feat: add alpine image build

rwaffen · rwaffen · commit 116bddf3fe92 · 2025-05-23T12:25:02.000+02:00
diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml
@@ -48,6 +48,22 @@ jobs:
           tags: |
             ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64
 
+      - name: Build Alpine OpenVox Server ${{ matrix.release }} container
+        if: ${{ matrix.release == '8' }}
+        uses: voxpupuli/gha-build-and-publish-a-container@v2
+        with:
+          registry_password: ${{ secrets.GITHUB_TOKEN }}
+          build_args: |
+            OPENVOX_RELEASE=${{ matrix.release }}
+            OPENVOXSERVER_VERSION=${{ matrix.server_version }}
+            OPENVOXDB_VERSION=${{ matrix.db_version }}
+            R10K_VERSION=${{ matrix.r10k_version }}
+          build_arch: linux/amd64
+          build_context: openvoxserver
+          buildfile: openvoxserver/Containerfile.alpine
+          tags: |
+            ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64-alpine
+
   build-ARM-container:
     runs-on: ubuntu-24.04-arm
     permissions:
@@ -73,6 +89,22 @@ jobs:
           tags: |
             ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64
 
+      - name: Build Alpine OpenVox Server ${{ matrix.release }} container
+        if: ${{ matrix.release == '8' }}
+        uses: voxpupuli/gha-build-and-publish-a-container@v2
+        with:
+          registry_password: ${{ secrets.GITHUB_TOKEN }}
+          build_args: |
+            OPENVOX_RELEASE=${{ matrix.release }}
+            OPENVOXSERVER_VERSION=${{ matrix.server_version }}
+            OPENVOXDB_VERSION=${{ matrix.db_version }}
+            R10K_VERSION=${{ matrix.r10k_version }}
+          build_arch: linux/arm64
+          build_context: openvoxserver
+          buildfile: openvoxserver/Containerfile.alpine
+          tags: |
+            ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64-alpine
+
   create-multi-arch-manifests:
     runs-on: ubuntu-latest
     permissions:
@@ -123,3 +155,25 @@ jobs:
           docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:latest \
             ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-arm64 \
             ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-x86_64
+
+      - name: Create Alpine multi arch manifests
+        run: |
+          docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:${{ steps.extract_version.outputs.version }}-${{ github.ref_name }}-alpine-beta \
+            ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64-alpine \
+            ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64-alpine
+
+          docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:${{ steps.extract_version.outputs.version }}-latest-alpine-beta \
+            ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64-alpine \
+            ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64-alpine
+
+          docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-latest-alpine-beta \
+            ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64-alpine \
+            ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64-alpine
+
+          docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-alpine-beta \
+            ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64-alpine \
+            ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64-alpine
+
+          docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:latest-alpine-beta \
+            ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-arm64-alpine \
+            ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-x86_64-alpine
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -53,7 +53,7 @@ jobs:
             const version = agentVersion.split('-')[0];
             core.setOutput('version', version);
 
-      - name: Build image
+      - name: Build Ubuntu image
         uses: docker/build-push-action@v6
         with:
           tags: 'ci/openvoxserver:${{ steps.extract_version.outputs.version }}'
@@ -67,6 +67,20 @@ jobs:
             R10K_VERSION=${{ matrix.r10k_version }}
             RUGGED_VERSION=${{ matrix.rugged_version }}
 
+      - name: Build Alpine image
+        if: ${{ matrix.release == '8' }}
+        uses: docker/build-push-action@v6
+        with:
+          tags: 'ci/openvoxserver:${{ steps.extract_version.outputs.version }}-alpine'
+          context: openvoxserver
+          file: openvoxserver/Containerfile.alpine
+          push: false
+          build-args: |
+            OPENVOX_RELEASE=${{ matrix.release }}
+            OPENVOXSERVER_VERSION=${{ matrix.server_version }}
+            OPENVOXDB_VERSION=${{ matrix.db_version }}
+            R10K_VERSION=${{ matrix.r10k_version }}
+
   tests:
     needs:
       - general_ci
diff --git a/openvoxserver/Containerfile.alpine b/openvoxserver/Containerfile.alpine
@@ -0,0 +1,232 @@
+FROM alpine:3.21 AS base
+
+# Install JDK
+RUN apk update && apk upgrade \
+    && apk add openjdk17-jre-headless  \
+    && apk add --update bash \
+    && rm -rf /var/cache/apk/*
+
+################################################################################
+
+FROM base AS build
+
+ARG OPENVOXSERVER_VERSION=8.8.1
+ARG OPENVOXDB_VERSION=8.9.1
+
+ADD https://artifacts.voxpupuli.org/openvox-server/${OPENVOXSERVER_VERSION}/openvox-server-${OPENVOXSERVER_VERSION}.tar.gz /
+ADD https://artifacts.voxpupuli.org/openvoxdb/${OPENVOXDB_VERSION}/openvoxdb-${OPENVOXDB_VERSION}.tar.gz /
+
+ENV apps_dir=/opt/puppetlabs/server/apps
+ENV app_logdir=/var/log/puppetlabs
+ENV data_dir=/opt/puppetlabs/server/data
+ENV etc_dir=/etc/puppetlabs
+ENV run_dir=/var/run/puppetlabs
+ENV bindir=/opt/puppetlabs/server/apps/puppetserver/bin
+ENV symbindir=/opt/puppetlabs/server/bin
+ENV uxbindir=/opt/puppetlabs/bin
+ENV rubylibdir=/opt/puppetlabs/puppet/lib/ruby/vendor_ruby
+
+RUN apk update \
+&& tar -xzf /openvox-server-${OPENVOXSERVER_VERSION}.tar.gz \
+&& tar -xzf /openvoxdb-${OPENVOXDB_VERSION}.tar.gz \
+&& cd /puppetserver-${OPENVOXSERVER_VERSION} \
+&& install -d -m 0755 "${apps_dir}/puppetserver" \
+&& install -d -m 0770 "${data_dir}/puppetserver" \
+&& install -m 0644 puppet-server-release.jar "${apps_dir}/puppetserver" \
+&& install -m 0774 ext/ezbake-functions.sh "${apps_dir}/puppetserver" \
+&& install -m 0644 ext/ezbake.manifest "${apps_dir}/puppetserver" \
+&& install -d -m 0755 "${etc_dir}/puppetserver/conf.d" \
+&& install -d -m 0755 "${etc_dir}/puppetserver/services.d" \
+&& install -d -m 0755 "${apps_dir}/puppetserver/config/services.d" \
+&& install -m 0644 ext/system-config/services.d/bootstrap.cfg "${apps_dir}/puppetserver/config/services.d/bootstrap.cfg" \
+&& install -m 0644 ext/config/request-logging.xml "${etc_dir}/puppetserver/request-logging.xml" \
+&& install -m 0644 ext/config/conf.d/puppetserver.conf "${etc_dir}/puppetserver/conf.d/puppetserver.conf" \
+&& install -m 0644 ext/config/logback.xml "${etc_dir}/puppetserver/logback.xml" \
+&& install -m 0644 ext/config/services.d/ca.cfg "${etc_dir}/puppetserver/services.d/ca.cfg" \
+&& install -m 0644 ext/config/conf.d/global.conf "${etc_dir}/puppetserver/conf.d/global.conf" \
+&& install -m 0644 ext/config/conf.d/web-routes.conf "${etc_dir}/puppetserver/conf.d/web-routes.conf" \
+&& install -m 0644 ext/config/conf.d/auth.conf "${etc_dir}/puppetserver/conf.d/auth.conf" \
+&& install -m 0644 ext/config/conf.d/metrics.conf "${etc_dir}/puppetserver/conf.d/metrics.conf" \
+&& install -m 0644 ext/config/conf.d/ca.conf "${etc_dir}/puppetserver/conf.d/ca.conf" \
+&& install -m 0644 ext/config/conf.d/webserver.conf "${etc_dir}/puppetserver/conf.d/webserver.conf" \
+&& install -d -m 0755 "${apps_dir}/puppetserver/cli" \
+&& install -d -m 0755 "${apps_dir}/puppetserver/cli/apps" \
+&& install -d -m 0755 "${bindir}" \
+&& install -d -m 0755 "${symbindir}" \
+&& install -d -m 0755 "${uxbindir}" \
+&& install -m 0755 "ext/bin/puppetserver" "${bindir}/puppetserver" \
+&& ln -s "../apps/puppetserver/bin/puppetserver" "${symbindir}/puppetserver" \
+&& ln -s "../server/apps/puppetserver/bin/puppetserver" "${uxbindir}/puppetserver" \
+&& install -m 0755 ext/cli/foreground "${apps_dir}/puppetserver/cli/apps/foreground" \
+&& install -m 0755 ext/cli/dropsonde "${apps_dir}/puppetserver/cli/apps/dropsonde" \
+&& install -m 0755 ext/cli/ca "${apps_dir}/puppetserver/cli/apps/ca" \
+&& install -m 0755 ext/cli/irb "${apps_dir}/puppetserver/cli/apps/irb" \
+&& install -m 0755 ext/cli/gem "${apps_dir}/puppetserver/cli/apps/gem" \
+&& install -m 0755 ext/cli/reload "${apps_dir}/puppetserver/cli/apps/reload" \
+&& install -m 0755 ext/cli/ruby "${apps_dir}/puppetserver/cli/apps/ruby" \
+&& install -m 0755 ext/cli/stop "${apps_dir}/puppetserver/cli/apps/stop" \
+&& install -m 0755 ext/cli/start "${apps_dir}/puppetserver/cli/apps/start" \
+&& install -m 0755 ext/cli_defaults/cli-defaults.sh "${apps_dir}/puppetserver/cli" \
+&& install -d -m 0700 "${app_logdir}/puppetserver" \
+&& install -d -m 0755 "${run_dir}/puppetserver" \
+&& install -d -m 700 "${data_dir}/puppetserver/jars" \
+&& install -d -m 700 "${data_dir}/puppetserver/yaml" \
+&& install -d /opt/puppetlabs/server/data/puppetserver/jruby-gems \
+&& install -d -m=775 /opt/puppetlabs/server/data \
+&& install -d "${etc_dir}/puppet/ssl" \
+&& install -d -m=755 "${etc_dir}/code" \
+&& install -d "${etc_dir}/puppetserver/ca" \
+&& bash ext/build-scripts/install-vendored-gems.sh \
+### puppetdb-termini
+&& cd /puppetdb-${OPENVOXDB_VERSION} \
+&& install -Dm 0644 puppet/face/node/deactivate.rb "${rubylibdir}/puppet/face/node/deactivate.rb" \
+&& install -Dm 0644 puppet/face/node/status.rb "${rubylibdir}/puppet/face/node/status.rb" \
+&& install -Dm 0644 puppet/functions/puppetdb_query.rb "${rubylibdir}/puppet/functions/puppetdb_query.rb" \
+&& install -Dm 0644 puppet/indirector/catalog/puppetdb.rb "${rubylibdir}/puppet/indirector/catalog/puppetdb.rb" \
+&& install -Dm 0644 puppet/indirector/facts/puppetdb_apply.rb "${rubylibdir}/puppet/indirector/facts/puppetdb_apply.rb" \
+&& install -Dm 0644 puppet/indirector/facts/puppetdb.rb "${rubylibdir}/puppet/indirector/facts/puppetdb.rb" \
+&& install -Dm 0644 puppet/indirector/node/puppetdb.rb "${rubylibdir}/puppet/indirector/node/puppetdb.rb" \
+&& install -Dm 0644 puppet/indirector/resource/puppetdb.rb "${rubylibdir}/puppet/indirector/resource/puppetdb.rb" \
+&& install -Dm 0644 puppet/reports/puppetdb.rb "${rubylibdir}/puppet/reports/puppetdb.rb" \
+&& install -Dm 0644 puppet/util/puppetdb.rb "${rubylibdir}/puppet/util/puppetdb.rb" \
+&& install -Dm 0644 puppet/util/puppetdb/atom.rb "${rubylibdir}/puppet/util/puppetdb/atom.rb" \
+&& install -Dm 0644 puppet/util/puppetdb/char_encoding.rb "${rubylibdir}/puppet/util/puppetdb/char_encoding.rb" \
+&& install -Dm 0644 puppet/util/puppetdb/command_names.rb "${rubylibdir}/puppet/util/puppetdb/command_names.rb" \
+&& install -Dm 0644 puppet/util/puppetdb/command.rb "${rubylibdir}/puppet/util/puppetdb/command.rb" \
+&& install -Dm 0644 puppet/util/puppetdb/config.rb "${rubylibdir}/puppet/util/puppetdb/config.rb" \
+&& install -Dm 0644 puppet/util/puppetdb/http.rb "${rubylibdir}/puppet/util/puppetdb/http.rb"
+
+################################################################################
+
+FROM base AS final
+
+ARG vcs_ref
+ARG build_date
+ARG R10K_VERSION=5.0.0
+
+LABEL org.label-schema.maintainer="Voxpupuli Team <voxpupuli@groups.io>" \
+      org.label-schema.vendor="OpenVoxProject" \
+      org.label-schema.url="https://github.com/OpenVoxProject/container-openvoxserver" \
+      org.label-schema.vcs-url="https://github.com/OpenVoxProject/container-openvoxserver" \
+      org.label-schema.schema-version="1.0" \
+      org.label-schema.dockerfile="/Containerfile.alpine" \
+      org.label-schema.name="OpenVox Server ($build_type)" \
+      org.label-schema.version="$OPENVOXSERVER_VERSION" \
+      org.label-schema.vcs-ref="$vcs_ref" \
+      org.label-schema.build-date="$build_date"
+
+ENV AUTOSIGN=true \
+    CA_ALLOW_SUBJECT_ALT_NAMES=false \
+    CA_ENABLED=true \
+    CA_TTL=157680000 \
+    CA_HOSTNAME=puppet \
+    CA_PORT=8140 \
+    CERTNAME="" \
+    CSR_ATTRIBUTES='{}' \
+    DEBIAN_FRONTEND=noninteractive \
+    DNS_ALT_NAMES="" \
+    ENVIRONMENTPATH=/etc/puppetlabs/code/environments \
+    HIERACONFIG='$confdir/hiera.yaml' \
+    INTERMEDIATE_CA_BUNDLE=/etc/puppetlabs/intermediate/ca.pem \
+    INTERMEDIATE_CA_KEY=/etc/puppetlabs/intermediate/key.pem \
+    INTERMEDIATE_CA=false \
+    INTERMEDIATE_CRL_CHAIN=/etc/puppetlabs/intermediate/crl.pem \
+    LOGDIR=/var/log/puppetlabs/puppetserver \
+    OPENVOX_REPORTS="puppetdb" \
+    OPENVOX_STORECONFIGS_BACKEND="puppetdb" \
+    OPENVOX_STORECONFIGS=true \
+    OPENVOXDB_SERVER_URLS=https://openvoxdb:8081 \
+    OPENVOXSERVER_ENABLE_ENV_CACHE_DEL_API=true \
+    OPENVOXSERVER_ENVIRONMENT_TIMEOUT=unlimited \
+    OPENVOXSERVER_GRAPHITE_EXPORTER_ENABLED=false \
+    OPENVOXSERVER_GRAPHITE_HOST=exporter \
+    OPENVOXSERVER_GRAPHITE_PORT=9109 \
+    OPENVOXSERVER_HOSTNAME="" \
+    OPENVOXSERVER_JAVA_ARGS="-Xms1024m -Xmx1024m" \
+    OPENVOXSERVER_MAX_ACTIVE_INSTANCES=1 \
+    OPENVOXSERVER_MAX_REQUESTS_PER_INSTANCE=0 \
+    OPENVOXSERVER_PORT=8140 \
+    PATH=$PATH:/opt/puppetlabs/server/bin:/opt/puppetlabs/puppet/bin:/opt/puppetlabs/bin \
+    SSLDIR=/etc/puppetlabs/puppet/ssl \
+    USE_OPENVOXDB=true \
+    ### build variables
+    apps_dir=/opt/puppetlabs/server/apps \
+    app_logdir=/var/log/puppetlabs \
+    data_dir=/opt/puppetlabs/server/data \
+    etc_dir=/etc/puppetlabs \
+    run_dir=/var/run/puppetlabs \
+    bindir=/opt/puppetlabs/server/apps/puppetserver/bin \
+    symbindir=/opt/puppetlabs/server/bin \
+    uxbindir=/opt/puppetlabs/bin
+
+COPY --from=build /opt/puppetlabs /opt/puppetlabs
+COPY --from=build /etc/puppetlabs /etc/puppetlabs
+COPY --from=build /var/log/puppetlabs /var/log/puppetlabs
+COPY --from=build /var/run/puppetlabs /var/run/puppetlabs
+
+COPY docker-entrypoint.sh \
+     healthcheck.sh \
+     Containerfile.alpine \
+     /
+
+COPY conf.d/product.conf /etc/puppetlabs/puppetserver/conf.d/
+COPY conf.d/puppetserver.conf /etc/puppetlabs/puppetserver/conf.d/
+COPY docker-entrypoint.d /docker-entrypoint.d
+COPY logback.xml /etc/puppetlabs/puppetserver/
+COPY puppetdb.conf /var/tmp/puppet/
+COPY puppetserver /etc/default/puppetserver
+COPY request-logging.xml /etc/puppetlabs/puppetserver/
+
+RUN apk update \
+&& apk add --update dumb-init \
+&& apk add --update alpine-sdk \
+&& apk add --update openssh-client \
+&& apk add --update openssl \
+&& apk add --update libssh2 \
+&& apk add --update ruby \
+&& apk add --update ruby-dev \
+# && apk add --update cmake \
+# install puppet gem as agent into system ruby
+&& gem install --no-doc puppet -v 8.10.0 \
+&& gem install --no-doc hocon  -v 1.4.0 \
+&& gem install --no-doc racc -v 1.8.1 \
+&& gem install --no-doc r10k -v ${R10K_VERSION} \
+&& gem install --no-doc hiera-eyaml -v 4.1.0 \
+&& gem install --no-doc puppetserver-ca -v 2.6.0 \
+# && gem install --no-doc rugged -- --with-ssh \
+&& apk del --purge alpine-sdk \
+&& addgroup -g 1001 puppet \
+&& adduser -G puppet -u 1001 -h ${data_dir}/puppetserver -H -D -s /sbin/nologin puppet \
+&& chown -R puppet:puppet ${etc_dir}/code \
+&& chown -R puppet:puppet ${etc_dir}/puppet/ssl \
+&& chown -R puppet:puppet ${etc_dir}/puppetserver/ca \
+&& chown -R puppet:puppet ${app_logdir}/puppetserver \
+&& chown -R puppet:puppet ${run_dir}/puppetserver \
+&& chown -R puppet:puppet ${data_dir}/puppetserver \
+&& chmod 700 ${app_logdir}/puppetserver \
+&& chmod 770 ${data_dir}/puppetserver \
+&& chmod 750 ${etc_dir}/puppetserver \
+&& chmod 700 ${data_dir}/puppetserver/jars \
+&& chmod 700 ${data_dir}/puppetserver/yaml \
+&& find /etc/puppetlabs/puppet/ssl -type d -print0 | xargs -0 chmod 770 \
+&& echo 'alias ll="ls -la --color=auto"' >> ~/.bashrc \
+&& chmod +x /docker-entrypoint.sh /healthcheck.sh /docker-entrypoint.d/*.sh \
+&& mkdir -p /opt/puppetlabs/puppet/bin \
+&& ln -s /usr/bin/puppet /opt/puppetlabs/puppet/bin/puppet \
+&& ln -s /usr/bin/facter /opt/puppetlabs/puppet/bin/facter \
+&& ln -s /usr/bin/ruby /opt/puppetlabs/puppet/bin/ruby \
+&& ln -s /usr/bin/gem /opt/puppetlabs/puppet/bin/gem \
+&& ln -s /usr/bin/irb /opt/puppetlabs/puppet/bin/irb \
+&& ln -s /usr/bin/erb /opt/puppetlabs/puppet/bin/erb \
+&& ln -s /usr/bin/r10k /opt/puppetlabs/puppet/bin/r10k \
+&& ln -s /usr/bin/hiera-eyaml /opt/puppetlabs/puppet/bin/hiera-eyaml \
+# install puppet gem as library into jruby loadpath
+&& puppetserver gem install puppet
+
+# k8s uses livenessProbe, startupProbe, readinessProbe and ignores HEALTHCHECK
+HEALTHCHECK --interval=20s --timeout=15s --retries=12 --start-period=3m CMD ["/healthcheck.sh"]
+
+EXPOSE 8140
+
+ENTRYPOINT ["dumb-init", "/docker-entrypoint.sh"]
+CMD ["foreground"]
