hassio-addons/addon-base
1
0
Fork 0
mirror of https://github.com/hassio-addons/addon-base.git synced 2025-05-03 18:31:26 +00:00
Code Issues Projects Releases Packages Wiki Activity

🚀 Improves the build system (#23)

Browse source 
* 🚀 Improves the build system

* ⬆️ Upgrades Hadolint to latest

* 👕 Fixes Hadolint warnings

* 🚑 Fixes the incorrect shell

* 👕 Fixes hadolint warnings

* 👕 Fixes hadolint warnings

* 🚑 Temporary work around for hadolint/hadolint#234

* 👕 Fixes yamllint warnings
This commit is contained in:
Franck Nijhof 2018-07-06 20:53:14 +02:00 committed by GitHub
parent a04b58a284
commit da4a397fc0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 184 additions and 82 deletions
Download patch file Download diff file Expand all files Collapse all files

241
.gitlab-ci.yml
View file

@ -1,5 +1,5 @@
--- ---
image: docker:stable image: docker:latest
variables: variables:
ADDON_GITHUB_REPO: hassio-addons/addon-base ADDON_GITHUB_REPO: hassio-addons/addon-base
@ -13,12 +13,12 @@ stages:
- build - build
- scan - scan
- deploy - deploy
- manifest
# Generic DIND template # Generic DIND template
.dind: &dind .dind: &dind
before_script: before_script:
- docker info - docker info
- docker login -u gitlab-ci-token -p "${CI_JOB_TOKEN}" registry.gitlab.com
services: services:
- name: docker:dind - name: docker:dind
command: ["--experimental"] command: ["--experimental"]
@ -33,33 +33,43 @@ stages:
.build: &build .build: &build
<<: *dind <<: *dind
stage: build stage: build
script: before_script:
- docker info
- |
echo "${CI_JOB_TOKEN}" | docker login \
--username gitlab-ci-token \
--password-stdin \
registry.gitlab.com
- docker pull "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:cache" || true
- |
if [ "$(apk --print-arch)" = "amd64" ]; then
docker run --rm --privileged hassioaddons/qemu-user-static:latest
fi
- apk --no-cache add curl - apk --no-cache add curl
script:
- | - |
curl -L -s \ if [ "$(apk --print-arch)" = "aarch64" ]; then
"https://github.com/hassio-addons/qemu-user-static/releases/download/v2.12.0/qemu-aarch64-static.tar.gz" | \ curl -L -s \
tar zxvf - -C ./base/rootfs/usr/bin/ "https://github.com/hassio-addons/qemu-user-static/releases/download/v2.12.0/qemu-aarch64-static.tar.gz" | \
tar zxvf - -C ./base/rootfs/usr/bin/
fi
- | - |
curl -L -s \ if [ "$(apk --print-arch)" = "armhf" ]; then
"https://github.com/hassio-addons/qemu-user-static/releases/download/v2.12.0/qemu-arm-static.tar.gz" | \ curl -L -s \
tar zxvf - -C ./base/rootfs/usr/bin/ "https://github.com/hassio-addons/qemu-user-static/releases/download/v2.12.0/qemu-arm-static.tar.gz" | \
tar zxvf - -C ./base/rootfs/usr/bin/
fi
- | - |
docker run \ docker build \
--privileged \ --build-arg "BUILD_FROM=${FROM}" \
--volume /var/run/docker.sock:/var/run/docker.sock \ --build-arg "BUILD_DATE=$(date +"%Y-%m-%dT%H:%M:%SZ")" \
--volume "$PWD":/docker \ --build-arg "BUILD_ARCH=${ADDON_ARCH}" \
hassioaddons/build-env:latest \ --build-arg "BUILD_REF=${CI_COMMIT_SHA}" \
--image "addon" \ --build-arg "BUILD_VERSION=${CI_COMMIT_TAG:-${CI_COMMIT_SHA:0:7}}" \
--no-cache \ --cache-from "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:cache" \
--git-url "https://github.com/${ADDON_GITHUB_REPO}" \ --tag \
--target "${ADDON_TARGET}" \ "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}" \
--tag-latest \ "${ADDON_TARGET}"
--git \
--${ADDON_ARCH}
- |
docker tag \
"addon:latest" \
"registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
- | - |
docker push \ docker push \
"registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}" "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
@ -113,44 +123,109 @@ stages:
<<: *dind <<: *dind
stage: deploy stage: deploy
before_script: before_script:
- apk --no-cache add curl
- docker info - docker info
- docker login -u gitlab-ci-token -p "${CI_JOB_TOKEN}" registry.gitlab.com
- docker pull "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}" - docker pull "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}"
- docker pull hassioaddons/build-env:latest
- | - |
curl -L -s \ echo "${CI_JOB_TOKEN}" | docker login \
"https://github.com/hassio-addons/qemu-user-static/releases/download/v2.12.0/qemu-aarch64-static.tar.gz" | \ --username gitlab-ci-token \
tar zxvf - -C ./base/rootfs/usr/bin/ --password-stdin \
registry.gitlab.com
- | - |
curl -L -s \ echo "${DOCKER_PASSWORD}" | docker login \
"https://github.com/hassio-addons/qemu-user-static/releases/download/v2.12.0/qemu-arm-static.tar.gz" | \ --username "${DOCKER_LOGIN}" \
tar zxvf - -C ./base/rootfs/usr/bin/ --password-stdin
script: script:
- | - |
docker run \ docker tag \
--privileged \ "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}" \
--volume /var/run/docker.sock:/var/run/docker.sock \ "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:cache"
--volume "$PWD":/docker \ - docker push "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:cache"
hassioaddons/build-env:latest \ - TAG="${CI_COMMIT_TAG#v}"
--image "${DOCKER_HUB_ORG}/${ADDON_SLUG}-${ADDON_ARCH}" \ - TAG="${TAG:-${CI_COMMIT_SHA:0:7}}"
--cache-from "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}" \ - |
--cache-tag "${CI_COMMIT_SHA}" \ docker tag \
--git-url "https://github.com/${ADDON_GITHUB_REPO}" \ "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}" \
--target "${ADDON_TARGET}" \ "${DOCKER_HUB_ORG}/${ADDON_SLUG}:${ADDON_ARCH}-${TAG}"
--login "${DOCKER_LOGIN}" \ - |
--password "${DOCKER_PASSWORD}" \ docker push \
--git \ "${DOCKER_HUB_ORG}/${ADDON_SLUG}:${ADDON_ARCH}-${TAG}"
--push \ - |
--squash \ docker tag \
--${ADDON_ARCH} "registry.gitlab.com/${CI_PROJECT_PATH}/${ADDON_ARCH}:${CI_COMMIT_SHA}" \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}-${ADDON_ARCH}:${TAG}"
- |
docker push \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}-${ADDON_ARCH}:${TAG}"
tags: tags:
- deploy - deploy
only:
- master
- /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
except:
- /^(?!master).+@/
# Generic manifest template
.manifest: &manifest
<<: *dind
stage: manifest
before_script:
- mkdir -p ~/.docker
- echo '{"experimental":"enabled"}' > ~/.docker/config.json
- docker info
- |
echo "${DOCKER_PASSWORD}" | docker login \
--username "${DOCKER_LOGIN}" \
--password-stdin
script:
- TAG="${TAG#v}"
- TAG="${TAG:-${CI_COMMIT_SHA:0:7}}"
- REF="${CI_COMMIT_TAG#v}"
- REF="${REF:-${CI_COMMIT_SHA:0:7}}"
- |
docker manifest create \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}" \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:aarch64-${REF}" \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:amd64-${REF}" \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:armhf-${REF}" \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:i386-${REF}"
- |
docker manifest annotate \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}" \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:aarch64-${REF}" \
--os=linux \
--arch=arm64 \
--variant=v8
- |
docker manifest annotate \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}" \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:amd64-${REF}" \
--os=linux \
--arch=amd64
- |
docker manifest annotate \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}" \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:armhf-${REF}" \
--os=linux \
--arch=arm \
--variant=v6
- |
docker manifest annotate \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}" \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:i386-${REF}" \
--os=linux \
--arch=386
- |
docker manifest push \
"${DOCKER_HUB_ORG}/${ADDON_SLUG}:${TAG}"
tags:
- manifest
except:
- /^(?!master).+@/
# Preflight jobs # Preflight jobs
hadolint: hadolint:
<<: *preflight <<: *preflight
image: hadolint/hadolint:v1.6.6 image: hadolint/hadolint:latest-debian
before_script: before_script:
- hadolint --version - hadolint --version
script: script:
@ -222,21 +297,37 @@ build:armhf:
<<: *build <<: *build
variables: variables:
ADDON_ARCH: armhf ADDON_ARCH: armhf
FROM: arm32v6/alpine:3.8
tags:
- build
- armhf
build:aarch64: build:aarch64:
<<: *build <<: *build
variables: variables:
ADDON_ARCH: aarch64 ADDON_ARCH: aarch64
FROM: arm64v8/alpine:3.8
tags:
- build
- aarch64
build:i386: build:i386:
<<: *build <<: *build
variables: variables:
ADDON_ARCH: i386 ADDON_ARCH: i386
FROM: i386/alpine:3.8
tags:
- build
- i386
build:amd64: build:amd64:
<<: *build <<: *build
variables: variables:
ADDON_ARCH: amd64 ADDON_ARCH: amd64
FROM: amd64/alpine:3.8
tags:
- build
- amd64
# Scan jobs # Scan jobs
clair:armhf: clair:armhf:
@ -264,38 +355,52 @@ deploy:armhf:
<<: *deploy <<: *deploy
variables: variables:
ADDON_ARCH: armhf ADDON_ARCH: armhf
only:
- master
- /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
except:
- /^(?!master).+@/
deploy:aarch64: deploy:aarch64:
<<: *deploy <<: *deploy
variables: variables:
ADDON_ARCH: aarch64 ADDON_ARCH: aarch64
only:
- master
- /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
except:
- /^(?!master).+@/
deploy:i386: deploy:i386:
<<: *deploy <<: *deploy
variables: variables:
ADDON_ARCH: i386 ADDON_ARCH: i386
only:
- master
- /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
except:
- /^(?!master).+@/
deploy:amd64: deploy:amd64:
<<: *deploy <<: *deploy
variables: variables:
ADDON_ARCH: amd64 ADDON_ARCH: amd64
# Manifest jobs
manifest:sha:
<<: *manifest
only: only:
- master - master
manifest:version:
<<: *manifest
variables:
TAG: "${CI_COMMIT_TAG}"
only:
- /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/ - /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
except:
- /^(?!master).+@/ manifest:stable:
<<: *manifest
variables:
TAG: latest
only:
- /^v\d+\.\d+\.\d+(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?$/
manifest:beta:
<<: *manifest
variables:
TAG: beta
only:
- /^v\d+\.\d+\.\d+(?:-(?:beta|rc)(?:(?:(?:\+|\.)?[a-zA-Z0-9]+)*)?)?$/
manifest:edge:
<<: *manifest
variables:
TAG: edge
only:
- master

3
.hadolint.yaml Normal file
View file

@ -0,0 +1,3 @@
---
ignored:
- SC2187

22
base/Dockerfile
View file

@ -14,10 +14,15 @@ ENV \
# Copy root filesystem # Copy root filesystem
COPY rootfs / COPY rootfs /
# Set shell
SHELL ["/bin/ash", "-o", "pipefail", "-c"]
# Install base system # Install base system
ARG BUILD_ARCH=amd64 ARG BUILD_ARCH=amd64
RUN \ RUN \
echo '@edge http://dl-cdn.alpinelinux.org/alpine/edge/main' >> /etc/apk/repositories \ set -o pipefail \
\
&& echo '@edge http://dl-cdn.alpinelinux.org/alpine/edge/main' >> /etc/apk/repositories \
&& echo '@edge http://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories \ && echo '@edge http://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories \
&& echo '@edge http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/repositories \ && echo '@edge http://dl-cdn.alpinelinux.org/alpine/edge/testing' >> /etc/apk/repositories \
\ \
@ -35,7 +40,7 @@ RUN \
musl=1.1.19-r10 \ musl=1.1.19-r10 \
tzdata=2018d-r1 \ tzdata=2018d-r1 \
\ \
&& if [[ "${BUILD_ARCH}" = "i386" ]]; then S6_ARCH="x86"; else S6_ARCH="${BUILD_ARCH}"; fi \ && if [ "${BUILD_ARCH}" = "i386" ]; then S6_ARCH="x86"; else S6_ARCH="${BUILD_ARCH}"; fi \
\ \
&& curl -L -s "https://github.com/just-containers/s6-overlay/releases/download/v1.21.4.0/s6-overlay-${S6_ARCH}.tar.gz" \ && curl -L -s "https://github.com/just-containers/s6-overlay/releases/download/v1.21.4.0/s6-overlay-${S6_ARCH}.tar.gz" \
| tar zxvf - -C / \ | tar zxvf - -C / \
@ -44,22 +49,11 @@ RUN \
&& mkdir -p /etc/services.d \ && mkdir -p /etc/services.d \
\ \
&& apk del --purge .build-dependencies \ && apk del --purge .build-dependencies \
\
&& \
if [[ "${BUILD_ARCH}" != "armhf" ]]; then \
rm -f /usr/bin/qemu-arm-static; \
fi \
\
&& \
if [[ "${BUILD_ARCH}" != "aarch64" ]]; then \
rm -f /usr/bin/qemu-aarch64-static; \
fi \
\
&& rm -f -r \ && rm -f -r \
/tmp/* /tmp/*
# Entrypoint & CMD # Entrypoint & CMD
ENTRYPOINT [ "/init" ] ENTRYPOINT ["/init"]
# Build arugments # Build arugments
ARG BUILD_DATE ARG BUILD_DATE