diff --git a/Dockerfile b/Dockerfile index c36b5a0..a149ae0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,76 @@ # Icinga 2 Docker image | (c) 2020 Icinga GmbH | GPLv2+ -FROM icinga/icinga2-deps +FROM golang:buster as entrypoint + +COPY entrypoint /entrypoint + +WORKDIR /entrypoint +RUN ["go", "build", "."] + + +FROM buildpack-deps:scm as clone +SHELL ["/bin/bash", "-exo", "pipefail", "-c"] + +RUN git clone --bare https://github.com/lausser/check_mssql_health.git ;\ + git -C check_mssql_health.git archive --prefix=check_mssql_health/ 747af4c3c261790341da164b58d84db9c7fa5480 |tar -x ;\ + git clone --bare https://github.com/lausser/check_nwc_health.git ;\ + git -C check_nwc_health.git archive --prefix=check_nwc_health/ a5295475c9bbd6df9fe7432347f7c5aba16b49df |tar -x ;\ + git clone --bare https://github.com/bucardo/check_postgres.git ;\ + git -C check_postgres.git archive --prefix=check_postgres/ 58de936fdfe4073413340cbd9061aa69099f1680 |tar -x ;\ + git clone --bare https://github.com/matteocorti/check_ssl_cert.git ;\ + git -C check_ssl_cert.git archive --prefix=check_ssl_cert/ 1e72259a9c1cd8c60e229725293c51e03c3ba814 |tar -x ;\ + rm -rf *.git + + +FROM debian:buster-slim as build +SHELL ["/bin/bash", "-exo", "pipefail", "-c"] + +RUN apt-get update ;\ + apt-get install --no-install-{recommends,suggests} -y \ + autoconf automake make ;\ + apt-get clean ;\ + rm -vrf /var/lib/apt/lists/* + +COPY --from=clone /check_mssql_health /check_mssql_health +COPY --from=clone /check_nwc_health /check_nwc_health +COPY --from=clone /check_postgres /check_postgres + +RUN cd /check_mssql_health ;\ + mkdir bin ;\ + autoconf ;\ + autoreconf ;\ + ./configure --libexecdir=/usr/lib/nagios/plugins ;\ + make ;\ + make install "DESTDIR=$(pwd)/bin" + +RUN cd /check_nwc_health ;\ + mkdir bin ;\ + autoreconf ;\ + ./configure --libexecdir=/usr/lib/nagios/plugins ;\ + make ;\ + make install "DESTDIR=$(pwd)/bin" + +RUN cd /check_postgres ;\ + mkdir bin ;\ + perl Makefile.PL INSTALLSITESCRIPT=/usr/lib/nagios/plugins ;\ + make ;\ + make install "DESTDIR=$(pwd)/bin" + + +FROM debian:buster-slim + +RUN ["/bin/bash", "-exo", "pipefail", "-c", "apt-get update; DEBIAN_FRONTEND=noninteractive apt-get install --no-install-{recommends,suggests} -y ca-certificates curl dumb-init libboost-{context,coroutine,date-time,filesystem,program-options,regex,system,thread}1.67 libcap2-bin libedit2 libmariadb3 libmoosex-role-timer-perl libpq5 libssl1.1 mailutils monitoring-plugins msmtp{,-mta} openssh-client openssl; apt-get clean; rm -vrf /var/lib/apt/lists/*"] + +COPY --from=entrypoint /entrypoint/entrypoint /entrypoint + +RUN ["adduser", "--system", "--group", "--home", "/var/lib/icinga2", "--disabled-login", "--force-badname", "--no-create-home", "--uid", "5665", "icinga"] + +COPY --from=build /check_mssql_health/bin/ / +COPY --from=build /check_nwc_health/bin/ / +COPY --from=build /check_postgres/bin/ / +COPY --from=clone /check_ssl_cert/check_ssl_cert /usr/lib/nagios/plugins/check_ssl_cert + +ENTRYPOINT ["/entrypoint"] COPY icinga2-bin/ / diff --git a/action-base.Dockerfile b/action-base.Dockerfile deleted file mode 100644 index 167f3fd..0000000 --- a/action-base.Dockerfile +++ /dev/null @@ -1,39 +0,0 @@ -# Icinga 2 Docker image | (c) 2020 Icinga GmbH | GPLv2+ - -FROM buildpack-deps:scm as clone -SHELL ["/bin/bash", "-exo", "pipefail", "-c"] - -RUN mkdir actions ;\ - cd actions ;\ - git clone --bare https://github.com/actions/checkout.git ;\ - git -C checkout.git archive --prefix=checkout/ v2 |tar -x ;\ - git clone --bare https://github.com/actions/cache.git ;\ - git -C cache.git archive --prefix=cache/ v2 |tar -x ;\ - rm -rf *.git - - -FROM debian:buster-slim -SHELL ["/bin/bash", "-exo", "pipefail", "-c"] -ENV DEBIAN_FRONTEND noninteractive - -RUN apt-get update ;\ - apt-get install --no-install-{recommends,suggests} -y \ - apt-transport-https gnupg2 dirmngr ca-certificates ;\ - apt-get clean ;\ - rm -vrf /var/lib/apt/lists/* ;\ - apt-key adv --fetch-keys https://download.docker.com/linux/debian/gpg ;\ - apt-get purge -y gnupg2 dirmngr ;\ - apt-get autoremove --purge -y - -ADD action-base.list /etc/apt/sources.list.d/misc.list - -RUN apt-get update ;\ - apt-get install --no-install-{recommends,suggests} -y \ - bison cmake docker-ce-cli flex g++ git \ - libboost{,-{context,coroutine,date-time,filesystem,program-options,regex,system,thread}}1.67-dev \ - libedit-dev libmariadbclient-dev libpq-dev libssl-dev make nodejs ;\ - apt-get install --no-install-{recommends,suggests} -y ccache ;\ - apt-get clean ;\ - rm -vrf /var/lib/apt/lists/* - -COPY --from=clone /actions /actions diff --git a/action.Dockerfile b/action.Dockerfile index 73d18d8..4acbafd 100644 --- a/action.Dockerfile +++ b/action.Dockerfile @@ -1,7 +1,44 @@ # Icinga 2 Docker image | (c) 2020 Icinga GmbH | GPLv2+ -FROM icinga/icinga2-builder +FROM buildpack-deps:scm as clone +SHELL ["/bin/bash", "-exo", "pipefail", "-c"] + +RUN mkdir actions ;\ + cd actions ;\ + git clone --bare https://github.com/actions/checkout.git ;\ + git -C checkout.git archive --prefix=checkout/ v2 |tar -x ;\ + git clone --bare https://github.com/actions/cache.git ;\ + git -C cache.git archive --prefix=cache/ v2 |tar -x ;\ + rm -rf *.git + + +FROM debian:buster-slim +SHELL ["/bin/bash", "-exo", "pipefail", "-c"] +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update ;\ + apt-get install --no-install-{recommends,suggests} -y \ + apt-transport-https gnupg2 dirmngr ca-certificates ;\ + apt-get clean ;\ + rm -vrf /var/lib/apt/lists/* ;\ + apt-key adv --fetch-keys https://download.docker.com/linux/debian/gpg ;\ + apt-get purge -y gnupg2 dirmngr ;\ + apt-get autoremove --purge -y + +ADD action-base.list /etc/apt/sources.list.d/misc.list + +RUN apt-get update ;\ + apt-get install --no-install-{recommends,suggests} -y \ + bison cmake docker-ce-cli flex g++ git \ + libboost{,-{context,coroutine,date-time,filesystem,program-options,regex,system,thread}}1.67-dev \ + libedit-dev libmariadbclient-dev libpq-dev libssl-dev make nodejs ;\ + apt-get install --no-install-{recommends,suggests} -y ccache ;\ + apt-get clean ;\ + rm -vrf /var/lib/apt/lists/* + +COPY --from=clone /actions /actions COPY action.bash compile.bash Dockerfile / +COPY entrypoint /entrypoint CMD ["/action.bash"] diff --git a/action.bash b/action.bash index f9ef3f6..bb62f4f 100755 --- a/action.bash +++ b/action.bash @@ -20,8 +20,9 @@ mkimg () { ln -vs "$(pwd)/ccache" ~/.ccache /compile.bash - cache save + + cp -r /entrypoint . docker build -f /Dockerfile -t "${TARGET}:$TAG" . STATE_isPost=1 node /actions/checkout/dist/index.js diff --git a/build.bash b/build.bash index 10ad6a8..ea13dd8 100755 --- a/build.bash +++ b/build.bash @@ -15,8 +15,7 @@ fi I2SRC="$(realpath "$I2SRC")" BLDCTX="$(realpath "$(dirname "$0")")" -docker build -f "${BLDCTX}/action-base.Dockerfile" -t icinga/icinga2-builder "$BLDCTX" -docker build -f "${BLDCTX}/deps.Dockerfile" -t icinga/icinga2-deps "$BLDCTX" +docker build -f "${BLDCTX}/action.Dockerfile" -t icinga/icinga2-builder "$BLDCTX" docker run --rm -i \ -v "${I2SRC}:/i2src:ro" \ @@ -31,5 +30,7 @@ cp -r /i2src/.git /i2cp cd /i2cp /bldctx/compile.bash + +cp -r /entrypoint . docker build -f /bldctx/Dockerfile -t icinga/icinga2 . EOF diff --git a/deps.Dockerfile b/deps.Dockerfile deleted file mode 100644 index 2417ed1..0000000 --- a/deps.Dockerfile +++ /dev/null @@ -1,73 +0,0 @@ -# Icinga 2 Docker image | (c) 2020 Icinga GmbH | GPLv2+ - -FROM golang:buster as entrypoint - -COPY entrypoint /entrypoint - -WORKDIR /entrypoint -RUN ["go", "build", "."] - - -FROM buildpack-deps:scm as clone -SHELL ["/bin/bash", "-exo", "pipefail", "-c"] - -RUN git clone --bare https://github.com/lausser/check_mssql_health.git ;\ - git -C check_mssql_health.git archive --prefix=check_mssql_health/ 747af4c3c261790341da164b58d84db9c7fa5480 |tar -x ;\ - git clone --bare https://github.com/lausser/check_nwc_health.git ;\ - git -C check_nwc_health.git archive --prefix=check_nwc_health/ a5295475c9bbd6df9fe7432347f7c5aba16b49df |tar -x ;\ - git clone --bare https://github.com/bucardo/check_postgres.git ;\ - git -C check_postgres.git archive --prefix=check_postgres/ 58de936fdfe4073413340cbd9061aa69099f1680 |tar -x ;\ - git clone --bare https://github.com/matteocorti/check_ssl_cert.git ;\ - git -C check_ssl_cert.git archive --prefix=check_ssl_cert/ 1e72259a9c1cd8c60e229725293c51e03c3ba814 |tar -x ;\ - rm -rf *.git - - -FROM debian:buster-slim as build -SHELL ["/bin/bash", "-exo", "pipefail", "-c"] - -RUN apt-get update ;\ - apt-get install --no-install-{recommends,suggests} -y \ - autoconf automake make ;\ - apt-get clean ;\ - rm -vrf /var/lib/apt/lists/* - -COPY --from=clone /check_mssql_health /check_mssql_health -COPY --from=clone /check_nwc_health /check_nwc_health -COPY --from=clone /check_postgres /check_postgres - -RUN cd /check_mssql_health ;\ - mkdir bin ;\ - autoconf ;\ - autoreconf ;\ - ./configure --libexecdir=/usr/lib/nagios/plugins ;\ - make ;\ - make install "DESTDIR=$(pwd)/bin" - -RUN cd /check_nwc_health ;\ - mkdir bin ;\ - autoreconf ;\ - ./configure --libexecdir=/usr/lib/nagios/plugins ;\ - make ;\ - make install "DESTDIR=$(pwd)/bin" - -RUN cd /check_postgres ;\ - mkdir bin ;\ - perl Makefile.PL INSTALLSITESCRIPT=/usr/lib/nagios/plugins ;\ - make ;\ - make install "DESTDIR=$(pwd)/bin" - - -FROM debian:buster-slim - -RUN ["/bin/bash", "-exo", "pipefail", "-c", "apt-get update; DEBIAN_FRONTEND=noninteractive apt-get install --no-install-{recommends,suggests} -y ca-certificates curl dumb-init libboost-{context,coroutine,date-time,filesystem,program-options,regex,system,thread}1.67 libcap2-bin libedit2 libmariadb3 libmoosex-role-timer-perl libpq5 libssl1.1 mailutils monitoring-plugins msmtp{,-mta} openssh-client openssl; apt-get clean; rm -vrf /var/lib/apt/lists/*"] - -COPY --from=entrypoint /entrypoint/entrypoint /entrypoint - -RUN ["adduser", "--system", "--group", "--home", "/var/lib/icinga2", "--disabled-login", "--force-badname", "--no-create-home", "--uid", "5665", "icinga"] - -COPY --from=build /check_mssql_health/bin/ / -COPY --from=build /check_nwc_health/bin/ / -COPY --from=build /check_postgres/bin/ / -COPY --from=clone /check_ssl_cert/check_ssl_cert /usr/lib/nagios/plugins/check_ssl_cert - -ENTRYPOINT ["/entrypoint"]