaFileDockerLR" type="string" string="{{$LONGRETENTION_LOGS_PATH}}/%programname%.log") +template(name="DynaFileDocker" type="string" string="{{$LOGS_PATH}}/%programname%.log") +if re_match($programname, '{{$LONGRETENTION_LOGS_PATTERN}}') then { + action(type="omfile" dynaFile="DynaFileDockerLR" template="dockerFormat") +} +else { + action(type="omfile" dynaFile="DynaFileDocker" template="dockerFormat") +} + diff --git a/rootfs/etc/rsyslog.d/50-net.conf.frep b/rootfs/etc/rsyslog.d/50-net.conf.frep new file mode 120000 index 0000000..d5d9a92 --- /dev/null +++ b/rootfs/etc/rsyslog.d/50-net.conf.frep @@ -0,0 +1 @@ +50-net.conf.sample \ No newline at end of file diff --git a/rootfs/etc/rsyslog.d/50-net.conf.sample b/rootfs/etc/rsyslog.d/50-net.conf.sample index 20ba5d7..146d2ea 100644 --- a/rootfs/etc/rsyslog.d/50-net.conf.sample +++ b/rootfs/etc/rsyslog.d/50-net.conf.sample @@ -1,5 +1,7 @@ -$RepeatedMsgReduction on +{{ $port := .Env.RSYSLOG_PORT |default "10514" }} +{{ $tport := .Env.RSYSLOG_TCP_PORT |default $port }} +{{ $uport := .Env.RSYSLOG_UDP_PORT |default $port }} $ModLoad imudp -$UDPServerRun 514 +$UDPServerRun {{$uport}} $ModLoad imtcp -$InputTCPServerRun 514 +$InputTCPServerRun {{$tport}} diff --git a/rootfs/etc/supervisor.d/cron b/rootfs/etc/supervisor.d/cron index 9c84be8..8fb73e3 100644 --- a/rootfs/etc/supervisor.d/cron +++ b/rootfs/etc/supervisor.d/cron @@ -1,6 +1,6 @@ [program:crond] -command = /bin/cron.sh +command = cron.sh autostart = true restartpause = 5 startretries = 3 diff --git a/rootfs/etc/supervisor.d/nginx b/rootfs/etc/supervisor.d/nginx index f73c77b..ea85f8e 100644 --- a/rootfs/etc/supervisor.d/nginx +++ b/rootfs/etc/supervisor.d/nginx @@ -1,8 +1,7 @@ - [program:nginx] -command = sh -c 'set -ex\ +command = sh -c 'set -e\ && b=nginx \ - && if [ -e /bin/nginx.sh ];then b=/bin/nginx.sh;fi \ + && if ( command -v nginx.sh >/dev/null 2>&1 );then b=nginx.sh;fi \ && echo "Using $b">&2 && exec $b -g "daemon off;"' autorestart = true restartpause = 5 diff --git a/rootfs/etc/supervisor.d/rsyslog b/rootfs/etc/supervisor.d/rsyslog index fcb8e23..a83e3c9 100644 --- a/rootfs/etc/supervisor.d/rsyslog +++ b/rootfs/etc/supervisor.d/rsyslog @@ -1,6 +1,6 @@ [program:rsyslog] -command = /bin/rsyslog.sh +command = rsyslog.sh autostart = true restartpause = 5 startretries = 3