Google Git
Sign in
apache/yetus/HEAD/./precommit/src/main/shell/test-patch-docker/Dockerfile
blob: c756fe2ab61accbd34252dfbdcc67e641288a57c [file]
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
###############
#
# Example Apache Yetus Dockerfile that includes all functionality supported
# as well as enough bits to build and release Apache Yetus itself.
#
###############
FROM ubuntu:noble AS yetusbase
## NOTE to committers: if this gets moved from Xenial to something else, be
## sure to also fix the gpg link in asf-site-src as appropriate
WORKDIR /root
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
ENV DEBIAN_FRONTEND=noninteractive
ENV DEBCONF_TERSE=true
######
# Install some basic Apache Yetus requirements
# some git repos need ssh-client so do it too
# Adding libffi-dev for all the programming languages
# that take advantage of it. Also throw in
# xmllint here since so much links against libxml anyway.
######
# hadolint ignore=DL3008
RUN apt-get -q update && apt-get -q install --no-install-recommends -y \
apt-transport-https \
apt-utils \
ca-certificates \
curl \
dirmngr \
git \
gpg \
gpg-agent \
libffi-dev \
libicu-dev \
libxml2-utils \
locales \
patch \
pkg-config \
rsync \
software-properties-common \
ssh-client \
xz-utils \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
###
# Set the locale
###
#hadolint ignore=DL3059
RUN locale-gen en_US.UTF-8
ENV LANG=en_US.UTF-8
ENV LANGUAGE=en_US:en
ENV LC_ALL=en_US.UTF-8
####
# Install GNU C/C++ and GNU make (everything generally needs this)
####
# hadolint ignore=DL3008
RUN apt-get -q update && apt-get -q install --no-install-recommends -y \
g++ \
gcc \
libc-dev \
make \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
###
# Install golang as part of base so we can do each
# helper utility in parallel. go bins are typically
# statically linked, so this is perfectly safe.
###
# hadolint ignore=DL3008,DL3059
RUN add-apt-repository -y ppa:longsleep/golang-backports \
&& apt-get -q update \
&& apt-get -q install --no-install-recommends -y golang-go \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
############
# Fetch all of the non-conflicting bits in parallel
#############
####
# Install Apache Creadur RAT jar
####
FROM yetusbase AS yetusapacherat
ARG APACHE_RAT_VERSION=0.18
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN mkdir -p /opt/apache-rat \
&& curl -f -s -L -o /tmp/rat.tgz \
"https://archive.apache.org/dist/creadur/apache-rat-$APACHE_RAT_VERSION/apache-rat-$APACHE_RAT_VERSION-bin.tar.gz" \
&& curl -f -s -L -o /tmp/rat.tgz.sha512 \
"https://archive.apache.org/dist/creadur/apache-rat-$APACHE_RAT_VERSION/apache-rat-$APACHE_RAT_VERSION-bin.tar.gz.sha512" \
&& echo "$(cat /tmp/rat.tgz.sha512) /tmp/rat.tgz" > /tmp/rat.tgz.verify \
&& shasum -a 512 -c /tmp/rat.tgz.verify \
&& tar --strip-components 1 -C /opt/apache-rat -xpzf /tmp/rat.tgz \
&& rm /tmp/rat.tgz /tmp/rat.tgz.sha512 /tmp/rat.tgz.verify \
&& mv "/opt/apache-rat/apache-rat-$APACHE_RAT_VERSION.jar" /opt/apache-rat/apache-rat.jar
#####
# Install SpotBugs
#####
FROM yetusbase AS yetusspotbugs
ARG SPOTBUGS_VERSION=4.9.8
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN curl -sSL https://repo.maven.apache.org/maven2/com/github/spotbugs/spotbugs/$SPOTBUGS_VERSION/spotbugs-$SPOTBUGS_VERSION.tgz -o spotbugs.tgz \
&& curl -sSL https://repo.maven.apache.org/maven2/com/github/spotbugs/spotbugs/$SPOTBUGS_VERSION/spotbugs-$SPOTBUGS_VERSION.tgz.sha1 -o spotbugs.tgz.sha1 \
&& echo -n " spotbugs.tgz" >> spotbugs.tgz.sha1 \
&& shasum -c spotbugs.tgz.sha1 \
&& mkdir -p /opt/spotbugs \
&& tar -C /opt/spotbugs --strip-components 1 -xpf spotbugs.tgz \
&& rm spotbugs.tgz spotbugs.tgz.sha1 \
&& chmod a+rx /opt/spotbugs/bin/*
## NOTE: SPOTBUGS_HOME is set below
####
# Install shellcheck (shell script lint)
####
FROM yetusbase AS yetusshellcheck
ARG SHELLCHECK_VERSION=0.10.0
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN curl -sSL \
https://github.com/koalaman/shellcheck/releases/download/v$SHELLCHECK_VERSION/shellcheck-v$SHELLCHECK_VERSION.linux."$(uname -m)".tar.xz \
| tar --strip-components 1 --wildcards -xJf - '*/shellcheck' \
&& chmod a+rx shellcheck \
&& mv shellcheck /bin/shellcheck
####
# Install hadolint (dockerfile lint)
####
FROM yetusbase AS yetushadolint
ARG HADOLINT_VERSION=2.12.0
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN if [[ "$(uname -m)" == "x86_64" ]]; then curl -sSL \
https://github.com/hadolint/hadolint/releases/download/v$HADOLINT_VERSION/hadolint-Linux-x86_64 \
-o /bin/hadolint \
&& chmod a+rx /bin/hadolint; \
elif [[ "$(uname -m)" == "aarch64" ]]; then curl -sSL \
https://github.com/hadolint/hadolint/releases/download/v$HADOLINT_VERSION/hadolint-Linux-arm64 \
-o /bin/hadolint \
&& chmod a+rx /bin/hadolint; \
else \
touch /bin/hadolint; \
fi
####
# Install buf (protobuf lint)
####
FROM yetusbase AS yetusbuf
ARG BUF_VERSION=1.50.0
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN curl -sSL \
https://github.com/bufbuild/buf/releases/download/v$BUF_VERSION/buf-Linux-"$(uname -m)".tar.gz \
-o buf.tar.gz \
&& tar -xzf buf.tar.gz -C /usr/local --strip-components 1 \
&& rm buf.tar.gz
####
# Install bats (TAP-capable unit testing for shell scripts)
####
FROM yetusbase AS yetusbats
ARG BATS_VERSION=1.11.1
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN git clone --branch v$BATS_VERSION \
https://github.com/bats-core/bats-core.git \
/tmp/bats-core \
&& /tmp/bats-core/install.sh /opt/bats \
&& rm -rf /tmp/bats-core
####
# revive (golint on steroids)
####
FROM yetusbase AS yetusrevive
ARG REVIVE_VERSION=1.15.0
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN curl -sSL \
https://github.com/mgechev/revive/releases/download/v$REVIVE_VERSION/revive_"$(go env GOOS)"_"$(go env GOARCH)".tar.gz \
-o revive.tar.gz \
&& tar -xzf revive.tar.gz -C /usr/local/bin revive \
&& rm revive.tar.gz
####
# checkmake (Makefile linter)
#
# requires go 1.15 as of 2021-03-02
#
####
FROM yetusbase AS yetuscheckmake
ARG CHECKMAKE_VERSION=0.2.2
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
ENV BUILDER_NAME='Apache Yetus'
ENV BUILDER_EMAIL='dev@apache.yetus.org'
RUN git clone \
https://github.com/mrtazz/checkmake.git /tmp/checkmake \
&& git -C /tmp/checkmake checkout $CHECKMAKE_VERSION \
&& GOOS=linux CGO_ENABLED=0 make -C /tmp/checkmake binaries \
&& make -C /tmp/checkmake test
####
# golangci-lint (Multi-tool golang linter)
#
# NOTE: go must be installed prior to executing this block!
####
FROM yetusbase AS yetusgolangci
ARG GOLANGCILINT_VERSION=1.64.4
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN curl -sSL \
https://github.com/golangci/golangci-lint/releases/download/v$GOLANGCILINT_VERSION/golangci-lint-$GOLANGCILINT_VERSION-"$(go env GOOS)"-"$(go env GOARCH)".tar.gz \
-o golangcilint.tar.gz \
&& tar -xzf golangcilint.tar.gz -C /usr/local/bin --strip-components 1 \
&& rm golangcilint.tar.gz
########
#
#
# Content that needs to be installed in order due to packages...
#
#
########
FROM yetusbase
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
####
# Install java (first, since we want to dictate what form of Java)
####
####
# OpenJDK 21
# NOTE: This default only works when Apache Yetus is launched
# _in_ the container and not outside of it!
####
# hadolint ignore=DL3008,DL3059
RUN apt-get -q update && apt-get -q install --no-install-recommends -y \
default-jdk-headless \
openjdk-21-jdk-headless \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
ENV JAVA_HOME=/usr/lib/jvm/default-java
ENV SPOTBUGS_HOME=/opt/spotbugs
####
# Install ant
####
# hadolint ignore=DL3008
RUN apt-get -q update && apt-get -q install --no-install-recommends -y ant \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
####
# Install GNU automake and related
####
# hadolint ignore=DL3008,DL3059
RUN apt-get -q update && apt-get -q install --no-install-recommends -y autoconf automake libtool \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
####
# Install cmake
####
# hadolint ignore=DL3008,DL3059
RUN apt-get -q update && apt-get -q install --no-install-recommends -y cmake \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
###
# Install docker
###
# hadolint ignore=DL3008,DL3059
RUN mkdir -p /etc/apt/keyrings \
&& curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu noble stable" \
> /etc/apt/sources.list.d/docker.list \
&& apt-get -q update && apt-get -q install --no-install-recommends -y docker-ce docker-compose-plugin \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
######
# Install maven
######
# hadolint ignore=DL3008,DL3059
ARG MVN_VERSION=3.9.9
ARG MVN_TGZ=apache-maven-$MVN_VERSION-bin.tar.gz
RUN curl -sSL \
-o $MVN_TGZ \
https://archive.apache.org/dist/maven/maven-3/$MVN_VERSION/binaries/$MVN_TGZ \
&& tar xzpf $MVN_TGZ \
&& mkdir -p /opt \
&& mv apache-maven-$MVN_VERSION /opt \
&& ln -s /opt/apache-maven-$MVN_VERSION/bin/mvn /bin \
&& curl -sSL \
-o KEYS \
https://downloads.apache.org/maven/KEYS \
&& gpg --import KEYS \
&& curl -sSL \
-o $MVN_TGZ.asc \
https://archive.apache.org/dist/maven/maven-3/$MVN_VERSION/binaries/$MVN_TGZ.asc \
&& gpg --verify $MVN_TGZ.asc $MVN_TGZ \
&& rm -rf $MVN_TGZ* /root/.gnupg KEYS
######
# Install perl
######
# hadolint ignore=DL3008,DL3059
RUN apt-get -q update && apt-get -q install --no-install-recommends -y \
perl \
libperl-critic-perl \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
######
# Install python3 and pylint3 (historical; most stuff uses "pylint" now)
# astroid and pylint go hand-in-hand. Upgrade both at the same time.
######
#ARG PY3_ANSIBLE_VERSION=7.5.0
ARG PY3_ANSIBLELINT_VERSION=26.3.0
ARG PY3_ASTROID_VERSION=4.0.4
ARG PY3_CODESPELL_VERSION=2.4.2
ARG PY3_DETECT_SECRETS=1.5.0
ARG PY3_PYLINT_VERSION=4.0.5
ARG PY3_YAMLLINT_VERSION=1.38.0
# hadolint ignore=DL3008
RUN apt-get -q update && apt-get -q install --no-install-recommends -y \
python3-full \
python3-pip \
python3-venv \
python3-dev \
python3-dateutil \
python3-dockerpty \
python3-yaml \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& python3 -m venv --copies /usr/local \
&& /usr/local/bin/pip install --no-cache-dir -v \
python-dateutil \
ansible-lint==$PY3_ANSIBLELINT_VERSION \
astroid==$PY3_ASTROID_VERSION \
codespell==$PY3_CODESPELL_VERSION \
detect-secrets==$PY3_DETECT_SECRETS \
pylint==$PY3_PYLINT_VERSION \
yamllint==$PY3_YAMLLINT_VERSION \
&& ln -sf /usr/local/bin/pylint /usr/local/bin/pylint3 \
&& chmod -R a+w /usr/local/lib/python3.12/site-packages /usr/local/bin \
&& rm -rf /root/.cache /root/.config /root/.local
####
# Install ruby and associated bits
###
ARG RUBY_BUNDLER_VERSION=4.0.8
ARG RUBY_RAKE_VERSION=13.2.1
ARG RUBY_RUBOCOP_VERSION=1.86.0
# hadolint ignore=DL3008
RUN echo 'gem: --no-rdoc --no-ri' >> /root/.gemrc \
&& apt-get -q update && apt-get -q install --no-install-recommends -y \
ruby \
ruby-dev \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& gem install bundler -v $RUBY_BUNDLER_VERSION \
&& gem install rake -v $RUBY_RAKE_VERSION \
&& gem install rubocop -v $RUBY_RUBOCOP_VERSION \
&& rm -rf /root/.gem /root/.config /root/.local
# set some reasonable defaults for ruby
# user's can always override these as needed
ENV PATH=${PATH}:/var/tmp/.bundler-gems/bin
ENV BUNDLE_PATH=/var/tmp/.bundler-gems
###
# Install npm and JSHint
###
ARG JSHINT_VERSION=2.13.6
ARG MARKDOWNLINTCLI_VERSION=0.48.0
ARG JSONLINT_VERSION=17.0.1
# hadolint ignore=DL3008
RUN curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key \
| gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
&& echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_24.x nodistro main" \
> /etc/apt/sources.list.d/nodesource.list \
&& apt-get -q update \
&& apt-get -q install --no-install-recommends -y nodejs \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& npm install -g \
jshint@$JSHINT_VERSION \
@prantlf/jsonlint@$JSONLINT_VERSION \
markdownlint-cli@$MARKDOWNLINTCLI_VERSION \
&& rm -rf /root/.npm /root/.config /root/.local
#####
# Now all the stuff that was built in parallel
#####
COPY --from=yetusapacherat /opt/apache-rat /opt/apache-rat
COPY --from=yetusspotbugs /opt/spotbugs /opt/spotbugs
COPY --from=yetusshellcheck /bin/shellcheck /bin/shellcheck
COPY --from=yetushadolint /bin/hadolint /bin/hadolint
COPY --from=yetusbuf /usr/local/bin/buf /usr/local/bin/buf
COPY --from=yetusbats /opt/bats /opt/bats
RUN ln -s /opt/bats/bin/bats /usr/local/bin/bats
COPY --from=yetusrevive /usr/local/bin/revive /usr/local/bin
COPY --from=yetuscheckmake /tmp/checkmake/checkmake /usr/local/bin
COPY --from=yetusgolangci /usr/local/bin/golangci-lint /usr/local/bin
####
# YETUS CUT HERE
# Magic text above! Everything from here on is ignored
# by Yetus, so could include anything not needed
# by your testing environment
###