From 70f0bafb8d827beb551219ce79ddde3921a51d48 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 17:36:57 +0100 Subject: [PATCH 01/31] add rhel9 agents variants --- Makefile | 2 +- .../golang/docker/Dockerfile.ubi9 | 27 +++ .../jenkins-agents/golang/ocp-config/bc.yml | 2 +- .../jenkins-agents/jdk/docker/Dockerfile.ubi9 | 85 +++++++ common/jenkins-agents/jdk/ocp-config/bc.yml | 2 +- .../nodejs18/docker/Dockerfile.ubi8 | 6 +- .../nodejs18/docker/Dockerfile.ubi9 | 63 +++++ .../{almalinux.repo => almalinux8.repo} | 0 .../docker/yum.repos.d/almalinux9.repo | 13 ++ .../jenkins-agents/nodejs18/ocp-config/bc.yml | 2 +- .../nodejs20/docker/Dockerfile.ubi8 | 6 +- .../nodejs20/docker/Dockerfile.ubi9 | 63 +++++ .../{almalinux.repo => almalinux8.repo} | 0 .../docker/yum.repos.d/almalinux9.repo | 13 ++ .../jenkins-agents/nodejs20/ocp-config/bc.yml | 2 +- .../nodejs22/docker/Dockerfile.ubi8 | 6 +- .../nodejs22/docker/Dockerfile.ubi9 | 63 +++++ .../{almalinux.repo => almalinux8.repo} | 0 .../docker/yum.repos.d/almalinux9.repo | 13 ++ .../jenkins-agents/nodejs22/ocp-config/bc.yml | 2 +- .../nodejs24/docker/Dockerfile.ubi8 | 6 +- .../nodejs24/docker/Dockerfile.ubi9 | 63 +++++ .../docker/yum.repos.d/almalinux8.repo} | 0 .../docker/yum.repos.d/almalinux9.repo | 13 ++ .../jenkins-agents/nodejs24/ocp-config/bc.yml | 2 +- .../python/docker/Dockerfile.ubi9 | 37 +++ .../jenkins-agents/python/ocp-config/bc.yml | 2 +- .../rust/docker/Dockerfile.ubi9 | 44 ++++ common/jenkins-agents/rust/ocp-config/bc.yml | 2 +- .../scala/docker/Dockerfile.ubi9 | 68 ++++++ common/jenkins-agents/scala/ocp-config/bc.yml | 2 +- .../terraform-2306/docker/Dockerfile.ubi8 | 4 +- .../terraform-2306/docker/Dockerfile.ubi9 | 204 ++++++++++++++++ .../docker/yum.repos.d/almalinux8.repo} | 0 .../docker/yum.repos.d/almalinux9.repo | 13 ++ .../terraform-2306/ocp-config/bc.yml | 2 +- .../terraform-2408/docker/Dockerfile.ubi8 | 4 +- .../terraform-2408/docker/Dockerfile.ubi9 | 218 ++++++++++++++++++ .../docker/yum.repos.d/almalinux8.repo} | 2 +- .../docker/yum.repos.d/almalinux9.repo | 13 ++ .../terraform-2408/ocp-config/bc.yml | 2 +- 41 files changed, 1042 insertions(+), 29 deletions(-) create mode 100644 common/jenkins-agents/golang/docker/Dockerfile.ubi9 create mode 100644 common/jenkins-agents/jdk/docker/Dockerfile.ubi9 create mode 100644 common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 rename common/jenkins-agents/nodejs18/docker/yum.repos.d/{almalinux.repo => almalinux8.repo} (100%) create mode 100644 common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux9.repo create mode 100644 common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 rename common/jenkins-agents/nodejs20/docker/yum.repos.d/{almalinux.repo => almalinux8.repo} (100%) create mode 100644 common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux9.repo create mode 100644 common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 rename common/jenkins-agents/nodejs22/docker/yum.repos.d/{almalinux.repo => almalinux8.repo} (100%) create mode 100644 common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux9.repo create mode 100644 common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 rename common/jenkins-agents/{terraform-2306/docker/yum.repos.d/almalinux.repo => nodejs24/docker/yum.repos.d/almalinux8.repo} (100%) create mode 100644 common/jenkins-agents/nodejs24/docker/yum.repos.d/almalinux9.repo create mode 100644 common/jenkins-agents/python/docker/Dockerfile.ubi9 create mode 100644 common/jenkins-agents/rust/docker/Dockerfile.ubi9 create mode 100644 common/jenkins-agents/scala/docker/Dockerfile.ubi9 create mode 100644 common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 rename common/jenkins-agents/{terraform-2408/docker/yum.repos.d/almalinux.repo => terraform-2306/docker/yum.repos.d/almalinux8.repo} (100%) create mode 100644 common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux9.repo create mode 100644 common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 rename common/jenkins-agents/{nodejs24/docker/yum.repos.d/almalinux.repo => terraform-2408/docker/yum.repos.d/almalinux8.repo} (99%) create mode 100644 common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux9.repo diff --git a/Makefile b/Makefile index aec015b1d..d62ba27c4 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ ODS_NAMESPACE := $(shell grep ODS_NAMESPACE $(CURDIR)/../ods-configuration/ods-c install-jenkins-agent: install-jenkins-agent-golang install-jenkins-agent-jdk install-jenkins-agent-nodejs install-jenkins-agent-python install-jenkins-agent-scala install-jenkins-agent-terraform-2306 install-jenkins-agent-terraform-2408 install-jenkins-agent-rust .PHONY: install-jenkins-agent -.## Update OpenShift resources related Jenkins agent resources. +## Update OpenShift resources related Jenkins agent resources. apply-jenkins-agent-build: apply-jenkins-agent-golang-build apply-jenkins-agent-jdk-build apply-jenkins-agent-nodejs18-build apply-jenkins-agent-nodejs20-build apply-jenkins-agent-nodejs22-build apply-jenkins-agent-nodejs24-build apply-jenkins-agent-python-build apply-jenkins-agent-scala-build apply-jenkins-agent-terraform-build-2306 apply-jenkins-agent-terraform-build-2408 apply-jenkins-agent-rust-build .PHONY: apply-jenkins-agent-build diff --git a/common/jenkins-agents/golang/docker/Dockerfile.ubi9 b/common/jenkins-agents/golang/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..08e885aa7 --- /dev/null +++ b/common/jenkins-agents/golang/docker/Dockerfile.ubi9 @@ -0,0 +1,27 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +ARG goDistributionUrl +ARG golangciVersion + +RUN yum install -y gcc gcc-c++ + +RUN cd /tmp && \ + curl -LfSso /tmp/go.tar.gz $goDistributionUrl && \ + tar -C /usr/local -xzf go.tar.gz && \ + rm -f /tmp/go.tar.gz && \ + cd - && \ + mkdir /go && \ + /usr/local/go/bin/go version + +ENV PATH $PATH:/usr/local/go/bin +ENV GOBIN /usr/local/bin + +COPY install-golangci-lint.sh /tmp/install-golangci-lint.sh +RUN /tmp/install-golangci-lint.sh -b /usr/local/bin $golangciVersion && \ + rm -f /tmp/install-golangci-lint.sh + +RUN go install github.com/jstemmer/go-junit-report/v2@v2.1.0 + +RUN mkdir -p /home/jenkins/go && chmod -R g+w /home/jenkins + +WORKDIR /go diff --git a/common/jenkins-agents/golang/ocp-config/bc.yml b/common/jenkins-agents/golang/ocp-config/bc.yml index 13fc09abb..ac5fc8f8f 100644 --- a/common/jenkins-agents/golang/ocp-config/bc.yml +++ b/common/jenkins-agents/golang/ocp-config/bc.yml @@ -14,7 +14,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use - name: GO_DISTRIBUTION_URL value: https://go.dev/dl/go1.23.0.linux-amd64.tar.gz diff --git a/common/jenkins-agents/jdk/docker/Dockerfile.ubi9 b/common/jenkins-agents/jdk/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..de97d0d0f --- /dev/null +++ b/common/jenkins-agents/jdk/docker/Dockerfile.ubi9 @@ -0,0 +1,85 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-jdk-rhel9-container" \ + name="openshift4/jenkins-agent-jdk-rhel9" \ + architecture="x86_64" \ + io.k8s.display-name="Jenkins Agent JDK" \ + io.k8s.description="The jenkins agent jdk image has java 11, 17 and 21 installed on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,jdk" \ + maintainer="openshift-dev-services+jenkins@redhat.com" + +ARG nexusUrl +ARG nexusUsername +ARG nexusPassword + +ENV LANG=en_US.UTF-8 \ + LC_ALL=en_US.UTF-8 + +# Container support is now integrated in Java 11, the +UseCGroupMemoryLimitForHeap option has been pruned +ENV JAVA_TOOL_OPTIONS="-XX:+UnlockExperimentalVMOptions -Dsun.zip.disableMemoryMapping=true" + +# Workaround we use when running behind proxy +# Basically we put the proxy certificate in certs folder +# COPY certs/* /etc/pki/ca-trust/source/anchors/ +# RUN update-ca-trust force-enable && update-ca-trust extract + +# Install Java devel 11, 17 21 and binutils +# Note: use java scripts are executed to test the scripts but also use-j11.sh in called 3nd place to set is as default version +RUN yum install -y java-11-openjdk-devel java-17-openjdk-devel java-21-openjdk-devel binutils && \ + yum clean all -y && \ + rm -rf /var/cache/yum + +# Copy and use java scripts. +COPY use-j*.sh /usr/local/bin/ +RUN chmod +x /usr/local/bin/use-j*.sh && \ + chmod ugo+s /usr/local/bin/use-j*.sh && \ + sh -c 'chmod ugo+s $(which alternatives)' && \ + ls -la /usr/local/bin/use-j*.sh && \ + echo "--- STARTS JDK 11/17/21 TESTS ---" && \ + use-j11.sh && \ + use-j21.sh && \ + use-j17.sh && \ + echo "--- ENDS JDK 11/17/21 TESTS ---" + +# Set maven (nexus+proxy) and gradle (proxy) settings +ENV MAVEN_OPTS="-Duser.home=$HOME" \ + GRADLE_USER_HOME=/home/jenkins/.gradle +# TODO: Remove MAVEN_OPTS env once cri-o pushes the $HOME variable in /etc/passwd +ADD .m2/settings.xml $HOME/.m2/ +COPY set_maven_proxy.sh /tmp/set_maven_proxy.sh +COPY set_gradle_proxy.sh /tmp/set_gradle_proxy.sh +RUN mkdir -p $GRADLE_USER_HOME && \ + chmod +x /tmp/set_gradle_proxy.sh && \ + /tmp/set_gradle_proxy.sh && \ + mkdir -p $HOME/.m2 && \ + chmod +x /tmp/set_maven_proxy.sh && \ + mv $HOME/.m2/settings.xml $HOME/.m2/settings.xml.orig && \ + /tmp/set_maven_proxy.sh && \ + xpr=$(cat /tmp/mvn_proxy) && \ + xpr="${xpr//\//\\/}" && \ + xpr="${xpr//|/\\|}" && \ + cat $HOME/.m2/settings.xml.orig | sed -e "s||$xpr|g" > $HOME/.m2/settings.xml && \ + sed -i "s/__NEXUS_USER/$nexusUsername/gi" $HOME/.m2/settings.xml && \ + sed -i "s/__NEXUS_PW/$nexusPassword/gi" $HOME/.m2/settings.xml && \ + sed -i "s|__NEXUS_URL|$nexusUrl|gi" $HOME/.m2/settings.xml && \ + cat $HOME/.m2/settings.xml + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME && \ + chmod -c 666 /etc/pki/ca-trust/extracted/java/cacerts && \ + ls -la /etc/pki/ca-trust/extracted/java/cacerts + +# temporary java version switch bugfix +USER root +RUN chgrp -R 0 /var/lib/alternatives && \ + chmod -R g=u /var/lib/alternatives && \ + chgrp -R 0 /etc/alternatives && \ + chmod -R g=u /etc/alternatives && \ + chmod -R u+w /usr/bin && \ + chgrp -R 0 /usr/bin && \ + chmod -R g=u /usr/bin && \ + chgrp -R 0 /usr/share/man && \ + chmod -R g=u /usr/share/man + +USER 1001 diff --git a/common/jenkins-agents/jdk/ocp-config/bc.yml b/common/jenkins-agents/jdk/ocp-config/bc.yml index fe11a3b8a..cb52eb874 100644 --- a/common/jenkins-agents/jdk/ocp-config/bc.yml +++ b/common/jenkins-agents/jdk/ocp-config/bc.yml @@ -20,7 +20,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use objects: - apiVersion: build.openshift.io/v1 diff --git a/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi8 b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi8 index b4b5e7634..401d32c57 100644 --- a/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi8 @@ -1,8 +1,8 @@ FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest # Labels consumed by Red Hat build service -LABEL com.redhat.component="jenkins-agent-nodejs-18-rhel7-container" \ - name="openshift4/jenkins-agent-nodejs-18-rhel7" \ +LABEL com.redhat.component="jenkins-agent-nodejs-rhel8-container" \ + name="openshift4/jenkins-agent-nodejs-rhel8" \ architecture="x86_64" \ io.k8s.display-name="Jenkins Agent Nodejs" \ io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ @@ -39,7 +39,7 @@ RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERS # Install Cypress dependencies # https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo -COPY yum.repos.d/almalinux.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/almalinux8.repo /etc/yum.repos.d/almalinux8.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ diff --git a/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..45e2ec851 --- /dev/null +++ b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 @@ -0,0 +1,63 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-nodejs-rhel9-container" \ + name="openshift4/jenkins-agent-nodejs-rhel9" \ + architecture="x86_64" \ + io.k8s.display-name="Jenkins Agent Nodejs" \ + io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,nodejs" \ + maintainer="openshift-dev-services+jenkins@redhat.com" + +ARG nexusUrl +ARG nexusAuth + +ENV NODEJS_VERSION=18 \ + YARN_VERSION=1.22.18 \ + NPM_CONFIG_PREFIX=$HOME/.npm-global \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ + PATH=$HOME/.yarn/bin:$HOME/.config/yarn/global/node_modules/.bin:$HOME/node_modules/.bin/:$HOME/.npm-global/bin/:$PATH \ + LANG=en_US.UTF-8 \ + LC_ALL=en_US.UTF-8 + +COPY contrib/bin/configure-agent /usr/local/bin/configure-agent + +# Generate machine ID +RUN dbus-uuidgen > /etc/machine-id + +# Install NodeJS +RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ + curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ + yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum clean all -y + +# Install Yarn +# https://classic.yarnpkg.com/en/docs/install +RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERSION + +# Install Cypress dependencies +# https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements +COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux9.repo +COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo +RUN yum repolist \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ + && yum install -y --enablerepo google-chrome google-chrome-stable \ + && yum install -y --enablerepo edge microsoft-edge-stable \ + && yum clean all -y + +RUN npm config set registry=$nexusUrl/repository/npmjs/ && \ + npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) && \ + npm config set email=no-reply@opendevstack.org && \ + npm config set strict-ssl=true && \ + yarn config set registry $nexusUrl/repository/npmjs/ -g && \ + echo node version: $(node --version) && \ + echo npm version: $(npm --version) && \ + echo npx version: $(npx --version) && \ + echo yarn version: $(yarn --version) + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME + +USER 1001 diff --git a/common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux.repo b/common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux8.repo similarity index 100% rename from common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux.repo rename to common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux8.repo diff --git a/common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/nodejs18/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file diff --git a/common/jenkins-agents/nodejs18/ocp-config/bc.yml b/common/jenkins-agents/nodejs18/ocp-config/bc.yml index 9408c1f16..45213e5bf 100644 --- a/common/jenkins-agents/nodejs18/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs18/ocp-config/bc.yml @@ -18,7 +18,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use objects: - apiVersion: build.openshift.io/v1 diff --git a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 index aba3bb7e9..21ca40b16 100644 --- a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi8 @@ -1,8 +1,8 @@ FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest # Labels consumed by Red Hat build service -LABEL com.redhat.component="jenkins-agent-nodejs-20-rhel7-container" \ - name="openshift4/jenkins-agent-nodejs-20-rhel7" \ +LABEL com.redhat.component="jenkins-agent-nodejs-rhel8-container" \ + name="openshift4/jenkins-agent-nodejs-rhel8" \ architecture="x86_64" \ io.k8s.display-name="Jenkins Agent Nodejs" \ io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ @@ -39,7 +39,7 @@ RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERS # Install Cypress dependencies # https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo -COPY yum.repos.d/almalinux.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/almalinux8.repo /etc/yum.repos.d/almalinux8.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ diff --git a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..aea0b8064 --- /dev/null +++ b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 @@ -0,0 +1,63 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-nodejs-rhel9-container" \ + name="openshift4/jenkins-agent-nodejs-rhel9" \ + architecture="x86_64" \ + io.k8s.display-name="Jenkins Agent Nodejs" \ + io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,nodejs" \ + maintainer="openshift-dev-services+jenkins@redhat.com" + +ARG nexusUrl +ARG nexusAuth + +ENV NODEJS_VERSION=20 \ + YARN_VERSION=1.22.19 \ + NPM_CONFIG_PREFIX=$HOME/.npm-global \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ + PATH=$HOME/.yarn/bin:$HOME/.config/yarn/global/node_modules/.bin:$HOME/node_modules/.bin/:$HOME/.npm-global/bin/:$PATH \ + LANG=en_US.UTF-8 \ + LC_ALL=en_US.UTF-8 + +COPY contrib/bin/configure-agent /usr/local/bin/configure-agent + +# Generate machine ID +RUN dbus-uuidgen > /etc/machine-id + +# Install NodeJS +RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ + curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ + yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum clean all -y + +# Install Yarn +# https://classic.yarnpkg.com/en/docs/install +RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERSION + +# Install Cypress dependencies +# https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements +COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux9.repo +COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo +RUN yum repolist \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ + && yum install -y --enablerepo google-chrome google-chrome-stable \ + && yum install -y --enablerepo edge microsoft-edge-stable \ + && yum clean all -y + +RUN npm config set registry=$nexusUrl/repository/npmjs/ && \ + npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) && \ + npm config set email=no-reply@opendevstack.org && \ + npm config set strict-ssl=true && \ + yarn config set registry $nexusUrl/repository/npmjs/ -g && \ + echo node version: $(node --version) && \ + echo npm version: $(npm --version) && \ + echo npx version: $(npx --version) && \ + echo yarn version: $(yarn --version) + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME + +USER 1001 diff --git a/common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux.repo b/common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux8.repo similarity index 100% rename from common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux.repo rename to common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux8.repo diff --git a/common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/nodejs20/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file diff --git a/common/jenkins-agents/nodejs20/ocp-config/bc.yml b/common/jenkins-agents/nodejs20/ocp-config/bc.yml index ae8aa0421..96a4a802e 100644 --- a/common/jenkins-agents/nodejs20/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs20/ocp-config/bc.yml @@ -18,7 +18,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use objects: - apiVersion: build.openshift.io/v1 diff --git a/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi8 b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi8 index 5adc6a61b..9c0688f09 100644 --- a/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi8 @@ -1,8 +1,8 @@ FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest # Labels consumed by Red Hat build service -LABEL com.redhat.component="jenkins-agent-nodejs-22-rhel7-container" \ - name="openshift4/jenkins-agent-nodejs-22-rhel7" \ +LABEL com.redhat.component="jenkins-agent-nodejs-rhel8-container" \ + name="openshift4/jenkins-agent-nodejs-rhel8" \ architecture="x86_64" \ io.k8s.display-name="Jenkins Agent Nodejs" \ io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ @@ -39,7 +39,7 @@ RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERS # Install Cypress dependencies # https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo -COPY yum.repos.d/almalinux.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/almalinux8.repo /etc/yum.repos.d/almalinux8.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ diff --git a/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..0ee25a26e --- /dev/null +++ b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 @@ -0,0 +1,63 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-nodejs-rhel9-container" \ + name="openshift4/jenkins-agent-nodejs-rhel9" \ + architecture="x86_64" \ + io.k8s.display-name="Jenkins Agent Nodejs" \ + io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,nodejs" \ + maintainer="openshift-dev-services+jenkins@redhat.com" + +ARG nexusUrl +ARG nexusAuth + +ENV NODEJS_VERSION=22 \ + YARN_VERSION=1.22.19 \ + NPM_CONFIG_PREFIX=$HOME/.npm-global \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ + PATH=$HOME/.yarn/bin:$HOME/.config/yarn/global/node_modules/.bin:$HOME/node_modules/.bin/:$HOME/.npm-global/bin/:$PATH \ + LANG=en_US.UTF-8 \ + LC_ALL=en_US.UTF-8 + +COPY contrib/bin/configure-agent /usr/local/bin/configure-agent + +# Generate machine ID +RUN dbus-uuidgen > /etc/machine-id + +# Install NodeJS +RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ + curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ + yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum clean all -y + +# Install Yarn +# https://classic.yarnpkg.com/en/docs/install +RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERSION + +# Install Cypress dependencies +# https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements +COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux9.repo +COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo +RUN yum repolist \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ + && yum install -y --enablerepo google-chrome google-chrome-stable \ + && yum install -y --enablerepo edge microsoft-edge-stable \ + && yum clean all -y + +RUN npm config set registry=$nexusUrl/repository/npmjs/ && \ + npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) && \ + npm config set email=no-reply@opendevstack.org && \ + npm config set strict-ssl=true && \ + yarn config set registry $nexusUrl/repository/npmjs/ -g && \ + echo node version: $(node --version) && \ + echo npm version: $(npm --version) && \ + echo npx version: $(npx --version) && \ + echo yarn version: $(yarn --version) + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME + +USER 1001 diff --git a/common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux.repo b/common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux8.repo similarity index 100% rename from common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux.repo rename to common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux8.repo diff --git a/common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/nodejs22/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file diff --git a/common/jenkins-agents/nodejs22/ocp-config/bc.yml b/common/jenkins-agents/nodejs22/ocp-config/bc.yml index d839c509d..2571fbeb9 100644 --- a/common/jenkins-agents/nodejs22/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs22/ocp-config/bc.yml @@ -18,7 +18,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use objects: - apiVersion: build.openshift.io/v1 diff --git a/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi8 b/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi8 index d5112b2ed..73b894939 100644 --- a/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi8 @@ -1,8 +1,8 @@ FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest # Labels consumed by Red Hat build service -LABEL com.redhat.component="jenkins-agent-nodejs-24-rhel7-container" \ - name="openshift4/jenkins-agent-nodejs-24-rhel7" \ +LABEL com.redhat.component="jenkins-agent-nodejs-rhel8-container" \ + name="openshift4/jenkins-agent-nodejs-rhel8" \ architecture="x86_64" \ io.k8s.display-name="Jenkins Agent Nodejs" \ io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ @@ -39,7 +39,7 @@ RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERS # Install Cypress dependencies # https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo -COPY yum.repos.d/almalinux.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/almalinux8.repo /etc/yum.repos.d/almalinux8.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ diff --git a/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..b327e88c2 --- /dev/null +++ b/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 @@ -0,0 +1,63 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-nodejs-rhel9-container" \ + name="openshift4/jenkins-agent-nodejs-rhel9" \ + architecture="x86_64" \ + io.k8s.display-name="Jenkins Agent Nodejs" \ + io.k8s.description="The jenkins agent nodejs image has the nodejs tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,nodejs" \ + maintainer="openshift-dev-services+jenkins@redhat.com" + +ARG nexusUrl +ARG nexusAuth + +ENV NODEJS_VERSION=24 \ + YARN_VERSION=1.22.19 \ + NPM_CONFIG_PREFIX=$HOME/.npm-global \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ + PATH=$HOME/.yarn/bin:$HOME/.config/yarn/global/node_modules/.bin:$HOME/node_modules/.bin/:$HOME/.npm-global/bin/:$PATH \ + LANG=en_US.UTF-8 \ + LC_ALL=en_US.UTF-8 + +COPY contrib/bin/configure-agent /usr/local/bin/configure-agent + +# Generate machine ID +RUN dbus-uuidgen > /etc/machine-id + +# Install NodeJS +RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ + curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ + yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum clean all -y + +# Install Yarn +# https://classic.yarnpkg.com/en/docs/install +RUN curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version $YARN_VERSION + +# Install Cypress dependencies +# https://docs.cypress.io/guides/getting-started/installing-cypress.html#System-requirements +COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux9.repo +COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo +RUN yum repolist \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ + && yum install -y --enablerepo google-chrome google-chrome-stable \ + && yum install -y --enablerepo edge microsoft-edge-stable \ + && yum clean all -y + +RUN npm config set registry=$nexusUrl/repository/npmjs/ && \ + npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) && \ + npm config set email=no-reply@opendevstack.org && \ + npm config set strict-ssl=true && \ + yarn config set registry $nexusUrl/repository/npmjs/ -g && \ + echo node version: $(node --version) && \ + echo npm version: $(npm --version) && \ + echo npx version: $(npx --version) && \ + echo yarn version: $(yarn --version) + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME + +USER 1001 diff --git a/common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux.repo b/common/jenkins-agents/nodejs24/docker/yum.repos.d/almalinux8.repo similarity index 100% rename from common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux.repo rename to common/jenkins-agents/nodejs24/docker/yum.repos.d/almalinux8.repo diff --git a/common/jenkins-agents/nodejs24/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/nodejs24/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/nodejs24/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file diff --git a/common/jenkins-agents/nodejs24/ocp-config/bc.yml b/common/jenkins-agents/nodejs24/ocp-config/bc.yml index 3338bd928..69f122d02 100644 --- a/common/jenkins-agents/nodejs24/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs24/ocp-config/bc.yml @@ -18,7 +18,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use objects: - apiVersion: build.openshift.io/v1 diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..bed9a16f7 --- /dev/null +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -0,0 +1,37 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +LABEL maintainer="Gerard Castillo " + +ARG nexusHost +ARG nexusAuth + +ENV PYTHONUNBUFFERED=1 \ + PYTHONIOENCODING=UTF-8 \ + PIP_NO_CACHE_DIR=off \ + PATH=$JAVA_HOME/bin:$PATH + +RUN yum module install -y python38:3.8/build && \ + yum module install -y python39:3.9/build --allowerasing && \ + yum install -y python3.11 python3.11-pip python3.11-devel python3.11-setuptools --allowerasing && \ + yum install -y python3.12 python3.12-pip python3.12-devel python3.12-setuptools --allowerasing && \ + yum install -y autoconf automake gcc-c++ openssl-devel libffi-devel && \ + yum -y clean all + +RUN pipVersions=( pip3.8 pip3.9 pip3.11 pip3.12 ); \ + for pipV in "${pipVersions[@]}"; \ + do \ + if [ ! -z ${nexusHost} ] && [ ! -z ${nexusAuth} ]; \ + then $pipV config set global.index-url https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ + && $pipV config set global.trusted-host ${nexusHost} \ + && $pipV config set global.extra-index-url https://pypi.org/simple; \ + fi; \ + $pipV config set global.cert /etc/ssl/certs/ca-bundle.crt && \ + $pipV install --upgrade pip --user && \ + $pipV install virtualenv==20.26.3 setuptools==72.2.0 Cython==3.0.11 pypandoc==1.13; \ + done; + +# Enables default user to access $HOME folder +RUN chown -R 1001:0 $HOME && \ + chmod -R a+rw $HOME + +USER 1001 diff --git a/common/jenkins-agents/python/ocp-config/bc.yml b/common/jenkins-agents/python/ocp-config/bc.yml index f3adef639..4f1f3723c 100644 --- a/common/jenkins-agents/python/ocp-config/bc.yml +++ b/common/jenkins-agents/python/ocp-config/bc.yml @@ -14,7 +14,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use - name: NEXUS_HOST description: "Your Nexus Instance Host" diff --git a/common/jenkins-agents/rust/docker/Dockerfile.ubi9 b/common/jenkins-agents/rust/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..21f5d10bd --- /dev/null +++ b/common/jenkins-agents/rust/docker/Dockerfile.ubi9 @@ -0,0 +1,44 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +LABEL maintainer="Gerard C.L. " + +ARG rustVersion +ARG rustToolchain +ARG cargoNextestVersion +ARG cargoLlvmCovVersion +ARG cargoGenerateVersion +ARG cargoDenyVersion + +ENV PATH="$HOME/.cargo/bin:$PATH" +ENV USER="rust-agent" +ENV CARGO_NEXTEST_VERSION=${cargoNextestVersion} \ + CARGO_LLVM_COV_VERSION=${cargoLlvmCovVersion} \ + CARGO_GENERATE_VERSION=${cargoGenerateVersion} \ + CARGO_DENY_VERSION=${cargoDenyVersion} \ + RUST_VERSION=${rustVersion} + +RUN yum install -y binutils cpp gcc glibc-devel glibc-headers isl kernel-headers libasan libatomic \ + libgomp libmpc libpkgconf libubsan libxcrypt-devel llvm-libs pkgconf pkgconf-m4 pkgconf-pkg-config \ + openssl-devel cpan perl-IPC-Cmd && \ + cpan install FindBin + +RUN mkdir -p $HOME/.cargo/bin $HOME/.rustup && \ + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- \ + -y --profile complete --default-toolchain ${rustVersion} -t ${rustToolchain} && \ + cargo -V && \ + # Download binaries and install to $HOME/.cargo/bin + curl --proto '=https' --tlsv1.2 -fsSL https://github.com/nextest-rs/nextest/releases/download/cargo-nextest-$CARGO_NEXTEST_VERSION/cargo-nextest-$CARGO_NEXTEST_VERSION-$rustToolchain.tar.gz | tar xzf - -C "$HOME/.cargo/bin" && \ + curl --proto '=https' --tlsv1.2 -fsSL https://github.com/cargo-generate/cargo-generate/releases/download/v$CARGO_GENERATE_VERSION/cargo-generate-v$CARGO_GENERATE_VERSION-$rustToolchain.tar.gz | tar xzf - -C "$HOME/.cargo/bin" && \ + # curl --proto '=https' --tlsv1.2 -fsSL https://github.com/taiki-e/cargo-llvm-cov/releases/download/v$CARGO_LLVM_COV_VERSION/cargo-llvm-cov-$rustToolchain.tar.gz | tar xzf - -C "$HOME/.cargo/bin" && \ + # cargo LLVM coverage crate is recommended to be compiled as it takes care to add the OS lib dependencies the proper way + cargo install cargo-llvm-cov --locked --version $CARGO_LLVM_COV_VERSION && \ + # install cargo deny as release sources do not provide our rust toolchain target + cargo install cargo-deny --locked --version $CARGO_DENY_VERSION && \ + cargo --version && \ + cargo nextest --version && \ + cargo llvm-cov --version && \ + cargo generate --version && \ + cargo deny --version + +RUN chgrp -R 0 $HOME/.cargo $HOME/.rustup && \ + chmod -R g=u $HOME/.cargo $HOME/.rustup diff --git a/common/jenkins-agents/rust/ocp-config/bc.yml b/common/jenkins-agents/rust/ocp-config/bc.yml index b047284c0..d183808f8 100644 --- a/common/jenkins-agents/rust/ocp-config/bc.yml +++ b/common/jenkins-agents/rust/ocp-config/bc.yml @@ -14,7 +14,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use - name: RUST_VERSION description: "The Rust version" diff --git a/common/jenkins-agents/scala/docker/Dockerfile.ubi9 b/common/jenkins-agents/scala/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..c6b15663d --- /dev/null +++ b/common/jenkins-agents/scala/docker/Dockerfile.ubi9 @@ -0,0 +1,68 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +LABEL maintainer="Jan Frank " + +ARG nexusUrl +ARG nexusUsername +ARG nexusPassword + +# Container support is now integrated in Java 11, the +UseCGroupMemoryLimitForHeap option has been pruned +ENV JAVA_TOOL_OPTIONS="-XX:+UnlockExperimentalVMOptions -Dsun.zip.disableMemoryMapping=true" + +# Install sbt and java devel 11/17 +ENV SBT_VERSION=1.8.2 +ENV SBT_CREDENTIALS="$HOME/.sbt/.credentials" +RUN rm -f /etc/yum.repos.d/bintray-rpm.repo && \ + curl -L https://www.scala-sbt.org/sbt-rpm.repo > sbt-rpm.repo && \ + mv sbt-rpm.repo /etc/yum.repos.d/ && \ + yum -y install sbt-$SBT_VERSION java-11-openjdk-devel java-17-openjdk-devel && \ + yum clean all && \ + rm -rf /var/cache/yum + +# Copy use java scripts. +COPY use-j*.sh /usr/local/bin/ +RUN chmod +x /usr/local/bin/use-j*.sh && \ + chmod ugo+s /usr/local/bin/use-j*.sh && \ + sh -c 'chmod ugo+s $(which alternatives)' && \ + ls -la /usr/local/bin/use-j*.sh && \ + echo "--- STARTS JDK 11/17 TESTS ---" && \ + use-j11.sh && \ + use-j17.sh && \ + echo "--- ENDS JDK 11/17 TESTS ---" + +COPY sbtconfig/repositories $HOME/.sbt/repositories +COPY sbtconfig/credentials.sbt $HOME/.sbt/1.0/plugins/credentials.sbt +COPY sbtconfig/credentials $HOME/.sbt/.credentials +COPY sbtconfig/sbtopts /etc/sbt/sbtopts +COPY set_sbt_proxy.sh /tmp/set_sbt_proxy.sh + +RUN cat $HOME/.sbt/repositories | sed -e "s|NEXUS_URL|$nexusUrl|g" > $HOME/.sbt/repositories.tmp && \ + mv $HOME/.sbt/repositories.tmp $HOME/.sbt/repositories && \ + nexusHost=$(echo $nexusUrl | sed -e "s|https://||g" | sed -e "s|http://||g") && \ + nexusHost=$(echo $nexusHost | sed -e "s|:.*||g") && \ + sed -i.bak -e "s|NEXUS_HOST|$nexusHost|g" $HOME/.sbt/.credentials && \ + sed -i.bak -e "s|NEXUS_USERNAME|$nexusUsername|g" $HOME/.sbt/.credentials && \ + sed -i.bak -e "s|NEXUS_PASSWORD|$nexusPassword|g" $HOME/.sbt/.credentials && \ + rm $HOME/.sbt/.credentials.bak && \ + cd /tmp && \ + /tmp/set_sbt_proxy.sh && \ + if [ ! -f "/usr/bin/sbt" ]; then echo "sbt path /usr/bin/sbt could not be found"; exit 1 ; fi + +RUN chown -R 1001:0 $HOME && \ + chmod -R g+rwX $HOME && \ + chmod -c 666 /etc/pki/ca-trust/extracted/java/cacerts && \ + ls -la /etc/pki/ca-trust/extracted/java/cacerts + +# temporary java version switch bugfix +USER root +RUN chgrp -R 0 /var/lib/alternatives && \ + chmod -R g=u /var/lib/alternatives && \ + chgrp -R 0 /etc/alternatives && \ + chmod -R g=u /etc/alternatives && \ + chmod -R u+w /usr/bin && \ + chgrp -R 0 /usr/bin && \ + chmod -R g=u /usr/bin && \ + chgrp -R 0 /usr/share/man && \ + chmod -R g=u /usr/share/man + +USER 1001 \ No newline at end of file diff --git a/common/jenkins-agents/scala/ocp-config/bc.yml b/common/jenkins-agents/scala/ocp-config/bc.yml index 737107eff..6ac6036fc 100644 --- a/common/jenkins-agents/scala/ocp-config/bc.yml +++ b/common/jenkins-agents/scala/ocp-config/bc.yml @@ -20,7 +20,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use objects: - apiVersion: build.openshift.io/v1 diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi8 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi8 index cc9df54ba..1d69bbe56 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi8 @@ -51,9 +51,9 @@ COPY python_requirements /tmp/requirements.txt # COPY certs/* /etc/pki/ca-trust/source/anchors/ # RUN update-ca-trust force-enable && update-ca-trust extract -COPY yum.repos.d/almalinux.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/almalinux8.repo /etc/yum.repos.d/almalinux8.repo RUN sed -i 's@^\s*enabled\s*=.*$@enabled = 1@g' /etc/yum.repos.d/*.repo \ - && sed -i 's@^\s*enabled\s*=.*$@enabled = 0@g' /etc/yum.repos.d/almalinux.repo \ + && sed -i 's@^\s*enabled\s*=.*$@enabled = 0@g' /etc/yum.repos.d/almalinux8.repo \ && grep -i '\(name\|enabled\)' /etc/yum.repos.d/*.repo RUN set -x \ diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..c624c12f5 --- /dev/null +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -0,0 +1,204 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +LABEL maintainer="Erhard Wais , Frank Joas , Josef Hartmann , Steve Taylor " + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-terraform-ubi9-docker" \ + name="openshift/jenkins-agent-terraform-ubi9" \ + version="0.1" \ + architecture="x86_64" \ + release="1" \ + io.k8s.display-name="Jenkins Agent Terraform" \ + io.k8s.description="The jenkins agent image has terraform and other tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,terraform,aws,azure" + +ARG nexusUrl +ARG nexusAuth +ARG NPMJS_REGISTRY_FLAG + +ENV TERRAFORM_VERSION=1.4.6 \ + TERRAFORM_CONFIG_INSPECT_VERSION=0.2.0 \ + TERRAFORM_DOCS_VERSION=v0.16.0 \ + RUBY_VERSION=3.2.2 \ + PACKER_VERSION=1.8.7 \ + CONSUL_VERSION=1.15.2 \ + TFENV_VERSION=3.0.0 \ + TFLINT_VERSION=0.46.1 \ + NODEJS_VERSION=18 \ + BUNDLER_VERSION=2.4.13 \ + AGE_VERSION=1.1.1 \ + GEM_HOME=/opt/bundle \ + RBENV_ROOT=/opt/rbenv \ + RBENV_SHELL=bash \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem + +ENV INSTALL_PKGS="yum-utils gcc make git-core zlib zlib-devel gcc-c++ patch \ + python38 python38-pip python38-setuptools \ + python39 python39-pip python39-setuptools \ + python3.11 python3.11-pip python3.11-setuptools \ + readline \ + libffi-devel libyaml-devel openssl-devel make bzip2 autoconf curl sqlite-devel xz \ + jq parallel" +ENV INSTALL_DNF_PKGS="readline-devel bison automake libtool" +ENV PATH=/opt/tfenv/bin:/opt/rbenv/shims:/opt/rbenv/bin:/opt/node/bin:$PATH +ENV HOME=/home/jenkins + +RUN sh -c "rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm || true" +COPY python_requirements /tmp/requirements.txt + +# Workaroud we use when running behind proxy +# Basically we put the proxy certificate in certs folder +# COPY certs/* /etc/pki/ca-trust/source/anchors/ +# RUN update-ca-trust force-enable && update-ca-trust extract + +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux9.repo +RUN sed -i 's@^\s*enabled\s*=.*$@enabled = 1@g' /etc/yum.repos.d/*.repo \ + && sed -i 's@^\s*enabled\s*=.*$@enabled = 0@g' /etc/yum.repos.d/almalinux9.repo \ + && grep -i '\(name\|enabled\)' /etc/yum.repos.d/*.repo + +RUN set -x \ + && dnf -y repolist \ + && dnf -y install $INSTALL_PKGS \ + && dnf -y install --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS \ + && dnf clean all + +RUN curl -sSL "https://bootstrap.pypa.io/pip/3.6/get-pip.py" -o "get-pip.py" \ + && python3 get-pip.py + +# Upgrade pip +RUN pipVersions=( pip3 pip3.8 pip3.9 pip3.11 ); \ + for pipV in "${pipVersions[@]}"; \ + do \ + if [ ! -z ${nexusHost} ] && [ ! -z ${nexusAuth} ]; \ + then $pipV config set global.index-url https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ + && $pipV config set global.trusted-host ${nexusHost} \ + && $pipV config set global.extra-index-url https://pypi.org/simple; \ + fi; \ + $pipV config set global.cert /etc/ssl/certs/ca-bundle.crt && \ + $pipV install --upgrade pip --user && \ + $pipV install virtualenv pycodestyle; \ + done; \ + alternatives --set python /usr/bin/python3.11 \ + && alternatives --set python3 /usr/bin/python3.11 + +# Install python requirements +RUN python3.8 -m pip install -r /tmp/requirements.txt \ + && python3.9 -m pip install -r /tmp/requirements.txt \ + && python3.11 -m pip install -r /tmp/requirements.txt \ + && rm -f /tmp/requirements.txt + +# Install awscli2 +RUN curl -sSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \ + && unzip -qq awscliv2.zip \ + && ./aws/install \ + && rm -f awscliv2.zip \ + && rm -Rf ./aws + +# Install awssamcli +RUN curl -sSL "https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip" -o "awssam.zip" \ + && unzip -qq -d awssam awssam.zip \ + && ./awssam/install && rm -f awssam.zip && rm -Rf ./awssam + +# Install NodeJS +RUN INSTALL_NODE="nodejs nodejs-nodemon" \ + && curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - \ + && yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_NODE \ + && rpm -V $INSTALL_NODE \ + && yum clean all -y \ + && npm config set registry=$nexusUrl/repository/npmjs/ \ + && npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) \ + && npm config set email=no-reply@opendevstack.org \ + && npm config set strict-ssl=true + +# Install aws cdk +RUN npm install -g ${NPMJS_REGISTRY_FLAG} aws-cdk \ + && node --version \ + && cdk --version + +# Install terraform +RUN wget -q -O /tmp/terraform.zip "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip" \ + && unzip /tmp/terraform.zip -d /usr/local/bin \ + && rm -rf /tmp/terraform.zip \ + && terraform -h + +# Install tfenv +RUN umask 0002 && cd /opt && git clone --branch v${TFENV_VERSION} https://github.com/tfutils/tfenv.git \ + && TFENV_CURL_OUTPUT=0 /opt/tfenv/bin/tfenv install ${TERRAFORM_VERSION} \ + && /opt/tfenv/bin/tfenv use ${TERRAFORM_VERSION} \ + && chown -R 1001:0 /opt/tfenv \ + && chmod +x /opt/tfenv/bin/* \ + && terraform -version \ + && tfenv list + +# Install tflint +RUN wget -q -O /tmp/tflint.zip "https://github.com/terraform-linters/tflint/releases/download/v${TFLINT_VERSION}/tflint_linux_amd64.zip" \ + && unzip /tmp/tflint.zip -d /usr/local/bin \ + && rm -rf /tmp/tflint.zip \ + && tflint --version + +# Install packer +RUN wget -q -O /tmp/packer.zip "https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_amd64.zip" \ + && unzip /tmp/packer.zip -d /usr/local/bin \ + && rm -rf /tmp/packer.zip \ + && packer --version + +# Install terraform-config-inspect +RUN wget -q -O /tmp/terraform-config-inspect.tar.gz https://github.com/nichtraunzer/terraform-config-inspect/releases/download/v${TERRAFORM_CONFIG_INSPECT_VERSION}/terraform-config-inspect_${TERRAFORM_CONFIG_INSPECT_VERSION}_linux_amd64.tar.gz \ + && tar zxpf /tmp/terraform-config-inspect.tar.gz -C /usr/local/bin/ \ + && rm -f /tmp/terraform-config-inspect.tar.gz \ + && chmod 755 /usr/local/bin/terraform-config-inspect + +# Install terraform-docs +RUN wget -q -O /tmp/terraform-docs.tar.gz https://github.com/terraform-docs/terraform-docs/releases/download/${TERRAFORM_DOCS_VERSION}/terraform-docs-${TERRAFORM_DOCS_VERSION}-linux-amd64.tar.gz \ + && tar zxpf /tmp/terraform-docs.tar.gz -C /usr/local/bin/ terraform-docs \ + && chmod +x /usr/local/bin/terraform-docs + +# Install consul-cli +RUN wget -q "https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_amd64.zip" \ + && unzip consul_${CONSUL_VERSION}_linux_amd64.zip -d /usr/local/bin \ + && rm -f consul_${CONSUL_VERSION}_linux_amd64.zip \ + && chmod +x /usr/local/bin/consul \ + && /usr/local/bin/consul -version + +# Install age +RUN wget -q -O /tmp/age.tar.gz https://github.com/FiloSottile/age/releases/download/v${AGE_VERSION}/age-v${AGE_VERSION}-linux-amd64.tar.gz \ + && tar xzf /tmp/age.tar.gz -C /usr/local/bin \ + && rm -f /tmp/age.tar.gz + +RUN chmod +t /tmp \ + && chown -R 1001:0 $HOME \ + && chmod -R g+rwX $HOME \ + && mkdir -p $GEM_HOME \ + && chmod 2770 $GEM_HOME + +COPY Gemfile Gemfile.lock $GEM_HOME/ + +RUN chown -R 1001:0 $GEM_HOME \ + && chmod -R g+rw $GEM_HOME \ + && ls -lisa /home/jenkins $GEM_HOME + +# Setup ruby env and bundler gems +# RUBY https://syslint.com/blog/tutorial/how-to-install-ruby-on-rails-with-rbenv-on-centos-7-or-rhel-7/ +RUN cd /opt \ + && umask 0002 \ + && git clone https://github.com/rbenv/rbenv.git /opt/rbenv \ + && echo 'export PATH="/opt/rbenv/shims:/opt/rbenv/bin:$PATH"' >> ~/.bash_profile \ + && echo 'eval "$(rbenv init -)"' >> ~/.bash_profile \ + && source ~/.bash_profile \ + && git clone https://github.com/rbenv/ruby-build.git /opt/rbenv/plugins/ruby-build \ + && echo 'export PATH="/opt/rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bash_profile \ + && source ~/.bash_profile \ + && MAKE_OPTS='-j 4' rbenv install $RUBY_VERSION \ + && rbenv global $RUBY_VERSION \ + && gem install bundler -v $BUNDLER_VERSION \ + && RBENV_VERSION=$RUBY_VERSION gem install bundler -v $BUNDLER_VERSION \ + && bundle config default $BUNDLER_VERSION \ + && RBENV_VERSION=$RUBY_VERSION bundle config default $BUNDLER_VERSION \ + && bundle config set --global path $GEM_HOME \ + && RBENV_VERSION=$RUBY_VERSION bundle config set --global path $GEM_HOME \ + && cd $GEM_HOME \ + && BUNDLE_SILENCE_ROOT_WARNING=true bundle install --full-index --jobs=8 \ + && rm -Rf /home/jenkins/.bundle/cache + +USER 1001 + diff --git a/common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux.repo b/common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux8.repo similarity index 100% rename from common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux.repo rename to common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux8.repo diff --git a/common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/terraform-2306/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file diff --git a/common/jenkins-agents/terraform-2306/ocp-config/bc.yml b/common/jenkins-agents/terraform-2306/ocp-config/bc.yml index dba710946..263d1c2a0 100644 --- a/common/jenkins-agents/terraform-2306/ocp-config/bc.yml +++ b/common/jenkins-agents/terraform-2306/ocp-config/bc.yml @@ -18,7 +18,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use objects: - apiVersion: build.openshift.io/v1 diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi8 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi8 index afff2800a..c1e2599c6 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi8 @@ -56,9 +56,9 @@ COPY python_requirements /tmp/requirements.txt # COPY certs/* /etc/pki/ca-trust/source/anchors/ # RUN update-ca-trust force-enable && update-ca-trust extract -COPY yum.repos.d/almalinux.repo /etc/yum.repos.d/almalinux.repo +COPY yum.repos.d/almalinux8.repo /etc/yum.repos.d/almalinux8.repo RUN sed -i 's@^\s*enabled\s*=.*$@enabled = 1@g' /etc/yum.repos.d/*.repo \ - && sed -i 's@^\s*enabled\s*=.*$@enabled = 0@g' /etc/yum.repos.d/almalinux.repo \ + && sed -i 's@^\s*enabled\s*=.*$@enabled = 0@g' /etc/yum.repos.d/almalinux8.repo \ && grep -i '\(name\|enabled\)' /etc/yum.repos.d/*.repo RUN set -x \ diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 new file mode 100644 index 000000000..d39a1e015 --- /dev/null +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -0,0 +1,218 @@ +FROM opendevstackorg/ods-jenkins-agent-base-ubi8:latest + +LABEL maintainer="Erhard Wais , Frank Joas , Josef Hartmann , Steve Taylor " + +# Labels consumed by Red Hat build service +LABEL com.redhat.component="jenkins-agent-terraform-ubi9-docker" \ + name="openshift/jenkins-agent-terraform-ubi9" \ + version="0.1" \ + architecture="x86_64" \ + release="1" \ + io.k8s.display-name="Jenkins Agent Terraform" \ + io.k8s.description="The jenkins agent image has terraform and other tools on top of the jenkins agent base image." \ + io.openshift.tags="openshift,jenkins,agent,terraform,aws,azure" + +ARG nexusUrl +ARG nexusAuth +ARG NPMJS_REGISTRY_FLAG + +ENV TERRAFORM_VERSION=1.9.4 \ + TERRAFORM_CONFIG_INSPECT_VERSION=0.2.0 \ + TERRAFORM_DOCS_VERSION=v0.18.0 \ + RUBY_VERSION=3.3.4 \ + PACKER_VERSION=1.11.2 \ + CONSUL_VERSION=1.19.1 \ + TENV_VERSION=3.0.0 \ + TENV_AUTO_INSTALL=true \ + TENV_ROOT=/opt/tenv \ + GO_VERSION=1.21.13 \ + GOBIN=/usr/local/go/bin \ + TFLINT_VERSION=0.52.0 \ + NODEJS_VERSION=20 \ + BUNDLER_VERSION=2.5.17 \ + AGE_VERSION=1.2.0 \ + GEM_HOME=/opt/bundle \ + RBENV_ROOT=/opt/rbenv \ + RBENV_SHELL=bash \ + TASK_VERSION=3.38.0 \ + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem + +ENV INSTALL_PKGS="yum-utils gcc make git-core zlib zlib-devel gcc-c++ patch \ + python39 python39-pip python39-setuptools \ + python3.11 python3.11-pip python3.11-setuptools \ + python3.12 python3.12-pip python3.12-setuptools \ + readline \ + libffi-devel libyaml-devel openssl-devel make bzip2 autoconf curl sqlite-devel xz \ + jq parallel" +ENV INSTALL_DNF_PKGS="readline-devel bison automake libtool xorriso" +ENV PATH=/opt/rbenv/shims:/opt/rbenv/bin:/opt/node/bin:/usr/bin:/usr/local/go/bin:$PATH +ENV HOME=/home/jenkins + +RUN sh -c "rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm || true" +COPY python_requirements /tmp/requirements.txt + +# Workaroud we use when running behind proxy +# Basically we put the proxy certificate in certs folder +# COPY certs/* /etc/pki/ca-trust/source/anchors/ +# RUN update-ca-trust force-enable && update-ca-trust extract + +COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux9.repo +RUN sed -i 's@^\s*enabled\s*=.*$@enabled = 1@g' /etc/yum.repos.d/*.repo \ + && sed -i 's@^\s*enabled\s*=.*$@enabled = 0@g' /etc/yum.repos.d/almalinux9.repo \ + && grep -i '\(name\|enabled\)' /etc/yum.repos.d/*.repo + +RUN set -x \ + && dnf -y repolist \ + && dnf -y install $INSTALL_PKGS \ + && dnf -y install --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS + +RUN curl -sSL "https://bootstrap.pypa.io/pip/3.6/get-pip.py" -o "/tmp/get-pip.py" \ + && python3 /tmp/get-pip.py \ + && rm -f /tmp/get-pip.py + +# Upgrade pip +RUN pipVersions=( pip3 pip3.9 pip3.11 pip3.12 ); \ + for pipV in "${pipVersions[@]}"; \ + do \ + if [ ! -z ${nexusHost} ] && [ ! -z ${nexusAuth} ]; \ + then $pipV config set global.index-url https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ + && $pipV config set global.trusted-host ${nexusHost} \ + && $pipV config set global.extra-index-url https://pypi.org/simple; \ + fi; \ + $pipV config set global.cert /etc/ssl/certs/ca-bundle.crt && \ + $pipV install --upgrade pip --user && \ + $pipV install virtualenv pycodestyle; \ + done; \ + alternatives --set python /usr/bin/python3.12 \ + && alternatives --set python3 /usr/bin/python3.12 + +# Install python requirements +RUN python3.9 -m pip install -r /tmp/requirements.txt \ + && python3.11 -m pip install -r /tmp/requirements.txt \ + && python3.12 -m pip install -r /tmp/requirements.txt \ + && rm -f /tmp/requirements.txt + +# Install awscli2 +RUN curl -sSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \ + && unzip -qq awscliv2.zip \ + && ./aws/install \ + && rm -f awscliv2.zip \ + && rm -Rf ./aws + +# Install awssamcli +RUN curl -sSL "https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip" -o "awssam.zip" \ + && unzip -qq -d awssam awssam.zip \ + && ./awssam/install && rm -f awssam.zip && rm -Rf ./awssam + +# Install NodeJS +RUN INSTALL_NODE="nodejs nodejs-nodemon" \ + && curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - \ + && yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_NODE \ + && rpm -V $INSTALL_NODE \ + && yum clean all -y \ + && npm config set registry=$nexusUrl/repository/npmjs/ \ + && npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) \ + && npm config set email=no-reply@opendevstack.org \ + && npm config set strict-ssl=true + +# Install aws cdk +RUN npm install -g ${NPMJS_REGISTRY_FLAG} aws-cdk \ + && node --version \ + && cdk --version + +# Install tenv & install terraform +RUN mkdir -p "${TENV_ROOT}" && chmod 2775 "${TENV_ROOT}" && chown 1001:0 "${TENV_ROOT}" \ + && dnf install -y https://github.com/tofuutils/tenv/releases/download/v${TENV_VERSION}/tenv_v${TENV_VERSION}_amd64.rpm \ + && dnf clean all \ + && tenv tf install ${TERRAFORM_VERSION} \ + && tenv tf use ${TERRAFORM_VERSION} \ + && tenv version \ + && terraform -version \ + && tenv tf list \ + && echo 'export PATH=$(/usr/bin/tenv update-path)' > /etc/profile.d/tenv.sh \ + && chown -R 1001:0 "${TENV_ROOT}" \ + && chmod -R 2775 "${TENV_ROOT}" + +# Install GO for terratest +RUN cd /tmp \ + && curl -LfSso /tmp/go.tar.gz https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz \ + && tar -C /usr/local -xzf go.tar.gz \ + && rm -f /tmp/go.tar.gz \ + && /usr/local/go/bin/go version + +# Install go-task +RUN sh -c "$(curl --location https://taskfile.dev/install.sh)" -- -d v${TASK_VERSION} \ + && task --version + +# Install tflint +RUN wget -q -O /tmp/tflint.zip "https://github.com/terraform-linters/tflint/releases/download/v${TFLINT_VERSION}/tflint_linux_amd64.zip" \ + && unzip /tmp/tflint.zip -d /usr/local/bin \ + && rm -rf /tmp/tflint.zip \ + && tflint --version + +# Install packer +RUN wget -q -O /tmp/packer.zip "https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_amd64.zip" \ + && unzip /tmp/packer.zip -d /usr/local/bin packer \ + && rm -rf /tmp/packer.zip \ + && packer --version + +# Install terraform-config-inspect +RUN wget -q -O /tmp/terraform-config-inspect.tar.gz https://github.com/nichtraunzer/terraform-config-inspect/releases/download/v${TERRAFORM_CONFIG_INSPECT_VERSION}/terraform-config-inspect_${TERRAFORM_CONFIG_INSPECT_VERSION}_linux_amd64.tar.gz \ + && tar zxpf /tmp/terraform-config-inspect.tar.gz -C /usr/local/bin/ terraform-config-inspect \ + && rm -f /tmp/terraform-config-inspect.tar.gz \ + && chmod 755 /usr/local/bin/terraform-config-inspect + +# Install terraform-docs +RUN wget -q -O /tmp/terraform-docs.tar.gz https://github.com/terraform-docs/terraform-docs/releases/download/${TERRAFORM_DOCS_VERSION}/terraform-docs-${TERRAFORM_DOCS_VERSION}-linux-amd64.tar.gz \ + && tar zxpf /tmp/terraform-docs.tar.gz -C /usr/local/bin/ terraform-docs \ + && chmod +x /usr/local/bin/terraform-docs \ + && rm -f /tmp/terraform-docs.tar.gz + +# Install consul-cli +RUN wget -q "https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_amd64.zip" \ + && unzip consul_${CONSUL_VERSION}_linux_amd64.zip -d /usr/local/bin consul \ + && rm -f consul_${CONSUL_VERSION}_linux_amd64.zip \ + && chmod +x /usr/local/bin/consul \ + && /usr/local/bin/consul -version + +# Install age +RUN wget -q -O /tmp/age.tar.gz https://github.com/FiloSottile/age/releases/download/v${AGE_VERSION}/age-v${AGE_VERSION}-linux-amd64.tar.gz \ + && tar xzf /tmp/age.tar.gz -C /usr/local/bin \ + && rm -f /tmp/age.tar.gz + +RUN chmod +t /tmp \ + && chown -R 1001:0 $HOME \ + && chmod -R g+rwX $HOME \ + && mkdir -p $GEM_HOME \ + && chmod 2770 $GEM_HOME + +COPY Gemfile Gemfile.lock $GEM_HOME/ + +RUN chown -R 1001:0 $GEM_HOME \ + && chmod -R g+rw $GEM_HOME \ + && ls -lisa /home/jenkins $GEM_HOME + +# Setup ruby env and bundler gems +# RUBY https://syslint.com/blog/tutorial/how-to-install-ruby-on-rails-with-rbenv-on-centos-7-or-rhel-7/ +RUN cd /opt \ + && umask 0002 \ + && git clone https://github.com/rbenv/rbenv.git /opt/rbenv \ + && echo 'export PATH="/opt/rbenv/shims:/opt/rbenv/bin:$PATH"' >> ~/.bash_profile \ + && echo 'eval "$(rbenv init -)"' >> ~/.bash_profile \ + && source ~/.bash_profile \ + && git clone https://github.com/rbenv/ruby-build.git /opt/rbenv/plugins/ruby-build \ + && echo 'export PATH="/opt/rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bash_profile \ + && source ~/.bash_profile \ + && MAKE_OPTS='-j 4' rbenv install $RUBY_VERSION \ + && rbenv global $RUBY_VERSION \ + && gem install bundler -v $BUNDLER_VERSION \ + && RBENV_VERSION=$RUBY_VERSION gem install bundler -v $BUNDLER_VERSION \ + && bundle config default $BUNDLER_VERSION \ + && RBENV_VERSION=$RUBY_VERSION bundle config default $BUNDLER_VERSION \ + && bundle config set --global path $GEM_HOME \ + && RBENV_VERSION=$RUBY_VERSION bundle config set --global path $GEM_HOME \ + && cd $GEM_HOME \ + && BUNDLE_SILENCE_ROOT_WARNING=true bundle install --full-index --jobs=8 \ + && rm -Rf /home/jenkins/.bundle/cache + +USER 1001 diff --git a/common/jenkins-agents/nodejs24/docker/yum.repos.d/almalinux.repo b/common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux8.repo similarity index 99% rename from common/jenkins-agents/nodejs24/docker/yum.repos.d/almalinux.repo rename to common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux8.repo index 64ed35aa6..d26a001f7 100644 --- a/common/jenkins-agents/nodejs24/docker/yum.repos.d/almalinux.repo +++ b/common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux8.repo @@ -10,4 +10,4 @@ name=AlmaLinux-8-AppStream baseurl=https://repo.almalinux.org/almalinux/8/AppStream/x86_64/os/ enabled=1 gpgcheck=1 -gpgkey=https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux +gpgkey=https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux \ No newline at end of file diff --git a/common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux9.repo b/common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux9.repo new file mode 100644 index 000000000..a9ac9c610 --- /dev/null +++ b/common/jenkins-agents/terraform-2408/docker/yum.repos.d/almalinux9.repo @@ -0,0 +1,13 @@ +[almalinux-baseos] +name=AlmaLinux-9-BaseOS +baseurl=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 + +[almalinux-appstream] +name=AlmaLinux-9-AppStream +baseurl=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/ +enabled=1 +gpgcheck=1 +gpgkey=https://repo.almalinux.org/almalinux/9/AppStream/x86_64/os/RPM-GPG-KEY-AlmaLinux-9 \ No newline at end of file diff --git a/common/jenkins-agents/terraform-2408/ocp-config/bc.yml b/common/jenkins-agents/terraform-2408/ocp-config/bc.yml index 2f20fc387..63396a867 100644 --- a/common/jenkins-agents/terraform-2408/ocp-config/bc.yml +++ b/common/jenkins-agents/terraform-2408/ocp-config/bc.yml @@ -18,7 +18,7 @@ parameters: - name: ODS_GIT_REF required: true - name: JENKINS_AGENT_DOCKERFILE_PATH - value: Dockerfile.ubi8 + value: Dockerfile.ubi9 description: Dockerfile variant to use objects: - apiVersion: build.openshift.io/v1 From ce2e711f357f4708a6ec3730e4bc4127b05e3b57 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 17:39:41 +0100 Subject: [PATCH 02/31] set version for botocore --- common/jenkins-agents/terraform-2306/docker/python_requirements | 2 +- common/jenkins-agents/terraform-2408/docker/python_requirements | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/common/jenkins-agents/terraform-2306/docker/python_requirements b/common/jenkins-agents/terraform-2306/docker/python_requirements index 2f647a27f..40e1ca749 100644 --- a/common/jenkins-agents/terraform-2306/docker/python_requirements +++ b/common/jenkins-agents/terraform-2306/docker/python_requirements @@ -3,7 +3,7 @@ boto3~=1.26 requests~=2.27 simplejson~=3.19 argparse~=1.4 -botocore +botocore~=1.37 pipenv~=2023.4 python-hcl2~=2.0 pre-commit~=3.3.1 diff --git a/common/jenkins-agents/terraform-2408/docker/python_requirements b/common/jenkins-agents/terraform-2408/docker/python_requirements index e85eaae86..e546ab4cb 100644 --- a/common/jenkins-agents/terraform-2408/docker/python_requirements +++ b/common/jenkins-agents/terraform-2408/docker/python_requirements @@ -3,7 +3,7 @@ boto3~=1.34 requests~=2.32 simplejson~=3.19 argparse~=1.4 -botocore +botocore~=1.37 pipenv~=2024.0 python-hcl2~=2.0 pre-commit~=3.8.0 From 95814199c5beeb368824d4b674beb13fdec45359 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 17:48:44 +0100 Subject: [PATCH 03/31] increase Ephemeral storage --- common/jenkins-agents/jdk/ocp-config/bc.yml | 4 ++-- common/jenkins-agents/nodejs18/ocp-config/bc.yml | 4 ++-- common/jenkins-agents/nodejs20/ocp-config/bc.yml | 4 ++-- common/jenkins-agents/nodejs22/ocp-config/bc.yml | 4 ++-- common/jenkins-agents/nodejs24/ocp-config/bc.yml | 4 ++-- common/jenkins-agents/python/ocp-config/bc.yml | 4 ++-- common/jenkins-agents/rust/ocp-config/bc.yml | 4 ++-- common/jenkins-agents/scala/ocp-config/bc.yml | 4 ++-- common/jenkins-agents/terraform-2306/ocp-config/bc.yml | 4 ++-- common/jenkins-agents/terraform-2408/ocp-config/bc.yml | 4 ++-- 10 files changed, 20 insertions(+), 20 deletions(-) diff --git a/common/jenkins-agents/jdk/ocp-config/bc.yml b/common/jenkins-agents/jdk/ocp-config/bc.yml index cb52eb874..c4324f98e 100644 --- a/common/jenkins-agents/jdk/ocp-config/bc.yml +++ b/common/jenkins-agents/jdk/ocp-config/bc.yml @@ -41,11 +41,11 @@ objects: limits: cpu: "1" memory: "2Gi" - ephemeral-storage: "8Gi" + ephemeral-storage: "16Gi" requests: cpu: "200m" memory: "1Gi" - ephemeral-storage: "5Gi" + ephemeral-storage: "10Gi" runPolicy: Serial source: contextDir: common/jenkins-agents/jdk/docker diff --git a/common/jenkins-agents/nodejs18/ocp-config/bc.yml b/common/jenkins-agents/nodejs18/ocp-config/bc.yml index 45213e5bf..1da759ff0 100644 --- a/common/jenkins-agents/nodejs18/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs18/ocp-config/bc.yml @@ -39,11 +39,11 @@ objects: limits: cpu: "1" memory: "3Gi" - ephemeral-storage: "20Gi" + ephemeral-storage: "30Gi" requests: cpu: "200m" memory: "2Gi" - ephemeral-storage: "15Gi" + ephemeral-storage: "20Gi" runPolicy: Serial source: contextDir: common/jenkins-agents/nodejs18/docker diff --git a/common/jenkins-agents/nodejs20/ocp-config/bc.yml b/common/jenkins-agents/nodejs20/ocp-config/bc.yml index 96a4a802e..c3f2948c6 100644 --- a/common/jenkins-agents/nodejs20/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs20/ocp-config/bc.yml @@ -39,11 +39,11 @@ objects: limits: cpu: "1" memory: "3Gi" - ephemeral-storage: "20Gi" + ephemeral-storage: "30Gi" requests: cpu: "200m" memory: "2Gi" - ephemeral-storage: "15Gi" + ephemeral-storage: "20Gi" runPolicy: Serial source: contextDir: common/jenkins-agents/nodejs20/docker diff --git a/common/jenkins-agents/nodejs22/ocp-config/bc.yml b/common/jenkins-agents/nodejs22/ocp-config/bc.yml index 2571fbeb9..acee45636 100644 --- a/common/jenkins-agents/nodejs22/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs22/ocp-config/bc.yml @@ -39,11 +39,11 @@ objects: limits: cpu: "1" memory: "3Gi" - ephemeral-storage: "20Gi" + ephemeral-storage: "30Gi" requests: cpu: "200m" memory: "2Gi" - ephemeral-storage: "15Gi" + ephemeral-storage: "20Gi" runPolicy: Serial source: contextDir: common/jenkins-agents/nodejs22/docker diff --git a/common/jenkins-agents/nodejs24/ocp-config/bc.yml b/common/jenkins-agents/nodejs24/ocp-config/bc.yml index 69f122d02..bd44e8c65 100644 --- a/common/jenkins-agents/nodejs24/ocp-config/bc.yml +++ b/common/jenkins-agents/nodejs24/ocp-config/bc.yml @@ -39,11 +39,11 @@ objects: limits: cpu: "1" memory: "3Gi" - ephemeral-storage: "20Gi" + ephemeral-storage: "30Gi" requests: cpu: "200m" memory: "2Gi" - ephemeral-storage: "15Gi" + ephemeral-storage: "20Gi" runPolicy: Serial source: contextDir: common/jenkins-agents/nodejs24/docker diff --git a/common/jenkins-agents/python/ocp-config/bc.yml b/common/jenkins-agents/python/ocp-config/bc.yml index 4f1f3723c..94f27cf51 100644 --- a/common/jenkins-agents/python/ocp-config/bc.yml +++ b/common/jenkins-agents/python/ocp-config/bc.yml @@ -40,11 +40,11 @@ objects: resources: limits: cpu: "1" - ephemeral-storage: "8Gi" + ephemeral-storage: "16Gi" memory: "2Gi" requests: cpu: "200m" - ephemeral-storage: "5Gi" + ephemeral-storage: "10Gi" memory: "1Gi" runPolicy: Serial source: diff --git a/common/jenkins-agents/rust/ocp-config/bc.yml b/common/jenkins-agents/rust/ocp-config/bc.yml index d183808f8..0609a58c6 100644 --- a/common/jenkins-agents/rust/ocp-config/bc.yml +++ b/common/jenkins-agents/rust/ocp-config/bc.yml @@ -59,11 +59,11 @@ objects: limits: cpu: "2" memory: "4Gi" - ephemeral-storage: "30Gi" + ephemeral-storage: "50Gi" requests: cpu: "500m" memory: "3Gi" - ephemeral-storage: "20Gi" + ephemeral-storage: "30Gi" runPolicy: Serial source: contextDir: common/jenkins-agents/rust/docker diff --git a/common/jenkins-agents/scala/ocp-config/bc.yml b/common/jenkins-agents/scala/ocp-config/bc.yml index 6ac6036fc..bd08d0087 100644 --- a/common/jenkins-agents/scala/ocp-config/bc.yml +++ b/common/jenkins-agents/scala/ocp-config/bc.yml @@ -41,11 +41,11 @@ objects: limits: cpu: "1" memory: "2Gi" - ephemeral-storage: "8Gi" + ephemeral-storage: "16Gi" requests: cpu: "200m" memory: "1Gi" - ephemeral-storage: "5Gi" + ephemeral-storage: "10Gi" runPolicy: Serial source: contextDir: common/jenkins-agents/scala/docker diff --git a/common/jenkins-agents/terraform-2306/ocp-config/bc.yml b/common/jenkins-agents/terraform-2306/ocp-config/bc.yml index 263d1c2a0..a5b6136d7 100644 --- a/common/jenkins-agents/terraform-2306/ocp-config/bc.yml +++ b/common/jenkins-agents/terraform-2306/ocp-config/bc.yml @@ -39,11 +39,11 @@ objects: limits: cpu: "2" memory: "8Gi" - ephemeral-storage: "30Gi" + ephemeral-storage: "50Gi" requests: cpu: "500m" memory: "5Gi" - ephemeral-storage: "20Gi" + ephemeral-storage: "30Gi" runPolicy: Serial source: contextDir: common/jenkins-agents/terraform-2306/docker diff --git a/common/jenkins-agents/terraform-2408/ocp-config/bc.yml b/common/jenkins-agents/terraform-2408/ocp-config/bc.yml index 63396a867..874d8fe7f 100644 --- a/common/jenkins-agents/terraform-2408/ocp-config/bc.yml +++ b/common/jenkins-agents/terraform-2408/ocp-config/bc.yml @@ -39,11 +39,11 @@ objects: limits: cpu: "2" memory: "8Gi" - ephemeral-storage: "30Gi" + ephemeral-storage: "50Gi" requests: cpu: "500m" memory: "5Gi" - ephemeral-storage: "20Gi" + ephemeral-storage: "30Gi" runPolicy: Serial source: contextDir: common/jenkins-agents/terraform-2408/docker From f56c1d34e28c7467256794685299472ff36685c3 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 17:53:59 +0100 Subject: [PATCH 04/31] increase Ephemeral storage --- common/jenkins-agents/golang/ocp-config/bc.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/common/jenkins-agents/golang/ocp-config/bc.yml b/common/jenkins-agents/golang/ocp-config/bc.yml index ac5fc8f8f..3454f864d 100644 --- a/common/jenkins-agents/golang/ocp-config/bc.yml +++ b/common/jenkins-agents/golang/ocp-config/bc.yml @@ -41,11 +41,11 @@ objects: limits: cpu: "1" memory: "2Gi" - ephemeral-storage: "8Gi" + ephemeral-storage: "16Gi" requests: cpu: "200m" memory: "1Gi" - ephemeral-storage: "5Gi" + ephemeral-storage: "10Gi" runPolicy: Serial source: contextDir: common/jenkins-agents/golang/docker From bbe340e6a96a1ed1a9b95005606f78c465723b5a Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 19:14:04 +0100 Subject: [PATCH 05/31] use uv instead of pip, ensuring retrocompatibility --- .../python/docker/Dockerfile.ubi9 | 44 ++++++++++--------- 1 file changed, 24 insertions(+), 20 deletions(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index bed9a16f7..e6dd37a50 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -7,28 +7,32 @@ ARG nexusAuth ENV PYTHONUNBUFFERED=1 \ PYTHONIOENCODING=UTF-8 \ - PIP_NO_CACHE_DIR=off \ - PATH=$JAVA_HOME/bin:$PATH - -RUN yum module install -y python38:3.8/build && \ - yum module install -y python39:3.9/build --allowerasing && \ - yum install -y python3.11 python3.11-pip python3.11-devel python3.11-setuptools --allowerasing && \ - yum install -y python3.12 python3.12-pip python3.12-devel python3.12-setuptools --allowerasing && \ - yum install -y autoconf automake gcc-c++ openssl-devel libffi-devel && \ + UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ + UV_EXTRA_INDEX_URL=https://pypi.org/simple \ + PIP_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ + PIP_EXTRA_INDEX_URL=https://pypi.org/simple \ + PATH=$HOME/.cargo/bin:$JAVA_HOME/bin:$PATH + +RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ + curl -LsSf https://astral.sh/uv/install.sh | sh && \ + echo "alias pip='uv pip'" >> ~/.bashrc && \ yum -y clean all -RUN pipVersions=( pip3.8 pip3.9 pip3.11 pip3.12 ); \ - for pipV in "${pipVersions[@]}"; \ - do \ - if [ ! -z ${nexusHost} ] && [ ! -z ${nexusAuth} ]; \ - then $pipV config set global.index-url https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ - && $pipV config set global.trusted-host ${nexusHost} \ - && $pipV config set global.extra-index-url https://pypi.org/simple; \ - fi; \ - $pipV config set global.cert /etc/ssl/certs/ca-bundle.crt && \ - $pipV install --upgrade pip --user && \ - $pipV install virtualenv==20.26.3 setuptools==72.2.0 Cython==3.0.11 pypandoc==1.13; \ - done; +RUN for pyVersion in 3.8 3.9 3.11 3.12; do \ + uv pip install --python $pyVersion \ + virtualenv==20.26.3 \ + setuptools==72.2.0 \ + Cython==3.0.11 \ + pypandoc==1.13; \ + done && \ + uv tool update-shells + +# Configure pip to use Nexus repository for retrocompatibility +RUN mkdir -p $HOME/.pip && \ + echo "[global]" > $HOME/.pip/pip.conf && \ + echo "index-url = https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple" >> $HOME/.pip/pip.conf && \ + echo "extra-index-url = https://pypi.org/simple" >> $HOME/.pip/pip.conf && \ + chown 1001:0 $HOME/.pip # Enables default user to access $HOME folder RUN chown -R 1001:0 $HOME && \ From 20f4d7b229268c39df67cc42f308352da968dc84 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 19:14:27 +0100 Subject: [PATCH 06/31] cleanup --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 7 ------- 1 file changed, 7 deletions(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index e6dd37a50..bc6355149 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -27,13 +27,6 @@ RUN for pyVersion in 3.8 3.9 3.11 3.12; do \ done && \ uv tool update-shells -# Configure pip to use Nexus repository for retrocompatibility -RUN mkdir -p $HOME/.pip && \ - echo "[global]" > $HOME/.pip/pip.conf && \ - echo "index-url = https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple" >> $HOME/.pip/pip.conf && \ - echo "extra-index-url = https://pypi.org/simple" >> $HOME/.pip/pip.conf && \ - chown 1001:0 $HOME/.pip - # Enables default user to access $HOME folder RUN chown -R 1001:0 $HOME && \ chmod -R a+rw $HOME From 35fd44cc684e11aac36f89044f9f1a1c1d20feed Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 19:24:21 +0100 Subject: [PATCH 07/31] fix installation --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index bc6355149..ee8e434ef 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -11,7 +11,7 @@ ENV PYTHONUNBUFFERED=1 \ UV_EXTRA_INDEX_URL=https://pypi.org/simple \ PIP_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ PIP_EXTRA_INDEX_URL=https://pypi.org/simple \ - PATH=$HOME/.cargo/bin:$JAVA_HOME/bin:$PATH + PATH=/root/.cargo/bin:/root/.local/bin:$JAVA_HOME/bin:$PATH RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ curl -LsSf https://astral.sh/uv/install.sh | sh && \ @@ -19,6 +19,7 @@ RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ yum -y clean all RUN for pyVersion in 3.8 3.9 3.11 3.12; do \ + uv python install $pyVersion && \ uv pip install --python $pyVersion \ virtualenv==20.26.3 \ setuptools==72.2.0 \ From 158378d84e80d84149480511527afa8131da1fe3 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 19:31:46 +0100 Subject: [PATCH 08/31] fix installation path --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index ee8e434ef..9f63570c3 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -9,9 +9,9 @@ ENV PYTHONUNBUFFERED=1 \ PYTHONIOENCODING=UTF-8 \ UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ UV_EXTRA_INDEX_URL=https://pypi.org/simple \ - PIP_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ - PIP_EXTRA_INDEX_URL=https://pypi.org/simple \ - PATH=/root/.cargo/bin:/root/.local/bin:$JAVA_HOME/bin:$PATH + PIP_INDEX_URL=$UV_INDEX_URL \ + PIP_EXTRA_INDEX_URL=$UV_EXTRA_INDEX_URL \ + PATH=$HOME/.local/bin:$JAVA_HOME/bin:$PATH RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ curl -LsSf https://astral.sh/uv/install.sh | sh && \ From 22ced1798031c7948bb27463082f208ac5044432 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 19:37:01 +0100 Subject: [PATCH 09/31] fix python packages installation --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index 9f63570c3..3f26ae03f 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -20,7 +20,7 @@ RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ RUN for pyVersion in 3.8 3.9 3.11 3.12; do \ uv python install $pyVersion && \ - uv pip install --python $pyVersion \ + uv pip install --system --python $pyVersion \ virtualenv==20.26.3 \ setuptools==72.2.0 \ Cython==3.0.11 \ From 26e71a76aa51961d0dd0e197b7699be45e12ddc8 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 19:55:27 +0100 Subject: [PATCH 10/31] fix installation --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index 3f26ae03f..6f83327b0 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -20,13 +20,13 @@ RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ RUN for pyVersion in 3.8 3.9 3.11 3.12; do \ uv python install $pyVersion && \ - uv pip install --system --python $pyVersion \ + uv pip install --system --break-system-packages --python $pyVersion \ virtualenv==20.26.3 \ setuptools==72.2.0 \ Cython==3.0.11 \ pypandoc==1.13; \ done && \ - uv tool update-shells + uv tool update-shell # Enables default user to access $HOME folder RUN chown -R 1001:0 $HOME && \ From 0e48af90be7e5e7a10d389f3ecf01345ba20da92 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:00:34 +0100 Subject: [PATCH 11/31] remove machine ID generation from NodeJS Dockerfiles --- common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 | 3 --- common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 | 3 --- common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 | 3 --- common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 | 3 --- 4 files changed, 12 deletions(-) diff --git a/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 index 45e2ec851..ab8418f56 100644 --- a/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 @@ -22,9 +22,6 @@ ENV NODEJS_VERSION=18 \ COPY contrib/bin/configure-agent /usr/local/bin/configure-agent -# Generate machine ID -RUN dbus-uuidgen > /etc/machine-id - # Install NodeJS RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ diff --git a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 index aea0b8064..3a15bae18 100644 --- a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 @@ -22,9 +22,6 @@ ENV NODEJS_VERSION=20 \ COPY contrib/bin/configure-agent /usr/local/bin/configure-agent -# Generate machine ID -RUN dbus-uuidgen > /etc/machine-id - # Install NodeJS RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ diff --git a/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 index 0ee25a26e..f569f4972 100644 --- a/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 @@ -22,9 +22,6 @@ ENV NODEJS_VERSION=22 \ COPY contrib/bin/configure-agent /usr/local/bin/configure-agent -# Generate machine ID -RUN dbus-uuidgen > /etc/machine-id - # Install NodeJS RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ diff --git a/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 index b327e88c2..4abeffff9 100644 --- a/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 @@ -22,9 +22,6 @@ ENV NODEJS_VERSION=24 \ COPY contrib/bin/configure-agent /usr/local/bin/configure-agent -# Generate machine ID -RUN dbus-uuidgen > /etc/machine-id - # Install NodeJS RUN INSTALL_PKGS="nodejs nodejs-nodemon make gcc-c++" && \ curl -fsSL https://rpm.nodesource.com/setup_${NODEJS_VERSION}.x | bash - && \ From 74636496bdc26a6a667d1214623bd1b4a1722732 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:03:16 +0100 Subject: [PATCH 12/31] remove isl from rust in ubi9 as it is bundled in gcc --- common/jenkins-agents/rust/docker/Dockerfile.ubi9 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/jenkins-agents/rust/docker/Dockerfile.ubi9 b/common/jenkins-agents/rust/docker/Dockerfile.ubi9 index 21f5d10bd..34a7428a2 100644 --- a/common/jenkins-agents/rust/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/rust/docker/Dockerfile.ubi9 @@ -17,7 +17,7 @@ ENV CARGO_NEXTEST_VERSION=${cargoNextestVersion} \ CARGO_DENY_VERSION=${cargoDenyVersion} \ RUST_VERSION=${rustVersion} -RUN yum install -y binutils cpp gcc glibc-devel glibc-headers isl kernel-headers libasan libatomic \ +RUN yum install -y binutils cpp gcc glibc-devel glibc-headers kernel-headers libasan libatomic \ libgomp libmpc libpkgconf libubsan libxcrypt-devel llvm-libs pkgconf pkgconf-m4 pkgconf-pkg-config \ openssl-devel cpan perl-IPC-Cmd && \ cpan install FindBin From 4c64acb3655af546f2f96705639cd34c2aa1bbc6 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:06:36 +0100 Subject: [PATCH 13/31] remove GConf2 from package installation in NodeJS Dockerfiles --- common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 | 2 +- common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 | 2 +- common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 | 2 +- common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 index ab8418f56..3753b4ff4 100644 --- a/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/nodejs18/docker/Dockerfile.ubi9 @@ -39,7 +39,7 @@ COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux9.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ - && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel nss libXScrnSaver alsa-lib \ && yum install -y --enablerepo google-chrome google-chrome-stable \ && yum install -y --enablerepo edge microsoft-edge-stable \ && yum clean all -y diff --git a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 index 3a15bae18..9dfc171b5 100644 --- a/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/nodejs20/docker/Dockerfile.ubi9 @@ -39,7 +39,7 @@ COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux9.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ - && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel nss libXScrnSaver alsa-lib \ && yum install -y --enablerepo google-chrome google-chrome-stable \ && yum install -y --enablerepo edge microsoft-edge-stable \ && yum clean all -y diff --git a/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 index f569f4972..1bc6f642f 100644 --- a/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/nodejs22/docker/Dockerfile.ubi9 @@ -39,7 +39,7 @@ COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux9.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ - && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel nss libXScrnSaver alsa-lib \ && yum install -y --enablerepo google-chrome google-chrome-stable \ && yum install -y --enablerepo edge microsoft-edge-stable \ && yum clean all -y diff --git a/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 b/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 index 4abeffff9..4cc0d71d6 100644 --- a/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/nodejs24/docker/Dockerfile.ubi9 @@ -39,7 +39,7 @@ COPY yum.repos.d/google-chrome.repo /etc/yum.repos.d/google-chrome.repo COPY yum.repos.d/almalinux9.repo /etc/yum.repos.d/almalinux9.repo COPY yum.repos.d/microsoft-edge.repo /etc/yum.repos.d/microsoft-edge.repo RUN yum repolist \ - && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel GConf2 nss libXScrnSaver alsa-lib \ + && yum install -y xorg-x11-server-Xvfb gtk2-devel gtk3-devel libnotify-devel nss libXScrnSaver alsa-lib \ && yum install -y --enablerepo google-chrome google-chrome-stable \ && yum install -y --enablerepo edge microsoft-edge-stable \ && yum clean all -y From 97ab00d5256b5002eca79ca04d3a719ca1a9ac08 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:25:58 +0100 Subject: [PATCH 14/31] change python installation to use uv --- .../terraform-2306/docker/Dockerfile.ubi9 | 47 ++++++++---------- .../terraform-2408/docker/Dockerfile.ubi9 | 48 ++++++++----------- 2 files changed, 38 insertions(+), 57 deletions(-) diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 index c624c12f5..67cf744fa 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -30,12 +30,14 @@ ENV TERRAFORM_VERSION=1.4.6 \ GEM_HOME=/opt/bundle \ RBENV_ROOT=/opt/rbenv \ RBENV_SHELL=bash \ - NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ + UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ + UV_EXTRA_INDEX_URL=https://pypi.org/simple \ + PIP_INDEX_URL=$UV_INDEX_URL \ + PIP_EXTRA_INDEX_URL=$UV_EXTRA_INDEX_URL \ + UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt ENV INSTALL_PKGS="yum-utils gcc make git-core zlib zlib-devel gcc-c++ patch \ - python38 python38-pip python38-setuptools \ - python39 python39-pip python39-setuptools \ - python3.11 python3.11-pip python3.11-setuptools \ readline \ libffi-devel libyaml-devel openssl-devel make bzip2 autoconf curl sqlite-devel xz \ jq parallel" @@ -62,30 +64,19 @@ RUN set -x \ && dnf -y install --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS \ && dnf clean all -RUN curl -sSL "https://bootstrap.pypa.io/pip/3.6/get-pip.py" -o "get-pip.py" \ - && python3 get-pip.py - -# Upgrade pip -RUN pipVersions=( pip3 pip3.8 pip3.9 pip3.11 ); \ - for pipV in "${pipVersions[@]}"; \ - do \ - if [ ! -z ${nexusHost} ] && [ ! -z ${nexusAuth} ]; \ - then $pipV config set global.index-url https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ - && $pipV config set global.trusted-host ${nexusHost} \ - && $pipV config set global.extra-index-url https://pypi.org/simple; \ - fi; \ - $pipV config set global.cert /etc/ssl/certs/ca-bundle.crt && \ - $pipV install --upgrade pip --user && \ - $pipV install virtualenv pycodestyle; \ - done; \ - alternatives --set python /usr/bin/python3.11 \ - && alternatives --set python3 /usr/bin/python3.11 - -# Install python requirements -RUN python3.8 -m pip install -r /tmp/requirements.txt \ - && python3.9 -m pip install -r /tmp/requirements.txt \ - && python3.11 -m pip install -r /tmp/requirements.txt \ - && rm -f /tmp/requirements.txt +RUN curl -LsSf https://astral.sh/uv/install.sh | sh && \ + echo "alias pip='uv pip'" >> ~/.bashrc + +RUN for pyVersion in 3.8 3.9 3.11; do \ + uv python install $pyVersion && \ + uv pip install --system --break-system-packages --python $pyVersion \ + virtualenv \ + pycodestyle; \ + uv pip install --system --break-system-packages --python $pyVersion -r /tmp/requirements.txt \ + done && \ + rm -f /tmp/requirements.txt && \ + uv python pin 3.11 && \ + uv tool update-shell # Install awscli2 RUN curl -sSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \ diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 index d39a1e015..c40d499d0 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -35,12 +35,14 @@ ENV TERRAFORM_VERSION=1.9.4 \ RBENV_ROOT=/opt/rbenv \ RBENV_SHELL=bash \ TASK_VERSION=3.38.0 \ - NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem + NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ + UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ + UV_EXTRA_INDEX_URL=https://pypi.org/simple \ + PIP_INDEX_URL=$UV_INDEX_URL \ + PIP_EXTRA_INDEX_URL=$UV_EXTRA_INDEX_URL \ + UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt ENV INSTALL_PKGS="yum-utils gcc make git-core zlib zlib-devel gcc-c++ patch \ - python39 python39-pip python39-setuptools \ - python3.11 python3.11-pip python3.11-setuptools \ - python3.12 python3.12-pip python3.12-setuptools \ readline \ libffi-devel libyaml-devel openssl-devel make bzip2 autoconf curl sqlite-devel xz \ jq parallel" @@ -66,31 +68,19 @@ RUN set -x \ && dnf -y install $INSTALL_PKGS \ && dnf -y install --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS -RUN curl -sSL "https://bootstrap.pypa.io/pip/3.6/get-pip.py" -o "/tmp/get-pip.py" \ - && python3 /tmp/get-pip.py \ - && rm -f /tmp/get-pip.py - -# Upgrade pip -RUN pipVersions=( pip3 pip3.9 pip3.11 pip3.12 ); \ - for pipV in "${pipVersions[@]}"; \ - do \ - if [ ! -z ${nexusHost} ] && [ ! -z ${nexusAuth} ]; \ - then $pipV config set global.index-url https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ - && $pipV config set global.trusted-host ${nexusHost} \ - && $pipV config set global.extra-index-url https://pypi.org/simple; \ - fi; \ - $pipV config set global.cert /etc/ssl/certs/ca-bundle.crt && \ - $pipV install --upgrade pip --user && \ - $pipV install virtualenv pycodestyle; \ - done; \ - alternatives --set python /usr/bin/python3.12 \ - && alternatives --set python3 /usr/bin/python3.12 - -# Install python requirements -RUN python3.9 -m pip install -r /tmp/requirements.txt \ - && python3.11 -m pip install -r /tmp/requirements.txt \ - && python3.12 -m pip install -r /tmp/requirements.txt \ - && rm -f /tmp/requirements.txt +RUN curl -LsSf https://astral.sh/uv/install.sh | sh && \ + echo "alias pip='uv pip'" >> ~/.bashrc + +RUN for pyVersion in 3.9 3.11 3.12; do \ + uv python install $pyVersion && \ + uv pip install --system --break-system-packages --python $pyVersion \ + virtualenv \ + pycodestyle; \ + uv pip install --system --break-system-packages --python $pyVersion -r /tmp/requirements.txt \ + done && \ + rm -f /tmp/requirements.txt && \ + uv python pin 3.12 && \ + uv tool update-shell # Install awscli2 RUN curl -sSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \ From f3e7d33f8635aff1d1883abe0f5177f3d9d3f92e Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:31:53 +0100 Subject: [PATCH 15/31] update Dockerfile.ubi9 to use --allowerasing for package installations --- common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 | 4 ++-- common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 index 67cf744fa..26cbf5d60 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -60,8 +60,8 @@ RUN sed -i 's@^\s*enabled\s*=.*$@enabled = 1@g' /etc/yum.repos.d/*.repo \ RUN set -x \ && dnf -y repolist \ - && dnf -y install $INSTALL_PKGS \ - && dnf -y install --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS \ + && dnf -y install --allowerasing $INSTALL_PKGS \ + && dnf -y install --allowerasing --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS \ && dnf clean all RUN curl -LsSf https://astral.sh/uv/install.sh | sh && \ diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 index c40d499d0..347fa1f54 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -65,8 +65,8 @@ RUN sed -i 's@^\s*enabled\s*=.*$@enabled = 1@g' /etc/yum.repos.d/*.repo \ RUN set -x \ && dnf -y repolist \ - && dnf -y install $INSTALL_PKGS \ - && dnf -y install --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS + && dnf -y install --allowerasing $INSTALL_PKGS \ + && dnf -y install --allowerasing --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS RUN curl -LsSf https://astral.sh/uv/install.sh | sh && \ echo "alias pip='uv pip'" >> ~/.bashrc From 92975775a7ccc9e49fe0b3677a0c4f77ea31b87c Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:36:23 +0100 Subject: [PATCH 16/31] fix --- common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 | 4 ++-- common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 index 26cbf5d60..ecfd7c057 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -71,8 +71,8 @@ RUN for pyVersion in 3.8 3.9 3.11; do \ uv python install $pyVersion && \ uv pip install --system --break-system-packages --python $pyVersion \ virtualenv \ - pycodestyle; \ - uv pip install --system --break-system-packages --python $pyVersion -r /tmp/requirements.txt \ + pycodestyle \ + uv pip install --system --break-system-packages --python $pyVersion -r /tmp/requirements.txt; \ done && \ rm -f /tmp/requirements.txt && \ uv python pin 3.11 && \ diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 index 347fa1f54..b933dbcc0 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -75,8 +75,8 @@ RUN for pyVersion in 3.9 3.11 3.12; do \ uv python install $pyVersion && \ uv pip install --system --break-system-packages --python $pyVersion \ virtualenv \ - pycodestyle; \ - uv pip install --system --break-system-packages --python $pyVersion -r /tmp/requirements.txt \ + pycodestyle \ + uv pip install --system --break-system-packages --python $pyVersion -r /tmp/requirements.txt; \ done && \ rm -f /tmp/requirements.txt && \ uv python pin 3.12 && \ From db05959c4b5fde8b9472f2bcc7e8aebdbd5e1733 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:41:16 +0100 Subject: [PATCH 17/31] update Dockerfiles to set PIP_CERT environment variable for SSL certificate --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 2 ++ common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 | 5 +++-- common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 | 5 +++-- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index 6f83327b0..5423e9118 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -9,8 +9,10 @@ ENV PYTHONUNBUFFERED=1 \ PYTHONIOENCODING=UTF-8 \ UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ UV_EXTRA_INDEX_URL=https://pypi.org/simple \ + UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt \ PIP_INDEX_URL=$UV_INDEX_URL \ PIP_EXTRA_INDEX_URL=$UV_EXTRA_INDEX_URL \ + PIP_CERT=$UV_CA_CERTIFICATE \ PATH=$HOME/.local/bin:$JAVA_HOME/bin:$PATH RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 index ecfd7c057..b8657d44b 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -33,16 +33,17 @@ ENV TERRAFORM_VERSION=1.4.6 \ NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ UV_EXTRA_INDEX_URL=https://pypi.org/simple \ + UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt \ PIP_INDEX_URL=$UV_INDEX_URL \ PIP_EXTRA_INDEX_URL=$UV_EXTRA_INDEX_URL \ - UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt + PIP_CERT=$UV_CA_CERTIFICATE ENV INSTALL_PKGS="yum-utils gcc make git-core zlib zlib-devel gcc-c++ patch \ readline \ libffi-devel libyaml-devel openssl-devel make bzip2 autoconf curl sqlite-devel xz \ jq parallel" ENV INSTALL_DNF_PKGS="readline-devel bison automake libtool" -ENV PATH=/opt/tfenv/bin:/opt/rbenv/shims:/opt/rbenv/bin:/opt/node/bin:$PATH +ENV PATH=/opt/tfenv/bin:/opt/rbenv/shims:/opt/rbenv/bin:/opt/node/bin:$HOME/.local/bin:$JAVA_HOME/bin:$PATH ENV HOME=/home/jenkins RUN sh -c "rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm || true" diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 index b933dbcc0..47cecd27f 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -38,16 +38,17 @@ ENV TERRAFORM_VERSION=1.9.4 \ NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ UV_EXTRA_INDEX_URL=https://pypi.org/simple \ + UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt \ PIP_INDEX_URL=$UV_INDEX_URL \ PIP_EXTRA_INDEX_URL=$UV_EXTRA_INDEX_URL \ - UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt + PIP_CERT=$UV_CA_CERTIFICATE ENV INSTALL_PKGS="yum-utils gcc make git-core zlib zlib-devel gcc-c++ patch \ readline \ libffi-devel libyaml-devel openssl-devel make bzip2 autoconf curl sqlite-devel xz \ jq parallel" ENV INSTALL_DNF_PKGS="readline-devel bison automake libtool xorriso" -ENV PATH=/opt/rbenv/shims:/opt/rbenv/bin:/opt/node/bin:/usr/bin:/usr/local/go/bin:$PATH +ENV PATH=/opt/rbenv/shims:/opt/rbenv/bin:/opt/node/bin:/usr/bin:/usr/local/go/bin:$HOME/.local/bin:$JAVA_HOME/bin:$PATH ENV HOME=/home/jenkins RUN sh -c "rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm || true" From 034e3016b227ac1c62c7155dda8c86fe5ab1737b Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:44:21 +0100 Subject: [PATCH 18/31] fix Dockerfile.ubi9 to correct pip install command syntax --- common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 | 2 +- common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 index b8657d44b..57b0e4073 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -73,7 +73,7 @@ RUN for pyVersion in 3.8 3.9 3.11; do \ uv pip install --system --break-system-packages --python $pyVersion \ virtualenv \ pycodestyle \ - uv pip install --system --break-system-packages --python $pyVersion -r /tmp/requirements.txt; \ + -r /tmp/requirements.txt; \ done && \ rm -f /tmp/requirements.txt && \ uv python pin 3.11 && \ diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 index 47cecd27f..267593d7c 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -77,7 +77,7 @@ RUN for pyVersion in 3.9 3.11 3.12; do \ uv pip install --system --break-system-packages --python $pyVersion \ virtualenv \ pycodestyle \ - uv pip install --system --break-system-packages --python $pyVersion -r /tmp/requirements.txt; \ + -r /tmp/requirements.txt; \ done && \ rm -f /tmp/requirements.txt && \ uv python pin 3.12 && \ From 19c7fd4e020e25e5e5e33709bd7827681846e7b2 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:48:57 +0100 Subject: [PATCH 19/31] fix --- common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 | 2 +- common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 index 57b0e4073..dac1ab097 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -12,7 +12,7 @@ LABEL com.redhat.component="jenkins-agent-terraform-ubi9-docker" \ io.k8s.description="The jenkins agent image has terraform and other tools on top of the jenkins agent base image." \ io.openshift.tags="openshift,jenkins,agent,terraform,aws,azure" -ARG nexusUrl +ARG nexusHost ARG nexusAuth ARG NPMJS_REGISTRY_FLAG diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 index 267593d7c..7c4542575 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -12,7 +12,7 @@ LABEL com.redhat.component="jenkins-agent-terraform-ubi9-docker" \ io.k8s.description="The jenkins agent image has terraform and other tools on top of the jenkins agent base image." \ io.openshift.tags="openshift,jenkins,agent,terraform,aws,azure" -ARG nexusUrl +ARG nexusHost ARG nexusAuth ARG NPMJS_REGISTRY_FLAG From 2715f253a819e63a5cb90d100bc233266343bfa8 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:50:34 +0100 Subject: [PATCH 20/31] change frm nexusurl to nexusHost --- common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi8 | 6 +++--- common/jenkins-agents/terraform-2306/ocp-config/bc.yml | 2 +- common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi8 | 6 +++--- common/jenkins-agents/terraform-2408/ocp-config/bc.yml | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi8 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi8 index 1d69bbe56..694478f4e 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi8 @@ -12,7 +12,7 @@ LABEL com.redhat.component="jenkins-agent-terraform-ubi8-docker" \ io.k8s.description="The jenkins agent image has terraform and other tools on top of the jenkins agent base image." \ io.openshift.tags="openshift,jenkins,agent,terraform,aws,azure" -ARG nexusUrl +ARG nexusHost ARG nexusAuth ARG NPMJS_REGISTRY_FLAG @@ -105,8 +105,8 @@ RUN INSTALL_NODE="nodejs nodejs-nodemon" \ && yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_NODE \ && rpm -V $INSTALL_NODE \ && yum clean all -y \ - && npm config set registry=$nexusUrl/repository/npmjs/ \ - && npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) \ + && npm config set registry=$nexusHost/repository/npmjs/ \ + && npm config set //${nexusHost#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) \ && npm config set email=no-reply@opendevstack.org \ && npm config set strict-ssl=true diff --git a/common/jenkins-agents/terraform-2306/ocp-config/bc.yml b/common/jenkins-agents/terraform-2306/ocp-config/bc.yml index a5b6136d7..b2b85d13d 100644 --- a/common/jenkins-agents/terraform-2306/ocp-config/bc.yml +++ b/common/jenkins-agents/terraform-2306/ocp-config/bc.yml @@ -56,7 +56,7 @@ objects: strategy: dockerStrategy: buildArgs: - - name: nexusUrl + - name: nexusHost value: ${NEXUS_URL} - name: nexusAuth value: ${NEXUS_AUTH} diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi8 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi8 index c1e2599c6..df0415d9c 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi8 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi8 @@ -12,7 +12,7 @@ LABEL com.redhat.component="jenkins-agent-terraform-ubi8-docker" \ io.k8s.description="The jenkins agent image has terraform and other tools on top of the jenkins agent base image." \ io.openshift.tags="openshift,jenkins,agent,terraform,aws,azure" -ARG nexusUrl +ARG nexusHost ARG nexusAuth ARG NPMJS_REGISTRY_FLAG @@ -110,8 +110,8 @@ RUN INSTALL_NODE="nodejs nodejs-nodemon" \ && yum install -y --setopt=tsflags=nodocs --disableplugin=subscription-manager $INSTALL_NODE \ && rpm -V $INSTALL_NODE \ && yum clean all -y \ - && npm config set registry=$nexusUrl/repository/npmjs/ \ - && npm config set //${nexusUrl#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) \ + && npm config set registry=$nexusHost/repository/npmjs/ \ + && npm config set //${nexusHost#*://}/repository/npmjs/:_auth=$(echo -n $nexusAuth | base64) \ && npm config set email=no-reply@opendevstack.org \ && npm config set strict-ssl=true diff --git a/common/jenkins-agents/terraform-2408/ocp-config/bc.yml b/common/jenkins-agents/terraform-2408/ocp-config/bc.yml index 874d8fe7f..03948d65c 100644 --- a/common/jenkins-agents/terraform-2408/ocp-config/bc.yml +++ b/common/jenkins-agents/terraform-2408/ocp-config/bc.yml @@ -56,7 +56,7 @@ objects: strategy: dockerStrategy: buildArgs: - - name: nexusUrl + - name: nexusHost value: ${NEXUS_URL} - name: nexusAuth value: ${NEXUS_AUTH} From 4388ae6bb45ca44ab05cfad0cf1d3497e25adbbe Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 20:52:29 +0100 Subject: [PATCH 21/31] test --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index 5423e9118..96e044e9a 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -22,7 +22,7 @@ RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ RUN for pyVersion in 3.8 3.9 3.11 3.12; do \ uv python install $pyVersion && \ - uv pip install --system --break-system-packages --python $pyVersion \ + uv pip install --verbose --system --break-system-packages --python $pyVersion \ virtualenv==20.26.3 \ setuptools==72.2.0 \ Cython==3.0.11 \ From 81d5c33c22ac5af40dffd0b7eb37a8a66ceac02b Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Fri, 26 Dec 2025 22:04:05 +0100 Subject: [PATCH 22/31] update Dockerfile.ubi9 to remove unused PIP_EXTRA_INDEX_URL and ensure trusted host is set for pip install --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index 96e044e9a..b76c8fd5d 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -8,10 +8,11 @@ ARG nexusAuth ENV PYTHONUNBUFFERED=1 \ PYTHONIOENCODING=UTF-8 \ UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ - UV_EXTRA_INDEX_URL=https://pypi.org/simple \ + UV_DEFAULT_INDEX=$UV_INDEX_URL \ + UV_TRUSTED_HOST=${nexusHost} \ + PIP_TRUSTED_HOST=${nexusHost} \ UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt \ PIP_INDEX_URL=$UV_INDEX_URL \ - PIP_EXTRA_INDEX_URL=$UV_EXTRA_INDEX_URL \ PIP_CERT=$UV_CA_CERTIFICATE \ PATH=$HOME/.local/bin:$JAVA_HOME/bin:$PATH @@ -22,7 +23,7 @@ RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ RUN for pyVersion in 3.8 3.9 3.11 3.12; do \ uv python install $pyVersion && \ - uv pip install --verbose --system --break-system-packages --python $pyVersion \ + uv pip install --verbose --system --break-system-packages --python $pyVersion --trusted-host ${nexusHost} \ virtualenv==20.26.3 \ setuptools==72.2.0 \ Cython==3.0.11 \ From f4093c9b7fd50460e9803e23fc11427bed75cf42 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Sat, 27 Dec 2025 17:19:03 +0100 Subject: [PATCH 23/31] refactor Dockerfile.ubi9 to create a custom pip wrapper script for better command handling --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index b76c8fd5d..0a438c23f 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -18,7 +18,9 @@ ENV PYTHONUNBUFFERED=1 \ RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ curl -LsSf https://astral.sh/uv/install.sh | sh && \ - echo "alias pip='uv pip'" >> ~/.bashrc && \ + echo '#!/bin/bash' > /usr/local/bin/pip && \ + echo 'exec uv pip "$@"' >> /usr/local/bin/pip && \ + chmod +x /usr/local/bin/pip && \ yum -y clean all RUN for pyVersion in 3.8 3.9 3.11 3.12; do \ From b5a1fcf9beda3a5bb00b79bfec59464ac45afa7e Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Sat, 27 Dec 2025 17:27:42 +0100 Subject: [PATCH 24/31] update Dockerfile.ubi9 to configure pip with custom index and trusted host settings --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index 0a438c23f..30da9ab6e 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -18,9 +18,10 @@ ENV PYTHONUNBUFFERED=1 \ RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ curl -LsSf https://astral.sh/uv/install.sh | sh && \ - echo '#!/bin/bash' > /usr/local/bin/pip && \ - echo 'exec uv pip "$@"' >> /usr/local/bin/pip && \ - chmod +x /usr/local/bin/pip && \ + mkdir -p $HOME/.config/pip && \ + echo '[global]' > $HOME/.config/pip/pip.conf && \ + echo 'index-url = https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple' >> $HOME/.config/pip/pip.conf && \ + echo 'trusted-host = ${nexusHost}' >> $HOME/.config/pip/pip.conf && \ yum -y clean all RUN for pyVersion in 3.8 3.9 3.11 3.12; do \ From e0000837554d7741045dacf9b3073d57c579bd72 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Sat, 27 Dec 2025 17:34:45 +0100 Subject: [PATCH 25/31] fix formatting in Dockerfile.ubi9 for pip configuration commands --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index 30da9ab6e..dd266ba3e 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -19,9 +19,9 @@ ENV PYTHONUNBUFFERED=1 \ RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ curl -LsSf https://astral.sh/uv/install.sh | sh && \ mkdir -p $HOME/.config/pip && \ - echo '[global]' > $HOME/.config/pip/pip.conf && \ - echo 'index-url = https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple' >> $HOME/.config/pip/pip.conf && \ - echo 'trusted-host = ${nexusHost}' >> $HOME/.config/pip/pip.conf && \ + echo "[global]" > $HOME/.config/pip/pip.conf && \ + echo "index-url = https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple" >> $HOME/.config/pip/pip.conf && \ + echo "trusted-host = ${nexusHost}" >> $HOME/.config/pip/pip.conf && \ yum -y clean all RUN for pyVersion in 3.8 3.9 3.11 3.12; do \ From edd229d57240393edf70e9760eba6cac20a1b189 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Sat, 27 Dec 2025 17:54:20 +0100 Subject: [PATCH 26/31] update Dockerfile.ubi9 to configure pip with default index and trusted host settings --- .../terraform-2306/docker/Dockerfile.ubi9 | 12 ++++++++---- .../terraform-2408/docker/Dockerfile.ubi9 | 12 ++++++++---- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 index dac1ab097..1aca090ab 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -32,10 +32,11 @@ ENV TERRAFORM_VERSION=1.4.6 \ RBENV_SHELL=bash \ NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ - UV_EXTRA_INDEX_URL=https://pypi.org/simple \ + UV_DEFAULT_INDEX=$UV_INDEX_URL \ + UV_TRUSTED_HOST=${nexusHost} \ + PIP_TRUSTED_HOST=${nexusHost} \ UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt \ PIP_INDEX_URL=$UV_INDEX_URL \ - PIP_EXTRA_INDEX_URL=$UV_EXTRA_INDEX_URL \ PIP_CERT=$UV_CA_CERTIFICATE ENV INSTALL_PKGS="yum-utils gcc make git-core zlib zlib-devel gcc-c++ patch \ @@ -66,11 +67,14 @@ RUN set -x \ && dnf clean all RUN curl -LsSf https://astral.sh/uv/install.sh | sh && \ - echo "alias pip='uv pip'" >> ~/.bashrc + mkdir -p $HOME/.config/pip && \ + echo "[global]" > $HOME/.config/pip/pip.conf && \ + echo "index-url = https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple" >> $HOME/.config/pip/pip.conf && \ + echo "trusted-host = ${nexusHost}" >> $HOME/.config/pip/pip.conf RUN for pyVersion in 3.8 3.9 3.11; do \ uv python install $pyVersion && \ - uv pip install --system --break-system-packages --python $pyVersion \ + uv pip install --verbose --system --break-system-packages --python $pyVersion --trusted-host ${nexusHost} \ virtualenv \ pycodestyle \ -r /tmp/requirements.txt; \ diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 index 7c4542575..e715aafec 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -37,10 +37,11 @@ ENV TERRAFORM_VERSION=1.9.4 \ TASK_VERSION=3.38.0 \ NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ - UV_EXTRA_INDEX_URL=https://pypi.org/simple \ + UV_DEFAULT_INDEX=$UV_INDEX_URL \ + UV_TRUSTED_HOST=${nexusHost} \ + PIP_TRUSTED_HOST=${nexusHost} \ UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt \ PIP_INDEX_URL=$UV_INDEX_URL \ - PIP_EXTRA_INDEX_URL=$UV_EXTRA_INDEX_URL \ PIP_CERT=$UV_CA_CERTIFICATE ENV INSTALL_PKGS="yum-utils gcc make git-core zlib zlib-devel gcc-c++ patch \ @@ -70,11 +71,14 @@ RUN set -x \ && dnf -y install --allowerasing --enablerepo almalinux-baseos --enablerepo almalinux-appstream $INSTALL_DNF_PKGS RUN curl -LsSf https://astral.sh/uv/install.sh | sh && \ - echo "alias pip='uv pip'" >> ~/.bashrc + mkdir -p $HOME/.config/pip && \ + echo "[global]" > $HOME/.config/pip/pip.conf && \ + echo "index-url = https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple" >> $HOME/.config/pip/pip.conf && \ + echo "trusted-host = ${nexusHost}" >> $HOME/.config/pip/pip.conf RUN for pyVersion in 3.9 3.11 3.12; do \ uv python install $pyVersion && \ - uv pip install --system --break-system-packages --python $pyVersion \ + uv pip install --verbose --system --break-system-packages --python $pyVersion --trusted-host ${nexusHost} \ virtualenv \ pycodestyle \ -r /tmp/requirements.txt; \ From 807662a83aebf5cf6fc537ff08c8ae46cac88136 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Sat, 27 Dec 2025 18:01:45 +0100 Subject: [PATCH 27/31] update bc.yml to rename NEXUS_URL parameter to NEXUS_HOST for consistency --- common/jenkins-agents/terraform-2306/ocp-config/bc.yml | 4 ++-- common/jenkins-agents/terraform-2408/ocp-config/bc.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/common/jenkins-agents/terraform-2306/ocp-config/bc.yml b/common/jenkins-agents/terraform-2306/ocp-config/bc.yml index b2b85d13d..7e5d4eb0e 100644 --- a/common/jenkins-agents/terraform-2306/ocp-config/bc.yml +++ b/common/jenkins-agents/terraform-2306/ocp-config/bc.yml @@ -6,7 +6,7 @@ parameters: - name: ODS_BITBUCKET_PROJECT description: Bitbucket project name. value: opendevstack -- name: NEXUS_URL +- name: NEXUS_HOST required: true - name: NEXUS_AUTH required: true @@ -57,7 +57,7 @@ objects: dockerStrategy: buildArgs: - name: nexusHost - value: ${NEXUS_URL} + value: ${NEXUS_HOST} - name: nexusAuth value: ${NEXUS_AUTH} dockerfilePath: ${JENKINS_AGENT_DOCKERFILE_PATH} diff --git a/common/jenkins-agents/terraform-2408/ocp-config/bc.yml b/common/jenkins-agents/terraform-2408/ocp-config/bc.yml index 03948d65c..2b5a01be1 100644 --- a/common/jenkins-agents/terraform-2408/ocp-config/bc.yml +++ b/common/jenkins-agents/terraform-2408/ocp-config/bc.yml @@ -6,7 +6,7 @@ parameters: - name: ODS_BITBUCKET_PROJECT description: Bitbucket project name. value: opendevstack -- name: NEXUS_URL +- name: NEXUS_HOST required: true - name: NEXUS_AUTH required: true @@ -57,7 +57,7 @@ objects: dockerStrategy: buildArgs: - name: nexusHost - value: ${NEXUS_URL} + value: ${NEXUS_HOST} - name: nexusAuth value: ${NEXUS_AUTH} - name: nexusAuth From 3eb452c7732dc54e8c9d6dd484c0fe61efc50808 Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Sat, 27 Dec 2025 18:08:18 +0100 Subject: [PATCH 28/31] update Dockerfile.ubi9 to allow pre-release versions for pip installations --- common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 | 2 +- common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 index 1aca090ab..ba8a020d2 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -74,7 +74,7 @@ RUN curl -LsSf https://astral.sh/uv/install.sh | sh && \ RUN for pyVersion in 3.8 3.9 3.11; do \ uv python install $pyVersion && \ - uv pip install --verbose --system --break-system-packages --python $pyVersion --trusted-host ${nexusHost} \ + uv pip install --verbose --system --break-system-packages --python $pyVersion --trusted-host ${nexusHost} --prerelease=allow \ virtualenv \ pycodestyle \ -r /tmp/requirements.txt; \ diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 index e715aafec..7b94a75d0 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -78,7 +78,7 @@ RUN curl -LsSf https://astral.sh/uv/install.sh | sh && \ RUN for pyVersion in 3.9 3.11 3.12; do \ uv python install $pyVersion && \ - uv pip install --verbose --system --break-system-packages --python $pyVersion --trusted-host ${nexusHost} \ + uv pip install --verbose --system --break-system-packages --python $pyVersion --trusted-host ${nexusHost} --prerelease=allow \ virtualenv \ pycodestyle \ -r /tmp/requirements.txt; \ From 2b789b773628a540f7b4d050f9a6e9f9981f6f0f Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Sat, 27 Dec 2025 18:17:55 +0100 Subject: [PATCH 29/31] update Dockerfile.ubi9 to define nexusUrl argument based on nexusHost --- common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 | 1 + common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 | 1 + 2 files changed, 2 insertions(+) diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 index ba8a020d2..2e9324cb2 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -13,6 +13,7 @@ LABEL com.redhat.component="jenkins-agent-terraform-ubi9-docker" \ io.openshift.tags="openshift,jenkins,agent,terraform,aws,azure" ARG nexusHost +ARG nexusUrl=https://${nexusHost} ARG nexusAuth ARG NPMJS_REGISTRY_FLAG diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 index 7b94a75d0..92f96387a 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -13,6 +13,7 @@ LABEL com.redhat.component="jenkins-agent-terraform-ubi9-docker" \ io.openshift.tags="openshift,jenkins,agent,terraform,aws,azure" ARG nexusHost +ARG nexusUrl=https://${nexusHost} ARG nexusAuth ARG NPMJS_REGISTRY_FLAG From 5569c70188e972e84676bc8b0a5a909d9fbc6f2d Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Sat, 27 Dec 2025 18:33:05 +0100 Subject: [PATCH 30/31] changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b0f0ba79a..cd95d1566 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## Unreleased ### Added +- Added rhel9 dockerfiles for all jenkins agents ([#1140](https://github.com/opendevstack/ods-quickstarters/pull/1140)) ### Changed From d5ad22d1de3237a687c5a3a4c5f17e3f31a6c8ba Mon Sep 17 00:00:00 2001 From: "Vazquez,Brais (IT EDP)" Date: Sat, 27 Dec 2025 20:02:17 +0100 Subject: [PATCH 31/31] update Dockerfile.ubi9 to define PIP_INDEX_URL and PIP_CERT for improved pip configuration --- common/jenkins-agents/python/docker/Dockerfile.ubi9 | 7 ++++--- .../terraform-2306/docker/Dockerfile.ubi9 | 10 ++++++---- .../terraform-2408/docker/Dockerfile.ubi9 | 10 ++++++---- 3 files changed, 16 insertions(+), 11 deletions(-) diff --git a/common/jenkins-agents/python/docker/Dockerfile.ubi9 b/common/jenkins-agents/python/docker/Dockerfile.ubi9 index dd266ba3e..32e5b5c06 100644 --- a/common/jenkins-agents/python/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/python/docker/Dockerfile.ubi9 @@ -8,14 +8,15 @@ ARG nexusAuth ENV PYTHONUNBUFFERED=1 \ PYTHONIOENCODING=UTF-8 \ UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ - UV_DEFAULT_INDEX=$UV_INDEX_URL \ UV_TRUSTED_HOST=${nexusHost} \ PIP_TRUSTED_HOST=${nexusHost} \ UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt \ - PIP_INDEX_URL=$UV_INDEX_URL \ - PIP_CERT=$UV_CA_CERTIFICATE \ PATH=$HOME/.local/bin:$JAVA_HOME/bin:$PATH +ENV UV_DEFAULT_INDEX=${UV_INDEX_URL} \ + PIP_INDEX_URL=${UV_INDEX_URL} \ + PIP_CERT=${UV_CA_CERTIFICATE} + RUN yum install -y autoconf automake gcc gcc-c++ openssl-devel libffi-devel && \ curl -LsSf https://astral.sh/uv/install.sh | sh && \ mkdir -p $HOME/.config/pip && \ diff --git a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 index 2e9324cb2..67477ffe2 100644 --- a/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2306/docker/Dockerfile.ubi9 @@ -33,12 +33,14 @@ ENV TERRAFORM_VERSION=1.4.6 \ RBENV_SHELL=bash \ NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ - UV_DEFAULT_INDEX=$UV_INDEX_URL \ UV_TRUSTED_HOST=${nexusHost} \ PIP_TRUSTED_HOST=${nexusHost} \ - UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt \ - PIP_INDEX_URL=$UV_INDEX_URL \ - PIP_CERT=$UV_CA_CERTIFICATE + UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt + + +ENV UV_DEFAULT_INDEX=${UV_INDEX_URL} \ + PIP_INDEX_URL=${UV_INDEX_URL} \ + PIP_CERT=${UV_CA_CERTIFICATE} ENV INSTALL_PKGS="yum-utils gcc make git-core zlib zlib-devel gcc-c++ patch \ readline \ diff --git a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 index 92f96387a..8371e2086 100644 --- a/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 +++ b/common/jenkins-agents/terraform-2408/docker/Dockerfile.ubi9 @@ -38,12 +38,14 @@ ENV TERRAFORM_VERSION=1.9.4 \ TASK_VERSION=3.38.0 \ NPM_CONFIG_CAFILE=/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem \ UV_INDEX_URL=https://${nexusAuth}@${nexusHost}/repository/pypi-all/simple \ - UV_DEFAULT_INDEX=$UV_INDEX_URL \ UV_TRUSTED_HOST=${nexusHost} \ PIP_TRUSTED_HOST=${nexusHost} \ - UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt \ - PIP_INDEX_URL=$UV_INDEX_URL \ - PIP_CERT=$UV_CA_CERTIFICATE + UV_CA_CERTIFICATE=/etc/ssl/certs/ca-bundle.crt + + +ENV UV_DEFAULT_INDEX=${UV_INDEX_URL} \ + PIP_INDEX_URL=${UV_INDEX_URL} \ + PIP_CERT=${UV_CA_CERTIFICATE} ENV INSTALL_PKGS="yum-utils gcc make git-core zlib zlib-devel gcc-c++ patch \ readline \