Dockerfile11

FROM quay.io/buildah/stable:v1.30.0

ARG OS=${TARGETOS:-linux}
ARG ARCH=${TARGETARCH:-amd64}
ARG YQ_VERSION="v4.6.0"
ARG YQ_BINARY="yq_${OS}_$ARCH"
RUN curl -L "https://github.com/mikefarah/yq/releases/download/$YQ_VERSION/$YQ_BINARY" -o /usr/local/bin/yq && \
    chmod +x /usr/local/bin/yq

ARG OS=${TARGETOS:-Linux}
ARG ARCH=${TARGETARCH:-64bit}
ARG TRIVY_VERSION="0.43.1"
RUN curl -L "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_${OS}-${ARCH}.rpm" -o /tmp/trivy.rpm && \
    yum localinstall -y /tmp/trivy.rpm

ARG MAVEN_VERSION=3.9.3
ARG USER_HOME_DIR="/root"
ARG SHA=400fc5b6d000c158d5ee7937543faa06b6bda8408caa2444a9c947c21472fde0f0b64ac452b8cec8855d528c0335522ed5b6c8f77085811c7e29e1bedbb5daa2
ARG BASE_URL=https://apache.osuosl.org/maven/maven-3/${MAVEN_VERSION}/binaries

RUN mkdir -p /usr/share/maven /usr/share/maven/ref \
    && echo "Downlaoding maven" \
    && curl -fsSL -o /tmp/apache-maven.tar.gz ${BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
    \
    && echo "Checking download hash" \
    && echo "${SHA}  /tmp/apache-maven.tar.gz" | sha512sum -c - \
    \
    && echo "Unziping maven" \
    && tar -xzf /tmp/apache-maven.tar.gz -C /usr/share/maven --strip-components=1 \
    \
    && echo "Cleaning and setting links" \
    && rm -f /tmp/apache-maven.tar.gz \
    && ln -s /usr/share/maven/bin/mvn /usr/bin/mvn

ENV MAVEN_HOME /usr/share/maven
ENV MAVEN_CONFIG "$USER_HOME_DIR/.m2"

WORKDIR /app

COPY dep-bootstrap.sh .
RUN chmod +x ./dep-bootstrap.sh

ENV USER=1000
USER root
RUN dnf -y install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm && \
    yum install -y git jq shellcheck xmlstarlet java-11-openjdk-devel ffmpeg && chown 1000 -R /app

ENV JENKINS_USER=1000

RUN mkdir -p /etc/containers/
COPY default-policy.json /etc/containers/policy.json
RUN ["ln", "-sf", "/usr/bin/buildah", "/usr/bin/docker"]

USER 1000

RUN ./dep-bootstrap.sh 0.5.5 install