stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
b4fc66feb6f1c992cf5f0de8925698a9c89e17f6
git.stella-ops.org/devops/docker/Dockerfile.ci

163 lines
5.9 KiB
Docker
Raw Blame History

# Dockerfile.ci - Local CI testing container matching Gitea runner environment
# Sprint: SPRINT_20251226_006_CICD
#
# Usage:
# docker build -t stellaops-ci:local -f devops/docker/Dockerfile.ci .
# docker run --rm -v $(pwd):/src stellaops-ci:local ./devops/scripts/test-local.sh
FROM ubuntu:22.04
LABEL org.opencontainers.image.title="StellaOps CI"
LABEL org.opencontainers.image.description="Local CI testing environment matching Gitea runner"
LABEL org.opencontainers.image.source="https://git.stella-ops.org/stella-ops.org/git.stella-ops.org"
# Environment variables
ENV DEBIAN_FRONTEND=noninteractive
ENV DOTNET_VERSION=10.0.100
ENV NODE_VERSION=20
ENV HELM_VERSION=3.16.0
ENV COSIGN_VERSION=2.2.4
ENV TZ=UTC
# Disable .NET telemetry
ENV DOTNET_NOLOGO=1
ENV DOTNET_CLI_TELEMETRY_OPTOUT=1
# .NET paths
ENV DOTNET_ROOT=/usr/share/dotnet
ENV PATH="/usr/share/dotnet:/root/.dotnet/tools:${PATH}"
# ===========================================================================
# BASE DEPENDENCIES
# ===========================================================================
RUN apt-get update && apt-get install -y --no-install-recommends \
# Core utilities
curl \
wget \
gnupg2 \
ca-certificates \
git \
unzip \
jq \
# Build tools
build-essential \
# Cross-compilation
binutils-aarch64-linux-gnu \
# Python (for scripts)
python3 \
python3-pip \
# .NET dependencies
libicu70 \
# Locales
locales \
&& rm -rf /var/lib/apt/lists/*
# ===========================================================================
# DOCKER CLI & COMPOSE (from official Docker repo)
# ===========================================================================
RUN install -m 0755 -d /etc/apt/keyrings \
&& curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc \
&& chmod a+r /etc/apt/keyrings/docker.asc \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu jammy stable" > /etc/apt/sources.list.d/docker.list \
&& apt-get update \
&& apt-get install -y --no-install-recommends docker-ce-cli docker-compose-plugin \
&& rm -rf /var/lib/apt/lists/* \
&& docker --version
# Set locale
RUN locale-gen en_US.UTF-8
ENV LANG=en_US.UTF-8
ENV LANGUAGE=en_US:en
ENV LC_ALL=en_US.UTF-8
# ===========================================================================
# POSTGRESQL CLIENT 16
# ===========================================================================
RUN curl -fsSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor -o /usr/share/keyrings/postgresql-archive-keyring.gpg \
&& echo "deb [signed-by=/usr/share/keyrings/postgresql-archive-keyring.gpg] http://apt.postgresql.org/pub/repos/apt jammy-pgdg main" > /etc/apt/sources.list.d/pgdg.list \
&& apt-get update \
&& apt-get install -y --no-install-recommends postgresql-client-16 \
&& rm -rf /var/lib/apt/lists/*
# ===========================================================================
# .NET 10 SDK
# ===========================================================================
RUN curl -fsSL https://dot.net/v1/dotnet-install.sh -o /tmp/dotnet-install.sh \
&& chmod +x /tmp/dotnet-install.sh \
&& /tmp/dotnet-install.sh --version ${DOTNET_VERSION} --install-dir /usr/share/dotnet \
&& rm /tmp/dotnet-install.sh \
&& dotnet --version
# Install common .NET tools
RUN dotnet tool install -g trx2junit \
&& dotnet tool install -g dotnet-reportgenerator-globaltool
# ===========================================================================
# NODE.JS 20
# ===========================================================================
RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
&& apt-get install -y --no-install-recommends nodejs \
&& rm -rf /var/lib/apt/lists/* \
&& node --version \
&& npm --version
# ===========================================================================
# HELM 3.16.0
# ===========================================================================
RUN curl -fsSL https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz | \
tar -xzf - -C /tmp \
&& mv /tmp/linux-amd64/helm /usr/local/bin/helm \
&& rm -rf /tmp/linux-amd64 \
&& helm version
# ===========================================================================
# COSIGN
# ===========================================================================
RUN curl -fsSL https://github.com/sigstore/cosign/releases/download/v${COSIGN_VERSION}/cosign-linux-amd64 \
-o /usr/local/bin/cosign \
&& chmod +x /usr/local/bin/cosign \
&& cosign version
# ===========================================================================
# SYFT (SBOM generation)
# ===========================================================================
RUN curl -fsSL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
# ===========================================================================
# SETUP
# ===========================================================================
WORKDIR /src
# Create non-root user for safer execution (optional)
RUN useradd -m -s /bin/bash ciuser \
&& mkdir -p /home/ciuser/.dotnet/tools \
&& chown -R ciuser:ciuser /home/ciuser
# Health check script
RUN printf '%s\n' \
'#!/bin/bash' \
'set -e' \
'echo "=== CI Environment Health Check ==="' \
'echo "OS: $(cat /etc/os-release | grep PRETTY_NAME | cut -d= -f2)"' \
'echo ".NET: $(dotnet --version)"' \
'echo "Node: $(node --version)"' \
'echo "npm: $(npm --version)"' \
'echo "Helm: $(helm version --short)"' \
'echo "Cosign: $(cosign version 2>&1 | head -1)"' \
'echo "Docker: $(docker --version 2>/dev/null || echo Not available)"' \
'echo "PostgreSQL client: $(psql --version)"' \
'echo "=== All checks passed ==="' \
> /usr/local/bin/ci-health-check \
&& chmod +x /usr/local/bin/ci-health-check
ENTRYPOINT ["/bin/bash"]
Reference in New Issue View Git Blame Copy Permalink