From d099e8395c8ca7044c1822a7007acc662d7ad558 Mon Sep 17 00:00:00 2001 From: Stephan Schnabel Date: Fri, 20 Jun 2025 10:17:46 +0200 Subject: [PATCH] 1 --- .github/workflows/build.yaml | 13 ++- .justfile | 14 ++- .woodpecker/build.yaml | 182 +++++++++++++++++++++++++++-------- .woodpecker/dockerhub.yaml | 15 ++- .woodpecker/test.yaml | 14 +-- Dockerfile | 48 ++++++++- 6 files changed, 226 insertions(+), 60 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 3ac105f..eadbe80 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -4,7 +4,7 @@ on: push jobs: - buildx: + dockerd: runs-on: ubuntu-latest steps: - uses: actions/checkout@main @@ -13,3 +13,14 @@ jobs: - uses: docker/build-push-action@master with: platforms: linux/amd64,linux/arm64 + + cli: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + - uses: docker/setup-qemu-action@master + - uses: docker/setup-buildx-action@master + - uses: docker/build-push-action@master + with: + target: cli-az-git + platforms: linux/amd64,linux/arm64 diff --git a/.justfile b/.justfile index bb40a71..91d4ae9 100644 --- a/.justfile +++ b/.justfile @@ -15,12 +15,16 @@ # Build image with local docker daemon. @build: - docker build . --tag=kokuwaio/dockerd:dev --load + docker build . --target=dockerd --tag=kokuwaio/dockerd:dev + docker build . --target=cli --tag=kokuwaio/docker-cli:dev + docker build . --target=cli-git --tag=kokuwaio/docker-cli:dev-git + docker build . --target=cli-az --tag=kokuwaio/docker-cli:dev-az + docker build . --target=cli-az-git --tag=kokuwaio/docker-cli:dev-az-git # Inspect image with docker. -@inspect: build - docker image inspect kokuwaio/dockerd:dev +@inspect IMAGE="dockerd:dev": build + docker image inspect kokuwaio/{{IMAGE}} # Inspect image layers with `dive`. -@dive: build - docker run --rm -it --volume=/var/run/docker.sock:/var/run/docker.sock:ro wagoodman/dive:latest kokuwaio/dockerd:dev +@dive IMAGE="dockerd:dev": build + dive kokuwaio/{{IMAGE}} diff --git a/.woodpecker/build.yaml b/.woodpecker/build.yaml index eb36141..39058ea 100644 --- a/.woodpecker/build.yaml +++ b/.woodpecker/build.yaml @@ -1,46 +1,13 @@ when: instance: ci.kokuwa.io - repo: woodpecker/dockerd + repo: woodpecker/docker event: [manual, push, pull_request] branch: main path: [.woodpecker/build.yaml, Dockerfile, Dockerfile.dockerignore, entrypoint.sh] -steps: - - build: - image: kokuwaio/buildctl - settings: &settings - name: registry.kokuwa.io/kokuwaio/dockerd:ci-${CI_PIPELINE_NUMBER} - auth: - registry.kokuwa.io: - username: {from_secret: kokuwa_io_username} - password: {from_secret: kokuwa_io_password} +variables: + - settings: &settings platform: [linux/amd64, linux/arm64] - annotation: - org.opencontainers.image.title: Docker Daemon WoodpeckerCI Plugin - org.opencontainers.image.description: Docker daemon for usage in WoodpeckerCI. - org.opencontainers.image.url: $CI_REPO_URL - org.opencontainers.image.documentation: $CI_REPO_URL/README.md - org.opencontainers.image.source: $CI_REPO_CLONE_URL - org.opencontainers.image.revision: $CI_COMMIT_SHA - org.opencontainers.image.vendor: kokuwa.io - org.opencontainers.image.licenses: EUPL-1.2 - org.opencontainers.image.ref.name: kokuwaio/dockerd - org.opencontainers.image.version: 28.1.1 - when: - event: pull_request - - push: - image: kokuwaio/buildctl - settings: - <<: *settings - name: - - registry.kokuwa.io/kokuwaio/dockerd:latest - - registry.kokuwa.io/kokuwaio/dockerd:28.1.1 - - docker.io/kokuwaio/dockerd:latest - - docker.io/kokuwaio/dockerd:28.1.1 - - ghcr.io/kokuwaio/dockerd:latest - - ghcr.io/kokuwaio/dockerd:28.1.1 auth: "https://index.docker.io/v1/": username: {from_secret: docker_io_username} @@ -51,6 +18,143 @@ steps: registry.kokuwa.io: username: {from_secret: kokuwa_io_username} password: {from_secret: kokuwa_io_password} - when: - event: [manual, push] - branch: main + annotation: &annotation + org.opencontainers.image.title: Docker CLI for WoodpeckerCI + org.opencontainers.image.description: Docker CLI for usage in WoodpeckerCI. + org.opencontainers.image.url: $CI_REPO_URL + org.opencontainers.image.documentation: $CI_REPO_URL/README.md + org.opencontainers.image.source: $CI_REPO_CLONE_URL + org.opencontainers.image.revision: $CI_COMMIT_SHA + org.opencontainers.image.vendor: kokuwa.io + org.opencontainers.image.licenses: EUPL-1.2 + org.opencontainers.image.ref.name: kokuwaio/docker-cli + org.opencontainers.image.version: 28.1.1 + - step: &pr + image: kokuwaio/buildctl + depends_on: [] + when: + event: pull_request + - step: &push + image: kokuwaio/buildctl + depends_on: [] + when: + event: [manual, push] + branch: main + +steps: + + dockerd-pr: + <<: *pr + settings: + <<: *settings + name: registry.kokuwa.io/kokuwaio/dockerd:ci-${CI_PIPELINE_NUMBER} + target: dockerd + annotation: + <<: *annotation + org.opencontainers.image.title: Docker Daemon for WoodpeckerCI + org.opencontainers.image.description: Docker daemon for usage in WoodpeckerCI. + org.opencontainers.image.ref.name: kokuwaio/dockerd + + cli-pr: + <<: *pr + settings: + <<: *settings + name: registry.kokuwa.io/kokuwaio/docker-cli:ci-${CI_PIPELINE_NUMBER} + target: cli + + cli-git-pr: + <<: *pr + depends_on: [cli-pr] + settings: + <<: *settings + name: registry.kokuwa.io/kokuwaio/docker-cli:ci-${CI_PIPELINE_NUMBER}-git + target: cli-git + + cli-az-pr: + <<: *pr + depends_on: [cli-pr] + settings: + <<: *settings + name: registry.kokuwa.io/kokuwaio/docker-cli:ci-${CI_PIPELINE_NUMBER}-az + target: cli-az + + cli-az-git-pr: + <<: *pr + depends_on: [cli-az-pr] + settings: + <<: *settings + name: registry.kokuwa.io/kokuwaio/docker-cli:ci-${CI_PIPELINE_NUMBER}-az-git + target: cli-az-git + + dockerd: + <<: *push + settings: + <<: *settings + name: + - registry.kokuwa.io/kokuwaio/dockerd:latest + - registry.kokuwa.io/kokuwaio/dockerd:28.1.1 + - docker.io/kokuwaio/dockerd:latest + - docker.io/kokuwaio/dockerd:28.1.1 + - ghcr.io/kokuwaio/dockerd:latest + - ghcr.io/kokuwaio/dockerd:28.1.1 + target: dockerd + annotation: + <<: *annotation + org.opencontainers.image.title: Docker Daemon for WoodpeckerCI + org.opencontainers.image.description: Docker daemon for usage in WoodpeckerCI. + org.opencontainers.image.ref.name: kokuwaio/dockerd + + cli: + <<: *push + depends_on: [cli] + settings: + <<: *settings + name: + - registry.kokuwa.io/kokuwaio/docker-cli:latest + - registry.kokuwa.io/kokuwaio/dockerd:28.1.1 + - docker.io/kokuwaio/dockerd:latest + - docker.io/kokuwaio/dockerd:28.1.1 + - ghcr.io/kokuwaio/dockerd:latest + - ghcr.io/kokuwaio/dockerd:28.1.1 + target: cli + + cli-git: + <<: *push + settings: + <<: *settings + name: + - registry.kokuwa.io/kokuwaio/docker-cli:git + - registry.kokuwa.io/kokuwaio/dockerd:28.1.1-git + - docker.io/kokuwaio/dockerd:git + - docker.io/kokuwaio/dockerd:28.1.1-git + - ghcr.io/kokuwaio/dockerd:git + - ghcr.io/kokuwaio/dockerd:28.1.1-git + target: cli-git + + cli-az: + <<: *push + depends_on: [cli] + settings: + <<: *settings + name: + - registry.kokuwa.io/kokuwaio/docker-cli:az + - registry.kokuwa.io/kokuwaio/dockerd:28.1.1-az + - docker.io/kokuwaio/dockerd:az + - docker.io/kokuwaio/dockerd:28.1.1-az + - ghcr.io/kokuwaio/dockerd:az + - ghcr.io/kokuwaio/dockerd:28.1.1-az + target: cli-az + + cli-az-git: + <<: *push + depends_on: [cli-az] + settings: + <<: *settings + name: + - registry.kokuwa.io/kokuwaio/docker-cli:az-git + - registry.kokuwa.io/kokuwaio/dockerd:28.1.1-az-git + - docker.io/kokuwaio/dockerd:az-git + - docker.io/kokuwaio/dockerd:28.1.1-az-git + - ghcr.io/kokuwaio/dockerd:az-git + - ghcr.io/kokuwaio/dockerd:28.1.1-az-git + target: cli-az-git diff --git a/.woodpecker/dockerhub.yaml b/.woodpecker/dockerhub.yaml index 3dc71fa..5639dd0 100644 --- a/.woodpecker/dockerhub.yaml +++ b/.woodpecker/dockerhub.yaml @@ -1,17 +1,28 @@ when: instance: ci.kokuwa.io - repo: woodpecker/dockerd + repo: woodpecker/docker event: [manual, push] branch: main path: [.woodpecker/dockerhub.yaml, README.md] steps: - metadata: + dockerd: image: kokuwaio/dockerhub-metadata + depends_on: [] settings: repository: kokuwaio/dockerd description-short: Docker daemon for usage in WoodpeckerCI. categories: [developer-tools, integration-and-delivery] username: {from_secret: dockerhub_username} password: {from_secret: dockerhub_password} + + docker-cli: + image: kokuwaio/dockerhub-metadata + depends_on: [] + settings: + repository: kokuwaio/docker-cli + description-short: Docker CLI for usage in WoodpeckerCI. + categories: [developer-tools, integration-and-delivery] + username: {from_secret: dockerhub_username} + password: {from_secret: dockerhub_password} diff --git a/.woodpecker/test.yaml b/.woodpecker/test.yaml index 9cbf40e..8797127 100644 --- a/.woodpecker/test.yaml +++ b/.woodpecker/test.yaml @@ -1,6 +1,6 @@ when: instance: ci.kokuwa.io - repo: woodpecker/dockerd + repo: woodpecker/docker event: pull_request path: [.woodpecker/build.yaml, .woodpecker/test.yaml, Dockerfile, Dockerfile.dockerignore, entrypoint.sh] @@ -19,19 +19,13 @@ services: steps: info: - image: kokuwaio/docker-cli + image: registry.kokuwa.io/kokuwaio/docker-cli:ci-${CI_PIPELINE_NUMBER} commands: docker info - environment: - DOCKER_HOST: tcp://dockerd:2375 pull: - image: kokuwaio/docker-cli + image: registry.kokuwa.io/kokuwaio/docker-cli:ci-${CI_PIPELINE_NUMBER} commands: docker pull bash - environment: - DOCKER_HOST: tcp://dockerd:2375 run: - image: kokuwaio/docker-cli + image: registry.kokuwa.io/kokuwaio/docker-cli:ci-${CI_PIPELINE_NUMBER} commands: docker run --rm bash uname -a - environment: - DOCKER_HOST: tcp://dockerd:2375 diff --git a/Dockerfile b/Dockerfile index dced34e..e2024a5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,14 +16,15 @@ RUN --mount=type=tmpfs,target=/var/lib/apt/lists \ RUN ARCH=$(dpkg --print-architecture) && curl --fail --silent --parallel --remote-name-all \ "https://download.docker.com/linux/debian/dists/bookworm/pool/stable/$ARCH/containerd.io_1.7.27-1_$ARCH.deb" \ "https://download.docker.com/linux/debian/dists/bookworm/pool/stable/$ARCH/docker-ce-cli_28.1.1-1~debian.12~bookworm_$ARCH.deb" \ + "https://download.docker.com/linux/debian/dists/bookworm/pool/stable/$ARCH/docker-buildx-plugin_0.20.0-1~debian.12~bookworm_$ARCH.deb" \ "https://download.docker.com/linux/debian/dists/bookworm/pool/stable/$ARCH/docker-ce_28.1.1-1~debian.12~bookworm_$ARCH.deb" \ "https://download.docker.com/linux/debian/dists/bookworm/pool/stable/$ARCH/docker-ce-rootless-extras_28.1.1-1~debian.12~bookworm_$ARCH.deb" ## -## Final stage +## Docker Daemon ## -FROM docker.io/library/debian:12.11-slim@sha256:e5865e6858dacc255bead044a7f2d0ad8c362433cfaa5acefb670c1edf54dfef +FROM docker.io/library/debian:12.11-slim@sha256:e5865e6858dacc255bead044a7f2d0ad8c362433cfaa5acefb670c1edf54dfef AS dockerd SHELL ["/bin/bash", "-u", "-e", "-o", "pipefail", "-c"] RUN --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ --mount=type=tmpfs,target=/var/log \ @@ -36,7 +37,7 @@ RUN --mount=type=bind,from=download,source=/tmp/docker,target=/tmp/docker \ --mount=type=tmpfs,target=/var/log \ --mount=type=tmpfs,target=/var/cache \ apt-get -qq update && \ - apt-get -qq install --yes --no-install-recommends /tmp/docker/*.deb && \ + apt-get -qq install --yes --no-install-recommends /tmp/docker/containerd*.deb /tmp/docker/docker-ce*.deb && \ rm -rf /etc/*- /var/lib/dpkg/*-old /var/lib/dpkg/status RUN useradd dockerd --uid 1000 --home-dir /home/docker --create-home && rm /etc/*- /home/docker/.* && \ @@ -45,3 +46,44 @@ RUN useradd dockerd --uid 1000 --home-dir /home/docker --create-home && rm /etc/ COPY --chmod=555 entrypoint.sh /usr/bin/entrypoint.sh ENTRYPOINT ["/usr/bin/entrypoint.sh"] USER 1000 + +## +## Docker CLI +## + +FROM docker.io/library/debian:12.11-slim@sha256:e5865e6858dacc255bead044a7f2d0ad8c362433cfaa5acefb670c1edf54dfef AS cli-base +SHELL ["/bin/bash", "-u", "-e", "-o", "pipefail", "-c"] +RUN --mount=type=bind,from=download,source=/tmp/docker,target=/tmp/docker \ + --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ + apt-get -qq update && \ + apt-get -qq install --yes --no-install-recommends /tmp/docker/docker-buildx-plugin* /tmp/docker/docker-ce-cli*.deb && \ + rm -rf /etc/*- /var/lib/dpkg/*-old /var/lib/dpkg/status /var/cache/* /var/log/* +ENV DOCKER_HOST=tcp://dockerd:2375 + +FROM cli-base AS cli-base-az +RUN --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ + apt-get -qq update && \ + apt-get -qq install --yes --no-install-recommends python3 pip && \ + pip install azure-cli==2.66.0 --root-user-action=ignore --no-cache-dir --break-system-packages && \ + apt-get -qq purge pip && \ + rm -rf /etc/*- /var/lib/dpkg/*-old /var/lib/dpkg/status /var/cache/* /var/log/* + +FROM cli-base AS cli +USER 1000:1000 + +FROM cli-base AS cli-git +RUN --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ + apt-get -qq update && \ + apt-get -qq install --yes --no-install-recommends git && \ + rm -rf /etc/*- /var/lib/dpkg/*-old /var/lib/dpkg/status /var/cache/* /var/log/* +USER 1000:1000 + +FROM cli-base-az AS cli-az +USER 1000:1000 + +FROM cli-base-az AS cli-az-git +RUN --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ + apt-get -qq update && \ + apt-get -qq install --yes --no-install-recommends git && \ + rm -rf /etc/*- /var/lib/dpkg/*-old /var/lib/dpkg/status /var/cache/* /var/log/* +USER 1000:1000