From c92df89cb7a983b5b9b9a015cfe8118396d75c05 Mon Sep 17 00:00:00 2001 From: The Oh Brothers Bot Date: Thu, 21 Nov 2024 01:01:01 +0000 Subject: [PATCH] Enhancement: Bump kubectl 1.30 variants to 1.30.7 Signed-off-by: The Oh Brothers Bot --- .github/workflows/ci-master-pr.yml | 72 +++++++++---------- README.md | 4 +- generate/definitions/versions.json | 2 +- .../Dockerfile | 60 ++++++++++++++++ .../docker-entrypoint.sh | 10 +++ variants/1.30.7/Dockerfile | 20 ++++++ variants/1.30.7/docker-entrypoint.sh | 10 +++ 7 files changed, 139 insertions(+), 39 deletions(-) create mode 100644 variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq/Dockerfile create mode 100644 variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq/docker-entrypoint.sh create mode 100644 variants/1.30.7/Dockerfile create mode 100644 variants/1.30.7/docker-entrypoint.sh diff --git a/.github/workflows/ci-master-pr.yml b/.github/workflows/ci-master-pr.yml index 48a9039..d60a6df 100644 --- a/.github/workflows/ci-master-pr.yml +++ b/.github/workflows/ci-master-pr.yml @@ -220,7 +220,7 @@ jobs: rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - build-1-30-6: + build-1-30-7: runs-on: ubuntu-latest steps: - name: Checkout @@ -251,9 +251,9 @@ jobs: uses: actions/cache@v4 with: path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-1.30.6-${{ github.sha }} + key: ${{ runner.os }}-buildx-1.30.7-${{ github.sha }} restore-keys: | - ${{ runner.os }}-buildx-1.30.6- + ${{ runner.os }}-buildx-1.30.7- ${{ runner.os }}-buildx- - name: Login to Docker Hub registry @@ -266,7 +266,7 @@ jobs: # This step generates the docker tags - name: Prepare - id: prep-1-30-6 + id: prep-1-30-7 run: | set -e @@ -279,7 +279,7 @@ jobs: # Generate docker image tags # E.g. 'v0.0.0-' and 'v0.0.0-abc0123-' # E.g. 'master-' and 'master-abc0123-' - VARIANT="1.30.6" + VARIANT="1.30.7" REF_VARIANT="${REF}-${VARIANT}" REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}" @@ -289,51 +289,51 @@ jobs: echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_OUTPUT echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_OUTPUT - - name: 1.30.6 - Build (PRs) + - name: 1.30.7 - Build (PRs) # Run only on pull requests if: github.event_name == 'pull_request' uses: docker/build-push-action@v5 with: - context: variants/1.30.6 + context: variants/1.30.7 platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x push: false tags: | - ${{ github.repository }}:${{ steps.prep-1-30-6.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-30-6.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - name: 1.30.6 - Build and push (master) + - name: 1.30.7 - Build and push (master) # Run only on master if: github.ref == 'refs/heads/master' uses: docker/build-push-action@v5 with: - context: variants/1.30.6 + context: variants/1.30.7 platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x push: true tags: | - ${{ github.repository }}:${{ steps.prep-1-30-6.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-30-6.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - name: 1.30.6 - Build and push (release) + - name: 1.30.7 - Build and push (release) if: startsWith(github.ref, 'refs/tags/') uses: docker/build-push-action@v5 with: - context: variants/1.30.6 + context: variants/1.30.7 platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x push: true tags: | - ${{ github.repository }}:${{ steps.prep-1-30-6.outputs.VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-30-6.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-30-6.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7.outputs.VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max # This step generates the docker tags - name: Prepare - id: prep-1-30-6-envsubst-git-jq-kustomize-sops-ssh-yq + id: prep-1-30-7-envsubst-git-jq-kustomize-sops-ssh-yq run: | set -e @@ -346,7 +346,7 @@ jobs: # Generate docker image tags # E.g. 'v0.0.0-' and 'v0.0.0-abc0123-' # E.g. 'master-' and 'master-abc0123-' - VARIANT="1.30.6-envsubst-git-jq-kustomize-sops-ssh-yq" + VARIANT="1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq" REF_VARIANT="${REF}-${VARIANT}" REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}" @@ -356,45 +356,45 @@ jobs: echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_OUTPUT echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_OUTPUT - - name: 1.30.6-envsubst-git-jq-kustomize-sops-ssh-yq - Build (PRs) + - name: 1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq - Build (PRs) # Run only on pull requests if: github.event_name == 'pull_request' uses: docker/build-push-action@v5 with: - context: variants/1.30.6-envsubst-git-jq-kustomize-sops-ssh-yq + context: variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x push: false tags: | - ${{ github.repository }}:${{ steps.prep-1-30-6-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-30-6-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - name: 1.30.6-envsubst-git-jq-kustomize-sops-ssh-yq - Build and push (master) + - name: 1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq - Build and push (master) # Run only on master if: github.ref == 'refs/heads/master' uses: docker/build-push-action@v5 with: - context: variants/1.30.6-envsubst-git-jq-kustomize-sops-ssh-yq + context: variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x push: true tags: | - ${{ github.repository }}:${{ steps.prep-1-30-6-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-30-6-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - name: 1.30.6-envsubst-git-jq-kustomize-sops-ssh-yq - Build and push (release) + - name: 1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq - Build and push (release) if: startsWith(github.ref, 'refs/tags/') uses: docker/build-push-action@v5 with: - context: variants/1.30.6-envsubst-git-jq-kustomize-sops-ssh-yq + context: variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x push: true tags: | - ${{ github.repository }}:${{ steps.prep-1-30-6-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-30-6-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_VARIANT }} - ${{ github.repository }}:${{ steps.prep-1-30-6-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_SHA_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_VARIANT }} + ${{ github.repository }}:${{ steps.prep-1-30-7-envsubst-git-jq-kustomize-sops-ssh-yq.outputs.REF_SHA_VARIANT }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max @@ -3385,7 +3385,7 @@ jobs: update-draft-release: needs: - build-1-31-2 - - build-1-30-6 + - build-1-30-7 - build-1-29-10 - build-1-28-15 - build-1-27-16 @@ -3416,7 +3416,7 @@ jobs: publish-draft-release: needs: - build-1-31-2 - - build-1-30-6 + - build-1-30-7 - build-1-29-10 - build-1-28-15 - build-1-27-16 @@ -3449,7 +3449,7 @@ jobs: update-dockerhub-description: needs: - build-1-31-2 - - build-1-30-6 + - build-1-30-7 - build-1-29-10 - build-1-28-15 - build-1-27-16 diff --git a/README.md b/README.md index 046918a..83a7de1 100644 --- a/README.md +++ b/README.md @@ -12,8 +12,8 @@ Dockerized `kubectl` with useful tools. |:-------:|:---------:| | `:1.31.2`, `:latest` | [View](variants/1.31.2) | | `:1.31.2-envsubst-git-jq-kustomize-sops-ssh-yq` | [View](variants/1.31.2-envsubst-git-jq-kustomize-sops-ssh-yq) | -| `:1.30.6` | [View](variants/1.30.6) | -| `:1.30.6-envsubst-git-jq-kustomize-sops-ssh-yq` | [View](variants/1.30.6-envsubst-git-jq-kustomize-sops-ssh-yq) | +| `:1.30.7` | [View](variants/1.30.7) | +| `:1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq` | [View](variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq) | | `:1.29.10` | [View](variants/1.29.10) | | `:1.29.10-envsubst-git-jq-kustomize-sops-ssh-yq` | [View](variants/1.29.10-envsubst-git-jq-kustomize-sops-ssh-yq) | | `:1.28.15` | [View](variants/1.28.15) | diff --git a/generate/definitions/versions.json b/generate/definitions/versions.json index d07aae4..1a5aa21 100644 --- a/generate/definitions/versions.json +++ b/generate/definitions/versions.json @@ -2,7 +2,7 @@ "kubectl": { "versions": [ "1.31.2", - "1.30.6", + "1.30.7", "1.29.10", "1.28.15", "1.27.16", diff --git a/variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq/Dockerfile b/variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq/Dockerfile new file mode 100644 index 0000000..5be7d7c --- /dev/null +++ b/variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq/Dockerfile @@ -0,0 +1,60 @@ +FROM alpine:3.15 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" + +RUN apk add --no-cache ca-certificates + +# When $TARGETPLATFORM is linux/arm/v7, strip out the '/v6' or '/v7' from it +RUN set -eux; \ + BIN_URL=https://dl.k8s.io/release/v1.30.7/bin/$( echo $TARGETPLATFORM | sed 's@/v[67]$@@' )/kubectl; \ + SHA512=$( wget -qO- "$BIN_URL.sha512" ); \ + wget -qO- "$BIN_URL" > /usr/local/bin/kubectl; \ + chmod +x /usr/local/bin/kubectl; \ + sha512sum /usr/local/bin/kubectl | grep "^$SHA512 "; \ + kubectl version --client + +# From: https://github.com/nginxinc/docker-nginx/blob/1.17.0/stable/alpine/Dockerfile +# Bring in gettext so we can get `envsubst`, then throw +# the rest away. To do this, we need to install `gettext` +# then move `envsubst` out of the way so `gettext` can +# be deleted completely, then move `envsubst` back. +RUN apk add --no-cache --virtual .gettext gettext \ + && mv /usr/bin/envsubst /tmp/ \ + \ + && runDeps="$( \ + scanelf --needed --nobanner /tmp/envsubst \ + | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' \ + | sort -u \ + | xargs -r apk info --installed \ + | sort -u \ + )" \ + && apk add --no-cache $runDeps \ + && apk del .gettext \ + && mv /tmp/envsubst /usr/local/bin/ + +RUN apk add --no-cache git + +RUN apk add --no-cache jq + +RUN apk add --no-cache curl \ + && curl -L https://github.com/kubernetes-sigs/kustomize/releases/download/v2.0.3/kustomize_2.0.3_linux_amd64 -o /usr/local/bin/kustomize \ + && chmod +x /usr/local/bin/kustomize \ + && apk del curl + +RUN set -eux; \ + wget -qO- https://github.com/mozilla/sops/releases/download/v3.7.3/sops-v3.7.3.linux > /usr/local/bin/sops; \ + chmod +x /usr/local/bin/sops; \ + sha256sum /usr/local/bin/sops | grep '^53aec65e45f62a769ff24b7e5384f0c82d62668dd96ed56685f649da114b4dbb '; \ + sops --version + +RUN apk add --no-cache gnupg + +RUN apk add --no-cache openssh-client + +RUN apk add --no-cache yq + +COPY docker-entrypoint.sh /docker-entrypoint.sh +RUN chmod +x /docker-entrypoint.sh + +ENTRYPOINT [ "/docker-entrypoint.sh" ] diff --git a/variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq/docker-entrypoint.sh b/variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq/docker-entrypoint.sh new file mode 100644 index 0000000..2cbc6d4 --- /dev/null +++ b/variants/1.30.7-envsubst-git-jq-kustomize-sops-ssh-yq/docker-entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/sh +set -eu + +if [ $# -gt 0 ] && [ "${1#-}" != "$1" ]; then + set -- kubectl "$@" +elif [ $# -gt 0 ] && kubectl "$1" --help > /dev/null 2>&1; then + set -- kubectl "$@" +fi + +exec "$@" \ No newline at end of file diff --git a/variants/1.30.7/Dockerfile b/variants/1.30.7/Dockerfile new file mode 100644 index 0000000..2ba1458 --- /dev/null +++ b/variants/1.30.7/Dockerfile @@ -0,0 +1,20 @@ +FROM alpine:3.15 +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" + +RUN apk add --no-cache ca-certificates + +# When $TARGETPLATFORM is linux/arm/v7, strip out the '/v6' or '/v7' from it +RUN set -eux; \ + BIN_URL=https://dl.k8s.io/release/v1.30.7/bin/$( echo $TARGETPLATFORM | sed 's@/v[67]$@@' )/kubectl; \ + SHA512=$( wget -qO- "$BIN_URL.sha512" ); \ + wget -qO- "$BIN_URL" > /usr/local/bin/kubectl; \ + chmod +x /usr/local/bin/kubectl; \ + sha512sum /usr/local/bin/kubectl | grep "^$SHA512 "; \ + kubectl version --client + +COPY docker-entrypoint.sh /docker-entrypoint.sh +RUN chmod +x /docker-entrypoint.sh + +ENTRYPOINT [ "/docker-entrypoint.sh" ] diff --git a/variants/1.30.7/docker-entrypoint.sh b/variants/1.30.7/docker-entrypoint.sh new file mode 100644 index 0000000..2cbc6d4 --- /dev/null +++ b/variants/1.30.7/docker-entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/sh +set -eu + +if [ $# -gt 0 ] && [ "${1#-}" != "$1" ]; then + set -- kubectl "$@" +elif [ $# -gt 0 ] && kubectl "$1" --help > /dev/null 2>&1; then + set -- kubectl "$@" +fi + +exec "$@" \ No newline at end of file