initial commit

Signed-off-by: Michal Minář <michal.minar@id.ethz.ch>

initial commit
Signed-off-by: Michal Minář <michal.minar@id.ethz.ch>
ec3990c9 · mminar · ec3990c9 · ec3990c9 · ec3990c9 · ec3990c9
Verified Commit ec3990c9 authored 8 months ago by mminar
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
+---
+stages:
+  - lint
+  - test
+  - build
+  - renovate
+sast:
+  stage: test
+workflow:
+  rules:
+    # All branches
+    - if: $CI_COMMIT_BRANCH
+      when: always
+    # All tags
+    - if: $CI_COMMIT_TAG
+      when: always
+    # don't run merge request pipelines
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+      when: never
+include:
+  - local: .gitlab/lint.yaml
+  - remote: https://gitlab.com/ethz-hpc/pipelines/-/raw/main/scripts/container/build-push.yaml
+  - remote: https://gitlab.com/ethz-hpc/pipelines/-/raw/main/scripts/renovate/config-lint.yaml
+  - remote: https://gitlab.com/ethz-hpc/pipelines/-/raw/main/scripts/renovate/run.yaml
+  - template: Security/Secret-Detection.gitlab-ci.yml
+  - template: Security/SAST.gitlab-ci.yml
+variables:
+  GIT_SUBMODULE_STRATEGY: recursive
+  CACHE: auto
+sidecar-logrotator:
+  extends: .kaniko-build
+  before_script:
+    - >
+      BUILD_EXTRA_ARGS="$BUILD_EXTRA_ARGS
+      --build-arg=REVISION=${TAG:-$CI_COMMIT_SHORT_SHA}
+      --build-arg=CREATED=$(date '+%Y-%m-%d %H:%M:%S%:z')"
+  rules:
+    - if: >-
+        $CI_PIPELINE_SOURCE !~ /^(?:push|merge_request_event|schedule|pipeline)$/ &&
+        $RENOVATE == "true"
+      when: never
+    - when: on_success
--- a/.gitlab/lint.yaml
+++ b/.gitlab/lint.yaml
+---
+yamllint:
+  stage: lint
+  image: registry.gitlab.com/pipeline-components/yamllint:0.31.2@sha256:82f082414bad17ec04f4d271262a6dcaf64883bb4f1ce73923380125af8b94ee
+  script:
+    - yamllint .
+  rules:
+    - if: >-
+        $CI_PIPELINE_SOURCE !~ /^(?:push|merge_request_event|schedule|pipeline)$/ &&
+        $RENOVATE == "true"
+      when: never
+    - changes:
+        paths:
+          - .yamllint
+          - "*.yaml"
+          - "**/*.yaml"
+          - "*.yml"
+          - "**/*.yml"
+markdownlint:
+  stage: lint
+  image: registry.gitlab.com/pipeline-components/markdownlint:0.13.3@sha256:05e98b078e72c637e90a15094d012ed63108d101a941c2526833717ae50eb802
+  script:
+    - mdl --style all --warnings .
+  rules:
+    - if: >-
+        $CI_PIPELINE_SOURCE !~ /^(?:push|merge_request_event|schedule|pipeline)$/ &&
+        $RENOVATE == "true"
+      when: never
+    - changes:
+        paths:
+          - .gitlab/lint.yaml
+          - "*.md"
+          - "*.MD"
+          - "**/*.md"
+          - "**/*.MD"
+hadolint:
+  stage: lint
+  image: registry.gitlab.com/pipeline-components/hadolint:0.26.3@sha256:ee33d11a3387fdcdea1575c39f7e55c68bf0335c9342e4d6bd7437120ffeafff
+  script:
+    - find -name 'Dockerfile*' -print0 | xargs -0 hadolint
+  rules:
+    - if: >-
+        $CI_PIPELINE_SOURCE !~ /^(?:push|merge_request_event|schedule|pipeline)$/ &&
+        $RENOVATE == "true"
+      when: never
+    - changes:
+        paths:
+          - Dockerfile*
+          - "**/Dockerfile*"
+          - .gitlab-ci.yaml
--- a/.gitlab/renovate.json5
+++ b/.gitlab/renovate.json5
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "local>hpc-registry/renovate-config",
+    "local>hpc-registry/renovate-config//managers/dockerfile.json5",
+    ":assignAndReview(mminar)",
+    ":automergeLinters",
+    ":automergePatch",
+    ":automergeDigest",
+  ],
+}
--- a/.yamllint
+++ b/.yamllint
+---
+extends: default
+yaml-files:
+  - '*.yaml'
+  - '*.yml'
+  - '.yamllint'
+  - '.ansible-lint'
+rules:
+  line-length:
+    max: 150  # due to digest pinning
+    level: warning
+# ex: ft=yaml et ts=2 sw=2 :
--- a/Dockerfile
+++ b/Dockerfile
+# renovate: datasource=docker
+ARG UBUNTU_IMAGE_TAG=24.04
+FROM ubuntu:${UBUNTU_IMAGE_TAG}
+ARG WITH_IPERF=1
+# renovate: datasource=repology depName=ubuntu_24_04/iperf3 versioning=semver-coerced
+ARG IPERF3_VERSION=3.16-1build2
+# renovate: datasource=repology depName=ubuntu_24_04/iproute2 versioning=semver-coerced
+ARG IPROUTE2_VERSION=6.1.0-1ubuntu6
+# renovate: datasource=repology depName=ubuntu_24_04/bind9-utils versioning=semver-coerced
+ARG BIND9_UTILS_VERSION=1:9.18.24-0ubuntu5
+# renovate: datasource=repology depName=ubuntu_24_04/curl versioning=semver-coerced
+ARG CURL_VERSION=8.5.0-2ubuntu10.1
+# renovate: datasource=repology depName=ubuntu_24_04/nmap versioning=semver-coerced
+ARG NMAP_VERSION=7.94+git20230807.3be01efb1+dfsg-3build2
+# renovate: datasource=repology depName=ubuntu_24_04/tini versioning=semver-coerced
+ARG TINI_VERSION=0.19.0-1
+# renovate: datasource=docker
+ARG UBUNTU_IMAGE_TAG=24.04
+ARG CREATED=""
+ARG REVISION=""
+# hadolint ignore=DL3015
+RUN apt-get update \
+ && apt-get install -y \
+        iproute2="${IPROUTE2_VERSION}" \
+        bind9-utils="${BIND9_UTILS_VERSION}" \
+        bind9-dnsutils="${BIND9_UTILS_VERSION}" \
+        tini="${TINI_VERSION}" \
+        curl="${CURL_VERSION}" \
+        nmap="${NMAP_VERSION}" \
+ && if [ "${WITH_IPERF:-0}" = "1" ]; then apt-get install -y iperf3="${IPERF3_VERSION}"; fi \
+ && rm -rf /var/cache/apt/*
+ENTRYPOINT ["/usr/bin/tini", "--", "/bin/bash"]
+LABEL org.opencontainers.image.authors "Michal Minář <michal.minar@id.ethz.ch>"
+LABEL org.opencontainers.image.source "https://gitlab.ethz.ch/hpc-registry/iperf3"
+LABEL org.opencontainers.image.url="https://gitlab.ethz.ch/hpc-registry/iperf3"
+LABEL org.opencontainers.image.title "iperf3 container image with net utilities"
+LABEL org.opencontainers.image.base="docker.io/ubuntu:${UBUNTU_IMAGE_TAG}"
+LABEL org.opencontainers.image.licenses="AGPL-3.0-or-later"
+LABEL org.opencontainers.image.created="${CREATED}"
--- a/README.md
+++ b/README.md
+# Network utilities container image
+Useful for debugging network issues.