CPU Arch: added helper script for simple string replacements

Dockerfile-alpine

@@ -4,6 +4,7 @@ FROM alpine:3.14 as base
 
 # Ensure scripts are available for use in next command
 COPY ./container/root/scripts/* /scripts/
+COPY ./container/root/usr/local/bin/* /usr/local/bin/
 
 # - Symlink variant-specific scripts to default location
 # - Add additional repositories to pull packages from

Dockerfile-centos-7

@@ -4,6 +4,7 @@ FROM centos:7 as base
 
 # Ensure scripts are available for use in next command
 COPY ./container/root/scripts/* /scripts/
+COPY ./container/root/usr/local/bin/* /usr/local/bin/
 
 # - Symlink variant-specific scripts to default location
 # - Upgrade base security packages, then clean packaging leftover

Dockerfile-centos-8

@@ -4,6 +4,7 @@ FROM centos:8 as base
 
 # Ensure scripts are available for use in next command
 COPY ./container/root/scripts/* /scripts/
+COPY ./container/root/usr/local/bin/* /usr/local/bin/
 
 # - Symlink variant-specific scripts to default location
 # - Upgrade base security packages, then clean packaging leftover

Dockerfile-ubuntu-18.04

@@ -4,6 +4,7 @@ FROM ubuntu:18.04 as base
 
 # Ensure scripts are available for use in next command
 COPY ./container/root/scripts/* /scripts/
+COPY ./container/root/usr/local/bin/* /usr/local/bin/
 
 # - Symlink variant-specific scripts to default location
 # - Upgrade base security packages, then clean packaging leftover

Dockerfile-ubuntu-20.04

@@ -4,6 +4,7 @@ FROM ubuntu:20.04 as base
 
 # Ensure scripts are available for use in next command
 COPY ./container/root/scripts/* /scripts/
+COPY ./container/root/usr/local/bin/* /usr/local/bin/
 
 # - Symlink variant-specific scripts to default location
 # - Upgrade base security packages, then clean packaging leftover

README.md

@@ -16,7 +16,6 @@ Provides base OS, security patches, and tools for quick and easy spinup.
 * Centos 7 builds available, tagged as `-centos-7`
 * Centos 8 builds available, tagged as `-centos-8`
 
-
 ### Tools
 
 * [S6](https://github.com/just-containers/s6-overlay) process supervisor is used for `only` for zombie reaping (as PID 1), boot coordination, and termination signal translation
@@ -57,27 +56,33 @@ S6_KILL_FINISH_MAXTIME | S6_KILL_FINISH_MAXTIME=55000 | The maximum time (in ms)
 S6_KILL_GRACETIME | S6_KILL_GRACETIME=500 | Wait time (in ms) for S6 finish scripts before sending kill signal. This value has a max of 65535 on Alpine variants.
 
 * `with-contenv` tool, which is used to expose environment variables across scripts, has a limitation that it cannot read beyond 4k characters for environment variable values. To work around this issue, use the script `/scripts/with-bigcontenv` instead of `with-contenv`. You'll need to remove the `with-contenv` from the shebang line, and add  `source /scripts/with-bigcontenv` in the next line after the shebang line.
+
 ### Startup/Runtime Modification
 
 To inject changes just before runtime, shell scripts may be placed into the
 `/etc/cont-init.d` folder.
 As part of the process manager, these scripts are run in advance of the supervised processes. @see https://github.com/just-containers/s6-overlay#executing-initialization-andor-finalization-tasks
 
+### Processor Architectures
+
+All variants are tested on x64 and arm64.
+The convenience script `archstring` is provided to switch between strings based on the current machine.
+Usage:
+```archstring --x64 intel --arm64 arm```
+Which will return "intel" when on x64 and arm when on arm64. This is handy when package names or download paths need to be modified per architecture.
+
 ### Testing
 
 - Container tests itself as part of build process using [goss](https://github.com/aelsabbahy/goss) validator. To add additional build-time tests, overwrite (or extend) the `./container/root/goss.base.yaml` file.
 - To initiate run-time validation, please execute `test.sh`. It uses [dgoss](https://github.com/aelsabbahy/goss/tree/master/extras/dgoss) validator. To add additional run-time tests, extend `./test.sh` and `./goss.yaml` file.
 
-
-
 ### Advanced Modification
 
 More advanced changes can take effect using the `run.d` system. Similar to the `/etc/cont-init.d/` script system, any shell scripts (ending in .sh) in the `/run.d/` folder will be executed ahead of the S6 initialization.
 
 - If a `run.d` script terminates with a non-zero exit code, container will stop, terminating with the script's exit code, unless...
 - If script terminates with exit code of $SIGNAL_BUILD_STOP (99), this will signal the container to stop cleanly. This can be used for a multi-stage build process
 
-
 ### Shutdown Behavior
 
 #### Sequence of events for a crashed supervised service:

container/root/goss.base.yaml

@@ -4,3 +4,38 @@ command:
     exit-status: 0
     stderr: []
     stdout: []
+  # Validate binary installation and availability
+  # Unfortunately cannot rely on any test architecture to prove its working
+  archstring --x64 example --arm64 example:
+    exit-status: 0
+    stdout:
+    - example
+  archstring -i example -a example:
+    exit-status: 0
+    stdout:
+    - example
+  archstring --x64 example:
+    exit-status: 1
+    stdout:
+    - /--arm64/
+  archstring -i example:
+    exit-status: 1
+    stdout:
+    - /--arm64/
+  archstring --arm64 example:
+    exit-status: 1
+    stdout:
+    - /--x64/
+  archstring -a example:
+    exit-status: 1
+    stdout:
+    - /--x64/
+  # uneven number of parameters (shift overrun)
+  archstring -a a -i i -x:
+    exit-status: 1
+    stdout:
+    - /usage/
+  archstring -a a -i i -x a:
+    exit-status: 1
+    stdout:
+    - /usage/

container/root/scripts/install_goss.sh

@@ -9,19 +9,12 @@
 GOSS_VERSION=v0.3.16
 
 # Locate manually and commit below from https://github.com/aelsabbahy/goss/releases/download/${GOSS_VERSION}/goss-linux-${ARCH}.sha256
-GOSS_SHA256=""
 # Determined automatically to correctly select binary
-ARCH=""
-
-if [[ "$(uname -m)" = "x86_64" ]]; then
-  echo "[goss install] Detected x86_64 architecture"
-  ARCH="amd64"
-  GOSS_SHA256=827e354b48f93bce933f5efcd1f00dc82569c42a179cf2d384b040d8a80bfbfb
-elif [[ "$(uname -m)" = "aarch64" ]]; then
-  echo "[goss install] Detected ARM architecture"
-  ARCH="arm"
-  GOSS_SHA256=67c1e6185759a25bf9db334a9fe795a25708f2b04abe808a87d72edd6cd393fd
-fi;
+ARCH="$(archstring --arm64 arm --x64 amd64)"
+GOSS_SHA256="$(archstring \
+  --x64 827e354b48f93bce933f5efcd1f00dc82569c42a179cf2d384b040d8a80bfbfb \
+  --arm64 67c1e6185759a25bf9db334a9fe795a25708f2b04abe808a87d72edd6cd393fd \
+)"
 
 curl -fL https://github.com/aelsabbahy/goss/releases/download/${GOSS_VERSION}/goss-linux-${ARCH} -o /usr/local/bin/goss
 

container/root/scripts/install_s6.sh

@@ -7,15 +7,7 @@
 # Requires curl, gpg (or gnupg on Alpine), and tar to be present
 
 # Determined automatically to correctly select binary
-ARCH=""
-
-if [[ "$(uname -m)" = "x86_64" ]]; then
-  echo "[s6 install] Detected x86_64 architecture"
-  ARCH="amd64"
-elif [[ "$(uname -m)" = "aarch64" ]]; then
-  echo "[s6 install] Detected ARM architecture"
-  ARCH="aarch64"
-fi;
+ARCH="$(archstring --x64 amd64 --arm64 aarch64)"
 
 S6_NAME=s6-overlay-${ARCH}.tar.gz
 S6_VERSION=v2.2.0.3

container/root/usr/local/bin/archstring

@@ -0,0 +1,62 @@
+#!/bin/bash
+
+# Script to detect processor architecture and output one of the two input parameters
+# Example: when a download path requires an arch-specific package name
+#
+# --x64 {value}: output if an x86_64 architecture is detected
+# --arm64 {value}: output if an arm64 or aarch64 architecture is detected
+function usage() {
+  echo "usage: $(basename $0) --x64 value --arm64 value"
+  exit 1
+}
+
+if [[ "$#" -eq 0 ]]; then
+  usage
+fi
+
+while [[ "$#" -gt 0 ]]
+do
+  case $1 in
+    -i|--x64)
+      declare x64="$2"
+      ;;
+    -a|--arm64)
+      declare arm64="$2"
+      ;;
+    *)
+      usage
+      ;;
+  esac
+  # shift 2, since we consumed the arch specifier and the value
+  shift 2
+  # assert there are positional parameters remaining
+  if [ "$?" -ne 0 ]; then
+    usage
+  fi;
+done
+
+if [ -z "$x64" ]; then
+  echo "error: missing --x64 input"
+  exit 1
+fi
+
+if [ -z "$arm64" ]; then
+  echo "error: missing --arm64 input"
+  exit 1
+fi
+
+DETECTED_ARCH="$(uname -m)"
+ARCH_X64='x86_64'
+ARCH_ARM64='aarch64'
+ARCH_ARM64_ALT='arm64'
+
+if [[ $DETECTED_ARCH == $ARCH_X64 ]]; then
+  echo $x64
+elif [[ $DETECTED_ARCH == $ARCH_ARM64 ]]; then
+  echo $arm64
+elif [[ $DETECTED_ARCH == $ARCH_ARM64_ALT ]]; then
+  echo $arm64
+else
+  echo "failure: $DETECTED_ARCH not supported"
+  exit 1
+fi;