100 lines
3.7 KiB
Docker
100 lines
3.7 KiB
Docker
FROM hashicorp/packer:light as packer
|
|
FROM hashicorp/terraform:light as terraform
|
|
|
|
FROM alpine:latest AS download
|
|
|
|
ENV OVFTOOL_VERSION=4.4.1-16812187
|
|
ENV OVFTOOL_INSTALLER=VMware-ovftool-${OVFTOOL_VERSION}-lin.x86_64.bundle
|
|
ENV OVFTOOL_SHA256=ecdb3dcb58494d643d35661dcda948025661ec12ce615f043e1ec5d4c85de2ce
|
|
ARG REPO_USERNAME
|
|
ARG REPO_PASSWORD
|
|
ADD https://${REPO_USERNAME}:${REPO_PASSWORD}@sn.itch.fyi/Repository/bin/VMware/ovftool/4.4.x/${OVFTOOL_INSTALLER} /tmp/ovftool-installer
|
|
|
|
RUN apk --update add --no-cache \
|
|
curl \
|
|
jq && \
|
|
curl -L https://api.github.com/repos/helm/helm/releases/latest | \
|
|
jq -r '.tag_name' | \
|
|
xargs -I {} curl -L -o /tmp/helm.tar.gz https://get.helm.sh/helm-{}-linux-amd64.tar.gz && \
|
|
tar -xzf /tmp/helm.tar.gz --strip-components=1 -C /tmp && \
|
|
curl -L https://api.github.com/repos/mikefarah/yq/releases/latest | \
|
|
jq -r '.assets[] | select(.name | endswith("yq_linux_amd64")) | .browser_download_url' | \
|
|
xargs -I {} curl -L -o /tmp/yq {} && \
|
|
chmod +x /tmp/yq
|
|
|
|
FROM debian:11-slim
|
|
|
|
COPY --from=packer /bin/packer /bin/packer
|
|
COPY --from=terraform /bin/terraform /bin/terraform
|
|
COPY --from=download /tmp/ovftool-installer /tmp/ovftool-installer
|
|
COPY --from=download /tmp/yq /bin/yq
|
|
COPY --from=download /tmp/helm /usr/bin/helm
|
|
|
|
ENV LANG en_US.UTF-8
|
|
ENV LANGUAGE en_US:en
|
|
ENV LC_ALL en_US.UTF-8
|
|
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
apt-transport-https \
|
|
ca-certificates \
|
|
curl \
|
|
gnupg && \
|
|
curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor -o /usr/share/keyrings/microsoft.gpg && \
|
|
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/microsoft.gpg] https://packages.microsoft.com/repos/microsoft-debian-bullseye-prod bullseye main" > /etc/apt/sources.list.d/microsoft.list && \
|
|
apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends \
|
|
# (build-essential) Dependency for installation of InSpec
|
|
build-essential \
|
|
git \
|
|
jq \
|
|
locales \
|
|
make \
|
|
netcat-openbsd \
|
|
# (npm) Dependency for Gitea Actions
|
|
npm \
|
|
openssh-client \
|
|
powershell-lts \
|
|
# (python3-*) Dependency for installation of Ansible
|
|
python3-pip \
|
|
python3-setuptools \
|
|
python3-wheel \
|
|
# (qemu-utils) Dependency for Packer (conversion to raw disk format)
|
|
qemu-utils \
|
|
# (sshpass) Dependency for Packer (non-interactive password authentication)
|
|
sshpass \
|
|
# (unzip) Dependency for Gitea Actions
|
|
unzip \
|
|
# (xorriso) Dependency for Packer (generating isofs image)
|
|
xorriso \
|
|
yamllint && \
|
|
sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && \
|
|
locale-gen && \
|
|
npm install npm@latest -g && \
|
|
npm install n -g && \
|
|
n latest && \
|
|
pip3 install --upgrade pip && \
|
|
pip3 install \
|
|
ansible-core~=2.14.0 \
|
|
# (jmespath) Dependency for Ansible 'json_query' filter
|
|
jmespath \
|
|
# (netaddr) Dependency for Ansible 'ipaddr' filter
|
|
netaddr \
|
|
# (pyvmomi & requests) Dependency for Ansible 'vmware_guest' module
|
|
pyvmomi \
|
|
requests && \
|
|
update-ca-certificates --fresh && \
|
|
pwsh -Command "Set-PSRepository -Name 'PSGallery' -InstallationPolicy 'Trusted'" && \
|
|
pwsh -Command "Install-Module -Name 'powershell-yaml','VMware.PowerCLI'" && \
|
|
pwsh -Command "Set-PowerCLIConfiguration -Scope User -ParticipateInCEIP \$False -Confirm:\$False" && \
|
|
sh /tmp/ovftool-installer --console --eulas-agreed --required && \
|
|
apt-get remove -y \
|
|
apt-transport-https \
|
|
build-essential \
|
|
# ca-certificates \
|
|
gnupg && \
|
|
apt-get autoremove -y && \
|
|
rm -rf /var/lib/apt/lists/* && \
|
|
rm -f /tmp/ovftool-installer
|
|
|
|
ENTRYPOINT []
|
|
CMD []
|