docker/execution_environment
1
0
Fork 0
Code Issues 6 Pull Requests Actions Projects Releases 39 Wiki Activity

feat(build): enable cross platform build

Browse Source 
!3
This commit is contained in:
Jon Lockwood
2023-05-08 12:12:10 +09:30
parent 0a367146bf
commit 15d158dfa0
5 changed files with 469 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

350
.gitlab-ci.yml
View File

@ -2,138 +2,69 @@
variables: variables:
GIT_SUBMODULE_STRATEGY: recursive GIT_SUBMODULE_STRATEGY: recursive
MY_PROJECT_ID: "45741845" MY_PROJECT_ID: "45741845"
#DOCKER_TARGET_PLATFORMS: linux/amd64,linux/arm64,linux/arm/v7 #linux/arm/v6
#DOCKER_CREATED_IMAGE_NAME: ansible-ee
GIT_SYNC_URL: "https://$GITHUB_USERNAME_ROBOT:$GITHUB_TOKEN_ROBOT@github.com/NoFussComputing/execution_environment.git"
DOCKER_IMAGE_PUBLISH_NAME: 'ansible-ee'
DOCKER_IMAGE_PUBLISH_REGISTRY: docker.io/nofusscomputing
DOCKER_IMAGE_PUBLISH_URL: https://hub.docker.com/r/nofusscomputing/$DOCKER_IMAGE_PUBLISH_NAME
stages:
- validation
- build
- prepare
- test
- release
- sync
- publish
include: include:
- project: nofusscomputing/projects/gitlab-ci - project: nofusscomputing/projects/gitlab-ci
ref: 36ce0b0b76e6769c7a2e0d4ea0f3fcd2cc2d6bb1 ref: restructure
file: file:
- conventional_commits/.gitlab-ci.yml - .gitlab-ci_common.yaml
- gitlab_release/.gitlab-ci.yml - type/docker-image.gitlab-ci.yaml
- git_push_mirror/.gitlab-ci.yml # - conventional_commits/.gitlab-ci.yml
# - gitlab_release/.gitlab-ci.yml
# - git_push_mirror/.gitlab-ci.yml
#- template: Jobs/Container-Scanning.gitlab-ci.yml # see https://gitlab.com/gitlab-org/gitlab/-/issues/381665
Docker Container: Build/Cache Python Packages:
stage: build stage: build
image: docker:latest image: nofusscomputing/docker-buildx-qemu:dev
services: services:
- docker:19.03.12-dind - name: docker:23-dind
#- docker:latest-dind entrypoint: ["env", "-u", "DOCKER_HOST"]
command: ["dockerd-entrypoint.sh"]
variables: variables:
IMAGE_NAME: ansible-ee DOCKER_HOST: tcp://docker:2375/
DOCKER_DRIVER: overlay2
# See https://github.com/docker-library/docker/pull/166
DOCKER_TLS_CERTDIR: ""
before_script: before_script:
- docker info - docker info
# - docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD #- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - export DEBIAN_FRONTEND=noninteractive
- apk update - apt update --allow-releaseinfo-change
- apk add --update --no-cache python3 git && ln -sf python3 /usr/bin/python - apt --no-install-recommends -yq install python3 git python3-pip
- python3 -m ensurepip
#- pip3 install -r gitlab-ci/gitlab_release/requirements.txt #- pip3 install -r gitlab-ci/gitlab_release/requirements.txt
- pip3 install setuptools wheel
- pip3 install commitizen==2.21.0 # version specified so current build works. - pip3 install commitizen==2.21.0 # version specified so current build works.
- pip3 install gitlab-ci/gitlab_release/python-module/cz_nfc/. - pip3 install gitlab-ci/gitlab_release/python-module/cz_nfc/.
- update-binfmts --enable # Important: Ensures execution of other binary formats is enabled in the kernel
- docker buildx create --driver=docker-container --driver-opt image=moby/buildkit:v0.11.6 --use
- docker buildx inspect --bootstrap
script: | script: |
docker build . \
--label org.opencontainers.image.created="$(date '+%Y-%m-%d %H:%M:%S%:z')" \
--label org.opencontainers.image.documentation="$CI_PROJECT_URL" \
--label org.opencontainers.image.source="$CI_PROJECT_URL" \
--label org.opencontainers.image.url="$CI_PROJECT_URL/-/releases/$(cz -n cz_nfc version --project)" \
--label org.opencontainers.image.version="$(cz -n cz_nfc version --project)" \
--label org.opencontainers.image.revision="$CI_COMMIT_SHA" \
--no-cache \
--tag $CI_REGISTRY_IMAGE/$IMAGE_NAME:$CI_COMMIT_SHA;
docker image inspect $CI_REGISTRY_IMAGE/$IMAGE_NAME:$CI_COMMIT_SHA; docker buildx build \
--file dockerfile-build_cache \
docker push $CI_REGISTRY_IMAGE/$IMAGE_NAME:$CI_COMMIT_SHA; --platform=$DOCKER_TARGET_PLATFORMS . \
--build-arg CI_JOB_TOKEN=$CI_JOB_TOKEN \
#allow_failure: true --build-arg CI_API_V4_URL=$CI_API_V4_URL \
--build-arg CI_PROJECT_ID=$CI_PROJECT_ID
# --push \
# --tag $CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_SHA;
rules: rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"' - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
when: never when: never
- if: $CI_COMMIT_TAG # - if: $CI_COMMIT_TAG
when: on_success
# - if: '$CI_COMMIT_BRANCH == "development" && $CI_COMMIT_TITLE =~ /Merge branch.*/'
# when: on_success # when: on_success
- if: '$CI_COMMIT_BRANCH != "master"'
allow_failure: true
when: manual
- when: never
Docker Hub:
stage: publish
image: docker:latest
services:
- docker:19.03.12-dind
#- docker:latest-dind
variables:
IMAGE_NAME: ansible-ee
before_script:
- export
- docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD
- docker pull $CI_REGISTRY_IMAGE/$IMAGE_NAME:$CI_COMMIT_SHA
- docker logout $CI_REGISTRY
script:
# - Release_TAG=$(cat $CI_PROJECT_DIR/dist/version)
- docker login docker.io -u $NFC_DOCKERHUB_USERNAME -p $NFC_DOCKERHUB_TOKEN
# - if [ "m$(echo $CI_BUILD_REF_NAME | grep rc)" == "m$CI_BUILD_REF_NAME" ]; then Branch_TAG=dev; else Branch_TAG=stable; fi
- echo Branch tag is $Branch_TAG
- docker image ls
- |
DH_LATEST_TAG=dev
if [ "0$CI_COMMIT_BRANCH" == "0development" ]; then
DH_LATEST_TAG=dev
elif [ "0$CI_COMMIT_TAG" != "0" ] ; then
if [ "0$CI_COMMIT_TAG" == *"rc"* ]; then
DH_LATEST_TAG=dev
else
DH_LATEST_TAG=latest
fi
docker image tag $CI_REGISTRY_IMAGE/$IMAGE_NAME:$CI_COMMIT_SHA nofusscomputing/$IMAGE_NAME:$CI_COMMIT_TAG;
docker image ls;
docker push nofusscomputing/$IMAGE_NAME:$CI_COMMIT_TAG;
fi
if [ "0$DH_LATEST_TAG" != "0" ]; then
docker image tag $CI_REGISTRY_IMAGE/$IMAGE_NAME:$CI_COMMIT_SHA nofusscomputing/$IMAGE_NAME:$DH_LATEST_TAG;
docker image ls;
docker push nofusscomputing/$IMAGE_NAME:$DH_LATEST_TAG;
fi
needs: [ "Docker Container" ]
environment:
name: DockerHub
url: https://hub.docker.com/r/nofusscomputing/$IMAGE_NAME
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
when: never
- if: $CI_COMMIT_TAG
when: on_success
# - if: '$CI_COMMIT_BRANCH == "development" && $CI_COMMIT_TITLE =~ /Merge branch.*/' # - if: '$CI_COMMIT_BRANCH == "development" && $CI_COMMIT_TITLE =~ /Merge branch.*/'
# when: on_success # when: on_success
- if: '$CI_COMMIT_BRANCH != "master"' - if: '$CI_COMMIT_BRANCH != "master"'
@ -145,8 +76,197 @@ Docker Hub:
Github (Push --mirror):
variables: # Docker Container:
GIT_SYNC_URL: "https://$GITHUB_USERNAME_ROBOT:$GITHUB_TOKEN_ROBOT@github.com/NoFussComputing/execution_environment.git" # extends: .build_docker_container
extends: # needs: [ "Build/Cache Python Packages" ]
- .git_push_mirror # stage: build
# image: registry.gitlab.com/gdunstone/docker-buildx-qemu
# services:
# - name: docker:23-dind
# entrypoint: ["env", "-u", "DOCKER_HOST"]
# command: ["dockerd-entrypoint.sh"]
# variables:
# DOCKER_HOST: tcp://docker:2375/
# DOCKER_DRIVER: overlay2
# # See https://github.com/docker-library/docker/pull/166
# DOCKER_TLS_CERTDIR: ""
# before_script:
# - docker info
# - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
# - export DEBIAN_FRONTEND=noninteractive
# - apt update --allow-releaseinfo-change
# - apt --no-install-recommends -yq install python3 git python3-pip
# #- pip3 install -r gitlab-ci/gitlab_release/requirements.txt
# - pip3 install setuptools wheel
# - pip3 install commitizen==2.21.0 # version specified so current build works.
# - pip3 install gitlab-ci/gitlab_release/python-module/cz_nfc/.
# - update-binfmts --enable # Important: Ensures execution of other binary formats is enabled in the kernel
# - docker buildx create --driver=docker-container --driver-opt image=moby/buildkit:v0.11.6 --use
# - docker buildx inspect --bootstrap
# script: |
# if [ "0$DOCKER_TARGET_PLATFORMS" != "0" ]; then
# docker buildx build --platform=$DOCKER_TARGET_PLATFORMS . \
# --label org.opencontainers.image.created="$(date '+%Y-%m-%d %H:%M:%S%:z')" \
# --label org.opencontainers.image.documentation="$CI_PROJECT_URL" \
# --label org.opencontainers.image.source="$CI_PROJECT_URL" \
# --label org.opencontainers.image.url="$CI_PROJECT_URL/-/releases/$(cz -n cz_nfc version --project)" \
# --label org.opencontainers.image.version="$(cz -n cz_nfc version --project)" \
# --label org.opencontainers.image.revision="$CI_COMMIT_SHA" \
# --push \
# --tag $CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_SHA;
# else
# docker build . \
# --label org.opencontainers.image.created="$(date '+%Y-%m-%d %H:%M:%S%:z')" \
# --label org.opencontainers.image.documentation="$CI_PROJECT_URL" \
# --label org.opencontainers.image.source="$CI_PROJECT_URL" \
# --label org.opencontainers.image.url="$CI_PROJECT_URL/-/releases/$(cz -n cz_nfc version --project)" \
# --label org.opencontainers.image.version="$(cz -n cz_nfc version --project)" \
# --label org.opencontainers.image.revision="$CI_COMMIT_SHA" \
# --no-cache \
# --tag $CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_SHA;
# docker push $CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_SHA;
# fi
# needs: [ "Build/Cache Python Packages" ]
# rules:
# - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
# when: never
# - if: $CI_COMMIT_TAG
# when: on_success
# - if: '$CI_COMMIT_BRANCH == "development" && $CI_COMMIT_TITLE =~ /Merge branch.*/'
# when: on_success
# - if: '$CI_COMMIT_BRANCH != "master"'
# allow_failure: false
# when: on_success
# - when: never
# disabled until solution for multi-arch images found
# container_scanning:
# variables:
# #CS_DEFAULT_BRANCH_IMAGE: $CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_SHA
# GIT_STRATEGY: fetch
# CS_MULTI_ARCH_INDEX: 0
# before_script:
# #- export CS_IMAGE=registry.gitlab.com/nofusscomputing/projects/ansible/execution_environment/ansible-ee:a0d89d1ef152ad057c5567ca1caefbfc687a8183@sha256:b89eab46ebc4d0d0028803ac94aaed837248a7fbd695b811e7e1fad9365cba9a
# - export CS_IMAGE=$(docker buildx imagetools inspect "$CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME::a0d89d1ef152ad057c5567ca1caefbfc687a8183" --format "$CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:a0d89d1ef152ad057c5567ca1caefbfc687a8183@{{ ( index .Manifest.Manifests $CS_MULTI_ARCH_INDEX ).Digest }}")
# needs: [ "Docker Container" ]
# rules:
# - if: '$CI_PIPELINE_SOURCE != "merge_request_event"'
# when: always
# - when: never
# Docker Hub:
# stage: publish
# image: docker:23
# services:
# - docker:23-dind
# before_script:
# - |
# docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD;
# if [ "0$DOCKER_TARGET_PLATFORMS" != "0" ]; then
# for i in ${DOCKER_TARGET_PLATFORMS//,/ }
# do
# echo "[DEBUG] IMAGE_NAME=$DOCKER_CREATED_IMAGE_NAME";
# docker buildx imagetools inspect $CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_SHA;
# DOCKER_MULTI_ARCH_IMAGES=$(docker buildx imagetools inspect "registry.gitlab.com/nofusscomputing/projects/ansible/execution_environment/ansible-ee:$CI_COMMIT_SHA" --format "{{ range .Manifest.Manifests }}$CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_SHA@{{print .Digest }} {{end}}")
# echo "[DEBUG] DOCKER_MULTI_ARCH_IMAGES=$DOCKER_MULTI_ARCH_IMAGES";
# done;
# else
# docker pull $CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_SHA;
# fi
# docker logout $CI_REGISTRY;
# script:
# - docker login docker.io -u $NFC_DOCKERHUB_USERNAME -p $NFC_DOCKERHUB_TOKEN
# - docker image ls
# - |
# DOCKER_HUB_TAG=dev
# if [ "0$CI_COMMIT_TAG" != "0" ]; then
# DOCKER_HUB_TAG=latest
# if [ "0$CI_COMMIT_TAG" == *"rc"* ]; then
# DOCKER_HUB_TAG=dev
# fi
# fi
# echo "[DEBUG] IMAGE_NAME=$DOCKER_CREATED_IMAGE_NAME";
# echo "[DEBUG] DOCKER_HUB_TAG=$DOCKER_HUB_TAG";
# if [ "0$DOCKER_TARGET_PLATFORMS" != "0" ]; then
# echo "[DEBUG] DOCKER_MULTI_ARCH_IMAGES=$DOCKER_MULTI_ARCH_IMAGES";
# docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag nofusscomputing/$DOCKER_CREATED_IMAGE_NAME:$DOCKER_HUB_TAG;
# if [ "0$DOCKER_HUB_TAG" == "0latest" ]; then
# docker buildx imagetools create $DOCKER_MULTI_ARCH_IMAGES --tag nofusscomputing/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_TAG;
# fi
# else
# docker image tag $CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_SHA nofusscomputing/$DOCKER_CREATED_IMAGE_NAME:$DOCKER_HUB_TAG;
# docker push nofusscomputing/$DOCKER_CREATED_IMAGE_NAME:$DOCKER_HUB_TAG;
# if [ "0$DOCKER_HUB_TAG" == "0latest" ]; then
# docker image tag $CI_REGISTRY_IMAGE/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_SHA nofusscomputing/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_TAG;
# docker push nofusscomputing/$DOCKER_CREATED_IMAGE_NAME:$CI_COMMIT_TAG;
# fi
# fi
# - docker logout docker.io
# needs: [ "Docker Container" ]
# environment:
# name: DockerHub
# url: https://hub.docker.com/r/nofusscomputing/$DOCKER_CREATED_IMAGE_NAME
# rules:
# - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
# when: never
# - if: $CI_COMMIT_TAG
# when: on_success
# - if: '$CI_COMMIT_BRANCH == "development" && $CI_COMMIT_TITLE =~ /Merge branch.*/'
# when: on_success
# - if: '$CI_COMMIT_BRANCH == "development"'
# allow_failure: true
# when: manual
# - when: never
# Github (Push --mirror):
# variables:
# GIT_SYNC_URL: "https://$GITHUB_USERNAME_ROBOT:$GITHUB_TOKEN_ROBOT@github.com/NoFussComputing/execution_environment.git"
# extends:
# - .git_push_mirror

12
README.md
View File

@ -42,6 +42,17 @@ links:
- [Merge Requests (Pull Requests)](https://gitlab.com/nofusscomputing/projects/ansible/execution_environment/-/merge_requests) - [Merge Requests (Pull Requests)](https://gitlab.com/nofusscomputing/projects/ansible/execution_environment/-/merge_requests)
## Documentation
**TO DO:**
``` md
- available tags `dev` for latest dev build
- latest matches latest git tag
```
point docs to gitlab-ci for docker build
## Contributing ## Contributing
@ -53,4 +64,3 @@ For further details on contributing please refer to the [contribution guide](CON
## Other ## Other
This repo is release under this [license](LICENSE) This repo is release under this [license](LICENSE)

166
dockerfile
View File

@ -1,21 +1,91 @@
# docker pull python:3.9.16-slim-bullseye # docker pull python:3.9.16-slim-bullseye
# docker pull python:3.10.11-slim-bullseye # docker pull python:3.10.11-slim-bullseye
# docker pull python:3.10-slim-bullseye
# docker pull python:3.11-slim-bullseye
# docker pull python:3.11-bullseye
FROM --platform=$BUILDPLATFORM python:3.11-bullseye as fetch-ansible-roles
#FROM --platform=$TARGETPLATFORM python:3.11-bullseye as scratchpad
FROM python:3.9.16-slim-bullseye as scratchpad ENV LC_ALL en_US.UTF-8
#ENV PATH /usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.cargo/bin::~/.cargo/bin
RUN export DEBIAN_FRONTEND=noninteractive \
&& dpkg-reconfigure debconf -f noninteractive
RUN apt update \
&& apt install --reinstall -yq \
git || true
# && curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs -o /tmp/rustup.sh \
# && chmod +x /tmp/rustup.sh \
# && /tmp/rustup.sh -y \
# RUN mkdir -p /tmp/python_modules /tmp/python_builds
# # && export PATH=$PATH:~/.cargo/bin
RUN apt update && \ # RUN rustc --version \
apt install --no-install-recommends -y \ # && cargo --version
git
# RUN export DEBIAN_FRONTEND=noninteractive \
# && apt update \
# && apt --fix-broken install \
# && apt install -y libc-bin locales-all \
# && apt update \
# && apt install --reinstall -yq \
# openssh-client \
# git || true \
# && dpkg --purge --force-all libc-bin \
# && apt-get install -y \
# openssh-client \
# git
# RUN export DEBIAN_FRONTEND=noninteractive \
# && apt update \
# && apt install --no-install-recommends -yq libc-bin locales-all \
# && apt-get install --reinstall -yq \
# build-essential \
# libssl-dev \
# libffi-dev \
# python3-dev \
# cargo \
# pkg-config || true
RUN git clone -b development --depth 1 https://gitlab.com/nofusscomputing/projects/ansible-roles.git /tmp/ansible-roles RUN git clone -b development --depth 1 https://gitlab.com/nofusscomputing/projects/ansible-roles.git /tmp/ansible-roles
# RUN pip install --upgrade pip \
# && pip install --upgrade \
# setuptools \
# wheel \
# setuptools-rust
FROM python:3.9.16-slim-bullseye
COPY --from=scratchpad /tmp/ansible-roles/roles /etc/ansible/roles # RUN cd /tmp/python_modules \
# && pip download --dest . --check-build-dependencies \
# ansible-core==2.14.5 \
# ansible-lint==6.15.0
# # RUN export PATH=$PATH:~/.cargo/bin \
# # && cargo update
# #RUN cargo update
# RUN cd /tmp/python_modules \
# # && export PATH=$PATH:~/.cargo/bin \
# && echo "[DEBUG] PATH=$PATH" \
# && pip wheel --wheel-dir /tmp/python_builds --find-links . *.whl
FROM --platform=$TARGETPLATFORM python:3.11-bullseye
# Ansible chucks a wobbler without. see: https://github.com/ansible/ansible/issues/78283
ENV LC_ALL en_US.UTF-8
COPY --from=fetch-ansible-roles /tmp/ansible-roles/roles /etc/ansible/roles
# Ref: https://github.com/opencontainers/image-spec/blob/d86384efdb8c30770a92415c100f57a9bffbb64e/annotations.md # Ref: https://github.com/opencontainers/image-spec/blob/d86384efdb8c30770a92415c100f57a9bffbb64e/annotations.md
@ -32,24 +102,86 @@ LABEL \
# org.opencontainers.image.version="{git tag}" # org.opencontainers.image.version="{git tag}"
RUN apt update && \
apt install --no-install-recommends -y \ # This Black Magic exists as libc-bin was being a turd and returning errors when trying to install git, ssh.
# see: https://askubuntu.com/questions/1339558/cant-build-dockerfile-for-arm64-due-to-libc-bin-segmentation-fault
# see: https://github.com/dcycle/prepare-docker-buildx/blob/09057fe4879e31ee780b9e69b87f41327ca8cd8e/example/Dockerfile#L8-L10
RUN export DEBIAN_FRONTEND=noninteractive \
&& apt update \
&& apt --fix-broken install \
&& apt install -y libc-bin locales-all \
&& apt update \
&& apt install --reinstall --no-install-recommends -yq \
openssh-client \
git || true \
&& dpkg --purge --force-all libc-bin \
&& apt-get install --no-install-recommends -y \
openssh-client \
git \ git \
ssh && \ # # && apt-get install --reinstall --no-install-recommends -yq \ # this section was added for armv7 builds, however kept failing. is armv7 reqd?
rm -rf /var/lib/apt/lists/* && \ # # build-essential \
mkdir -p /etc/ansible/roles && \ # # libssl-dev \
mkdir -p /etc/ansible/collections && \ # # libffi-dev \
mkdir -p /workdir # # python3-dev \
# # cargo \
# # pkg-config \
# # End of Black Magic
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p /etc/ansible/roles \
&& mkdir -p /etc/ansible/collections \
&& mkdir -p /workdir \
&& apt list --installed
# RUN export DEBIAN_FRONTEND=noninteractive \
# && apt update \
# && apt-get install --no-install-recommends -y \
# openssh-client \
# git \
# && rm -rf /var/lib/apt/lists/* \
# && mkdir -p /etc/ansible/roles \
# && mkdir -p /etc/ansible/collections \
# && mkdir -p /workdir
WORKDIR /workdir WORKDIR /workdir
COPY ansible.cfg /etc/ansible/ansible.cfg COPY ansible.cfg /etc/ansible/ansible.cfg
# # see: https://github.com/pyca/cryptography/blob/998e86659ae750562ecc0bcf0eabd1828fd5c9ed/docs/installation.rst#debianubuntu
# RUN export DEBIAN_FRONTEND=noninteractive \
# && apt update \
# && apt-get install --reinstall --no-install-recommends -yq \
# build-essential \
# libssl-dev \
# libffi-dev \
# python3-dev \
# cargo \
# pkg-config
#RUN pip install --upgrade pip
# && pip install --upgrade \
# setuptools \
# wheel
#setuptools-rust
# RUN pip install \
# ansible-core==2.14.5 \
# ansible-lint==6.15.0
#COPY --from=scratchpad /tmp/python_builds /tmp/python_builds
# RUN pip install --upgrade pip \
# && pip install --find-links /tmp/python_builds/*.whl \
# && rm -Rf /tmp/python_builds
COPY requirements.txt /tmp/requirements.txt
RUN pip install --upgrade pip
RUN pip install --index-url https://gitlab.com/api/v4/projects/45741845/packages/pypi/simple -r /tmp/requirements.txt
RUN pip install --upgrade pip \
&& pip install \
ansible \
ansible-lint
RUN ansible-galaxy collection install \ RUN ansible-galaxy collection install \
awx.awx \ awx.awx \

87
dockerfile-build_cache Normal file
View File

@ -0,0 +1,87 @@
# docker pull python:3.9.16-slim-bullseye
# docker pull python:3.10.11-slim-bullseye
# docker pull python:3.10-slim-bullseye
# docker pull python:3.11-slim-bullseye
# docker pull python:3.11-bullseye
#FROM --platform=$BUILDPLATFORM python:3.11-bullseye as scratchpad
FROM --platform=$TARGETPLATFORM python:3.11-bullseye as wheelbuild
ARG CI_JOB_TOKEN
ARG CI_API_V4_URL
ARG CI_PROJECT_ID
ENV LC_ALL en_US.UTF-8
ENV PATH /usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.cargo/bin::~/.cargo/bin
RUN export DEBIAN_FRONTEND=noninteractive \
&& dpkg-reconfigure debconf -f noninteractive
RUN apt update \
&& apt install --reinstall -yq \
git \
curl \
rustc cargo || true
# && curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs -o /tmp/rustup.sh \
# && chmod +x /tmp/rustup.sh \
# && /tmp/rustup.sh -y \
RUN mkdir -p /tmp/python_modules /tmp/python_builds
# && export PATH=$PATH:~/.cargo/bin
RUN rustc --version \
&& cargo --version
RUN export DEBIAN_FRONTEND=noninteractive \
&& apt update \
&& apt --fix-broken install \
&& apt install -y libc-bin locales-all \
&& apt update \
&& apt install --reinstall -yq \
openssh-client \
git || true \
&& dpkg --purge --force-all libc-bin \
&& apt-get install -y \
openssh-client \
git
RUN export DEBIAN_FRONTEND=noninteractive \
&& apt update \
&& apt install --no-install-recommends -yq libc-bin locales-all \
&& apt-get install --reinstall -yq \
build-essential \
libssl-dev \
libffi-dev \
python3-dev \
cargo \
pkg-config || true
RUN pip install --upgrade pip
RUN pip install --upgrade \
setuptools \
wheel \
setuptools-rust \
twine
COPY requirements.txt /tmp/requirements.txt
RUN cd /tmp/python_modules \
&& pip download --dest . --check-build-dependencies \
-r /tmp/requirements.txt
# RUN export PATH=$PATH:~/.cargo/bin \
# && cargo update
#RUN cargo update
RUN cd /tmp/python_modules \
# && export PATH=$PATH:~/.cargo/bin \
&& echo "[DEBUG] PATH=$PATH" \
&& pip wheel --wheel-dir /tmp/python_builds --find-links . *.whl
RUN TWINE_PASSWORD=${CI_JOB_TOKEN} TWINE_USERNAME=gitlab-ci-token python -m twine upload --verbose --skip-existing --repository-url ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/pypi /tmp/python_builds/*

2
requirements.txt Normal file
View File

@ -0,0 +1,2 @@
ansible-core==2.14.5
ansible-lint==6.15.0