diff --git a/build/Dockerfile b/build/Dockerfile deleted file mode 100644 index 4da4ae27..00000000 --- a/build/Dockerfile +++ /dev/null @@ -1,71 +0,0 @@ -FROM openjdk:24-bullseye - -ADD puppetserver-8.6.3 /install - -ENV apps_dir=/opt/puppetlabs/server/apps -ENV app_logdir=/var/log/puppetlabs/puppetserver -ENV data_dir=/opt/puppetlabs/server/data -ENV etc_dir=/etc/puppetlabs -ENV rundir=/var/run/puppetlabs/puppetserver -ENV bindir=/opt/puppetlabs/server/apps/puppetserver/bin -ENV symbindir=/opt/puppetlabs/server/bin -ENV uxbindir=/opt/puppetlabs/bin - -RUN cd /install \ -&& install -d -m 0755 "${apps_dir}/puppetserver" \ -&& install -d -m 0770 "${data_dir}/puppetserver" \ -&& install -m 0644 puppet-server-release.jar "${apps_dir}/puppetserver" \ -&& install -m 0774 ext/ezbake-functions.sh "${apps_dir}/puppetserver" \ -&& install -m 0644 ext/ezbake.manifest "${apps_dir}/puppetserver" \ -&& install -d -m 0755 "${etc_dir}/puppetserver/conf.d" \ -&& install -d -m 0755 "${etc_dir}/puppetserver/services.d" \ -&& install -m 0644 ext/config/request-logging.xml "${etc_dir}/puppetserver/request-logging.xml" \ -&& install -m 0644 ext/config/conf.d/puppetserver.conf "${etc_dir}/puppetserver/conf.d/puppetserver.conf" \ -&& install -m 0644 ext/config/logback.xml "${etc_dir}/puppetserver/logback.xml" \ -&& install -m 0644 ext/config/services.d/ca.cfg "${etc_dir}/puppetserver/services.d/ca.cfg" \ -&& install -m 0644 ext/config/conf.d/global.conf "${etc_dir}/puppetserver/conf.d/global.conf" \ -&& install -m 0644 ext/config/conf.d/web-routes.conf "${etc_dir}/puppetserver/conf.d/web-routes.conf" \ -&& install -m 0644 ext/config/conf.d/auth.conf "${etc_dir}/puppetserver/conf.d/auth.conf" \ -&& install -m 0644 ext/config/conf.d/metrics.conf "${etc_dir}/puppetserver/conf.d/metrics.conf" \ -&& install -m 0644 ext/config/conf.d/ca.conf "${etc_dir}/puppetserver/conf.d/ca.conf" \ -&& install -m 0644 ext/config/conf.d/webserver.conf "${etc_dir}/puppetserver/conf.d/webserver.conf" \ -&& install -d -m 0755 "${apps_dir}/puppetserver/cli" \ -&& install -d -m 0755 "${apps_dir}/puppetserver/cli/apps" \ -&& install -d -m 0755 "${bindir}" \ -&& install -d -m 0755 "${symbindir}" \ -&& install -d -m 0755 "${uxbindir}" \ -&& install -m 0755 "ext/bin/puppetserver" "${bindir}/puppetserver" \ -&& ln -s "../apps/puppetserver/bin/puppetserver" "${symbindir}/puppetserver" \ -&& ln -s "../server/apps/puppetserver/bin/puppetserver" "${uxbindir}/puppetserver" \ -&& install -m 0755 ext/cli/foreground "${apps_dir}/puppetserver/cli/apps/foreground" \ -&& install -m 0755 ext/cli/dropsonde "${apps_dir}/puppetserver/cli/apps/dropsonde" \ -&& install -m 0755 ext/cli/ca "${apps_dir}/puppetserver/cli/apps/ca" \ -&& install -m 0755 ext/cli/irb "${apps_dir}/puppetserver/cli/apps/irb" \ -&& install -m 0755 ext/cli/gem "${apps_dir}/puppetserver/cli/apps/gem" \ -&& install -m 0755 ext/cli/reload "${apps_dir}/puppetserver/cli/apps/reload" \ -&& install -m 0755 ext/cli/ruby "${apps_dir}/puppetserver/cli/apps/ruby" \ -&& install -m 0755 ext/cli/stop "${apps_dir}/puppetserver/cli/apps/stop" \ -&& install -m 0755 ext/cli/start "${apps_dir}/puppetserver/cli/apps/start" \ -&& install -m 0644 puppet-server-release.jar "${apps_dir}/puppetserver" \ -&& install -d -m 0700 "${app_logdir}" \ -&& install -d -m 0755 "${rundir}" \ -&& install -d -m 700 "${data_dir}/puppetserver/jars" \ -&& install -d -m 700 "${data_dir}/puppetserver/yaml" - -RUN echo 'alias ll="ls -la --color=auto"' >> ~/.bashrc - -RUN useradd --uid 1001 --home-dir ${data_dir}/puppetserver --shell /usr/sbin/nologin --user-group puppet \ -&& install --owner=puppet --group=puppet -d /opt/puppetlabs/server/data/puppetserver/jruby-gems \ -&& install --directory --owner=puppet --group=puppet --mode=775 /opt/puppetlabs/server/data \ -&& install --directory "${etc_dir}/puppet/ssl" \ -&& install --directory "${etc_dir}/puppetserver/ca" \ -&& chown -R puppet:puppet ${etc_dir}/puppet/ssl \ -&& chown -R puppet:puppet ${etc_dir}/puppetserver/ca \ -&& find /etc/puppetlabs/puppet/ssl -type d -print0 | xargs -0 chmod 770 \ -&& ln -s /usr/local/openjdk-24/bin/java /usr/bin/java -# && /opt/puppetlabs/bin/puppetserver gem install puppet - -EXPOSE 8140 - -# ENTRYPOINT ["/opt/puppetlabs/bin/puppetserver"] -# CMD ["start"] diff --git a/build/build.sh b/build/build.sh deleted file mode 100755 index 9d2c590e..00000000 --- a/build/build.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -pps_version=${1:-8.6.3} -pp_version=${2:-8.9.0} -container_version=${3:-1.0.1} - -if [ -d puppetserver-${pps_version} ]; then - rm -rf puppetserver-${pps_version} -fi - -if [ -d puppet-${pp_version} ]; then - rm -rf puppet-${pp_version} -fi - -if [ ! -f puppetserver-${pps_version}.tar.gz ]; then - curl -v https://downloads.puppet.com/puppet/puppetserver-${pps_version}.tar.gz -o puppetserver-${pps_version}.tar.gz -fi -if [ ! -f puppet-${pp_version}.tar.gz ]; then - curl -v https://downloads.puppet.com/puppet/puppet-${pp_version}.tar.gz -o puppet-${pp_version}.tar.gz -fi - -tar -xf puppetserver-${pps_version}.tar.gz -tar -xf puppet-${pp_version}.tar.gz - -# cp Dockerfile puppetserver-${pps_version}/ -# cd puppetserver-${pps_version} -docker build -t puppetserver:${pps_version}-v${container_version} . diff --git a/puppetserver/Dockerfile.alpine b/puppetserver/Dockerfile.alpine new file mode 100644 index 00000000..814f70bd --- /dev/null +++ b/puppetserver/Dockerfile.alpine @@ -0,0 +1,184 @@ +FROM alpine:3.20 AS build + +ARG VERSION=8.6.3 +ADD https://downloads.puppet.com/puppet/puppetserver-${VERSION}.tar.gz / +RUN tar -xzf /puppetserver-${VERSION}.tar.gz && mv /puppetserver-${VERSION} /install + +ENV apps_dir=/opt/puppetlabs/server/apps +ENV app_logdir=/var/log/puppetlabs +ENV data_dir=/opt/puppetlabs/server/data +ENV etc_dir=/etc/puppetlabs +ENV run_dir=/var/run/puppetlabs +ENV bindir=/opt/puppetlabs/server/apps/puppetserver/bin +ENV symbindir=/opt/puppetlabs/server/bin +ENV uxbindir=/opt/puppetlabs/bin + +RUN apk update && apk upgrade \ +&& apk add --no-cache --update openjdk17-jre-headless \ +&& apk add --no-cache --update bash \ +&& cd /install \ +&& install -d -m 0755 "${apps_dir}/puppetserver" \ +&& install -d -m 0770 "${data_dir}/puppetserver" \ +&& install -m 0644 /install/puppet-server-release.jar "${apps_dir}/puppetserver" \ +&& install -m 0774 /install/ext/ezbake-functions.sh "${apps_dir}/puppetserver" \ +&& install -m 0644 /install/ext/ezbake.manifest "${apps_dir}/puppetserver" \ +&& install -d -m 0755 "${etc_dir}/puppetserver/conf.d" \ +&& install -d -m 0755 "${etc_dir}/puppetserver/services.d" \ +&& install -m 0644 /install/ext/config/request-logging.xml "${etc_dir}/puppetserver/request-logging.xml" \ +&& install -m 0644 /install/ext/config/conf.d/puppetserver.conf "${etc_dir}/puppetserver/conf.d/puppetserver.conf" \ +&& install -m 0644 /install/ext/config/logback.xml "${etc_dir}/puppetserver/logback.xml" \ +&& install -m 0644 /install/ext/config/services.d/ca.cfg "${etc_dir}/puppetserver/services.d/ca.cfg" \ +&& install -m 0644 /install/ext/config/conf.d/global.conf "${etc_dir}/puppetserver/conf.d/global.conf" \ +&& install -m 0644 /install/ext/config/conf.d/web-routes.conf "${etc_dir}/puppetserver/conf.d/web-routes.conf" \ +&& install -m 0644 /install/ext/config/conf.d/auth.conf "${etc_dir}/puppetserver/conf.d/auth.conf" \ +&& install -m 0644 /install/ext/config/conf.d/metrics.conf "${etc_dir}/puppetserver/conf.d/metrics.conf" \ +&& install -m 0644 /install/ext/config/conf.d/ca.conf "${etc_dir}/puppetserver/conf.d/ca.conf" \ +&& install -m 0644 /install/ext/config/conf.d/webserver.conf "${etc_dir}/puppetserver/conf.d/webserver.conf" \ +&& install -d -m 0755 "${apps_dir}/puppetserver/cli" \ +&& install -d -m 0755 "${apps_dir}/puppetserver/cli/apps" \ +&& install -d -m 0755 "${bindir}" \ +&& install -d -m 0755 "${symbindir}" \ +&& install -d -m 0755 "${uxbindir}" \ +&& install -m 0755 "/install/ext/bin/puppetserver" "${bindir}/puppetserver" \ +&& ln -s "../apps/puppetserver/bin/puppetserver" "${symbindir}/puppetserver" \ +&& ln -s "../server/apps/puppetserver/bin/puppetserver" "${uxbindir}/puppetserver" \ +&& install -m 0755 /install/ext/cli/foreground "${apps_dir}/puppetserver/cli/apps/foreground" \ +&& install -m 0755 /install/ext/cli/dropsonde "${apps_dir}/puppetserver/cli/apps/dropsonde" \ +&& install -m 0755 /install/ext/cli/ca "${apps_dir}/puppetserver/cli/apps/ca" \ +&& install -m 0755 /install/ext/cli/irb "${apps_dir}/puppetserver/cli/apps/irb" \ +&& install -m 0755 /install/ext/cli/gem "${apps_dir}/puppetserver/cli/apps/gem" \ +&& install -m 0755 /install/ext/cli/reload "${apps_dir}/puppetserver/cli/apps/reload" \ +&& install -m 0755 /install/ext/cli/ruby "${apps_dir}/puppetserver/cli/apps/ruby" \ +&& install -m 0755 /install/ext/cli/stop "${apps_dir}/puppetserver/cli/apps/stop" \ +&& install -m 0755 /install/ext/cli/start "${apps_dir}/puppetserver/cli/apps/start" \ +&& install -d -m 0700 "${app_logdir}/puppetserver" \ +&& install -d -m 0755 "${run_dir}/puppetserver" \ +&& install -d -m 700 "${data_dir}/puppetserver/jars" \ +&& install -d -m 700 "${data_dir}/puppetserver/yaml" \ +&& install -d /opt/puppetlabs/server/data/puppetserver/jruby-gems \ +&& install -d -m=775 /opt/puppetlabs/server/data \ +&& install -d "${etc_dir}/puppet/ssl" \ +&& install -d "${etc_dir}/puppetserver/ca" \ +&& bash /install/ext/build-scripts/install-vendored-gems.sh + +################################################################################ + +FROM alpine:3.20 AS final + +ARG vcs_ref +ARG build_date + +LABEL \ + org.label-schema.build-date="$build_date" \ + org.label-schema.dockerfile="/Dockerfile" \ + org.label-schema.license="Apache-2.0" \ + org.label-schema.maintainer="Voxpupuli Team " \ + org.label-schema.schema-version="1.0" \ + org.label-schema.url="https://github.com/voxpupuli/container-puppetserver" \ + org.label-schema.vcs-ref="$vcs_ref" \ + org.label-schema.vcs-url="https://github.com/voxpupuli/container-puppetserver" \ + org.label-schema.vendor="Voxpupuli" + +ENV PUPPETSERVER_JAVA_ARGS="-Xms1024m -Xmx1024m" \ + JAVA_ARGS=${PUPPETSERVER_JAVA_ARGS} \ + PATH=$PATH:/opt/puppetlabs/server/bin:/opt/puppetlabs/puppet/bin:/opt/puppetlabs/bin \ + SSLDIR=/etc/puppetlabs/puppet/ssl \ + LOGDIR=/var/log/puppetlabs/puppetserver \ + PUPPETSERVER_HOSTNAME="" \ + CERTNAME="" \ + DNS_ALT_NAMES="" \ + PUPPETSERVER_PORT=8140 \ + AUTOSIGN=true \ + PUPPETSERVER_MAX_ACTIVE_INSTANCES=1 \ + PUPPETSERVER_MAX_REQUESTS_PER_INSTANCE=0 \ + CA_ENABLED=true \ + CA_HOSTNAME=puppet \ + CA_PORT=8140 \ + CA_ALLOW_SUBJECT_ALT_NAMES=false \ + INTERMEDIATE_CA=false \ + INTERMEDIATE_CA_BUNDLE=/etc/puppetlabs/intermediate/ca.pem \ + INTERMEDIATE_CRL_CHAIN=/etc/puppetlabs/intermediate/crl.pem \ + INTERMEDIATE_CA_KEY=/etc/puppetlabs/intermediate/key.pem \ + USE_PUPPETDB=false \ + PUPPETDB_SERVER_URLS=https://puppetdb:8081 \ + PUPPET_STORECONFIGS_BACKEND="puppetdb" \ + PUPPET_STORECONFIGS=true \ + PUPPET_REPORTS="puppetdb" \ + PUPPETSERVER_GRAPHITE_EXPORTER_ENABLED=false \ + PUPPETSERVER_GRAPHITE_PORT=9109 \ + PUPPETSERVER_GRAPHITE_HOST=exporter \ + PUPPETSERVER_ENVIRONMENT_TIMEOUT=unlimited \ + PUPPETSERVER_ENABLE_ENV_CACHE_DEL_API=true \ + ENVIRONMENTPATH=/etc/puppetlabs/code/environments \ + HIERACONFIG='$confdir/hiera.yaml' \ + CSR_ATTRIBUTES='{}' + +ENV apps_dir=/opt/puppetlabs/server/apps \ + app_logdir=/var/log/puppetlabs \ + data_dir=/opt/puppetlabs/server/data \ + etc_dir=/etc/puppetlabs \ + run_dir=/var/run/puppetlabs \ + bindir=/opt/puppetlabs/server/apps/puppetserver/bin \ + symbindir=/opt/puppetlabs/server/bin \ + uxbindir=/opt/puppetlabs/bin + +# old /etc/default/puppetserver +# how where do i put this in the new world? 🤔 +# +# ENV \ +# USER="puppet" \ +# GROUP="puppet" \ +# INSTALL_DIR="/opt/puppetlabs/server/apps/puppetserver" \ +# CONFIG="/etc/puppetlabs/puppetserver/conf.d" \ +# BOOTSTRAP_CONFIG="/etc/puppetlabs/puppetserver/services.d/,/opt/puppetlabs/server/apps/puppetserver/config/services.d/" \ +# SERVICE_STOP_RETRIES=60 + +COPY --from=build /opt/puppetlabs /opt/puppetlabs +COPY --from=build /etc/puppetlabs /etc/puppetlabs +COPY --from=build /var/log/puppetlabs /var/log/puppetlabs +COPY --from=build /var/run/puppetlabs /var/run/puppetlabs + +COPY docker-entrypoint.sh / +COPY healthcheck.sh / +COPY docker-entrypoint.d /docker-entrypoint.d +COPY metrics.conf.tmpl /metrics.conf.tmpl +COPY add_cache_del_api_auth_rules.rb /add_cache_del_api_auth_rules.rb +COPY logback.xml /etc/puppetlabs/puppetserver/ +COPY request-logging.xml /etc/puppetlabs/puppetserver/ +COPY conf.d/puppetserver.conf /etc/puppetlabs/puppetserver/conf.d/ +COPY conf.d/product.conf /etc/puppetlabs/puppetserver/conf.d/ +COPY puppetdb.conf /var/tmp/puppet/ +COPY Dockerfile / + +RUN apk update && apk upgrade \ +&& apk add --no-cache --update openjdk17-jre-headless \ +&& apk add --no-cache --update bash \ +&& apk add --no-cache --update dumb-init \ +&& apk add --no-cache --update openssh-client \ +&& apk add --no-cache --update libssh2 \ +&& addgroup -g 1001 puppet \ +&& adduser -G puppet -u 1001 -h ${data_dir}/puppetserver -H -D -s /sbin/nologin puppet \ +&& chown -R puppet:puppet ${etc_dir}/puppet/ssl \ +&& chown -R puppet:puppet ${etc_dir}/puppetserver/ca \ +&& chown -R puppet:puppet ${app_logdir}/puppetserver \ +&& chown -R puppet:puppet ${run_dir}/puppetserver \ +&& chown -R puppet:puppet ${data_dir}/puppetserver \ +&& chmod 700 ${app_logdir}/puppetserver \ +&& chmod 770 ${data_dir}/puppetserver \ +&& chmod 750 ${etc_dir}/puppetserver \ +&& chmod 700 ${data_dir}/puppetserver/jars \ +&& chmod 700 ${data_dir}/puppetserver/yaml \ +&& find /etc/puppetlabs/puppet/ssl -type d -print0 | xargs -0 chmod 770 \ +&& echo 'alias ll="ls -la --color=auto"' >> ~/.bashrc \ +&& chmod +x /docker-entrypoint.sh /healthcheck.sh /docker-entrypoint.d/*.sh + +# gem install --no-doc r10k -v $R10K_VERSION && \ +# gem install --no-doc rugged -v $RUGGED_VERSION -- --with-ssh && \ + +# k8s uses livenessProbe, startupProbe, readinessProbe and ignores HEALTHCHECK +HEALTHCHECK --interval=20s --timeout=15s --retries=12 --start-period=3m CMD ["/healthcheck.sh"] + +EXPOSE 8140 + +ENTRYPOINT ["dumb-init", "/docker-entrypoint.sh"] +CMD ["foreground"]