diff --git a/.github/workflows/dplsh-build-release.yaml b/.github/workflows/dplsh-build-release.yaml index 7b964b7..d88b4e6 100644 --- a/.github/workflows/dplsh-build-release.yaml +++ b/.github/workflows/dplsh-build-release.yaml @@ -28,10 +28,21 @@ jobs: steps: - name: Checkout uses: actions/checkout@v2.3.4 + - name: Install Task + uses: Arduino/actions/setup-taskfile@master # Generate a sane tag based on current git ref (branch, tag, etc). - uses: rlespinasse/github-slug-action@v3.x - name: Build ${{env.image}} container image - run: docker build -t working-image:0.0.0 . + env: + IMAGE_URL: working-image + IMAGE_TAG: 0.0.0 + run: task build + working-directory: tools/dplsh + - name: Test ${{env.image}} container image + env: + IMAGE_URL: working-image + IMAGE_TAG: 0.0.0 + run: task test working-directory: tools/dplsh # Publish to container registry if this was a push event (not a PR). - name: Publish image to registry diff --git a/tools/dplsh/Dockerfile b/tools/dplsh/Dockerfile index 6f04584..b4909ae 100644 --- a/tools/dplsh/Dockerfile +++ b/tools/dplsh/Dockerfile @@ -3,14 +3,17 @@ ARG AZURE_CLI_TAG=latest ARG DPLSH_BUILD_VERSION=latest +# Use an intermediate images as a way to have dependabot track our dependency +FROM alpine/helm:3.5.4 as helm +FROM hashicorp/terraform:0.15.1 as terraform + # We use the official azure cli as a base-image. It is itself based on alpine # and is quite minimal. FROM mcr.microsoft.com/azure-cli:$AZURE_CLI_TAG ARG TASK_VERSION=v3.0.0 -ARG TERRAFORM_RELEASE=0.15.1 LABEL org.opencontainers.image.source https://github.com/reload/dpl-platform-poc -SHELL ["/bin/bash", "-o", "pipefail", "-c"] +SHELL ["/bin/bash", "-ox", "pipefail", "-c"] WORKDIR /tmp # TODO - this will install the latest version - we should pin to the version we @@ -28,10 +31,12 @@ RUN apk add --no-cache \ RUN curl -sL https://taskfile.dev/install.sh | bash -s -- -b /usr/local/bin ${TASK_VERSION} WORKDIR /tmp -RUN curl -O https://releases.hashicorp.com/terraform/${TERRAFORM_RELEASE}/terraform_${TERRAFORM_RELEASE}_linux_amd64.zip \ - && unzip terraform_${TERRAFORM_RELEASE}_linux_amd64.zip \ - && mv terraform /usr/bin \ - && rm terraform_${TERRAFORM_RELEASE}_linux_amd64.zip + +# Add Terraform +COPY --from=terraform /bin/terraform /bin/ + +# Add Helm +COPY --from=helm /usr/bin/helm /usr/bin/ # Create a dplsh user and switch to it to avoid running the shell as root RUN adduser -D --shell /bin/bash dplsh diff --git a/tools/dplsh/Taskfile.yml b/tools/dplsh/Taskfile.yml index b332b99..d028863 100644 --- a/tools/dplsh/Taskfile.yml +++ b/tools/dplsh/Taskfile.yml @@ -17,3 +17,11 @@ tasks: - docker tag {{.image}} {{.latest}} - docker push {{.image}} - docker push {{.latest}} + + test: + env: + DPLSH_IMAGE: "{{.image}}" + DPLSH_NON_INTERACTIVE: "true" + cmds: + - ./dplsh.sh terraform -version + - ./dplsh.sh helm version diff --git a/tools/dplsh/dplsh.sh b/tools/dplsh/dplsh.sh index 9c3f7ff..aca5959 100755 --- a/tools/dplsh/dplsh.sh +++ b/tools/dplsh/dplsh.sh @@ -19,7 +19,7 @@ find-up () { } PROFILE_FILE= -DOCKER_IMAGE="ghcr.io/reload/dpl-platform-poc/dplsh:latest" +DOCKER_IMAGE="${DPLSH_IMAGE:-ghcr.io/reload/dpl-platform-poc/dplsh:latest}" CHDIR= SHELL_ROOT="${PWD}" @@ -204,10 +204,15 @@ for key in "${!docker_creds[@]}"; do ADDITIONAL_ARGS+=(-e "${key}=${docker_creds[$key]}") done +# We run in interactive mode unless if we're in DPLSH_NON_INTERACTIVE. +if [[ -z "${DPLSH_NON_INTERACTIVE:-}" ]]; then + ADDITIONAL_ARGS+=(-i) +fi + docker run --hostname=dplsh \ --rm \ "${ADDITIONAL_ARGS[@]}" \ - -ti \ + -t \ -v "${HOME}/.azure:/home/dplsh/.azure-host" \ -v "${SHELL_ROOT}:/home/dplsh/host_mount" \ -w "/home/dplsh/host_mount/${CHDIR}" \