Merge pull request #1 from zowe/add-cli-samples

Add sample CLI dockerfiles

.github/workflows/cli-alpine-basic.yaml

@@ -0,0 +1,20 @@
+name: Build CLI Alpine Basic
+on:
+  push:
+    paths:
+      - cli/alpine-basic/**
+      - .github/workflows/cli-alpine-basic.yaml
+      - .github/workflows/docker-reusable.yaml
+  workflow_dispatch:
+  schedule:
+    - cron: '0 12 1,15 * *'
+
+jobs:
+  build-and-deploy-alpine-basic:
+    uses: ./.github/workflows/docker-reusable.yaml
+    with: 
+      name: cli-alpine-basic
+      path: cli/alpine-basic
+      push: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' || (github.event_name == 'push' && github.ref_name == 'main') }}
+      qemu: true
+    secrets: inherit

.github/workflows/cli-alpine-minimal.yaml

@@ -0,0 +1,20 @@
+name: Build CLI Alpine Minimal
+on:
+  push:
+    paths:
+      - cli/alpine-minimal/**
+      - .github/workflows/cli-alpine-minimal.yaml
+      - .github/workflows/docker-reusable.yaml
+  workflow_dispatch:
+  schedule:
+    - cron: '0 12 1,15 * *'
+
+jobs:
+  build-and-deploy-alpine-minimal:
+    uses: ./.github/workflows/docker-reusable.yaml
+    with: 
+      name: cli-alpine-minimal
+      path: cli/alpine-minimal
+      push: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' || (github.event_name == 'push' && github.ref_name == 'main') }}
+      qemu: true
+    secrets: inherit

.github/workflows/cli-basic-with-nvm.yaml

@@ -0,0 +1,20 @@
+name: Build CLI Basic With NPM
+on:
+  push:
+    paths:
+      - cli/basic-with-nvm/**
+      - .github/workflows/cli-basic-with-nvm.yaml
+      - .github/workflows/docker-reusable.yaml
+  workflow_dispatch:
+  schedule:
+    - cron: '0 12 1,15 * *'
+
+jobs:
+  build-and-deploy-basic-with-nvm:
+    uses: ./.github/workflows/docker-reusable.yaml
+    with: 
+      name: cli-basic-with-nvm
+      path: cli/basic-with-nvm
+      push: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' || (github.event_name == 'push' && github.ref_name == 'main') }}
+      qemu: false
+    secrets: inherit

.github/workflows/cli-basic.yaml

@@ -0,0 +1,20 @@
+name: Build CLI Basic
+on:
+  push:
+    paths:
+      - cli/basic/**
+      - .github/workflows/cli-basic.yaml
+      - .github/workflows/docker-reusable.yaml
+  workflow_dispatch:
+  schedule:
+    - cron: '0 12 1,15 * *'
+
+jobs:
+  build-and-deploy-basic:
+    uses: ./.github/workflows/docker-reusable.yaml
+    with: 
+      name: cli-basic
+      path: cli/basic
+      push: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' || (github.event_name == 'push' && github.ref_name == 'main') }}
+      qemu: false
+    secrets: inherit

.github/workflows/cli-jenkins-agent.yaml

@@ -0,0 +1,20 @@
+name: Build CLI Jenkins Agent
+on:
+  push:
+    paths:
+      - cli/jenkins-agent/**
+      - .github/workflows/cli-jenkins-agent.yaml
+      - .github/workflows/docker-reusable.yaml
+  workflow_dispatch:
+  schedule:
+    - cron: '0 12 1,15 * *'
+
+jobs:
+  build-and-deploy-jenkins-agent:
+    uses: ./.github/workflows/docker-reusable.yaml
+    with: 
+      name: cli-jenkins-agent
+      path: cli/jenkins-agent
+      push: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' || (github.event_name == 'push' && github.ref_name == 'main') }}
+      qemu: false
+    secrets: inherit

.github/workflows/cli-minimal.yaml

@@ -0,0 +1,20 @@
+name: Build CLI Minimal
+on:
+  push:
+    paths:
+      - cli/minimal/**
+      - .github/workflows/cli-minimal.yaml
+      - .github/workflows/docker-reusable.yaml
+  workflow_dispatch:
+  schedule:
+    - cron: '0 12 1,15 * *'
+
+jobs:
+  build-and-deploy-minimal:
+    uses: ./.github/workflows/docker-reusable.yaml
+    with: 
+      name: cli-minimal
+      path: cli/minimal
+      push: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' || (github.event_name == 'push' && github.ref_name == 'main') }}
+      qemu: false
+    secrets: inherit

.github/workflows/docker-reusable.yaml

@@ -0,0 +1,68 @@
+name: Build Sample Docker Image
+on:
+  workflow_call:
+    inputs:
+      name:
+        required: true
+        type: string
+      path:
+        required: true
+        type: string
+      push:
+        required: true
+        default: false
+        type: boolean
+      qemu:
+        required: false
+        default: false
+        type: boolean
+      timeout:
+        required: false
+        default: 15
+        type: number
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-latest
+    timeout-minutes: ${{ inputs.timeout }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+        if: ${{ inputs.qemu }}
+        with:
+          platforms: arm64
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Login to Zowe Artifactory
+        uses: docker/login-action@v2
+        with:
+          registry: zowe-docker-snapshot.jfrog.io
+          username: ${{ secrets.ARTIFACTORY_USERNAME }}
+          password: ${{ secrets.ARTIFACTORY_PASSWORD }}
+
+      - name: Build & Push
+        id:   build
+        uses: docker/build-push-action@v4
+        with:
+          context: ${{ inputs.path }}
+          push: ${{ inputs.push }}
+          platforms: ${{ inputs.qemu && 'linux/amd64,linux/arm64' || 'linux/amd64' }}
+          tags: |
+            ghcr.io/zowe/zowe-sample-dockerfiles-${{ inputs.name }}:latest
+            zowe-docker-snapshot.jfrog.io/ompzowe/zowe-sample-dockerfiles-${{ inputs.name }}:latest
+      
+      - name: Image Digest
+        run:  echo ${{ steps.build.outputs.digest }}

README.md

@@ -0,0 +1,4 @@
+# Zowe Sample Dockerfiles
+
+This repository contains sample dockerfiles that can be used as templates to perform various actions with Zowe in Docker.
+Dockerfiles and docker images created using these templates will not be supported.

cli/README.md

@@ -0,0 +1,35 @@
+# Zowe CLI Sample Dockerfiles
+
+## Alpine Minimal
+
+Provides a minimal installation of Zowe CLI in an Alpine docker container.
+The built container will have a `zowe` user, Node LTS and Zowe V2 LTS.
+Secure Credential Management is disabled.
+The DB2 Plug-in is not installed.
+
+## Minimal
+
+Provides a minimal installation of Zowe CLI in an Ubuntu docker container.
+The built container will have a `zowe` user, Node LTS and Zowe V2 LTS.
+Secure Credential Management is disabled.
+
+## Alpine Basic
+
+Builds upon the Alpine Minimal dockerfile by including an SSH server, Python, CMake, G++, and command line based text editors vim and nano.
+
+## Basic
+
+Builds upon the Minimal dockerfile by including an SSH server, properly set locales, and a script that can be called to reinstall the Zowe CLI and Plug-ins from inside the container.
+Provides the ability to modify OpenSSL to allow for backwards compatibility with TLS 1.1 and TLS 1.0 servers.
+
+## Basic with NVM
+
+The Basic dockerfile, but also includes Node Version Manager, allowing for quick switching of Node versions.
+Useful for testing the CLI on new versions of Node.
+
+## Jenkins Agent
+
+An advanced dockerfile that provides a Jenkins user, JDK 11, JRE 11, and Secure Credential Management.
+Requires additional capabilities to work properly, namely `IPC_LOCK`, or to be privileged in order for Secure Credential Management to function properly.
+Also includes NVM, a fallback NodeJS installation, customizable entrypoint logic, passwordless sudo, and an auto-unlocking keyring.
+JNLP is not supported on this agent.

cli/alpine-basic/Dockerfile

@@ -0,0 +1,56 @@
+# This program and the accompanying materials are made available and may be used, at your option, under either:
+# * Eclipse Public License v2.0, available at https://www.eclipse.org/legal/epl-v20.html, OR
+# * Apache License, version 2.0, available at http://www.apache.org/licenses/LICENSE-2.0
+
+# SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
+
+# Copyright Contributors to the Zowe Project.
+
+FROM alpine:latest
+
+USER root
+
+ARG scriptsDir=/usr/local/bin/
+
+# Upgrade package on image, install supporting software, including node, and delete apk cache
+RUN apk update && apk upgrade && apk add curl vim nano cmake openssh-server nodejs npm g++ python3 doas && rm -rf /var/cache/apk/* 
+
+# Add Zowe user and update password
+RUN adduser -D -g "Zowe" zowe; adduser zowe wheel; echo 'zowe:zowe' | chpasswd
+RUN echo "permit persist :wheel" >> /etc/doas.d/doas.conf
+
+# Copy the setup script and node scripts for execution (allow anyone to run them)
+COPY docker-entrypoint.sh ${scriptsDir}
+
+# Install zowe for root
+RUN npm config set @zowe:registry https://zowe.jfrog.io/zowe/api/npm/npm-local-release/
+RUN npm install -g @zowe/cli@${ZOWE_VERSION} --ignore-scripts
+RUN zowe plugins install @zowe/cics-for-zowe-cli@${ZOWE_VERSION} @zowe/ims-for-zowe-cli@${ZOWE_VERSION} @zowe/mq-for-zowe-cli@${ZOWE_VERSION} @zowe/zos-ftp-for-zowe-cli@${ZOWE_VERSION}
+RUN echo '{"overrides":{"CredentialManager":false}}' > ~/.zowe/settings/imperative.json
+
+# Uncomment to enable daemon mode by default for root
+# RUN echo 'export PATH=/home/zowe/.zowe/bin:$PATH' >> ~/.ashrc && zowe daemon enable
+
+USER zowe
+
+# Install zowe for zowe
+RUN npm config set @zowe:registry https://zowe.jfrog.io/zowe/api/npm/npm-local-release/
+RUN zowe plugins install @zowe/cics-for-zowe-cli@${ZOWE_VERSION} @zowe/ims-for-zowe-cli@${ZOWE_VERSION} @zowe/mq-for-zowe-cli@${ZOWE_VERSION} @zowe/zos-ftp-for-zowe-cli@${ZOWE_VERSION}
+RUN echo '{"overrides":{"CredentialManager":false}}' > ~/.zowe/settings/imperative.json
+
+# Uncomment to enable daemon mode by default for zowe
+# RUN echo 'export PATH=/home/zowe/.zowe/bin:$PATH' >> ~/.ashrc && zowe daemon enable
+
+USER root
+
+# Generate SSH keys
+RUN ssh-keygen -A
+
+# Standard SSH port
+EXPOSE 22
+
+# Execute the setup script when the image is run.
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+# Default command
+CMD ["/usr/sbin/sshd", "-D"]

cli/alpine-basic/README.md

@@ -0,0 +1,20 @@
+# Zowe CLI Docker Container
+
+This repository contains the files required to create a Zowe CLI docker container with root access on Alpine
+Does not install the DB2 plug-in due to incompatibility with musl libraries
+This dockerfile does not provide secure credential support
+
+To build the container, run `docker build .`
+To run the container as a standard user, run `docker run -it -u zowe <tag> /bin/ash`
+To run the container as root, run `docker run -it -u root <tag> /bin/ash`
+
+The container is running SSH. The default password for the zowe user is `zowe`.
+To run the container with ssh and expose the port, run `docker run -dp 2222:22 <tag>` and connect with `ssh zowe@localhost -p 2222`
+
+Requirements:
+
+- Access to the internet
+
+Environment variables:
+
+- ALLOW_PLUGIN_INSTALL_FAIL - Allows plugin installation to fail in the entrypoint without stopping the container if set

cli/alpine-basic/docker-entrypoint.sh

@@ -0,0 +1,21 @@
+#!/bin/ash
+
+# This program and the accompanying materials are made available and may be used, at your option, under either:
+# * Eclipse Public License v2.0, available at https://www.eclipse.org/legal/epl-v20.html, OR
+# * Apache License, version 2.0, available at http://www.apache.org/licenses/LICENSE-2.0
+
+# SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
+
+# Copyright Contributors to the Zowe Project.
+
+#########################################################
+# Setup ENTRYPOINT script when running the image:       #
+# - Installs Zowe CLI and plugins for root              #
+# - Installs Zowe CLI and plugins for zowe           #
+#########################################################
+
+# Exit if any commands fail
+set -e
+
+# Execute passed cmd
+exec "$@"

cli/alpine-minimal/Dockerfile

@@ -0,0 +1,40 @@
+# This program and the accompanying materials are made available and may be used, at your option, under either:
+# * Eclipse Public License v2.0, available at https://www.eclipse.org/legal/epl-v20.html, OR
+# * Apache License, version 2.0, available at http://www.apache.org/licenses/LICENSE-2.0
+
+# SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
+
+# Copyright Contributors to the Zowe Project.
+
+FROM alpine:latest
+
+USER root
+ENV ZOWE_VERSION=zowe-v2-lts
+ENV DEBIAN_FRONTEND="noninteractive"
+
+# Install Node, plugin prereqs
+RUN apk update && apk upgrade && apk add curl doas nodejs npm  && rm -rf /var/cache/apk/*
+
+# Add Zowe user and update password
+RUN adduser -D -g "Zowe" zowe; adduser zowe wheel; echo 'zowe:zowe' | chpasswd
+RUN echo "permit persist :wheel" >> /etc/doas.d/doas.conf
+
+# Install Zowe CLI
+
+RUN npm config set @zowe:registry https://zowe.jfrog.io/zowe/api/npm/npm-local-release/
+RUN npm install -g @zowe/cli@${ZOWE_VERSION} --ignore-scripts
+RUN zowe plugins install @zowe/cics-for-zowe-cli@${ZOWE_VERSION} @zowe/ims-for-zowe-cli@${ZOWE_VERSION} @zowe/mq-for-zowe-cli@${ZOWE_VERSION} @zowe/zos-ftp-for-zowe-cli@${ZOWE_VERSION}
+RUN echo '{"overrides":{"CredentialManager":false}}' > ~/.zowe/settings/imperative.json
+
+# Uncomment to enable daemon mode by default for root
+# RUN echo 'export PATH=/home/zowe/.zowe/bin:$PATH' >> ~/.ashrc && zowe daemon enable
+
+USER zowe
+RUN npm config set @zowe:registry https://zowe.jfrog.io/zowe/api/npm/npm-local-release/
+RUN zowe plugins install @zowe/cics-for-zowe-cli@${ZOWE_VERSION} @zowe/ims-for-zowe-cli@${ZOWE_VERSION} @zowe/mq-for-zowe-cli@${ZOWE_VERSION} @zowe/zos-ftp-for-zowe-cli@${ZOWE_VERSION}
+RUN echo '{"overrides":{"CredentialManager":false}}' > ~/.zowe/settings/imperative.json
+
+# Uncomment to enable daemon mode by default for zowe
+# RUN echo 'export PATH=/home/zowe/.zowe/bin:$PATH' >> ~/.ashrc && zowe daemon enable
+
+CMD ["/bin/ash"]