Add Buildkite CI tooling

This commit is contained in:
Amir Zarrinkafsh 2019-12-18 17:56:46 +11:00 committed by Clément Michaud
parent 09b4e4e57e
commit 9e7dac1107
8 changed files with 136 additions and 0 deletions

6
ci/.dockerignore Normal file
View File

@ -0,0 +1,6 @@
.git
.gitignore
.github
.gitattributes
READMETEMPLATE.md
README.md

77
ci/Dockerfile Normal file
View File

@ -0,0 +1,77 @@
FROM docker:dind
# set labels
LABEL maintainer="Nightah"
# set application versions
ARG ARCH="amd64"
ARG BUILDKITE_VERSION="3.17.0"
ARG OVERLAY_VERSION="v1.22.1.0"
# environment variables
ENV PS1="$(whoami)@$(hostname):$(pwd)$ " \
HOME="/buildkite" \
TERM="xterm"
# set runtime variables
ENV BUILDKITE_AGENT_CONFIG=/buildkite/buildkite-agent.cfg \
GOPATH="/buildkite/.go"
# add local files
COPY root/ /
# modifications
RUN \
echo "**** Install Authelia CI pre-requisites ****" && \
echo "@edge http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories && \
echo "@edget http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories && \
apk add --no-cache \
bash \
ca-certificates \
coreutils \
chromium \
chromium-chromedriver \
curl \
docker-compose \
git \
hub@edget \
go@edge \
jq \
libc6-compat \
libstdc++ \
nodejs \
npm \
openssh-client \
perl \
rsync \
shadow \
sudo \
tzdata \
yarn@edge && \
echo "**** Add s6 overlay ****" && \
cd /tmp && \
curl -Lfs -o s6-overlay.tar.gz "https://github.com/just-containers/s6-overlay/releases/download/${OVERLAY_VERSION}/s6-overlay-${ARCH}.tar.gz" && \
tar xfz s6-overlay.tar.gz -C / && \
echo "**** Patch CVE-2019-5021 ****" && \
sed -i -e 's/^root::/root:!:/' /etc/shadow && \
echo "**** Create abc user and make our folders ****" && \
useradd -u 911 -U -d /buildkite -s /bin/false abc && \
usermod -G wheel abc && \
sed -i 's/# %wheel/%wheel/g' /etc/sudoers && \
echo "**** Install Buildkite ****" && \
mkdir -p /buildkite/builds /buildkite/hooks /buildkite/plugins && \
curl -Lfs -o /usr/local/bin/ssh-env-config.sh https://raw.githubusercontent.com/buildkite/docker-ssh-env-config/master/ssh-env-config.sh && \
chmod +x /usr/local/bin/ssh-env-config.sh && \
curl -Lfs -o buildkite-agent.tar.gz https://github.com/buildkite/agent/releases/download/v${BUILDKITE_VERSION}/buildkite-agent-linux-${ARCH}-${BUILDKITE_VERSION}.tar.gz && \
tar xf buildkite-agent.tar.gz && \
sed -i 's/token=/#token=/g' buildkite-agent.cfg && \
sed -i 's/\$HOME\/.buildkite-agent/\/buildkite/g' buildkite-agent.cfg && \
mv buildkite-agent.cfg /buildkite/buildkite-agent.cfg && \
mv buildkite-agent /usr/local/bin/buildkite-agent && \
echo "**** Cleanup ****" && \
rm -rf /tmp/*
# ports and volumes
VOLUME /buildkite
ENTRYPOINT ["/init"]

View File

@ -0,0 +1,29 @@
#!/usr/bin/with-contenv bash
PUID=${PUID:-911}
PGID=${PGID:-911}
groupmod -o -g "$PGID" abc
usermod -o -u "$PUID" abc
cat <<'EOF'
--------------------------------------------
/ \ _ _| |_| |__ ___| (_) __ _
/ _ \| | | | __| '_ \ / _ \ | |/ _` |
/ ___ \ |_| | |_| | | | __/ | | (_| |
/_/ \_\__,_|\__|_| |_|\___|_|_|\__,_|
____ ___
/ ___|_ _|
| | | |
| |___ | |
\____|___|
--------------------------------------------
GID/UID
--------------------------------------------
EOF
echo "
User uid: $(id -u abc)
User gid: $(id -g abc)
--------------------------------------------
"
chown abc:abc /buildkite

View File

@ -0,0 +1,5 @@
#!/usr/bin/with-contenv bash
# permissions
chown -R abc:abc \
/buildkite

View File

@ -0,0 +1,3 @@
{
"registry-mirrors": ["http://registrycache:5000"]
}

View File

@ -0,0 +1,4 @@
#!/usr/bin/with-contenv bash
exec \
s6-setuidgid abc ssh-env-config.sh /usr/local/bin/buildkite-agent start

View File

@ -0,0 +1,4 @@
#!/usr/bin/with-contenv bash
exec \
s6-setuidgid root dockerd-entrypoint.sh > /dev/null 2>&1

View File

@ -0,0 +1,8 @@
#!/usr/bin/with-contenv bash
while [ ! -S "/run/docker.sock" ];
do
sleep 1;
done
chown root:abc /run/docker.sock
tail -f /dev/null