|
| 1 | +FROM redhat/ubi10 |
| 2 | + |
| 3 | +ARG ant_version="1.10.15" |
| 4 | +ARG ant_512checksum="1de7facbc9874fa4e5a2f045d5c659f64e0b89318c1dbc8acc6aae4595c4ffaf90a7b1ffb57f958dd08d6e086d3fff07aa90e50c77342a0aa5c9b4c36bff03a9" |
| 5 | + |
| 6 | +# Install Base Requirements |
| 7 | +RUN dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-10.noarch.rpm |
| 8 | +RUN dnf -y update && dnf install -y unzip zip epel-release openssl gpg |
| 9 | +# Install Additional Repos |
| 10 | +RUN curl -o /tmp/gpgkey.rpm 'https://mirror.stream.centos.org/10-stream/BaseOS/x86_64/os/Packages/centos-gpg-keys-10.0-8.el10.noarch.rpm' |
| 11 | +ARG EXPECTED_CHECKSUM=8ccfb83b742adad37de4e5e7f323510a760586263d4ebb0a8ed5fca393c7a9d4 |
| 12 | +RUN ACTUAL_CHECKSUM=$(sha256sum /tmp/gpgkey.rpm | awk '{print $1}') \ |
| 13 | + && if [ "$ACTUAL_CHECKSUM" != "$EXPECTED_CHECKSUM" ]; then \ |
| 14 | + echo "Checksum mismatch! Aborting installation."; \ |
| 15 | + exit 1; \ |
| 16 | + fi |
| 17 | +RUN rpm -i '/tmp/gpgkey.rpm' |
| 18 | +RUN curl -o /tmp/centosrepos.rpm 'https://mirror.stream.centos.org/10-stream/BaseOS/x86_64/os/Packages/centos-stream-repos-10.0-8.el10.noarch.rpm' |
| 19 | +ARG REPO_CHECKSUM=388bf4085af2b250c9f93ee049b3d031442cf36ee67adbf65edcbcec0caf881a |
| 20 | +RUN ACTUAL_CHECKSUM=$(sha256sum /tmp/centosrepos.rpm | awk '{print $1}') \ |
| 21 | + && if [ "$ACTUAL_CHECKSUM" != "$REPO_CHECKSUM" ]; then \ |
| 22 | + echo "Checksum mismatch! Aborting installation."; \ |
| 23 | + exit 1; \ |
| 24 | + fi |
| 25 | +RUN rpm -i '/tmp/centosrepos.rpm' |
| 26 | +# Get latest jdk21 ga JRE |
| 27 | +RUN curl -sL -o /tmp/jdk21.sig `curl -s 'https://api.adoptium.net/v3/assets/feature_releases/21/ga?architecture=x64&heap_size=normal&image_type=jre&jvm_impl=hotspot&os=linux&page=0&page_size=1&project=jdk&vendor=eclipse' | grep signature_link | awk '{split($0,a,"\""); print a[4]}'` |
| 28 | +RUN gpg --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B |
| 29 | +RUN mkdir -p /usr/lib/jvm/jdk21 |
| 30 | +RUN curl -sL 'https://api.adoptium.net/v3/binary/latest/21/ga/linux/x64/jre/hotspot/normal/eclipse?project=jdk' | tee >(tar xpfz - -C /usr/lib/jvm/jdk21 --strip-components=2) | gpg --verify /tmp/jdk21.sig - |
| 31 | +# Install ant |
| 32 | +RUN curl -o /tmp/ant.zip 'https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.15-bin.zip' && \ |
| 33 | + curl -Lo /tmp/ant-contrib.tgz https://sourceforge.net/projects/ant-contrib/files/ant-contrib/ant-contrib-1.0b2/ant-contrib-1.0b2-bin.tar.gz && \ |
| 34 | + echo "$ant_512checksum /tmp/ant.zip" > /tmp/ant.sha512 && \ |
| 35 | + echo "0fd2771dca2b8b014a4cb3246715b32e20ad5d26754186d82eee781507a183d5e63064890b95eb27c091c93c1209528a0b18a6d7e6901899319492a7610e74ad /tmp/ant-contrib.tgz" >> /tmp/ant.sha512 && \ |
| 36 | + sha512sum --check --strict /tmp/ant.sha512 && \ |
| 37 | + unzip -q -d /usr/local /tmp/ant.zip && \ |
| 38 | + tar xpfz /tmp/ant-contrib.tgz -C /usr/local/apache-ant-$ant_version/lib --strip-components=2 ant-contrib/lib/ant-contrib.jar && \ |
| 39 | + ln -s /usr/local/apache-ant-$ant_version/bin/ant /usr/bin/ant |
| 40 | +# Housekeep Downloaded Archives |
| 41 | +RUN rm /tmp/ant.zip /tmp/ant-contrib.tgz /tmp/gpgkey.rpm |
| 42 | + |
| 43 | +# Set up jenkins user |
| 44 | +RUN useradd -m -d /home/jenkins jenkins && \ |
| 45 | + mkdir /home/jenkins/.ssh && \ |
| 46 | + echo "Jenkins_User_SSHKey" > /home/jenkins/.ssh/authorized_keys && \ |
| 47 | + chown -R jenkins /home/jenkins/.ssh && \ |
| 48 | + chmod -R og-rwx /home/jenkins/.ssh |
| 49 | + |
| 50 | +RUN dnf install -y perl; |
| 51 | +# turbojpeg needed as prereq for weston but it's not the UBI CRB repo so pull from CS10 one |
| 52 | +RUN dnf install -y --enablerepo=crb turbojpeg |
| 53 | +RUN dnf install -y git make gcc weston xwayland-run libXrender libXi libXtst fontconfig fakeroot procps-ng hostname diffutils shared-mime-info |
| 54 | +RUN dnf install -y coreutils --allowerasing curl |
| 55 | +# Install SSL Test packages |
| 56 | +RUN dnf install -y gnutls gnutls-utils nss nss-tools |
| 57 | +RUN dnf install -y openssh-server |
| 58 | +RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -P "" |
| 59 | +# RUN service ssh start |
| 60 | +CMD ["/usr/sbin/sshd","-D"] |
| 61 | +ENTRYPOINT ["/bin/bash"] |
| 62 | +EXPOSE 22 |
| 63 | +# Start with docker run -p 2222:22 UUID |
0 commit comments