Initial commit

2025-02-18 12:53:36 +03:00
commit 111d6c2139
5 changed files with 180 additions and 0 deletions
--- a/.gitea/workflows/build-and-push-image.yaml
+++ b/.gitea/workflows/build-and-push-image.yaml
@@ -0,0 +1,65 @@
 name: Build and publish docker image
 on: [push]
 env:
  CI: ON
  # Allow workflow to be manually run from the Gitea UI
  workflow_dispatch:
 jobs:
  build_and_push:
    runs-on: act-runner-label
    name: Builds the image and publishes to docker hub
    container:
      image: harbor.avroid.tech/docker-hub-proxy/catthehacker/ubuntu:act-latest
    steps:
      - run: printenv
      - name: Retrieve secrets from Hashicorp Vault
        id: retrieve-secrets
        uses: https://git-mirrors.avroid.tech/Mirrors-actions/vault-action.git@v3
        with:
          url: https://vault.avroid.tech
          method: approle
          roleId: ${{ secrets.HVAULT_GITEA_ACTIONS_ROLE_ID }}
          secretId: ${{ secrets.HVAULT_GITEA_ACTIONS_SECRET_ID }}
          # Ниже указываем {путь к секрету в HVault} {имя ключа секрета} | {имя переменной окружения куда засетим значение секрета}
          # Доступ к секретам осуществляется через заранее созданный AppRole "gitea-actions-role" в HVault и подключенную
          # к ней политику "gitea-actions". В политике описывается доступ к необходимым секретам. Политику можно посмотреть
          # через UI Hashicorp Vault.
          secrets: |
            team-devops/data/services/registry/Harbor/harbor.avroid.tech 'service.user.ci.login' | HARBOR_LOGIN ;
            team-devops/data/services/registry/Harbor/harbor.avroid.tech 'service.user.ci.token' | HARBOR_TOKEN ;
      - name: Login to Harbor Docker Registry
        uses: https://git-mirrors.avroid.tech/Mirrors-actions/login-action@v3
        with:
          registry: https://harbor.avroid.tech
          username: ${{ env.HARBOR_LOGIN }}
          password: ${{ env.HARBOR_TOKEN }}
      - name: Check out repository code
        uses: https://git-mirrors.avroid.tech/Mirrors-actions/checkout@v4
      - name: "Build image"
        run: |
          make build
      - name: "Push image"
        run: |
          make push
        if: ${{ gitea.ref == 'refs/heads/master' }}
      - name: "Clear image"
        run: |
          make clean
      - name: Create and push tag
        run: |
          git config user.name "Jenkins"
          git config user.email "svc-jenkins@avroid.tech"
          git tag $(make getTag)
          git push origin $(make getTag)
        if: ${{ gitea.ref == 'refs/heads/master' }}
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,9 @@
 # Changelog
 ## 1.0
 ### 15.09.2023
 CREATE:
 * Dockerfile
--- a/39
+++ b/39
@@ -0,0 +1,39 @@
 ARG DOCKER_REGISTRY=harbor.avroid.tech/docker-hub-proxy/library
 # https://hub.docker.com/_/ubuntu
 FROM ${DOCKER_REGISTRY}/ubuntu:22.04
 LABEL description="Base build image based on ubuntu 22.04"
 # Disable output interactive dialogs in console for service commands
 ENV DEBIAN_FRONTEND=noninteractive
 # Nexus
 ARG NEXUS_DOMAIN_NAME="nexus.avroid.tech"
 ARG NEXUS_URL="https://${NEXUS_DOMAIN_NAME}"
 # swap basic os repos to nexus mirrors https://nexus.avroid.tech
 RUN sed -ie "s/deb\ http\:\/\/archive.ubuntu.com\/ubuntu/deb\ [trusted=yes] https\:\/\/${NEXUS_DOMAIN_NAME}\/repository\/mirror-os-apt-ubuntu/g" /etc/apt/sources.list && \
    sed -ie "s/deb\ http\:\/\/security.ubuntu.com\/ubuntu/deb\ [trusted=yes] https\:\/\/${NEXUS_DOMAIN_NAME}\/repository\/mirror-os-apt-ubuntu/g" /etc/apt/sources.list && \
    echo "Acquire::https::${NEXUS_DOMAIN_NAME}::Verify-Peer \"false\";" > /etc/apt/apt.conf.d/99nexus_proxy_cert && \
    apt update && \
    apt install -y ca-certificates && \
    apt update && \
    apt clean && \
    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 ENV TZ="Europe/Moscow"
 # Set timezone on Ubuntu
 RUN apt update && \
    apt install -y --no-install-recommends tzdata && \
    ln -snf /usr/share/zoneinfo/${TZ} /etc/localtime && \
    dpkg-reconfigure -f noninteractive tzdata && \
    apt clean && \
    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 # Upgrade OS in container
 RUN apt update && \
    apt install -y --no-install-recommends apt-utils && \
    apt dist-upgrade -y && \
    apt clean && \
    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
--- a/39
+++ b/39
@@ -0,0 +1,39 @@
 .PHONY: all build push clean
 IMAGE_NAME = template
 IMAGE_GROUP = devops
 IMAGE_TAG = 1.0
 REVISION =
 DOCKER_REGISTRY = harbor.avroid.tech
 CI_FLAGS =
 ifeq ($(CI), true)
 	CI_FLAGS = --no-cache
 endif
 all:
 	@echo 'DEFAULT:'
 	@echo '   make build'
 	@echo '   make push'
 	@echo '   make getTag'
 	@echo '   make clean'
 build:
 	DOCKER_BUILDKIT=1 docker build $(CI_FLAGS) \
 					-f Dockerfile \
 					--platform linux/amd64 \
 					--build-arg IMAGE_TAG=$(IMAGE_TAG) \
 					-t $(DOCKER_REGISTRY)/$(IMAGE_GROUP)/$(IMAGE_NAME):$(IMAGE_TAG)$(REVISION) .
 push:
 ifeq ($(CI), false)
 	docker login https://$(DOCKER_REGISTRY)
 endif
 	docker push $(DOCKER_REGISTRY)/$(IMAGE_GROUP)/$(IMAGE_NAME):$(IMAGE_TAG)$(REVISION)
 getTag:
 	@echo $(IMAGE_TAG)
 clean:
 	docker rmi $(DOCKER_REGISTRY)/$(IMAGE_GROUP)/$(IMAGE_NAME):$(IMAGE_TAG)$(REVISION)
--- a/README.md
+++ b/README.md
@@ -0,0 +1,28 @@
 # template-docker-image
 ## Данный репозиторий используется как основа для остальных репозиториев
 Для сборки образа выполните
 ```bash
 make build
 ```
 Для загрузки образа в harbor выполните
 ```bash
 make push
 ```
 Для вывода тега докер образа выполните
 ```bash
 make getTag
 ```
 Для удаления образа из системы выполните
 ```bash
 make clean
 ```
 За версию докер образа отвечает переменная IMAGE_TAG в [Makefile](./Makefile#L5)