k8s.io/test-infra@v0.0.0-20240520184403-27c6b4c223d8/images/kubekins-e2e-v2/Dockerfile (about) 1 # Copyright 2024 The Kubernetes Authors. 2 # 3 # Licensed under the Apache License, Version 2.0 (the "License"); 4 # you may not use this file except in compliance with the License. 5 # You may obtain a copy of the License at 6 # 7 # http://www.apache.org/licenses/LICENSE-2.0 8 # 9 # Unless required by applicable law or agreed to in writing, software 10 # distributed under the License is distributed on an "AS IS" BASIS, 11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 # See the License for the specific language governing permissions and 13 # limitations under the License. 14 15 # Includes basic workspace setup, with gcloud and a bootstrap runner 16 17 FROM debian:bookworm 18 ARG TARGETARCH 19 20 WORKDIR /workspace 21 RUN mkdir -p /workspace 22 ENV WORKSPACE=/workspace \ 23 TERM=xterm 24 25 # add env we can debug with the image name:tag 26 ARG IMAGE_ARG 27 ENV IMAGE=${IMAGE_ARG} \ 28 GOPATH=/go \ 29 PATH=/go/bin:/usr/local/go/bin:/google-cloud-sdk/bin:${PATH} \ 30 CLOUDSDK_CORE_DISABLE_PROMPTS=1 31 32 # common util tools 33 RUN apt-get update && apt-get install -y --no-install-recommends \ 34 build-essential \ 35 ca-certificates \ 36 curl \ 37 file \ 38 git \ 39 iproute2 \ 40 iputils-ping \ 41 jq \ 42 kmod \ 43 mercurial \ 44 openssh-client \ 45 pkg-config \ 46 procps \ 47 python3 \ 48 python3-distutils \ 49 python3-gflags \ 50 python3-pip \ 51 python3-venv \ 52 python3-yaml \ 53 rsync \ 54 unzip \ 55 wget \ 56 xz-utils \ 57 zip \ 58 zlib1g-dev \ 59 graphviz \ 60 bc \ 61 && rm -rf /var/lib/apt/lists/* \ 62 && python3 -m pip install --no-cache-dir --break-system-packages --upgrade pip setuptools wheel 63 64 # Install gcloud 65 ARG GCLOUD_SDK_URL=https://dl.google.com/dl/cloudsdk/channels/rapid/google-cloud-sdk.tar.gz 66 RUN wget -O google-cloud-sdk.tar.gz -q $GCLOUD_SDK_URL && \ 67 tar xzf google-cloud-sdk.tar.gz -C / && \ 68 rm google-cloud-sdk.tar.gz && \ 69 /google-cloud-sdk/install.sh \ 70 --disable-installation-options \ 71 --bash-completion=false \ 72 --path-update=false \ 73 --usage-reporting=false && \ 74 gcloud components install alpha beta && \ 75 gcloud info | tee /workspace/gcloud-info.txt 76 77 78 # 79 # BEGIN: DOCKER IN DOCKER SETUP 80 # 81 82 # Install Docker deps, some of these are already installed in the image but 83 # that's fine since they won't re-install and we can reuse the code below 84 # for another image someday. 85 RUN apt-get update && apt-get install -y --no-install-recommends \ 86 apt-transport-https \ 87 ca-certificates \ 88 curl \ 89 gnupg2 \ 90 software-properties-common \ 91 lsb-release && \ 92 rm -rf /var/lib/apt/lists/* 93 94 # Add the Docker apt-repository 95 RUN curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg \ 96 && chmod a+r /etc/apt/keyrings/docker.gpg \ 97 && echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ 98 "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ 99 tee /etc/apt/sources.list.d/docker.list > /dev/null 100 101 # Install Docker 102 # TODO: the `sed` is a bit of a hack, look into alternatives. 103 # Why this exists: `docker service start` on debian runs a `cgroupfs_mount` method, 104 # We're already inside docker though so we can be sure these are already mounted. 105 # Trying to remount these makes for a very noisy error block in the beginning of 106 # the pod logs, so we just comment out the call to it... :shrug: 107 RUN apt-get update && \ 108 apt-get install -y --no-install-recommends docker-ce docker-buildx-plugin && \ 109 rm -rf /var/lib/apt/lists/* && \ 110 sed -i 's/cgroupfs_mount$/#cgroupfs_mount\n/' /etc/init.d/docker \ 111 && update-alternatives --set iptables /usr/sbin/iptables-legacy \ 112 && update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy 113 114 115 116 # Move Docker's storage location 117 RUN echo 'DOCKER_OPTS="${DOCKER_OPTS} --data-root=/docker-graph"' | \ 118 tee --append /etc/default/docker 119 # NOTE this should be mounted and persisted as a volume ideally (!) 120 # We will make a fallback one now just in case 121 RUN mkdir /docker-graph 122 123 # 124 # END: DOCKER IN DOCKER SETUP 125 # 126 127 # install cfssl to prevent https://github.com/kubernetes/kubernetes/issues/55589 128 # The invocation at the end is to prevent download failures downloads as in the bug. 129 # TODO(porridge): bump CFSSL_VERSION to one where cfssljson supports the -version flag and test it as well. 130 ARG CFSSL_VERSION 131 RUN wget -q -O cfssl "https://github.com/cloudflare/cfssl/releases/download/v${CFSSL_VERSION}/cfssl_${CFSSL_VERSION}_linux_${TARGETARCH}" && \ 132 wget -q -O cfssljson "https://github.com/cloudflare/cfssl/releases/download/v${CFSSL_VERSION}/cfssljson_${CFSSL_VERSION}_linux_${TARGETARCH}" && \ 133 chmod +x cfssl cfssljson && \ 134 mv cfssl cfssljson /usr/local/bin && \ 135 cfssl version 136 137 # replace kubectl with one from K8S_RELEASE 138 ARG K8S_RELEASE=latest 139 RUN rm -f $(which kubectl) && \ 140 export KUBECTL_VERSION=$(curl -L https://dl.k8s.io/release/${K8S_RELEASE}.txt) && \ 141 wget https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/${TARGETARCH}/kubectl -O /usr/local/bin/kubectl && \ 142 chmod +x /usr/local/bin/kubectl 143 144 # install go 145 ARG GO_VERSION 146 ENV GO_TARBALL "go${GO_VERSION}.linux-${TARGETARCH}.tar.gz" 147 RUN wget -q "https://go.dev/dl/${GO_TARBALL}" && \ 148 tar xzf "${GO_TARBALL}" -C /usr/local && \ 149 mkdir -p "${GOPATH}/bin" && \ 150 rm "${GO_TARBALL}" 151 152 # install yq 153 ARG YQ_VERSION 154 RUN wget -q "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_${TARGETARCH}" \ 155 -O /usr/local/bin/yq && chmod +x /usr/local/bin/yq 156 157 # install kind if a version is provided 158 ARG KIND_VERSION 159 RUN if [ -n "${KIND_VERSION}" ]; then \ 160 wget -q -O /usr/local/bin/kind https://kind.sigs.k8s.io/dl/v${KIND_VERSION}/kind-linux-${TARGETARCH} && \ 161 chmod +x /usr/local/bin/kind; \ 162 fi 163 164 # We are installing prebuilt binaries as arm64 compiles are bugged 165 # https://github.com/kubernetes-sigs/kubetest2/pull/259 166 ARG KUBETEST2_VERSION 167 RUN if [ -n "${KUBETEST2_VERSION}" ]; then \ 168 wget -q https://storage.googleapis.com/k8s-staging-kubetest2/latest/linux-${TARGETARCH}.tgz && \ 169 tar xzf linux-${TARGETARCH}.tgz -C "$GOPATH/bin" && \ 170 rm linux-${TARGETARCH}.tgz; \ 171 fi 172 173 # configure dockerd to use mirror.gcr.io 174 # per instructions at https://cloud.google.com/container-registry/docs/pulling-cached-images 175 ARG DOCKER_REGISTRY_MIRROR_URL=https://mirror.gcr.io 176 RUN [ -n "${DOCKER_REGISTRY_MIRROR_URL}" ] && \ 177 echo "DOCKER_OPTS=\"\${DOCKER_OPTS} --registry-mirror=${DOCKER_REGISTRY_MIRROR_URL}\"" | \ 178 tee --append /etc/default/docker 179 180 # note the runner is also responsible for making docker in docker function if 181 # env DOCKER_IN_DOCKER_ENABLED is set 182 COPY ["runner.sh", \ 183 "/usr/local/bin/"] 184 185 ENTRYPOINT ["/usr/local/bin/runner.sh"]