From 6185d271750230db3b5781e94dd60cbfe6e64407 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 20 Oct 2021 12:35:49 +1100 Subject: [PATCH] Release arm64-compatible images (#323) --- Jenkinsfile | 158 +++++++++--------- Makefile | 115 ++++++++++--- images/commons/Dockerfile | 12 +- images/elasticsearch/6.Dockerfile | 5 +- images/elasticsearch/7.Dockerfile | 5 +- images/kibana/6.Dockerfile | 5 +- images/kibana/7.Dockerfile | 5 +- images/logstash/6.Dockerfile | 5 +- images/logstash/7.Dockerfile | 5 +- images/mongo/Dockerfile | 4 +- images/php-cli/7.3.Dockerfile | 16 +- images/php-cli/7.4.Dockerfile | 16 +- images/php-cli/8.0.Dockerfile | 16 +- images/php-cli/Dockerfile | 80 --------- .../php-cli/{ => entrypoints}/05-ssh-key.sh | 0 .../php-cli/{ => entrypoints}/10-ssh-agent.sh | 0 .../{ => entrypoints}/55-cli-helpers.sh | 0 .../61-php-xdebug-cli-env.sh | 0 .../{ => entrypoints}/80-shell-timeout.sh | 0 .../{ => entrypoints}/90-composer-path.sh | 0 .../{ => entrypoints}/90-mariadb-envplate.sh | 0 images/php-fpm/7.3.Dockerfile | 63 +++---- images/php-fpm/7.4.Dockerfile | 63 +++---- images/php-fpm/8.0.Dockerfile | 65 ++++--- images/solr/7.Dockerfile | 10 +- images/varnish/6.Dockerfile | 14 +- 26 files changed, 319 insertions(+), 343 deletions(-) delete mode 100644 images/php-cli/Dockerfile rename images/php-cli/{ => entrypoints}/05-ssh-key.sh (100%) rename images/php-cli/{ => entrypoints}/10-ssh-agent.sh (100%) rename images/php-cli/{ => entrypoints}/55-cli-helpers.sh (100%) rename images/php-cli/{ => entrypoints}/61-php-xdebug-cli-env.sh (100%) rename images/php-cli/{ => entrypoints}/80-shell-timeout.sh (100%) rename images/php-cli/{ => entrypoints}/90-composer-path.sh (100%) rename images/php-cli/{ => entrypoints}/90-mariadb-envplate.sh (100%) diff --git a/Jenkinsfile b/Jenkinsfile index 1e00c183d..19f6c6414 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -38,6 +38,8 @@ node ('lagoon-images') { } stage ('build images') { + sh script: "docker run --privileged --rm tonistiigi/binfmt --install all", label: "setting binfmt correctly" + sh script: "make docker-buildx-configure", label: "Configuring buildx for multi-platform build" env.SCAN_IMAGES = 'true' sh script: "make docker_pull", label: "Ensuring fresh upstream images" sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 build", label: "Building images" @@ -47,25 +49,9 @@ node ('lagoon-images') { sh 'cat scan.txt' } - stage ('push branch images to testlagoon/*') { - withCredentials([string(credentialsId: 'amazeeiojenkins-dockerhub-password', variable: 'PASSWORD')]) { - try { - if (env.SKIP_IMAGE_PUBLISH != 'true') { - sh script: 'docker login -u amazeeiojenkins -p $PASSWORD', label: "Docker login" - sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 publish-testlagoon-baseimages BRANCH_NAME=${SAFEBRANCH_NAME}", label: "Publishing built images to testlagoon" - } else { - sh script: 'echo "skipped because of SKIP_IMAGE_PUBLISH env variable"', label: "Skipping image publishing" - } - } catch (e) { - echo "Something went wrong, trying to cleanup" - cleanup() - throw e - } - } - } - stage ('show built images') { - sh 'docker image ls | sort -u' + sh 'cat build.*' + sh 'docker image ls | grep ${CI_BUILD_TAG} | sort -u' } stage ('Copy examples down') { @@ -79,85 +65,94 @@ node ('lagoon-images') { } } - stage ('Configure and Run Tests') { - dir ('tests') { - sh script: "grep -rl uselagoon . | xargs sed -i '/^FROM/ s/uselagoon/testlagoon/'" - sh script: "grep -rl uselagoon . | xargs sed -i '/image:/ s/uselagoon/testlagoon/'" - sh script: "grep -rl testlagoon . | xargs sed -i '/^FROM/ s/latest/${SAFEBRANCH_NAME}/'" - sh script: "grep -rl testlagoon . | xargs sed -i '/image:/ s/latest/${SAFEBRANCH_NAME}/'" - sh script: "find . -maxdepth 2 -name docker-compose.yml | xargs sed -i -e '/###/d'" - } - } - - dir ('tests') { - parallel ( - 'Run simple Drupal tests': { - stage ('Simple tests') { - sh script: "yarn test:simple" + parallel ( + 'build and push images to testlagoon dockerhub': { + stage ('push branch images to testlagoon/*') { + withCredentials([string(credentialsId: 'amazeeiojenkins-dockerhub-password', variable: 'PASSWORD')]) { + try { + if (env.SKIP_IMAGE_PUBLISH != 'true') { + sh script: 'docker login -u amazeeiojenkins -p $PASSWORD', label: "Docker login" + sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 publish-testlagoon-baseimages BRANCH_NAME=${SAFEBRANCH_NAME}", label: "Publishing built images to testlagoon" + if (env.SAFEBRANCH_NAME == 'main') { + sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 build PUBLISH_IMAGES=true REGISTRY_ONE=testlagoon TAG_ONE=${SAFEBRANCH_NAME} REGISTRY_TWO=testlagoon TAG_TWO=latest", label: "Publishing built images to testlagoon main&latest images" + } else if (env.SAFEBRANCH_NAME == 'arm64-images') { + sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 build PUBLISH_IMAGES=true REGISTRY_ONE=testlagoon TAG_ONE=${SAFEBRANCH_NAME} REGISTRY_TWO=testlagoon TAG_TWO=multiarch", label: "Publishing built images to testlagoon arm images" + } else { + sh script: 'echo "No multi-arch images required for this build"', label: "Skipping image publishing" + } + } else { + sh script: 'echo "skipped because of SKIP_IMAGE_PUBLISH env variable"', label: "Skipping image publishing" + } + } catch (e) { + echo "Something went wrong, trying to cleanup" + cleanup() + throw e + } } - }, - 'Run advanced Drupal tests': { - stage ('Advanced tests') { - sh script: "yarn test:advanced" + } + }, + 'Run all the tests on the local images': { + stage ('running test suite') { + dir ('tests') { + sh script: "grep -rl uselagoon . | xargs sed -i '/^FROM/ s/uselagoon/${CI_BUILD_TAG}/'" + sh script: "grep -rl uselagoon . | xargs sed -i '/image:/ s/uselagoon/${CI_BUILD_TAG}/'" + sh script: "find . -maxdepth 2 -name docker-compose.yml | xargs sed -i -e '/###/d'" + sh script: "yarn test:simple", label: "Run simple Drupal tests" + sh script: "yarn test:advanced", label: "Run advanced Drupal tests" + sh script: "yarn test test/docker*postgres*", label: "Run postgres Drupal tests" + sh script: "yarn test test/docker*all-images*", label: "Run all-images tests" + sh script: "rm test/*.js" + sh script: "grep -rl ${CI_BUILD_TAG} ./drupal8-simple/lagoon/*.dockerfile | xargs sed -i '/^FROM/ s/7.4/7.3/'" + sh script: "grep -rl PHP ./drupal8-simple/TESTING*.md | xargs sed -i 's/7.4/7.3/'" + sh script: "grep -rl ${CI_BUILD_TAG} ./drupal9-simple/lagoon/*.dockerfile | xargs sed -i '/^FROM/ s/7.4/7.3/'" + sh script: "grep -rl PHP ./drupal9-simple/TESTING*.md | xargs sed -i 's/7.4/7.3/'" + sh script: "yarn generate-tests" + sh script: "yarn test:simple", label: "Re-run simple Drupal tests again" } } - ) - } - - stage ('Configure and Run old PHP Tests') { - dir ('tests') { - sh script: "rm test/*.js" - sh script: "grep -rl testlagoon ./drupal9-simple/lagoon/*.dockerfile | xargs sed -i '/^FROM/ s/7.4/7.3/'" - sh script: "grep -rl PHP ./drupal9-simple/TESTING*.md | xargs sed -i 's/7.4/7.3/'" - sh script: "yarn generate-tests" } - } + ) - dir ('tests') { + if (env.TAG_NAME && env.SKIP_IMAGE_PUBLISH != 'true') { parallel ( - 'Run simple old PHP Drupal tests': { - stage ('Simple old PHP tests') { - sh script: "yarn test:simple" - } + 'build and push images to uselagoon dockerhub': { + stage ('push branch images to uselagoon/*') { + withCredentials([string(credentialsId: 'amazeeiojenkins-dockerhub-password', variable: 'PASSWORD')]) { + try { + if (env.SKIP_IMAGE_PUBLISH != 'true') { + sh script: 'docker login -u amazeeiojenkins -p $PASSWORD', label: "Docker login" + sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 build PUBLISH_IMAGES=true REGISTRY_ONE=uselagoon TAG_ONE=${TAG_NAME} REGISTRY_TWO=uselagoon TAG_TWO=latest", label: "Publishing built images to testlagoon" + } else { + sh script: 'echo "skipped because of SKIP_IMAGE_PUBLISH env variable"', label: "Skipping image publishing" + } + } catch (e) { + echo "Something went wrong, trying to cleanup" + cleanup() + throw e + } + } + } }, - 'Run Postgres tests': { - stage ('Postgres tests') { - sh script: "yarn test test/docker*postgres*" - } - }, - 'Run all-images tests': { - stage ('all-images tests') { - sh script: "yarn test test/docker*all-images*" + 'push legacy images to amazeeio dockerhub': { + stage ('publish-amazeeio') { + withCredentials([string(credentialsId: 'amazeeiojenkins-dockerhub-password', variable: 'PASSWORD')]) { + sh script: 'docker login -u amazeeiojenkins -p $PASSWORD', label: "Docker login" + sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 publish-amazeeio-baseimages", label: "Publishing legacy images to amazeeio" + } } } ) } - - if (env.TAG_NAME && env.SKIP_IMAGE_PUBLISH != 'true') { - stage ('publish-amazeeio') { - withCredentials([string(credentialsId: 'amazeeiojenkins-dockerhub-password', variable: 'PASSWORD')]) { - sh script: 'docker login -u amazeeiojenkins -p $PASSWORD', label: "Docker login" - sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 publish-uselagoon-baseimages", label: "Publishing built images to uselagoon" - sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 publish-amazeeio-baseimages", label: "Publishing legacy images to amazeeio" - } - } - } - - if (env.BRANCH_NAME == 'main' && env.SKIP_IMAGE_PUBLISH != 'true') { - stage ('save images to s3') { - sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 s3-save", label: "Saving images to AWS S3" - } - stage ('push latest images to testlagoon') { - sh script: "make -O${SYNC_MAKE_OUTPUT} -j8 publish-testlagoon-baseimages BRANCH_NAME=latest", label: "Publishing :latest images to testlagoon" - } - } - } catch (e) { currentBuild.result = 'FAILURE' + echo "Something went wrong, trying to cleanup" throw e } finally { + cleanup() notifySlack(currentBuild.result) } + + cleanup() } } @@ -165,7 +160,10 @@ node ('lagoon-images') { def cleanup() { try { + sh "cat build.*" + sh "make docker-buildx-remove" sh "make clean" + sh "rm build.*" } catch (error) { echo "cleanup failed, ignoring this." } diff --git a/Makefile b/Makefile index 0ec90edc2..eab7c6dbe 100644 --- a/Makefile +++ b/Makefile @@ -56,11 +56,16 @@ DOCKER_DRIVER := $(shell docker info -f '{{.Driver}}') # Name of the Branch we are currently in BRANCH_NAME := +# Only set this to false when ready to push images to dockerhub +PUBLISH_IMAGES ?= false + +TEMPFILE := $(shell mktemp build.XXXX -u) + # Skip image scanning by default to make building images substantially faster SCAN_IMAGES ?= false # Init the file that is used to hold the image tag cross-reference table -$(shell >build.txt) +# $(shell >build.txt) $(shell >scan.txt) ####### @@ -69,7 +74,47 @@ $(shell >scan.txt) # Builds a docker image. Expects as arguments: name of the image, location of Dockerfile, path of # Docker Build Context -docker_build = docker build $(DOCKER_BUILD_PARAMS) --build-arg LAGOON_VERSION=$(LAGOON_VERSION) --build-arg IMAGE_REPO=$(CI_BUILD_TAG) -t $(CI_BUILD_TAG)/$(1) -f $(2) $(3) +docker_build_local = DOCKER_BUILDKIT=0 docker build $(DOCKER_BUILD_PARAMS) \ + --build-arg LAGOON_VERSION=$(LAGOON_VERSION) \ + --build-arg IMAGE_REPO=$(CI_BUILD_TAG) \ + -t $(CI_BUILD_TAG)/$(1) \ + -f $(2) $(3) + +docker_buildx_two = docker buildx build $(DOCKER_BUILD_PARAMS) \ + --platform linux/amd64,linux/arm64/v8 \ + --build-arg LAGOON_VERSION=$(LAGOON_VERSION) \ + --build-arg IMAGE_REPO=localhost:5000/testlagoon \ + --cache-from=type=registry,ref=localhost:5000/testlagoon/$(1) \ + --push \ + -t localhost:5000/testlagoon/$(1) \ + -t $(REGISTRY_ONE)/$(1):$(TAG_ONE) \ + -t $(REGISTRY_TWO)/$(1):$(TAG_TWO) \ + -f $(2) $(3) + +docker_buildx_three = docker buildx build $(DOCKER_BUILD_PARAMS) \ + --platform linux/amd64,linux/arm64/v8 \ + --build-arg LAGOON_VERSION=$(LAGOON_VERSION) \ + --build-arg IMAGE_REPO=localhost:5000/uselagoon \ + --cache-from=type=registry,ref=localhost:5000/testlagoon/$(1) \ + --push \ + -t localhost:5000/uselagoon/$(1) \ + -t uselagoon/$(1)-test:$(LAGOON_VERSION) \ + -t uselagoon/$(1)-test:latest \ + -t testlagoon/$(1)-test:$(BRANCH_NAME) \ + -f $(2) $(3) + +ifeq ($(PUBLISH_IMAGES),true) + ifdef REGISTRY_THREE + docker_build = $(docker_buildx_three) + else ifdef REGISTRY_TWO + docker_build = $(docker_buildx_two) + else ifdef REGISTRY_ONE + docker_build = $(docker_buildx_one) + endif +else + docker_build = $(docker_build_local) +endif + scan_cmd = docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(HOME)/Library/Caches:/root/.cache/ aquasec/trivy --timeout 5m0s $(CI_BUILD_TAG)/$(1) >> scan.txt @@ -90,7 +135,7 @@ docker_publish_amazeeio = docker tag $(CI_BUILD_TAG)/$(1) amazeeio/$(2) && docke .PHONY: docker_pull docker_pull: - grep -Eh 'FROM' $$(find . -type f -name *Dockerfile) | grep -Ev 'IMAGE_REPO' | awk '{print $$2}' | sort --unique | xargs -tn1 -P8 docker pull -q + grep -Eh 'FROM' $$(find . -type f -name *Dockerfile) | grep -Ev 'IMAGE_REPO' | sed 's/\-\-platform\=linux\/amd64//g' | awk '{print $$2}' | sort --unique | xargs -tn1 -P8 docker pull -q ####### ####### Base Images @@ -98,9 +143,9 @@ docker_pull: ####### Base Images are the base for all other images and are also published for clients to use during local development unversioned-images := commons \ - mongo \ nginx \ nginx-drupal \ + mongo \ toolbox \ rabbitmq \ rabbitmq-cluster @@ -119,11 +164,11 @@ $(build-images): # Call the docker build $(call docker_build,$(image),images/$(image)/Dockerfile,images/$(image)) # Populate the cross-reference table - $(shell echo $(image),$(image) >> build.txt) + $(shell echo $(shell date +"%T") $(image),images/$(image)/Dockerfile,images/$(image) >> $(TEMPFILE)) #scan created image with Trivy - $(call scan_image,$(image),) +# $(call scan_image,$(image),) # Touch an empty file which make itself is using to understand when the image has been last build - touch $@ +# touch $@ # Define dependencies of Base Images so that make can build them in the right order. There are two # types of Dependencies @@ -172,14 +217,14 @@ versioned-images := php-7.3-fpm \ postgres-12 \ redis-6 \ redis-6-persistent \ - varnish-6 \ - varnish-6-drupal \ - varnish-6-persistent \ - varnish-6-persistent-drupal \ solr-7 \ solr-7-drupal \ mariadb-10.5 \ mariadb-10.5-drupal \ + varnish-6 \ + varnish-6-drupal \ + varnish-6-persistent \ + varnish-6-persistent-drupal # default-versioned-images are images that formerly had no versioning, and are made backwards-compatible. # the below versions are the ones that map to the unversioned namespace @@ -210,11 +255,11 @@ $(build-versioned-images): # Call the generic docker build process $(call docker_build,$(image),images/$(folder)/$(if $(version),$(version).)Dockerfile,images/$(folder)) # Populate the cross-reference table - $(shell echo $(image),$(legacytag) >> build.txt) + $(shell echo $(shell date +"%T") $(image),images/$(folder)/$(if $(version),$(version).)Dockerfile,images/$(folder) >> $(TEMPFILE)) #scan created images with Trivy - $(call scan_image,$(image),) +# $(call scan_image,$(image),) # Touch an empty file which make itself is using to understand when the image has been last built - touch $@ +# touch $@ base-images-with-versions += $(versioned-images) base-images-with-versions += $(default-versioned-images) @@ -258,7 +303,8 @@ build/mariadb-10.5-drupal: build/mariadb-10.5 # Builds all Images .PHONY: build -build: $(foreach image,$(base-images) $(base-images-with-versions) ,build/$(image)) +build: $(shell >$(TEMPFILE)) $(foreach image,$(base-images) $(base-images-with-versions) ,build/$(image)) + cat $(TEMPFILE) # Outputs a list of all Images we manage .PHONY: build-list @@ -273,6 +319,13 @@ build-list: ####### All main&PR images are pushed to testlagoon repository ####### +.PHONY: docker-buildx-configure +docker-buildx-configure: + docker run -d -p 5000:5000 --restart always --name registry registry:2 + docker buildx create --platform linux/arm64,linux/arm/v8 --driver-opt network=host --name ci-local --use + docker buildx ls + docker context ls + # Publish command to testlagoon docker hub, done on any main branch or PR publish-testlagoon-baseimages = $(foreach image,$(base-images),[publish-testlagoon-baseimages]-$(image)) publish-testlagoon-baseimages-with-versions = $(foreach image,$(base-images-with-versions),[publish-testlagoon-baseimages-with-versions]-$(image)) @@ -288,8 +341,15 @@ publish-testlagoon-baseimages: $(publish-testlagoon-baseimages) $(publish-testla $(publish-testlagoon-baseimages): # Calling docker_publish for image, but remove the prefix '[publish-testlagoon-baseimages]-' first $(eval image = $(subst [publish-testlagoon-baseimages]-,,$@)) + $(eval variant = $(word 1,$(subst -, ,$(image)))) + $(eval version = $(word 2,$(subst -, ,$(image)))) + $(eval type = $(word 3,$(subst -, ,$(image)))) + $(eval subtype = $(word 4,$(subst -, ,$(image)))) +# Construct the folder and legacy tag to use - note that if treats undefined vars as 'false' to avoid extra '-/' + $(eval folder = $(shell echo $(variant)$(if $(type),-$(type))$(if $(subtype),-$(subtype)))) + # Publish images with version tag - $(call docker_publish_testlagoon,$(image),$(image):$(BRANCH_NAME)) + $(call docker_publish_testlagoon,$(image),$(image):$(BRANCH_NAME),$(folder)) # tag and push of base image with version .PHONY: $(publish-testlagoon-baseimages-with-versions) @@ -298,13 +358,19 @@ $(publish-testlagoon-baseimages-with-versions): $(eval image = $(subst [publish-testlagoon-baseimages-with-versions]-,,$@)) # The underline is a placeholder for a colon, replace that $(eval image = $(subst __,:,$(image))) + $(eval variant = $(word 1,$(subst -, ,$(image)))) + $(eval version = $(word 2,$(subst -, ,$(image)))) + $(eval type = $(word 3,$(subst -, ,$(image)))) + $(eval subtype = $(word 4,$(subst -, ,$(image)))) +# Construct the folder and legacy tag to use - note that if treats undefined vars as 'false' to avoid extra '-/' + $(eval folder = $(shell echo $(variant)$(if $(type),-$(type))$(if $(subtype),-$(subtype)))) # We add the Lagoon Version just as a dash - $(call docker_publish_testlagoon,$(image),$(image):$(BRANCH_NAME)) + $(call docker_publish_testlagoon,$(image),$(image):$(BRANCH_NAME),$(folder)) # tag and push of unversioned base images .PHONY: $(publish-testlagoon-baseimages-without-versions) $(publish-testlagoon-baseimages-without-versions): -# Calling docker_publish for image, but remove the prefix '[publish-amazeeio-baseimages-with-versions]-' first +# Calling docker_publish for image, but remove the prefix '[publish-testlagoon-baseimages-with-versions]-' first $(eval image = $(subst [publish-testlagoon-baseimages-without-versions]-,,$@)) $(eval variant = $(word 1,$(subst -, ,$(image)))) $(eval version = $(word 2,$(subst -, ,$(image)))) @@ -312,9 +378,11 @@ $(publish-testlagoon-baseimages-without-versions): $(eval subtype = $(word 4,$(subst -, ,$(image)))) # Construct a "legacy" tag of the form `testlagoon/variant-type-subtype` e.g. `testlagoon/postgres-ckan` $(eval legacytag = $(shell echo $(variant)$(if $(type),-$(type))$(if $(subtype),-$(subtype)))) +# Construct the folder and legacy tag to use - note that if treats undefined vars as 'false' to avoid extra '-/' + $(eval folder = $(shell echo $(variant)$(if $(type),-$(type))$(if $(subtype),-$(subtype)))) # These images already use a tag to differentiate between different versions of the service itself (like node:9 and node:10) # We push a version without the `-latest` suffix - $(call docker_publish_testlagoon,$(image),$(legacytag):$(BRANCH_NAME)) + $(call docker_publish_testlagoon,$(image),$(legacytag):$(BRANCH_NAME),$(folder)) ####### ####### All tagged releases are pushed to uselagoon repository with new semantic tags @@ -441,5 +509,14 @@ $(s3-load): # Clean all build touches, which will case make to rebuild the Docker Images (Layer caching is # still active, so this is a very safe command) + +.PHONY: docker-buildx-remove +docker-buildx-remove: + docker stop registry || echo "no registry" + docker rm registry || echo "no registry" + docker buildx rm ci-local + docker buildx ls + docker context ls + clean: rm -rf build/* diff --git a/images/commons/Dockerfile b/images/commons/Dockerfile index 3744481c9..57a94b199 100644 --- a/images/commons/Dockerfile +++ b/images/commons/Dockerfile @@ -1,7 +1,5 @@ -FROM golang:alpine3.14 AS builder -RUN GIT_TAG=github.com/smlx/go-crond@custom-workdir-mod-update GIT_COMMIT=1b81c05ef34903427ed06a56c26cc268a0377b83; \ - GO111MODULE=on CGO_ENABLED=0 go get -ldflags "-X main.gitTag=$GIT_TAG -X main.gitCommit=$GIT_COMMIT" \ - github.com/smlx/go-crond@$GIT_COMMIT +FROM webdevops/go-crond:21.5.0-alpine AS go-crond +FROM amazeeio/envplate:v1.0.0-rc.3 AS envplate FROM alpine:3.14.2 @@ -15,15 +13,13 @@ RUN mkdir -p /lagoon/bin COPY fix-permissions docker-sleep entrypoint-readiness wait-for /bin/ COPY .bashrc /home/.bashrc -COPY --from=builder /go/bin/go-crond /lagoon/bin/cron +COPY --from=go-crond /usr/local/bin/go-crond /lagoon/bin/cron +COPY --from=envplate /usr/local/bin/ep /bin/ep RUN apk update \ && apk upgrade \ && apk add --no-cache curl tini \ && rm -rf /var/cache/apk/* \ - && curl -sLo /bin/ep https://github.com/kreuzwerker/envplate/releases/download/1.0.0-RC1/ep-linux \ - && echo "48e234e067874a57a4d4bb198b5558d483ee37bcc285287fffb3864818b42f2785be0568faacbc054e97ca1c5047ec70382e1ca0e71182c9dba06649ad83a5f6 /bin/ep" | sha512sum -c \ - && chmod +x /bin/ep \ && mkdir -p /lagoon/crontabs && fix-permissions /lagoon/crontabs \ && ln -s /home/.bashrc /home/.profile diff --git a/images/elasticsearch/6.Dockerfile b/images/elasticsearch/6.Dockerfile index 50186b617..a9e31117f 100644 --- a/images/elasticsearch/6.Dockerfile +++ b/images/elasticsearch/6.Dockerfile @@ -1,7 +1,7 @@ ARG IMAGE_REPO FROM ${IMAGE_REPO:-lagoon}/commons as commons # Defining Versions - https://www.elastic.co/guide/en/elasticsearch/reference/6.8/docker.html -FROM docker.elastic.co/elasticsearch/elasticsearch:6.8.17 +FROM --platform=linux/amd64 docker.elastic.co/elasticsearch/elasticsearch:6.8.20 LABEL org.opencontainers.image.authors="The Lagoon Authors" maintainer="The Lagoon Authors" LABEL org.opencontainers.image.source="https://github.com/uselagoon/lagoon-images" repository="https://github.com/uselagoon/lagoon-images" @@ -16,7 +16,8 @@ COPY --from=commons /lagoon /lagoon COPY --from=commons /bin/fix-permissions /bin/ep /bin/docker-sleep /bin/wait-for /bin/ COPY --from=commons /home /home -RUN curl -sL https://github.com/krallin/tini/releases/download/v0.18.0/tini -o /sbin/tini && chmod a+x /sbin/tini +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -sL https://github.com/krallin/tini/releases/download/v0.19.0/tini-${architecture} -o /sbin/tini && chmod a+x /sbin/tini COPY docker-entrypoint.sh.6 /lagoon/entrypoints/90-elasticsearch.sh diff --git a/images/elasticsearch/7.Dockerfile b/images/elasticsearch/7.Dockerfile index 29186bac8..ee128c515 100644 --- a/images/elasticsearch/7.Dockerfile +++ b/images/elasticsearch/7.Dockerfile @@ -1,7 +1,7 @@ ARG IMAGE_REPO FROM ${IMAGE_REPO:-lagoon}/commons as commons # Defining Versions - https://www.elastic.co/guide/en/elasticsearch/reference/7.6/docker.html -FROM docker.elastic.co/elasticsearch/elasticsearch:7.6.2 +FROM docker.elastic.co/elasticsearch/elasticsearch:7.8.1 LABEL org.opencontainers.image.authors="The Lagoon Authors" maintainer="The Lagoon Authors" LABEL org.opencontainers.image.source="https://github.com/uselagoon/lagoon-images" repository="https://github.com/uselagoon/lagoon-images" @@ -16,7 +16,8 @@ COPY --from=commons /lagoon /lagoon COPY --from=commons /bin/fix-permissions /bin/ep /bin/docker-sleep /bin/wait-for /bin/ COPY --from=commons /home /home -RUN curl -sL https://github.com/krallin/tini/releases/download/v0.18.0/tini -o /sbin/tini && chmod a+x /sbin/tini +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -sL https://github.com/krallin/tini/releases/download/v0.19.0/tini-${architecture} -o /sbin/tini && chmod a+x /sbin/tini COPY docker-entrypoint.sh.7 /lagoon/entrypoints/90-elasticsearch.sh diff --git a/images/kibana/6.Dockerfile b/images/kibana/6.Dockerfile index fcd256ff9..1df7fc0b6 100644 --- a/images/kibana/6.Dockerfile +++ b/images/kibana/6.Dockerfile @@ -1,6 +1,6 @@ ARG IMAGE_REPO FROM ${IMAGE_REPO:-lagoon}/commons as commons -FROM docker.elastic.co/kibana/kibana:6.8.17 +FROM --platform=linux/amd64 docker.elastic.co/kibana/kibana:6.8.20 LABEL org.opencontainers.image.authors="The Lagoon Authors" maintainer="The Lagoon Authors" LABEL org.opencontainers.image.source="https://github.com/uselagoon/lagoon-images" repository="https://github.com/uselagoon/lagoon-images" @@ -17,7 +17,8 @@ COPY --from=commons /lagoon /lagoon COPY --from=commons /bin/fix-permissions /bin/ep /bin/docker-sleep /bin/wait-for /bin/ COPY --from=commons /home /home -RUN curl -sL https://github.com/krallin/tini/releases/download/v0.18.0/tini -o /sbin/tini && chmod a+x /sbin/tini +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -sL https://github.com/krallin/tini/releases/download/v0.19.0/tini-${architecture} -o /sbin/tini && chmod a+x /sbin/tini RUN fix-permissions /etc/passwd \ && mkdir -p /home diff --git a/images/kibana/7.Dockerfile b/images/kibana/7.Dockerfile index 80d5cb9ee..c99ebd4ba 100644 --- a/images/kibana/7.Dockerfile +++ b/images/kibana/7.Dockerfile @@ -1,6 +1,6 @@ ARG IMAGE_REPO FROM ${IMAGE_REPO:-lagoon}/commons as commons -FROM docker.elastic.co/kibana/kibana:7.6.2 +FROM docker.elastic.co/kibana/kibana:7.8.1 LABEL org.opencontainers.image.authors="The Lagoon Authors" maintainer="The Lagoon Authors" LABEL org.opencontainers.image.source="https://github.com/uselagoon/lagoon-images" repository="https://github.com/uselagoon/lagoon-images" @@ -17,7 +17,8 @@ COPY --from=commons /lagoon /lagoon COPY --from=commons /bin/fix-permissions /bin/ep /bin/docker-sleep /bin/wait-for /bin/ COPY --from=commons /home /home -RUN curl -sL https://github.com/krallin/tini/releases/download/v0.18.0/tini -o /sbin/tini && chmod a+x /sbin/tini +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -sL https://github.com/krallin/tini/releases/download/v0.19.0/tini-${architecture} -o /sbin/tini && chmod a+x /sbin/tini RUN fix-permissions /etc/passwd \ && mkdir -p /home diff --git a/images/logstash/6.Dockerfile b/images/logstash/6.Dockerfile index 8120f23eb..887b671b3 100644 --- a/images/logstash/6.Dockerfile +++ b/images/logstash/6.Dockerfile @@ -2,7 +2,7 @@ ARG IMAGE_REPO FROM ${IMAGE_REPO:-lagoon}/commons as commons -FROM docker.elastic.co/logstash/logstash:6.8.17 +FROM --platform=linux/amd64 docker.elastic.co/logstash/logstash:6.8.20 LABEL org.opencontainers.image.authors="The Lagoon Authors" maintainer="The Lagoon Authors" LABEL org.opencontainers.image.source="https://github.com/uselagoon/lagoon-images" repository="https://github.com/uselagoon/lagoon-images" @@ -19,7 +19,8 @@ COPY --from=commons /lagoon /lagoon COPY --from=commons /bin/fix-permissions /bin/ep /bin/docker-sleep /bin/wait-for /bin/ COPY --from=commons /home /home -RUN curl -sL https://github.com/krallin/tini/releases/download/v0.18.0/tini -o /sbin/tini && chmod a+x /sbin/tini +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -sL https://github.com/krallin/tini/releases/download/v0.19.0/tini-${architecture} -o /sbin/tini && chmod a+x /sbin/tini RUN fix-permissions /etc/passwd \ && mkdir -p /home diff --git a/images/logstash/7.Dockerfile b/images/logstash/7.Dockerfile index 8093f0ada..46d2e4439 100644 --- a/images/logstash/7.Dockerfile +++ b/images/logstash/7.Dockerfile @@ -1,6 +1,6 @@ ARG IMAGE_REPO FROM ${IMAGE_REPO:-lagoon}/commons as commons -FROM docker.elastic.co/logstash/logstash:7.6.2 +FROM docker.elastic.co/logstash/logstash:7.8.1 LABEL org.opencontainers.image.authors="The Lagoon Authors" maintainer="The Lagoon Authors" LABEL org.opencontainers.image.source="https://github.com/uselagoon/lagoon-images" repository="https://github.com/uselagoon/lagoon-images" @@ -17,7 +17,8 @@ COPY --from=commons /lagoon /lagoon COPY --from=commons /bin/fix-permissions /bin/ep /bin/docker-sleep /bin/wait-for /bin/ COPY --from=commons /home /home -RUN curl -sL https://github.com/krallin/tini/releases/download/v0.18.0/tini -o /sbin/tini && chmod a+x /sbin/tini +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -sL https://github.com/krallin/tini/releases/download/v0.19.0/tini-${architecture} -o /sbin/tini && chmod a+x /sbin/tini RUN fix-permissions /etc/passwd \ && mkdir -p /home diff --git a/images/mongo/Dockerfile b/images/mongo/Dockerfile index 91c1ece7d..e8f63b63f 100644 --- a/images/mongo/Dockerfile +++ b/images/mongo/Dockerfile @@ -1,6 +1,6 @@ ARG IMAGE_REPO -FROM ${IMAGE_REPO:-lagoon}/commons as commons -FROM alpine:3.8 +FROM --platform=linux/amd64 ${IMAGE_REPO:-lagoon}/commons as commons +FROM --platform=linux/amd64 alpine:3.8 LABEL org.opencontainers.image.authors="The Lagoon Authors" maintainer="The Lagoon Authors" LABEL org.opencontainers.image.source="https://github.com/uselagoon/lagoon-images" repository="https://github.com/uselagoon/lagoon-images" diff --git a/images/php-cli/7.3.Dockerfile b/images/php-cli/7.3.Dockerfile index 4e1f23873..258d91127 100644 --- a/images/php-cli/7.3.Dockerfile +++ b/images/php-cli/7.3.Dockerfile @@ -15,7 +15,6 @@ RUN apk add --no-cache git \ unzip \ gzip \ bash \ - tini \ openssh-client \ rsync \ patch \ @@ -42,34 +41,25 @@ RUN apk add --no-cache git \ ENV PATH="/home/.composer/vendor/bin:${PATH}" # We not only use "export $PATH" as this could be overwritten again # like it happens in /etc/profile of alpine Images. -COPY 90-composer-path.sh /lagoon/entrypoints/ +COPY entrypoints /lagoon/entrypoints/ # Remove warning about running as root in composer ENV COMPOSER_ALLOW_SUPERUSER=1 # Making sure the path is not only added during entrypoint, but also when creating a new shell RUN echo "source /lagoon/entrypoints/90-composer-path.sh" >> /home/.bashrc - # Make sure shells are not running forever -COPY 80-shell-timeout.sh /lagoon/entrypoints/ RUN echo "source /lagoon/entrypoints/80-shell-timeout.sh" >> /home/.bashrc - # Make sure xdebug is automatically enabled also for cli scripts -COPY 61-php-xdebug-cli-env.sh /lagoon/entrypoints/ RUN echo "source /lagoon/entrypoints/61-php-xdebug-cli-env.sh" >> /home/.bashrc +# helper functions +RUN echo "source /lagoon/entrypoints/55-cli-helpers.sh" >> /home/.bashrc # Copy mariadb-client configuration. -COPY 90-mariadb-envplate.sh /lagoon/entrypoints/ COPY mariadb-client.cnf /etc/my.cnf.d/ RUN fix-permissions /etc/my.cnf.d/ -# helper functions -COPY 55-cli-helpers.sh /lagoon/entrypoints/ -RUN echo "source /lagoon/entrypoints/55-cli-helpers.sh" >> /home/.bashrc - # SSH Key and Agent Setup -COPY 05-ssh-key.sh /lagoon/entrypoints/ -COPY 10-ssh-agent.sh /lagoon/entrypoints/ COPY ssh_config /etc/ssh/ssh_config COPY id_ed25519_lagoon_cli.key /home/.ssh/lagoon_cli.key RUN chmod 400 /home/.ssh/lagoon_cli.key diff --git a/images/php-cli/7.4.Dockerfile b/images/php-cli/7.4.Dockerfile index 8839af571..e00b3b184 100644 --- a/images/php-cli/7.4.Dockerfile +++ b/images/php-cli/7.4.Dockerfile @@ -15,7 +15,6 @@ RUN apk add --no-cache git \ unzip \ gzip \ bash \ - tini \ openssh-client \ rsync \ patch \ @@ -42,34 +41,25 @@ RUN apk add --no-cache git \ ENV PATH="/home/.composer/vendor/bin:${PATH}" # We not only use "export $PATH" as this could be overwritten again # like it happens in /etc/profile of alpine Images. -COPY 90-composer-path.sh /lagoon/entrypoints/ +COPY entrypoints /lagoon/entrypoints/ # Remove warning about running as root in composer ENV COMPOSER_ALLOW_SUPERUSER=1 # Making sure the path is not only added during entrypoint, but also when creating a new shell RUN echo "source /lagoon/entrypoints/90-composer-path.sh" >> /home/.bashrc - # Make sure shells are not running forever -COPY 80-shell-timeout.sh /lagoon/entrypoints/ RUN echo "source /lagoon/entrypoints/80-shell-timeout.sh" >> /home/.bashrc - # Make sure xdebug is automatically enabled also for cli scripts -COPY 61-php-xdebug-cli-env.sh /lagoon/entrypoints/ RUN echo "source /lagoon/entrypoints/61-php-xdebug-cli-env.sh" >> /home/.bashrc +# helper functions +RUN echo "source /lagoon/entrypoints/55-cli-helpers.sh" >> /home/.bashrc # Copy mariadb-client configuration. -COPY 90-mariadb-envplate.sh /lagoon/entrypoints/ COPY mariadb-client.cnf /etc/my.cnf.d/ RUN fix-permissions /etc/my.cnf.d/ -# helper functions -COPY 55-cli-helpers.sh /lagoon/entrypoints/ -RUN echo "source /lagoon/entrypoints/55-cli-helpers.sh" >> /home/.bashrc - # SSH Key and Agent Setup -COPY 05-ssh-key.sh /lagoon/entrypoints/ -COPY 10-ssh-agent.sh /lagoon/entrypoints/ COPY ssh_config /etc/ssh/ssh_config COPY id_ed25519_lagoon_cli.key /home/.ssh/lagoon_cli.key RUN chmod 400 /home/.ssh/lagoon_cli.key diff --git a/images/php-cli/8.0.Dockerfile b/images/php-cli/8.0.Dockerfile index f1a95fe40..597da68fc 100644 --- a/images/php-cli/8.0.Dockerfile +++ b/images/php-cli/8.0.Dockerfile @@ -12,7 +12,6 @@ RUN apk add --no-cache git \ unzip \ gzip \ bash \ - tini \ openssh-client \ rsync \ patch \ @@ -35,34 +34,25 @@ RUN apk add --no-cache git \ ENV PATH="/home/.composer/vendor/bin:${PATH}" # We not only use "export $PATH" as this could be overwritten again # like it happens in /etc/profile of alpine Images. -COPY 90-composer-path.sh /lagoon/entrypoints/ +COPY entrypoints /lagoon/entrypoints/ # Remove warning about running as root in composer ENV COMPOSER_ALLOW_SUPERUSER=1 # Making sure the path is not only added during entrypoint, but also when creating a new shell RUN echo "source /lagoon/entrypoints/90-composer-path.sh" >> /home/.bashrc - # Make sure shells are not running forever -COPY 80-shell-timeout.sh /lagoon/entrypoints/ RUN echo "source /lagoon/entrypoints/80-shell-timeout.sh" >> /home/.bashrc - # Make sure xdebug is automatically enabled also for cli scripts -COPY 61-php-xdebug-cli-env.sh /lagoon/entrypoints/ RUN echo "source /lagoon/entrypoints/61-php-xdebug-cli-env.sh" >> /home/.bashrc +# helper functions +RUN echo "source /lagoon/entrypoints/55-cli-helpers.sh" >> /home/.bashrc # Copy mariadb-client configuration. -COPY 90-mariadb-envplate.sh /lagoon/entrypoints/ COPY mariadb-client.cnf /etc/my.cnf.d/ RUN fix-permissions /etc/my.cnf.d/ -# helper functions -COPY 55-cli-helpers.sh /lagoon/entrypoints/ -RUN echo "source /lagoon/entrypoints/55-cli-helpers.sh" >> /home/.bashrc - # SSH Key and Agent Setup -COPY 05-ssh-key.sh /lagoon/entrypoints/ -COPY 10-ssh-agent.sh /lagoon/entrypoints/ COPY ssh_config /etc/ssh/ssh_config COPY id_ed25519_lagoon_cli.key /home/.ssh/lagoon_cli.key RUN chmod 400 /home/.ssh/lagoon_cli.key diff --git a/images/php-cli/Dockerfile b/images/php-cli/Dockerfile deleted file mode 100644 index d56173b4c..000000000 --- a/images/php-cli/Dockerfile +++ /dev/null @@ -1,80 +0,0 @@ -ARG PHP_VERSION -ARG IMAGE_REPO -ARG PHP_IMAGE_VERSION -FROM ${IMAGE_REPO:-lagoon}/php:${PHP_VERSION}-fpm - -LABEL org.opencontainers.image.authors="The Lagoon Authors" maintainer="The Lagoon Authors" -LABEL org.opencontainers.image.source="https://github.com/uselagoon/lagoon-images" repository="https://github.com/uselagoon/lagoon-images" - -ENV LAGOON=cli - -# Defining Versions - Composer -# @see https://getcomposer.org/download/ -ENV COMPOSER_VERSION=1.10.9 \ - COMPOSER_HASH_SHA256=70d6b9c3e0774b398a372dcb7f89dfe22fc25884e6e09ebf277286dd64cfaf35 - -RUN apk add --no-cache git \ - unzip \ - gzip \ - bash \ - tini \ - openssh-client \ - rsync \ - patch \ - procps \ - coreutils \ - mariadb-client \ - postgresql-client \ - openssh-sftp-server \ - findutils \ - nodejs-current \ - nodejs-npm \ - yarn \ - && ln -s /usr/lib/ssh/sftp-server /usr/local/bin/sftp-server \ - && rm -rf /var/cache/apk/* \ - && curl -L -o /usr/local/bin/composer https://github.com/composer/composer/releases/download/${COMPOSER_VERSION}/composer.phar \ - && echo "$COMPOSER_HASH_SHA256 /usr/local/bin/composer" | sha256sum -c \ - && chmod +x /usr/local/bin/composer \ - && php -d memory_limit=-1 /usr/local/bin/composer global require hirak/prestissimo \ - && mkdir -p /home/.ssh \ - && fix-permissions /home/ - -# Adding Composer vendor bin path to $PATH. -ENV PATH="/home/.composer/vendor/bin:${PATH}" -# We not only use "export $PATH" as this could be overwritten again -# like it happens in /etc/profile of alpine Images. -COPY 90-composer-path.sh /lagoon/entrypoints/ - -# Remove warning about running as root in composer -ENV COMPOSER_ALLOW_SUPERUSER=1 - -# Making sure the path is not only added during entrypoint, but also when creating a new shell -RUN echo "source /lagoon/entrypoints/90-composer-path.sh" >> /home/.bashrc - -# Make sure shells are not running forever -COPY 80-shell-timeout.sh /lagoon/entrypoints/ -RUN echo "source /lagoon/entrypoints/80-shell-timeout.sh" >> /home/.bashrc - -# Make sure xdebug is automatically enabled also for cli scripts -COPY 61-php-xdebug-cli-env.sh /lagoon/entrypoints/ -RUN echo "source /lagoon/entrypoints/61-php-xdebug-cli-env.sh" >> /home/.bashrc - -# Copy mariadb-client configuration. -COPY 90-mariadb-envplate.sh /lagoon/entrypoints/ -COPY mariadb-client.cnf /etc/my.cnf.d/ -RUN fix-permissions /etc/my.cnf.d/ - -# helper functions -COPY 55-cli-helpers.sh /lagoon/entrypoints/ -RUN echo "source /lagoon/entrypoints/55-cli-helpers.sh" >> /home/.bashrc - -# SSH Key and Agent Setup -COPY 05-ssh-key.sh /lagoon/entrypoints/ -COPY 10-ssh-agent.sh /lagoon/entrypoints/ -COPY ssh_config /etc/ssh/ssh_config -COPY id_ed25519_lagoon_cli.key /home/.ssh/lagoon_cli.key -RUN chmod 400 /home/.ssh/lagoon_cli.key -ENV SSH_AUTH_SOCK=/tmp/ssh-agent - -ENTRYPOINT ["/sbin/tini", "--", "/lagoon/entrypoints.sh"] -CMD ["/bin/docker-sleep"] diff --git a/images/php-cli/05-ssh-key.sh b/images/php-cli/entrypoints/05-ssh-key.sh similarity index 100% rename from images/php-cli/05-ssh-key.sh rename to images/php-cli/entrypoints/05-ssh-key.sh diff --git a/images/php-cli/10-ssh-agent.sh b/images/php-cli/entrypoints/10-ssh-agent.sh similarity index 100% rename from images/php-cli/10-ssh-agent.sh rename to images/php-cli/entrypoints/10-ssh-agent.sh diff --git a/images/php-cli/55-cli-helpers.sh b/images/php-cli/entrypoints/55-cli-helpers.sh similarity index 100% rename from images/php-cli/55-cli-helpers.sh rename to images/php-cli/entrypoints/55-cli-helpers.sh diff --git a/images/php-cli/61-php-xdebug-cli-env.sh b/images/php-cli/entrypoints/61-php-xdebug-cli-env.sh similarity index 100% rename from images/php-cli/61-php-xdebug-cli-env.sh rename to images/php-cli/entrypoints/61-php-xdebug-cli-env.sh diff --git a/images/php-cli/80-shell-timeout.sh b/images/php-cli/entrypoints/80-shell-timeout.sh similarity index 100% rename from images/php-cli/80-shell-timeout.sh rename to images/php-cli/entrypoints/80-shell-timeout.sh diff --git a/images/php-cli/90-composer-path.sh b/images/php-cli/entrypoints/90-composer-path.sh similarity index 100% rename from images/php-cli/90-composer-path.sh rename to images/php-cli/entrypoints/90-composer-path.sh diff --git a/images/php-cli/90-mariadb-envplate.sh b/images/php-cli/entrypoints/90-mariadb-envplate.sh similarity index 100% rename from images/php-cli/90-mariadb-envplate.sh rename to images/php-cli/entrypoints/90-mariadb-envplate.sh diff --git a/images/php-fpm/7.3.Dockerfile b/images/php-fpm/7.3.Dockerfile index e0737b80a..6af5a6df1 100644 --- a/images/php-fpm/7.3.Dockerfile +++ b/images/php-fpm/7.3.Dockerfile @@ -22,7 +22,6 @@ COPY --from=commons /sbin/tini /sbin/ COPY --from=commons /home /home # Copy healthcheck files - COPY --from=healthcheckbuilder /healthz-php /healthz-php RUN fix-permissions /etc/passwd \ @@ -37,7 +36,7 @@ ENV TMPDIR=/tmp \ BASH_ENV=/home/.bashrc COPY check_fcgi /usr/sbin/ -COPY entrypoints/70-php-config.sh entrypoints/60-php-xdebug.sh entrypoints/50-ssmtp.sh entrypoints/71-php-newrelic.sh entrypoints/80-php-blackfire.sh /lagoon/entrypoints/ +COPY entrypoints /lagoon/entrypoints/ COPY php.ini /usr/local/etc/php/ COPY 00-lagoon-php.ini.tpl /usr/local/etc/php/conf.d/ @@ -45,11 +44,6 @@ COPY php-fpm.d/www.conf /usr/local/etc/php-fpm.d/www.conf COPY ssmtp.conf /etc/ssmtp/ssmtp.conf COPY blackfire.ini /usr/local/etc/php/conf.d/blackfire.disable -# New Relic PHP Agent. -# @see https://docs.newrelic.com/docs/release-notes/agent-release-notes/php-release-notes/ -# @see https://docs.newrelic.com/docs/agents/php-agent/getting-started/php-agent-compatibility-requirements -ENV NEWRELIC_VERSION=9.17.1.301 - RUN apk add --no-cache fcgi \ ssmtp \ libzip libzip-dev \ @@ -73,21 +67,27 @@ RUN apk add --no-cache fcgi \ # for imagemagick imagemagick \ imagemagick-libs \ - imagemagick-dev \ - && apk add --no-cache --virtual .phpize-deps $PHPIZE_DEPS \ - && yes '' | pecl install -f apcu \ - && yes '' | pecl install -f xdebug-2.9.8 \ - && yes '' | pecl install -f yaml \ + imagemagick-dev + +RUN apk add --no-cache --virtual .phpize-deps $PHPIZE_DEPS \ + && yes '' | pecl install -f apcu-5.1.20 \ + && yes '' | pecl install -f imagick-3.5.1 \ && yes '' | pecl install -f redis-4.3.0 \ - && yes '' | pecl install -f imagick \ - && docker-php-ext-enable apcu redis xdebug imagick \ - && docker-php-ext-configure gd --with-webp-dir=/usr/include/ --with-jpeg-dir=/usr/include/ \ - && docker-php-ext-install -j4 bcmath gd gettext pdo_mysql mysqli pdo_pgsql pgsql shmop soap sockets opcache xsl zip \ - && sed -i '1s/^/;Intentionally disabled. Enable via setting env variable XDEBUG_ENABLE to true\n;/' /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini \ + && yes '' | pecl install -f xdebug-2.9.8 \ + && yes '' | pecl install -f yaml-2.2.1 \ + && docker-php-ext-enable apcu imagick redis xdebug yaml \ && rm -rf /var/cache/apk/* /tmp/pear/ \ && apk del .phpize-deps \ - && echo "extension=yaml.so" > /usr/local/etc/php/conf.d/yaml.ini \ - && mkdir -p /tmp/newrelic && cd /tmp/newrelic \ + && sed -i '1s/^/;Intentionally disabled. Enable via setting env variable XDEBUG_ENABLE to true\n;/' /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini + +RUN docker-php-ext-configure gd --with-webp-dir=/usr/include/ --with-jpeg-dir=/usr/include/ \ + && docker-php-ext-install -j4 bcmath gd gettext mysqli pdo_mysql opcache pdo_pgsql pgsql shmop soap sockets xsl zip + +# New Relic PHP Agent. +# @see https://docs.newrelic.com/docs/release-notes/agent-release-notes/php-release-notes/ +# @see https://docs.newrelic.com/docs/agents/php-agent/getting-started/php-agent-compatibility-requirements +ENV NEWRELIC_VERSION=9.17.1.301 +RUN mkdir -p /tmp/newrelic && cd /tmp/newrelic \ && wget https://download.newrelic.com/php_agent/archive/${NEWRELIC_VERSION}/newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz \ && gzip -dc newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz | tar --strip-components=1 -xf - \ && NR_INSTALL_USE_CP_NOT_LN=1 NR_INSTALL_SILENT=1 ./newrelic-install install \ @@ -101,26 +101,31 @@ RUN apk add --no-cache fcgi \ && sed -i -e "s/newrelic.daemon.logfile = .*/newrelic.daemon.logfile = \"\/dev\/stderr\"/" /usr/local/etc/php/conf.d/newrelic.ini \ && mv /usr/local/etc/php/conf.d/newrelic.ini /usr/local/etc/php/conf.d/newrelic.disable \ && cd / && rm -rf /tmp/newrelic \ - && mkdir -p /app \ - && fix-permissions /usr/local/etc/ \ - && fix-permissions /app \ - && fix-permissions /etc/ssmtp/ssmtp.conf + && fix-permissions /usr/local/etc/ # Add blackfire probe and agent. -ENV BLACKFIRE_VERSION=2.4.2 RUN version=$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;") \ + && architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ && mkdir -p /blackfire \ - && curl -A "Docker" -o /blackfire/blackfire-probe.tar.gz -D - -L -s https://blackfire.io/api/v1/releases/probe/php/alpine/amd64/$version \ + && curl -A "Docker" -o /blackfire/blackfire-probe.tar.gz -D - -L -s https://blackfire.io/api/v1/releases/probe/php/alpine/$architecture/$version \ && tar zxpf /blackfire/blackfire-probe.tar.gz -C /blackfire \ && mv /blackfire/blackfire-*.so $(php -r "echo ini_get('extension_dir');")/blackfire.so \ - && fix-permissions /usr/local/etc/php/conf.d/ \ - && curl -A "Docker" -o /blackfire/blackfire-linux_amd64.tar.gz -D - -L -s https://packages.blackfire.io/binaries/blackfire/${BLACKFIRE_VERSION}/blackfire-linux_amd64.tar.gz \ - && tar zxpf /blackfire/blackfire-linux_amd64.tar.gz -C /blackfire \ + && fix-permissions /usr/local/etc/php/conf.d/ + +ENV BLACKFIRE_VERSION=2.4.2 +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -A "Docker" -o /blackfire/blackfire-linux_${architecture}.tar.gz -D - -L -s https://packages.blackfire.io/binaries/blackfire/${BLACKFIRE_VERSION}/blackfire-linux_${architecture}.tar.gz \ + && tar zxpf /blackfire/blackfire-linux_${architecture}.tar.gz -C /blackfire \ && mv /blackfire/blackfire /bin/blackfire \ && chmod +x /bin/blackfire \ && mkdir -p /etc/blackfire \ && touch /etc/blackfire/agent \ - && fix-permissions /etc/blackfire + && fix-permissions /etc/blackfire/ + +RUN mkdir -p /app \ + && fix-permissions /app \ + && fix-permissions /etc/ssmtp/ssmtp.conf \ + && fix-permissions /usr/local/etc/ EXPOSE 9000 diff --git a/images/php-fpm/7.4.Dockerfile b/images/php-fpm/7.4.Dockerfile index 9941cdd3a..7f85b14f1 100644 --- a/images/php-fpm/7.4.Dockerfile +++ b/images/php-fpm/7.4.Dockerfile @@ -22,7 +22,6 @@ COPY --from=commons /sbin/tini /sbin/ COPY --from=commons /home /home # Copy healthcheck files - COPY --from=healthcheckbuilder /healthz-php /healthz-php RUN fix-permissions /etc/passwd \ @@ -37,7 +36,7 @@ ENV TMPDIR=/tmp \ BASH_ENV=/home/.bashrc COPY check_fcgi /usr/sbin/ -COPY entrypoints/70-php-config.sh entrypoints/60-php-xdebug.sh entrypoints/50-ssmtp.sh entrypoints/71-php-newrelic.sh entrypoints/80-php-blackfire.sh /lagoon/entrypoints/ +COPY entrypoints /lagoon/entrypoints/ COPY php.ini /usr/local/etc/php/ COPY 00-lagoon-php.ini.tpl /usr/local/etc/php/conf.d/ @@ -45,11 +44,6 @@ COPY php-fpm.d/www.conf /usr/local/etc/php-fpm.d/www.conf COPY ssmtp.conf /etc/ssmtp/ssmtp.conf COPY blackfire.ini /usr/local/etc/php/conf.d/blackfire.disable -# New Relic PHP Agent. -# @see https://docs.newrelic.com/docs/release-notes/agent-release-notes/php-release-notes/ -# @see https://docs.newrelic.com/docs/agents/php-agent/getting-started/php-agent-compatibility-requirements -ENV NEWRELIC_VERSION=9.17.1.301 - RUN apk add --no-cache fcgi \ ssmtp \ libzip libzip-dev \ @@ -73,21 +67,27 @@ RUN apk add --no-cache fcgi \ # for imagemagick imagemagick \ imagemagick-libs \ - imagemagick-dev \ - && apk add --no-cache --virtual .phpize-deps $PHPIZE_DEPS \ - && yes '' | pecl install -f apcu \ - && yes '' | pecl install -f xdebug-2.9.8 \ - && yes '' | pecl install -f yaml \ + imagemagick-dev + +RUN apk add --no-cache --virtual .phpize-deps $PHPIZE_DEPS \ + && yes '' | pecl install -f apcu-5.1.20 \ + && yes '' | pecl install -f imagick-3.5.1 \ && yes '' | pecl install -f redis-4.3.0 \ - && yes '' | pecl install -f imagick \ - && docker-php-ext-enable apcu redis xdebug imagick \ - && docker-php-ext-configure gd --with-webp --with-jpeg \ - && docker-php-ext-install -j4 bcmath gd gettext pdo_mysql mysqli pdo_pgsql pgsql shmop soap sockets opcache xsl zip \ - && sed -i '1s/^/;Intentionally disabled. Enable via setting env variable XDEBUG_ENABLE to true\n;/' /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini \ + && yes '' | pecl install -f xdebug-2.9.8 \ + && yes '' | pecl install -f yaml-2.2.1 \ + && docker-php-ext-enable apcu imagick redis xdebug yaml \ && rm -rf /var/cache/apk/* /tmp/pear/ \ && apk del .phpize-deps \ - && echo "extension=yaml.so" > /usr/local/etc/php/conf.d/yaml.ini \ - && mkdir -p /tmp/newrelic && cd /tmp/newrelic \ + && sed -i '1s/^/;Intentionally disabled. Enable via setting env variable XDEBUG_ENABLE to true\n;/' /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini + +RUN docker-php-ext-configure gd --with-webp --with-jpeg \ + && docker-php-ext-install -j4 bcmath gd gettext mysqli pdo_mysql opcache pdo_pgsql pgsql shmop soap sockets xsl zip + +# New Relic PHP Agent. +# @see https://docs.newrelic.com/docs/release-notes/agent-release-notes/php-release-notes/ +# @see https://docs.newrelic.com/docs/agents/php-agent/getting-started/php-agent-compatibility-requirements +ENV NEWRELIC_VERSION=9.17.1.301 +RUN mkdir -p /tmp/newrelic && cd /tmp/newrelic \ && wget https://download.newrelic.com/php_agent/archive/${NEWRELIC_VERSION}/newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz \ && gzip -dc newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz | tar --strip-components=1 -xf - \ && NR_INSTALL_USE_CP_NOT_LN=1 NR_INSTALL_SILENT=1 ./newrelic-install install \ @@ -101,26 +101,31 @@ RUN apk add --no-cache fcgi \ && sed -i -e "s/newrelic.daemon.logfile = .*/newrelic.daemon.logfile = \"\/dev\/stderr\"/" /usr/local/etc/php/conf.d/newrelic.ini \ && mv /usr/local/etc/php/conf.d/newrelic.ini /usr/local/etc/php/conf.d/newrelic.disable \ && cd / && rm -rf /tmp/newrelic \ - && mkdir -p /app \ - && fix-permissions /usr/local/etc/ \ - && fix-permissions /app \ - && fix-permissions /etc/ssmtp/ssmtp.conf + && fix-permissions /usr/local/etc/ # Add blackfire probe and agent. -ENV BLACKFIRE_VERSION=2.4.2 RUN version=$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;") \ + && architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ && mkdir -p /blackfire \ - && curl -A "Docker" -o /blackfire/blackfire-probe.tar.gz -D - -L -s https://blackfire.io/api/v1/releases/probe/php/alpine/amd64/$version \ + && curl -A "Docker" -o /blackfire/blackfire-probe.tar.gz -D - -L -s https://blackfire.io/api/v1/releases/probe/php/alpine/$architecture/$version \ && tar zxpf /blackfire/blackfire-probe.tar.gz -C /blackfire \ && mv /blackfire/blackfire-*.so $(php -r "echo ini_get('extension_dir');")/blackfire.so \ - && fix-permissions /usr/local/etc/php/conf.d/ \ - && curl -A "Docker" -o /blackfire/blackfire-linux_amd64.tar.gz -D - -L -s https://packages.blackfire.io/binaries/blackfire/${BLACKFIRE_VERSION}/blackfire-linux_amd64.tar.gz \ - && tar zxpf /blackfire/blackfire-linux_amd64.tar.gz -C /blackfire \ + && fix-permissions /usr/local/etc/php/conf.d/ + +ENV BLACKFIRE_VERSION=2.4.2 +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -A "Docker" -o /blackfire/blackfire-linux_${architecture}.tar.gz -D - -L -s https://packages.blackfire.io/binaries/blackfire/${BLACKFIRE_VERSION}/blackfire-linux_${architecture}.tar.gz \ + && tar zxpf /blackfire/blackfire-linux_${architecture}.tar.gz -C /blackfire \ && mv /blackfire/blackfire /bin/blackfire \ && chmod +x /bin/blackfire \ && mkdir -p /etc/blackfire \ && touch /etc/blackfire/agent \ - && fix-permissions /etc/blackfire + && fix-permissions /etc/blackfire/ + +RUN mkdir -p /app \ + && fix-permissions /app \ + && fix-permissions /etc/ssmtp/ssmtp.conf \ + && fix-permissions /usr/local/etc/ EXPOSE 9000 diff --git a/images/php-fpm/8.0.Dockerfile b/images/php-fpm/8.0.Dockerfile index 42ecd632d..c0fce1ed5 100644 --- a/images/php-fpm/8.0.Dockerfile +++ b/images/php-fpm/8.0.Dockerfile @@ -36,7 +36,7 @@ ENV TMPDIR=/tmp \ BASH_ENV=/home/.bashrc COPY check_fcgi /usr/sbin/ -COPY entrypoints/70-php-config.sh entrypoints/60-php-xdebug.sh entrypoints/50-ssmtp.sh entrypoints/71-php-newrelic.sh entrypoints/80-php-blackfire.sh /lagoon/entrypoints/ +COPY entrypoints /lagoon/entrypoints/ COPY php.ini /usr/local/etc/php/ COPY 00-lagoon-php.ini.tpl /usr/local/etc/php/conf.d/ @@ -44,11 +44,6 @@ COPY php-fpm.d/www.conf /usr/local/etc/php-fpm.d/www.conf COPY ssmtp.conf /etc/ssmtp/ssmtp.conf COPY blackfire.ini /usr/local/etc/php/conf.d/blackfire.disable -# New Relic PHP Agent. -# @see https://docs.newrelic.com/docs/release-notes/agent-release-notes/php-release-notes/ -# @see https://docs.newrelic.com/docs/agents/php-agent/getting-started/php-agent-compatibility-requirements -ENV NEWRELIC_VERSION=9.17.1.301 - RUN apk add --no-cache fcgi \ ssmtp \ libzip libzip-dev \ @@ -72,28 +67,27 @@ RUN apk add --no-cache fcgi \ # for imagemagick imagemagick \ imagemagick-libs \ - imagemagick-dev \ - && apk add --no-cache --virtual .phpize-deps $PHPIZE_DEPS \ - && docker-php-ext-configure gd --with-webp --with-jpeg \ - && docker-php-ext-install -j4 bcmath gd gettext pdo_mysql mysqli pdo_pgsql pgsql shmop soap sockets opcache xsl zip \ - # ext-imagick - waiting on stable release to use PECL to install - && docker-php-source extract \ - && mkdir -p /usr/src/php/ext/imagick \ - && curl -fsSL https://api.github.com/repos/imagick/imagick/tarball | tar xvz -C /usr/src/php/ext/imagick --strip 1 \ - && docker-php-ext-install imagick \ - && docker-php-source delete \ - # Legacy PECL installs - && pecl channel-update pecl.php.net \ + imagemagick-dev + +RUN apk add --no-cache --virtual .phpize-deps $PHPIZE_DEPS \ && yes '' | pecl install -f apcu-5.1.20 \ - # && yes '' | pecl install -f imagick \ + && yes '' | pecl install -f imagick-3.5.1 \ && yes '' | pecl install -f redis-5.3.4 \ && yes '' | pecl install -f xdebug-3.0.4 \ && yes '' | pecl install -f yaml-2.2.1 \ - && docker-php-ext-enable apcu imagick redis xdebug yaml -# RUN sed -i '1s/^/;Intentionally disabled. Enable via setting env variable XDEBUG_ENABLE to true\n;/' /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini \ -RUN rm -rf /var/cache/apk/* /tmp/pear/ \ + && docker-php-ext-enable apcu imagick redis xdebug yaml \ + && rm -rf /var/cache/apk/* /tmp/pear/ \ && apk del .phpize-deps \ - && mkdir -p /tmp/newrelic && cd /tmp/newrelic \ + && sed -i '1s/^/;Intentionally disabled. Enable via setting env variable XDEBUG_ENABLE to true\n;/' /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini + +RUN docker-php-ext-configure gd --with-webp --with-jpeg \ + && docker-php-ext-install -j4 bcmath gd gettext mysqli pdo_mysql opcache pdo_pgsql pgsql shmop soap sockets xsl zip + +# New Relic PHP Agent. +# @see https://docs.newrelic.com/docs/release-notes/agent-release-notes/php-release-notes/ +# @see https://docs.newrelic.com/docs/agents/php-agent/getting-started/php-agent-compatibility-requirements +ENV NEWRELIC_VERSION=9.17.1.301 +RUN mkdir -p /tmp/newrelic && cd /tmp/newrelic \ && wget https://download.newrelic.com/php_agent/archive/${NEWRELIC_VERSION}/newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz \ && gzip -dc newrelic-php5-${NEWRELIC_VERSION}-linux-musl.tar.gz | tar --strip-components=1 -xf - \ && NR_INSTALL_USE_CP_NOT_LN=1 NR_INSTALL_SILENT=1 ./newrelic-install install \ @@ -107,26 +101,31 @@ RUN rm -rf /var/cache/apk/* /tmp/pear/ \ && sed -i -e "s/newrelic.daemon.logfile = .*/newrelic.daemon.logfile = \"\/dev\/stderr\"/" /usr/local/etc/php/conf.d/newrelic.ini \ && mv /usr/local/etc/php/conf.d/newrelic.ini /usr/local/etc/php/conf.d/newrelic.disable \ && cd / && rm -rf /tmp/newrelic \ - && mkdir -p /app \ - && fix-permissions /usr/local/etc/ \ - && fix-permissions /app \ - && fix-permissions /etc/ssmtp/ssmtp.conf + && fix-permissions /usr/local/etc/ # Add blackfire probe and agent. -ENV BLACKFIRE_VERSION=2.4.2 RUN version=$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;") \ + && architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ && mkdir -p /blackfire \ - && curl -A "Docker" -o /blackfire/blackfire-probe.tar.gz -D - -L -s https://blackfire.io/api/v1/releases/probe/php/alpine/amd64/$version \ + && curl -A "Docker" -o /blackfire/blackfire-probe.tar.gz -D - -L -s https://blackfire.io/api/v1/releases/probe/php/alpine/$architecture/$version \ && tar zxpf /blackfire/blackfire-probe.tar.gz -C /blackfire \ && mv /blackfire/blackfire-*.so $(php -r "echo ini_get('extension_dir');")/blackfire.so \ - && fix-permissions /usr/local/etc/php/conf.d/ \ - && curl -A "Docker" -o /blackfire/blackfire-linux_amd64.tar.gz -D - -L -s https://packages.blackfire.io/binaries/blackfire/${BLACKFIRE_VERSION}/blackfire-linux_amd64.tar.gz \ - && tar zxpf /blackfire/blackfire-linux_amd64.tar.gz -C /blackfire \ + && fix-permissions /usr/local/etc/php/conf.d/ + +ENV BLACKFIRE_VERSION=2.4.2 +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -A "Docker" -o /blackfire/blackfire-linux_${architecture}.tar.gz -D - -L -s https://packages.blackfire.io/binaries/blackfire/${BLACKFIRE_VERSION}/blackfire-linux_${architecture}.tar.gz \ + && tar zxpf /blackfire/blackfire-linux_${architecture}.tar.gz -C /blackfire \ && mv /blackfire/blackfire /bin/blackfire \ && chmod +x /bin/blackfire \ && mkdir -p /etc/blackfire \ && touch /etc/blackfire/agent \ - && fix-permissions /etc/blackfire + && fix-permissions /etc/blackfire/ + +RUN mkdir -p /app \ + && fix-permissions /app \ + && fix-permissions /etc/ssmtp/ssmtp.conf \ + && fix-permissions /usr/local/etc/ EXPOSE 9000 diff --git a/images/solr/7.Dockerfile b/images/solr/7.Dockerfile index d2c11000d..de890b84c 100644 --- a/images/solr/7.Dockerfile +++ b/images/solr/7.Dockerfile @@ -13,7 +13,6 @@ ENV LAGOON_VERSION=$LAGOON_VERSION # Copy commons files COPY --from=commons /lagoon /lagoon COPY --from=commons /bin/fix-permissions /bin/ep /bin/docker-sleep /bin/ -# COPY --from=commons /sbin/tini /sbin/ COPY --from=commons /home/.bashrc /home/.bashrc ENV TMPDIR=/tmp \ @@ -24,16 +23,17 @@ ENV TMPDIR=/tmp \ # When Bash is invoked as non-interactive (like `bash -c command`) it sources a file that is given in `BASH_ENV` BASH_ENV=/home/.bashrc -ENV TINI_VERSION v0.19.0 -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - # we need root for the fix-permissions to work USER root RUN apt-get -y update && apt-get -y install \ busybox \ + curl \ && rm -rf /var/lib/apt/lists/* +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -sL https://github.com/krallin/tini/releases/download/v0.19.0/tini-${architecture} -o /sbin/tini && chmod a+x /sbin/tini + # needed to fix dash upgrade - man files are removed from slim images RUN set -x \ && mkdir -p /usr/share/man/man1 \ @@ -43,14 +43,12 @@ RUN set -x \ RUN echo "dash dash/sh boolean false" | debconf-set-selections RUN DEBIAN_FRONTEND=noninteractive dpkg-reconfigure dash -RUN chmod +x /sbin/tini RUN mkdir -p /var/solr RUN fix-permissions /var/solr \ && chown solr:solr /var/solr \ && fix-permissions /opt/solr/server/logs \ && fix-permissions /opt/solr/server/solr - # solr really doesn't like to be run as root, so we define the default user agin USER solr diff --git a/images/varnish/6.Dockerfile b/images/varnish/6.Dockerfile index 8cbb7c7d1..12e07992b 100644 --- a/images/varnish/6.Dockerfile +++ b/images/varnish/6.Dockerfile @@ -29,13 +29,9 @@ ENV LAGOON=varnish ARG LAGOON_VERSION ENV LAGOON_VERSION=$LAGOON_VERSION -ENV TINI_VERSION v0.19.0 -ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini - # Copy commons files COPY --from=commons /lagoon /lagoon COPY --from=commons /bin/fix-permissions /bin/ep /bin/docker-sleep /bin/ -#COPY --from=commons /sbin/tini /sbin/ COPY --from=commons /home /home ENV TMPDIR=/tmp \ @@ -46,6 +42,14 @@ ENV TMPDIR=/tmp \ # When Bash is invoked as non-interactive (like `bash -c command`) it sources a file that is given in `BASH_ENV` BASH_ENV=/home/.bashrc +RUN apt-get -y update && apt-get -y install \ + busybox \ + curl \ + && rm -rf /var/lib/apt/lists/* + +RUN architecture=$(case $(uname -m) in x86_64 | amd64) echo "amd64" ;; aarch64 | arm64 | armv8) echo "arm64" ;; *) echo "amd64" ;; esac) \ + && curl -sL https://github.com/krallin/tini/releases/download/v0.19.0/tini-${architecture} -o /sbin/tini && chmod a+x /sbin/tini + # Add varnish mod after the varnish package creates the directory. COPY --from=vmod /usr/lib/varnish/vmods/libvmod_dynamic.* /usr/lib/varnish/vmods/ COPY --from=vmod /usr/lib/varnish/vmods/libvmod_bodyaccess.* /usr/lib/varnish/vmods/ @@ -64,8 +68,6 @@ RUN set -x \ RUN echo "dash dash/sh boolean false" | debconf-set-selections RUN DEBIAN_FRONTEND=noninteractive dpkg-reconfigure dash -RUN chmod +x /sbin/tini - RUN fix-permissions /etc/varnish/ \ && fix-permissions /var/run/ \ && fix-permissions /var/lib/varnish