From a03a065ba8b48152019193f716e834a094fec9f5 Mon Sep 17 00:00:00 2001 From: Riaan Nolan Date: Thu, 25 Jul 2024 11:18:05 +1000 Subject: [PATCH] building hashiqube container --- .github/workflows/pipeline.yml | 51 ++++++++++++++++++++++++++++++++++ Dockerfile | 5 ++++ docker/docker.sh | 33 ++++++++++++---------- vault/vault.sh | 2 +- 4 files changed, 75 insertions(+), 16 deletions(-) create mode 100644 .github/workflows/pipeline.yml diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml new file mode 100644 index 0000000..c346d38 --- /dev/null +++ b/.github/workflows/pipeline.yml @@ -0,0 +1,51 @@ +--- +# checkov:skip=CKV2_GHA_1: "Ensure top-level permissions are not set to write-all" +# https://docs.github.com/en/actions/quickstart +# hhttps://github.com/marketplace/actions/build-and-publish-docker-image-to-github-container-registry +name: "HashiQube DevOps Lab Pipeline" + +on: # yamllint disable-line rule:truthy + push: # yamllint disable-line rule:empty-values + +jobs: + build-and-publish-latest: + if: ${{ vars.REBUILD_CONTAINER_IMAGE == 'true' }} + runs-on: ubuntu-latest + + steps: + # Checking out the repo + - uses: actions/checkout@v3 + + # https://github.com/docker/setup-qemu-action + # https://blog.thesparktree.com/docker-multi-arch-github-actions + - name: Setup QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: 'arm64,amd64' + + # https://github.com/docker/setup-buildx-action + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + with: + images: ghcr.io/${{ github.repository }} + + - name: Build and push + uses: docker/build-push-action@v5 + with: + context: . + push: true + # https://github.com/docker/metadata-action#tags-input + # tags: ${{ steps.meta.outputs.tags }} + tags: ghcr.io/${{ github.repository_owner }}/hashiqube:latest # INFO: Hardcoding latest tag + labels: ${{ steps.meta.outputs.labels }} diff --git a/Dockerfile b/Dockerfile index 111f9d7..41b82c7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,6 +15,11 @@ RUN apt-get -y install -qq \ curl \ wget \ vim-tiny < /dev/null > /dev/null + +COPY ./hashiqube/basetools.sh . +RUN bash ./basetools.sh; \ + rm ./basetools.sh; + RUN apt-get -qq clean < /dev/null > /dev/null RUN rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* diff --git a/docker/docker.sh b/docker/docker.sh index aedeab2..6422b2d 100644 --- a/docker/docker.sh +++ b/docker/docker.sh @@ -83,20 +83,20 @@ echo -e '\e[38;5;198m'"++++ " sleep 10; sudo --preserve-env=PATH -u vagrant docker login -u="admin" -p="password" http://10.9.99.10:5002 -echo -e '\e[38;5;198m'"++++ " -echo -e '\e[38;5;198m'"++++ Docker build -t apache2 ." -echo -e '\e[38;5;198m'"++++ " -docker build -t apache2 . +# echo -e '\e[38;5;198m'"++++ " +# echo -e '\e[38;5;198m'"++++ Docker build -t apache2 ." +# echo -e '\e[38;5;198m'"++++ " +# docker build -t apache2 . -echo -e '\e[38;5;198m'"++++ " -echo -e '\e[38;5;198m'"++++ Docker images --filter reference=apache2" -echo -e '\e[38;5;198m'"++++ " -docker images --filter reference=apache2 +# echo -e '\e[38;5;198m'"++++ " +# echo -e '\e[38;5;198m'"++++ Docker images --filter reference=apache2" +# echo -e '\e[38;5;198m'"++++ " +# docker images --filter reference=apache2 -echo -e '\e[38;5;198m'"++++ " -echo -e '\e[38;5;198m'"++++ Docker run -t -d -i -p 8889:80 --name apache2 --rm apache2" -echo -e '\e[38;5;198m'"++++ " -docker run -t -d -i -p 8889:80 --name apache2 --memory 16M --rm apache2 +# echo -e '\e[38;5;198m'"++++ " +# echo -e '\e[38;5;198m'"++++ Docker run -t -d -i -p 8889:80 --name apache2 --rm apache2" +# echo -e '\e[38;5;198m'"++++ " +# docker run -t -d -i -p 8889:80 --name apache2 --memory 16M --rm apache2 echo -e '\e[38;5;198m'"++++ " echo -e '\e[38;5;198m'"++++ Docker ps" @@ -108,6 +108,9 @@ echo -e '\e[38;5;198m'"++++ Docker stats" echo -e '\e[38;5;198m'"++++ " docker stats --no-stream -a -echo -e '\e[38;5;198m'"++++ open http://localhost:8889 in your browser" -echo -e '\e[38;5;198m'"++++ you can also run below to get apache2 version from the docker container" -echo -e '\e[38;5;198m'"++++ vagrant ssh -c \"docker ps; docker exec -it apache2 /bin/bash -c 'apache2 -t -v; ps aux'\"" +echo -e '\e[38;5;198m'"++++ " +echo -e '\e[38;5;198m'"++++ Docker Daemon installed" +echo -e '\e[38;5;198m'"++++ " +# echo -e '\e[38;5;198m'"++++ open http://localhost:8889 in your browser" +# echo -e '\e[38;5;198m'"++++ you can also run below to get apache2 version from the docker container" +# echo -e '\e[38;5;198m'"++++ vagrant ssh -c \"docker ps; docker exec -it apache2 /bin/bash -c 'apache2 -t -v; ps aux'\"" diff --git a/vault/vault.sh b/vault/vault.sh index 57ecc3f..b001c70 100644 --- a/vault/vault.sh +++ b/vault/vault.sh @@ -177,7 +177,7 @@ sleep 20 echo -e '\e[38;5;198m'"++++ " echo -e '\e[38;5;198m'"++++ Check Vault Status" echo -e '\e[38;5;198m'"++++ " -sudo systemctl status vault +sudo systemctl status vault | cat # initialize vault server export VAULT_ADDR=http://127.0.0.1:8200