-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
135 lines (105 loc) · 5.15 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
FROM openjdk:8-jdk
# ================================================================================================
# Inspiration: Docker Framework (https://github.com/zeroc0d3/docker-framework)
# Dwi Fahni Denni <zeroc0d3.0912@gmail.com>
# ================================================================================================
# Core Contributors:
# - Mahmoud Zalt @mahmoudz
# - Bo-Yi Wu @appleboy
# - Philippe Trépanier @philtrep
# - Mike Erickson @mikeerickson
# - Dwi Fahni Denni @zeroc0d3
# - Thor Erik @thorerik
# - Winfried van Loon @winfried-van-loon
# - TJ Miller @sixlive
# - Yu-Lung Shao (Allen) @bestlong
# - Milan Urukalo @urukalo
# - Vince Chu @vwchu
# - Huadong Zuo @zuohuadong
# ================================================================================================
MAINTAINER "Laradock Team <mahmoud@zalt.me>"
RUN apt-get update && apt-get install -y git curl && rm -rf /var/lib/apt/lists/*
ENV JENKINS_HOME /var/jenkins_home
ENV JENKINS_SLAVE_AGENT_PORT 50000
ARG user=jenkins
ARG group=jenkins
ARG uid=1000
ARG gid=1000
# Jenkins is run with user `jenkins`, uid = 1000
# If you bind mount a volume from the host or a data container,
# ensure you use the same uid
RUN groupadd -g ${gid} ${group} \
&& useradd -d "$JENKINS_HOME" -u ${uid} -g ${gid} -m -s /bin/bash ${user}
# Jenkins home directory is a volume, so configuration and build history
# can be persisted and survive image upgrades
USER root
RUN mkdir -p /var/jenkins_home && \
chmod 777 /var/jenkins_home
VOLUME /var/jenkins_home
# `/usr/share/jenkins/ref/` contains all reference configuration we want
# to set on a fresh new installation. Use it to bundle additional plugins
# or config file with your custom jenkins Docker image.
RUN mkdir -p /usr/share/jenkins/ref/init.groovy.d
ENV TINI_VERSION 0.18.0
ENV TINI_SHA 50a5bb62e3c4fdfb442da6d1530abb2b6afacc24
# Use tini as subreaper in Docker container to adopt zombie processes
RUN curl -fsSL https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini-static-amd64 -o /bin/tini && chmod +x /bin/tini \
&& echo "$TINI_SHA /bin/tini" | sha1sum -c -
COPY init.groovy /usr/share/jenkins/ref/init.groovy.d/tcp-slave-agent-port.groovy
# jenkins version being bundled in this docker image
ARG JENKINS_VERSION
ENV JENKINS_VERSION ${JENKINS_VERSION:-2.147}
# jenkins.war checksum, download will be validated using it
# 2.147
# https://updates.jenkins-ci.org/download/war/
ARG JENKINS_SHA=8176efb85393bd48479515c75f37d5b277120d8db373765ce0802a405593e4f2
# Can be used to customize where jenkins.war get downloaded from
ARG JENKINS_URL=https://repo.jenkins-ci.org/public/org/jenkins-ci/main/jenkins-war/${JENKINS_VERSION}/jenkins-war-${JENKINS_VERSION}.war
# could use ADD but this one does not check Last-Modified header neither does it allow to control checksum
# see https://github.com/docker/docker/issues/8331
RUN curl -fsSL ${JENKINS_URL} -o /usr/share/jenkins/jenkins.war \
&& echo "${JENKINS_SHA} /usr/share/jenkins/jenkins.war" | sha256sum -c -
ENV JENKINS_UC https://updates.jenkins.io
RUN chown -R ${user} "$JENKINS_HOME" /usr/share/jenkins/ref
# Add jenkins to the correct group
# see http://stackoverflow.com/questions/42164653/docker-in-docker-permissions-error
# use "getent group docker | awk -F: '{printf "%d\n", $3}'" command on host to find correct value for gid or simply use 'id'
ARG DOCKER_GID=998
RUN groupadd -g ${DOCKER_GID} docker \
&& curl -sSL https://get.docker.com/ | sh \
&& apt-get -q autoremove \
&& apt-get -q clean -y \
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/*.bin
# Install Docker-in-Docker from git@github.com:jpetazzo/dind.git
# RUN apt-get update -qq && apt-get install -qqy apt-transport-https ca-certificates curl lxc iptables
# Install Docker from Docker Inc. repositories.
RUN apt-get install -y curl && curl -sSL https://get.docker.com/ | sh
RUN usermod -aG docker jenkins
# Install Docker-Compose
RUN curl -L "https://github.com/docker/compose/releases/download/1.16.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
RUN chmod +x /usr/local/bin/docker-compose
# for main web interface:
EXPOSE 8080
# will be used by attached slave agents:
EXPOSE 50000
ENV COPY_REFERENCE_FILE_LOG $JENKINS_HOME/copy_reference_file.log
USER ${user}
COPY jenkins-support /usr/local/bin/jenkins-support
COPY jenkins.sh /usr/local/bin/jenkins.sh
ENTRYPOINT ["/bin/tini", "--", "/usr/local/bin/jenkins.sh"]
# from a derived Dockerfile, can use `RUN plugins.sh active.txt` to setup /usr/share/jenkins/ref/plugins from a support bundle
COPY plugins.sh /usr/local/bin/plugins.sh
COPY install-plugins.sh /usr/local/bin/install-plugins.sh
# Only need below if we are starting from empty jenkins_home
## Copy the RSA keys
#RUN mkdir -p /var/jenkins_home/.ssh
#RUN chown jenkins:jenkins /var/jenkins_home/.ssh
#COPY keys/id_rsa /var/jenkins_home/.ssh/id_rsa.pub
#COPY keys/id_rsa /var/jenkins_home/.ssh/id_rsa
#COPY keys/known_hosts /var/jenkins_home/.ssh/known_hosts
#
#USER root
#RUN chmod 600 /var/jenkins_home/.ssh/id_rsa
#RUN chmod 644 /var/jenkins_home/.ssh/id_rsa.pub
## ssh-keyscan -H github.com >> ~/.ssh/known_hosts
## ssh-keyscan -H bitbucket.org >> ~/.ssh/known_hosts