From d73be90f9e12bb119212b630d321e71d87df63cb Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Tue, 5 Nov 2024 10:49:51 +0100 Subject: [PATCH 1/8] bump Python3 version in stackrox-test --- .gitignore | 2 ++ images/stackrox-test.Dockerfile | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 3eb99d71..bdfc8028 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,5 @@ # Ignore GoLand .idea + +.DS_Store diff --git a/images/stackrox-test.Dockerfile b/images/stackrox-test.Dockerfile index ea18effd..bc8dc48d 100644 --- a/images/stackrox-test.Dockerfile +++ b/images/stackrox-test.Dockerfile @@ -39,7 +39,7 @@ RUN dnf update -y \ lsof \ lz4 \ openssl \ - python3-devel \ + python39-devel \ unzip \ xmlstarlet \ xz \ From e902ee83d2e148e13f83b579a1a4150c6b286893 Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Fri, 8 Nov 2024 10:06:24 +0100 Subject: [PATCH 2/8] debug --- images/stackrox-test.Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/images/stackrox-test.Dockerfile b/images/stackrox-test.Dockerfile index bc8dc48d..89adbf67 100644 --- a/images/stackrox-test.Dockerfile +++ b/images/stackrox-test.Dockerfile @@ -159,7 +159,9 @@ RUN set -ex \ ARG PYCODESTYLE_VERSION=2.10.0 ARG PYLINT_VERSION=2.13.9 RUN set -ex \ - && pip3 install pycodestyle=="${PYCODESTYLE_VERSION}" \ + && python3 --version && python3 -m pip --version && pip --version \ + && pip3 --version \ + && python3 -m pip install pycodestyle=="${PYCODESTYLE_VERSION}" \ pylint=="${PYLINT_VERSION}" RUN \ From e4accc9f6f7151fc3248f2c9649d4a563b652e7f Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Fri, 8 Nov 2024 10:16:27 +0100 Subject: [PATCH 3/8] no symlink --- images/stackrox-test.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/images/stackrox-test.Dockerfile b/images/stackrox-test.Dockerfile index 89adbf67..8cc5df99 100644 --- a/images/stackrox-test.Dockerfile +++ b/images/stackrox-test.Dockerfile @@ -75,7 +75,7 @@ RUN set -ex \ && (docker version --format '{{.Client.Version}}' || true) # Symlink python to python3 - RUN ln -s /usr/bin/python3 /usr/bin/python +# RUN ln -s /usr/bin/python3 /usr/bin/python # oc RUN set -ex \ From 5686f2cd160703d4c06a58deba554a44025739fa Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Fri, 8 Nov 2024 10:23:49 +0100 Subject: [PATCH 4/8] madness --- images/stackrox-test.Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/images/stackrox-test.Dockerfile b/images/stackrox-test.Dockerfile index 8cc5df99..41ca7d31 100644 --- a/images/stackrox-test.Dockerfile +++ b/images/stackrox-test.Dockerfile @@ -39,6 +39,7 @@ RUN dnf update -y \ lsof \ lz4 \ openssl \ + python39 \ python39-devel \ unzip \ xmlstarlet \ @@ -75,7 +76,7 @@ RUN set -ex \ && (docker version --format '{{.Client.Version}}' || true) # Symlink python to python3 -# RUN ln -s /usr/bin/python3 /usr/bin/python +RUN ln -s /usr/bin/python3 /usr/bin/python # oc RUN set -ex \ From 285a9620f97c0877ad9b3006f579cc348be6a752 Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Fri, 8 Nov 2024 10:30:53 +0100 Subject: [PATCH 5/8] debug --- images/stackrox-test.Dockerfile | 236 ++++++++++++++++---------------- 1 file changed, 118 insertions(+), 118 deletions(-) diff --git a/images/stackrox-test.Dockerfile b/images/stackrox-test.Dockerfile index 41ca7d31..cfa0e238 100644 --- a/images/stackrox-test.Dockerfile +++ b/images/stackrox-test.Dockerfile @@ -50,121 +50,121 @@ RUN dnf update -y \ && dnf clean all \ && rm -rf /var/cache/dnf /var/cache/yum -# Use updated auth plugin for GCP -ENV USE_GKE_GCLOUD_AUTH_PLUGIN=True -RUN gke-gcloud-auth-plugin --version - -# Update PATH for Postgres14 -ENV PATH=$PATH:/usr/pgsql-14/bin - -# Install bats -RUN set -ex \ - && npm install -g bats@1.10.0 bats-support@0.3.0 bats-assert@2.0.0 tap-junit \ - && bats -v - -# Install docker binary -ARG DOCKER_VERSION=20.10.6 -RUN set -ex \ - && DOCKER_URL="https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}.tgz" \ - && echo Docker URL: $DOCKER_URL \ - && wget --no-verbose -O /tmp/docker.tgz "${DOCKER_URL}" \ - && ls -lha /tmp/docker.tgz \ - && tar -xz -C /tmp -f /tmp/docker.tgz \ - && install /tmp/docker/docker /usr/local/bin \ - && rm -rf /tmp/docker /tmp/docker.tgz \ - && command -v docker \ - && (docker version --format '{{.Client.Version}}' || true) - - # Symlink python to python3 -RUN ln -s /usr/bin/python3 /usr/bin/python - -# oc -RUN set -ex \ - && wget --no-verbose -O oc.tgz https://github.com/okd-project/okd/releases/download/4.11.0-0.okd-2022-12-02-145640/openshift-client-linux-4.11.0-0.okd-2022-12-02-145640.tar.gz \ - && mkdir "oc-dir" \ - && tar -C "oc-dir" -xf oc.tgz \ - && install oc-dir/oc /usr/local/bin \ - && rm -rf "oc-dir" oc.tgz \ - && command -v oc - -# helm -RUN set -ex \ - && wget --no-verbose -O helm.tgz https://get.helm.sh/helm-v3.11.2-linux-amd64.tar.gz \ - && tar -xf helm.tgz \ - && install linux-amd64/helm /usr/local/bin \ - && rm -rf helm.tgz linux-amd64 \ - && command -v helm - -# Install gradle -ARG GRADLE_VERSION=7.5.1 -ENV PATH=$PATH:/opt/gradle/bin -RUN set -ex \ - && wget --no-verbose https://services.gradle.org/distributions/gradle-${GRADLE_VERSION}-bin.zip \ - && mkdir /opt/gradle \ - && unzip -q gradle-${GRADLE_VERSION}-bin.zip \ - && mv gradle-${GRADLE_VERSION}/* /opt/gradle \ - && rm gradle-${GRADLE_VERSION}-bin.zip \ - && rmdir gradle-${GRADLE_VERSION} \ - && command -v gradle - -# Install aws cli -RUN set -ex \ - && wget --no-verbose -O "awscliv2.zip" "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.7.17.zip" \ - && unzip awscliv2.zip \ - && ./aws/install \ - && rm awscliv2.zip \ - && rm -rf aws \ - && aws --version - -# Install yq v4.16.2 -RUN set -ex \ - && wget --no-verbose "https://github.com/mikefarah/yq/releases/download/v4.16.2/yq_linux_amd64" \ - && sha256sum --check --status <<< "5c911c4da418ae64af5527b7ee36e77effb85de20c2ce732ed14c7f72743084d yq_linux_amd64" \ - && mv yq_linux_amd64 /usr/bin/yq \ - && chmod +x /usr/bin/yq - -# Install hub-comment -RUN set -ex \ - && wget --quiet https://github.com/joshdk/hub-comment/releases/download/0.1.0-rc6/hub-comment_linux_amd64 \ - && sha256sum --check --status <<< "2a2640f44737873dfe30da0d5b8453419d48a494f277a70fd9108e4204fc4a53 hub-comment_linux_amd64" \ - && mv hub-comment_linux_amd64 /usr/bin/hub-comment \ - && chmod +x /usr/bin/hub-comment - -# Install shellcheck -ARG SHELLCHECK_VERSION=0.10.0 -ARG SHELLCHECK_SHA256=6c881ab0698e4e6ea235245f22832860544f17ba386442fe7e9d629f8cbedf87 -RUN set -ex \ - && wget --quiet "https://github.com/koalaman/shellcheck/releases/download/v${SHELLCHECK_VERSION}/shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ - && sha256sum --check --status <<< "${SHELLCHECK_SHA256} shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ - && tar -xJf "shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ - && cp "shellcheck-v${SHELLCHECK_VERSION}/shellcheck" /usr/bin/shellcheck \ - && rm "shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ - && rm -rf "shellcheck-v${SHELLCHECK_VERSION}" \ - && shellcheck --version - -# Install hashicorp vault -ARG VAULT_VERSION=1.12.1 -ARG VAULT_SHA256=839fa81eacd250e0b0298e518751a792cd5d7194650af78cf5da74d7b7b1e5fb -RUN set -ex \ - && wget --quiet "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip" \ - && sha256sum --check --status <<< "${VAULT_SHA256} vault_${VAULT_VERSION}_linux_amd64.zip" \ - && unzip "vault_${VAULT_VERSION}_linux_amd64.zip" \ - && strip "vault" \ - && mv "vault" /usr/bin/vault \ - && rm "vault_${VAULT_VERSION}_linux_amd64.zip" \ - && vault --version - -# Add python development tooling. If these versions have to change check for -# dependent repos. e.g. stackrox/stackrox has .openshift-ci/dev-requirements.txt -# for local development style & lint. -ARG PYCODESTYLE_VERSION=2.10.0 -ARG PYLINT_VERSION=2.13.9 -RUN set -ex \ - && python3 --version && python3 -m pip --version && pip --version \ - && pip3 --version \ - && python3 -m pip install pycodestyle=="${PYCODESTYLE_VERSION}" \ - pylint=="${PYLINT_VERSION}" - -RUN \ - mv /bin/bash /bin/real-bash && \ - mv /bin/bash-wrapper /bin/bash +# # Use updated auth plugin for GCP +# ENV USE_GKE_GCLOUD_AUTH_PLUGIN=True +# RUN gke-gcloud-auth-plugin --version + +# # Update PATH for Postgres14 +# ENV PATH=$PATH:/usr/pgsql-14/bin + +# # Install bats +# RUN set -ex \ +# && npm install -g bats@1.10.0 bats-support@0.3.0 bats-assert@2.0.0 tap-junit \ +# && bats -v + +# # Install docker binary +# ARG DOCKER_VERSION=20.10.6 +# RUN set -ex \ +# && DOCKER_URL="https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}.tgz" \ +# && echo Docker URL: $DOCKER_URL \ +# && wget --no-verbose -O /tmp/docker.tgz "${DOCKER_URL}" \ +# && ls -lha /tmp/docker.tgz \ +# && tar -xz -C /tmp -f /tmp/docker.tgz \ +# && install /tmp/docker/docker /usr/local/bin \ +# && rm -rf /tmp/docker /tmp/docker.tgz \ +# && command -v docker \ +# && (docker version --format '{{.Client.Version}}' || true) + +# # Symlink python to python3 +# RUN ln -s /usr/bin/python3 /usr/bin/python + +# # oc +# RUN set -ex \ +# && wget --no-verbose -O oc.tgz https://github.com/okd-project/okd/releases/download/4.11.0-0.okd-2022-12-02-145640/openshift-client-linux-4.11.0-0.okd-2022-12-02-145640.tar.gz \ +# && mkdir "oc-dir" \ +# && tar -C "oc-dir" -xf oc.tgz \ +# && install oc-dir/oc /usr/local/bin \ +# && rm -rf "oc-dir" oc.tgz \ +# && command -v oc + +# # helm +# RUN set -ex \ +# && wget --no-verbose -O helm.tgz https://get.helm.sh/helm-v3.11.2-linux-amd64.tar.gz \ +# && tar -xf helm.tgz \ +# && install linux-amd64/helm /usr/local/bin \ +# && rm -rf helm.tgz linux-amd64 \ +# && command -v helm + +# # Install gradle +# ARG GRADLE_VERSION=7.5.1 +# ENV PATH=$PATH:/opt/gradle/bin +# RUN set -ex \ +# && wget --no-verbose https://services.gradle.org/distributions/gradle-${GRADLE_VERSION}-bin.zip \ +# && mkdir /opt/gradle \ +# && unzip -q gradle-${GRADLE_VERSION}-bin.zip \ +# && mv gradle-${GRADLE_VERSION}/* /opt/gradle \ +# && rm gradle-${GRADLE_VERSION}-bin.zip \ +# && rmdir gradle-${GRADLE_VERSION} \ +# && command -v gradle + +# # Install aws cli +# RUN set -ex \ +# && wget --no-verbose -O "awscliv2.zip" "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.7.17.zip" \ +# && unzip awscliv2.zip \ +# && ./aws/install \ +# && rm awscliv2.zip \ +# && rm -rf aws \ +# && aws --version + +# # Install yq v4.16.2 +# RUN set -ex \ +# && wget --no-verbose "https://github.com/mikefarah/yq/releases/download/v4.16.2/yq_linux_amd64" \ +# && sha256sum --check --status <<< "5c911c4da418ae64af5527b7ee36e77effb85de20c2ce732ed14c7f72743084d yq_linux_amd64" \ +# && mv yq_linux_amd64 /usr/bin/yq \ +# && chmod +x /usr/bin/yq + +# # Install hub-comment +# RUN set -ex \ +# && wget --quiet https://github.com/joshdk/hub-comment/releases/download/0.1.0-rc6/hub-comment_linux_amd64 \ +# && sha256sum --check --status <<< "2a2640f44737873dfe30da0d5b8453419d48a494f277a70fd9108e4204fc4a53 hub-comment_linux_amd64" \ +# && mv hub-comment_linux_amd64 /usr/bin/hub-comment \ +# && chmod +x /usr/bin/hub-comment + +# # Install shellcheck +# ARG SHELLCHECK_VERSION=0.10.0 +# ARG SHELLCHECK_SHA256=6c881ab0698e4e6ea235245f22832860544f17ba386442fe7e9d629f8cbedf87 +# RUN set -ex \ +# && wget --quiet "https://github.com/koalaman/shellcheck/releases/download/v${SHELLCHECK_VERSION}/shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ +# && sha256sum --check --status <<< "${SHELLCHECK_SHA256} shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ +# && tar -xJf "shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ +# && cp "shellcheck-v${SHELLCHECK_VERSION}/shellcheck" /usr/bin/shellcheck \ +# && rm "shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ +# && rm -rf "shellcheck-v${SHELLCHECK_VERSION}" \ +# && shellcheck --version + +# # Install hashicorp vault +# ARG VAULT_VERSION=1.12.1 +# ARG VAULT_SHA256=839fa81eacd250e0b0298e518751a792cd5d7194650af78cf5da74d7b7b1e5fb +# RUN set -ex \ +# && wget --quiet "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip" \ +# && sha256sum --check --status <<< "${VAULT_SHA256} vault_${VAULT_VERSION}_linux_amd64.zip" \ +# && unzip "vault_${VAULT_VERSION}_linux_amd64.zip" \ +# && strip "vault" \ +# && mv "vault" /usr/bin/vault \ +# && rm "vault_${VAULT_VERSION}_linux_amd64.zip" \ +# && vault --version + +# # Add python development tooling. If these versions have to change check for +# # dependent repos. e.g. stackrox/stackrox has .openshift-ci/dev-requirements.txt +# # for local development style & lint. +# ARG PYCODESTYLE_VERSION=2.10.0 +# ARG PYLINT_VERSION=2.13.9 +# RUN set -ex \ +# && python3 --version && python3 -m pip --version && pip --version \ +# && pip3 --version \ +# && python3 -m pip install pycodestyle=="${PYCODESTYLE_VERSION}" \ +# pylint=="${PYLINT_VERSION}" + +# RUN \ +# mv /bin/bash /bin/real-bash && \ +# mv /bin/bash-wrapper /bin/bash From 18811af9c37c1809fc7922c158037e9869fc4159 Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Fri, 8 Nov 2024 10:43:11 +0100 Subject: [PATCH 6/8] explicitly remove python 3.6 --- images/stackrox-test.Dockerfile | 236 ++++++++++++++++---------------- 1 file changed, 117 insertions(+), 119 deletions(-) diff --git a/images/stackrox-test.Dockerfile b/images/stackrox-test.Dockerfile index cfa0e238..ff0c5773 100644 --- a/images/stackrox-test.Dockerfile +++ b/images/stackrox-test.Dockerfile @@ -45,126 +45,124 @@ RUN dnf update -y \ xmlstarlet \ xz \ zip \ - && dnf remove -y java-1.8.0-openjdk-headless \ + && dnf remove -y python36 java-1.8.0-openjdk-headless \ && dnf --disablerepo="*" --enablerepo="pgdg14" install -y postgresql14 postgresql14-server postgresql14-contrib \ && dnf clean all \ && rm -rf /var/cache/dnf /var/cache/yum -# # Use updated auth plugin for GCP -# ENV USE_GKE_GCLOUD_AUTH_PLUGIN=True -# RUN gke-gcloud-auth-plugin --version - -# # Update PATH for Postgres14 -# ENV PATH=$PATH:/usr/pgsql-14/bin - -# # Install bats -# RUN set -ex \ -# && npm install -g bats@1.10.0 bats-support@0.3.0 bats-assert@2.0.0 tap-junit \ -# && bats -v - -# # Install docker binary -# ARG DOCKER_VERSION=20.10.6 -# RUN set -ex \ -# && DOCKER_URL="https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}.tgz" \ -# && echo Docker URL: $DOCKER_URL \ -# && wget --no-verbose -O /tmp/docker.tgz "${DOCKER_URL}" \ -# && ls -lha /tmp/docker.tgz \ -# && tar -xz -C /tmp -f /tmp/docker.tgz \ -# && install /tmp/docker/docker /usr/local/bin \ -# && rm -rf /tmp/docker /tmp/docker.tgz \ -# && command -v docker \ -# && (docker version --format '{{.Client.Version}}' || true) - -# # Symlink python to python3 -# RUN ln -s /usr/bin/python3 /usr/bin/python - -# # oc -# RUN set -ex \ -# && wget --no-verbose -O oc.tgz https://github.com/okd-project/okd/releases/download/4.11.0-0.okd-2022-12-02-145640/openshift-client-linux-4.11.0-0.okd-2022-12-02-145640.tar.gz \ -# && mkdir "oc-dir" \ -# && tar -C "oc-dir" -xf oc.tgz \ -# && install oc-dir/oc /usr/local/bin \ -# && rm -rf "oc-dir" oc.tgz \ -# && command -v oc - -# # helm -# RUN set -ex \ -# && wget --no-verbose -O helm.tgz https://get.helm.sh/helm-v3.11.2-linux-amd64.tar.gz \ -# && tar -xf helm.tgz \ -# && install linux-amd64/helm /usr/local/bin \ -# && rm -rf helm.tgz linux-amd64 \ -# && command -v helm - -# # Install gradle -# ARG GRADLE_VERSION=7.5.1 -# ENV PATH=$PATH:/opt/gradle/bin -# RUN set -ex \ -# && wget --no-verbose https://services.gradle.org/distributions/gradle-${GRADLE_VERSION}-bin.zip \ -# && mkdir /opt/gradle \ -# && unzip -q gradle-${GRADLE_VERSION}-bin.zip \ -# && mv gradle-${GRADLE_VERSION}/* /opt/gradle \ -# && rm gradle-${GRADLE_VERSION}-bin.zip \ -# && rmdir gradle-${GRADLE_VERSION} \ -# && command -v gradle - -# # Install aws cli -# RUN set -ex \ -# && wget --no-verbose -O "awscliv2.zip" "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.7.17.zip" \ -# && unzip awscliv2.zip \ -# && ./aws/install \ -# && rm awscliv2.zip \ -# && rm -rf aws \ -# && aws --version - -# # Install yq v4.16.2 -# RUN set -ex \ -# && wget --no-verbose "https://github.com/mikefarah/yq/releases/download/v4.16.2/yq_linux_amd64" \ -# && sha256sum --check --status <<< "5c911c4da418ae64af5527b7ee36e77effb85de20c2ce732ed14c7f72743084d yq_linux_amd64" \ -# && mv yq_linux_amd64 /usr/bin/yq \ -# && chmod +x /usr/bin/yq - -# # Install hub-comment -# RUN set -ex \ -# && wget --quiet https://github.com/joshdk/hub-comment/releases/download/0.1.0-rc6/hub-comment_linux_amd64 \ -# && sha256sum --check --status <<< "2a2640f44737873dfe30da0d5b8453419d48a494f277a70fd9108e4204fc4a53 hub-comment_linux_amd64" \ -# && mv hub-comment_linux_amd64 /usr/bin/hub-comment \ -# && chmod +x /usr/bin/hub-comment - -# # Install shellcheck -# ARG SHELLCHECK_VERSION=0.10.0 -# ARG SHELLCHECK_SHA256=6c881ab0698e4e6ea235245f22832860544f17ba386442fe7e9d629f8cbedf87 -# RUN set -ex \ -# && wget --quiet "https://github.com/koalaman/shellcheck/releases/download/v${SHELLCHECK_VERSION}/shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ -# && sha256sum --check --status <<< "${SHELLCHECK_SHA256} shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ -# && tar -xJf "shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ -# && cp "shellcheck-v${SHELLCHECK_VERSION}/shellcheck" /usr/bin/shellcheck \ -# && rm "shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ -# && rm -rf "shellcheck-v${SHELLCHECK_VERSION}" \ -# && shellcheck --version - -# # Install hashicorp vault -# ARG VAULT_VERSION=1.12.1 -# ARG VAULT_SHA256=839fa81eacd250e0b0298e518751a792cd5d7194650af78cf5da74d7b7b1e5fb -# RUN set -ex \ -# && wget --quiet "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip" \ -# && sha256sum --check --status <<< "${VAULT_SHA256} vault_${VAULT_VERSION}_linux_amd64.zip" \ -# && unzip "vault_${VAULT_VERSION}_linux_amd64.zip" \ -# && strip "vault" \ -# && mv "vault" /usr/bin/vault \ -# && rm "vault_${VAULT_VERSION}_linux_amd64.zip" \ -# && vault --version - -# # Add python development tooling. If these versions have to change check for -# # dependent repos. e.g. stackrox/stackrox has .openshift-ci/dev-requirements.txt -# # for local development style & lint. -# ARG PYCODESTYLE_VERSION=2.10.0 -# ARG PYLINT_VERSION=2.13.9 -# RUN set -ex \ -# && python3 --version && python3 -m pip --version && pip --version \ -# && pip3 --version \ -# && python3 -m pip install pycodestyle=="${PYCODESTYLE_VERSION}" \ -# pylint=="${PYLINT_VERSION}" - -# RUN \ -# mv /bin/bash /bin/real-bash && \ -# mv /bin/bash-wrapper /bin/bash +# Use updated auth plugin for GCP +ENV USE_GKE_GCLOUD_AUTH_PLUGIN=True +RUN gke-gcloud-auth-plugin --version + +# Update PATH for Postgres14 +ENV PATH=$PATH:/usr/pgsql-14/bin + +# Install bats +RUN set -ex \ + && npm install -g bats@1.10.0 bats-support@0.3.0 bats-assert@2.0.0 tap-junit \ + && bats -v + +# Install docker binary +ARG DOCKER_VERSION=20.10.6 +RUN set -ex \ + && DOCKER_URL="https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_VERSION}.tgz" \ + && echo Docker URL: $DOCKER_URL \ + && wget --no-verbose -O /tmp/docker.tgz "${DOCKER_URL}" \ + && ls -lha /tmp/docker.tgz \ + && tar -xz -C /tmp -f /tmp/docker.tgz \ + && install /tmp/docker/docker /usr/local/bin \ + && rm -rf /tmp/docker /tmp/docker.tgz \ + && command -v docker \ + && (docker version --format '{{.Client.Version}}' || true) + + # Symlink python to python3 +RUN ln -s /usr/bin/python3 /usr/bin/python + +# oc +RUN set -ex \ + && wget --no-verbose -O oc.tgz https://github.com/okd-project/okd/releases/download/4.11.0-0.okd-2022-12-02-145640/openshift-client-linux-4.11.0-0.okd-2022-12-02-145640.tar.gz \ + && mkdir "oc-dir" \ + && tar -C "oc-dir" -xf oc.tgz \ + && install oc-dir/oc /usr/local/bin \ + && rm -rf "oc-dir" oc.tgz \ + && command -v oc + +# helm +RUN set -ex \ + && wget --no-verbose -O helm.tgz https://get.helm.sh/helm-v3.11.2-linux-amd64.tar.gz \ + && tar -xf helm.tgz \ + && install linux-amd64/helm /usr/local/bin \ + && rm -rf helm.tgz linux-amd64 \ + && command -v helm + +# Install gradle +ARG GRADLE_VERSION=7.5.1 +ENV PATH=$PATH:/opt/gradle/bin +RUN set -ex \ + && wget --no-verbose https://services.gradle.org/distributions/gradle-${GRADLE_VERSION}-bin.zip \ + && mkdir /opt/gradle \ + && unzip -q gradle-${GRADLE_VERSION}-bin.zip \ + && mv gradle-${GRADLE_VERSION}/* /opt/gradle \ + && rm gradle-${GRADLE_VERSION}-bin.zip \ + && rmdir gradle-${GRADLE_VERSION} \ + && command -v gradle + +# Install aws cli +RUN set -ex \ + && wget --no-verbose -O "awscliv2.zip" "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.7.17.zip" \ + && unzip awscliv2.zip \ + && ./aws/install \ + && rm awscliv2.zip \ + && rm -rf aws \ + && aws --version + +# Install yq v4.16.2 +RUN set -ex \ + && wget --no-verbose "https://github.com/mikefarah/yq/releases/download/v4.16.2/yq_linux_amd64" \ + && sha256sum --check --status <<< "5c911c4da418ae64af5527b7ee36e77effb85de20c2ce732ed14c7f72743084d yq_linux_amd64" \ + && mv yq_linux_amd64 /usr/bin/yq \ + && chmod +x /usr/bin/yq + +# Install hub-comment +RUN set -ex \ + && wget --quiet https://github.com/joshdk/hub-comment/releases/download/0.1.0-rc6/hub-comment_linux_amd64 \ + && sha256sum --check --status <<< "2a2640f44737873dfe30da0d5b8453419d48a494f277a70fd9108e4204fc4a53 hub-comment_linux_amd64" \ + && mv hub-comment_linux_amd64 /usr/bin/hub-comment \ + && chmod +x /usr/bin/hub-comment + +# Install shellcheck +ARG SHELLCHECK_VERSION=0.10.0 +ARG SHELLCHECK_SHA256=6c881ab0698e4e6ea235245f22832860544f17ba386442fe7e9d629f8cbedf87 +RUN set -ex \ + && wget --quiet "https://github.com/koalaman/shellcheck/releases/download/v${SHELLCHECK_VERSION}/shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ + && sha256sum --check --status <<< "${SHELLCHECK_SHA256} shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ + && tar -xJf "shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ + && cp "shellcheck-v${SHELLCHECK_VERSION}/shellcheck" /usr/bin/shellcheck \ + && rm "shellcheck-v${SHELLCHECK_VERSION}.linux.x86_64.tar.xz" \ + && rm -rf "shellcheck-v${SHELLCHECK_VERSION}" \ + && shellcheck --version + +# Install hashicorp vault +ARG VAULT_VERSION=1.12.1 +ARG VAULT_SHA256=839fa81eacd250e0b0298e518751a792cd5d7194650af78cf5da74d7b7b1e5fb +RUN set -ex \ + && wget --quiet "https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip" \ + && sha256sum --check --status <<< "${VAULT_SHA256} vault_${VAULT_VERSION}_linux_amd64.zip" \ + && unzip "vault_${VAULT_VERSION}_linux_amd64.zip" \ + && strip "vault" \ + && mv "vault" /usr/bin/vault \ + && rm "vault_${VAULT_VERSION}_linux_amd64.zip" \ + && vault --version + +# Add python development tooling. If these versions have to change check for +# dependent repos. e.g. stackrox/stackrox has .openshift-ci/dev-requirements.txt +# for local development style & lint. +ARG PYCODESTYLE_VERSION=2.10.0 +ARG PYLINT_VERSION=2.13.9 +RUN set -ex \ + && pip3 install pycodestyle=="${PYCODESTYLE_VERSION}" \ + pylint=="${PYLINT_VERSION}" + +RUN \ + mv /bin/bash /bin/real-bash && \ + mv /bin/bash-wrapper /bin/bash From 3233d7de4d011d75cb006ab5bf2b65a7241200a0 Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Fri, 8 Nov 2024 11:10:38 +0100 Subject: [PATCH 7/8] got it --- images/stackrox-test.Dockerfile | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/images/stackrox-test.Dockerfile b/images/stackrox-test.Dockerfile index ff0c5773..1d7751e3 100644 --- a/images/stackrox-test.Dockerfile +++ b/images/stackrox-test.Dockerfile @@ -45,7 +45,7 @@ RUN dnf update -y \ xmlstarlet \ xz \ zip \ - && dnf remove -y python36 java-1.8.0-openjdk-headless \ + && dnf remove -y java-1.8.0-openjdk-headless \ && dnf --disablerepo="*" --enablerepo="pgdg14" install -y postgresql14 postgresql14-server postgresql14-contrib \ && dnf clean all \ && rm -rf /var/cache/dnf /var/cache/yum @@ -75,8 +75,10 @@ RUN set -ex \ && command -v docker \ && (docker version --format '{{.Client.Version}}' || true) - # Symlink python to python3 -RUN ln -s /usr/bin/python3 /usr/bin/python + # Symlink python to python3. + # Explicitly set python3.9 to python3 instead of python3.6, latter is required for nodejs. +RUN update-alternatives --set python3 /usr/bin/python3.9 \ + && ln -s /usr/bin/python3 /usr/bin/python # oc RUN set -ex \ From 5b1085acc52d6357f0014d073dc2eb74ef60a2e0 Mon Sep 17 00:00:00 2001 From: Tom Martensen Date: Fri, 8 Nov 2024 13:39:34 +0100 Subject: [PATCH 8/8] update comment --- images/stackrox-test.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/images/stackrox-test.Dockerfile b/images/stackrox-test.Dockerfile index 1d7751e3..47796149 100644 --- a/images/stackrox-test.Dockerfile +++ b/images/stackrox-test.Dockerfile @@ -76,7 +76,7 @@ RUN set -ex \ && (docker version --format '{{.Client.Version}}' || true) # Symlink python to python3. - # Explicitly set python3.9 to python3 instead of python3.6, latter is required for nodejs. + # Explicitly set python3 to python3.9 instead of python3.6, the latter is required to keep for nodejs. RUN update-alternatives --set python3 /usr/bin/python3.9 \ && ln -s /usr/bin/python3 /usr/bin/python