From b48c706b37029410e242f6181ffecead7a1990f7 Mon Sep 17 00:00:00 2001 From: Andreas Mautz Date: Thu, 22 Aug 2024 11:06:16 +0200 Subject: [PATCH 1/2] [INFRA] update gitlab actions --- .github/workflows/main.yml | 10 +++++----- .github/workflows/schedule.yml | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index c4c5b70..3a60ed3 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -14,20 +14,20 @@ jobs: version: [ 'buster', 'bullseye', 'bookworm' ] steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v1 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@v3 - name: Login to DockerHub - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Build and push id: docker_build - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v6 with: push: true platforms: linux/amd64,linux/arm64 diff --git a/.github/workflows/schedule.yml b/.github/workflows/schedule.yml index f4b3694..20f496d 100644 --- a/.github/workflows/schedule.yml +++ b/.github/workflows/schedule.yml @@ -14,20 +14,20 @@ jobs: version: [ 'buster', 'bullseye', 'bookworm' ] steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v1 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@v3 - name: Login to DockerHub - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Build and push id: docker_build - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v6 with: push: true platforms: linux/amd64,linux/arm64 From 7d3ff748e3e9f42e27d032fca11e43ef4cf828cb Mon Sep 17 00:00:00 2001 From: Andreas Mautz Date: Fri, 20 Dec 2024 11:18:23 +0100 Subject: [PATCH 2/2] [INFRA] remove buster from supported debian versions --- .github/workflows/main.yml | 2 +- .github/workflows/schedule.yml | 2 +- src/buster/src/Dockerfile | 26 --- .../usr/local/bin/docker-install-requirements | 58 ------ .../src/root/usr/local/bin/docker-layer-clean | 179 ------------------ .../usr/local/bin/docker-package-download | 3 - 6 files changed, 2 insertions(+), 268 deletions(-) delete mode 100644 src/buster/src/Dockerfile delete mode 100755 src/buster/src/root/usr/local/bin/docker-install-requirements delete mode 100755 src/buster/src/root/usr/local/bin/docker-layer-clean delete mode 100644 src/buster/src/root/usr/local/bin/docker-package-download diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 3a60ed3..2f3076e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - version: [ 'buster', 'bullseye', 'bookworm' ] + version: [ 'bullseye', 'bookworm' ] steps: - name: Checkout uses: actions/checkout@v4 diff --git a/.github/workflows/schedule.yml b/.github/workflows/schedule.yml index 20f496d..a91e8e7 100644 --- a/.github/workflows/schedule.yml +++ b/.github/workflows/schedule.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - version: [ 'buster', 'bullseye', 'bookworm' ] + version: [ 'bullseye', 'bookworm' ] steps: - name: Checkout uses: actions/checkout@v4 diff --git a/src/buster/src/Dockerfile b/src/buster/src/Dockerfile deleted file mode 100644 index 66384e7..0000000 --- a/src/buster/src/Dockerfile +++ /dev/null @@ -1,26 +0,0 @@ -FROM debian:buster-slim - -SHELL ["/bin/bash", "-o", "pipefail", "-c"] -ENV BASH_ENV=/etc/profile \ - DEBIAN_FRONTEND=noninteractive \ - PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin -WORKDIR /tmp/ - -ARG CONTAINER_RUNTIME_REQUIREMENTS="less procps netcat ca-certificates iputils-ping iproute2 unzip" -ARG CONTAINER_RUNTIME_REQUIREMENTS_EXTRA="" -ARG CONTAINER_BUILD_REQUIREMENTS="" -ARG CONTAINER_BUILD_REQUIREMENTS_EXTRA="" - -COPY root / - -# hadolint ignore=DL3008,DL3015 -RUN set -Eeu; \ - chmod 755 /usr/local/bin/{docker-layer-clean,docker-install-requirements,docker-package-download}; \ - echo "APT::Install-Recommends \"false\";" > /etc/apt/apt.conf.d/docker-disable-recommends; \ - echo "export PATH=\"${PATH}\"" > /etc/environment; \ - mkdir -p /usr/share/man/man1; \ - mkdir -p /usr/share/man/man7; \ - /usr/local/bin/docker-install-requirements; \ - sed -i '/^mozilla\/DST_Root_CA_X3/s/^/!/' /etc/ca-certificates.conf; \ - update-ca-certificates -f; \ - /usr/local/bin/docker-layer-clean diff --git a/src/buster/src/root/usr/local/bin/docker-install-requirements b/src/buster/src/root/usr/local/bin/docker-install-requirements deleted file mode 100755 index d5e949d..0000000 --- a/src/buster/src/root/usr/local/bin/docker-install-requirements +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env bash - -set -o errexit # Exit script when a command exits with non-zero status -set -o errtrace # Exit on error inside any functions or sub-shells -set -o nounset # Exit script on use of an undefined variable -set -o pipefail # Return exit status of the last command in the pipe that failed - -# ------------------------------------------------------------------------------ -# Displays a status message -# -# Arguments: -# $* Status message to display -# Returns: -# Exit code -# ------------------------------------------------------------------------------ -display_status_message() { - local status=$* - - echo "-----> ${status}" -} - -# ------------------------------------------------------------------------------ -# get apt package requirements from env vars -# -# Arguments: -# $1 Filter prefix -# $2 BUILD or Runtime -# Returns: -# string -# ------------------------------------------------------------------------------ -get_requirements() { - #printf "'%s'='%s'\n" "$n" "$v" - while IFS='=' read -r -d '' n v; do - if [[ "$n" == "${1^^}_${2^^}_REQUIREMENTS"* ]]; then - echo "${v}" - fi - done < <(env -0) -} - -apt-get update -y || true - -display_status_message "Installing runtime requirements" -for REQUIREMENT in $(get_requirements "${1:-container}" "runtime"); do - apt-get install -y "${REQUIREMENT}" -done - -display_status_message "Installing build requirements" -for REQUIREMENT in $(get_requirements "${1:-container}" "build"); do - if ! dpkg -l | grep -P "^ii(?:[\s]{2})${REQUIREMENT//=*}(:?\:.*)?(?:[\s]+).*(?:all|amd64).*$" > /dev/null 2>&1; then - apt-get install -y "${REQUIREMENT}" - apt-mark auto "${REQUIREMENT}" - else - echo "Package ${REQUIREMENT} already installed skipping automatic remove during cleanup." - apt-get install -y "${REQUIREMENT}" - fi -done -apt-get update -y || true -display_status_message "Installing container requirements finished" \ No newline at end of file diff --git a/src/buster/src/root/usr/local/bin/docker-layer-clean b/src/buster/src/root/usr/local/bin/docker-layer-clean deleted file mode 100755 index 8b2503c..0000000 --- a/src/buster/src/root/usr/local/bin/docker-layer-clean +++ /dev/null @@ -1,179 +0,0 @@ -#!/usr/bin/env bash - -set -o errexit # Exit script when a command exits with non-zero status -set -o errtrace # Exit on error inside any functions or sub-shells -set -o nounset # Exit script on use of an undefined variable -set -o pipefail # Return exit status of the last command in the pipe that failed - -readonly EX_OK=0 # Successful termination -readonly EX_UNKNOWN=1 # Unknown error occured - -declare CLEANUP_LOG_FILES=true -declare CLEANUP_TMP_FOLDERS=true -declare CLEANUP_APT=true -declare CLEANUP_PIP=true - -# ------------------------------------------------------------------------------ -# Displays a error message and is able to terminate te script execution -# -# Arguments: -# $1 Error message -# $2 Exit code, script will continue execution when omitted -# Returns: -# None -# ------------------------------------------------------------------------------ -display_error_message() { - local status=${1} - local exitcode=${2:-0} - - echo >&2 - echo " ! ERROR: ${status}" - echo >&2 - - if [[ ${exitcode} -ne 0 ]]; then - exit "${exitcode}" - fi -} - -# ------------------------------------------------------------------------------ -# Displays a notice -# -# Arguments: -# $* Notice message to display -# Returns: -# Exit code -# ------------------------------------------------------------------------------ -display_notice_message() { - local status=$* - - echo - echo "NOTICE: ${status}" - echo -} - -# ------------------------------------------------------------------------------ -# Displays a status message -# -# Arguments: -# $* Status message to display -# Returns: -# Exit code -# ------------------------------------------------------------------------------ -display_status_message() { - local status=$* - - echo "-----> ${status}" -} - -# ------------------------------------------------------------------------------ -# Docker build the image -# -# Arguments: -# None -# Returns: -# Exit code -# ------------------------------------------------------------------------------ -docker_clean() { - display_status_message "Running Docker clean" - - cd / - - if [[ "${CLEANUP_LOG_FILES}" = true ]]; then - find /var/log -type f -print0 | xargs -0 truncate -s0 - fi - - if [[ "${CLEANUP_APT}" = true ]]; then - apt-get autoremove --purge --yes --quiet; - apt-get clean -y - fi - - if [[ "${CLEANUP_PIP}" = true && -d "${HOME}/.cache/pip" ]]; then - rm -rf "${HOME}/.cache/pip" - fi - - if [[ "${CLEANUP_TMP_FOLDERS}" = true ]]; then - find /tmp/ -mindepth 1 -maxdepth 1 -exec rm -rf {} + - find /var/tmp/ -mindepth 1 -maxdepth 1 -exec rm -rf {} + - fi - - rm -rf /var/lib/apt/lists/* - rm -rf /usr/share/doc/* - rm -rf /usr/share/groff/* - rm -rf /usr/share/info/* - rm -rf /usr/share/linda/* - rm -rf /usr/share/lintian/* - rm -rf /usr/share/man/*/* - - display_status_message 'Docker clean finished' - - return "${EX_OK}" -} - -display_help () { - local exit_code=${1:-${EX_OK}} - local status=${2:-} - - [[ -n "${status}" ]] && display_error_message "${status}" - - cat << EOF -Usage: /usr/local/bin/docker-layer-clean [options] -Options: - -h, Display this help and exit. - -l, Do not truncate logfiles - -p, Do not remove *-dev packages - -a, Do not cleanup apt - -t, Do not cleanup tmp folders - -p, Do not cleanup python pip cache -EOF - - exit "${exit_code}" -} - -parse_cli_arguments() { - local OPTIND o - while getopts ":hlpat" o; do - case "${o}" in - l) - CLEANUP_LOG_FILES=false - ;; - t) - CLEANUP_TMP_FOLDERS=false - ;; - a) - CLEANUP_APT=false - ;; - p) - CLEANUP_PIP=false - ;; - h) - display_help "${EX_OK}" - ;; - :) - display_help "${EX_UNKNOWN}" "Option -${OPTARG} requires an argument"; - ;; - \?) - display_help "${EX_UNKNOWN}" "Invalid option: -${OPTARG}"; - ;; - *) - display_help "${EX_UNKNOWN}" "Missing required arguments."; - ;; - esac - done - shift $((OPTIND-1)) -} - -# ============================================================================== -# RUN LOGIC -# ------------------------------------------------------------------------------ -main() { - # Parse input - parse_cli_arguments "$@" - docker_clean - exit "${EX_OK}" -} - -# Bootstrap -if [[ "${BASH_SOURCE[0]}" = "${0}" ]]; then - # Direct call to file - main "$@" -fi # Else file is included from another script \ No newline at end of file diff --git a/src/buster/src/root/usr/local/bin/docker-package-download b/src/buster/src/root/usr/local/bin/docker-package-download deleted file mode 100644 index 728c5e9..0000000 --- a/src/buster/src/root/usr/local/bin/docker-package-download +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/bin/env bash -set -e -curl --connect-timeout 5 --max-time 10 --retry 5 --retry-delay 0 --retry-max-time 40 -s -S -L "$@" \ No newline at end of file