From 4f750a74edd53d9e5f76ef36d64b1ed321c24ab9 Mon Sep 17 00:00:00 2001 From: Gareth Healy Date: Mon, 18 Dec 2023 12:32:13 +0000 Subject: [PATCH] added new jenkins agent base --- .github/workflows/jenkins-agent-pr.yaml | 39 +++++++++++ .github/workflows/jenkins-agent-publish.yaml | 46 +++++++++++++ jenkins-agents/jenkins-agent/Dockerfile | 42 ++++++++++++ jenkins-agents/jenkins-agent/README.md | 3 + jenkins-agents/jenkins-agent/ubi8.repo | 70 ++++++++++++++++++++ jenkins-agents/jenkins-agent/version.json | 1 + 6 files changed, 201 insertions(+) create mode 100644 .github/workflows/jenkins-agent-pr.yaml create mode 100644 .github/workflows/jenkins-agent-publish.yaml create mode 100644 jenkins-agents/jenkins-agent/Dockerfile create mode 100644 jenkins-agents/jenkins-agent/README.md create mode 100644 jenkins-agents/jenkins-agent/ubi8.repo create mode 100644 jenkins-agents/jenkins-agent/version.json diff --git a/.github/workflows/jenkins-agent-pr.yaml b/.github/workflows/jenkins-agent-pr.yaml new file mode 100644 index 000000000..ffb8adc1d --- /dev/null +++ b/.github/workflows/jenkins-agent-pr.yaml @@ -0,0 +1,39 @@ +--- +name: jenkins-agent-pr +on: + pull_request: + paths: + - jenkins-agents/jenkins-agent/** + - .github/workflows/jenkins-agent-pr.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent + image_name: jenkins-agent + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Check and verify version.json + id: check_version + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + with: + dockerfile: ${{ env.context }}/Dockerfile + + - name: Build image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + oci: true + tags: ${{ steps.check_version.outputs.IMAGE_TAGS }} diff --git a/.github/workflows/jenkins-agent-publish.yaml b/.github/workflows/jenkins-agent-publish.yaml new file mode 100644 index 000000000..c3387fb73 --- /dev/null +++ b/.github/workflows/jenkins-agent-publish.yaml @@ -0,0 +1,46 @@ +name: jenkins-agent-publish +on: + push: + paths: + - jenkins-agents/jenkins-agent/version.json + - .github/workflows/jenkins-agent-publish.yaml + +# Declare default permissions as read only. +permissions: read-all + +jobs: + build: + env: + context: jenkins-agents/jenkins-agent + image_name: jenkins-agent + runs-on: ubuntu-latest + permissions: + packages: write + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Get image tags + id: image_tags + uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4 + with: + IMAGE_CONTEXT_DIR: ${{ env.context }} + + - name: Build image + id: build_image + uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2 + with: + context: ${{ env.context }} + dockerfiles: | + ./${{ env.context }}/Dockerfile + image: ${{ env.image_name }} + tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" + + - name: Push to ghcr.io + uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2 + if: ${{ !contains(github.ref, 'renovate') }} + with: + image: ${{ steps.build_image.outputs.image }} + registry: ghcr.io/${{ github.repository }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.build_image.outputs.tags }} \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent/Dockerfile b/jenkins-agents/jenkins-agent/Dockerfile new file mode 100644 index 000000000..63aca0ba5 --- /dev/null +++ b/jenkins-agents/jenkins-agent/Dockerfile @@ -0,0 +1,42 @@ +# Builder +FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder + +# renovate: datasource=repology depName=homebrew/openshift-cli +ARG OC_VERSION=4.14.5 +RUN curl -L "https://mirror.openshift.com/pub/openshift-v4/clients/ocp/${OC_VERSION}/openshift-client-linux.tar.gz" -o /tmp/openshift-client-linux.tar.gz && \ + tar --no-same-owner -xzf /tmp/openshift-client-linux.tar.gz && \ + mv oc kubectl /usr/local/bin && \ + oc version --client && \ + kubectl version --client + +# Runnable +FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4 + +LABEL name="redhat-cop/jenkins-agent" \ + io.k8s.display-name="Jenkins Agent Base" \ + io.k8s.description="The jenkins agent base." \ + io.openshift.tags="openshift,jenkins,agent,ansible" \ + com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent" \ + release="1" \ + architecture="x86_64" \ + maintainer="github.com/redhat-cop" + +ENV LANG=en_US.UTF-8 \ + LANGUAGE=en_US:en \ + LC_ALL=en_US.UTF-8 + +USER root + +RUN rm -f /etc/yum.repos.d/*.repo +COPY ubi8.repo /etc/yum.repos.d/ubi8.repo + +RUN dnf -y update && \ + dnf clean all + +COPY --from=builder /usr/local/bin/oc /usr/local/bin/oc +COPY --from=builder /usr/local/bin/kubectl /usr/local/bin/kubectl + +USER 1001 + +RUN oc version --client && \ + kubectl version --client \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent/README.md b/jenkins-agents/jenkins-agent/README.md new file mode 100644 index 000000000..1951c7da4 --- /dev/null +++ b/jenkins-agents/jenkins-agent/README.md @@ -0,0 +1,3 @@ +# Jenkins Base + +Base of the all agents \ No newline at end of file diff --git a/jenkins-agents/jenkins-agent/ubi8.repo b/jenkins-agents/jenkins-agent/ubi8.repo new file mode 100644 index 000000000..bdc28e0a6 --- /dev/null +++ b/jenkins-agents/jenkins-agent/ubi8.repo @@ -0,0 +1,70 @@ +[ubi-8-baseos-rpms] +name = Red Hat Universal Base Image 8 (RPMs) - BaseOS +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/os +enabled = 1 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-baseos-debug-rpms] +name = Red Hat Universal Base Image 8 (Debug RPMs) - BaseOS +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/debug +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-baseos-source] +name = Red Hat Universal Base Image 8 (Source RPMs) - BaseOS +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/baseos/source/SRPMS +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-appstream-rpms] +name = Red Hat Universal Base Image 8 (RPMs) - AppStream +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/os +enabled = 1 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-appstream-debug-rpms] +name = Red Hat Universal Base Image 8 (Debug RPMs) - AppStream +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/debug +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-appstream-source] +name = Red Hat Universal Base Image 8 (Source RPMs) - AppStream +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/appstream/source/SRPMS +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-codeready-builder-rpms] +name = Red Hat Universal Base Image 8 (RPMs) - CodeReady Builder +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/os +enabled = 1 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-codeready-builder] +name = Red Hat Universal Base Image 8 (RPMs) - CodeReady Builder +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/os +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + + +[ubi-8-codeready-builder-debug-rpms] +name = Red Hat Universal Base Image 8 (Debug RPMs) - CodeReady Builder +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/debug +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 + +[ubi-8-codeready-builder-source] +name = Red Hat Universal Base Image 8 (Source RPMs) - CodeReady Builder +baseurl = https://cdn-ubi.redhat.com/content/public/ubi/dist/ubi8/8/$basearch/codeready-builder/source/SRPMS +enabled = 0 +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release +gpgcheck = 1 diff --git a/jenkins-agents/jenkins-agent/version.json b/jenkins-agents/jenkins-agent/version.json new file mode 100644 index 000000000..7805748c6 --- /dev/null +++ b/jenkins-agents/jenkins-agent/version.json @@ -0,0 +1 @@ +{"version":"v4.14.0"}