Merge pull request #7 from fullstack-devops/feature/fullstacked-container

add fullstacked image + docs

Author: eksrha

.github/FUNDING.yml

@@ -0,0 +1,12 @@
+# These are supported funding model platforms
+
+github: [eksrha] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+otechie: # Replace with a single Otechie username
+custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

.github/workflows/build-pr.yml

@@ -49,7 +49,9 @@ jobs:
 
       - name: link child image to current pr
         run: |
-          sed -i --expression "s@FROM.*@FROM ${{ env.IMAGE_BASE }}:base-pr-${{ github.event.pull_request.number }}@g" images/ansible-k8s/Dockerfile
+          sed -i --expression "s@FROM.*@FROM ${{ env.IMAGE_BASE }}:base-pr-${{ github.event.pull_request.number }}@g" \
+          images/ansible-k8s/Dockerfile \
+          images/fullstacked/Dockerfile
 
       - name: Build github-actions-runner:ansible-k8s
         uses: docker/build-push-action@v2
@@ -58,3 +60,11 @@ jobs:
           push: true
           tags: |
             ${{ env.IMAGE_BASE }}:ansible-k8s-pr-${{ github.event.pull_request.number }}
+
+      - name: Build github-actions-runner:fullstacked
+        uses: docker/build-push-action@v2
+        with:
+          context: ./images/fullstacked
+          push: true
+          tags: |
+            ${{ env.IMAGE_BASE }}:fullstacked-pr-${{ github.event.pull_request.number }}

.github/workflows/cleanup-pr.yml

@@ -9,24 +9,34 @@ jobs:
     name: Delete image from ghcr.io
     runs-on: ubuntu-latest
     steps:
-      - name: Delete base image
+      - name: Delete github-actions-runner:base
         uses: bots-house/[email protected]
         with:
           owner: ${{ github.repository_owner }}
           name: github-actions-runner
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.GH_DEL_IMAGE_PAT }}
           tag: base-pr-${{ github.event.pull_request.number }}
-      - name: Delete kaniko-sidecar image
+
+      - name: Delete github-actions-runner:kaniko-sidecar
         uses: bots-house/[email protected]
         with:
           owner: ${{ github.repository_owner }}
           name: github-actions-runner
-          token: ${{ secrets.GITHUB_TOKEN }}
+          token: ${{ secrets.GH_DEL_IMAGE_PAT }}
           tag: kaniko-sidecar-pr-${{ github.event.pull_request.number }}
-      - name: Delete kaniko-sidecar image
+
+      - name: Delete github-actions-runner:ansible-k8s
+        uses: bots-house/[email protected]
+        with:
+          owner: ${{ github.repository_owner }}
+          name: github-actions-runner
+          token: ${{ secrets.GH_DEL_IMAGE_PAT }}
+          tag: ansible-k8s-pr-${{ github.event.pull_request.number }}
+
+      - name: Delete github-actions-runner:fullstacked
         uses: bots-house/[email protected]
         with:
           owner: ${{ github.repository_owner }}
           name: github-actions-runner
-          token: ${{ secrets.GITHUB_TOKEN }}
-          tag: ansible-k8s-pr-${{ github.event.pull_request.number }}
+          token: ${{ secrets.GH_DEL_IMAGE_PAT }}
+          tag: fullstacked-pr-${{ github.event.pull_request.number }}

.github/workflows/create-release.yml

@@ -58,7 +58,9 @@ jobs:
 
       - name: link child image to current version
         run: |
-          sed -i --expression "s@FROM.*@FROM ${{ env.IMAGE_BASE }}:base-${{ needs.create_release.outputs.version }}@g" images/ansible-k8s/Dockerfile
+          sed -i --expression "s@FROM.*@FROM ${{ env.IMAGE_BASE }}:base-${{ needs.create_release.outputs.version }}@g" \
+          images/ansible-k8s/Dockerfile \
+          images/fullstacked/Dockerfile
 
       - name: Build github-actions-runner:ansible-k8s
         uses: docker/build-push-action@v2
@@ -69,6 +71,15 @@ jobs:
             ${{ env.IMAGE_BASE }}:ansible-k8s-latest
             ${{ env.IMAGE_BASE }}:ansible-k8s-${{needs.create_release.outputs.version}}
 
+      - name: Build github-actions-runner:fullstacked
+        uses: docker/build-push-action@v2
+        with:
+          context: ./images/fullstacked
+          push: true
+          tags: |
+            ${{ env.IMAGE_BASE }}:fullstacked-latest
+            ${{ env.IMAGE_BASE }}:fullstacked-${{needs.create_release.outputs.version}}
+
   publish_release:
     runs-on: ubuntu-latest
     needs: [create_release, build]

README.md

@@ -1,12 +1,20 @@
 # github-runner-base
-Base Image for github runner images in repo @fullstack-devops/github-runner. Can also be used as standalone image.
+Container images with Github Actions Runner. Different flavored images with preinstalled tools and software for builds with limited internet access and non root privileges.
+
+Ideal for building software in enterprise environments of large organizations that often restrict internet access.
+Software builds can be built there using a [Nexus Repository](https://de.sonatype.com/products/repository-oss) or [JFrog Artifactory](https://jfrog.com/de/artifactory/)
+
+Support: If you need help or a feature just open an issue!
 
 Available Containers:
-| Name                                                                   | Description                                                                                                            |
-|------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|
-| `ghcr.io/fullstack-devops/github-actions-runner:base-latest`           | Base runner with nothing fancy installed                                                                               |
-| `ghcr.io/fullstack-devops/github-actions-runner:kaniko-sidecar-latest` | Sidecar used by Runner to build containers without root privileges                                                     |
-| `ghcr.io/fullstack-devops/github-actions-runner:ansible-k8s-latest`    | Rrunner with ansible, kubectl and helm installed <br> For more Details see [Dockerfile](images/ansible-k8s/Dockerfile) |
+| Name (tag)              | Installed Tools/ Software                                                                                 | Description                                                                                                                      |
+|-------------------------|-----------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------|
+| `base-latest`           | libffi-dev, libicu-dev, build-essential, libssl-dev, ca-certificates, jq, sed, grep, git, curl, wget, zip | Base runner with nothing fancy installed <br> [Dockerfile](images/base/Dockerfile)                                               |
+| `kaniko-sidecar-latest` | kaniko                                                                                                    | Sidecar used by other runner images to build containers without root privileges                                                               |
+| `ansible-k8s-latest`    | base-image + ansible, helm, kubectl                                                                       | Runner specialized for automated k8s deployments via ansible <br> For more Details see [Dockerfile](images/ansible-k8s/Dockerfile)            |
+| `fullstacked-latest`    | base-image + maven, openjdk-11, nodejs, go, yarn, angular/cli, helm                                       | Runner with a bunch of tools to build your hole application<br> For more Details see [Dockerfile](images/fullstacked/Dockerfile) |
+
+> Hint: `latest can be replaced with an spezfic release version for more stability`
 
 ---
 

images/base/Dockerfile

@@ -52,8 +52,8 @@ RUN useradd -m $USERNAME \
 # Install github runner
 RUN export ARCH=$(/helper-scripts/translate-aarch.sh x-short) \
   && curl -L -O https://github.com/actions/runner/releases/download/v${GH_RUNNER_VERSION}/actions-runner-linux-${ARCH}-${GH_RUNNER_VERSION}.tar.gz \
-  && tar -zxf actions-runner-linux-x64-${GH_RUNNER_VERSION}.tar.gz \
-  && rm -f actions-runner-linux-x64-${GH_RUNNER_VERSION}.tar.gz \
+  && tar -zxf actions-runner-linux-${ARCH}-${GH_RUNNER_VERSION}.tar.gz \
+  && rm -f actions-runner-linux-${ARCH}-${GH_RUNNER_VERSION}.tar.gz \
   && ./bin/installdependencies.sh \
   && cd ./bin \
   && apt-get clean

images/fullstacked/Dockerfile

@@ -0,0 +1,40 @@
+FROM ghcr.io/fullstack-devops/github-actions-runner:base-latest
+
+USER root
+# install packages along with jq so we can parse JSON
+# add additional packages as necessary
+ARG PACKAGES="openjdk-11-jdk maven nodejs"
+
+RUN apt-get update \
+  && curl -fsSL https://deb.nodesource.com/setup_lts.x | bash - \
+  && apt-get install -y --no-install-recommends ${PACKAGES} \
+  && rm -rf /var/lib/apt/lists/* \
+  && apt-get clean
+
+ENV GH_RUNNER_LABELS="ubuntu-20.04,maven,openjdk-11,nodejs,go,yarn,helm"
+ARG HELM_VERSION=3.6.3
+ARG GO_VERSION=1.17.3
+
+# Install helm
+RUN export ARCH=$(/helper-scripts/translate-aarch.sh a-short) \
+  && wget -q https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCH}.tar.gz -O - | tar -xzO linux-${ARCH}/helm > /usr/local/bin/helm \
+  && chmod +x /usr/local/bin/helm
+
+# install build tools for golang
+RUN export ARCH=$(/helper-scripts/translate-aarch.sh a-short) \
+  && wget https://golang.org/dl/go${GO_VERSION}.linux-${ARCH}.tar.gz -O /usr/local/src/go.linux.tar.gz \
+  && tar -xf /usr/local/src/go.linux.tar.gz \
+  && rm -rf /usr/local/src/go.linux.tar.gz \
+  && ln -s /usr/local/src/go/bin/go /usr/local/bin/
+
+# install npm tools: yarn
+RUN npm install --global yarn @angular/cli@13
+
+RUN mkdir -p /home/${USERNAME}/.m2/ \
+  && chown -R ${USERNAME} /home/${USERNAME}
+USER ${USERNAME}
+
+# install helm plugins helm push, appr && diff
+RUN helm plugin install --version 0.10.2 https://github.com/chartmuseum/helm-push.git \
+  && helm plugin install --version 0.7.0 https://github.com/app-registry/appr-helm-plugin.git \
+  && helm plugin install --version 3.4.2 https://github.com/databus23/helm-diff