nhyatt/build-containers
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: nhyatt:d175825beb595892e959e43263c27ddbb3786f44
Branches Tags
nhyatt:main
...
compare: nhyatt:main
Branches Tags
nhyatt:main

31 Commits
d175825beb ... main

Author SHA1 Message Date
nhyatt
4e3888b8e1 gitlab upgrade 2025-03-20 07:54:34 -05:00
nhyatt
1362dda2ba increment version 2025-03-14 07:21:21 -05:00
nhyatt
19702150ca Adds build-gitlab.jenkins 2025-03-03 08:51:07 -06:00
nhyatt
1aa78c2078 upgrade to bind 9.21 2025-01-18 20:39:30 -06:00
nhyatt
cf9e8a6f3f bind to version 9.18 2025-01-18 20:20:37 -06:00
nhyatt
1b63254a50 remove upgrade command, it seems to conflict with coreos. 2025-01-17 07:35:20 -06:00
nhyatt
3f9914c2b3 adds missing comma 2025-01-02 20:20:10 -06:00
nhyatt
3a8d88d566 corrects nordvpn host selector, hopefully. 2025-01-02 20:19:23 -06:00
nhyatt
01680ed48d adds public image location 2024-12-14 10:13:42 -06:00
nhyatt
cb84bcea69 corrects finger file path 2024-12-14 09:01:29 -06:00
nhyatt
de4b4c2895 updates command 2024-12-14 08:58:39 -06:00
nhyatt
d0d543ff26 add webfinger builder 2024-12-14 08:45:54 -06:00
nhyatt
e966249932 upgrade bind 2024-12-10 12:58:50 -06:00
nhyatt
eb9368c3f3 Corrects ffmpeg build script 2024-12-08 20:23:56 -06:00
nhyatt
c0fbe4151a decreases minecraft memory limit moving to baremetal. 2024-11-28 17:33:42 -06:00
nhyatt
d5329cca93 adjust platform 2024-11-11 00:48:02 -06:00
nhyatt
518593e6b0 set platform 2024-11-11 00:42:19 -06:00
nhyatt
37b841fa11 correct hostname 2024-11-11 00:37:41 -06:00
nhyatt
5b13a4af8b variable correction. 2024-11-11 00:36:38 -06:00
nhyatt
cc3fe7c77f step? 2024-11-11 00:34:21 -06:00
nhyatt
c9bf1062fc manual kaniko 2024-11-11 00:30:48 -06:00
nhyatt
e1afb91328 build for arm? 2024-11-10 23:42:38 -06:00
nhyatt
5f78400080 update version to variable 2024-11-10 22:52:25 -06:00
nhyatt
1e00bb7188 corrects from 2024-11-10 22:42:51 -06:00
nhyatt
31e9192300 build darkice? 2024-11-10 22:32:38 -06:00
nhyatt
ad7e294881 updates entrypoint 2024-09-29 08:23:24 -05:00
nhyatt
49658e4262 updates source image 2024-09-29 08:08:30 -05:00
nhyatt
0c568c2049 adds bash 2024-09-29 08:01:14 -05:00
nhyatt
645b29aa65 corrects syntax 2024-09-29 07:57:54 -05:00
nhyatt
c87a006218 bind switched to alpine 2024-09-29 07:56:55 -05:00
nhyatt
fa8a289f67 updates sonarscanner 2024-09-29 07:30:53 -05:00
8 changed files with 320 additions and 31 deletions
Expand all files Collapse all files

23
build-bind.jenkins
View File

@@ -25,6 +25,7 @@ pipeline {
steps {
script {
workspace = pwd()
startFile = """
#! /usr/bin/env bash
SIGN_DOMAINS="\$(ls -1 /var/named/masters)" sign-zone.sh
@@ -32,7 +33,6 @@ chown -R bind:bind /var/named
bind_exporter --bind.stats-url="http://127.0.0.1:8553" --web.listen-address=0.0.0.0:8053 &
/usr/sbin/named -g -c /etc/bind/named.conf -u bind
"""
writeFile(file: workspace + "/start.sh", text: startFile)
signzoneFile = """
#! /usr/bin/env bash
@@ -127,20 +127,29 @@ else
SignZone "\${DOMAIN}"
fi
"""
writeFile(file: workspace + "/start.sh", text: startFile)
writeFile(file: workspace + "/sign-zone.sh", text: signzoneFile)
writeFile(file: workspace + "/test-chamber-13.lan.root.crt", text: functions.getCurrentRootCA())
dockerFile = """
FROM registry.hub.docker.com/internetsystemsconsortium/bind9:9.18
FROM ${repository}/dockerhub/internetsystemsconsortium/bind9:9.21
LABEL org.opencontainers.image.authors="The_Spider <spider@smoothnet.org>"
LABEL org.opencontainers.image.title="bind"
LABEL org.opencontainers.image.base.name="registry.hub.docker.com/internetsystemsconsortium/bind9"
COPY *.sh /usr/local/bin/
COPY test-chamber-13.lan.root.crt /usr/local/share/ca-certificates/
RUN apt-get update && \
apt-get install -y --no-install-recommends dnsutils && \
chmod +x /usr/local/bin/start.sh /usr/local/bin/sign-zone.sh
RUN set -eux && \\
chmod +x /usr/local/bin/start.sh /usr/local/bin/sign-zone.sh && \\
cat /usr/local/share/ca-certificates/test-chamber-13.lan.root.crt >> /etc/ssl/certs/ca-certificates.crt && \\
sed -i 's/dl-cdn.alpinelinux.org/nexus.c.test-chamber-13.lan\\/repository/g' /etc/apk/repositories && \\
apk add --no-cache ca-certificates bind-dnssec-tools bash && \\
update-ca-certificates --fresh
CMD [ "/bin/bash", "-c", "start.sh" ]
ENTRYPOINT [ "/bin/bash", "-c", "start.sh" ]
"""
writeFile(file: workspace + "/test-chamber-13.lan.root.crt", text: functions.getCurrentRootCA())
}
}
}

70
build-darkice.jenkins Normal file
View File

@@ -0,0 +1,70 @@
#!groovy
def repository = "registry.c.test-chamber-13.lan"
def repositoryCreds = "harbor-repository-creds"
def workspace
def dockerFile
def label = "kubernetes-${UUID.randomUUID().toString()}"
def templateName = "pipeline-worker"
def darkiceVersion = "1.5"
pipeline {
agent {
kubernetes {
yaml functions.podYaml(
repo: repository,
templateName: templateName,
kaniko: true
)
}
}
stages {
stage ('Initalize Jenkins') {
steps {
script {
workspace = pwd()
dockerFile = """FROM --platform=linux/arm64/v8 ${repository}/dockerhub/arm64v8/debian:latest as builder
RUN apt-get update \\
&& apt-get --no-install-recommends --yes install ca-certificates curl build-essential tar pkg-config alsa-utils lame libmp3lame-dev libpulse-dev libjack-jackd2-dev libaudio-dev libasound2-dev libshout3-dev libmp3lame-dev \\
&& mkdir /tmp/build \\
&& curl -L https://github.com/rafael2k/darkice/releases/download/v${darkiceVersion}/darkice-${darkiceVersion}.tar.gz | tar -z -x -f - -C /tmp/build \\
&& cd /tmp/build/darkice-${darkiceVersion}/ \\
&& ./configure CXXFLAGS="-std=c++11" --with-pulseaudio --with-lame --with-alsa --with-jack \\
&& make
FROM --platform=linux/arm64/v8 ${repository}/dockerhub/arm64v8/debian:latest
LABEL org.opencontainers.image.authors="The_Spider <spider@smoothnet.org>"
LABEL org.opencontainers.image.title="darkice"
COPY --from=builder /tmp/build/darkice-${darkiceVersion}/src/darkice /usr/bin/local/
ENTRYPOINT [ "/bin/bash", "-c", "/usr/local/bin/darkice" ]
"""
}
}
}
stage ('Build & Push') {
steps {
container ('kaniko') {
script {
def ws = pwd()
writeFile (file: ws + "/Dockerfile", text: dockerFile)
withCredentials([usernameColonPassword(
credentialsId: repositoryCreds,
variable: "dCreds"
)]) {
sh "set +x; printf '{\"auths\":{\"%s\":{\"auth\": \"%s\"}}}' \"registry.c.test-chamber-13.lan\" \"${dcreds.bytes.encodeBase64().toString()}\" > /kaniko/.docker/config.json"
}
sh "/kaniko/executor --force --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"registry.c.test-chamber-13.lan/library/darkice:latest\" --custom-platform \"linux/arm64/v8\""
}
}
}
}
}
}

20
deprecated/build-ffmpeg.jenkins → build-ffmpeg.jenkins
View File

@@ -10,7 +10,13 @@ podTemplate(
repo: repository,
templateName: templateName,
alpine: true,
fedora: true
[
[
name: "ubuntu",
path: "${repository}/dockerhub/library/ubuntu:24.04",
command: "/bin/bash"
]
],
)
) {
node (label) {
@@ -45,14 +51,16 @@ podTemplate(
}
stage ("Build FFMpeg") {
container ("fedora") {
container ("ubuntu") {
writeFile(file: workspace + "/test-chamber-13.lan.root.crt", text: functions.getCurrentRootCA())
sh """
apt update
apt -y --no-install-recommends install build-essential curl ca-certificates python3 python-is-python3 ninja-build meson git
apt clean
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /usr/share/doc/*
update-ca-certificates
cd ${workspace}/ffmpeg
sed -r -i -e 's~^LDFLAGS="-L\\\$WORKSPACE\\/lib"\$~LDFLAGS="-L\\\$WORKSPACE\\/lib -L\\\$WORKSPACE\\/lib64"~g' ./build-ffmpeg
sed -r -i -e 's~-DJPEGXL_ENABLE_JNI=OFF~-DJPEGXL_ENABLE_JNI=OFF CMAKE_CXX_FLAGS:STRING=-fPIC~g' ./build-ffmpeg
dnf install curl gcc-g++ libtool make xz python perl perl-devel openssl-devel diffutils bzip2 glibc-static libstdc++-static vid.stab-devel -y
SKIPINSTALL=yes ./build-ffmpeg --full-static --enable-gpl-and-non-free --build
AUTOINSTALL=yes ./build-ffmpeg --build --full-static --enable-gpl-and-non-free
"""
}
}

80
build-gitlab.jenkins Normal file
View File

@@ -0,0 +1,80 @@
#!groovy
def gitlabRepo = "registry.c.test-chamber-13.lan/gitlab/gitlab-org/build/cng"
def gitlabImages = [
"gitlab-toolbox-ee",
"gitlab-webservice-ee",
]
def gitlabVersion = "v17.10.0"
def gitlabPublicKey
def repository = "registry.c.test-chamber-13.lan"
def repositoryCreds = "harbor-repository-creds"
def shortCommit
def workspace
def dockerFile
def label = "kubernetes-${UUID.randomUUID().toString()}"
def templateName = "pipeline-worker"
pipeline {
agent {
kubernetes {
yaml functions.podYaml(
repo: repository,
templateName: templateName,
kaniko: true,
)
}
}
stages {
stage ('Initalize Jenkins') {
steps {
script {
workspace = pwd()
gitlabPublicKey = """-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreEfP/ncA1A5cuxBz7rS
0Z9DDxdSymLwt2OUSM5WJa+dVB3zSpQjinifdNZq+iHVt8toZBZZ02H3unbn8td0
rIifoj4oVpLhvnOAVjUn5tZeUX17tWMA+yyBpf6w6IFxeYBXFd14WOKEarS05U9B
59DjBxNqSm+GzhljHO7vvTKy2xXQQ7Fa702DZ7jwr4DJnL87bDXfarnYksuawqtK
wQbFHAOvxFj8ghBh1Gshap1abExD4l7QWxFMTCVOkLJmXiqfOi5KuMiaMsSUsCBN
QDE3A5aKvpwLGozsvpGRMy5Tt4SgHC7ZbgerBNe75olOoPDxZf7bBt0+O5A/UjK/
HwIDAQAB
-----END PUBLIC KEY-----
"""
writeFile(file: workspace + "/.license_encryption_key.pub", text: gitlabPublicKey)
}
}
}
stage ('Build Images') {
steps {
script {
for (gitlabImage in gitlabImages) {
stage("Build ${gitlabImage}") {
dockerFile = """FROM ${gitlabRepo}/${gitlabImage}:${gitlabVersion}
COPY .license_encryption_key.pub /srv/gitlab/.license_encryption_key.pub
"""
container ('kaniko') {
script {
declarativeFunctions.buildContainerMultipleDestinations(
dockerFile: dockerFile,
repositoryAccess: [
[
repository: repository,
credentials: repositoryCreds,
],
],
destination: [
"${repository}/library/gitlab/${gitlabImage}:${gitlabVersion}",
]
)
}
}
}
}
}
}
}
}
}

2
build-minecraft.jenkins
View File

@@ -31,7 +31,7 @@ pipeline {
workspace = pwd()
paperVersion = "1.21.1"
memoryMin = "1g"
memoryMax = "32g"
memoryMax = "16g"
dockerFile = """FROM registry.c.test-chamber-13.lan/library/alpine:latest as builder
ARG paperDownload

5
build-sonarscanner.jenkins
View File

@@ -25,7 +25,6 @@ pipeline {
script {
workspace = pwd()
writeFile(file: workspace + "/test-chamber-13.lan.root.crt", text: functions.getCurrentRootCA())
writeFile(file: workspace + "/test-chamber-13.lan.ret.root.crt", text: functions.getRetiredRootCA())
dockerFile = """FROM ${repository}/dockerhub/sonarsource/sonar-scanner-cli:latest
LABEL org.opencontainers.image.authors="The_Spider <spider@smoothnet.org>"
@@ -35,8 +34,8 @@ LABEL org.opencontainers.image.base.name="docker.io/sonarsource/sonar-scanner-cl
USER root
COPY test-chamber-13.lan.root.crt test-chamber-13.lan.ret.root.crt /usr/local/share/ca-certificates/
RUN update-ca-certificates --fresh
COPY test-chamber-13.lan.root.crt /etc/pki/ca-trust/source/anchors/
RUN update-ca-trust
USER scanner-cli
"""

123
build-webfinger.jenkins Normal file
View File

@@ -0,0 +1,123 @@
#!groovy
def repository = "registry.c.test-chamber-13.lan"
def repositoryCreds = "harbor-repository-creds"
def workspace
def dockerFile
def label = "kubernetes-${UUID.randomUUID().toString()}"
def templateName = "pipeline-worker"
pipeline {
agent {
kubernetes {
yaml functions.podYaml(
repo: repository,
templateName: templateName,
kaniko: true,
alpine: true
)
}
}
stages {
stage ('Initalize Jenkins') {
steps {
script {
workspace = pwd()
dockerFile = """
FROM ${repository}/library/alpine:latest AS certHost
FROM ${repository}/dockerhub/library/golang:alpine AS builder
LABEL org.opencontainers.image.authors="The_Spider <spider@smoothnet.org>"
LABEL org.opencontainers.image.title="go-finger"
LABEL org.opencontainers.image.description="Docker container for the go-webfinger server"
ENV ENV_DOCKER=true
COPY go-finger/. /go/src/app/
WORKDIR /go/src/app
RUN if ! command -v git; then apk add --no-cache git; fi; \
git config --global --add safe.directory /go/src/app && \
addgroup -S -g 1000 app && \
adduser --disabled-password -G app --gecos "application account" --home "/home/app" --shell "/sbin/nologin" --no-create-home --uid 1000 app && \
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="-s -w" -tags timetzdata -o webfinger ./main.go
FROM scratch
COPY --from=certHost /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /etc/passwd /etc/group /etc/
COPY --from=builder --chown=app:app /go/src/app/webfinger /app/webfinger
COPY --from=builder --chown=app:app /go/src/app/urns.yml /home/app/urns.yaml
USER app:app
WORKDIR /app/
ENTRYPOINT ["/app/webfinger", "serve", "--urn-file", "/home/app/urns.yaml", "--host", "0.0.0.0", "--port", "8080", "--finger-file", "/home/app/finger.yaml"]
"""
}
}
}
stage ("Pull Source") {
steps {
script {
dir("go-finger") {
checkout ([
$class: "GitSCM",
branches: [
[
name: "refs/heads/main",
],
],
userRemoteConfigs: [
[
url: "https://github.com/Maronato/go-finger.git",
],
],
extensions: [
[
$class: "CloneOption",
shallow: true,
],
[
$class: "CheckoutOption",
timeout: 2,
],
],
])
}
}
}
}
stage ('Build & Push') {
steps {
container ('kaniko') {
script {
declarativeFunctions.buildContainerMultipleDestinations(
dockerFile: dockerFile,
repositoryAccess: [
[
repository: repository,
credentials: repositoryCreds
],
[
repository: "https://index.docker.io/v1/",
credentials: "dockerhub-repository-creds"
],
],
destination: [
"index.docker.io/thespider/webfinger:latest",
"${repository}/library/webfinger:latest",
]
)
}
}
}
}
}
}

28
nordvpn-autoconfigure.jenkins
View File

@@ -48,29 +48,29 @@ pipeline {
// list of urls that return different nordVPN servers
def nordURLs = [
// canada
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:38,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=38&filters\\[servers_technologies\\]=5",
// denmark
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:58,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=58&filters\\[servers_technologies\\]=5",
// france
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:74,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
// gremany
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:81,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=74&filters\\[servers_technologies\\]=5",
// germany
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=81&filters\\[servers_technologies\\]=5",
// ireland
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:104,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=10&filters\\[servers_technologies\\]=5",
// japan
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:108,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=108&filters\\[servers_technologies\\]=5",
// sweden
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:208,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=208&filters\\[servers_technologies\\]=5",
// switzerland
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:209,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=209&filters\\[servers_technologies\\]=5",
// mexico
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:140,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=140&filters\\[servers_technologies\\]=5",
// netherlands
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:153,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=153&filters\\[servers_technologies\\]=5",
// united kingdom
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:38,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=38&filters\\[servers_technologies\\]=5",
// united states
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:228,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}"
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=228&filters\\[servers_technologies\\]=5",
]
// randomly select one from the list
nordURL = nordURLs[Math.abs(new Random().nextInt() % [8])]
@@ -106,7 +106,7 @@ pipeline {
'""" + nordURL + """' \
| jq \
--raw-output \
'[.[] | select(.technologies[] | .identifier == "openvpn_tcp")][0] | .hostname' \
'.servers | ([ .[].load ] | min) as \$m | first(.[] | select(.load == \$m)) | .hostname' \
).tcp.ovpn" \
| sed \
--regexp-extended \