From bdb10751efd28a8ecaff97c9c8ea37ab7d14c817 Mon Sep 17 00:00:00 2001 From: thehedhly Date: Fri, 19 Jan 2024 17:10:21 +0100 Subject: [PATCH 01/15] Refactor resources --- .github/workflows/.DS_Store | Bin 6148 -> 6148 bytes .github/workflows/ci.yml | 28 ++++++++++ .github/workflows/docker.yml | 41 -------------- .github/workflows/linter.yml | 20 +++++++ .github/workflows/release.yml | 41 -------------- .hadolint.yaml | 5 ++ .yamllint | 9 +++ Dockerfile | 100 +++++++++++++++++++++++----------- LICENSE | 2 +- README.md | 44 --------------- ansible.cfg | 16 ++++++ requirements.yml | 15 +++++ 12 files changed, 163 insertions(+), 158 deletions(-) create mode 100644 .github/workflows/ci.yml delete mode 100644 .github/workflows/docker.yml create mode 100644 .github/workflows/linter.yml delete mode 100644 .github/workflows/release.yml create mode 100644 .hadolint.yaml create mode 100644 .yamllint delete mode 100644 README.md create mode 100644 ansible.cfg create mode 100644 requirements.yml diff --git a/.github/workflows/.DS_Store b/.github/workflows/.DS_Store index 1a77fd30fdacbe4620fc21cdb98cbaf9d728692f..5008ddfcf53c02e82d7eee2e57c38e5672ef89f6 100644 GIT binary patch delta 71 zcmZoMXfc=|&Zs)EP;8=}A_oHyFfuR*Y-VI+W1lR*xN0*yhX4noDvn;s{+E6NT9) m8;G!M=H}qxU~J!*_?>w&zlfqB$N>sKoB+gNu-Q@MFf#yY+AN^} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..12a0d36 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,28 @@ +--- + +name: ci +on: + push: + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: 'Print docker version information' + run: | + docker --version + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: 'Login to Docker Hub' + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: 'Build and push' + uses: docker/build-push-action@v5 + with: + push: true + tags: thehedhly/ansible:latest + context: . + file: Dockerfile diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index 1542bf0..0000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,41 +0,0 @@ -name: Docker Image CI -on: - push: - branches-ignore: - - "master" -jobs: - build: - runs-on: ${{ matrix.os }} - strategy: - matrix: - include: - - os: ubuntu-20.04 #ubuntu-latest - - os: ubuntu-18.04 - steps: - # Checkout - - uses: actions/checkout@v2 - with: - # Full git history is needed to get a proper list of changed files within `super-linter` - fetch-depth: 0 - # Verbose - - name: Print full context - env: - GITHUB_CONTEXT: ${{ toJson(github) }} - run: echo "$GITHUB_CONTEXT" - - name: Print branch and repository - run: echo "Branch = ${GITHUB_REF##*/} | Repository = ${GITHUB_REPOSITORY#*/}" - # Linting - - name: Lint Dockerfile - uses: github/super-linter@v4 - env: - #VALIDATE_ALL_CODEBASE: false - #VALIDATE_DOCKERFILE: true - VALIDATE_MARKDOWN: false - DEFAULT_BRANCH: ${{ github.ref }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # Build - - name: Build the Docker image - run: docker build . --file Dockerfile --tag ${GITHUB_REPOSITORY#*/}:"${GITHUB_REF##*/}" - # Inspect - - name: Inspect image - run: docker image inspect ${GITHUB_REPOSITORY#*/}:"${GITHUB_REF##*/}" \ No newline at end of file diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml new file mode 100644 index 0000000..1575948 --- /dev/null +++ b/.github/workflows/linter.yml @@ -0,0 +1,20 @@ +--- + +name: Lint Code Base +on: + push: + branches-ignore: [main] + pull_request: + branches: [main] + +jobs: + lint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: 'Yamllint' + uses: karancode/yamllint-github-action@master + with: + yamllint_file_or_dir: . + yamllint_strict: true + yamllint_comment: false diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 0201cfd..0000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,41 +0,0 @@ -name: Release CI -on: - push: - branches: - - master -jobs: - Create-release: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2.2.0 - # Verbose - - name: Print full context - env: - GITHUB_CONTEXT: ${{ toJson(github) }} - run: echo "$GITHUB_CONTEXT" - - name: Print release name - env: - SUPPORTED_IMAGE: ${{ github.event.head_commit.message }} - run: echo "$SUPPORTED_IMAGE" - # # Docker Hub Login - - name: Login to DockerHub - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - # Docker Hub Push - - name: Build and push - id: docker_build - uses: docker/build-push-action@v2 - with: - context: . - push: true - tags: ${{ github.repository }}:${{ github.event.head_commit.message }} - # Verbose - - name: Print image digest - run: echo ${{ steps.docker_build.outputs.digest }} - # Create Release - - uses: ncipollo/release-action@v1 - with: - tag: ${{ github.event.head_commit.message }} - token: ${{ secrets.G_TOKEN }} \ No newline at end of file diff --git a/.hadolint.yaml b/.hadolint.yaml new file mode 100644 index 0000000..f1701b3 --- /dev/null +++ b/.hadolint.yaml @@ -0,0 +1,5 @@ +--- + +ignored: + - DL3008 + - DL3006 #see https://github.com/hadolint/hadolint/issues/339 diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..7277fba --- /dev/null +++ b/.yamllint @@ -0,0 +1,9 @@ +--- + +extends: default + +rules: + line-length: disable + truthy: + allowed-values: ['true', 'false'] + check-keys: false diff --git a/Dockerfile b/Dockerfile index c4abf25..a2b2ab7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,31 +1,69 @@ -FROM ubuntu:20.04 -LABEL author="Hamza Hedhly" -LABEL version="Ubuntu 20.04 (Focal Fossa)" -LABEL documentation="https://github.com/senjoux" -# Supported Ansible releases: -# - 4.0 (default) -# - 3.0 -# - 2.10 -# see releases https://docs.ansible.com/ansible/devel/roadmap/ansible_roadmap_index.html -ENV ANSIBLE_VERSION=4.0.0 -# if none provided an "ansible" user will be created -ENV ANSIBLE_USER=ansible -# Python3-pip version -ENV PYTHON3_PIP_VERSION=20.0.2-5ubuntu1.5 - -RUN apt-get update --no-install-recommends -y \ - # prepare user - && adduser $ANSIBLE_USER \ - && echo "$ANSIBLE_USER ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers \ - # install Ansible - && apt-get install --no-install-recommends python3-pip=$PYTHON3_PIP_VERSION -y \ - && rm -rf /var/lib/apt/lists/*\ - && python3.8 -m pip install --no-cache-dir ansible==$ANSIBLE_VERSION \ - # other - && echo "export PS1='[\u@\h:\w] $ '" >> /home/$ANSIBLE_USER/.bashrc \ - # self - && ansible --version \ - && python3.8 -m pip list - -ENTRYPOINT ["/bin/bash","-c"] -CMD ["su $ANSIBLE_USER"] \ No newline at end of file +# Before overriding BASE_IMAGE and PYCMD, please consult: +# - https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#ansible-core-support-matrix +# and also maybe (in case want to install ansible community): +# - https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#ansible-community-changelogs +# +ARG BASE_IMAGE="python:3.11.7-slim" +ARG PYCMD="/usr/local/bin/python3.11" +ARG SYS_ZONEINFO="Europe/Berlin" +ARG ANSIBLE_HOME="/usr/share/ansible" +ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS="-v" +ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS="" +ARG ANSIBLE_INSTALL_REFS="ansible-core==2.16.0" +# ARG ANSIBLE_INSTALL_REFS="ansible-core" +# ARG ANSIBLE_INSTALL_REFS="ansible==9" +# ARG ANSIBLE_INSTALL_REFS="ansible" +ARG ANSIBLE_USER="thehedhly" + +# Base build stage +FROM $BASE_IMAGE as base +USER root +ARG BASE_IMAGE +ARG PYCMD +ARG ANSIBLE_INSTALL_REFS + +RUN "unlink /etc/localtime \ + && ln -s /usr/share/zoneinfo/$SYS_ZONEINFO /etc/localtime \ + && $PYCMD -m ensurepip \ + && $PYCMD -m pip install --no-cache-dir $ANSIBLE_INSTALL_REFS" +USER guest + +# Galaxy build stage +FROM base as galaxy +ARG ANSIBLE_HOME +ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS +ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS +WORKDIR / +COPY requirements.yml . +RUN ansible-galaxy role install $ANSIBLE_GALAXY_CLI_ROLE_OPTS -r requirements.yml --roles-path "$ANSIBLE_HOME/roles"\ + && ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path "$ANSIBLE_HOME/collections" + +# Final build stage +FROM base as final +LABEL org.opencontainers.image.created="date and time on which the image was built (string, date-time as defined by RFC 3339)" +LABEL org.opencontainers.image.authors="https://github.com/thehedhly" +LABEL org.opencontainers.image.url="dockerhub url" +LABEL org.opencontainers.image.source="github repository" +LABEL org.opencontainers.image.version="version of the packaged software" +ARG ANSIBLE_HOME +ARG ANSIBLE_USER +ENV ANSIBLE_CONFIG "/home/$ANSIBLE_USER/.ansible.cfg" +# ENV ANSIBLE_HOME = $XANSIBLE_HOME + +COPY --from=galaxy $ANSIBLE_HOME $ANSIBLE_HOME + +RUN useradd -m $ANSIBLE_USER\ + && echo "$ANSIBLE_USER ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers\ + && apt-get update\ + && apt-get install --no-install-recommends -y openssh-client\ + && apt-get install --no-install-recommends -y iputils-ping\ + && apt-get -qq clean\ + && rm -rf /var/lib/apt/lists/* + +USER $ANSIBLE_USER +COPY --chown=$ANSIBLE_USER:$ANSIBLE_USER ansible.cfg $ANSIBLE_CONFIG + +WORKDIR "/home/$ANSIBLE_USER" + +# ENTRYPOINT ["/bin/bash","-c"] +# CMD ["su $ANSIBLE_USER"] diff --git a/LICENSE b/LICENSE index 6c6e033..7c6df84 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2021 elhedhly +Copyright (c) 2024 H.Hedhly https://github.com/thehedhly Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md deleted file mode 100644 index 7aa63e9..0000000 --- a/README.md +++ /dev/null @@ -1,44 +0,0 @@ -Ansible Logo - -# Docker-Ansible -[![CI][badge-gh-actions]][link-gh-actions] - -## Features -- Ansible control Docker image. -- Custom Ubuntu user creation - -## OS support -| OS | Version | -|------|---------| -| Ubuntu | 20.04 (Focal Fossa) | - -## Ansible releases support: -| Release | -|------| -| 4.0 | -| 3.0 | -| 2.10 | - -## Environment variables - -| Name | Version | default | -|------|---------|---------| -| `ANSIBLE_VERSION` | Ansible version. | 4.0.0 | -| `ANSIBLE_USER` | Custom Ubuntu user name. | ansible | -| `PYTHON3_PIP_VERSION` | Version of the "python3-pip" module to be used for Ansible installation. | 20.0.2-5ubuntu1.5 | - -## Usage -- Build image -``` -docker build -t ansible_control: . -``` -- Run & access container -``` -docker build -t ansible_control: . -``` - - -This project was created by [Hamza Hedhly](https://de.linkedin.com/in/hedhly). - -[badge-gh-actions]: https://github.com/senjoux/docker_ansible/actions/workflows/release.yml/badge.svg -[link-gh-actions]: https://github.com/senjoux/docker_ansible/actions/workflows/release.yml \ No newline at end of file diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..411616e --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,16 @@ +[defaults] +# playbook_dir = ./playbooks +roles_path = ~/.ansible/roles:./roles:/usr/share/ansible/roles +collections_path = ~/.ansible/collections:./collections:/usr/share/ansible/collections +bin_ansible_callbacks = True +callbacks_enabled = ansible.posix.profile_tasks +force_color = True +# Use the YAML callback plugin +stdout_callback = yaml + +nocows = 1 +# cow_selection = random +# cow_selection = small + +[galaxy] +collections_path_warning = False diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..ef1f14f --- /dev/null +++ b/requirements.yml @@ -0,0 +1,15 @@ +--- + +roles: [] +# roles: + # - name: geerlingguy.go + # version: "1.1.0" + +# collections: [] +collections: + - name: ansible.posix + version: ">=1.5.0" + - name: community.general + version: ">=8.1.0" + - name: community.docker + version: ">=3.5.0" From 9cf4dcbafe5590c8a95914d50eccafa17135bf41 Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sat, 20 Jan 2024 09:44:24 +0100 Subject: [PATCH 02/15] Refactor resources - Introduce hadolint - Lint yaml/Dockerfile --- .github/workflows/linter.yml | 3 +++ .hadolint.yaml | 5 ----- .hadolint.yml | 6 ++++++ .yamllint => .yamllint.yml | 1 + Dockerfile | 20 ++++++++++---------- 5 files changed, 20 insertions(+), 15 deletions(-) delete mode 100644 .hadolint.yaml create mode 100644 .hadolint.yml rename .yamllint => .yamllint.yml (79%) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 1575948..689a312 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -18,3 +18,6 @@ jobs: yamllint_file_or_dir: . yamllint_strict: true yamllint_comment: false + - name: 'Hadolint' + run: | + docker run --rm -i -v .hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < Dockerfile diff --git a/.hadolint.yaml b/.hadolint.yaml deleted file mode 100644 index f1701b3..0000000 --- a/.hadolint.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -ignored: - - DL3008 - - DL3006 #see https://github.com/hadolint/hadolint/issues/339 diff --git a/.hadolint.yml b/.hadolint.yml new file mode 100644 index 0000000..816a754 --- /dev/null +++ b/.hadolint.yml @@ -0,0 +1,6 @@ +--- + +ignored: + - DL3008 +# for 'DL3006', see https://github.com/hadolint/hadolint/issues/339 + - DL3006 diff --git a/.yamllint b/.yamllint.yml similarity index 79% rename from .yamllint rename to .yamllint.yml index 7277fba..04affd7 100644 --- a/.yamllint +++ b/.yamllint.yml @@ -4,6 +4,7 @@ extends: default rules: line-length: disable + comments-indentation: disable truthy: allowed-values: ['true', 'false'] check-keys: false diff --git a/Dockerfile b/Dockerfile index a2b2ab7..62f3615 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,16 +17,16 @@ ARG ANSIBLE_USER="thehedhly" # Base build stage FROM $BASE_IMAGE as base -USER root +# USER root ARG BASE_IMAGE ARG PYCMD ARG ANSIBLE_INSTALL_REFS -RUN "unlink /etc/localtime \ - && ln -s /usr/share/zoneinfo/$SYS_ZONEINFO /etc/localtime \ - && $PYCMD -m ensurepip \ - && $PYCMD -m pip install --no-cache-dir $ANSIBLE_INSTALL_REFS" -USER guest +RUN unlink /etc/localtime \ + && ln -s "/usr/share/zoneinfo/$SYS_ZONEINFO" /etc/localtime \ + && "$PYCMD" -m ensurepip \ + && "$PYCMD" -m pip install --no-cache-dir "$ANSIBLE_INSTALL_REFS" +# USER guest # Galaxy build stage FROM base as galaxy @@ -35,8 +35,8 @@ ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS WORKDIR / COPY requirements.yml . -RUN ansible-galaxy role install $ANSIBLE_GALAXY_CLI_ROLE_OPTS -r requirements.yml --roles-path "$ANSIBLE_HOME/roles"\ - && ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path "$ANSIBLE_HOME/collections" +RUN ansible-galaxy role install "$ANSIBLE_GALAXY_CLI_ROLE_OPTS" -r requirements.yml --roles-path "$ANSIBLE_HOME/roles"\ + && ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install "$ANSIBLE_GALAXY_CLI_COLLECTION_OPTS" -r requirements.yml --collections-path "$ANSIBLE_HOME/collections" # Final build stage FROM base as final @@ -52,7 +52,7 @@ ENV ANSIBLE_CONFIG "/home/$ANSIBLE_USER/.ansible.cfg" COPY --from=galaxy $ANSIBLE_HOME $ANSIBLE_HOME -RUN useradd -m $ANSIBLE_USER\ +RUN useradd -m "$ANSIBLE_USER"\ && echo "$ANSIBLE_USER ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers\ && apt-get update\ && apt-get install --no-install-recommends -y openssh-client\ @@ -61,7 +61,7 @@ RUN useradd -m $ANSIBLE_USER\ && rm -rf /var/lib/apt/lists/* USER $ANSIBLE_USER -COPY --chown=$ANSIBLE_USER:$ANSIBLE_USER ansible.cfg $ANSIBLE_CONFIG +COPY --chown="$ANSIBLE_USER:$ANSIBLE_USER" ansible.cfg "$ANSIBLE_CONFIG" WORKDIR "/home/$ANSIBLE_USER" From e34594d6548239aced7456cb86b124c46bc69d84 Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sat, 20 Jan 2024 19:43:17 +0100 Subject: [PATCH 03/15] Update linter workflow --- .github/workflows/linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 689a312..0ed17cf 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -20,4 +20,4 @@ jobs: yamllint_comment: false - name: 'Hadolint' run: | - docker run --rm -i -v .hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < Dockerfile + "docker run --rm -i -v $(pwd)/.hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < Dockerfile" From 1abccdd79868ebc7cd2a0bf9fdc06cb7cd09fa3b Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sat, 20 Jan 2024 19:44:34 +0100 Subject: [PATCH 04/15] Fix broken cmd --- .github/workflows/linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 0ed17cf..88c3a56 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -20,4 +20,4 @@ jobs: yamllint_comment: false - name: 'Hadolint' run: | - "docker run --rm -i -v $(pwd)/.hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < Dockerfile" + docker run --rm -i -v $(pwd)/.hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < Dockerfile From 50b652cddc0ef397f55d6feff5681a29dba50a07 Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 11:48:21 +0100 Subject: [PATCH 05/15] Debug docker meta step --- .github/workflows/ci.yml | 18 ++++++++++++++++-- Dockerfile | 13 ++++++------- 2 files changed, 22 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 12a0d36..b391e14 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,6 +3,8 @@ name: ci on: push: + # branches: + # - main jobs: build: @@ -12,17 +14,29 @@ jobs: - name: 'Print docker version information' run: | docker --version - - name: Set up Docker Buildx + - name: 'Set up Docker Buildx' uses: docker/setup-buildx-action@v3 - name: 'Login to Docker Hub' uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + # - name: 'GetBuildTime' + # run: | + # echo "NOW=$(TZ='Europe/Berlin' date --rfc-3339=seconds)" >> $BUILD_TIME + - name: 'Set Docker meta' + id: meta + uses: docker/metadata-action@v5 + with: + images: thehedhly/ansible - name: 'Build and push' uses: docker/build-push-action@v5 with: push: true - tags: thehedhly/ansible:latest + # tags: thehedhly/ansible:latest context: . file: Dockerfile + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + # labels: + # - "$BUILD_TIME" diff --git a/Dockerfile b/Dockerfile index 62f3615..aacaa4d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,6 @@ ARG ANSIBLE_USER="thehedhly" # Base build stage FROM $BASE_IMAGE as base -# USER root ARG BASE_IMAGE ARG PYCMD ARG ANSIBLE_INSTALL_REFS @@ -26,7 +25,6 @@ RUN unlink /etc/localtime \ && ln -s "/usr/share/zoneinfo/$SYS_ZONEINFO" /etc/localtime \ && "$PYCMD" -m ensurepip \ && "$PYCMD" -m pip install --no-cache-dir "$ANSIBLE_INSTALL_REFS" -# USER guest # Galaxy build stage FROM base as galaxy @@ -40,11 +38,12 @@ RUN ansible-galaxy role install "$ANSIBLE_GALAXY_CLI_ROLE_OPTS" -r requirements. # Final build stage FROM base as final -LABEL org.opencontainers.image.created="date and time on which the image was built (string, date-time as defined by RFC 3339)" -LABEL org.opencontainers.image.authors="https://github.com/thehedhly" -LABEL org.opencontainers.image.url="dockerhub url" -LABEL org.opencontainers.image.source="github repository" -LABEL org.opencontainers.image.version="version of the packaged software" +# LABEL org.opencontainers.image.created="date and time on which the image was built (string, date-time as defined by RFC 3339)" +# LABEL org.opencontainers.image.authors="https://github.com/thehedhly" +# LABEL org.opencontainers.image.url="https://hub.docker.com/repository/docker/thehedhly/ansible" +# LABEL org.opencontainers.image.source="https://github.com/thehedhly/ansible-docker" +# TODO Update according to ANSIBLE_INSTALL_REFS +# LABEL org.opencontainers.image.version="2.16.0" ARG ANSIBLE_HOME ARG ANSIBLE_USER ENV ANSIBLE_CONFIG "/home/$ANSIBLE_USER/.ansible.cfg" From 728a7aa4842294a42861dd93850523e212c0c84d Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 12:17:32 +0100 Subject: [PATCH 06/15] Set build matrix --- .github/workflows/ci.yml | 9 ++++++++- Dockerfile | 3 ++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b391e14..45c8d78 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,6 +8,11 @@ on: jobs: build: + strategy: + matrix: + data: + - package: ansible-core + version: 2.16 runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -28,7 +33,7 @@ jobs: id: meta uses: docker/metadata-action@v5 with: - images: thehedhly/ansible + images: thehedhly/${{ matrix.data.package }} - name: 'Build and push' uses: docker/build-push-action@v5 with: @@ -38,5 +43,7 @@ jobs: file: Dockerfile tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + build-args: | + ANSIBLE_INSTALL_REFS=${{ matrix.data.package }}==${{ matrix.data.version }} # labels: # - "$BUILD_TIME" diff --git a/Dockerfile b/Dockerfile index aacaa4d..db748f2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,7 +9,8 @@ ARG SYS_ZONEINFO="Europe/Berlin" ARG ANSIBLE_HOME="/usr/share/ansible" ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS="-v" ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS="" -ARG ANSIBLE_INSTALL_REFS="ansible-core==2.16.0" +ARG ANSIBLE_INSTALL_REFS="" +# ARG ANSIBLE_INSTALL_REFS="ansible-core==2.16.0" # ARG ANSIBLE_INSTALL_REFS="ansible-core" # ARG ANSIBLE_INSTALL_REFS="ansible==9" # ARG ANSIBLE_INSTALL_REFS="ansible" From a625eccb634302316afa63693876641368752d17 Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 12:38:48 +0100 Subject: [PATCH 07/15] Load builds --- .github/workflows/ci.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 45c8d78..ac54186 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,6 +11,7 @@ jobs: strategy: matrix: data: + - package: ansible-core - package: ansible-core version: 2.16 runs-on: ubuntu-latest @@ -34,6 +35,8 @@ jobs: uses: docker/metadata-action@v5 with: images: thehedhly/${{ matrix.data.package }} + labels: | + org.opencontainers.image.version=${{ matrix.data.version }} - name: 'Build and push' uses: docker/build-push-action@v5 with: @@ -44,6 +47,6 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} build-args: | - ANSIBLE_INSTALL_REFS=${{ matrix.data.package }}==${{ matrix.data.version }} - # labels: - # - "$BUILD_TIME" + ANSIBLE_INSTALL_REFS=${{ matrix.data.version == '' && matrix.data.package || format('{0}={1}',matrix.data.package,matrix.data.version) }} + +# ANSIBLE_INSTALL_REFS=${{ matrix.data.package }}==${{ matrix.data.version }} From 05793907ce28316516311d72b9a487638dba89e4 Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 12:42:46 +0100 Subject: [PATCH 08/15] Fix typo --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ac54186..42f303d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -47,6 +47,6 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} build-args: | - ANSIBLE_INSTALL_REFS=${{ matrix.data.version == '' && matrix.data.package || format('{0}={1}',matrix.data.package,matrix.data.version) }} + ANSIBLE_INSTALL_REFS=${{ matrix.data.version == '' && matrix.data.package || format('{0}=={1}',matrix.data.package,matrix.data.version) }} # ANSIBLE_INSTALL_REFS=${{ matrix.data.package }}==${{ matrix.data.version }} From 940d56d9f85fdf1c04a9e5f05438f77c10ff6d0a Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 12:50:56 +0100 Subject: [PATCH 09/15] Tag image correctly --- .github/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 42f303d..2812b81 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -37,6 +37,8 @@ jobs: images: thehedhly/${{ matrix.data.package }} labels: | org.opencontainers.image.version=${{ matrix.data.version }} + tags: | + type=raw,value=${{ matrix.data.version }} - name: 'Build and push' uses: docker/build-push-action@v5 with: From 08ed52155e4083f4afb9a3bd0eb08583b3de5aa6 Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 12:52:47 +0100 Subject: [PATCH 10/15] Fix image tag handling --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2812b81..6e3cef3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,7 +38,7 @@ jobs: labels: | org.opencontainers.image.version=${{ matrix.data.version }} tags: | - type=raw,value=${{ matrix.data.version }} + type=raw,value=${{ matrix.data.version == '' && 'latest' || matrix.data.version }} - name: 'Build and push' uses: docker/build-push-action@v5 with: From 36f87845ac982d9e7e7c2cda1f8b05e18ee756b9 Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 13:11:49 +0100 Subject: [PATCH 11/15] Test ansible community build --- .github/workflows/ci.yml | 14 ++++++-------- ansible.cfg | 6 +++--- requirements.yml | 20 ++++++++++---------- 3 files changed, 19 insertions(+), 21 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6e3cef3..a53150b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,9 +11,12 @@ jobs: strategy: matrix: data: - - package: ansible-core - - package: ansible-core - version: 2.16 + # - package: ansible-core + # - package: ansible-core + # version: 2.16 + - package: ansible + - package: ansible + version: 9 runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -27,9 +30,6 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - # - name: 'GetBuildTime' - # run: | - # echo "NOW=$(TZ='Europe/Berlin' date --rfc-3339=seconds)" >> $BUILD_TIME - name: 'Set Docker meta' id: meta uses: docker/metadata-action@v5 @@ -50,5 +50,3 @@ jobs: labels: ${{ steps.meta.outputs.labels }} build-args: | ANSIBLE_INSTALL_REFS=${{ matrix.data.version == '' && matrix.data.package || format('{0}=={1}',matrix.data.package,matrix.data.version) }} - -# ANSIBLE_INSTALL_REFS=${{ matrix.data.package }}==${{ matrix.data.version }} diff --git a/ansible.cfg b/ansible.cfg index 411616e..da5a0e0 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -2,11 +2,11 @@ # playbook_dir = ./playbooks roles_path = ~/.ansible/roles:./roles:/usr/share/ansible/roles collections_path = ~/.ansible/collections:./collections:/usr/share/ansible/collections -bin_ansible_callbacks = True -callbacks_enabled = ansible.posix.profile_tasks +# bin_ansible_callbacks = True +# callbacks_enabled = ansible.posix.profile_tasks force_color = True # Use the YAML callback plugin -stdout_callback = yaml +# stdout_callback = yaml nocows = 1 # cow_selection = random diff --git a/requirements.yml b/requirements.yml index ef1f14f..80de76c 100644 --- a/requirements.yml +++ b/requirements.yml @@ -2,14 +2,14 @@ roles: [] # roles: - # - name: geerlingguy.go - # version: "1.1.0" +# - name: geerlingguy.go +# version: "1.1.0" -# collections: [] -collections: - - name: ansible.posix - version: ">=1.5.0" - - name: community.general - version: ">=8.1.0" - - name: community.docker - version: ">=3.5.0" +collections: [] +# collections: + # - name: ansible.posix + # version: ">=1.5.0" + # - name: community.general + # version: ">=8.1.0" + # - name: community.docker + # version: ">=3.5.0" From cde6ba830c2223f61302ec61594cfcd2cdda700c Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 15:14:18 +0100 Subject: [PATCH 12/15] Set Image description label Set image decription's run-name Activate full build matrix --- .github/workflows/ci.yml | 16 ++++++++++------ .github/workflows/linter.yml | 4 +++- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a53150b..e9f3d19 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,18 +2,22 @@ name: ci on: + workflow_dispatch: push: - # branches: - # - main + # branches: + # - main + # pull_request: + # branches: + # - 'main' jobs: build: strategy: matrix: data: - # - package: ansible-core - # - package: ansible-core - # version: 2.16 + - package: ansible-core + - package: ansible-core + version: 2.16 - package: ansible - package: ansible version: 9 @@ -37,13 +41,13 @@ jobs: images: thehedhly/${{ matrix.data.package }} labels: | org.opencontainers.image.version=${{ matrix.data.version }} + org.opencontainers.image.description=A minimal ${{ matrix.data.package }} image for efficient infrastructure as code tags: | type=raw,value=${{ matrix.data.version == '' && 'latest' || matrix.data.version }} - name: 'Build and push' uses: docker/build-push-action@v5 with: push: true - # tags: thehedhly/ansible:latest context: . file: Dockerfile tags: ${{ steps.meta.outputs.tags }} diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 88c3a56..2404195 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -1,7 +1,9 @@ --- -name: Lint Code Base +name: lint +run-name: Lint Code Base on: + workflow_dispatch: push: branches-ignore: [main] pull_request: From 95a4e4397b8e694891a1f9485852104e90691d49 Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 15:16:44 +0100 Subject: [PATCH 13/15] Lint yaml --- .github/workflows/ci.yml | 1 + .github/workflows/linter.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e9f3d19..7b7b051 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,6 +1,7 @@ --- name: ci +run-name: Build & push docker images on: workflow_dispatch: push: diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 2404195..041d3ba 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -1,7 +1,7 @@ --- name: lint -run-name: Lint Code Base +run-name: Lint code base on: workflow_dispatch: push: From 0d3c13fa0be0065d9bdb012886051a2385eb9870 Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 18:13:01 +0100 Subject: [PATCH 14/15] Update Readme - Cleanup Dockerfile --- Dockerfile | 12 ++-------- README.md | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 71 insertions(+), 10 deletions(-) create mode 100644 README.md diff --git a/Dockerfile b/Dockerfile index db748f2..2b0a32c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,10 +8,9 @@ ARG PYCMD="/usr/local/bin/python3.11" ARG SYS_ZONEINFO="Europe/Berlin" ARG ANSIBLE_HOME="/usr/share/ansible" ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS="-v" -ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS="" -ARG ANSIBLE_INSTALL_REFS="" +ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS="-v" +ARG ANSIBLE_INSTALL_REFS="ansible-core" # ARG ANSIBLE_INSTALL_REFS="ansible-core==2.16.0" -# ARG ANSIBLE_INSTALL_REFS="ansible-core" # ARG ANSIBLE_INSTALL_REFS="ansible==9" # ARG ANSIBLE_INSTALL_REFS="ansible" ARG ANSIBLE_USER="thehedhly" @@ -39,16 +38,9 @@ RUN ansible-galaxy role install "$ANSIBLE_GALAXY_CLI_ROLE_OPTS" -r requirements. # Final build stage FROM base as final -# LABEL org.opencontainers.image.created="date and time on which the image was built (string, date-time as defined by RFC 3339)" -# LABEL org.opencontainers.image.authors="https://github.com/thehedhly" -# LABEL org.opencontainers.image.url="https://hub.docker.com/repository/docker/thehedhly/ansible" -# LABEL org.opencontainers.image.source="https://github.com/thehedhly/ansible-docker" -# TODO Update according to ANSIBLE_INSTALL_REFS -# LABEL org.opencontainers.image.version="2.16.0" ARG ANSIBLE_HOME ARG ANSIBLE_USER ENV ANSIBLE_CONFIG "/home/$ANSIBLE_USER/.ansible.cfg" -# ENV ANSIBLE_HOME = $XANSIBLE_HOME COPY --from=galaxy $ANSIBLE_HOME $ANSIBLE_HOME diff --git a/README.md b/README.md new file mode 100644 index 0000000..a86276a --- /dev/null +++ b/README.md @@ -0,0 +1,69 @@ +Ansible Logo + +# ansible-docker +![Build](https://github.com/thehedhly/ansible-docker/actions/workflows/ci.yml/badge.svg?branch=dev) +![Docker build](https://github.com/thehedhly/ansible-docker/actions/workflows/linter.yml/badge.svg?branch=dev) + +## Features +- Builds a [python](https://hub.docker.com/_/python) based __ansible__ docker __image__. + +## Ansible: +In accordance with both ansible community projects, __ansible community package__ and __ansible-core__, this project builds two seperate images as follows: + +| Ansible project | Supported versions | DockerHub Image | +|-----------------|----------|-------| +| ansible community package |
  • 9.0
| [thehedhly/ansible](https://hub.docker.com/repository/docker/thehedhly/ansible) | +| ansible-core |
  • 2.16
| [thehedhly/ansible-core](https://hub.docker.com/repository/docker/thehedhly/ansible-core) | + +## Build arguments +| Name | description | default | +|------|---------|---------| +| `BASE_IMAGE` | Base docker image. | python:3.11.7-slim | +| `PYCMD` | Python binary location.
:information_source: See also `BASE_IMAGE` | /usr/local/bin/python3.11 | +| `SYS_ZONEINFO` | System time zone. | Europe/Berlin | +| `ANSIBLE_INSTALL_REFS` | Ansible installation package.
You can install a specific version of a ansible community package or ansible-core, e.g.:
  • ansible-core==2.16.0
    • or
  • ansible==9
| ansible-core | +| `ANSIBLE_HOME` | Ansible home where the build's extra (optional) ansible roles/collections are installed.
See [Ansible requirements.yml](requirements.yml) | /usr/share/ansible | +| `ANSIBLE_GALAXY_CLI_COLLECTION_OPTS` | Build's CLI options for installing ansible collection.
Check [ansible-galaxy]() cli documentation for more details.| -v | +| `ANSIBLE_GALAXY_CLI_ROLE_OPTS` | Build's CLI options for installing ansible roles.
Check [ansible-galaxy]() cli documentation for more details. | -v | +| `ANSIBLE_USER` | User to set for ansible image. A home directory is setup for the provided user. The default [ansible configuration file](ansible.cfg) for the user is located in his home driectory. | thehedhly | + + +## Usage +### Build +`ansible-core` +``` +docker build -t ansible-core . +``` +``` +docker build --build-arg ANSIBLE_INSTALL_REFS=ansible-core== -t ansible-core: . +``` +`ansible community package` +``` +docker build --build-arg ANSIBLE_INSTALL_REFS=ansible -t ansible . +``` +``` +docker build --build-arg ANSIBLE_INSTALL_REFS=ansible== -t ansible: . +``` +#### Run +`ansible-core` +``` +docker run --rm -it ansible-core bash +``` +``` +docker run --rm -it ansible-core: bash +``` +``` +docker run --rm -it --mount type=bind,source=/home//,target=/opt/ --mount type=bind,source=/home//.ssh,target=/home//.ssh,readonly > bash +``` +`ansible community package` +``` +docker run --rm -it ansible bash +``` +``` +docker run --rm -it ansible: bash +``` +``` +docker run --rm -it --mount type=bind,source=/home//,target=/opt/ --mount type=bind,source=/home//.ssh,target=/home//.ssh,readonly > bash +``` + +This project was created by [H.Hedhly](https://hedhly.com). From b149d863bbaf2067a703ec3b92b87208bac51cbc Mon Sep 17 00:00:00 2001 From: thehedhly Date: Sun, 21 Jan 2024 18:14:44 +0100 Subject: [PATCH 15/15] Set ci events --- .github/workflows/ci.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7b7b051..c7a4973 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,11 +5,11 @@ run-name: Build & push docker images on: workflow_dispatch: push: - # branches: - # - main - # pull_request: - # branches: - # - 'main' + branches: + - main + pull_request: + branches: + - 'main' jobs: build: