From 031fc2d5a2b60d02ca96a3289c97623f99e13792 Mon Sep 17 00:00:00 2001 From: Rich Braun Date: Thu, 6 Nov 2025 13:00:06 -0800 Subject: [PATCH 1/3] SYS-664 fix mariadb makefile --- images/mariadb-galera/Makefile | 88 +++++++++++++++++++++++++++++----- 1 file changed, 77 insertions(+), 11 deletions(-) diff --git a/images/mariadb-galera/Makefile b/images/mariadb-galera/Makefile index 5fd9089a..f6b923a6 100644 --- a/images/mariadb-galera/Makefile +++ b/images/mariadb-galera/Makefile @@ -1,18 +1,74 @@ -# Standard Makefile for python application -# created by rbraun @ splunk 7-Apr-2017 +# Standard Makefile for Docker image +# created by richb@instantlinux.net 20-Apr-2017 -SRC ?= src -VENV ?= python_env -VDIR ?= $(PWD)/$(VENV) +BUILDX = https://github.com/docker/buildx/releases/download/v0.4.1/buildx-v0.4.1.linux-amd64 +PLATFORMS ?= linux/amd64 +PUSH ?= --push +USER_LOGIN ?= instantlinux +VENV = python_env +VDIR = $(PWD)/$(VENV) + +export IMAGE_NAME = $(REGISTRY)/$(IMAGE):$(TAG) +export DOCKER_REPO = $(USER_LOGIN)/$(IMAGE) + +ifneq ($(CI_COMMIT_TAG),) + TAG_OPT = --tag $(USER_LOGIN)$(IMAGE):$(CI_COMMIT_TAG) +endif + +# Exceptions +ifeq ($(IMAGE),data-sync) + PLATFORMS = linux/amd64,linux/aarch64 +endif +ifeq ($(IMAGE),mariadb-galera) + PLATFORMS = linux/amd64 +endif +ifeq ($(IMAGE),mythtv-backend) + PLATFORMS = linux/amd64 +endif +ifeq ($(IMAGE),nagiosql) + PLATFORMS = linux/amd64,linux/arm64,linux/arm/v7 +endif +ifeq ($(IMAGE),postfix-python) + # qemu bombs out with cpu_exec assertion since Dec 2023 on arm/v7 + PLATFORMS = linux/amd64,linux/aarch64,linux/arm64 +endif +ifeq ($(IMAGE),$(filter $(IMAGE),python-builder python-wsgi)) + # helm package on arm/v6 isn't supported as of Aug 2021 + # others had issues with pipenv hashes Jul 2023 + PLATFORMS = linux/amd64,linux/arm64 +endif +ifeq ($(IMAGE),spamassassin) + PLATFORMS = linux/amd64,linux/arm64 +endif analysis: flake8 - @echo "Running static analysis" + @echo "Running static analysis" test: pytest test_functional: @echo "Running functional verification of running image" - @echo "--TODO not yet implemented--" + +create_image: $(HOME)/.docker/cli-plugins/docker-buildx + docker buildx build --tag $(REGISTRY)/$(IMAGE):$(TAG) --platform $(PLATFORMS) \ + $(PUSH) --file Dockerfile . \ + --build-arg=VCS_REF=$(CI_COMMIT_SHA) \ + --build-arg=BUILD_DATE=$(shell date +%Y-%m-%dT%H:%M:%SZ) + +promote_image: $(HOME)/.docker/cli-plugins/docker-buildx + # Log into dockerhub + docker login -u $(USER_LOGIN) -p $(DOCKER_TOKEN) + docker buildx build $(TAG_OPT) \ + `[ -e hooks/add_tags ] && hooks/add_tags` \ + --tag $(USER_LOGIN)/$(IMAGE):latest --platform $(PLATFORMS) \ + --push --file Dockerfile . \ + --build-arg=VCS_REF=$(CI_COMMIT_SHA) \ + --build-arg=BUILD_DATE=$(shell date +%Y-%m-%dT%H:%M:%SZ) + -if [ -x hooks/post_build ]; then sh hooks/post_build; fi + + # TODO update dockerhub README if/when that is supported, + # see https://github.com/docker/hub-feedback/issues/1927 + # and https://github.com/docker/hub-feedback/issues/2127 flake8: test_requirements @echo "Running flake8 code analysis" @@ -22,12 +78,22 @@ python_env: $(VDIR)/bin/python test_requirements: python_env @echo "Installing test requirements" - (. $(VDIR)/bin/activate && \ - pip install -r requirements/test.txt -r requirements/common.txt) + (if [ -f requirements/test.txt ]; then \ + . $(VDIR)/bin/activate && \ + pip install -r requirements/test.txt -r requirements/common.txt; \ + fi) $(VDIR)/bin/python: @echo "Creating virtual environment" - python3 -m venv --system-site-packages $(VDIR) + virtualenv --system-site-packages $(VENV) + +$(HOME)/.docker/cli-plugins/docker-buildx: + mkdir -p $(HOME)/.docker/cli-plugins/ + wget -O $(HOME)/.docker/cli-plugins/docker-buildx $(BUILDX) + chmod +x $(HOME)/.docker/cli-plugins/docker-buildx + docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + docker buildx create --name multibuild + docker buildx use multibuild pytest: test_requirements @echo "Running pytest unit tests" @@ -43,7 +109,7 @@ pytest: test_requirements clean: @echo "Cleaning out generated files" - @rm -rf ./$(SRC)/{.coverage,htmlcov,coverage.xml} + @rm -rf ./app/{.coverage,htmlcov,coverage.xml} @find . -name \*.pyc -exec rm {} \; @find . -name \*.log -exec rm {} \; @find . -name \*~ -exec rm {} \; From d440a243a9d908cf8be77331e69fc38fcb06cbd8 Mon Sep 17 00:00:00 2001 From: Rich Braun Date: Thu, 6 Nov 2025 14:00:23 -0800 Subject: [PATCH 2/3] SYS-664 mariadb wip --- images/haproxy-keepalived/Dockerfile | 2 +- images/haproxy-keepalived/helm/Chart.yaml | 4 ++-- images/mariadb-galera/Dockerfile | 2 ++ images/mysqldump/Dockerfile | 2 +- images/mysqldump/helm/Chart.yaml | 4 ++-- images/postfix/Dockerfile | 2 +- 6 files changed, 9 insertions(+), 7 deletions(-) diff --git a/images/haproxy-keepalived/Dockerfile b/images/haproxy-keepalived/Dockerfile index 9912e98e..ad3ff2fe 100644 --- a/images/haproxy-keepalived/Dockerfile +++ b/images/haproxy-keepalived/Dockerfile @@ -1,4 +1,4 @@ -FROM haproxy:3.2.4-alpine +FROM haproxy:3.2.7-alpine ARG BUILD_DATE ARG VCS_REF LABEL org.opencontainers.image.authors="Rich Braun docker@instantlinux.net" \ diff --git a/images/haproxy-keepalived/helm/Chart.yaml b/images/haproxy-keepalived/helm/Chart.yaml index 91e1a10a..282310a9 100644 --- a/images/haproxy-keepalived/helm/Chart.yaml +++ b/images/haproxy-keepalived/helm/Chart.yaml @@ -7,8 +7,8 @@ sources: - https://github.com/haproxy/haproxy - https://github.com/acassen/keepalived type: application -version: 0.1.19 -appVersion: "3.2.4-alpine-2.3.1-r0" +version: 0.1.20 +appVersion: "3.2.7-alpine-2.3.1-r0" dependencies: - name: chartlib version: 0.1.8 diff --git a/images/mariadb-galera/Dockerfile b/images/mariadb-galera/Dockerfile index 8ff74cca..255bd918 100644 --- a/images/mariadb-galera/Dockerfile +++ b/images/mariadb-galera/Dockerfile @@ -28,6 +28,8 @@ RUN groupmod -g $GID mysql && \ /var/lib/apt/lists /var/cache/debconf/*old /root/.cache RUN pip install -r /root/common.txt --break-system-packages && \ echo "dash dash/sh boolean false" | debconf-set-selections && \ + # 'gosu' in MariaDB official image is incompatible with trivy scanner + rm /usr/local/bin/gosu && \ dpkg-reconfigure dash || true EXPOSE 3306 4444 4567/udp 4567 4568 diff --git a/images/mysqldump/Dockerfile b/images/mysqldump/Dockerfile index 0b5378c9..b0217d1b 100644 --- a/images/mysqldump/Dockerfile +++ b/images/mysqldump/Dockerfile @@ -18,7 +18,7 @@ ENV HOUR=3 MINUTE=30 \ TZ=UTC ARG UID=210 ARG BACKUP_GID=34 -ARG CLIENT_VERSION=11.4.5-r2 +ARG CLIENT_VERSION=11.4.8-r0 RUN RMGROUP=$(grep :$BACKUP_GID: /etc/group | cut -d: -f 1) && \ [ -z "$RMGROUP" ] || delgroup $RMGROUP && \ diff --git a/images/mysqldump/helm/Chart.yaml b/images/mysqldump/helm/Chart.yaml index 7fd90102..e3cfbece 100644 --- a/images/mysqldump/helm/Chart.yaml +++ b/images/mysqldump/helm/Chart.yaml @@ -6,8 +6,8 @@ sources: - https://github.com/instantlinux/docker-tools - https://github.com/mariadb/server/tree/10.5/client type: application -version: 0.1.13 -appVersion: "11.4.5-r2" +version: 0.1.14 +appVersion: "11.4.8-r0" dependencies: - name: chartlib version: 0.1.8 diff --git a/images/postfix/Dockerfile b/images/postfix/Dockerfile index 9d15f447..3232e8a8 100644 --- a/images/postfix/Dockerfile +++ b/images/postfix/Dockerfile @@ -7,7 +7,7 @@ LABEL org.opencontainers.image.authors="Rich Braun docker@instantlinux.net" \ org.label-schema.name=postfix \ org.label-schema.vcs-ref=$VCS_REF \ org.label-schema.vcs-url=https://github.com/instantlinux/docker-tools -ARG POSTFIX_VERSION=3.10.4-r0 +ARG POSTFIX_VERSION=3.10.5-r0 ENV SASL_SECRETNAME=postfix-sasl-passwd \ TZ=UTC From 3231b73c98d67d4ec25dbd15c1396f2e5a94656b Mon Sep 17 00:00:00 2001 From: Rich Braun Date: Thu, 6 Nov 2025 14:12:25 -0800 Subject: [PATCH 3/3] SYS-664 mariadb wip --- .gitlab-ci.yml | 20 -------------------- .image-gitlab-ci.yml | 2 +- images/postfix-python/Dockerfile | 2 +- images/postfix-python/helm/Chart.yaml | 4 ++-- 4 files changed, 4 insertions(+), 24 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 04145065..1e5462af 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -22,8 +22,6 @@ stages: - postfix - postfix-python - proftpd - - python-builder - - python-wsgi - rsyslogd - samba - samba-dc @@ -239,24 +237,6 @@ proftpd: only: changes: [ images/proftpd/**, lib/**, .image-gitlab-ci.yml ] -python-builder: - stage: python-builder - trigger: - include: - - artifact: .child-python-builder.yml - job: prepare - only: - changes: [ images/python-builder/**, lib/**, .image-gitlab-ci.yml ] - -python-wsgi: - stage: python-wsgi - trigger: - include: - - artifact: .child-python-wsgi.yml - job: prepare - only: - changes: [ images/python-wsgi/**, lib/**, .image-gitlab-ci.yml ] - rsyslogd: stage: rsyslogd trigger: diff --git a/.image-gitlab-ci.yml b/.image-gitlab-ci.yml index 2534f339..24d32e83 100644 --- a/.image-gitlab-ci.yml +++ b/.image-gitlab-ci.yml @@ -4,7 +4,7 @@ variables: IMAGE: {{ IMAGE }} PLATFORMS: linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7 REGISTRY: $REGISTRY_URI/$CI_PROJECT_PATH - TRIVY_VERSION: 0.54.1 + TRIVY_VERSION: 0.67.2 stages: - Static Code Analysis diff --git a/images/postfix-python/Dockerfile b/images/postfix-python/Dockerfile index 53c64fe7..2955a726 100644 --- a/images/postfix-python/Dockerfile +++ b/images/postfix-python/Dockerfile @@ -1,4 +1,4 @@ -ARG POSTFIX_VERSION=3.10.4-r0 +ARG POSTFIX_VERSION=3.10.5-r0 FROM instantlinux/postfix:$POSTFIX_VERSION ARG BUILD_DATE diff --git a/images/postfix-python/helm/Chart.yaml b/images/postfix-python/helm/Chart.yaml index bd86ca37..1c40d007 100644 --- a/images/postfix-python/helm/Chart.yaml +++ b/images/postfix-python/helm/Chart.yaml @@ -6,8 +6,8 @@ sources: - https://github.com/instantlinux/docker-tools - https://github.com/vdukhovni/postfix type: application -version: 0.1.18 -appVersion: "3.10.4-r0" +version: 0.1.19 +appVersion: "3.10.5-r0" dependencies: - name: chartlib version: 0.1.8