Merge pull request #117 from theohbrothers/enhancement/bump-kubectl-1…

….26-variants-to-1.26.10

Enhancement: Bump kubectl 1.26 variants to 1.26.10

.github/workflows/ci-master-pr.yml

@@ -406,7 +406,7 @@ jobs:
         rm -rf /tmp/.buildx-cache
         mv /tmp/.buildx-cache-new /tmp/.buildx-cache
 
-  build-1-26-9:
+  build-1-26-10:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
@@ -437,9 +437,9 @@ jobs:
       uses: actions/cache@v3
       with:
         path: /tmp/.buildx-cache
-        key: ${{ runner.os }}-buildx-1.26.9-${{ github.sha }}
+        key: ${{ runner.os }}-buildx-1.26.10-${{ github.sha }}
         restore-keys: |
-          ${{ runner.os }}-buildx-1.26.9-
+          ${{ runner.os }}-buildx-1.26.10-
           ${{ runner.os }}-buildx-
 
     - name: Login to Docker Hub registry
@@ -452,7 +452,7 @@ jobs:
 
     # This step generates the docker tags
     - name: Prepare
-      id: prep-1-26-9
+      id: prep-1-26-10
       run: |
         set -e
 
@@ -465,7 +465,7 @@ jobs:
         # Generate docker image tags
         # E.g. 'v0.0.0-<variant>' and 'v0.0.0-abc0123-<variant>'
         # E.g. 'master-<variant>' and 'master-abc0123-<variant>'
-        VARIANT="1.26.9"
+        VARIANT="1.26.10"
         REF_VARIANT="${REF}-${VARIANT}"
         REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}"
 
@@ -475,51 +475,51 @@ jobs:
         echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_OUTPUT
         echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_OUTPUT
 
-    - name: 1.26.9 - Build (PRs)
+    - name: 1.26.10 - Build (PRs)
       # Run only on pull requests
       if: github.event_name == 'pull_request'
       uses: docker/build-push-action@v3
       with:
-        context: variants/1.26.9
+        context: variants/1.26.10
         platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
         push: false
         tags: |
-          ${{ github.repository }}:${{ steps.prep-1-26-9.outputs.REF_VARIANT }}
-          ${{ github.repository }}:${{ steps.prep-1-26-9.outputs.REF_SHA_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10.outputs.REF_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10.outputs.REF_SHA_VARIANT }}
         cache-from: type=local,src=/tmp/.buildx-cache
         cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
 
-    - name: 1.26.9 - Build and push (master)
+    - name: 1.26.10 - Build and push (master)
       # Run only on master
       if: github.ref == 'refs/heads/master'
       uses: docker/build-push-action@v3
       with:
-        context: variants/1.26.9
+        context: variants/1.26.10
         platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
         push: true
         tags: |
-          ${{ github.repository }}:${{ steps.prep-1-26-9.outputs.REF_VARIANT }}
-          ${{ github.repository }}:${{ steps.prep-1-26-9.outputs.REF_SHA_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10.outputs.REF_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10.outputs.REF_SHA_VARIANT }}
         cache-from: type=local,src=/tmp/.buildx-cache
         cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
 
-    - name: 1.26.9 - Build and push (release)
+    - name: 1.26.10 - Build and push (release)
       if: startsWith(github.ref, 'refs/tags/')
       uses: docker/build-push-action@v3
       with:
-        context: variants/1.26.9
+        context: variants/1.26.10
         platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
         push: true
         tags: |
-          ${{ github.repository }}:${{ steps.prep-1-26-9.outputs.VARIANT }}
-          ${{ github.repository }}:${{ steps.prep-1-26-9.outputs.REF_VARIANT }}
-          ${{ github.repository }}:${{ steps.prep-1-26-9.outputs.REF_SHA_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10.outputs.VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10.outputs.REF_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10.outputs.REF_SHA_VARIANT }}
         cache-from: type=local,src=/tmp/.buildx-cache
         cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
 
     # This step generates the docker tags
     - name: Prepare
-      id: prep-1-26-9-envsubst-git-jq-kustomize-sops-ssh
+      id: prep-1-26-10-envsubst-git-jq-kustomize-sops-ssh
       run: |
         set -e
 
@@ -532,7 +532,7 @@ jobs:
         # Generate docker image tags
         # E.g. 'v0.0.0-<variant>' and 'v0.0.0-abc0123-<variant>'
         # E.g. 'master-<variant>' and 'master-abc0123-<variant>'
-        VARIANT="1.26.9-envsubst-git-jq-kustomize-sops-ssh"
+        VARIANT="1.26.10-envsubst-git-jq-kustomize-sops-ssh"
         REF_VARIANT="${REF}-${VARIANT}"
         REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}"
 
@@ -542,45 +542,45 @@ jobs:
         echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_OUTPUT
         echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_OUTPUT
 
-    - name: 1.26.9-envsubst-git-jq-kustomize-sops-ssh - Build (PRs)
+    - name: 1.26.10-envsubst-git-jq-kustomize-sops-ssh - Build (PRs)
       # Run only on pull requests
       if: github.event_name == 'pull_request'
       uses: docker/build-push-action@v3
       with:
-        context: variants/1.26.9-envsubst-git-jq-kustomize-sops-ssh
+        context: variants/1.26.10-envsubst-git-jq-kustomize-sops-ssh
         platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
         push: false
         tags: |
-          ${{ github.repository }}:${{ steps.prep-1-26-9-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_VARIANT }}
-          ${{ github.repository }}:${{ steps.prep-1-26-9-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_SHA_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_SHA_VARIANT }}
         cache-from: type=local,src=/tmp/.buildx-cache
         cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
 
-    - name: 1.26.9-envsubst-git-jq-kustomize-sops-ssh - Build and push (master)
+    - name: 1.26.10-envsubst-git-jq-kustomize-sops-ssh - Build and push (master)
       # Run only on master
       if: github.ref == 'refs/heads/master'
       uses: docker/build-push-action@v3
       with:
-        context: variants/1.26.9-envsubst-git-jq-kustomize-sops-ssh
+        context: variants/1.26.10-envsubst-git-jq-kustomize-sops-ssh
         platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
         push: true
         tags: |
-          ${{ github.repository }}:${{ steps.prep-1-26-9-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_VARIANT }}
-          ${{ github.repository }}:${{ steps.prep-1-26-9-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_SHA_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_SHA_VARIANT }}
         cache-from: type=local,src=/tmp/.buildx-cache
         cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
 
-    - name: 1.26.9-envsubst-git-jq-kustomize-sops-ssh - Build and push (release)
+    - name: 1.26.10-envsubst-git-jq-kustomize-sops-ssh - Build and push (release)
       if: startsWith(github.ref, 'refs/tags/')
       uses: docker/build-push-action@v3
       with:
-        context: variants/1.26.9-envsubst-git-jq-kustomize-sops-ssh
+        context: variants/1.26.10-envsubst-git-jq-kustomize-sops-ssh
         platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
         push: true
         tags: |
-          ${{ github.repository }}:${{ steps.prep-1-26-9-envsubst-git-jq-kustomize-sops-ssh.outputs.VARIANT }}
-          ${{ github.repository }}:${{ steps.prep-1-26-9-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_VARIANT }}
-          ${{ github.repository }}:${{ steps.prep-1-26-9-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_SHA_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10-envsubst-git-jq-kustomize-sops-ssh.outputs.VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_VARIANT }}
+          ${{ github.repository }}:${{ steps.prep-1-26-10-envsubst-git-jq-kustomize-sops-ssh.outputs.REF_SHA_VARIANT }}
         cache-from: type=local,src=/tmp/.buildx-cache
         cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
 
@@ -2828,7 +2828,7 @@ jobs:
     needs:
       - build-1-28-3
       - build-1-27-7
-      - build-1-26-9
+      - build-1-26-10
       - build-1-25-14
       - build-1-24-17
       - build-1-23-17
@@ -2856,7 +2856,7 @@ jobs:
     needs:
       - build-1-28-3
       - build-1-27-7
-      - build-1-26-9
+      - build-1-26-10
       - build-1-25-14
       - build-1-24-17
       - build-1-23-17
@@ -2886,7 +2886,7 @@ jobs:
     needs:
       - build-1-28-3
       - build-1-27-7
-      - build-1-26-9
+      - build-1-26-10
       - build-1-25-14
       - build-1-24-17
       - build-1-23-17

README.md

@@ -14,8 +14,8 @@ Dockerized `kubectl` with useful tools.
 | `:1.28.3-envsubst-git-jq-kustomize-sops-ssh` | [View](variants/1.28.3-envsubst-git-jq-kustomize-sops-ssh) |
 | `:1.27.7` | [View](variants/1.27.7) |
 | `:1.27.7-envsubst-git-jq-kustomize-sops-ssh` | [View](variants/1.27.7-envsubst-git-jq-kustomize-sops-ssh) |
-| `:1.26.9` | [View](variants/1.26.9) |
-| `:1.26.9-envsubst-git-jq-kustomize-sops-ssh` | [View](variants/1.26.9-envsubst-git-jq-kustomize-sops-ssh) |
+| `:1.26.10` | [View](variants/1.26.10) |
+| `:1.26.10-envsubst-git-jq-kustomize-sops-ssh` | [View](variants/1.26.10-envsubst-git-jq-kustomize-sops-ssh) |
 | `:1.25.14` | [View](variants/1.25.14) |
 | `:1.25.14-envsubst-git-jq-kustomize-sops-ssh` | [View](variants/1.25.14-envsubst-git-jq-kustomize-sops-ssh) |
 | `:1.24.17` | [View](variants/1.24.17) |

generate/definitions/versions.json

@@ -3,7 +3,7 @@
     "versions": [
       "1.28.3",
       "1.27.7",
-      "1.26.9",
+      "1.26.10",
       "1.25.14",
       "1.24.17",
       "1.23.17",

variants/1.26.10-envsubst-git-jq-kustomize-sops-ssh/Dockerfile

@@ -0,0 +1,57 @@
+FROM alpine:3.15
+ARG TARGETPLATFORM
+ARG BUILDPLATFORM
+RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM"
+
+RUN apk add --no-cache ca-certificates
+
+# When $TARGETPLATFORM is linux/arm/v7, strip out the '/v6' or '/v7' from it
+RUN BIN_URL=https://storage.googleapis.com/kubernetes-release/release/v1.26.10/bin/$( echo $TARGETPLATFORM | sed 's@/v[67]$@@' )/kubectl \
+    && SHA512=$( wget -qO- "$BIN_URL.sha512" ) \
+    && wget -qO- "$BIN_URL"  > /usr/local/bin/kubectl \
+    && chmod +x /usr/local/bin/kubectl \
+    && sha512sum /usr/local/bin/kubectl | grep "^$SHA512 " \
+    && kubectl version --client
+
+# From: https://github.com/nginxinc/docker-nginx/blob/1.17.0/stable/alpine/Dockerfile
+# Bring in gettext so we can get `envsubst`, then throw
+# the rest away. To do this, we need to install `gettext`
+# then move `envsubst` out of the way so `gettext` can
+# be deleted completely, then move `envsubst` back.
+RUN apk add --no-cache --virtual .gettext gettext \
+    && mv /usr/bin/envsubst /tmp/ \
+    \
+    && runDeps="$( \
+        scanelf --needed --nobanner /tmp/envsubst \
+            | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \
+            | sort -u \
+            | xargs -r apk info --installed \
+            | sort -u \
+    )" \
+    && apk add --no-cache $runDeps \
+    && apk del .gettext \
+    && mv /tmp/envsubst /usr/local/bin/
+
+RUN apk add --no-cache git
+
+RUN apk add --no-cache jq
+
+RUN apk add --no-cache curl \
+    && curl -L https://github.com/kubernetes-sigs/kustomize/releases/download/v2.0.3/kustomize_2.0.3_linux_amd64 -o /usr/local/bin/kustomize \
+    && chmod +x /usr/local/bin/kustomize \
+    && apk del curl
+
+RUN set -eux; \
+    wget -qO- https://github.com/mozilla/sops/releases/download/v3.7.1/sops-v3.7.1.linux > /usr/local/bin/sops; \
+    chmod +x /usr/local/bin/sops; \
+    sha256sum /usr/local/bin/sops | grep '^185348fd77fc160d5bdf3cd20ecbc796163504fd3df196d7cb29000773657b74 '; \
+    sops --version
+
+RUN apk add --no-cache gnupg
+
+RUN apk add --no-cache openssh-client
+
+COPY docker-entrypoint.sh /docker-entrypoint.sh
+RUN chmod +x /docker-entrypoint.sh
+
+ENTRYPOINT [ "/docker-entrypoint.sh" ]

variants/1.26.10-envsubst-git-jq-kustomize-sops-ssh/docker-entrypoint.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+set -eu
+
+if [ $# -gt 0 ] && [ "${1#-}" != "$1" ]; then
+    set -- kubectl "$@"
+elif [ $# -gt 0 ] && kubectl "$1" --help > /dev/null 2>&1; then
+    set -- kubectl "$@"
+fi
+
+exec "$@"

variants/1.26.10/Dockerfile

@@ -0,0 +1,19 @@
+FROM alpine:3.15
+ARG TARGETPLATFORM
+ARG BUILDPLATFORM
+RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM"
+
+RUN apk add --no-cache ca-certificates
+
+# When $TARGETPLATFORM is linux/arm/v7, strip out the '/v6' or '/v7' from it
+RUN BIN_URL=https://storage.googleapis.com/kubernetes-release/release/v1.26.10/bin/$( echo $TARGETPLATFORM | sed 's@/v[67]$@@' )/kubectl \
+    && SHA512=$( wget -qO- "$BIN_URL.sha512" ) \
+    && wget -qO- "$BIN_URL"  > /usr/local/bin/kubectl \
+    && chmod +x /usr/local/bin/kubectl \
+    && sha512sum /usr/local/bin/kubectl | grep "^$SHA512 " \
+    && kubectl version --client
+
+COPY docker-entrypoint.sh /docker-entrypoint.sh
+RUN chmod +x /docker-entrypoint.sh
+
+ENTRYPOINT [ "/docker-entrypoint.sh" ]

variants/1.26.10/docker-entrypoint.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+set -eu
+
+if [ $# -gt 0 ] && [ "${1#-}" != "$1" ]; then
+    set -- kubectl "$@"
+elif [ $# -gt 0 ] && kubectl "$1" --help > /dev/null 2>&1; then
+    set -- kubectl "$@"
+fi
+
+exec "$@"