mirror of
https://gitlab.com/jarylc/docker-duoauthproxy.git
synced 2026-02-04 15:04:41 +00:00
dynamically retrieve python version from changelog and use py3-cryptography package instead
This commit is contained in:
Jaryl Chng
20
Dockerfile
20
Dockerfile
@@ -1,26 +1,30 @@
|
|||||||
FROM alpine:edge AS builder
|
ARG PYTHON_VERSION=3.11.9
|
||||||
|
|
||||||
ARG VERSION
|
FROM python:${PYTHON_VERSION}-alpine AS builder
|
||||||
ARG CHECKSUM
|
|
||||||
|
|
||||||
ARG PYTHON_VERSION=3.11
|
ARG VERSION=6.4.0
|
||||||
|
ARG CHECKSUM=da7676ea7836022faef3b733e2b0431d0237ffec3796a0a5460e6a94a1c0cdd5
|
||||||
|
|
||||||
|
ARG CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1
|
||||||
|
|
||||||
RUN apk add --no-cache build-base libffi-dev perl zlib-dev diffutils libstdc++ gcompat \
|
RUN apk add --no-cache build-base libffi-dev perl zlib-dev diffutils libstdc++ gcompat \
|
||||||
bash wget py3-cffi py3-zope-interface
|
bash wget py3-cffi py3-zope-interface py3-cryptography
|
||||||
RUN wget -O duoauthproxy.tgz https://dl.duosecurity.com/duoauthproxy-${VERSION}-src.tgz
|
RUN wget -O duoauthproxy.tgz https://dl.duosecurity.com/duoauthproxy-${VERSION}-src.tgz
|
||||||
RUN echo "${CHECKSUM} duoauthproxy.tgz" | sha256sum -c
|
RUN echo "${CHECKSUM} duoauthproxy.tgz" | sha256sum -c
|
||||||
RUN tar xzf duoauthproxy.tgz
|
RUN tar xzf duoauthproxy.tgz
|
||||||
WORKDIR duoauthproxy-${VERSION}-src
|
WORKDIR duoauthproxy-${VERSION}-src
|
||||||
RUN mkdir -p duoauthproxy-build/usr/local/lib/python${PYTHON_VERSION}/
|
RUN mkdir -p duoauthproxy-build/usr/local/lib/python${PYTHON_VERSION%.*}/
|
||||||
RUN cp -R /usr/lib/python3.11/site-packages duoauthproxy-build/usr/local/lib/python${PYTHON_VERSION}/
|
RUN cp -R /usr/lib/python${PYTHON_VERSION%.*}/site-packages duoauthproxy-build/usr/local/lib/python${PYTHON_VERSION%.*}/
|
||||||
RUN sed -i '/$(CFFI) \\/d' Makefile
|
RUN sed -i '/$(CFFI) \\/d' Makefile
|
||||||
RUN sed -i '/$(ZOPE_INTERFACE) \\/d' Makefile
|
RUN sed -i '/$(ZOPE_INTERFACE) \\/d' Makefile
|
||||||
|
RUN sed -i '/$(CRYPTOGRAPHY) \\/d' Makefile
|
||||||
RUN make
|
RUN make
|
||||||
RUN LD_PRELOAD=libgcompat.so.0 duoauthproxy-build/install --install-dir /app --service-user nobody --log-group nobody --create-init-script no --enable-selinux=no
|
RUN LD_PRELOAD=libgcompat.so.0 duoauthproxy-build/install --install-dir /app --service-user nobody --log-group nobody --create-init-script no --enable-selinux=no
|
||||||
RUN rm -rf /app/usr/local/lib/python${PYTHON_VERSION}/test
|
RUN rm -rf /app/usr/local/lib/python${PYTHON_VERSION%.*}/test
|
||||||
RUN chown -R nobody:nobody /app/conf
|
RUN chown -R nobody:nobody /app/conf
|
||||||
|
|
||||||
FROM alpine:edge
|
FROM alpine:edge
|
||||||
|
ARG CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
RUN apk add --no-cache libgcc libffi-dev gcompat su-exec
|
RUN apk add --no-cache libgcc libffi-dev gcompat su-exec
|
||||||
USER 0:0
|
USER 0:0
|
||||||
|
|||||||
4
build.sh
4
build.sh
@@ -19,6 +19,6 @@ docker buildx create --use --name builder
|
|||||||
docker buildx inspect --bootstrap builder
|
docker buildx inspect --bootstrap builder
|
||||||
docker buildx install
|
docker buildx install
|
||||||
|
|
||||||
docker buildx build --cache-to=type=local,dest=cache,mode=max --build-arg VERSION --build-arg CHECKSUM --platform "linux/${ARCH}" -t "${REGISTRY_IMAGE}:${ARCH/\//}" .
|
docker buildx build --cache-to=type=local,dest=cache,mode=max --build-arg VERSION --build-arg CHECKSUM --build-arg PYTHON_VERSION --platform "linux/${ARCH}" -t "${REGISTRY_IMAGE}:${ARCH/\//}" .
|
||||||
echo "${TOKEN}" | docker login -u "${USERNAME}" --password-stdin ${REGISTRY}
|
echo "${TOKEN}" | docker login -u "${USERNAME}" --password-stdin ${REGISTRY}
|
||||||
docker buildx build --push --cache-from=type=local,src=cache --build-arg VERSION --build-arg CHECKSUM --platform "linux/${ARCH}" -t "${REGISTRY_IMAGE}:${ARCH/\//}" .
|
docker buildx build --push --cache-from=type=local,src=cache --build-arg VERSION --build-arg CHECKSUM --build-arg PYTHON_VERSION --platform "linux/${ARCH}" -t "${REGISTRY_IMAGE}:${ARCH/\//}" .
|
||||||
|
|||||||
@@ -22,7 +22,7 @@ variables:
|
|||||||
- name: docker:dind
|
- name: docker:dind
|
||||||
command: ["--experimental"]
|
command: ["--experimental"]
|
||||||
script:
|
script:
|
||||||
- VERSION=$LATEST CHECKSUM=$CHECKSUM ./build.sh
|
- VERSION=$LATEST CHECKSUM=$CHECKSUM PYTHON_VERSION=$PYTHON_VERSION ./build.sh
|
||||||
|
|
||||||
build:amd64:
|
build:amd64:
|
||||||
extends: .build-template
|
extends: .build-template
|
||||||
|
|||||||
4
check.sh
4
check.sh
@@ -13,12 +13,16 @@ else
|
|||||||
INFO=$(curl https://duo.com/docs/checksums | grep 'https://dl.duosecurity.com/duoauthproxy' | grep 'src.tgz' | rev | cut -d'>' -f1 | rev)
|
INFO=$(curl https://duo.com/docs/checksums | grep 'https://dl.duosecurity.com/duoauthproxy' | grep 'src.tgz' | rev | cut -d'>' -f1 | rev)
|
||||||
CHECKSUM=$(echo "$INFO" | cut -d' ' -f1)
|
CHECKSUM=$(echo "$INFO" | cut -d' ' -f1)
|
||||||
LATEST=$(echo "$INFO" | cut -d'-' -f2)
|
LATEST=$(echo "$INFO" | cut -d'-' -f2)
|
||||||
|
PYTHON_VERSION=$(curl https://duo.com/docs/authproxy-notes | grep -Eo 'Python to \d+.\d+.\d+' | head -n1 | rev | cut -d' ' -f1 | rev)
|
||||||
echo "Latest: ${LATEST}"
|
echo "Latest: ${LATEST}"
|
||||||
|
echo "Checksum: ${CHECKSUM}"
|
||||||
|
echo "Python Version: ${PYTHON_VERSION}"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ (-n "${LATEST}" && "${LATEST}" != "${EXISTING}") ]]; then
|
if [[ (-n "${LATEST}" && "${LATEST}" != "${EXISTING}") ]]; then
|
||||||
mv build.template.yml build.yml
|
mv build.template.yml build.yml
|
||||||
sed -i "s \$CHECKSUM ${CHECKSUM} g" 'build.yml'
|
sed -i "s \$CHECKSUM ${CHECKSUM} g" 'build.yml'
|
||||||
sed -i "s \$LATEST ${LATEST} g" 'build.yml'
|
sed -i "s \$LATEST ${LATEST} g" 'build.yml'
|
||||||
|
sed -i "s \$PYTHON_VERSION ${PYTHON_VERSION} g" 'build.yml'
|
||||||
echo "Building..."
|
echo "Building..."
|
||||||
fi
|
fi
|
||||||
|
|||||||
Reference in New Issue
Block a user