diff --git a/.rspec b/.rspec deleted file mode 100644 index 16f9cdb0..00000000 --- a/.rspec +++ /dev/null @@ -1,2 +0,0 @@ ---color ---format documentation diff --git a/.ruby-version b/.ruby-version deleted file mode 100644 index ef538c28..00000000 --- a/.ruby-version +++ /dev/null @@ -1 +0,0 @@ -3.1.2 diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index d33823e4..00000000 --- a/.travis.yml +++ /dev/null @@ -1,14 +0,0 @@ -dist: focal -os: linux -language: ruby -rvm: - - 3.1.2 - -services: - - docker - -before_script: - - bundle exec rake build:all - -script: - - bundle exec rake spec:all diff --git a/Gemfile b/Gemfile deleted file mode 100644 index a4e5ea82..00000000 --- a/Gemfile +++ /dev/null @@ -1,14 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -source 'https://rubygems.org' - -gem 'docker-api', '~> 2.2' -gem 'serverspec', '~> 2.42' - -# You should_not start your specs with the string "should" -gem 'should_not', '~> 1.1' - -gem 'rake', '>= 13.0' - -gem 'json', '~> 2.6' diff --git a/Gemfile.lock b/Gemfile.lock deleted file mode 100644 index 95def9e5..00000000 --- a/Gemfile.lock +++ /dev/null @@ -1,56 +0,0 @@ -GEM - remote: https://rubygems.org/ - specs: - diff-lcs (1.5.0) - docker-api (2.2.0) - excon (>= 0.47.0) - multi_json - excon (0.99.0) - json (2.6.3) - multi_json (1.15.0) - net-scp (4.0.0) - net-ssh (>= 2.6.5, < 8.0.0) - net-ssh (7.1.0) - net-telnet (0.1.1) - rake (13.0.6) - rspec (3.12.0) - rspec-core (~> 3.12.0) - rspec-expectations (~> 3.12.0) - rspec-mocks (~> 3.12.0) - rspec-core (3.12.1) - rspec-support (~> 3.12.0) - rspec-expectations (3.12.2) - diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.12.0) - rspec-its (1.3.0) - rspec-core (>= 3.0.0) - rspec-expectations (>= 3.0.0) - rspec-mocks (3.12.4) - diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.12.0) - rspec-support (3.12.0) - serverspec (2.42.2) - multi_json - rspec (~> 3.0) - rspec-its - specinfra (~> 2.72) - sfl (2.3) - should_not (1.1.0) - specinfra (2.85.0) - net-scp - net-ssh (>= 2.7) - net-telnet (= 0.1.1) - sfl - -PLATFORMS - ruby - -DEPENDENCIES - docker-api (~> 2.2) - json (~> 2.6) - rake (>= 13.0) - serverspec (~> 2.42) - should_not (~> 1.1) - -BUNDLED WITH - 2.4.8 diff --git a/LICENCE.md b/LICENCE.md deleted file mode 100644 index f820aa44..00000000 --- a/LICENCE.md +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2018 Crown Copyright (Government Digital Service) - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/Makefile b/Makefile deleted file mode 100644 index 94bd94b8..00000000 --- a/Makefile +++ /dev/null @@ -1,11 +0,0 @@ -SHELL:= /usr/bin/env bash -PAAS_PASSWORD_STORE_DIR := ${HOME}/.paas-pass - - -.PHONY: upload-ghcr-secrets -upload-ghcr-secrets: export PASSWORD_STORE_DIR = $(PAAS_PASSWORD_STORE_DIR) -upload-ghcr-secrets: - gh secret set CI_USER_USERNAME < <(pass github.com/ci-user-username) - gh secret set CI_USER_CONTAINER_REGISTRY_TOKEN < <(pass github.com/ci-user-container-registry-token) - gh secret set DOCKERHUB_USERNAME < <(pass dockerhub/ci/id) - gh secret set DOCKERHUB_PASSWORD < <(pass dockerhub/ci/password) diff --git a/README.md b/README.md deleted file mode 100644 index 4c98f8d7..00000000 --- a/README.md +++ /dev/null @@ -1,39 +0,0 @@ - -Orange: [![Build Status](https://travis-ci.org/orange-cloudfoundry/paas-docker-cloudfoundry-tools.svg)](https://travis-ci.org/orange-cloudfoundry/paas-docker-cloudfoundry-tools) -AlphaGov: not using Travis anymore - -Orange specifics: -* [bosh-cli-v2-cf-cli](bosh-cli-v2-cf-cli) -* [k8s-tools](k8s-tools) -* [terraform](terraform) (overrides Alphagov) - --------------------- - -# PaaS Docker Cloud Foundry tools - -Contains Dockerfiles to build docker images for Cloud Foundry tools and other tools we use regularly. - -Each directory with a Dockerfile relates to a container and will have -repository of the same name in Docker Hub. - -## How to add a new container - -You can add a new container you only need to add these files: - -- The `Dockerfile` and support files to build the image. -- A `README.md` file describing the container -- A workflow to allow building the container. Use one of the existing ones in '.github/workflows/image\_\*.yml' for reference. -- Optional: a `*_spec.rb` file to test the container. - -> Note: The repository must be [added to Docker Hub manually](https://hub.docker.com/orgs/governmentpaas/repositories) - -## Rake tasks - -Tasks to build and tests the containers will be generated automatically: - -- `rake build:bosh-init` builds the container under `./bosh-init` -- `rake build:all` builds all containers -- `rake spec:bosh-init` tests the container under `./bosh-init` -- `rake spec:all` tests all the containers - -Travis will execute the tasks `build:all` and `spec:all` diff --git a/Rakefile b/Rakefile deleted file mode 100644 index cf09ca03..00000000 --- a/Rakefile +++ /dev/null @@ -1,35 +0,0 @@ -dockerfiles = Dir.glob(File.join("*", "Dockerfile")) -containers = dockerfiles.map { |f| File.dirname(f) } - -namespace :build do |ns| - containers.each { |container| - desc "Build #{container} image" - task container.to_sym do - system "cd #{container} && docker build -t #{container} ." or abort - end - } - desc "Build all containers" - task :all do - ns.tasks.each { |t| t.invoke } - end -end - -namespace :spec do |ns| - require 'rspec/core/rake_task' - - containers.each { |container| - spec_pattern = File.join(container, "**", "*_spec.rb") - if Dir.glob(spec_pattern).any? - desc "Run all specs for #{container}" - RSpec::Core::RakeTask.new(container) do |t| - t.pattern = spec_pattern - end - end - } - desc "Run all containers spec" - task :all do - ns.tasks.each { |t| t.invoke } - end -end - -task :default => [ "build:all", "spec:all" ] diff --git a/alpine/Dockerfile b/alpine/Dockerfile deleted file mode 100644 index 239c3857..00000000 --- a/alpine/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -FROM alpine:3.18 - -RUN apk add --no-cache \ - jq~1 \ - openssl \ - ca-certificates>=20220614 diff --git a/alpine/README.md b/alpine/README.md deleted file mode 100644 index afb51e55..00000000 --- a/alpine/README.md +++ /dev/null @@ -1,12 +0,0 @@ -Provides Alpine Linux. See the Dockerfile to check which version. - -For now this container is merely a mirror of DockerHub's `alpine`. The -purpose is to get that container onto GitHub Container Registry, to -workaround rate limits and make our production use a bit safer. - -## Build locally - -``` -$ cd alpine -$ docker build -t alpine . -``` diff --git a/awscli/Dockerfile b/awscli/Dockerfile deleted file mode 100644 index e83f648d..00000000 --- a/awscli/Dockerfile +++ /dev/null @@ -1,11 +0,0 @@ -FROM elpaasoci/curl-ssl - -ENV AWSCLI_VERSION "1.19.112" - -RUN apk add --no-cache \ - groff~1.22.4-r4 \ - less>=590-r0 \ - python3~3.11 \ - py3-pip~23 \ - && pip3 install \ - awscli==$AWSCLI_VERSION diff --git a/awscli/README.md b/awscli/README.md deleted file mode 100644 index 64991391..00000000 --- a/awscli/README.md +++ /dev/null @@ -1,18 +0,0 @@ -Includes AWS client tools (`awscli`) to interact with the AWS platform via -command line. - -Also curl with SSL and openssl support is included, to allow scripting HTTP -calls if necessary (e.g. query metadata) - -## Build locally - -``` -$ cd awscli -$ docker build -t awscli. -``` - -## Run - -``` -docker run -i -t awscli aws help -``` diff --git a/awscli/awscli_spec.rb b/awscli/awscli_spec.rb deleted file mode 100644 index 42a2fd50..00000000 --- a/awscli/awscli_spec.rb +++ /dev/null @@ -1,60 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -AWSCLI_PACKAGES = "curl openssl ca-certificates less" - -AWSCLI_BIN = "/usr/bin/aws" -AWSCLI_VERSION = "1.19.112" - -describe "awscli image" do - before(:all) { - set :docker_image, find_image_id('awscli:latest') - } - - def os_version - command("cat /etc/issue | head -1").stdout - end - - it "checks if 'aws' binary exists and is a file" do - expect(file(AWSCLI_BIN)).to be_file - end - - it "checks if 'aws' binary is executable" do - expect(file(AWSCLI_BIN)).to be_mode 755 - end - - it "has the 'aws' version #{AWSCLI_VERSION}" do - def awscli_version - command("aws --version").stdout.strip - end - expect(awscli_version).to match( - Regexp.union(/aws-cli/, /#{AWSCLI_VERSION}/) - ) - end - - it "the 'aws help' command works" do - synopsis_interleaved_with_backspaces = [ - 0x0a, 0x53, 0x08, 0x53, 0x59, 0x08, 0x59, 0x4e, - 0x08, 0x4e, 0x4f, 0x08, 0x4f, 0x50, 0x08, 0x50, - 0x53, 0x08, 0x53, 0x49, 0x08, 0x49, 0x53, 0x08, - 0x53, 0x0a - ].map(&:chr).join('') - - expect( - command("aws help").stdout - ).to include(synopsis_interleaved_with_backspaces) - end - - it "installs required packages" do - AWSCLI_PACKAGES.split(' ').each do |package| - expect(command("apk -vv info | grep #{package}").exit_status).to eq(0) - end - end - - it "has jq available" do - cmd = command("jq --version") - expect(cmd.exit_status).to eq(0) - end - -end diff --git a/bosh-cli-v2-cf-cli/Dockerfile b/bosh-cli-v2-cf-cli/Dockerfile deleted file mode 100644 index fa69a82c..00000000 --- a/bosh-cli-v2-cf-cli/Dockerfile +++ /dev/null @@ -1,22 +0,0 @@ -FROM elpaasoci/bosh-cli-v2:latest - -# we use libc6 instead of libc6-compat as we do not use alpine base image -ENV CF_PACKAGES "unzip curl openssl ca-certificates git libc6 bash jq gettext make" -# renovate: datasource=github-release-attachments depName=cloudfoundry/cli -ENV CF_CLI_VERSION "8.3.0" -# renovate: datasource=github-release-attachments depName=geofffranks/spruce versionPrefix=v -ENV SPRUCE_VERSION "1.30.2" - -# we also use apt-get as we use an Ubuntu image, not an Alpine -RUN apt-get update \ - && apt-get -y upgrade \ - && apt-get install -y --no-install-recommends ${CF_PACKAGES} \ - && rm -rf /var/lib/apt/lists/* - -RUN rm -rf ~/.bosh/cache # Cleanup AWS CPI - -RUN curl -L "https://cli.run.pivotal.io/stable?release=linux64-binary&version=${CF_CLI_VERSION}" | tar -zx -C /usr/local/bin - -RUN curl -Lo /usr/local/bin/spruce https://github.com/geofffranks/spruce/releases/download/v${SPRUCE_VERSION}/spruce-linux-amd64 \ - && chmod +x /usr/local/bin/spruce - diff --git a/bosh-cli-v2-cf-cli/README.md b/bosh-cli-v2-cf-cli/README.md deleted file mode 100644 index fa430f93..00000000 --- a/bosh-cli-v2-cf-cli/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# Bosh CLI V2 - -This image is for building containers for accessing Bosh programmatically or CF from our pipelines using the [Bosh v2 CLI](https://bosh.io/docs/cli-v2.html) or using the [CF Cli](). Logging into Bosh, or CF, and managing secrets is to be done in the pipelines using this image. - -## Build locally - -``` -$ cd bosh-cli-v2 -$ docker build -t bosh-cli-v2-cf-cli . -``` - -## Run - -``` -docker run -i -t bosh-cli-v2-cf-cli bosh --version;cf --version -``` \ No newline at end of file diff --git a/bosh-cli-v2-cf-cli/bosh-cli-v2-cf-cli_spec.rb b/bosh-cli-v2-cf-cli/bosh-cli-v2-cf-cli_spec.rb deleted file mode 100644 index a1183012..00000000 --- a/bosh-cli-v2-cf-cli/bosh-cli-v2-cf-cli_spec.rb +++ /dev/null @@ -1,117 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -BOSH_CLI_VERSION="7.2.3" -CF_CLI_VERSION="8.3.0" # renovate: datasource=github-release-attachments depName=cloudfoundry/cli -SPRUCE_BIN = "/usr/local/bin/spruce" -SPRUCE_VERSION = "1.30.2" # renovate: datasource=github-release-attachments depName=geofffranks/spruce -BOSH_ENV_DEPS = "build-essential zlib1g-dev openssl libxslt1-dev libxml2-dev \ - libssl-dev libreadline8 libreadline-dev libyaml-dev libsqlite3-dev sqlite3" -CF_ENV_DEPS = "unzip curl openssl ca-certificates git libc6 bash jq gettext make" - -describe "bosh-cli-v2-cf-cli image" do - before(:all) { - set :docker_image, find_image_id('bosh-cli-v2-cf-cli:latest') - } - - it "installs required bosh packages" do - BOSH_ENV_DEPS.split(' ').each do |package| - expect(package(package)).to be_installed - end - end - - it "installs required cf packages" do - CF_ENV_DEPS.split(' ').each do |package| - expect(package(package)).to be_installed - end - end - - it "has the expected version of the Bosh CLI (#{BOSH_CLI_VERSION})" do - expect( - command("bosh -v").stdout.strip - ).to match("version #{BOSH_CLI_VERSION}-") - end - - it "has the expected version of the CF CLI (#{CF_CLI_VERSION})" do - expect( - command("cf --version").stdout - ).to match(/cf version #{CF_CLI_VERSION}/) - end - - it "has curl available" do - expect( - command("curl --version").exit_status - ).to eq(0) - end - - it "has make available" do - expect( - command("make --version").exit_status - ).to eq(0) - end - - it "has unzip available" do - expect( - command("unzip -v").exit_status - ).to eq(0) - end - - it "has git available" do - expect( - command("git --version").exit_status - ).to eq(0) - end - - it "has jq available" do - cmd = command("jq --version") - expect(cmd.exit_status).to eq(0) - end - - it "has ruby 3.1 available" do - cmd = command("ruby -v") - expect(cmd.exit_status).to eq(0) - expect(cmd.stdout).to match(/^ruby 3.1/) - end - - it "has ruby json gem available" do - cmd = command("ruby -e 'require \"json\"'") - expect(cmd.exit_status).to eq(0) - end - - it "has ruby yaml gem available" do - cmd = command("ruby -e 'require \"yaml\"'") - expect(cmd.exit_status).to eq(0) - end - - it "checks if spruce binary exists and is a file" do - expect(file(SPRUCE_BIN)).to be_file - end - - it "checks if spruce binary is executable" do - expect(file(SPRUCE_BIN)).to be_mode 755 - end - - it "has the spruce version #{SPRUCE_VERSION}" do - spruce_version = command("spruce --version").stdout.strip - expect(spruce_version).to match(/spruce - Version v#{SPRUCE_VERSION}( \(master\))?/) - end - - it "has `bash` available" do - expect( - command("bash --version").exit_status - ).to eq(0) - end - - it "has `envsubst` available" do - expect( - command("envsubst --help").exit_status - ).to eq(0) - end - - it "has `jq` available" do - expect( - command("jq --help").exit_status - ).to eq(0) - end -end diff --git a/bosh-cli-v2/Dockerfile b/bosh-cli-v2/Dockerfile index 33eb789a..ed3544bd 100644 --- a/bosh-cli-v2/Dockerfile +++ b/bosh-cli-v2/Dockerfile @@ -1,47 +1,11 @@ FROM ruby:3.1-slim-bullseye -# renovate: datasource=github-release-attachments depName=cloudfoundry/bosh-cli versionPrefix=v -ENV BOSH_CLI_VERSION 7.2.3 -ENV BOSH_CLI_SUM f090d6962a56d946f9592105f6a97956f77d4b6f527e184105355d3f46f354ad -ENV BOSH_CLI_FILENAME bosh-cli-${BOSH_CLI_VERSION}-linux-amd64 - -ENV DEBIAN_PACKAGES "ca-certificates wget git openssh-client file jq" - -# https://bosh.io/docs/cli-env-deps.html -ENV BOSH_ENV_DEPS "build-essential zlib1g-dev openssl libxslt1-dev \ - libxml2-dev libssl-dev libreadline8 libreadline-dev libyaml-dev libsqlite3-dev sqlite3" - -ENV BOSH_AWS_CPI_URL https://bosh.io/d/github.com/cloudfoundry/bosh-aws-cpi-release?v=97 -ENV BOSH_AWS_CPI_CHECKSUM b6aa84bc178e5cc99faa55a89943214c33488d5f - -RUN apt-get update \ - && apt-get -y upgrade \ - && apt-get install -y --no-install-recommends ${DEBIAN_PACKAGES} \ - && apt-get install -y --no-install-recommends ${BOSH_ENV_DEPS} \ - && rm -rf /var/lib/apt/lists/* - -RUN wget -nv https://s3.amazonaws.com/bosh-cli-artifacts/${BOSH_CLI_FILENAME} \ - && echo "${BOSH_CLI_SUM} ${BOSH_CLI_FILENAME}" | sha256sum -c - \ - && chmod +x ${BOSH_CLI_FILENAME} \ - && mv ${BOSH_CLI_FILENAME} /usr/local/bin/bosh - -# renovate: datasource=github-release-attachments depName=cloudfoundry/credhub-cli -ENV CREDHUB_CLI_VERSION 2.9.15 -ENV CREDHUB_CLI_SUM d61c738f65004afd35ed8dd5d17f57d0f1700629ad29e5335b906746f8958026 -ENV CREDHUB_CLI_FILENAME credhub-linux-${CREDHUB_CLI_VERSION}.tgz - -RUN wget -nv https://github.com/cloudfoundry/credhub-cli/releases/download/${CREDHUB_CLI_VERSION}/${CREDHUB_CLI_FILENAME} \ - && echo "${CREDHUB_CLI_SUM} ${CREDHUB_CLI_FILENAME}" | sha256sum -c - \ - && tar zxvf ${CREDHUB_CLI_FILENAME} \ - && chmod +x credhub \ - && mv credhub /usr/local/bin/credhub - # renovate: datasource=github-release-attachments depName=mikefarah/yq versionPrefix=v -ENV YQ_VERSION 4.33.3 +ENV YQ_VERSION v4.33.3 ENV YQ_SUM 4ee662847c588c3ef2fec8bfb304e8739e3dbaba87ccb9a608d691c88f5b64dc ENV YQ_FILENAME yq_linux_amd64 ENV YQ_REPO github.com/mikefarah/yq -RUN wget -nv https://github.com/mikefarah/yq/releases/download/v${YQ_VERSION}/${YQ_FILENAME} \ +RUN wget -nv https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/${YQ_FILENAME} \ && echo "${YQ_SUM} ${YQ_FILENAME}" | sha256sum -c - \ && chmod +x ${YQ_FILENAME} \ && mv ${YQ_FILENAME} /usr/local/bin/yq diff --git a/bosh-cli-v2/README.md b/bosh-cli-v2/README.md deleted file mode 100644 index 886c2560..00000000 --- a/bosh-cli-v2/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# Bosh CLI V2 - -This image is for building containers for accessing Bosh programmatically from our pipelines using the [Bosh v2 CLI](https://bosh.io/docs/cli-v2.html). Logging into Bosh and managing secrets is to be done in the pipelines using this image. - -## Build locally - -``` -$ cd bosh-cli-v2 -$ docker build -t bosh-cli-v2 . -``` - -## Run - -``` -docker run -i -t bosh-cli-v2 bosh --version -``` \ No newline at end of file diff --git a/bosh-cli-v2/bosh-cli-v2_spec.rb b/bosh-cli-v2/bosh-cli-v2_spec.rb deleted file mode 100644 index ffe57ad5..00000000 --- a/bosh-cli-v2/bosh-cli-v2_spec.rb +++ /dev/null @@ -1,96 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -BOSH_CLI_VERSION="7.2.3" -CREDHUB_CLI_VERSION='2.9.15' - -BOSH_ENV_DEPS = "build-essential zlib1g-dev openssl libxslt1-dev libxml2-dev \ - libssl-dev libreadline8 libreadline-dev libyaml-dev libsqlite3-dev sqlite3" - -describe "bosh-cli-v2 image" do - before(:all) { - set :docker_image, find_image_id('bosh-cli-v2:latest') - } - - it "installs required packages" do - BOSH_ENV_DEPS.split(' ').each do |package| - expect(package(package)).to be_installed - end - end - - it "has the expected version of the Bosh CLI (#{BOSH_CLI_VERSION})" do - expect( - command("bosh -v").stdout.strip - ).to match("version #{BOSH_CLI_VERSION}-") - end - - it "has `file` available" do - expect( - command("file --version").exit_status - ).to eq(0) - end - - it "has ssh available" do - expect( - command("ssh -V").exit_status - ).to eq(0) - end - - it "can run git" do - expect(command('git --version').exit_status).to eq(0) - end - - it "can run credhub (#{CREDHUB_CLI_VERSION})" do - cmd = command('credhub --version') - expect(cmd.exit_status).to eq(0) - expect(cmd.stdout.match?(/#{CREDHUB_CLI_VERSION}\n/)).to eq(true) - end - - it "has `bash` available" do - expect( - command("bash --version").exit_status - ).to eq(0) - end - - it "has `jq` available" do - expect( - command("jq --version").exit_status - ).to eq(0) - end - - it "has `yq` available" do - expect( - command("yq --version").exit_status - ).to eq(0) - end - - it "has a new enough version of openssl available" do - # wget (from busybox) requires openssl to be able to connect to https sites. - - # See https://github.com/nahi/httpclient/blob/v2.7.1/lib/httpclient/ssl_config.rb#L441-L452 - # (httpclient is a dependency of bosh_cli) - # With an older version of openssl, bosh_cli spits out warnings. - cmd = command("openssl version") - expect(cmd.exit_status).to eq(0) - - ssl_version_str = cmd.stdout.strip - if ssl_version_str.start_with?('OpenSSL 1.0.1') - expect(ssl_version_str).to be >= 'OpenSSL 1.0.1p' - else - expect(ssl_version_str).to be >= 'OpenSSL 1.0.2d' - end - end - - it "has ruby 3.1 available" do - cmd = command("ruby -v") - expect(cmd.exit_status).to eq(0) - expect(cmd.stdout).to match(/^ruby 3.1/) - end - - it "does not contain the compiled CPI packages" do - installation_path = '/root/.bosh/installations/44f01911-a47a-4a24-6ca3-a3109b33f058' - packages_file = file("#{installation_path}/compiled_packages.json") - expect(packages_file).not_to exist - end -end diff --git a/bosh-cli-v2/bosh_init_cache/minimal-state.json b/bosh-cli-v2/bosh_init_cache/minimal-state.json deleted file mode 100644 index b048dd45..00000000 --- a/bosh-cli-v2/bosh_init_cache/minimal-state.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "installation_id": "44f01911-a47a-4a24-6ca3-a3109b33f058" -} diff --git a/bosh-cli-v2/bosh_init_cache/minimal_in.yml b/bosh-cli-v2/bosh_init_cache/minimal_in.yml deleted file mode 100644 index a386fcbb..00000000 --- a/bosh-cli-v2/bosh_init_cache/minimal_in.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -name: dummy-deployment -cloud_provider: - template: - name: aws_cpi - release: bosh-aws-cpi -releases: -- name: bosh-aws-cpi - sha1: BOSH_AWS_CPI_CHECKSUM - url: BOSH_AWS_CPI_URL -networks: -- name: dummy - type: vip -resource_pools: -- name: dummy - network: dummy - stemcell: - sha1: c8b65794ca4c45773b6fe23b3d447dde520f07b0 - url: https://bosh.io/d/stemcells/bosh-aws-xen-hvm-ubuntu-xenial-go_agent?v=170.3 -jobs: -- name: dummy - networks: - - name: dummy - resource_pool: dummy diff --git a/bosh-cli-v2/bosh_init_cache/seed_bosh_init_cache.sh b/bosh-cli-v2/bosh_init_cache/seed_bosh_init_cache.sh deleted file mode 100755 index f7cebe82..00000000 --- a/bosh-cli-v2/bosh_init_cache/seed_bosh_init_cache.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh - -set -e -set -u - -WORKING_DIR=$(cd $(dirname "${0}") && pwd) - -cd "${WORKING_DIR}" - -sed "s|BOSH_AWS_CPI_URL|${BOSH_AWS_CPI_URL}|; s|BOSH_AWS_CPI_CHECKSUM|${BOSH_AWS_CPI_CHECKSUM}|" minimal_in.yml > minimal.yml - -RED='\033[0;31m' -NO_COLOUR='\033[0m' - -echo "${RED}" -echo "###############################################" -echo "# Compiling AWS CPI release... #" -echo "# The deploy will error, but that's expected. #" -echo "###############################################" -echo "${NO_COLOUR}" - -set +e -bosh create-env minimal.yml -set -e - -echo "...done" diff --git a/certstrap/Dockerfile b/certstrap/Dockerfile deleted file mode 100644 index d7140d10..00000000 --- a/certstrap/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM ghcr.io/alphagov/paas/ubuntu:main - -ENV GIT_COMMIT 1377eabdd8242bc353dcebf879a3b077413036c2 -ENV CERTSTRAP_VERSION 1.3.0 - -RUN wget -O certstrap https://github.com/square/certstrap/releases/download/v${CERTSTRAP_VERSION}/certstrap-linux-amd64 \ - && chmod +x certstrap \ - && cp certstrap /usr/local/bin/ \ No newline at end of file diff --git a/certstrap/README.md b/certstrap/README.md deleted file mode 100644 index acea6c36..00000000 --- a/certstrap/README.md +++ /dev/null @@ -1,32 +0,0 @@ -Installs [certstrap](https://github.com/square/certstrap/). - -It uses a go alpine linux image as base to be able to compile go and keep a small image size. - -## Requirements and tools installed - -certstrap is a simple certificate manager based on `openssl`. In order to -use scripts which interact with HTTP APIs (e.g. S3) `curl` and -the `ca-certificates` are installed. - -## Build locally - -``` -$ cd certstrap -$ docker build -t certstrap . -``` - -## Run - -### Locally - -``` -$ docker run -v certstrap certstrap -h -$ docker run -v certstrap curl -``` - -### From Dockerhub image - -``` -$ docker run -v governmentpaas/certstrap certstrap -h -$ docker run -v governmentpaas/certstrap curl -h -``` diff --git a/certstrap/certstrap_spec.rb b/certstrap/certstrap_spec.rb deleted file mode 100644 index fe362bd5..00000000 --- a/certstrap/certstrap_spec.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -CERTSTRAP_BIN = "/usr/local/bin/certstrap" -CERTSTRAP_VERSION = "1.2.0" -CERTSTRAP_PACKAGES = "openssl curl" - -describe "certstrap image" do - before(:all) { - set :docker_image, find_image_id(ENV['DOCKER_IMAGE']) - } - - it "installs the right version of Ubuntu Linux" do - expect(os_version).to include("Ubuntu 20.04") - expect(os_version).to include("LTS") - end - - def os_version - command("cat /etc/issue | head -1").stdout - end - - it "checks if certstrap binary exists and is a file" do - expect(file(CERTSTRAP_BIN)).to be_file - end - - it "checks if certstrap binary is executable" do - expect(file(CERTSTRAP_BIN)).to be_mode 755 - end - - it "has the certstrap version #{CERTSTRAP_VERSION}" do - expect(certstrap_version).to match(/certstrap version #{CERTSTRAP_VERSION}/) - end - - def certstrap_version - command("certstrap --version").stdout.strip - end - - it "installs required packages" do - CERTSTRAP_PACKAGES.split(' ').each do |package| - expect(command("dpkg --get-selections | grep #{package}").exit_status).to eq(0) - end - end -end diff --git a/cf-acceptance-tests/Dockerfile b/cf-acceptance-tests/Dockerfile deleted file mode 100644 index ab88b037..00000000 --- a/cf-acceptance-tests/Dockerfile +++ /dev/null @@ -1,44 +0,0 @@ -FROM ghcr.io/alphagov/paas/ubuntu:main - -RUN apt update \ - && apt install -y \ - build-essential \ - openssh-client \ - unzip \ - python-pip \ - jq \ - git \ - fossil \ - mercurial \ - bzr \ - subversion - -ENV GOPATH /go -ENV PATH /go/bin:/usr/local/go/bin:$PATH - -ENV GO_VERSION "1.20" -# renovate: datasource=github-releases depName=cloudfoundry/cli -ENV CF_CLI_VERSION "8.6.0" -ENV CF_LOG_CACHE_VERSION "2.1.0" - -RUN \ - wget https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz -P /tmp && \ - tar xzvf /tmp/go${GO_VERSION}.linux-amd64.tar.gz -C /usr/local && \ - mkdir $GOPATH && \ - rm -rf /tmp/* - -RUN go install github.com/onsi/ginkgo/v2/ginkgo@latest - -# Install the cf CLI -RUN wget -q -O cf.deb "https://packages.cloudfoundry.org/stable?release=debian64&version=${CF_CLI_VERSION}&source=github-rel" && \ - dpkg -i cf.deb && \ - rm -f cf.deb - -# Setup plugins -ENV CF_PLUGIN_HOME /root/ - -# Install the log-cache-cli plugin -RUN cf install-plugin -f "https://github.com/cloudfoundry/log-cache-cli/releases/download/v${CF_LOG_CACHE_VERSION}/log-cache-cf-plugin-linux" - -# Install the AWS-CLI -RUN pip install awscli=="1.19.112" diff --git a/cf-acceptance-tests/README.md b/cf-acceptance-tests/README.md deleted file mode 100644 index bfbd2d7b..00000000 --- a/cf-acceptance-tests/README.md +++ /dev/null @@ -1,27 +0,0 @@ -Container for running CloudFoundry acceptance tests. - -It includes all the dependencies of the [CF test -helpers](https://github.com/cloudfoundry-incubator/cf-test-helpers): - -* Go compiler -* `cf` CLI -* `curl` -* [`godep`](github.com/tools/godep) - -Based on the [upstream image](https://hub.docker.com/r/relintdockerhubpushbot/cats-concourse-task/), which is -hosted on [GitHub](https://github.com/cloudfoundry/cats-concourse-task). - -## Build locally - -``` -$ cd cf-acceptance-tests -$ docker build -t cf-acceptance-tests . -``` - -## Run - -``` -docker run -i -t cf-acceptance-tests go version -docker run -i -t cf-acceptance-tests cf --version -docker run -i -t cf-acceptance-tests curl --version -``` diff --git a/cf-acceptance-tests/cf-acceptance-tests_spec.rb b/cf-acceptance-tests/cf-acceptance-tests_spec.rb deleted file mode 100644 index e866c503..00000000 --- a/cf-acceptance-tests/cf-acceptance-tests_spec.rb +++ /dev/null @@ -1,83 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -GO_VERSION="1.20" -CF_CLI_VERSION="8.6.0" -LOG_CACHE_CLI_VERSION="2.1.0" - -describe "cf-acceptance-tests image" do - before(:all) { - set :docker_image, find_image_id(ENV['DOCKER_IMAGE']) - } - - it "has the expected version of Go" do - expect( - command("go version").stdout - ).to match(/go version go#{GO_VERSION}/) - end - - it "has Ginkgo available" do - expect( - command("ginkgo version").exit_status - ).to eq(0) - end - - %w[git bzr fossil hg svn].each do |version_control_tool| - it "has #{version_control_tool} available" do - arg = version_control_tool == 'svn' ? '--version' : 'version' - expect( - command("#{version_control_tool} #{arg}").exit_status - ).to eq(0) - end - end - - it "has the expected version of the CF CLI" do - expect( - command("cf --version").stdout - ).to match(/cf version #{CF_CLI_VERSION}/) - end - - it "has curl available" do - # Needed by the cf acceptance-test helpers - expect( - command("curl --version").exit_status - ).to eq(0) - end - - it "has unzip available" do - # Needed by the cf acceptance-test helpers - expect( - command("unzip -v").exit_status - ).to eq(0) - end - - it "has jq available" do - expect( - command("jq --version").exit_status - ).to eq(0) - end - - it "has the CF_PLUGIN_HOME variable set" do - expect( - command("env").stdout - ).to match(/^CF_PLUGIN_HOME=\/root/) - end - - it "has the log-cache plugin" do - # Needed by the cf acceptance-test with log-cache mode - plugins_output = command("cf plugins").stdout - expect(plugins_output).to match(/^log-cache +#{LOG_CACHE_CLI_VERSION} +log-meta/) - expect(plugins_output).to match(/^log-cache +#{LOG_CACHE_CLI_VERSION} +tail /) - - cf_tail_help = command("cf tail -h").stdout - expect(cf_tail_help).to match(/envelope-class/) - end - - it "has AWS CLI available" do - expect( - command("aws --version").exit_status - ).to eq(0) - end - -end diff --git a/cf-cli/Dockerfile b/cf-cli/Dockerfile deleted file mode 100644 index 3b635f15..00000000 --- a/cf-cli/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -FROM ruby:3.1-alpine3.18 - -ENV PACKAGES "unzip curl openssl ca-certificates git libc6-compat bash jq gettext make" -# renovate: datasource=github-releases depName=cloudfoundry/cli -ENV CF_CLI_VERSION "8.6.0" -# renovate: datasource=github-releases depName=geofffranks/spruce versionPrefix=v -ENV SPRUCE_VERSION "1.30.2" - -RUN apk add --no-cache $PACKAGES - -RUN curl -L "https://cli.run.pivotal.io/stable?release=linux64-binary&version=${CF_CLI_VERSION}" | tar -zx -C /usr/local/bin - -RUN curl -Lo /usr/local/bin/spruce https://github.com/geofffranks/spruce/releases/download/v${SPRUCE_VERSION}/spruce-linux-amd64 \ - && chmod +x /usr/local/bin/spruce diff --git a/cf-cli/README.md b/cf-cli/README.md deleted file mode 100644 index 758d3c2b..00000000 --- a/cf-cli/README.md +++ /dev/null @@ -1,29 +0,0 @@ -Container for running CloudFoundry client. - -It includes some packages commonly used when deploying CF apps: - -* `cf` CLI -* `curl` -* `unzip` -* `git` - -It also includes some commonly-used `cf` plugins: - -* [blue-green-deploy](https://github.com/bluemixgaragelondon/cf-blue-green-deploy) -* [autopilot](https://github.com/contraband/autopilot) - -## Build locally - -``` -$ cd cf-cli -$ docker build -t cf-cli . -``` - -## Run - -``` -docker run -i -t cf-cli cf --version -docker run -i -t cf-cli curl --version -docker run -i -t cf-cli unzip -v -docker run -i -t cf-cli git --version -``` diff --git a/cf-cli/cf-cli_spec.rb b/cf-cli/cf-cli_spec.rb deleted file mode 100644 index 97828ba6..00000000 --- a/cf-cli/cf-cli_spec.rb +++ /dev/null @@ -1,101 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -CF_CLI_VERSION="8.6.0" # renovate: datasource=github-release-attachments depName=cloudfoundry/cli -SPRUCE_BIN = "/usr/local/bin/spruce" -SPRUCE_VERSION = "1.30.2" # renovate: datasource=github-release-attachments depName=geofffranks/spruce -RUBY_VERSION = "3.1" - -describe "cf-cli image" do - before(:all) { - set :docker_image, find_image_id('cf-cli:latest') - } - - it "has the expected version of the CF CLI (#{CF_CLI_VERSION})" do - expect( - command("cf --version").stdout - ).to match(/cf version #{CF_CLI_VERSION}/) - end - - it "has curl available" do - expect( - command("curl --version").exit_status - ).to eq(0) - end - - it "has make available" do - expect( - command("make --version").exit_status - ).to eq(0) - end - - it "has unzip available" do - expect( - command("unzip -v").exit_status - ).to eq(0) - end - - it "has git available" do - expect( - command("git --version").exit_status - ).to eq(0) - end - - it "has jq available" do - cmd = command("jq --version") - expect(cmd.exit_status).to eq(0) - end - - it "has ruby #{RUBY_VERSION} available" do - cmd = command("ruby -v") - expect(cmd.exit_status).to eq(0) - expect(cmd.stdout).to match(/^ruby #{RUBY_VERSION}/) - end - - it "has ruby json gem available" do - cmd = command("ruby -e 'require \"json\"'") - expect(cmd.exit_status).to eq(0) - end - - it "has ruby yaml gem available" do - cmd = command("ruby -e 'require \"yaml\"'") - expect(cmd.exit_status).to eq(0) - end - - it "checks if spruce binary exists and is a file" do - expect(file(SPRUCE_BIN)).to be_file - end - - it "checks if spruce binary is executable" do - expect(file(SPRUCE_BIN)).to be_mode 755 - end - - it "has the spruce version #{SPRUCE_VERSION}" do - spruce_version = command("spruce --version").stdout.strip - expect(spruce_version).to match(/spruce - Version v#{SPRUCE_VERSION}( \(master\))?/) - end - - it "has `bash` available" do - expect( - command("bash --version").exit_status - ).to eq(0) - end - - it "has `envsubst` available" do - expect( - command("envsubst --help").exit_status - ).to eq(0) - end - - it "has `jq` available" do - expect( - command("jq --help").exit_status - ).to eq(0) - end - - it "has not the cf cli app autoscaler plugin" do - plugins = command("cf aasp -h") - expect(plugins.exit_status).to eq(1) - end -end diff --git a/cf-uaac/Dockerfile b/cf-uaac/Dockerfile deleted file mode 100644 index 2c67361f..00000000 --- a/cf-uaac/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -FROM ruby:3.1-alpine3.18 - - -RUN apk add --no-cache musl-dev gcc make g++ - -RUN gem install cf-uaac -v 4.14.0 --no-document diff --git a/cf-uaac/README.md b/cf-uaac/README.md deleted file mode 100644 index 31a09dd3..00000000 --- a/cf-uaac/README.md +++ /dev/null @@ -1,17 +0,0 @@ -Container for running uaac cli. - - -* `uaac` CLI - -## Build locally - -``` -$ cd cf-uaac -$ docker build -t cf-uaac . -``` - -## Run - -``` -docker run -i -t cf-uaac uaac --version -``` diff --git a/cf-uaac/cf-uaac_spec.rb b/cf-uaac/cf-uaac_spec.rb deleted file mode 100644 index 234bc89f..00000000 --- a/cf-uaac/cf-uaac_spec.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -UAAC_VERSION="4.7.0" - -describe "cf-uaac image" do - before(:all) { - set :docker_image, find_image_id(ENV['DOCKER_IMAGE']) - } - - it "has the expected version of uaac" do - expect( - command("uaac --version").stdout.strip - ).to eq("UAA client #{UAAC_VERSION}") - end - -end diff --git a/concourse-keyval-resource/Dockerfile b/concourse-keyval-resource/Dockerfile deleted file mode 100644 index 3a578687..00000000 --- a/concourse-keyval-resource/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM ghcr.io/cludden/concourse-keyval-resource:v0.4.1 diff --git a/concourse-keyval-resource/README.md b/concourse-keyval-resource/README.md deleted file mode 100644 index 024ee8f1..00000000 --- a/concourse-keyval-resource/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# Concourse KeyVal Resource - -This image is similar to keyval-resource for using the keyval resource in concourse, but includes some extra functionality around exposing build metadata, which can be useful in pipeline managament - -## Build locally - -``` -$ cd concourse-keyval-resource -$ docker build -t concourse-keyval-resource . -``` - -## Run - -``` -docker run -it concourse-keyval-resource /bin/bash -``` diff --git a/concourse-pool-resource/Dockerfile b/concourse-pool-resource/Dockerfile deleted file mode 100644 index e04ffac0..00000000 --- a/concourse-pool-resource/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM concourse/pool-resource:1.1.1 diff --git a/concourse-pool-resource/README.md b/concourse-pool-resource/README.md deleted file mode 100644 index 2e6ac7a7..00000000 --- a/concourse-pool-resource/README.md +++ /dev/null @@ -1,14 +0,0 @@ -Provides the Concourse Pool Resource. See the Dockerfile to check -which version. - -For now this container is merely a mirror of DockerHub's -`concourse/pool-resource`. The purpose is to get that container onto -GitHub Container Registry, to workaround rate limits and make our -production use a bit safer. - -## Build locally - -``` -$ cd concourse-pool-resource -$ docker build -t concourse-pool-resource . -``` diff --git a/curl-ssl/Dockerfile b/curl-ssl/Dockerfile deleted file mode 100644 index 17bffc50..00000000 --- a/curl-ssl/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM alpine:3.18 - -RUN apk add --no-cache \ - openssl \ - ca-certificates \ - jq~1 \ - gettext~0.21 \ - curl~8 diff --git a/curl-ssl/README.md b/curl-ssl/README.md deleted file mode 100644 index 43c91f05..00000000 --- a/curl-ssl/README.md +++ /dev/null @@ -1,17 +0,0 @@ -Includes curl with SSL and openssl support, including the `openssl` command. - -It also includes the ca-certificates. - -## Build locally - -``` -$ cd curl-ssl -$ docker build -t curl-ssl . -``` - -## Run - -``` -docker run -i -t curl-ssl curl https://www.google.com -docker run -i -t curl-ssl openssl -``` diff --git a/curl-ssl/curl-ssl_spec.rb b/curl-ssl/curl-ssl_spec.rb deleted file mode 100644 index a6cc027a..00000000 --- a/curl-ssl/curl-ssl_spec.rb +++ /dev/null @@ -1,27 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' -require 'docker' -require 'serverspec' - -CURL_SSL_PACKAGES = 'jq gettext curl openssl ca-certificates' - -describe 'curl-ssl image' do - before(:all) do - set :docker_image, find_image_id('curl-ssl:latest') - end - - it 'installs the right version of Alpine' do - expect(os_version).to include('Alpine Linux 3.18') - end - - def os_version - command('cat /etc/issue | head -1').stdout - end - - it 'installs required packages' do - CURL_SSL_PACKAGES.split(' ').each do |package| - expect(command("apk -vv info | grep #{package}").exit_status).to eq(0) - end - end -end diff --git a/fast-startup-and-shutdown/Dockerfile b/fast-startup-and-shutdown/Dockerfile deleted file mode 100644 index b58d34bc..00000000 --- a/fast-startup-and-shutdown/Dockerfile +++ /dev/null @@ -1,10 +0,0 @@ -FROM ghcr.io/alphagov/paas/bosh-cli-v2:main - -ENV AWSCLI_VERSION "1.19.112" - -RUN apt-get update && apt-get install -y \ - curl \ - python3 \ - python3-pip \ - && pip3 install \ - awscli==$AWSCLI_VERSION diff --git a/fast-startup-and-shutdown/README.md b/fast-startup-and-shutdown/README.md deleted file mode 100644 index 2a1fdfb3..00000000 --- a/fast-startup-and-shutdown/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# Fast Startup and Shutdown - -This image is for building a container to run fast-startup-and-shutdown, which requires bosh-cli, awscli and curl. It uses bosh-cli-v2 as a base image and installs awscli on top using pip, and curl using apt. - -## Build locally - -``` -$ cd fast-startup-and-shutdown -$ docker build -t fast-startup-and-shutdown . -``` - -## Run - -``` -docker run -it fast-startup-and-shutdown /bin/bash -c "bosh --version && aws --version && curl --version" -``` diff --git a/git-ssh/Dockerfile b/git-ssh/Dockerfile deleted file mode 100644 index 3445aa27..00000000 --- a/git-ssh/Dockerfile +++ /dev/null @@ -1,12 +0,0 @@ -FROM ghcr.io/alphagov/paas/alpine:main - -RUN apk add --no-cache \ - git~2 \ - curl~8 \ - openssh-client-default~9 \ - gnupg~2.2 \ - bash~5.1 - -RUN mkdir -p /root/.ssh \ - && git config --global user.email "git-ssh@governmentpaas.docker" \ - && git config --global user.name "Docker container git-ssh" diff --git a/git-ssh/README.md b/git-ssh/README.md deleted file mode 100644 index db7354c9..00000000 --- a/git-ssh/README.md +++ /dev/null @@ -1,17 +0,0 @@ -Installs Git with OpenSSH - -Git also includes by default curl, OpenSSL and ca-certificates. - -## Build locally - -``` -$ cd git-ssh -$ docker build -t git-ssh . -``` - -## Run - -``` -docker run git-ssh git --version -docker run git-ssh ssh -V -``` diff --git a/git-ssh/git-ssh_spec.rb b/git-ssh/git-ssh_spec.rb deleted file mode 100644 index a1aefcbd..00000000 --- a/git-ssh/git-ssh_spec.rb +++ /dev/null @@ -1,56 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -PACKAGES = "git openssh-client ca-certificates gnupg" -GIT_VERSION = "2.6.4" -OPENSSH_VERSION = "7.2p2" - -describe "image" do - before(:all) { - set :docker_image, find_image_id('git-ssh:latest') - } - - it "installs Alpine" do - expect(command("cat /etc/issue | head -1").stdout).to include("Alpine Linux") - end - - it "installs required packages" do - PACKAGES.split(' ').each do |package| - expect(command("apk -vv info | grep #{package}").exit_status).to eq(0) - end - end - - it "can run git" do - expect(command('git --version').exit_status).to eq(0) - end - - it "can run curl" do - expect(command('curl --version').exit_status).to eq(0) - end - - it "can run openssl" do - expect(command('openssl version').exit_status).to eq(0) - end - - it "has ca-certificates installed" do - expect(command('apk list ca-certificates').stdout).to contain('installed') - end - - it "can run ssh" do - expect(command('ssh -V').exit_status).to eq(0) - end - - it "can run bash" do - expect(command('bash --version').exit_status).to eq(0) - end - - it "/root/.ssh exists" do - expect(file('/root/.ssh')).to be_directory - end - - it "/root/.gitconfig contains user and email" do - expect(file('/root/.gitconfig')).to contain 'name =' - expect(file('/root/.gitconfig')).to contain 'email =' - end -end diff --git a/golang/Dockerfile b/golang/Dockerfile deleted file mode 100644 index 7dd4b612..00000000 --- a/golang/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM golang:1.18 diff --git a/json-minify/Dockerfile b/json-minify/Dockerfile deleted file mode 100644 index 0b125876..00000000 --- a/json-minify/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM ruby:3.1-alpine3.18 - -RUN gem install json-minify -v 0.0.2 --no-document diff --git a/json-minify/README.md b/json-minify/README.md deleted file mode 100644 index b00b92da..00000000 --- a/json-minify/README.md +++ /dev/null @@ -1,14 +0,0 @@ -Container for Ruby implemenation of json-minify. - -## Build locally - -``` -$ cd json-minify -$ docker build -t json-minify . -``` - -## Run - -``` -docker run json-minify gem list -``` diff --git a/json-minify/json-minify_spec.rb b/json-minify/json-minify_spec.rb deleted file mode 100644 index 5193b35b..00000000 --- a/json-minify/json-minify_spec.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -JSON_MINIFY_VERSION="0.0.2" - -describe "json-minify image" do - before(:all) { - set :docker_image, find_image_id(ENV['DOCKER_IMAGE']) - } - - it "has the expected version of the json-minify gem" do - expect( - command("gem list").stdout.strip - ).to include("json-minify (0.0.2)") - end - -end diff --git a/k8s-tools/Dockerfile b/k8s-tools/Dockerfile deleted file mode 100644 index a4e6c527..00000000 --- a/k8s-tools/Dockerfile +++ /dev/null @@ -1,106 +0,0 @@ -FROM ruby:3.1-slim - -# we use libc6 instead of libc6-compat as we do not use alpine base image -ENV PACKAGES "unzip curl openssl ca-certificates git libc6 bash jq gettext" - -# we also use apt-get as we use an Ubuntu image, not an Alpine -RUN apt-get update \ - && apt-get -y upgrade \ - && apt-get install -y --no-install-recommends ${PACKAGES} \ - && rm -rf /var/lib/apt/lists/* - -WORKDIR /usr/local/bin - -# renovate: datasource=github-releases depName=k14s/ytt versionPrefix=v -ENV YTT_VERSION "0.40.1" -ENV YTT_SUM 11222665c627b8f0a1443534a3dde3c9b3aac08b322d28e91f0e011e3aeb7df5 -ENV YTT_FILENAME ytt-linux-amd64 -ADD https://github.com/k14s/ytt/releases/download/v${YTT_VERSION}/${YTT_FILENAME} . -RUN echo "Computed sha256sum: $(sha256sum ${YTT_FILENAME})" \ - && echo "${YTT_SUM} ${YTT_FILENAME}" | sha256sum -c - \ - && mv ${YTT_FILENAME} ytt - -# renovate: datasource=github-releases depName=cloudfoundry/credhub-cli -ENV CREDHUB_CLI_VERSION 2.9.15 -ENV CREDHUB_CLI_SUM d61c738f65004afd35ed8dd5d17f57d0f1700629ad29e5335b906746f8958026 -ENV CREDHUB_CLI_FILENAME credhub-linux-${CREDHUB_CLI_VERSION}.tgz -ADD https://github.com/cloudfoundry/credhub-cli/releases/download/${CREDHUB_CLI_VERSION}/${CREDHUB_CLI_FILENAME} . -RUN echo "Computed sha256sum: $(sha256sum ${CREDHUB_CLI_FILENAME})" \ - && echo "${CREDHUB_CLI_SUM} ${CREDHUB_CLI_FILENAME}" | sha256sum -c - \ - && tar zxvf ${CREDHUB_CLI_FILENAME} - -# We need to synchronize this kustomize version with embedded fluxcd version and kubectl embedded version ! -# renovate: datasource=github-releases depName=kubernetes-sigs/kustomize -ENV KUSTOMIZE_VERSION 4.5.4 -ENV KUSTOMIZE_SUM 1159c5c17c964257123b10e7d8864e9fe7f9a580d4124a388e746e4003added3 -ENV KUSTOMIZE_FILENAME kustomize_v${KUSTOMIZE_VERSION}_linux_amd64.tar.gz -ADD https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v${KUSTOMIZE_VERSION}/kustomize_v${KUSTOMIZE_VERSION}_linux_amd64.tar.gz . -RUN echo "Computed sha256sum: $(sha256sum ${KUSTOMIZE_FILENAME})" \ - && echo "${KUSTOMIZE_SUM} ${KUSTOMIZE_FILENAME}" | sha256sum -c - \ - && tar zxvf ${KUSTOMIZE_FILENAME} - -# renovate: datasource=github-releases depName=k14s/kapp -ENV KAPP_VERSION 0.46.0 -ENV KAPP_SUM 130f648cd921761b61bb03d7a0f535d1eea26e0b5fc60e2839af73f4ea98e22f -ENV KAPP_FILENAME kapp-linux-amd64 -ADD https://github.com/k14s/kapp/releases/download/v${KAPP_VERSION}/kapp-linux-amd64 . -RUN echo "Computed sha256sum: $(sha256sum ${KAPP_FILENAME})" \ - && echo "${KAPP_SUM} ${KAPP_FILENAME}" | sha256sum -c - \ - && mv kapp-linux-amd64 kapp - -# renovate: datasource=github-tags depName=kubernetes/kubectl -ENV KUBECTL_VERSION 1.24.13 -ENV KUBECTL_SUM 52455fe485fa11c650ab07fea2e4856b5ea5a3e6ef8a1b3b6121e6361437fff9 -ENV KUBECTL_FILENAME kubectl -ADD https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl . -RUN echo "Computed sha256sum: $(sha256sum ${KUBECTL_FILENAME})" \ - && echo "${KUBECTL_SUM} ${KUBECTL_FILENAME}" | sha256sum -c - - -# renovate: datasource=github-releases depName=helm/helm -ENV HELM_VERSION 3.12.0 -ENV HELM_SUM da36e117d6dbc57c8ec5bab2283222fbd108db86c83389eebe045ad1ef3e2c3b -ENV HELM_FILENAME helm-v${HELM_VERSION}-linux-amd64.tar.gz -ADD https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz . -RUN echo "Computed sha256sum: $(sha256sum ${HELM_FILENAME})" \ - && echo "${HELM_SUM} ${HELM_FILENAME}" | sha256sum -c - \ - && tar zxvf ${HELM_FILENAME} \ - && mv linux-amd64/helm helm \ - && rm -rf linux-amd64 - -# renovate: datasource=github-releases depName=kudobuilder/kuttl -ENV KUTTL_VERSION 0.15.0 -ENV KUTTL_PLUGIN_SUM f6edcf22e238fc71b5aa389ade37a9efce596017c90f6994141c45215ba0f862 -ENV KUTTL_PLUGIN_FILENAME kubectl-kuttl_${KUTTL_VERSION}_linux_x86_64 -ADD https://github.com/kudobuilder/kuttl/releases/download/v${KUTTL_VERSION}/${KUTTL_PLUGIN_FILENAME} . -RUN echo "Computed ${KUTTL_PLUGIN_FILENAME} sha256sum: $(sha256sum ${KUTTL_PLUGIN_FILENAME})" \ - && echo "${KUTTL_PLUGIN_SUM} ${KUTTL_PLUGIN_FILENAME}" | sha256sum -c - \ - && mv ${KUTTL_PLUGIN_FILENAME} kubectl-kuttl \ - && ln -s kubectl-kuttl kuttl - -# renovate: datasource=github-releases depName=mikefarah/yq -ENV YQ_VERSION 4.33.3 -ENV YQ_SUM 4ee662847c588c3ef2fec8bfb304e8739e3dbaba87ccb9a608d691c88f5b64dc -ENV YQ_FILENAME yq_linux_amd64 -ADD https://github.com/mikefarah/yq/releases/download/v${YQ_VERSION}/${YQ_FILENAME} . -RUN echo "Computed ${YQ_FILENAME} sha256sum: $(sha256sum ${YQ_FILENAME})" \ - && echo "${YQ_SUM} ${YQ_FILENAME}" | sha256sum -c - \ - && chmod +x ${YQ_FILENAME} \ - && mv ${YQ_FILENAME} /usr/local/bin/yq - -# renovate: datasource=github-releases depName=cloudfoundry/bosh-cli -ENV BOSH_CLI_VERSION 7.2.3 -ENV BOSH_CLI_SUM f090d6962a56d946f9592105f6a97956f77d4b6f527e184105355d3f46f354ad -ENV BOSH_CLI_FILENAME bosh-cli-${BOSH_CLI_VERSION}-linux-amd64 -ADD https://s3.amazonaws.com/bosh-cli-artifacts/${BOSH_CLI_FILENAME} . -RUN echo "Computed ${BOSH_CLI_FILENAME} sha256sum: $(sha256sum ${BOSH_CLI_FILENAME})" \ - && echo "${BOSH_CLI_SUM} ${BOSH_CLI_FILENAME}" | sha256sum -c - \ - && chmod +x ${BOSH_CLI_FILENAME} \ - && mv ${BOSH_CLI_FILENAME} /usr/local/bin/bosh - -WORKDIR /usr/local/bin -RUN rm *.tgz && rm *.gz && chown root:root * && chmod a+x * - -RUN ls -l -WORKDIR / - -#ENTRYPOINT /bin/bash diff --git a/k8s-tools/README.md b/k8s-tools/README.md deleted file mode 100644 index 03249740..00000000 --- a/k8s-tools/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# K8S Tools - -This image is for building containers for accessing k8s - -## Build locally - -``` -$ cd k8s-tools -$ docker build -t k8s-tools . -``` - -## Run - -``` -docker run -i -t k8s-tools ytt --version -``` \ No newline at end of file diff --git a/k8s-tools/k8s-tools_spec.rb b/k8s-tools/k8s-tools_spec.rb deleted file mode 100644 index d5f6d06a..00000000 --- a/k8s-tools/k8s-tools_spec.rb +++ /dev/null @@ -1,131 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -BOSH_CLI_VERSION="7.2.3" # renovate: datasource=github-releases depName=cloudfoundry/bosh-cli -YTT_VERSION="0.40.1" # renovate: datasource=github-releases depName=k14s/ytt -CREDHUB_CLI_VERSION='2.9.1' # renovate: datasource=github-releases depName=cloudfoundry/credhub-cli -KUSTOMIZE_VERSION="4.5.4" # renovate: datasource=github-releases depName=kubernetes-sigs/kustomize -KAPP_VERSION="0.46.0" # renovate: datasource=github-releases depName=k14s/kapp -KUBECTL_VERSION="1.24.13" # renovate: datasource=github-tags depName=kubernetes/kubectl -HELM_VERSION="3.12.0" # renovate: datasource=github-releases depName=helm/helm -KUTTL_VERSION="0.15.0" # renovate: datasource=github-releases depName=kudobuilder/kuttl - -DEPS = "unzip curl openssl ca-certificates git libc6 bash jq gettext" - -describe "k8s image" do - before(:all) { - set :docker_image, find_image_id('k8s-tools:latest') - } - - it "installs required packages" do - DEPS.split(' ').each do |package| - expect(package(package)).to be_installed - end - end - - it "has the expected version of Kubectl (#{KUBECTL_VERSION}) with embedded Kustomize" do - expect( - command("kubectl version --short --client=true").stdout.strip - ).to eq("Client Version: v#{KUBECTL_VERSION}\nKustomize Version: v#{KUSTOMIZE_VERSION}") - end - - it "has the expected version of YTT (#{YTT_VERSION})" do - expect( - command("ytt --version").stdout.strip - ).to eq("ytt version #{YTT_VERSION}") - end - - it "has the expected version of credhub (#{CREDHUB_CLI_VERSION})" do - expect( - command("credhub --version").stdout.strip - ).to match("#{CREDHUB_CLI_VERSION}\n") - end - - it "has the expected version of stand-alone Kustomize (#{KUSTOMIZE_VERSION})" do - expect( - command("kustomize version").stdout - ).to match(/\/v#{KUSTOMIZE_VERSION} /) - end - - it "has the expected version of Kapp (#{KAPP_VERSION})" do - expect( - command("kapp --version").stdout - ).to match(/#{KAPP_VERSION}/) - end - - it "has the expected version of helm (#{HELM_VERSION})" do - expect( - command("helm version --short").stdout - ).to match(/#{HELM_VERSION}/) - end - - it "has the expected version of kuttle (#{KUTTL_VERSION})" do - expect( - command("kuttl version").stdout - ).to match(/#{KUTTL_VERSION}/) - end - - it "has curl available" do - expect( - command("curl --version").exit_status - ).to eq(0) - end - - it "has unzip available" do - expect( - command("unzip -v").exit_status - ).to eq(0) - end - - it "has git available" do - expect( - command("git --version").exit_status - ).to eq(0) - end - - it "has jq available" do - cmd = command("jq --version") - expect(cmd.exit_status).to eq(0) - end - - it "has ruby 3.1 available" do - cmd = command("ruby -v") - expect(cmd.exit_status).to eq(0) - expect(cmd.stdout).to match(/^ruby 3.1/) - end - - it "has ruby json gem available" do - cmd = command("ruby -e 'require \"json\"'") - expect(cmd.exit_status).to eq(0) - end - - it "has ruby yaml gem available" do - cmd = command("ruby -e 'require \"yaml\"'") - expect(cmd.exit_status).to eq(0) - end - - it "has `bash` available" do - expect( - command("bash --version").exit_status - ).to eq(0) - end - - it "has `envsubst` available" do - expect( - command("envsubst --help").exit_status - ).to eq(0) - end - - it "has `yq` available" do - expect( - command("yq --version").exit_status - ).to eq(0) - end - - it "has the expected version of the Bosh CLI" do - expect( - command("bosh -v").stdout.strip - ).to match("version #{BOSH_CLI_VERSION}-") - end -end diff --git a/keyval-resource/Dockerfile b/keyval-resource/Dockerfile deleted file mode 100644 index 3417cd02..00000000 --- a/keyval-resource/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM gstack/keyval-resource:1.3.0 diff --git a/keyval-resource/README.md b/keyval-resource/README.md deleted file mode 100644 index 9d9485d6..00000000 --- a/keyval-resource/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# KeyVal Resource - -This image is for using the keyval resource in concourse, which is being used as a mechanism to link jobs - -## Build locally - -``` -$ cd keyval-resource -$ docker build -t keyval-resource . -``` - -## Run - -``` -docker run -it keyval-resource /bin/bash -``` diff --git a/middleman/Dockerfile b/middleman/Dockerfile deleted file mode 100644 index 3ff39838..00000000 --- a/middleman/Dockerfile +++ /dev/null @@ -1,12 +0,0 @@ -FROM ruby:3.1-slim - -RUN apt update \ - && apt install -y \ - build-essential \ - libffi-dev \ - git \ - libcurl4-openssl-dev \ - nodejs - -RUN gem install \ - middleman diff --git a/middleman/README.md b/middleman/README.md deleted file mode 100644 index 2d5e06af..00000000 --- a/middleman/README.md +++ /dev/null @@ -1,14 +0,0 @@ -Provides https://middlemanapp.com/ and its dependencies. - -## Build locally - -``` -$ cd middleman -$ docker build -t middleman . -``` - -## Run - -``` -docker run middleman middleman --help -``` diff --git a/middleman/middleman_spec.rb b/middleman/middleman_spec.rb deleted file mode 100644 index 79bdec0c..00000000 --- a/middleman/middleman_spec.rb +++ /dev/null @@ -1,14 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -describe "middleman image" do - before(:all) { - set :docker_image, find_image_id(ENV['DOCKER_IMAGE']) - } - - it "can run middleman" do - expect(command('middleman --help').exit_status).to eq(0) - end - -end diff --git a/node-chromium/Dockerfile b/node-chromium/Dockerfile deleted file mode 100644 index 47d30278..00000000 --- a/node-chromium/Dockerfile +++ /dev/null @@ -1,12 +0,0 @@ -FROM ghcr.io/alphagov/paas/node:main - -RUN apk add --no-cache \ - chromium \ - nss \ - freetype \ - harfbuzz \ - ca-certificates \ - ttf-freefont - -ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true \ - PUPPETEER_EXECUTABLE_PATH=/usr/bin/chromium-browser diff --git a/node/Dockerfile b/node/Dockerfile deleted file mode 100644 index 833a85a4..00000000 --- a/node/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM node:lts-alpine3.18 diff --git a/olhtbr-metadata-resource/Dockerfile b/olhtbr-metadata-resource/Dockerfile deleted file mode 100644 index 68d591fb..00000000 --- a/olhtbr-metadata-resource/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM olhtbr/metadata-resource:2.0.1 diff --git a/paas-prometheus-exporter/Dockerfile b/paas-prometheus-exporter/Dockerfile deleted file mode 100644 index 64ae6bf6..00000000 --- a/paas-prometheus-exporter/Dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -FROM golang:1.18 AS build - -ENV COMMIT_SHA c02e5624a2098d7b4593ab2da56ad6f4cfbf8d24 -ENV REPO_URL https://github.com/alphagov/paas-prometheus-exporter.git -ENV REPO_PATH /go/src/github.com/alphagov/paas-prometheus-exporter - -RUN mkdir -p $REPO_PATH -WORKDIR $REPO_PATH - -RUN git clone $REPO_URL . && \ - git checkout $COMMIT_SHA - -RUN CGO_ENABLED=0 GOOS=linux go install - -SHELL ["/bin/bash", "-o", "pipefail", "-c"] -RUN grep 'version[^=]*=.*"[^"]*"' $REPO_PATH/main.go \ - | grep -o '"[^"]*"' | tr -d '"' > /tmp/version - -FROM ghcr.io/alphagov/paas/alpine:main AS run - -COPY --from=build /tmp/version /opt/paas-prometheus-exporter.version - -COPY --from=build \ - /go/bin/paas-prometheus-exporter \ - /usr/bin/paas-prometheus-exporter - -RUN chmod +x /usr/bin/paas-prometheus-exporter diff --git a/paas-prometheus-exporter/paas-prometheus-exporter_spec.rb b/paas-prometheus-exporter/paas-prometheus-exporter_spec.rb deleted file mode 100644 index a99c7b26..00000000 --- a/paas-prometheus-exporter/paas-prometheus-exporter_spec.rb +++ /dev/null @@ -1,21 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -describe "paas-prometheus-exporter" do - before(:all) { - set :docker_image, find_image_id(ENV['DOCKER_IMAGE']) - } - - let(:version) { '0.0.4' } - - it "has the exporter in the $PATH" do - cmd = command("paas-prometheus-exporter --help") - expect(cmd.exit_status).to eq(0) - end - - it "has the correct version installed" do - cmd = command("cat /opt/paas-prometheus-exporter.version") - expect(cmd.stdout.chomp).to eq(version) - end -end diff --git a/psql/Dockerfile b/psql/Dockerfile deleted file mode 100644 index 3f42e100..00000000 --- a/psql/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -FROM ghcr.io/alphagov/paas/alpine:main - -ENV PACKAGES "postgresql-client" - -RUN apk add --no-cache \ - postgresql14-client~14 diff --git a/psql/README.md b/psql/README.md deleted file mode 100644 index 0c826100..00000000 --- a/psql/README.md +++ /dev/null @@ -1,14 +0,0 @@ -Provides *psql* Postgres client. - -## Build locally - -``` -$ cd psql -$ docker build -t psql . -``` - -## Run - -``` -docker run psql psql --version -``` diff --git a/psql/psql_spec.rb b/psql/psql_spec.rb deleted file mode 100644 index 20bea148..00000000 --- a/psql/psql_spec.rb +++ /dev/null @@ -1,30 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -PSQL_PACKAGE = 'postgresql-client' -ALPINE_VERSION = "3.18" - -describe "psql image" do - before(:all) { - set :docker_image, find_image_id(ENV['DOCKER_IMAGE']) - } - - it "installs the right version of Alpine Linux" do - expect(os_version).to include("Alpine Linux #{ALPINE_VERSION}") - end - - def os_version - command("cat /etc/issue | head -1").stdout - end - - it "installs required package" do - expect(command("apk info #{PSQL_PACKAGE}").stdout.strip).to \ - include("#{PSQL_PACKAGE}") - end - - it "can run psql" do - expect(command('psql --version').exit_status).to eq(0) - end - -end diff --git a/renovate.json5 b/renovate.json5 index bf147d10..9d7637f5 100644 --- a/renovate.json5 +++ b/renovate.json5 @@ -106,8 +106,8 @@ ], // datasourceTemplate: "{{datasource}}", // should not be required as we extract datasource versioningTemplate: "regex:(?\\d+)\\.(?\\d+)\\.(?\\d+)?$", -// extractVersionTemplate: "^v?(?.*)$", - extractVersionTemplate: "{{#if versionPrefix}}^{{versionPrefix}}(?.*){{else}}(?.*){{/if}}" + extractVersionTemplate: "^v?(?.*)$", +// extractVersionTemplate: "{{#if versionPrefix}}^{{versionPrefix}}(?.*){{else}}(?.*){{/if}}" } ] diff --git a/ruby-base/Dockerfile b/ruby-base/Dockerfile deleted file mode 100644 index 1045c24d..00000000 --- a/ruby-base/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM ruby:3.1-alpine3.18 diff --git a/ruby-base/README.md b/ruby-base/README.md deleted file mode 100644 index 0370a3c0..00000000 --- a/ruby-base/README.md +++ /dev/null @@ -1,18 +0,0 @@ -# Image: Ruby Base - -Provides Ruby. See the Dockerfile to check which version. - -This is a base image for building other containers from. - -## Build locally - -``` -$ cd psql -$ docker build -t ruby . -``` - -## Run - -``` -docker run -i ruby irb -``` diff --git a/ruby/Dockerfile b/ruby/Dockerfile deleted file mode 100644 index ed3e4076..00000000 --- a/ruby/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM ruby:3.1-slim diff --git a/ruby/README.md b/ruby/README.md deleted file mode 100644 index 87de3ae7..00000000 --- a/ruby/README.md +++ /dev/null @@ -1,18 +0,0 @@ -Provides Ruby. See the Dockerfile to check which version. - -For now this container is merely a mirror of DockerHub's `ruby`. The -purpose is to get that container onto GitHub Container Registry, -to workaround rate limits and make our production use a bit safer. - -## Build locally - -``` -$ cd psql -$ docker build -t ruby . -``` - -## Run - -``` -docker run -i ruby irb -``` diff --git a/self-update-pipelines/Dockerfile b/self-update-pipelines/Dockerfile deleted file mode 100644 index 9469f155..00000000 --- a/self-update-pipelines/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM ruby:3.1-slim-buster - -ENV AWSCLI_VERSION "1.19.112" -ENV PACKAGES make python-setuptools python-pip groff less curl - -RUN apt-get update \ - && apt-get install -y --no-install-recommends $PACKAGES \ - && rm -rf /var/lib/apt/lists/* \ - && pip install awscli==$AWSCLI_VERSION diff --git a/self-update-pipelines/README.md b/self-update-pipelines/README.md deleted file mode 100644 index 2ba645e9..00000000 --- a/self-update-pipelines/README.md +++ /dev/null @@ -1,23 +0,0 @@ -Container for running the self-update pipeline task which runs -the setup pipeline scipts. - -This includes all the software for this task to run. - -* `ruby` and `curl`: Included on `ruby:slim` -* `make` - -## Build locally - -``` -$ cd self-update-pipelines -$ docker build -t self-update-pipelines . -``` - -## Run - -``` -docker run -i -t self-update-pipelines ruby -v -docker run -i -t self-update-pipelines curl --version -docker run -i -t self-update-pipelines bash --version -docker run -i -t self-update-pipelines make --version -``` diff --git a/self-update-pipelines/self-update-pipelines_spec.rb b/self-update-pipelines/self-update-pipelines_spec.rb deleted file mode 100644 index 3e42948f..00000000 --- a/self-update-pipelines/self-update-pipelines_spec.rb +++ /dev/null @@ -1,51 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -AWSCLI_BIN = "/usr/local/bin/aws" -AWSCLI_VERSION = "1.19.112" - -describe "self-update-pipelines image" do - before(:all) { - set :docker_image, find_image_id(ENV['DOCKER_IMAGE']) - } - - it "has ruby 3.1 available" do - expect( - command("ruby -v").stdout - ).to match(/ruby 3\.1/) - end - - it "has curl available" do - expect( - command("curl --version").stdout - ).to match(/curl 7/) - end - - it "has bash available" do - expect( - command("bash --version").stdout - ).to match(/GNU bash, version 5/) - end - - it "has make available" do - expect( - command("make --version").stdout - ).to match(/GNU Make 4/) - end - - it "checks if 'aws' binary exists and is a file" do - expect(file(AWSCLI_BIN)).to be_file - end - - it "checks if 'aws' binary is executable" do - expect(file(AWSCLI_BIN)).to be_mode 755 - end - - it "has the 'aws' version #{AWSCLI_VERSION}" do - def awscli_version - command("aws --version").stderr.strip - end - expect(awscli_version).to match(/aws-cli\/#{AWSCLI_VERSION} /) - end -end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb deleted file mode 100644 index e24e8576..00000000 --- a/spec/spec_helper.rb +++ /dev/null @@ -1,11 +0,0 @@ -require 'serverspec' - -set :backend, :docker -set :os, family: :debian - -def find_image_id(name) - image = Docker::Image.all().detect{ |i| i.info['RepoTags'].include? name } - raise "Docker image '#{name}' not found. You may need to run 'rake build:' first" unless image - - image.id -end diff --git a/spruce/Dockerfile b/spruce/Dockerfile deleted file mode 100644 index 73c8c49f..00000000 --- a/spruce/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM alpine:3.18 - -ENV SPRUCE_VERSION 1.30.2 - -RUN apk add --no-cache \ - wget~1 \ - && wget https://github.com/geofffranks/spruce/releases/download/v${SPRUCE_VERSION}/spruce-linux-amd64 \ - && chmod +x spruce-linux-amd64 \ - && mv spruce-linux-amd64 /usr/local/bin/spruce diff --git a/spruce/README.md b/spruce/README.md deleted file mode 100644 index 749da4f0..00000000 --- a/spruce/README.md +++ /dev/null @@ -1,34 +0,0 @@ -Installs [spruce](https://github.com/geofffranks/spruce). - -It uses alpine linux image as base and deploys statically compiled spruce release which runs directly. - -## Requirements -Spruce processes manifest files. To make them available to spruce inside the container, they must be mounted via one or several volumes. - -## Build locally - -``` -$ cd spruce -$ docker build -t spruce . -``` - -or - -``` -$ rake build:spruce -``` - -## Run - -### Locally - -``` -$ docker run -v /path/to/local/manifests:/manifests spruce spruce merge /manifests/base-manifest.yml /manifests/stub.yml -``` - -### From Dockerhub image - -``` -$ docker run -v /path/to/local/manifests:/manifests governmentpaas/spruce spruce merge /manifests/base-manifest.yml /manifests/stub.yml - -``` diff --git a/spruce/spruce_spec.rb b/spruce/spruce_spec.rb deleted file mode 100644 index 5d50558e..00000000 --- a/spruce/spruce_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -SPRUCE_BIN = "/usr/local/bin/spruce" -SPRUCE_VERSION = "1.30.2" -ALPINE_VERSION = "3.18" - -describe "spruce image" do - before(:all) { - set :docker_image, find_image_id('spruce:latest') - } - - it "installs the right version of Alpine Linux" do - expect(os_version).to include("Alpine Linux #{ALPINE_VERSION}") - end - - def os_version - command("cat /etc/issue | head -1").stdout - end - - it "checks if spruce binary exists and is a file" do - expect(file(SPRUCE_BIN)).to be_file - end - - it "checks if spruce binary is executable" do - expect(file(SPRUCE_BIN)).to be_mode 755 - end - - it "has the spruce version #{SPRUCE_VERSION}" do - expect(spruce_version).to match(/spruce - Version v#{SPRUCE_VERSION}( \(master\))?/) - end - - def spruce_version - command("spruce --version").stdout.strip - end -end diff --git a/terraform/Dockerfile b/terraform/Dockerfile deleted file mode 100644 index 5012cfed..00000000 --- a/terraform/Dockerfile +++ /dev/null @@ -1,77 +0,0 @@ -FROM alpine:3.16 - -ENV PATH $PATH:/usr/local/bin -ENV TERRAFORM_SHARED_DIR /.terraform/plugins/linux_amd64 -ENV TERRAFORM_VER 0.11.14 -ENV TERRAFORM_SUM 9b9a4492738c69077b079e595f5b2a9ef1bc4e8fb5596610f69a6f322a8af8dd -ENV TERRAFORM_ZIP terraform_${TERRAFORM_VER}_linux_amd64.zip - -ENV PROVIDER_CLOUDFOUNDRY_VERSION 0.11.2 -ENV PROVIDER_CLOUDFOUNDRY_SUM cad949683898195c44864e290fa0d0d9207eb75fdacaf94544e1c77ecb9f5246 - -ENV PROVIDER_CREDHUB_VERSION 0.13.0 -ENV PROVIDER_CREDHUB_SUM 5c75dc1779c47c93399cf55abd86184719f3bcfecffa0fb6330a359b9f407541 - -ENV PROVIDER_UAA_VERSION 0.9.0 -ENV PROVIDER_UAA_SUM bfbab04dde59e70354c98f4516924c447d70c3bb3a5689dd4d6466e744162220 - -RUN mkdir -p ${TERRAFORM_SHARED_DIR} - - -RUN apk add --no-cache openssl openssh-client ca-certificates wget libc6-compat - - -RUN set -ex \ - && wget https://releases.hashicorp.com/terraform/${TERRAFORM_VER}/${TERRAFORM_ZIP} -O /tmp/${TERRAFORM_ZIP} \ - && echo "Computed sha256sum: $(sha256sum /tmp/${TERRAFORM_ZIP})" \ - && echo "${TERRAFORM_SUM} /tmp/${TERRAFORM_ZIP}" | sha256sum -c - \ - && unzip /tmp/${TERRAFORM_ZIP} -d /usr/local/bin \ - && rm /tmp/${TERRAFORM_ZIP} - - -# Terraform CF provider name is not version dependant -RUN set -ex \ - && export FILENAME="terraform-provider-cloudfoundry" \ - && export FILENAME_SUFFIX="_0.11_linux_amd64" \ - && export FULL_FILENAME="$FILENAME$FILENAME_SUFFIX" \ - && export URL="https://github.com/orange-cloudfoundry/terraform-provider-cloudfoundry/releases/download/v${PROVIDER_CLOUDFOUNDRY_VERSION}/${FULL_FILENAME}" \ - && export SUM=${PROVIDER_CLOUDFOUNDRY_SUM} \ - && wget ${URL} -O /tmp/${FULL_FILENAME} \ - && echo "Computed sha256sum: $(sha256sum /tmp/${FULL_FILENAME})" \ - && echo "${SUM} /tmp/${FULL_FILENAME}" | sha256sum -c - \ - && mv /tmp/${FULL_FILENAME} ${TERRAFORM_SHARED_DIR}/${FILENAME}_v${PROVIDER_CLOUDFOUNDRY_VERSION} \ - && chmod +x ${TERRAFORM_SHARED_DIR}/* - -# Terraform Credhub provider name is not version dependant -RUN set -ex \ - && export FILENAME="terraform-provider-credhub" \ - && export FILENAME_SUFFIX="_linux_amd64" \ - && export FULL_FILENAME="$FILENAME$FILENAME_SUFFIX" \ - && export URL="https://github.com/orange-cloudfoundry/terraform-provider-credhub/releases/download/v${PROVIDER_CREDHUB_VERSION}/${FULL_FILENAME}" \ - && export SUM=${PROVIDER_CREDHUB_SUM} \ - && wget ${URL} -O /tmp/${FULL_FILENAME} \ - && echo "Computed sha256sum: $(sha256sum /tmp/${FULL_FILENAME})" \ - && echo "${SUM} /tmp/${FULL_FILENAME}" | sha256sum -c - \ - && mv /tmp/${FULL_FILENAME} ${TERRAFORM_SHARED_DIR}/${FILENAME}_v${PROVIDER_CREDHUB_VERSION} \ - && chmod +x ${TERRAFORM_SHARED_DIR}/* \ - && echo "Computed sha256sum: $(sha256sum ${TERRAFORM_SHARED_DIR}/${FILENAME}_v${PROVIDER_CREDHUB_VERSION})" - -# Terraform UAA provider name is not version dependant -RUN set -ex \ - && export FILENAME="terraform-provider-uaa" \ - && export FILENAME_SUFFIX="_linux_amd64" \ - && export FULL_FILENAME="$FILENAME$FILENAME_SUFFIX" \ - && export ATTIC_FULL_FILENAME="${FILENAME}_${PROVIDER_UAA_VERSION}${FILENAME_SUFFIX}.0" \ - && export URL="https://github.com/orange-cloudfoundry/terraform-provider-attic/releases/download/uaa_${PROVIDER_UAA_VERSION}/$ATTIC_FULL_FILENAME" \ - && export SUM=${PROVIDER_UAA_SUM} \ - && wget ${URL} -O /tmp/${FULL_FILENAME} \ - && echo "Computed sha256sum: $(sha256sum /tmp/${FULL_FILENAME})" \ - && echo "${SUM} /tmp/${FULL_FILENAME}" | sha256sum -c - \ - && mv /tmp/${FULL_FILENAME} ${TERRAFORM_SHARED_DIR}/${FILENAME}_v${PROVIDER_UAA_VERSION} \ - && chmod +x ${TERRAFORM_SHARED_DIR}/* - -ENV TF_DATA_DIR "/.terraform" -COPY plugin_cache.tf /tmp/ -RUN cd /tmp && terraform init - -ENV TF_INPUT 0 diff --git a/terraform/README.md b/terraform/README.md deleted file mode 100644 index cafa9e5a..00000000 --- a/terraform/README.md +++ /dev/null @@ -1,16 +0,0 @@ -Orange: [![Build Status](https://travis-ci.org/orange-cloudfoundry/paas-docker-cloudfoundry-tools.svg)](https://travis-ci.org/orange-cloudfoundry/paas-docker-cloudfoundry-tools) -AlphaGov: [![Build Status](https://travis-ci.org/alphagov/paas-docker-cloudfoundry-tools.svg)](https://travis-ci.org/alphagov/paas-docker-cloudfoundry-tools) - -# docker-terraform - -This container allows you to run Terraform inside a Docker container with plugins already downloaded. - -## How to run and build - -- ```docker build -t terraform .``` - -## How to run it - -``` -docker run -ti terraform terraform -``` diff --git a/terraform/plugin_cache.tf b/terraform/plugin_cache.tf deleted file mode 100644 index fbfb5e3e..00000000 --- a/terraform/plugin_cache.tf +++ /dev/null @@ -1,40 +0,0 @@ -provider "flexibleengine" { -version = "~> 1.11.1" -} -provider "gitlab" { -version = "~> 1.0.0" -} -provider "grafana" { -version = "~> 1.5.0" -} -provider "http" { -version = "~> 1.1.1" -} -provider "local" { -version = "~> 1.4.0" -} -provider "null" { -version = "1.0.0" -} -provider "openstack" { -version = "~> 1.25.0" -} -provider "powerdns" { -version = "~> 1.3.0" -} -provider "template" { -version = "1.0.0" -} - -# Orange provider -provider "credhub" { - version = "~> 0.13.0" -} -provider "cloudfoundry" { - version = "~> 0.11.2" -} - -# Community provider -provider "uaa" { - version = "~> 0.9.0" -} diff --git a/terraform/terraform_spec.rb b/terraform/terraform_spec.rb deleted file mode 100644 index ea2845bd..00000000 --- a/terraform/terraform_spec.rb +++ /dev/null @@ -1,89 +0,0 @@ -require 'spec_helper' -require 'docker' -require 'serverspec' - -describe "Terraform image" do - before(:all) { - set :docker_image, find_image_id('terraform:latest') - @terraform_version_output = command("terraform version").stdout - } - - it "installs Alpine" do - expect(command("cat /etc/issue | head -1").stdout).to include("Alpine Linux") - end - - it "installs Root Certificates" do - expect(file("/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA.crt")).to be_file - end - - it "installs plugin cache" do - expect(file("/tmp/plugin_cache.tf")).to be_file - end - - it "has the expected Terraform version" do - expect(@terraform_version_output).to match("Terraform v0.11.14$") - end - - it "installs SSH" do - expect( - command("ssh -V").stderr.strip - ).to include("OpenSSH") - end - - it "has the plugins already downloaded" do - expect( - command("cd /tmp && terraform init").stdout.strip - ).to_not include("Downloading") - end - - it "disables interactive Terraform use" do - expect( - command("printenv TF_INPUT").stdout.strip - ).to eq("0") - end - - context "providers checks" do - let(:expected_plugin_error_message) { "This binary is a plugin. These are not meant to be executed directly.\nPlease execute the program that consumes these plugins, which will\nload any plugins automatically" } - - it "validates provider binaries execution" do - provider_binaries=command("cd /.terraform/plugins/linux_amd64; ls terraform-provider-*").stdout.strip - provider_binaries.each_line do |provider| - provider_execution= command("cd /.terraform/plugins/linux_amd64;./#{provider}").stderr.strip - expect(provider_execution).to eq(expected_plugin_error_message) - end - end - - it "has the local provider" do - expect(@terraform_version_output).to include("provider.local v1.4.0") - end - - it "has the openstack provider" do - expect(@terraform_version_output).to include("provider.openstack v1.25.0") - end - - it "has the powerdns provider" do - expect(@terraform_version_output).to include("provider.powerdns v1.3.0") - end - - it "has the credhub provider" do - expect(@terraform_version_output).to include("provider.credhub v0.13.0") - end - - it "has the cloudfoundry provider" do - expect(@terraform_version_output).to include("provider.cloudfoundry v0.11.2") - end - - it "has the uaa provider" do - expect(@terraform_version_output).to include("provider.uaa v0.9") - end - - it "has the flexibleengine provider" do - expect(@terraform_version_output).to include("provider.flexibleengine v1.11.1") - end - - it "has enough providers" do - EXPECTED_PROVIDER_COUNT = 12 - expect(@terraform_version_output.scan('provider.').length).to eq(EXPECTED_PROVIDER_COUNT) - end - end -end diff --git a/ubuntu/Dockerfile b/ubuntu/Dockerfile deleted file mode 100644 index 0f831a08..00000000 --- a/ubuntu/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM ubuntu:bionic - -ENV DEBIAN_FRONTEND=noninteractive -RUN apt update \ - && apt install -y \ - openssl \ - curl \ - ca-certificates \ - wget diff --git a/ubuntu/README.md b/ubuntu/README.md deleted file mode 100644 index cb15f439..00000000 --- a/ubuntu/README.md +++ /dev/null @@ -1,14 +0,0 @@ -Provides Ubuntu. See the Dockerfile to check which version. - -This is primarily here to mirror the version from dockerhub. The -purpose is to get that container onto GitHub Container Registry, to -workaround rate limits and make our production use a bit safer. - -Additionally, installs some base crypto / net dependencies - -## Build locally - -``` -$ cd ubuntu -$ docker build -t ubuntu . -```