#!/bin/bash set -e IFS=$'\n\t' SCRIPT_DIR="$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" source "$SCRIPT_DIR/custom-docker.sh" function fail() { echo "$@" 1>&2 exit 1 } function print_image_args() { declare -A CUSTOM_BASE_IMAGE declare -A BUILD_OS case "$1:$2" in debian:*) CUSTOM_BASE_IMAGE="$1:$2" BUILD_OS=debian OS_VERSION=$2 ;; ubi:8.*) CUSTOM_BASE_IMAGE="registry.access.redhat.com/ubi8/ubi:$2" BUILD_OS=ubi OS_VERSION=$2 ;; *) fail "Unknown image version $1:$2" ;; esac printf -- "--build-arg CUSTOM_BASE_IMAGE=%s " "$CUSTOM_BASE_IMAGE" printf -- "--build-arg BUILD_OS=%s " "$BUILD_OS" printf -- "--build-arg OS_VERSION=%s " "$OS_VERSION" } function print_golang_args() { declare -A GOLANG_DOWNLOAD_SHA256 case "$1" in 1.18) INSTALL_GOLANG_VERSION=1.18.10 GOLANG_DOWNLOAD_SHA256[amd64]="5e05400e4c79ef5394424c0eff5b9141cb782da25f64f79d54c98af0a37f8d49" GOLANG_DOWNLOAD_SHA256[arm64]="160497c583d4c7cbc1661230e68b758d01f741cf4bece67e48edc4fdd40ed92d" ;; 1.19) INSTALL_GOLANG_VERSION=1.19.13 GOLANG_DOWNLOAD_SHA256[amd64]="4643d4c29c55f53fa0349367d7f1bb5ca554ea6ef528c146825b0f8464e2e668" GOLANG_DOWNLOAD_SHA256[arm64]="1142ada7bba786d299812b23edd446761a54efbbcde346c2f0bc69ca6a007b58" ;; 1.20) INSTALL_GOLANG_VERSION=1.20.10 # Update scripts/install-golang for FIPS if this version is bumped GOLANG_DOWNLOAD_SHA256[amd64]="80d34f1fd74e382d86c2d6102e0e60d4318461a7c2f457ec1efc4042752d4248" GOLANG_DOWNLOAD_SHA256[arm64]="fb3c7e15fc4413c5b81eb9f26dbd7cd4faedd5c720b30fa8e2ff77457f74cab6" ;; 1.21) INSTALL_GOLANG_VERSION=1.21.3 # Update scripts/install-golang for FIPS if this version is bumped GOLANG_DOWNLOAD_SHA256[amd64]="1241381b2843fae5a9707eec1f8fb2ef94d827990582c7c7c32f5bdfbfd420c8" GOLANG_DOWNLOAD_SHA256[arm64]="fc90fa48ae97ba6368eecb914343590bbb61b388089510d0c56c2dde52987ef3" ;; *) fail "Unknown golang version $1" ;; esac printf -- "--build-arg INSTALL_GOLANG_VERSION=%s " "$INSTALL_GOLANG_VERSION" printf -- "--build-arg GOLANG_DOWNLOAD_SHA256=%q " "${GOLANG_DOWNLOAD_SHA256[*]}" } function print_rust_args() { case "$1" in 1.65) INSTALL_RUST_VERSION="1.65.0" ;; 1.73) INSTALL_RUST_VERSION="1.73.0" ;; *) fail "Unknown rust version $1" ;; esac printf -- "--build-arg INSTALL_RUST_VERSION=%s " "$INSTALL_RUST_VERSION" } # Check https://gitlab.com/gitlab-org/gitlab-build-images/-/packages to see which versions have been cached # Chromium version can sometimes lag behind so the versions have to be defined separately function print_chrome_args() { case "$1" in 109|109.0) CHROME_VERSION=109.0.5414.119-1 CHROMIUM_VERSION=109.0.5414.74-2 ;; 110|110.0) CHROME_VERSION=110.0.5481.177-1 CHROMIUM_VERSION=$CHROME_VERSION ;; 111|111.0) CHROME_VERSION=111.0.5563.64-1 CHROMIUM_VERSION=$CHROME_VERSION ;; 113|113.0) CHROME_VERSION=113.0.5672.126-1 CHROMIUM_VERSION=$CHROME_VERSION ;; 117|117.0) CHROME_VERSION=117.0.5938.92-1 CHROMIUM_VERSION=117.0.5938.62-1 ;; 119|119.0) CHROME_VERSION=119.0.6045.105-1 CHROMIUM_VERSION=119.0.6045.105-1 ;; *) fail "Unknown chrome version $1" ;; esac printf -- "--build-arg CHROME_VERSION=%s " "$CHROME_VERSION" printf -- "--build-arg CHROMIUM_VERSION=%s " "$CHROMIUM_VERSION" } # see https://www.kernel.org/pub/software/scm/git function print_git_args() { case "$1" in 2.33) GIT_VERSION=2.33.1 GIT_DOWNLOAD_SHA256=02047f8dc8934d57ff5e02aadd8a2fe8e0bcf94a7158da375e48086cc46fce1d ;; 2.36) GIT_VERSION=2.36.1 GIT_DOWNLOAD_SHA256=37d936fd17c81aa9ddd3dba4e56e88a45fa534ad0ba946454e8ce818760c6a2c ;; *) fail "Unknown git version $1" ;; esac case "$GIT_VERSION" in *.rc[0-9]) GIT_DOWNLOAD_URL=https://www.kernel.org/pub/software/scm/git/testing/git-${GIT_VERSION}.tar.gz;; *) GIT_DOWNLOAD_URL=https://www.kernel.org/pub/software/scm/git/git-${GIT_VERSION}.tar.gz;; esac printf -- "--build-arg GIT_VERSION=%s " "$GIT_VERSION" printf -- "--build-arg GIT_DOWNLOAD_SHA256=%s " "$GIT_DOWNLOAD_SHA256" printf -- "--build-arg GIT_DOWNLOAD_URL=%s " "$GIT_DOWNLOAD_URL" } # see https://github.com/git-lfs/git-lfs/releases function print_lfs_args() { declare -A LFS_DOWNLOAD_SHA256 case "$1" in 2.9) LFS_VERSION=2.9.1 LFS_DOWNLOAD_SHA256[amd64]=2a8e60cf51ec45aa0f4332aa0521d60ec75c76e485d13ebaeea915b9d70ea466 LFS_DOWNLOAD_SHA256[arm64]=ff2f8472a5ac0e808108bad0cc6be5ca1849eb970228b1aa3d627bcbc8228ad9 ;; *) fail "Unknown Git LFS version $1" ;; esac printf -- "--build-arg LFS_VERSION=%s " "$LFS_VERSION" printf -- "--build-arg LFS_DOWNLOAD_SHA256=%q " "${LFS_DOWNLOAD_SHA256[*]}" } function print_node_args() { case "$1" in 18|18.17) NODE_INSTALL_VERSION=18.17.1 ;; 20|20.9) NODE_INSTALL_VERSION=20.9.0 ;; *) fail "Unknown node version $1" ;; esac printf -- "--build-arg NODE_INSTALL_VERSION=%s " "$NODE_INSTALL_VERSION" } function print_yarn_args() { case "$1" in 1.22) YARN_INSTALL_VERSION=1.22.19 ;; *) fail "Unknown yarn version $1" ;; esac printf -- "--build-arg YARN_INSTALL_VERSION=%s " "$YARN_INSTALL_VERSION" } function print_postgres_args() { printf -- "--build-arg POSTGRES_VERSION=%s " "$1" } function print_docker_args() { printf -- "--build-arg DOCKER_VERSION=%s " "$1" } function print_graphicsmagick_args() { case "$1" in 1.3.29) GRAPHISMAGICK_VERSION=1.3.29 GRAPHISMAGICK_DOWNLOAD_SHA256=de820cd10597205941a7e9d02c2e679231e92e8e769c204ef09034d2279ad453 ;; 1.3.33) GRAPHISMAGICK_VERSION=1.3.33 GRAPHISMAGICK_DOWNLOAD_SHA256=00ea0df7c78c903cce325f402429bcd3924168cf39277f743a0641d47c411ee8 ;; 1.3.34) GRAPHISMAGICK_VERSION=1.3.34 GRAPHISMAGICK_DOWNLOAD_SHA256=4717f7a32d964c515d83706fd52d34e089c2ffa35f8fbf43c923ce19343cf2f4 ;; 1.3.36) GRAPHISMAGICK_VERSION=1.3.36 GRAPHISMAGICK_DOWNLOAD_SHA256=1e6723c48c4abbb31197fadf8396b2d579d97e197123edc70a4f057f0533d563 ;; *) fail "Unknown graphicsmagick version $1" ;; esac printf -- "--build-arg GRAPHISMAGICK_VERSION=%s " "$GRAPHISMAGICK_VERSION" printf -- "--build-arg GRAPHISMAGICK_DOWNLOAD_SHA256=%s " "$GRAPHISMAGICK_DOWNLOAD_SHA256" } function print_exiftool_args() { case "$1" in 12.60) EXIFTOOL_VERSION=12.60 EXIFTOOL_DOWNLOAD_SHA256=30f22c28905c7aae46986c41cf1f3635781b336c8183b62348198734ffd33366 ;; *) fail "Unknown exiftool version $1" ;; esac printf -- "--build-arg EXIFTOOL_VERSION=%s " "$EXIFTOOL_VERSION" printf -- "--build-arg EXIFTOOL_DOWNLOAD_SHA256=%s " "$EXIFTOOL_DOWNLOAD_SHA256" } function print_bazelisk_args() { case "$1" in 1.9.0) BAZELISK_VERSION=1.9.0 BAZELISK_DOWNLOAD_SHA256=b8c7f2a1b07ad64a2f27f8f19a202f90d044de7b5b6ccc387a6fe5d4a8ec4937 ;; *) fail "Unknown bazelisk version $1" ;; esac printf -- "--build-arg BAZELISK_VERSION=%s " "$BAZELISK_VERSION" printf -- "--build-arg BAZELISK_DOWNLOAD_SHA256=%s " "$BAZELISK_DOWNLOAD_SHA256" } function print_ruby_args() { case "$1" in 3.0|3.0.patched) RUBY_VERSION="3.0.6" RUBY_DOWNLOAD_SHA256="6e6cbd490030d7910c0ff20edefab4294dfcd1046f0f8f47f78b597987ac683e" ;; 3.1|3.1.patched) RUBY_VERSION="3.1.4" RUBY_DOWNLOAD_SHA256="a3d55879a0dfab1d7141fdf10d22a07dbf8e5cdc4415da1bde06127d5cc3c7b6" ;; 3.2|3.2.patched) RUBY_VERSION="3.2.2" RUBY_DOWNLOAD_SHA256="96c57558871a6748de5bc9f274e93f4b5aad06cd8f37befa0e8d94e7b8a423bc" ;; *) fail "Unknown ruby version $1" ;; esac printf -- "--build-arg RUBY_VERSION=%s " "$RUBY_VERSION" printf -- "--build-arg RUBY_DOWNLOAD_SHA256=%s " "$RUBY_DOWNLOAD_SHA256" } function print_bundler_args() { case "$1" in 2.1) BUNDLER_VERSION=2.1.4 ;; 2.3) BUNDLER_VERSION=2.3.26 ;; 2.4) BUNDLER_VERSION=2.4.10 ;; *) fail "Unknown bundler version $1" ;; esac printf -- "--build-arg BUNDLER_VERSION=%s " "$BUNDLER_VERSION" } function print_rubygems_args() { case "$1" in 3.1) RUBYGEMS_VERSION=3.1.6 ;; 3.2) RUBYGEMS_VERSION=3.2.33 ;; 3.4) RUBYGEMS_VERSION=3.4.4 ;; *) fail "Unknown rubygems version $1" ;; esac printf -- "--build-arg RUBYGEMS_VERSION=%s " "$RUBYGEMS_VERSION" } function print_gcloud_args() { case "$1" in 383) GCLOUD_VERSION=383.0.1 ;; *) fail "Unknown gcloud version $1" ;; esac printf -- "--build-arg GCLOUD_VERSION=%s " "$GCLOUD_VERSION" } function print_kubectl_args() { declare -A KUBECTL_DOWNLOAD_SHA256 case "$1" in 1.23) KUBECTL_VERSION=1.23.0 KUBECTL_DOWNLOAD_SHA256[amd64]=2d0f5ba6faa787878b642c151ccb2c3390ce4c1e6c8e2b59568b3869ba407c4f KUBECTL_DOWNLOAD_SHA256[arm64]=1d77d6027fc8dfed772609ad9bd68f611b7e4ce73afa949f27084ad3a92b15fe ;; *) fail "Unknown kubectl version $1" ;; esac printf -- "--build-arg KUBECTL_VERSION=%s " "$KUBECTL_VERSION" printf -- "--build-arg KUBECTL_DOWNLOAD_SHA256=%q " "${KUBECTL_DOWNLOAD_SHA256[*]}" } function print_helm_args() { declare -A HELM_DOWNLOAD_SHA256 case "$1" in 3.5) HELM_VERSION=3.5.3 HELM_DOWNLOAD_SHA256[amd64]=2170a1a644a9e0b863f00c17b761ce33d4323da64fc74562a3a6df2abbf6cd70 HELM_DOWNLOAD_SHA256[arm64]=e1348d94ce4caace43689ee2dfa5f8bcd8687c12053d9c13d79875b65d6b72aa ;; *) fail "Unknown helm version $1" ;; esac printf -- "--build-arg HELM_VERSION=%s " "$HELM_VERSION" printf -- "--build-arg HELM_DOWNLOAD_SHA256=%q " "${HELM_DOWNLOAD_SHA256[*]}" } function parse_arguments() { printf -- "-f Dockerfile.custom " # We make use of 2 variables related to the build environment. # 1. `CUSTOM_DOCKER_IMAGE` - Defines the reference of image used as # base for building images. Follows a # valid docker image reference format # - "debian:bullseye" # - "registry.access.redhat.com/ubi8/ubi:8.6" # 2. `BUILD_OS` - Used by installation scripts of various # components to detect the OS being worked # on. Follows regular docker image:tag # format - "debian:bullseye" or "ubi:8.6". TARGETARCH=${ARCH:-amd64} for tool in "${PATH_TOOLS[@]}" "${TAG_TOOLS[@]}"; do if [ -n "${!tool}" ]; then version="${!tool}" case "$tool" in # explode debian:version into `print_image_args debian version` OS) print_image_args ${version%:*} ${version##*:} ;; DEBIAN) print_image_args debian $version ;; UBI) print_image_args ubi $version ;; RUBY) print_ruby_args $version ;; BUNDLER) print_bundler_args $version ;; RUBYGEMS) print_rubygems_args $version ;; GOLANG) print_golang_args $version ;; RUST) print_rust_args $version ;; CHROME) print_chrome_args $version ;; DOCKER) print_docker_args $version ;; GIT) print_git_args $version ;; LFS) print_lfs_args $version ;; NODE) print_node_args $version ;; YARN) print_yarn_args $version ;; POSTGRESQL) print_postgres_args $version ;; GRAPHICSMAGICK) print_graphicsmagick_args $version ;; EXIFTOOL) print_exiftool_args $version ;; BAZELISK) print_bazelisk_args $version ;; GCLOUD) print_gcloud_args $version ;; KUBECTL) print_kubectl_args $version ;; HELM) print_helm_args $version ;; *) fail "Unknown tool $tool" ;; esac fi done printf -- "--platform=%s " "${TARGETARCH}" } function run_command() { printf "\t%s\n" "$@" eval "$@" } function build_custom_if_needed() { build_image_path=$(get_image_path) build_image_tag=$(get_image_tag) full_image_name="$build_image_path:$build_image_tag" echo "Building image $full_image_name" docker_build_command=$(parse_arguments) docker_build_command="${docker_build_command} $@" docker_build_command="${docker_build_command} --cache-from=\"$full_image_name\"" docker_build_command="${docker_build_command} --tag=\"$full_image_name\"" echo "Docker build command:" # Prefer using `docker buildx` as it is more flexible, # or use regular `docker build` if not available on older systems if docker buildx version &> /dev/null; then docker_build_command="${docker_build_command} --cache-to=type=inline" docker_build_command="${docker_build_command} --push=${PUSH_CUSTOM_IMAGE:-false}" run_command docker buildx build $docker_build_command . else docker_build_command="${docker_build_command} --build-arg TARGETARCH=${ARCH}" run_command docker build $docker_build_command . if [[ "$PUSH_CUSTOM_IMAGE" == "true" ]]; then run_command docker push "$full_image_name" fi fi printf "\n\nSUCCESS - Successfully built:\n\t%s\n" "$full_image_name" } # If OS is specified ignore other ways to specify system # Use DEBIAN if UBI is not specified if [[ -n "$OS" ]]; then unset DEBIAN UBI elif [[ -n "$UBI" ]]; then unset DEBIAN else DEBIAN=${DEBIAN:-bullseye} fi build_custom_if_needed $@