cleaned up jenkins agents to use common base image

.github/workflows/jenkins-agent-ansible-pr.yaml

@@ -18,6 +18,11 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+          ignore: DL3041
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-arachni-pr.yaml

@@ -18,6 +18,10 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-argocd-pr.yaml

@@ -18,6 +18,10 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-cosign-pr.yaml

@@ -18,6 +18,10 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-erlang-pr.yaml

@@ -18,6 +18,10 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-golang-pr.yaml

@@ -18,6 +18,11 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+          ignore: DL3041
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-gradle-pr.yaml

@@ -18,6 +18,11 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+          ignore: DL3041
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-hugo-pr.yaml

@@ -18,6 +18,10 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-image-mgmt-pr.yaml

@@ -23,6 +23,10 @@ jobs:
         with:
           IMAGE_CONTEXT_DIR: ${{ env.context }}
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-mongodb-pr.yaml

@@ -18,6 +18,10 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-mvn-pr.yaml

@@ -18,6 +18,11 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+          ignore: DL3041
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-mvn-publish.yaml

@@ -0,0 +1,46 @@
+name: jenkins-agent-mvn-publish
+on:
+  push:
+    paths:
+      - jenkins-agents/jenkins-agent-mvn/version.json
+      - .github/workflows/jenkins-agent-mvn-publish.yaml
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+  build:
+    env:
+      context: jenkins-agents/jenkins-agent-mvn
+      image_name: jenkins-agent-mvn
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+
+      - name: Get image tags
+        id: image_tags
+        uses: redhat-cop/github-actions/get-image-version@11f2ce27643eb7c76ac3623cb99d9b08be30d762 # v4
+        with:
+          IMAGE_CONTEXT_DIR: ${{ env.context }}
+
+      - name: Build image
+        id: build_image
+        uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
+        with:
+          context: ${{ env.context }}
+          dockerfiles: |
+            ./${{ env.context }}/Dockerfile
+          image: ${{ env.image_name }}
+          tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}"
+
+      - name: Push to ghcr.io
+        uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2
+        if: ${{ !contains(github.ref, 'renovate') }}
+        with:
+          image: ${{ steps.build_image.outputs.image }}
+          registry: ghcr.io/${{ github.repository }}
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+          tags: ${{ steps.build_image.outputs.tags }}

.github/workflows/jenkins-agent-npm-pr.yaml

@@ -18,6 +18,11 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+          ignore: DL3041
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-python-pr.yaml

@@ -21,7 +21,7 @@ jobs:
 
       - name: Check if version.json has been bumped
         id: changes
-        run: echo "changed=$(git --no-pager diff --name-only origin/master HEAD | grep "${context}/version.json" | wc -l)" >> $GITHUB_OUTPUT
+        run: echo "changed=$(git --no-pager diff --name-only origin/main HEAD | grep "${context}/version.json" | wc -l)" >> $GITHUB_OUTPUT
 
       - name: Fail if version.json not bumped
         if: steps.changes.outputs.changed == 0
@@ -35,6 +35,11 @@ jobs:
         with:
           IMAGE_CONTEXT_DIR: ${{ env.context }}
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+          ignore: DL3041
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-ruby-pr.yaml

@@ -18,6 +18,11 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+          ignore: DL3041
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.github/workflows/jenkins-agent-rust-pr.yaml

@@ -18,6 +18,11 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
 
+      - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
+        with:
+          dockerfile: ${{ env.context }}/Dockerfile
+          ignore: DL3041
+
       - name: Build image
         uses: redhat-actions/buildah-build@b4dc19b4ba891854660ab1f88a097d45aa158f76 # v2
         with:

.gitignore

@@ -15,3 +15,5 @@ policy/
 
 # BATS
 _test/test_helper/
+
+jenkins-agents/jenkins-agent-npm/node_modules

jenkins-agents/jenkins-agent-ansible/Dockerfile

@@ -1,46 +1,17 @@
-FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4
+FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14
 
-# renovate: datasource=pypi depName=ansible-core
-ARG ANSIBLE_CORE_VERSION=2.16.2
-
-LABEL \
-      release="1" \
-      version="4.14" \
-      architecture="x86_64" \
+LABEL name="redhat-cop/jenkins-agent-ansible" \
       io.k8s.display-name="Jenkins Agent Ansible" \
-      name="openshift/origin-jenkins-agent-ansible-ubi8" \
-      io.openshift.tags="openshift,jenkins,agent,ansible" \
-      com.redhat.component="jenkins-agent-ansible-ubi8-docker" \
-      io.k8s.description="The jenkins agent ansible image has ansible on top of the jenkins agent base image."
-
-ARG DNF_FLAGS="-y"
+      io.k8s.description="The jenkins agent ansible image has ansible on top of the jenkins agent base image." \
+      com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-ansible"
 
-ARG PIP_PKGS="\
-        molecule \
-        paramiko \
-        openshift \
-        kubernetes \
-        ansible-core==${ANSIBLE_CORE_VERSION} \
-"
-ARG DNF_PKGS="python311"
+USER root
 
-ADD ubi8.repo /tmp/ubi8.repo
-
-RUN set -x \
-     && rm -f /etc/yum.repos.d/*.repo \
-     && mv /tmp/ubi8.repo /etc/yum.repos.d/ \
-     && dnf install ${DNF_FLAGS} ${DNF_PKGS} \
-     && dnf ${DNF_FLAGS} clean all \
-     && rm -rf /var/cache/dnf \
-     && alternatives --set python3 /usr/bin/python3.11 \
-     && python3 -m ensurepip --default-pip  \
-     && python3 -m pip install --upgrade pip  \
-     && python3 -m pip install ${PIP_PKGS} \
-     && chmod -R 775 /etc/alternatives \
-     && chmod -R 775 /var/lib/alternatives \
-     && echo
+COPY requirements.txt /requirements.txt
+RUN dnf -y install --nodocs python3.11 python3.11-pip && \
+    dnf clean all && \
+    pip3.11 install --no-cache-dir -r /requirements.txt
 
 USER 1001
-ENV \
-    LANG=en_US.UTF-8 \
-    LC_ALL=en_US.UTF-8 \
+
+RUN ansible --version

jenkins-agents/jenkins-agent-ansible/requirements.txt

@@ -0,0 +1,5 @@
+molecule
+paramiko
+openshift
+kubernetes
+ansible-core==2.16.2

jenkins-agents/jenkins-agent-arachni/Dockerfile

@@ -1,14 +1,31 @@
-FROM quay.io/openshift/origin-jenkins-agent-base:4.14@sha256:1284ffe5b63ee7da4c4463d5f44b471fd42ce01c06f5c72edc195a30dcc1f7f4
+# Builder
+FROM registry.access.redhat.com/ubi9/ubi:9.3-1476@sha256:fc300be6adbdf2ca812ad01efd0dee2a3e3f5d33958ad6cd99159e25e9ee1398 AS builder
 
-ARG ARACHNI_VERSION=1.5.1
-ARG WEB_VERSION=0.5.12
+SHELL ["/bin/bash", "-c"]
 
-WORKDIR /arachni
+# renovate: datasource=github-releases depName=Arachni/arachni
+ARG ARACHNI_VERSION=v1.5.1
+ARG WEB_VERSION=0.5.12
 
-RUN curl -sLo- https://github.com/Arachni/arachni/releases/download/v${ARACHNI_VERSION}/arachni-${ARACHNI_VERSION}-${WEB_VERSION}-linux-x86_64.tar.gz | tar xvz -C /arachni --strip-components=1 && \
+RUN curl -L "https://github.com/Arachni/arachni/releases/download/${ARACHNI_VERSION}/arachni-${ARACHNI_VERSION//v}-${WEB_VERSION}-linux-x86_64.tar.gz" -o /tmp/arachni.tar.gz && \
+    tar --no-same-owner -xzf /tmp/arachni.tar.gz && \
+    mv "/arachni-${ARACHNI_VERSION//v}-${WEB_VERSION}" /arachni && \
     chown -R root:root /arachni && \
     chmod -R 775 /arachni
 
-COPY reporters ./system/gems/gems/arachni-${ARACHNI_VERSION}/components/reporters
+# Runnable
+FROM ghcr.io/redhat-cop/containers-quickstarts/jenkins-agent:v4.14
+
+LABEL name="redhat-cop/jenkins-agent-arachni" \
+      io.k8s.display-name="Jenkins Agent Arachni" \
+      io.k8s.description="The jenkins agent arachni." \
+      com.redhat.component="redhat-cop/containers-quickstarts/jenkins-agent-arachni"
+
+COPY --from=builder /arachni /arachni
+COPY reporters /arachni/system/gems/gems/arachni-${ARACHNI_VERSION}/components/reporters
+
+WORKDIR /arachni
 
 USER 1001
+
+RUN /arachni/bin/arachni --version