Remove Containerfile
I don't want Jenkins to build a new runtime container every time I make a change to the configuration policy. As such, I've moved the container image definition and corresponding CI pipeline script to their own repository.master
parent
41e9fa85d2
commit
86f6943f5b
|
|
@ -1,47 +0,0 @@
|
|||
FROM registry.fedoraproject.org/fedora-minimal:39 AS build
|
||||
|
||||
ARG CUE_VERSION=0.7.0
|
||||
|
||||
RUN --mount=type=cache,target=/var/cache \
|
||||
microdnf install -y \
|
||||
--setopt install_weak_deps=0 \
|
||||
gzip \
|
||||
tar \
|
||||
&& ARCH=$(uname -m) \
|
||||
&& case "${ARCH}" in \
|
||||
x86_64) ARCH=amd64 ;; \
|
||||
aarch64) ARCH=arm64 ;; \
|
||||
esac \
|
||||
&& url="https://github.com/cue-lang/cue/releases/download/v${CUE_VERSION}/cue_v${CUE_VERSION}_linux_${ARCH}.tar.gz" \
|
||||
&& curl -fsSL "${url}" \
|
||||
| tar -C /usr/local/bin -xz cue \
|
||||
&& :
|
||||
|
||||
|
||||
FROM git.pyrocufflink.net/containerimages/tmpl
|
||||
|
||||
RUN --mount=type=cache,target=/var/cache \
|
||||
--mount=type=bind,from=build,source=/,target=/build \
|
||||
microdnf install -y \
|
||||
--setopt install_weak_deps=0 \
|
||||
age \
|
||||
git-core \
|
||||
&& ln -snf /host/etc/passwd /etc/passwd \
|
||||
&& ln -snf /host/etc/group /etc/group \
|
||||
&& cp -a /build/usr/local/bin/cue /usr/local/bin/ \
|
||||
&& for cmd in \
|
||||
systemctl \
|
||||
systemd-sysusers \
|
||||
; do ln -s nsenter.sh /usr/local/bin/${cmd}; done \
|
||||
&& :
|
||||
|
||||
COPY nsenter.sh /usr/local/bin/nsenter.sh
|
||||
|
||||
COPY config.sh /
|
||||
|
||||
ENTRYPOINT []
|
||||
|
||||
CMD ["/config.sh"]
|
||||
|
||||
LABEL license= \
|
||||
vendor='Dustin C. Hatch' \
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
@Library('containerimages')_
|
||||
|
||||
buildContainerImage2(
|
||||
project: 'infra',
|
||||
archlist: ['amd64', 'arm64'],
|
||||
)
|
||||
|
|
@ -5,15 +5,9 @@
|
|||
: "${KEYSERV_URL:=https://keyserv.pyrocufflink.blue}"
|
||||
: "${SSH_CERT:=${DESTDIR}/etc/ssh/ssh_host_ed25519_key-cert.pub}"
|
||||
: "${SSH_KEY:=${SSH_CERT%-cert.pub}}"
|
||||
: "${GIT_URL:=https://git.pyrocufflink.net/infra/cfg.git}"
|
||||
: "${GIT_BRANCH:=master}"
|
||||
|
||||
printf 'Applying configuration policy for %s ...\n' "${HOSTNAME}"
|
||||
|
||||
cd "$(mktemp -d)" || exit
|
||||
|
||||
git clone --depth 1 "${GIT_URL}" -b "${GIT_BRANCH}" . || exit
|
||||
|
||||
if [ -f host/"${HOSTNAME}".pre.sh ]; then
|
||||
. host/"${HOSTNAME}".pre.sh
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -1,3 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
exec nsenter -a -t 1 "${0##*/}" "$@"
|
||||
Loading…
Reference in New Issue