From 4773223b827617d1701c1485c1eb4335a44b1b4d Mon Sep 17 00:00:00 2001 From: Pat Garrity Date: Sat, 22 Mar 2025 10:58:56 -0500 Subject: [PATCH] Updated image, updated cert, updated instructions. --- Containerfile | 16 +++++++--- README.md | 9 ++++++ registry.garrity.co.crt | 66 ++++++++++++++++++++--------------------- 3 files changed, 54 insertions(+), 37 deletions(-) diff --git a/Containerfile b/Containerfile index 1fe26b3..a7ab9e8 100644 --- a/Containerfile +++ b/Containerfile @@ -1,21 +1,24 @@ FROM docker.io/library/eclipse-temurin:21-jdk ARG SCALA_VERSION -ENV SCALA_VERSION ${SCALA_VERSION:-3.4.1} +ENV SCALA_VERSION ${SCALA_VERSION:-3.6.4} ARG SBT_VERSION -ENV SBT_VERSION ${SBT_VERSION:-1.9.9} +ENV SBT_VERSION ${SBT_VERSION:-1.10.11} -# git and node are required for checkout +# git is required for many build activities # python3 is required for pre-commit # docker is required for certain DinD cases RUN apt-get update -RUN apt-get install -y curl git docker python3 python3-pip nodejs ca-certificates +RUN apt-get install -y curl bash git docker python3 python3-pip ca-certificates RUN pip3 install pre-commit # Ensure that this image recognizes the self-signed registry certificate. COPY registry.garrity.co.crt /usr/local/share/ca-certificates RUN update-ca-certificates +# install node (lts) for checkout -- requires a modern version +RUN curl -fsSL https://raw.githubusercontent.com/tj/n/master/bin/n | bash -s lts + # Create the user - builds do not run as root. RUN groupadd -g 1111 -r builder RUN useradd -u 1111 -m -g 1111 -r -s /bin/bash builder @@ -28,11 +31,16 @@ WORKDIR /home/builder RUN curl -fLo coursier https://github.com/coursier/launchers/raw/master/coursier RUN chmod +x coursier RUN ./coursier setup --yes +RUN ./coursier update RUN rm ./coursier RUN mkdir -p /home/builder/.local/bin ENV PATH="${PATH}:/home/builder/.local/share/coursier/bin" ENV PATH="${PATH}:/home/builder/.local/bin" +# Allow empty -- this is used for bootstrapping SBT. +RUN mkdir -p /home/builder/.config/sbt +RUN echo "--allow-empty" > /home/builder/.config/sbt/sbtopts + # Make Git not complain. RUN git config --global init.defaultBranch main diff --git a/README.md b/README.md index 51941b7..d2ecb86 100644 --- a/README.md +++ b/README.md @@ -6,3 +6,12 @@ ecosystem. This image is not useable outside of the GS build environment. ``` registry.garrity.co:8443/gs/ci-scala:latest ``` + +## Updating the Certificate + +The registry has a one year expiry: + +``` +scp pfm@registry.garrity.co:~/certs/domain.crt ./registry.garrity.co.crt +sudo cp registry.garrity.co.crt /usr/local/share/ca-certificates/registry.garrity.co.crt +``` diff --git a/registry.garrity.co.crt b/registry.garrity.co.crt index a74fcba..cada28c 100644 --- a/registry.garrity.co.crt +++ b/registry.garrity.co.crt @@ -1,35 +1,35 @@ -----BEGIN CERTIFICATE----- -MIIGITCCBAmgAwIBAgIUR4lgvhfqxhyfD/gwLpA4U/V26UMwDQYJKoZIhvcNAQEL -BQAwgY8xCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlNaW5uZXNvdGExFDASBgNVBAcM -C0Jsb29taW5ndG9uMRkwFwYDVQQKDBBHYXJyaXR5IFNvZnR3YXJlMRwwGgYDVQQD -DBNyZWdpc3RyeS5nYXJyaXR5LmNvMR0wGwYJKoZIhvcNAQkBFg5wZm1AZ2Fycml0 -eS5jbzAeFw0yNDAzMTYxNDQ1MjNaFw0yNTAzMTYxNDQ1MjNaMIGPMQswCQYDVQQG -EwJVUzESMBAGA1UECAwJTWlubmVzb3RhMRQwEgYDVQQHDAtCbG9vbWluZ3RvbjEZ -MBcGA1UECgwQR2Fycml0eSBTb2Z0d2FyZTEcMBoGA1UEAwwTcmVnaXN0cnkuZ2Fy -cml0eS5jbzEdMBsGCSqGSIb3DQEJARYOcGZtQGdhcnJpdHkuY28wggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQDvX5tz1Ujod4fxrJuLmwr6CsFVofYeoKlh -Bpy8qFS0JDHGL5nXHGNoy96zJd9Do7A//e3S1mJDAgKAlCBuCy6VkI1cdOBQoHPx -GjmtcvvryZBx+jTHKterlZPkdb2orrsfULpnpINH3ymGngXrNCcDTt6JoNeq1XfP -/YPXRtklaK0h1pe6w3p/69D7KmwtJVFjQe22JnSC1tT4CXwwK2vRT+Q6lrIn9nk0 -ZLTCu592CELpyvqLiasv3zO8gpmD+Am3Yo2RuCd2imkV6urg7iXd5w4cikNlxreZ -LDidnbsUM3U+q5IcNufO28+KlDETOQALYHVhtT4FE6eSqCPeXm2NTuxG2ENbDz3U -n24GduSFC+F2im2Aejtz2QtMVcgGK03cmTXJj86UVVPweEerZ/lS8LenX1jpZoju -QGV/9/EDv5+DZWyP1oKjbQ7936/4gF4toobvASaPOsbB0WMvhi/Iaqpp0JNpymfB -xcsmJoBC67EAYLijtpfa5qoeQwaNSLRlByb3+pI6FkE7Sh4W/l15lnyDXVJ+9z78 -CvxCU6+6zrpJqWQFMA55Izz1d2lRNRKvzWzxcRW4CXUOaRBniI4M1ZGZrkx09DLm -9VX0JqAbiUbltuEY8ul9V/lOOyX5YkXNOxT6XTfX2NTglZr8n6/7b+v9leJr/HsS -WwrT/iYObQIDAQABo3MwcTAdBgNVHQ4EFgQU0r57vD+mMmIztQqN/BvBHNvtk60w -HwYDVR0jBBgwFoAU0r57vD+mMmIztQqN/BvBHNvtk60wDwYDVR0TAQH/BAUwAwEB -/zAeBgNVHREEFzAVghNyZWdpc3RyeS5nYXJyaXR5LmNvMA0GCSqGSIb3DQEBCwUA -A4ICAQAxLuEHrl5SQOdHqVUna51K6PzMkChqo2RttymIRE1o1eXnE2dvhMH7lg8b -rr8e0hZkjLHo8E1kJiBXpf1NOHqCt8BHf0BAvXO8iOuJNgZvC6TPoSa7c7ASXWE+ -wuhJZO4jvnPRXnwSNXPnqqBAahMCD7KAClOxdySiS5TS+IPPUu4fZMowKMPeUg6z -p70K1F3tT2AVLxlMJrwANX2nqWyRKo91pM+rOp7A+++NBlxHQ3gU7dMmDUpq7mjv -HdNlox9tPup+/vhFivtdSii9y7pitz3UEk3gvRQ2pLdzJq0tfnkVEwqQf4TalxEO -zedZqzEeWmeJ8500CQExROV/ezgYdKtPxHr5M5KsEHILjfDZdREvY7WaUqa7Jz7k -cIcbD6RyzobL+Ha3hOR9tmd09d2EeCbCFF9Mz65JM0ZzPiS4xhJVEajgUSTkS+Xm -NEzDUkpZ+3YyCmFvClXnEKT4m3YVSDR2DzGe4pzjL2d38j9xSR6PKTPelCyWWOgb -GLrDvUfgd3O1jRPCGoWk6eVJjE0frHthqUUt8nZsqGuzvnfKw0pzxorcAqM1Nm31 -FwrAIzyD6kGMrVDTWL+IAcZhmCJqIYxp09V6fn5kX4agJtvA9WrLIVsXjaM2VHSK -B2a8Xtk+g7MBT4OUOl6/c3H3URvXZxEKM2yi/9Mr6DmBo57HMA== +MIIGEzCCA/ugAwIBAgIUMNupnfOCW1DsIYY3nGlUVFnUXAAwDQYJKoZIhvcNAQEL +BQAwgYgxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJNTjEUMBIGA1UEBwwLQmxvb21p +bmd0b24xGTAXBgNVBAoMEEdhcnJpdHkgU29mdHdhcmUxHDAaBgNVBAMME3JlZ2lz +dHJ5LmdhcnJpdHkuY28xHTAbBgkqhkiG9w0BCQEWDnBmbUBnYXJyaXR5LmNvMB4X +DTI1MDMyMjE1NTAyMloXDTI2MDMyMjE1NTAyMlowgYgxCzAJBgNVBAYTAlVTMQsw +CQYDVQQIDAJNTjEUMBIGA1UEBwwLQmxvb21pbmd0b24xGTAXBgNVBAoMEEdhcnJp +dHkgU29mdHdhcmUxHDAaBgNVBAMME3JlZ2lzdHJ5LmdhcnJpdHkuY28xHTAbBgkq +hkiG9w0BCQEWDnBmbUBnYXJyaXR5LmNvMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEAoORo8r8iQWANcANz/EhJiRHC9DvMiFdUN1S+keSlWd0vMWoUJ2L5 +6KGFy427qUACsVM1KmtGYbsKUVKR6XyAMHu4K4xSCEJVs4segBmZpgyTV+UWwKDU +YT99Wt54UN9Rqgo36hbgQelmmq2SBVmBZBU8Qk9Wp6SCE8zRk0Px0TX0UOV3ka+I +68ZWdf7hAZtlF9FuqOr4Lb5fyuN8U6rT88PsLLvu3HOT6GWH0+ZHn2HjA0Job9GN +Xp8n/H0aeyQV8cZkGTcYCZspQ0OIZehK4PV5PGx/sbHKxo/3joq+rNOb0rxtw+qU +jipZsoC5vQI6xox5eQcgYyQMg3EY/4bqBHosGGMt1mGi4fj8xchOz0MerMALeCAm +jLemlKbvHb/UMYqhfixhO+HqhQZEiZr/Ic5mOwv56eFXbcW3kyOvy8h5iRrQXcb7 +8DQSkOFQ19PDwyDMI8NG48Thnb2Osnr4s5uyIK8AlnSDL0CSw+9XBO+v7tFVUpUN +ziMTHEhxkQp1zh8BJeSmO3O+pj42Bhd9JPIsYiuOYm8nDQnWNMWOaUCVCr7Mk6MG +7xryCvCvj8RylMEaIzHFN07Lu1lpj9SWZOev4PJXiljg8WgAzz+mLWoZ558f5viL +IDQnJI+y/L8OSztI6elYItlQMtChh8csK7NN5ieTTM/UXVKHPzy+qxECAwEAAaNz +MHEwHQYDVR0OBBYEFC3cynt8wXmG+owdqrMxIF/mlrgLMB8GA1UdIwQYMBaAFC3c +ynt8wXmG+owdqrMxIF/mlrgLMA8GA1UdEwEB/wQFMAMBAf8wHgYDVR0RBBcwFYIT +cmVnaXN0cnkuZ2Fycml0eS5jbzANBgkqhkiG9w0BAQsFAAOCAgEAkw0Y8nqxGgjB +ww6mUoIN/xne43hL4QoUZipRgXTt5966RK/kv1xCMjRaAJng8CaOAjsCOeAPOLHz +KADZw1CW6avwpHPnKwBhKThOkkJNv+QymcTGj9TYfJ97+BKnbCnM3dIjmpgBcyso +lVfnLsObk1J3Lw4mWNvynj5/N6JydwGMGfaVsmOBTjRaCNQ2KwQSc6JGensPrmh8 +k2GWl5rq8DDydPNrgHtQ2EReGyxlVoUbk83fOri4hNZPCix/C8mZfHnNIkcEr9gh +Poyx81iXjrAYytyJnZI1Mwm/V0vNKfdrgluIh+YC4JkuEFkmOfWr6pFYlBFHV+Ej +2zbgN+sNhFhe79cgL0y7t87r4BI2nNESnmbzK62DVEwJOf1hTmEW/tsmbvTqBUqy +VQbxGjBlIWLIKIv9xKRBbaCrCRVKHjJ0hDQBjCmOG4FljyKvc44zCDbAJoviEOEI +TNLCp0pc5EpYDn8m38vZcfiQb0iKjOwc1M2nciITlGrSidEyc/2raAsoo6AF+Jvq +Qhg4b2VyBXHgx6XQkJ2JGt3pw7XYxirZomvTlpZeu71XhGRr6BmmYoCtpsYvMm6q +MICqYPKqWjZ7pumK2RsAmfJ1b/wKapZUnB4Dj2DhtQ3AxY3wPqHC5RF4VxbIkGTT +tuiyiWXvQlbSWpPgBKl0Xy6PHrmu5Gk= -----END CERTIFICATE-----