From 768b36a509a1a079f4182fbeceee757f726b2f57 Mon Sep 17 00:00:00 2001 From: Pascal Berger Date: Tue, 12 Dec 2023 08:58:25 +0100 Subject: [PATCH] Initial version for Azure CLI 2.55.0 (#2) --- .github/CODEOWNERS | 3 ++ .github/renovate.json | 13 ++++++++ .github/workflows/linter.yml | 12 +++++++ .github/workflows/publish.yml | 25 ++++++++++++++ .github/workflows/sonarcloud.yaml | 14 ++++++++ Dockerfile | 54 +++++++++++++++++++++++++++++++ README.md | 44 +++++++++++++++++++++++-- sonar-project.properties | 12 +++++++ 8 files changed, 175 insertions(+), 2 deletions(-) create mode 100644 .github/CODEOWNERS create mode 100644 .github/renovate.json create mode 100644 .github/workflows/linter.yml create mode 100644 .github/workflows/publish.yml create mode 100644 .github/workflows/sonarcloud.yaml create mode 100644 Dockerfile create mode 100644 sonar-project.properties diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..5d9f461 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,3 @@ +# These owners will be the default owners for everything in the repo and +# will be requested for review when someone opens a pull request. +* @swissgrc/platform diff --git a/.github/renovate.json b/.github/renovate.json new file mode 100644 index 0000000..10f390b --- /dev/null +++ b/.github/renovate.json @@ -0,0 +1,13 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "github>swissgrc/renovate-presets:docker" + ], + "packageRules": [ + { + "matchDepNames": [ "ghcr.io/swissgrc/azure-pipelines-dotnet" ], + "description": "No .NET SDK Major Updates", + "extends": [ ":disableMajorUpdates" ] + } + ] +} diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml new file mode 100644 index 0000000..041f720 --- /dev/null +++ b/.github/workflows/linter.yml @@ -0,0 +1,12 @@ +name: Lint Code Base + +on: + pull_request: + branches: [develop] + +jobs: + lint-image: + name: Lint Code Base + uses: swissgrc/.github/.github/workflows/lint-image.yml@main + secrets: + gh-token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..ec6ac47 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,25 @@ +name: Build + +on: + push: + branches: [develop] + release: + types: [published] + pull_request: + branches: [develop] + +jobs: + publish-image: + name: Build and push Docker image + uses: swissgrc/.github/.github/workflows/publish-image.yml@main + with: + image-name: swissgrc/azure-pipelines-azurecli + default-latest-tag: true + additional-latest-tag-name: latest-net8 + default-unstable-tag: true + additional-unstable-tag-name: unstable-net8 + release-tag-suffix: net8 + secrets: + gh-token: ${{ secrets.GITHUB_TOKEN }} + docker-username: ${{ secrets.DOCKER_USERNAME }} + docker-password: ${{ secrets.DOCKER_PASSWORD }} diff --git a/.github/workflows/sonarcloud.yaml b/.github/workflows/sonarcloud.yaml new file mode 100644 index 0000000..1bde6c8 --- /dev/null +++ b/.github/workflows/sonarcloud.yaml @@ -0,0 +1,14 @@ +name: SonarCloud +on: + push: + branches: + - develop + pull_request: + types: [opened, synchronize, reopened] +jobs: + sonarcloud: + name: SonarCloud + uses: swissgrc/.github/.github/workflows/sonarcloud.yml@main + secrets: + gh-token: ${{ secrets.GITHUB_TOKEN }} + sonar-token: ${{ secrets.SONAR_TOKEN }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..cc65dd1 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,54 @@ +# Base image containing dependencies used in builder and final image +FROM ghcr.io/swissgrc/azure-pipelines-dotnet:8.0.100 AS base + + +# Builder image +FROM base AS build + +# Make sure to fail due to an error at any stage in shell pipes +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +# renovate: datasource=repology depName=debian_12/curl versioning=deb +ENV CURL_VERSION=7.88.1-10+deb12u4 +# renovate: datasource=repology depName=debian_12/lsb-release versioning=deb +ENV LSBRELEASE_VERSION=12.0-1 +# renovate: datasource=repology depName=debian_12/gnupg2 versioning=deb +ENV GNUPG_VERSION=2.2.40-1.1 + +RUN apt-get update -y && \ + # Install necessary dependencies + apt-get install -y --no-install-recommends curl=${CURL_VERSION} lsb-release=${LSBRELEASE_VERSION} gnupg=${GNUPG_VERSION} && \ + # Add Azure CLI public key + curl -sL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > /etc/apt/trusted.gpg.d/microsoft.asc.gpg && \ + AZ_REPO=$(lsb_release -cs) && \ + echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $AZ_REPO main" > /etc/apt/sources.list.d/azure-cli.list + + +# Final image +FROM base AS final + +LABEL org.opencontainers.image.vendor="Swiss GRC AG" +LABEL org.opencontainers.image.authors="Swiss GRC AG " +LABEL org.opencontainers.image.title="azure-pipelines-azurecli" +LABEL org.opencontainers.image.documentation="https://github.com/swissgrc/docker-azure-pipelines-azurecli" + +# Make sure to fail due to an error at any stage in shell pipes +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + +WORKDIR / +COPY --from=build /etc/apt/trusted.gpg.d/ /etc/apt/trusted.gpg.d +COPY --from=build /etc/apt/sources.list.d/ /etc/apt/sources.list.d + +# Install Azure CLI + +# renovate: datasource=github-tags depName=Azure/azure-cli extractVersion=^azure-cli-(?.*)$ +ENV AZURECLI_VERSION=2.55.0 + +RUN apt-get update -y && \ + # Install Azure CLI + apt-get install -y --no-install-recommends azure-cli=${AZURECLI_VERSION}-1~bookworm && \ + # Clean up + apt-get clean && \ + rm -rf /var/lib/apt/lists/* && \ + # Smoke test + az version diff --git a/README.md b/README.md index 401e52e..2a933d2 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,42 @@ -# docker-azure-pipelines-azurecli-net8 -🐳 Docker image for running Azure CLI commands in an Azure Pipelines container job +# Docker image for running Azure CLI commands in an Azure Pipelines container job + + +[![License](https://img.shields.io/badge/license-MIT-blue.svg?style=flat-square)](https://github.com/swissgrc/docker-azure-pipelines-azurecli-net8/blob/main/LICENSE) [![Build](https://img.shields.io/github/actions/workflow/status/swissgrc/docker-azure-pipelines-azurecli-net8/publish.yml?branch=develop&style=flat-square)](https://github.com/swissgrc/docker-azure-pipelines-azurecli-net8/actions/workflows/publish.yml) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=swissgrc_docker-azure-pipelines-azurecli-net8&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=swissgrc_docker-azure-pipelines-azurecli-net8) [![Pulls](https://img.shields.io/docker/pulls/swissgrc/azure-pipelines-azurecli.svg?style=flat-square)](https://hub.docker.com/r/swissgrc/azure-pipelines-azurecli) [![Stars](https://img.shields.io/docker/stars/swissgrc/azure-pipelines-azurecli.svg?style=flat-square)](https://hub.docker.com/r/swissgrc/azure-pipelines-azurecli) + + +Docker image to run Azure CLI commands in [Azure Pipelines container jobs]. + +## Usage + +This image can be used to run Azure CLI commands in [Azure Pipelines container jobs]. + +### Azure Pipelines Container Job + +To use the image in an Azure Pipelines Container Job, add one of the following example tasks and use it with the `container` property. + +The following example shows the container used for a deployment step with a Azure CLI command: + +```yaml + - stage: deploy + jobs: + - deployment: runAzureCLI + container: swissgrc/azure-pipelines-azurecli:latest-net8 + environment: smarthotel-dev + strategy: + runOnce: + deploy: + steps: + - bash: | + az version +``` + +### Tags + +| Tag | Description | Base Image | Azure CLI | Size | +|---------------|-----------------------------------------------------------------------------------------------------------|-------------------------------------------|-----------|----------------------------------------------------------------------------------------------------------------------------------------| +| latest | Latest stable release (from `main` branch) | swissgrc/azure-pipelines-dotnet:8.0.100 | 2.55.0 | ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/swissgrc/azure-pipelines-azurecli/latest?style=flat-square) | +| latest-net8 | Identical to `latest` tag | | | ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/swissgrc/azure-pipelines-azurecli/latest-net8?style=flat-square) | +| unstable | Latest unstable release (from `develop` branch) | swissgrc/azure-pipelines-dotnet:8.0.100 | 2.55.0 | ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/swissgrc/azure-pipelines-azurecli/unstable?style=flat-square) | +| unstable-net8 | Identical to `unstable` tag | | | ![Docker Image Size (tag)](https://img.shields.io/docker/image-size/swissgrc/azure-pipelines-azurecli/unstable-net8?style=flat-square) | + +[Azure Pipelines container jobs]: https://docs.microsoft.com/en-us/azure/devops/pipelines/process/container-phases diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 0000000..0fdb7cf --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,12 @@ +sonar.projectKey=swissgrc_docker-azure-pipelines-azurecli-net8 +sonar.organization=swissgrc-opensource + +# This is the name and version displayed in the SonarCloud UI. +sonar.projectName=docker-azure-pipelines-azurecli-net8 +#sonar.projectVersion=1.0 + +# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows. +#sonar.sources=. + +# Encoding of the source code. Default is default system encoding +#sonar.sourceEncoding=UTF-8 \ No newline at end of file