-
-
Notifications
You must be signed in to change notification settings - Fork 89
/
Dockerfile
111 lines (92 loc) · 4.51 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
FROM alpine
ARG ARCH
# Ignore to update versions here
# docker build --no-cache --build-arg KUBECTL_VERSION=${tag} --build-arg HELM_VERSION=${helm} --build-arg KUSTOMIZE_VERSION=${kustomize_version} -t ${image}:${tag} .
ARG HELM_VERSION=3.2.1
ARG KUBECTL_VERSION=1.17.5
ARG KUSTOMIZE_VERSION=v3.8.1
ARG KUBESEAL_VERSION=0.18.1
ARG KREW_VERSION=v0.4.4
ARG VALS_VERSION=0.28.1
ARG KUBECONFORM_VERSION=0.6.3
# Install helm (latest release)
# ENV BASE_URL="https://storage.googleapis.com/kubernetes-helm"
RUN case `uname -m` in \
x86_64) ARCH=amd64; ;; \
armv7l) ARCH=arm; ;; \
aarch64) ARCH=arm64; ;; \
ppc64le) ARCH=ppc64le; ;; \
s390x) ARCH=s390x; ;; \
*) echo "un-supported arch, exit ..."; exit 1; ;; \
esac && \
echo "export ARCH=$ARCH" > /envfile && \
cat /envfile
RUN . /envfile && echo $ARCH && \
apk add --update --no-cache curl ca-certificates bash git && \
curl -sL https://get.helm.sh/helm-v${HELM_VERSION}-linux-${ARCH}.tar.gz | tar -xvz && \
mv linux-${ARCH}/helm /usr/bin/helm && \
chmod +x /usr/bin/helm && \
rm -rf linux-${ARCH}
# add helm-diff
RUN helm plugin install https://github.com/databus23/helm-diff && rm -rf /tmp/helm-*
# add helm-unittest
RUN helm plugin install https://github.com/helm-unittest/helm-unittest && rm -rf /tmp/helm-*
# add helm-push
RUN helm plugin install https://github.com/chartmuseum/helm-push && \
rm -rf /tmp/helm-* \
/root/.local/share/helm/plugins/helm-push/testdata \
/root/.cache/helm/plugins/https-gh.neting.cc-chartmuseum-helm-push/testdata
# Install kubectl
RUN . /envfile && echo $ARCH && \
curl -sLO "https://dl.k8s.io/release/v${KUBECTL_VERSION}/bin/linux/${ARCH}/kubectl" && \
mv kubectl /usr/bin/kubectl && \
chmod +x /usr/bin/kubectl
# Install kustomize (latest release)
RUN . /envfile && echo $ARCH && \
curl -sLO https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2F${KUSTOMIZE_VERSION}/kustomize_${KUSTOMIZE_VERSION}_linux_${ARCH}.tar.gz && \
tar xvzf kustomize_${KUSTOMIZE_VERSION}_linux_${ARCH}.tar.gz && \
mv kustomize /usr/bin/kustomize && \
chmod +x /usr/bin/kustomize && \
rm kustomize_${KUSTOMIZE_VERSION}_linux_${ARCH}.tar.gz
# Install eksctl (latest version)
RUN . /envfile && echo $ARCH && \
curl -sL "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_${ARCH}.tar.gz" | tar xz -C /tmp && \
mv /tmp/eksctl /usr/bin && \
chmod +x /usr/bin/eksctl
# Install awscli
# Temp fix to allow system-wide package installation:
# https://stackoverflow.com/a/76540031/3671801
RUN apk add --update --no-cache py3-pip && \
pip3 install --break-system-packages --upgrade pip setuptools && \
pip3 install --break-system-packages awscli && \
pip3 cache purge
# Install jq
RUN apk add --update --no-cache jq yq
# https://docs.aws.amazon.com/eks/latest/userguide/install-aws-iam-authenticator.html
# Install aws-iam-authenticator (latest version)
RUN . /envfile && echo $ARCH && \
authenticator=$(curl -fs https://api.github.com/repos/kubernetes-sigs/aws-iam-authenticator/releases/latest | jq --raw-output '.name' | sed 's/^v//') && \
curl -fL https://github.com/kubernetes-sigs/aws-iam-authenticator/releases/download/v${authenticator}/aws-iam-authenticator_${authenticator}_linux_${ARCH} -o /usr/bin/aws-iam-authenticator && \
chmod +x /usr/bin/aws-iam-authenticator
# Install for envsubst
RUN apk add --update --no-cache gettext
# Install kubeseal
RUN . /envfile && echo $ARCH && \
curl -L https://github.com/bitnami-labs/sealed-secrets/releases/download/v${KUBESEAL_VERSION}/kubeseal-${KUBESEAL_VERSION}-linux-${ARCH}.tar.gz -o - | tar xz -C /usr/bin/ && \
chmod +x /usr/bin/kubeseal
# Install vals
RUN . /envfile && echo $ARCH && \
curl -L https://github.com/helmfile/vals/releases/download/v${VALS_VERSION}/vals_${VALS_VERSION}_linux_${ARCH}.tar.gz -o -| tar xz -C /usr/bin/ && \
chmod +x /usr/bin/vals
# Install krew (latest release)
RUN . /envfile && echo $ARCH && \
curl -fsSLO "https://github.com/kubernetes-sigs/krew/releases/download/v${KREW_VERSION}/krew-linux_${ARCH}.tar.gz" && \
tar zxvf krew-linux_${ARCH}.tar.gz && \
./krew-linux_${ARCH} install krew && \
echo 'export PATH=/root/.krew/bin:$PATH' >> ~/.bashrc && \
rm krew-linux_${ARCH}.tar.gz
# Install kubeconform
RUN . /envfile && echo $ARCH && \
curl -L https://github.com/yannh/kubeconform/releases/download/v${KUBECONFORM_VERSION}/kubeconform-linux-${ARCH}.tar.gz -o - | tar xz -C /usr/bin/ && \
chmod +x /usr/bin/kubeconform
WORKDIR /apps