Merge pull request #42 from star3am/feature/docker-image-build

Feature/docker image build
star3am · Jul 25, 2024 · 1fb4ede · 1fb4ede
2 parents 44c817f + 007336b
commit 1fb4ede
Show file tree

Hide file tree

Showing 6 changed files with 77 additions and 20 deletions.
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
@@ -0,0 +1,51 @@
+---
+# checkov:skip=CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
+# https://docs.github.com/en/actions/quickstart
+# hhttps://github.com/marketplace/actions/build-and-publish-docker-image-to-github-container-registry
+name: "HashiQube DevOps Lab Pipeline"
+
+on: # yamllint disable-line rule:truthy
+  push: # yamllint disable-line rule:empty-values
+
+jobs:
+  build-and-publish-latest:
+    if: ${{ vars.REBUILD_CONTAINER_IMAGE == 'true' }}
+    runs-on: ubuntu-latest
+
+    steps:
+      # Checking out the repo
+      - uses: actions/checkout@v3
+
+      # https://github.com/docker/setup-qemu-action
+      # https://blog.thesparktree.com/docker-multi-arch-github-actions
+      - name: Setup QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: 'amd64,arm64,arm,linux/arm64/v7,linux/arm64/v8'
+
+      # https://github.com/docker/setup-buildx-action
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: ghcr.io/${{ github.repository }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          # https://github.com/docker/metadata-action#tags-input
+          # tags: ${{ steps.meta.outputs.tags }}
+          tags: ghcr.io/${{ github.repository_owner }}/hashiqube:latest # INFO: Hardcoding latest tag
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/Dockerfile b/Dockerfile
@@ -15,6 +15,11 @@ RUN apt-get -y install -qq \
         curl \
         wget \
         vim-tiny < /dev/null > /dev/null
+
+COPY ./hashiqube/basetools.sh .
+RUN bash ./basetools.sh; \
+    rm ./basetools.sh;
+
 RUN apt-get -qq clean < /dev/null > /dev/null
 RUN rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -2,12 +2,12 @@
 version: "3.8"
 services:
   hashiqube:
+    # image: ghcr.io/star3am/hashiqube:latest
     privileged: true
     tty: true
     cgroup: host
     tmpfs:
     - /var/lib/docker:mode=0777,dev,size=15g,suid,exec
-    # - /tmp:exec,dev
     - /run
     ports:
       - "3000:3000" # grafana
@@ -74,8 +74,6 @@ services:
     build:
       context: .
       dockerfile: ./Dockerfile
-    # If you have build and pushed this container to a registry you can use it below and disable build above
-    # image: YOUR_CONTAINER_REGISTRY/hashiqube:latest
     network_mode: "bridge"
     volumes:
       # Mounts the project folder into the container

diff --git a/docker/docker.sh b/docker/docker.sh
@@ -83,20 +83,20 @@ echo -e '\e[38;5;198m'"++++ "
 sleep 10;
 sudo --preserve-env=PATH -u vagrant docker login -u="admin" -p="password" http://10.9.99.10:5002
 
-echo -e '\e[38;5;198m'"++++ "
-echo -e '\e[38;5;198m'"++++ Docker build -t apache2 ."
-echo -e '\e[38;5;198m'"++++ "
-docker build -t apache2 .
+# echo -e '\e[38;5;198m'"++++ "
+# echo -e '\e[38;5;198m'"++++ Docker build -t apache2 ."
+# echo -e '\e[38;5;198m'"++++ "
+# docker build -t apache2 .
 
-echo -e '\e[38;5;198m'"++++ "
-echo -e '\e[38;5;198m'"++++ Docker images --filter reference=apache2"
-echo -e '\e[38;5;198m'"++++ "
-docker images --filter reference=apache2
+# echo -e '\e[38;5;198m'"++++ "
+# echo -e '\e[38;5;198m'"++++ Docker images --filter reference=apache2"
+# echo -e '\e[38;5;198m'"++++ "
+# docker images --filter reference=apache2
 
-echo -e '\e[38;5;198m'"++++ "
-echo -e '\e[38;5;198m'"++++ Docker run -t -d -i -p 8889:80 --name apache2 --rm apache2"
-echo -e '\e[38;5;198m'"++++ "
-docker run -t -d -i -p 8889:80 --name apache2 --memory 16M --rm apache2
+# echo -e '\e[38;5;198m'"++++ "
+# echo -e '\e[38;5;198m'"++++ Docker run -t -d -i -p 8889:80 --name apache2 --rm apache2"
+# echo -e '\e[38;5;198m'"++++ "
+# docker run -t -d -i -p 8889:80 --name apache2 --memory 16M --rm apache2
 
 echo -e '\e[38;5;198m'"++++ "
 echo -e '\e[38;5;198m'"++++ Docker ps"
@@ -108,6 +108,9 @@ echo -e '\e[38;5;198m'"++++ Docker stats"
 echo -e '\e[38;5;198m'"++++ "
 docker stats --no-stream -a
 
-echo -e '\e[38;5;198m'"++++ open http://localhost:8889 in your browser"
-echo -e '\e[38;5;198m'"++++ you can also run below to get apache2 version from the docker container"
-echo -e '\e[38;5;198m'"++++ vagrant ssh -c \"docker ps; docker exec -it apache2 /bin/bash -c 'apache2 -t -v; ps aux'\""
+echo -e '\e[38;5;198m'"++++ "
+echo -e '\e[38;5;198m'"++++ Docker Daemon installed"
+echo -e '\e[38;5;198m'"++++ "
+# echo -e '\e[38;5;198m'"++++ open http://localhost:8889 in your browser"
+# echo -e '\e[38;5;198m'"++++ you can also run below to get apache2 version from the docker container"
+# echo -e '\e[38;5;198m'"++++ vagrant ssh -c \"docker ps; docker exec -it apache2 /bin/bash -c 'apache2 -t -v; ps aux'\""
diff --git a/hashiqube/basetools.sh b/hashiqube/basetools.sh
@@ -41,7 +41,7 @@ sudo mkdir -p /etc/update-motd.d
 
 cat <<EOF | sudo tee /etc/update-motd.d/00-header
 #!/bin/bash
-/usr/bin/toilet --gay -f standard $(hostname) -w 170
+/usr/bin/toilet --gay -f standard hashiqube -w 170
 printf "%s"
 EOF
 

diff --git a/vault/vault.sh b/vault/vault.sh
@@ -177,7 +177,7 @@ sleep 20
 echo -e '\e[38;5;198m'"++++ "
 echo -e '\e[38;5;198m'"++++ Check Vault Status"
 echo -e '\e[38;5;198m'"++++ "
-sudo systemctl status vault
+sudo systemctl status vault | cat
 
 # initialize vault server
 export VAULT_ADDR=http://127.0.0.1:8200