From 190ad0ab4d462c68aed2090b9583acfa741c28c4 Mon Sep 17 00:00:00 2001
From: Michel Morin <michel.morin@ouest-france.fr>
Date: Fri, 25 Oct 2024 16:44:21 +0200
Subject: [PATCH] overlayfs

---
 Dockerfile     | 23 +++++++++++------------
 Dockerfile.deb | 38 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 49 insertions(+), 12 deletions(-)
 create mode 100644 Dockerfile.deb

diff --git a/Dockerfile b/Dockerfile
index 36994d4..0e25b10 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,28 +1,28 @@
-FROM openpolicyagent/conftest:v0.48.0 AS conftest
+FROM openpolicyagent/conftest:v0.56.0 AS conftest
 FROM alpine:3.20
 
 ARG VERSION_HADOLINT="v2.12.0"
-ARG VERSION_KUBECTL="v1.29.0"
-ARG VERSION_HELM="v3.13.0"
+ARG VERSION_KUBECTL="v1.31.2"
+ARG VERSION_HELM="v3.16.0"
 ARG VERSION_HELM2="v2.17.0"
-
+ENV PODMAN_IGNORE_CGROUPSV1_WARNING=true
 COPY . cdp/
 RUN mkdir -p /cdp/k8s/charts
 COPY --from=conftest /conftest /bin/conftest
 
 ADD https://github.com/hadolint/hadolint/releases/download/${VERSION_HADOLINT}/hadolint-Linux-x86_64 /bin/hadolint
-ADD https://storage.googleapis.com/kubernetes-release/release/${VERSION_KUBECTL}/bin/linux/amd64/kubectl /bin/kubectl
-
+#ADD https://storage.googleapis.com/kubernetes-release/release/${VERSION_KUBECTL}/bin/linux/amd64/kubectl /bin/kubectl
+ADD https://dl.k8s.io/release/${VERSION_KUBECTL}/bin/linux/amd64/kubectl /bin/kubectl
 WORKDIR /cdp
-RUN apk -v --no-cache add tar ca-certificates python3 slirp4netns containers-common python3-dev  skopeo coreutils podman py3-setuptools py3-pip py3-wheel\
-      groff less mailcap curl openrc build-base libgit2-dev autoconf automake libtool jq git openssh unzip \
+RUN apk -v --no-cache add tar ca-certificates python3  python3-dev  skopeo coreutils podman py3-setuptools py3-pip py3-wheel\
+      groff less mailcap curl openrc build-base libgit2-dev autoconf automake libtool jq git openssh unzip fuse-overlayfs gettext \
     && chmod +x /bin/hadolint && chmod +x /bin/kubectl \
     && if [[ ! -e /usr/bin/python ]]; then ln -sf /usr/bin/python3 /usr/bin/python; fi \
     && if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi \
     && ln -s /usr/lib/libcurl.so.4 /usr/lib/libcurl-gnutls.so.4 \
     && pip install awscli --break-system-packages \
     && pip install --break-system-packages -r requirements.txt \
-    && apk -v add gettext \
+    && sed -i 's/#mount_program/mount_program/' /etc/containers/storage.conf \
     && apk -v --no-cache --purge del py-pip autoconf automake libtool build-base libgit2-dev python3-dev \
     && curl -L https://get.helm.sh/helm-${VERSION_HELM}-linux-amd64.tar.gz | tar zxv -C /tmp/ --strip-components=1 linux-amd64/helm && mv /tmp/helm /bin/helm3 && chmod +x /bin/helm3 \
     && curl -L https://get.helm.sh/helm-${VERSION_HELM2}-linux-amd64.tar.gz | tar zxv -C /tmp/ --strip-components=1 linux-amd64/helm && mv /tmp/helm /bin/helm2 && chmod +x /bin/helm2 \
@@ -31,8 +31,7 @@ RUN apk -v --no-cache add tar ca-certificates python3 slirp4netns containers-com
     && mkdir -p /root/.docker 
 RUN  python setup.py install && rm -rf /cdp/..?* .[!.]*
 
-
 # Options Podman
-ENV STORAGE_DRIVER=vfs
-ENV STORAGE_OPTS=""
+#ENV STORAGE_DRIVER=vfs
+#ENV STORAGE_OPTS=""
 
diff --git a/Dockerfile.deb b/Dockerfile.deb
new file mode 100644
index 0000000..3c8ad79
--- /dev/null
+++ b/Dockerfile.deb
@@ -0,0 +1,38 @@
+FROM openpolicyagent/conftest:v0.56.0 AS conftest
+FROM debian:stable-slim
+
+ARG VERSION_HADOLINT="v2.12.0"
+ARG VERSION_KUBECTL="v1.31.2"
+ARG VERSION_HELM="v3.16.0"
+ARG VERSION_HELM2="v2.17.0"
+ENV PODMAN_IGNORE_CGROUPSV1_WARNING=true
+
+COPY . cdp/
+RUN mkdir -p /cdp/k8s/charts
+COPY --from=conftest /conftest /bin/conftest
+
+ADD https://github.com/hadolint/hadolint/releases/download/${VERSION_HADOLINT}/hadolint-Linux-x86_64 /bin/hadolint
+#ADD https://storage.googleapis.com/kubernetes-release/release/${VERSION_KUBECTL}/bin/linux/amd64/kubectl /bin/kubectl
+ADD https://dl.k8s.io/release/${VERSION_KUBECTL}/bin/linux/amd64/kubectl /bin/kubectl
+WORKDIR /cdp
+RUN apt-get install -y tar ca-certificates python3 slirp4netns containers-common python3-dev  skopeo coreutils podman py3-setuptools py3-pip py3-wheel\
+      groff less mailcap curl openrc build-base libgit2-dev autoconf automake libtool jq git openssh unzip gettext \
+    && chmod +x /bin/hadolint && chmod +x /bin/kubectl \
+    && if [[ ! -e /usr/bin/python ]]; then ln -sf /usr/bin/python3 /usr/bin/python; fi \
+    && if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi \
+    && ln -s /usr/lib/libcurl.so.4 /usr/lib/libcurl-gnutls.so.4 \
+    && pip install awscli --break-system-packages \
+    && pip install --break-system-packages -r requirements.txt \
+    && apk -v --no-cache --purge del py-pip autoconf automake libtool build-base libgit2-dev python3-dev \
+    && curl -L https://get.helm.sh/helm-${VERSION_HELM}-linux-amd64.tar.gz | tar zxv -C /tmp/ --strip-components=1 linux-amd64/helm && mv /tmp/helm /bin/helm3 && chmod +x /bin/helm3 \
+    && curl -L https://get.helm.sh/helm-${VERSION_HELM2}-linux-amd64.tar.gz | tar zxv -C /tmp/ --strip-components=1 linux-amd64/helm && mv /tmp/helm /bin/helm2 && chmod +x /bin/helm2 \
+    && helm3 plugin install https://github.com/helm/helm-2to3 \
+    && /root/.cache /usr/lib/python3.8/site-packages/pip /usr/lib/python3.8/__pycache__ /usr/lib/python3.8/site-packages/awscli/examples /usr/lib/python3.8/site-packages/config-3.8* \
+    && mkdir -p /root/.docker 
+RUN  python setup.py install && rm -rf /cdp/..?* .[!.]*
+
+
+# Options Podman
+#ENV STORAGE_DRIVER=vfs
+#ENV STORAGE_OPTS=""
+