From 52ba8b446c5b318eeb0a481dba1ff8e043cd5bb8 Mon Sep 17 00:00:00 2001 From: Paul Stack Date: Tue, 26 Oct 2021 18:37:33 +0100 Subject: [PATCH] Cleanup of all docker operations since moving to pulumi/pulumi-docker-containers (#8252) Co-authored-by: Josh Kodroff --- .github/workflows/command-dispatch.yml | 13 - .github/workflows/prerelease.yml | 4 +- .github/workflows/release.yml | 50 +-- .github/workflows/run-containers-build.yml | 56 --- .../trigger-container-build-event.yml | 207 ---------- Makefile | 5 - docker/README.md | 75 +--- docker/base/Dockerfile | 33 -- docker/base/Dockerfile.alpine | 33 -- docker/base/Dockerfile.debian | 1 - docker/base/Dockerfile.ubi | 32 -- docker/dotnet/Dockerfile | 47 --- docker/dotnet/Dockerfile.alpine | 26 -- docker/dotnet/Dockerfile.debian | 1 - docker/dotnet/Dockerfile.ubi | 25 -- docker/go/Dockerfile | 51 --- docker/go/Dockerfile.alpine | 29 -- docker/go/Dockerfile.debian | 1 - docker/go/Dockerfile.ubi | 49 --- docker/nodejs/Dockerfile | 26 -- docker/nodejs/Dockerfile.alpine | 26 -- docker/nodejs/Dockerfile.debian | 1 - docker/nodejs/Dockerfile.ubi | 29 -- docker/nodejs/dnf/nodejs.module | 5 - docker/pulumi/Dockerfile | 95 ----- docker/python/Dockerfile | 26 -- docker/python/Dockerfile.alpine | 26 -- docker/python/Dockerfile.debian | 1 - docker/python/Dockerfile.ubi | 27 -- scripts/test-containers.sh | 48 --- tests/containers/containers_test.go | 68 ---- tests/containers/dotnet/.gitignore | 353 ------------------ tests/containers/dotnet/Infra.fsproj | 13 - tests/containers/dotnet/Program.fs | 16 - tests/containers/dotnet/Pulumi.yaml | 3 - tests/containers/nodejs/.gitignore | 1 - tests/containers/nodejs/Pulumi.yaml | 3 - tests/containers/nodejs/index.js | 4 - tests/containers/nodejs/package.json | 7 - tests/containers/python/.gitignore | 2 - tests/containers/python/Pulumi.yaml | 3 - tests/containers/python/__main__.py | 4 - tests/containers/python/requirements.txt | 1 - tests/containers/python_venv/.gitignore | 2 - tests/containers/python_venv/Pulumi.yaml | 6 - tests/containers/python_venv/__main__.py | 4 - tests/containers/python_venv/requirements.txt | 1 - 47 files changed, 23 insertions(+), 1516 deletions(-) delete mode 100644 .github/workflows/run-containers-build.yml delete mode 100644 .github/workflows/trigger-container-build-event.yml delete mode 100644 docker/base/Dockerfile delete mode 100644 docker/base/Dockerfile.alpine delete mode 120000 docker/base/Dockerfile.debian delete mode 100644 docker/base/Dockerfile.ubi delete mode 100644 docker/dotnet/Dockerfile delete mode 100644 docker/dotnet/Dockerfile.alpine delete mode 120000 docker/dotnet/Dockerfile.debian delete mode 100644 docker/dotnet/Dockerfile.ubi delete mode 100644 docker/go/Dockerfile delete mode 100644 docker/go/Dockerfile.alpine delete mode 120000 docker/go/Dockerfile.debian delete mode 100644 docker/go/Dockerfile.ubi delete mode 100644 docker/nodejs/Dockerfile delete mode 100644 docker/nodejs/Dockerfile.alpine delete mode 120000 docker/nodejs/Dockerfile.debian delete mode 100644 docker/nodejs/Dockerfile.ubi delete mode 100644 docker/nodejs/dnf/nodejs.module delete mode 100644 docker/pulumi/Dockerfile delete mode 100644 docker/python/Dockerfile delete mode 100644 docker/python/Dockerfile.alpine delete mode 120000 docker/python/Dockerfile.debian delete mode 100644 docker/python/Dockerfile.ubi delete mode 100755 scripts/test-containers.sh delete mode 100644 tests/containers/containers_test.go delete mode 100644 tests/containers/dotnet/.gitignore delete mode 100644 tests/containers/dotnet/Infra.fsproj delete mode 100644 tests/containers/dotnet/Program.fs delete mode 100644 tests/containers/dotnet/Pulumi.yaml delete mode 100644 tests/containers/nodejs/.gitignore delete mode 100644 tests/containers/nodejs/Pulumi.yaml delete mode 100644 tests/containers/nodejs/index.js delete mode 100644 tests/containers/nodejs/package.json delete mode 100644 tests/containers/python/.gitignore delete mode 100644 tests/containers/python/Pulumi.yaml delete mode 100644 tests/containers/python/__main__.py delete mode 100644 tests/containers/python/requirements.txt delete mode 100644 tests/containers/python_venv/.gitignore delete mode 100644 tests/containers/python_venv/Pulumi.yaml delete mode 100644 tests/containers/python_venv/__main__.py delete mode 100644 tests/containers/python_venv/requirements.txt diff --git a/.github/workflows/command-dispatch.yml b/.github/workflows/command-dispatch.yml index f8756e656..9ad9173e8 100644 --- a/.github/workflows/command-dispatch.yml +++ b/.github/workflows/command-dispatch.yml @@ -43,19 +43,6 @@ jobs: permission: write issue-type: pull-request repository: pulumi/pulumi - command-dispatch-for-containers-tests: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Run Build - uses: peter-evans/slash-command-dispatch@v2 - with: - token: ${{ secrets.PULUMI_BOT_TOKEN }} - reaction-token: ${{ secrets.GITHUB_TOKEN }} - commands: run-containers - permission: write - issue-type: pull-request - repository: pulumi/pulumi auto-rebase-command: runs-on: ubuntu-latest steps: diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index 35202a5e1..5c340fbfe 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -338,7 +338,7 @@ jobs: cd src\github.com\${{ github.repository }} dotnet msbuild /t:Build /v:Detailed build.proj /p:PulumiRoot="D:\\Pulumi" /p:PythonVersion="${{ matrix.python-version }}" dispatch-docker-containers-ci-build: - name: Trigger Docker containers CI build + name: Dispatch Docker containers CI build needs: [publish-binaries, publish-sdks] runs-on: ubuntu-latest steps: @@ -351,5 +351,5 @@ jobs: - name: Fetch Tags run: | git fetch --quiet --prune --unshallow --tags - - name: Run Container Tests + - name: Dispatch event run: pulumictl dispatch -r pulumi/pulumi-docker-containers -c ci-build $(pulumictl get version --language generic -o) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5969fa862..d6363e200 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,9 +3,9 @@ on: tags: - v*.*.* paths-ignore: - - 'CHANGELOG.md' - - 'CHANGELOG_PENDING.md' - - 'README.md' + - "CHANGELOG.md" + - "CHANGELOG_PENDING.md" + - "README.md" env: PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_PROD_ACCESS_TOKEN }} GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -132,11 +132,11 @@ jobs: needs: publish-binaries strategy: matrix: - go-version: [ 1.17.x ] - python-version: [ 3.9.x ] - dotnet-version: [ 3.1.x ] - node-version: [ 14.x ] - language: [ "nodejs", "python", "dotnet" ] + go-version: [1.17.x] + python-version: [3.9.x] + dotnet-version: [3.1.x] + node-version: [14.x] + language: ["nodejs", "python", "dotnet"] steps: - name: Set up Go ${{ matrix.go-version }} uses: actions/setup-go@v1 @@ -189,7 +189,7 @@ jobs: needs: [lint, build-and-test, windows-build] strategy: matrix: - go-version: [ 1.17.x ] + go-version: [1.17.x] steps: - name: Set up Go ${{ matrix.go-version }} uses: actions/setup-go@v1 @@ -227,7 +227,7 @@ jobs: name: Lint ${{ matrix.directory }} strategy: matrix: - directory: [ sdk, pkg, tests ] + directory: [sdk, pkg, tests] runs-on: ubuntu-latest steps: - name: Checkout Repo @@ -293,14 +293,14 @@ jobs: name: Build & Test strategy: matrix: - platform: [ ubuntu-latest, macos-latest ] + platform: [ubuntu-latest, macos-latest] go-version: [1.17.x] - python-version: [ 3.9.x ] - dotnet-version: [ 3.1.x ] - node-version: [ 14.x ] + python-version: [3.9.x] + dotnet-version: [3.1.x] + node-version: [14.x] # See scripts/tests_subsets.py when editing - test-subset: [ integration, integration-and-codegen, auto, etc ] + test-subset: [integration, integration-and-codegen, auto, etc] runs-on: ${{ matrix.platform }} steps: @@ -459,21 +459,11 @@ jobs: run: | cd src\github.com\${{ github.repository }} dotnet msbuild /t:Build /v:Detailed build.proj /p:PulumiRoot="D:\\Pulumi" /p:PythonVersion="${{ matrix.python-version }}" - verify-containers: - name: Run Container Tests + dispatch-docker-containers-release-build: + name: Dispatch Docker containers release build needs: [publish-binaries, publish-sdks] - strategy: - matrix: - go-version: [1.17.x] - python-version: [ 3.9.x ] - dotnet-version: [ 3.1.x ] - node-version: [ 14.x ] runs-on: ubuntu-latest steps: - - name: Set up Go ${{ matrix.go-version }} - uses: actions/setup-go@v1 - with: - go-version: ${{ matrix.go-version }} - name: Install pulumictl uses: jaxxstorm/action-install-gh-release@v1.2.0 with: @@ -483,7 +473,7 @@ jobs: - name: Fetch Tags run: | git fetch --quiet --prune --unshallow --tags - - name: Run Container Tests - run: make test_containers VERSION=v$(pulumictl get version --language generic -o) + - name: Dispatch event + run: pulumictl dispatch -r pulumi/pulumi-docker-containers -c release-build $(pulumictl get version --language generic -o) env: - GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN}} + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/.github/workflows/run-containers-build.yml b/.github/workflows/run-containers-build.yml deleted file mode 100644 index 6362224e1..000000000 --- a/.github/workflows/run-containers-build.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: Testing Containers Build -on: - repository_dispatch: - types: [ run-containers-command ] - pull_request: - paths: - - 'docker/**' - - '!docker/README.md' - -env: - GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_PROD_ACCESS_TOKEN }} - PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} - -jobs: - comment-notification: - if: github.event_name == 'repository_dispatch' - runs-on: ubuntu-latest - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - name: Update with Result - uses: peter-evans/create-or-update-comment@v1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - issue-number: ${{ github.event.client_payload.github.payload.issue.number }} - body: | - Please view the results of the Downstream Containers Tests [Here][1] - - [1]: ${{ steps.vars.outputs.run-url }} - test-containers: - name: Test Container Changes - # Verify that the event is not triggered by a fork since forks cannot - # access secrets other than the default GITHUB_TOKEN. - if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository - strategy: - matrix: - go-version: [ 1.16.x ] - runs-on: ubuntu-latest - steps: - - name: Set up Go ${{ matrix.go-version }} - uses: actions/setup-go@v1 - with: - go-version: ${{ matrix.go-version }} - - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.2.0 - with: - repo: pulumi/pulumictl - - name: Checkout Repo - uses: actions/checkout@v2 - with: - ref: ${{ env.PR_COMMIT_SHA }} - - name: Run Container Tests - run: make test_containers VERSION=v$(curl https://www.pulumi.com/latest-version) diff --git a/.github/workflows/trigger-container-build-event.yml b/.github/workflows/trigger-container-build-event.yml deleted file mode 100644 index fba189af6..000000000 --- a/.github/workflows/trigger-container-build-event.yml +++ /dev/null @@ -1,207 +0,0 @@ -name: pulumi sdk containers build -on: - repository_dispatch: - types: - - docker-build -env: - VERSION: ${{ github.event.client_payload.ref }} - GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - -jobs: - pulumi: - name: pulumi image build - runs-on: ubuntu-latest - strategy: - fail-fast: false - steps: - - uses: actions/checkout@v2 - - name: Build Pulumi Image - uses: pulumi/action-docker-build@e98e474ca0312b1a0300cdbf9357dd2df3c62c22 - with: - repository: pulumi/pulumi - username: "pulumibot" - password: ${{ secrets.DOCKER_HUB_TOKEN }} - dockerfile: docker/pulumi/Dockerfile - additional-tags: v${{ env.VERSION }} - tag-latest: true - build-args: PULUMI_VERSION=v${{ env.VERSION }} - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: us-east-2 - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 3600 - role-external-id: upload-pulumi-release - role-session-name: pulumi@githubActions - role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - - name: Get Public ECR Authorization token - run: | - aws --region us-east-1 ecr-public get-authorization-token \ - --query 'authorizationData.authorizationToken' | \ - tr -d '"' | base64 --decode | cut -d: -f2 | \ - docker login -u AWS --password-stdin https://public.ecr.aws - - name: Publish pulumi/pulumi image to AWS Public ECR - run: | - docker tag pulumi/pulumi:v${{ env.VERSION }} public.ecr.aws/pulumi/pulumi:v${{ env.VERSION }} - docker tag pulumi/pulumi:latest public.ecr.aws/pulumi/pulumi:latest - docker push public.ecr.aws/pulumi/pulumi:v${{ env.VERSION }} - docker push public.ecr.aws/pulumi/pulumi:latest - base: - name: base sdk image build - runs-on: ubuntu-latest - strategy: - fail-fast: false - steps: - - uses: actions/checkout@master - - name: Build base image - uses: pulumi/action-docker-build@e98e474ca0312b1a0300cdbf9357dd2df3c62c22 - with: - repository: pulumi/pulumi-base - buildkit: true - username: "pulumibot" - password: ${{ secrets.DOCKER_HUB_TOKEN }} - dockerfile: docker/base/Dockerfile - additional-tags: ${{ env.VERSION }} - tag-latest: true - build-args: PULUMI_VERSION=${{ env.VERSION }} - - uses: meeDamian/sync-readme@v1.0.6 - name: Sync readme to Docker Hub - with: - user: "pulumibot" - pass: ${{ secrets.DOCKER_HUB_TOKEN }} - slug: pulumi/pulumi-base - readme: docker/README.md - description: Pulumi CLI container - bring your own SDK - base_os: - name: os base sdk image build - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - os: ["ubi", "debian"] - steps: - - uses: actions/checkout@master - - name: Build base image - uses: pulumi/action-docker-build@e98e474ca0312b1a0300cdbf9357dd2df3c62c22 - with: - repository: pulumi/pulumi-base - buildkit: true - username: "pulumibot" - password: ${{ secrets.DOCKER_HUB_TOKEN }} - dockerfile: docker/base/Dockerfile.${{ matrix.os }} - additional-tags: ${{ env.VERSION }}-${{ matrix.os }} - tag-latest: false - build-args: PULUMI_VERSION=${{ env.VERSION }} - sdk: - name: language sdk image - runs-on: ubuntu-latest - needs: base - strategy: - fail-fast: false - matrix: - sdk: ["nodejs", "python", "dotnet", "go"] - steps: - - uses: actions/checkout@master - - name: Build image - uses: pulumi/action-docker-build@e98e474ca0312b1a0300cdbf9357dd2df3c62c22 - with: - repository: pulumi/pulumi-${{matrix.sdk}} - buildkit: true - username: "pulumibot" - password: ${{ secrets.DOCKER_HUB_TOKEN }} - dockerfile: docker/${{ matrix.sdk }}/Dockerfile - additional-tags: ${{ env.VERSION }} - build-args: PULUMI_VERSION=${{ env.VERSION }} - tag-latest: true - - uses: meeDamian/sync-readme@v1.0.6 - name: Sync readme to Docker Hub - with: - user: "pulumibot" - pass: ${{ secrets.DOCKER_HUB_TOKEN }} - slug: pulumi/pulumi-${{matrix.sdk}} - readme: docker/README.md - description: Pulumi CLI container for ${{ matrix.sdk }} - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: us-east-2 - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 3600 - role-external-id: upload-pulumi-release - role-session-name: pulumi@githubActions - role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - - name: Get Public ECR Authorization token - run: | - aws --region us-east-1 ecr-public get-authorization-token \ - --query 'authorizationData.authorizationToken' | \ - tr -d '"' | base64 --decode | cut -d: -f2 | \ - docker login -u AWS --password-stdin https://public.ecr.aws - - name: Publish pulumi/pulumi-${{matrix.sdk}} image to AWS Public ECR - run: | - docker tag pulumi/pulumi-${{matrix.sdk}}:latest public.ecr.aws/pulumi/pulumi-${{matrix.sdk}}:latest - docker push public.ecr.aws/pulumi/pulumi-${{matrix.sdk}}:latest - - docker tag pulumi/pulumi-${{matrix.sdk}}:${{ env.VERSION }} public.ecr.aws/pulumi/pulumi-${{matrix.sdk}}:${{ env.VERSION }} - docker push public.ecr.aws/pulumi/pulumi-${{matrix.sdk}}:${{ env.VERSION }} - os_sdk: - name: os language sdk image - runs-on: ubuntu-latest - needs: base_os - strategy: - fail-fast: false - matrix: - sdk: ["nodejs", "python", "dotnet", "go"] - os: ["ubi", "debian"] - steps: - - uses: actions/checkout@master - - name: Build image - uses: pulumi/action-docker-build@e98e474ca0312b1a0300cdbf9357dd2df3c62c22 - with: - repository: pulumi/pulumi-${{matrix.sdk}} - buildkit: true - username: "pulumibot" - password: ${{ secrets.DOCKER_HUB_TOKEN }} - dockerfile: docker/${{ matrix.sdk }}/Dockerfile.${{ matrix.os }} - additional-tags: ${{ env.VERSION }}-${{ matrix.os }} - build-args: PULUMI_VERSION=${{ env.VERSION }} - tag-latest: false - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: us-east-2 - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 3600 - role-external-id: upload-pulumi-release - role-session-name: pulumi@githubActions - role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - - name: Get Public ECR Authorization token - run: | - aws --region us-east-1 ecr-public get-authorization-token \ - --query 'authorizationData.authorizationToken' | \ - tr -d '"' | base64 --decode | cut -d: -f2 | \ - docker login -u AWS --password-stdin https://public.ecr.aws - - name: Publish pulumi/pulumi-${{matrix.sdk}} image to AWS Public ECR - run: | - docker tag pulumi/pulumi-${{matrix.sdk}}:${{ env.VERSION }}-${{ matrix.os }} public.ecr.aws/pulumi/pulumi-${{matrix.sdk}}:${{ env.VERSION }}-${{ matrix.os }} - docker push public.ecr.aws/pulumi/pulumi-${{matrix.sdk}}:${{ env.VERSION }}-${{ matrix.os }} - image-scan: - name: scan container images - runs-on: ubuntu-latest - needs: os_sdk - continue-on-error: true - strategy: - matrix: - image: ["base", "nodejs", "python", "go"] - os: ["ubi"] - steps: - - uses: actions/checkout@master - - name: Run Snyk to check Docker images for vulnerabilities - uses: snyk/actions/docker@master - env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - with: - image: pulumi/pulumi-${{matrix.image}}:${{ env.VERSION }}-${{ matrix.os }} - args: --severity-threshold=high --file=docker/${{matrix.image}}/Dockerfile.${{ matrix.os }} diff --git a/Makefile b/Makefile index 3e0df8c1e..59d13e674 100644 --- a/Makefile +++ b/Makefile @@ -84,8 +84,3 @@ test_build:: $(TEST_ALL_DEPS) test_all:: test_build cd pkg && $(GO_TEST) ${PROJECT_PKGS} cd tests && $(GO_TEST) -p=1 ${TESTS_PKGS} - -.PHONY: test_containers -test_containers: - $(call STEP_MESSAGE) - ./scripts/test-containers.sh ${VERSION} diff --git a/docker/README.md b/docker/README.md index 73e64b6e7..55b90470d 100644 --- a/docker/README.md +++ b/docker/README.md @@ -1,76 +1,3 @@ # Pulumi Docker images -This image is an alternative to the [Pulumi docker image](https://hub.docker.com/r/pulumi/pulumi) -The `pulumi/pulumi` image is quite large because it has to bundle all the SDKs that Pulumi supports: - - - Go - - Python - - NodeJS - - DotNet - -This container is a slimmer container for the specific SDK. It contains the `pulumi` binary, the `pulumi` language runtime -for that SDK and any additional necessary language components.. - -## Images - -We build a matrix of images for differing Pulumi language SDKs and operating systems. The OS base images we use are: - - - registry.access.redhat.com/ubi8/ubi-minimal (ubi) - - debian:buster-slim (debian) - -### Base Image - -The base image just contains the pulumi binaries and language runtimes, but _not_ the SDK runtimes. If you use the base -image, you'll have to install Go/Python/Dotnet/NodeJS yourself. The image format is: - -``` -pulumi/pulumi-base:- -``` - -The default image without the OS is based on Debian Buster, and can be used like so: - -``` -pulumi/pulumi-base: -``` - -### SDK Images - -Images with the SDK runtimes are generated in the following format: - -``` -pulumi/pulumi-:- -``` - -The default image without the OS suffix is based on Debian Buster, and can be used like so: - -``` -pulumi/pulumi-: -pulumi/pulumi-:latest -``` - -### Image Size - -Each of the images are much smaller than the combined Pulumi container. They are in the region of approx 150MB (compressed size) -depending on the operating system it has been built on - -### Operating Systems - -We currently build images based on both [Debian Buster](https://wiki.debian.org/DebianBuster) and with the [RedHat Universal Base Image](https://www.redhat.com/en/blog/introducing-red-hat-universal-base-image)/ - -### UBI Images - -The UBI images use `microdnf` as a package manager, not yum. See [this](https://github.com/rpm-software-management/microdnf) page for more information. - -## Usage - -In order to try and keep the images flexible and try to meet as many use cases as possible, none of these images have `CMD` or entrypoint set, so you'll need to specify the commands you want to run, for example: - -``` -docker run -e PULUMI_ACCESS_TOKEN= -v "$(pwd)":/pulumi/projects $IMG /bin/bash -c "npm ci && pulumi preview -s " -``` - -## Considerations - -These images _do not_ include additional tools you might want to use when running a pulumi provider. For example, if -you're using the [pulumi-kubernetes](https://github.com/pulumi/pulumi-kubernetes) with [Helm](https://helm.sh/), you'll -need to use these images as a base image, or install the `helm` command as part of your CI setup. +The management of the Pulumi docker containers has moved to . Please open any feature requests or bug reports on that repo diff --git a/docker/base/Dockerfile b/docker/base/Dockerfile deleted file mode 100644 index 243cb4a86..000000000 --- a/docker/base/Dockerfile +++ /dev/null @@ -1,33 +0,0 @@ -# syntax = docker/dockerfile:experimental -FROM debian:buster-slim AS builder -ARG PULUMI_VERSION=latest -RUN apt-get update -y && \ - apt-get upgrade -y && \ - apt-get install -y \ - curl \ - build-essential \ - git - -# Install the Pulumi SDK, including the CLI and language runtimes. -RUN if [ "$PULUMI_VERSION" = "latest" ]; then \ - curl -fsSL https://get.pulumi.com/ | bash; \ - else \ - curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION ; \ - fi - -# The runtime container -# This is our base container, so let's copy all the runtimes to .pulumi/bin -FROM debian:buster-slim -WORKDIR /pulumi -COPY --from=builder /root/.pulumi/bin bin - -RUN --mount=target=/var/lib/apt/lists,type=cache \ - --mount=target=/var/cache/apt,type=cache \ - apt-get update -y && \ - apt-get upgrade -y && \ - apt-get install -y \ - git \ - ca-certificates - -ENV PATH "/pulumi/bin:${PATH}" -CMD ["pulumi"] diff --git a/docker/base/Dockerfile.alpine b/docker/base/Dockerfile.alpine deleted file mode 100644 index 5aba94a50..000000000 --- a/docker/base/Dockerfile.alpine +++ /dev/null @@ -1,33 +0,0 @@ -# syntax = docker/dockerfile:experimental -FROM alpine:3.12.0 AS builder -ARG PULUMI_VERSION=latest -RUN apk update && \ - apk upgrade && \ - apk add \ - curl \ - make \ - libc6-compat \ - gcc \ - git -# Install the Pulumi SDK, including the CLI and language runtimes. -RUN if [ "$PULUMI_VERSION" = "latest" ]; then \ - curl -fsSL https://get.pulumi.com/ | sh; \ - else \ - curl -fsSL https://get.pulumi.com/ | sh -s -- --version $PULUMI_VERSION ; \ - fi - -# The runtime container -# This is our base container, so let's copy all the runtimes to .pulumi/bin -FROM alpine:3.12.0 -WORKDIR /pulumi -COPY --from=builder /root/.pulumi/bin bin - -RUN apk update && \ - apk upgrade && \ - apk add \ - git \ - libc6-compat \ - ca-certificates - -ENV PATH "/pulumi/bin:${PATH}" -CMD ["pulumi"] diff --git a/docker/base/Dockerfile.debian b/docker/base/Dockerfile.debian deleted file mode 120000 index 1d1fe94df..000000000 --- a/docker/base/Dockerfile.debian +++ /dev/null @@ -1 +0,0 @@ -Dockerfile \ No newline at end of file diff --git a/docker/base/Dockerfile.ubi b/docker/base/Dockerfile.ubi deleted file mode 100644 index 71d3e1e85..000000000 --- a/docker/base/Dockerfile.ubi +++ /dev/null @@ -1,32 +0,0 @@ -# syntax = docker/dockerfile:experimental -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest as builder -ARG PULUMI_VERSION=latest -RUN --mount=target=/var/cache/yum,type=cache \ - microdnf install -y \ - curl \ - make \ - gcc \ - git \ - tar \ - gcc-c++ -# Install the Pulumi SDK, including the CLI and language runtimes. -RUN if [ "$PULUMI_VERSION" = "latest" ]; then \ - curl -fsSL https://get.pulumi.com/ | bash; \ - else \ - curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION ; \ - fi - -# The runtime container -# This is our base container, so let's copy all the runtimes to .pulumi/bin -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest -WORKDIR /pulumi -COPY --from=builder /root/.pulumi/bin bin - -RUN --mount=target=/var/cache/yum,type=cache \ - microdnf install -y \ - git \ - tar \ - ca-certificates - -ENV PATH "/pulumi/bin:${PATH}" -CMD ["pulumi"] diff --git a/docker/dotnet/Dockerfile b/docker/dotnet/Dockerfile deleted file mode 100644 index a81acc0f5..000000000 --- a/docker/dotnet/Dockerfile +++ /dev/null @@ -1,47 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG PULUMI_IMAGE=pulumi/pulumi-base -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION} as pulumi - -# Build container -FROM ubuntu:bionic AS builder -WORKDIR /dotnet -RUN apt-get update -y && \ - apt-get install -y \ - curl \ - gpg -RUN curl -o - https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > /tmp/microsoft.asc.gpg; \ - curl -o /tmp/microsoft-prod.list https://packages.microsoft.com/config/debian/10/prod.list - -# The runtime container -FROM debian:buster-slim -WORKDIR /pulumi/projects - -ARG RUNTIME_VERSION="3.1" - -# We need to install ca certs before copying the ms prod debs packages -RUN --mount=target=/var/lib/apt/lists,type=cache \ - --mount=target=/var/cache/apt,type=cache \ - apt-get update -y && \ - apt-get install -y \ - ca-certificates - -COPY --from=builder /tmp/microsoft.asc.gpg /etc/apt/trusted.gpg.d/microsoft.asc.gpg -COPY --from=builder /tmp/microsoft-prod.list /etc/apt/sources.list.d/microsoft-prod.list - -# Install needed tools, like git -RUN --mount=target=/var/lib/apt/lists,type=cache \ - --mount=target=/var/cache/apt,type=cache \ - apt-get update -y && \ - apt-get install -y \ - git \ - dotnet-sdk-${RUNTIME_VERSION} - -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/*-dotnet* /pulumi/bin/ -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/dotnet/Dockerfile.alpine b/docker/dotnet/Dockerfile.alpine deleted file mode 100644 index 904f42426..000000000 --- a/docker/dotnet/Dockerfile.alpine +++ /dev/null @@ -1,26 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG PULUMI_IMAGE=pulumi/pulumi-base -ARG RUNTIME_VERSION="3.1" -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION}-alpine as pulumi - -# The runtime container -FROM mcr.microsoft.com/dotnet/core/sdk:${RUNTIME_VERSION}-alpine3.12 -WORKDIR /pulumi/projects - -# We need to install ca certs before copying the ms prod debs packages -RUN apk update && \ - apk upgrade && \ - apk add \ - ca-certificates \ - git \ - libc6-compat - -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/*-dotnet* /pulumi/bin/ -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/dotnet/Dockerfile.debian b/docker/dotnet/Dockerfile.debian deleted file mode 120000 index 1d1fe94df..000000000 --- a/docker/dotnet/Dockerfile.debian +++ /dev/null @@ -1 +0,0 @@ -Dockerfile \ No newline at end of file diff --git a/docker/dotnet/Dockerfile.ubi b/docker/dotnet/Dockerfile.ubi deleted file mode 100644 index 8314f713f..000000000 --- a/docker/dotnet/Dockerfile.ubi +++ /dev/null @@ -1,25 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG PULUMI_IMAGE=pulumi/pulumi-base -ARG RUNTIME_VERSION=3.1 -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION}-ubi as pulumi - -# The runtime container -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest -WORKDIR /pulumi/projects - -RUN --mount=target=/var/cache/yum,type=cache \ - microdnf install -y \ - ca-certificates \ - tar \ - dotnet-sdk-3.1 \ - git - -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/*-dotnet* /pulumi/bin/ -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/go/Dockerfile b/docker/go/Dockerfile deleted file mode 100644 index a3c533d58..000000000 --- a/docker/go/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG PULUMI_IMAGE=pulumi/pulumi-base -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION} as pulumi - -# Build container -FROM ubuntu:bionic AS builder - -# Set go versions -ARG RUNTIME_VERSION=1.17.1 - -WORKDIR /golang -RUN apt-get update -y && \ - apt-get install -y \ - curl \ - git \ - build-essential \ - tar \ - git -RUN curl -fsSLo /tmp/go.tgz https://golang.org/dl/go${RUNTIME_VERSION}.linux-amd64.tar.gz; \ - mkdir -p bin; \ - tar -C /golang -xzf /tmp/go.tgz; \ - rm /tmp/go.tgz; \ - export PATH="/golang/go/bin:${PATH}"; \ - go version - -# The runtime container -FROM debian:buster-slim -WORKDIR /pulumi/projects - -# Install needed tools, like git -RUN --mount=target=/var/lib/apt/lists,type=cache \ - --mount=target=/var/cache/apt,type=cache \ - apt-get update -y && \ - apt-get install -y \ - git \ - ca-certificates; \ - mkdir -p /go - -# Uses the workdir -COPY --from=builder /golang/go /usr/local -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/pulumi-language-go /pulumi/bin/pulumi-language-go -COPY --from=pulumi /pulumi/bin/pulumi-analyzer-policy /pulumi/bin/pulumi-analyzer-policy -ENV GOPATH=/go -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/go/Dockerfile.alpine b/docker/go/Dockerfile.alpine deleted file mode 100644 index 09eead71b..000000000 --- a/docker/go/Dockerfile.alpine +++ /dev/null @@ -1,29 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG PULUMI_IMAGE=pulumi/pulumi-base -ARG RUNTIME_VERSION=1.17.1 -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION}-alpine as pulumi - -# The runtime container -FROM golang:${RUNTIME_VERSION}-alpine3.12 -WORKDIR /pulumi/projects - -# Install needed tools, like git -RUN apk update && \ - apk upgrade && \ - apk add \ - git \ - libc6-compat \ - ca-certificates; \ - mkdir -p /go - -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/pulumi-language-go /pulumi/bin/pulumi-language-go -COPY --from=pulumi /pulumi/bin/pulumi-analyzer-policy /pulumi/bin/pulumi-analyzer-policy -ENV GOPATH=/go -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/go/Dockerfile.debian b/docker/go/Dockerfile.debian deleted file mode 120000 index 1d1fe94df..000000000 --- a/docker/go/Dockerfile.debian +++ /dev/null @@ -1 +0,0 @@ -Dockerfile \ No newline at end of file diff --git a/docker/go/Dockerfile.ubi b/docker/go/Dockerfile.ubi deleted file mode 100644 index 430675961..000000000 --- a/docker/go/Dockerfile.ubi +++ /dev/null @@ -1,49 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG PULUMI_IMAGE=pulumi/pulumi-base -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION} as pulumi - -# Build container -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest AS builder - -# Set go versions -ARG RUNTIME_VERSION=1.17.1 - -WORKDIR /golang -RUN microdnf install -y \ - curl \ - make \ - gcc \ - git \ - tar \ - gcc-c++ -RUN curl -fsSLo /tmp/go.tgz https://golang.org/dl/go${RUNTIME_VERSION}.linux-amd64.tar.gz; \ - mkdir -p bin; \ - tar -C /golang -xzf /tmp/go.tgz; \ - rm /tmp/go.tgz; \ - export PATH="/golang/go/bin:${PATH}"; \ - go version - -# The runtime container -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest -WORKDIR /pulumi/projects - -# Install needed tools, like git -RUN microdnf install -y \ - git \ - tar \ - ca-certificates; \ - mkdir -p /go - -# Uses the workdir -COPY --from=builder /golang/go /usr/local -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/pulumi-language-go /pulumi/bin/pulumi-language-go -COPY --from=pulumi /pulumi/bin/pulumi-analyzer-policy /pulumi/bin/pulumi-analyzer-policy -ENV GOPATH=/go -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/nodejs/Dockerfile b/docker/nodejs/Dockerfile deleted file mode 100644 index 5210f58cc..000000000 --- a/docker/nodejs/Dockerfile +++ /dev/null @@ -1,26 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG PULUMI_IMAGE=pulumi/pulumi-base -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION} as pulumi - -# The runtime container -FROM node:lts-buster-slim -WORKDIR /pulumi/projects - -# Install needed tools, like git -RUN --mount=target=/var/lib/apt/lists,type=cache \ - --mount=target=/var/cache/apt,type=cache \ - apt-get update -y && \ - apt-get install -y \ - git \ - ca-certificates - -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/*-nodejs* /pulumi/bin/ -COPY --from=pulumi /pulumi/bin/pulumi-analyzer-policy /pulumi/bin/ -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/nodejs/Dockerfile.alpine b/docker/nodejs/Dockerfile.alpine deleted file mode 100644 index 0086c3538..000000000 --- a/docker/nodejs/Dockerfile.alpine +++ /dev/null @@ -1,26 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG PULUMI_IMAGE=pulumi/pulumi-base -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION} as pulumi - -# The runtime container -FROM node:lts-alpine3.12 -WORKDIR /pulumi/projects - -# Install needed tools, like git -RUN apk update && \ - apk upgrade && \ - apk add \ - git \ - libc6-compat \ - ca-certificates - -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/*-nodejs* /pulumi/bin/ -COPY --from=pulumi /pulumi/bin/pulumi-analyzer-policy /pulumi/bin/ -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/nodejs/Dockerfile.debian b/docker/nodejs/Dockerfile.debian deleted file mode 120000 index 1d1fe94df..000000000 --- a/docker/nodejs/Dockerfile.debian +++ /dev/null @@ -1 +0,0 @@ -Dockerfile \ No newline at end of file diff --git a/docker/nodejs/Dockerfile.ubi b/docker/nodejs/Dockerfile.ubi deleted file mode 100644 index 0f9c22478..000000000 --- a/docker/nodejs/Dockerfile.ubi +++ /dev/null @@ -1,29 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG PULUMI_IMAGE=pulumi/pulumi-base -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION} as pulumi - -# The runtime container -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest -WORKDIR /pulumi/projects - -COPY dnf/nodejs.module /etc/dnf/modules.d/nodejs.module - -# Install needed tools, like git -RUN --mount=target=/var/cache/yum,type=cache \ - microdnf install -y \ - git \ - tar \ - nodejs \ - ca-certificates && \ - npm install -g yarn - -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/*-nodejs* /pulumi/bin/ -COPY --from=pulumi /pulumi/bin/pulumi-analyzer-policy /pulumi/bin/ -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/nodejs/dnf/nodejs.module b/docker/nodejs/dnf/nodejs.module deleted file mode 100644 index be83f3374..000000000 --- a/docker/nodejs/dnf/nodejs.module +++ /dev/null @@ -1,5 +0,0 @@ -[nodejs] -name=nodejs -stream=12 -profiles= -state=enabled diff --git a/docker/pulumi/Dockerfile b/docker/pulumi/Dockerfile deleted file mode 100644 index a179818e8..000000000 --- a/docker/pulumi/Dockerfile +++ /dev/null @@ -1,95 +0,0 @@ -FROM python:3.7-slim-stretch - -LABEL "repository"="https://github.com/pulumi/pulumi" -LABEL "homepage"="https://pulumi.com" -LABEL "maintainer"="Pulumi Team " - -ENV GOLANG_VERSION 1.17.1 -ENV GOLANG_SHA256 dab7d9c34361dc21ec237d584590d72500652e7c909bf082758fb63064fca0ef - -# Install deps all in one step -RUN apt-get update -y && \ - apt-get install -y \ - apt-transport-https \ - build-essential \ - ca-certificates \ - curl \ - git \ - gnupg \ - software-properties-common \ - wget && \ - # Get all of the signatures we need all at once. - curl -fsSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && \ - curl -fsSL https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \ - curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add - && \ - curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - && \ - curl -fsSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - && \ - # IAM Authenticator for EKS - curl -fsSLo /usr/bin/aws-iam-authenticator https://amazon-eks.s3-us-west-2.amazonaws.com/1.10.3/2018-07-26/bin/linux/amd64/aws-iam-authenticator && \ - chmod +x /usr/bin/aws-iam-authenticator && \ - # Add additional apt repos all at once - echo "deb https://deb.nodesource.com/node_14.x $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/node.list && \ - echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \ - echo "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list && \ - echo "deb http://packages.cloud.google.com/apt cloud-sdk-$(lsb_release -cs) main" | tee /etc/apt/sources.list.d/google-cloud-sdk.list && \ - echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.list && \ - echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/azure.list && \ - # Install second wave of dependencies - apt-get update -y && \ - apt-get install -y \ - azure-cli \ - docker-ce \ - google-cloud-sdk \ - kubectl \ - nodejs \ - yarn && \ - pip install awscli --upgrade && \ - # Clean up the lists work - rm -rf /var/lib/apt/lists/* - -# Install Go -RUN curl -fsSLo /tmp/go.tgz https://golang.org/dl/go${GOLANG_VERSION}.linux-amd64.tar.gz; \ - echo "${GOLANG_SHA256} /tmp/go.tgz" | sha256sum -c -; \ - tar -C /usr/local -xzf /tmp/go.tgz; \ - rm /tmp/go.tgz; \ - export PATH="/usr/local/go/bin:$PATH"; \ - go version -ENV GOPATH /go -ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH - - -# Install .NET Core SDK -RUN wget -q https://packages.microsoft.com/config/ubuntu/19.04/packages-microsoft-prod.deb \ - -O packages-microsoft-prod.deb && \ - dpkg -i packages-microsoft-prod.deb && \ - rm packages-microsoft-prod.deb && \ - apt-get update -y && \ - apt-get install -y \ - apt-transport-https \ - dotnet-sdk-3.1 - -# Install Helm -# Explicitly set env variables that helm reads to their defaults, so that subsequent calls to -# helm will find the stable repo even if $HOME points to something other than /root -# (e.g. in GitHub actions where $HOME points to /github/home). -ENV XDG_CONFIG_HOME=/root/.config -ENV XDG_CACHE_HOME=/root/.cache -RUN curl -L https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash && \ - helm repo add stable https://charts.helm.sh/stable && \ - helm repo update - -# Passing --build-arg PULUMI_VERSION=vX.Y.Z will use that version -# of the SDK. Otherwise, we use whatever get.pulumi.com thinks is -# the latest -ARG PULUMI_VERSION=latest - -# Install the Pulumi SDK, including the CLI and language runtimes. -RUN if [ "$PULUMI_VERSION" = "latest" ]; then \ - curl -fsSL https://get.pulumi.com/ | bash; \ - else \ - curl -fsSL https://get.pulumi.com/ | bash -s -- --version $(echo $PULUMI_VERSION | cut -c 2-); \ - fi && \ - mv ~/.pulumi/bin/* /usr/bin - -# I think it's safe to say if we're using this mega image, we want pulumi -ENTRYPOINT ["pulumi"] diff --git a/docker/python/Dockerfile b/docker/python/Dockerfile deleted file mode 100644 index 123a5139b..000000000 --- a/docker/python/Dockerfile +++ /dev/null @@ -1,26 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG RUNTIME_VERSION=3.9 -ARG PULUMI_IMAGE=pulumi/pulumi-base -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION} as pulumi - -# The runtime container -FROM python:${RUNTIME_VERSION}-slim-buster -WORKDIR /pulumi/projects - -# Install needed tools, like git -RUN --mount=target=/var/lib/apt/lists,type=cache \ - --mount=target=/var/cache/apt,type=cache \ - apt-get update -y && \ - apt-get install -y \ - git \ - ca-certificates - -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/*-python* /pulumi/bin/ -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/python/Dockerfile.alpine b/docker/python/Dockerfile.alpine deleted file mode 100644 index 3ce2ef910..000000000 --- a/docker/python/Dockerfile.alpine +++ /dev/null @@ -1,26 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG RUNTIME_VERSION=3.9 -ARG PULUMI_IMAGE=pulumi/pulumi-base -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION}-alpine as pulumi - -# The runtime container -FROM python:${RUNTIME_VERSION}-alpine3.12 -WORKDIR /pulumi/projects - -# Install needed tools, like git -RUN apk update && \ - apk upgrade && \ - apk add \ - git \ - libc6-compat \ - ca-certificates - -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/*-python* /pulumi/bin/ -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/docker/python/Dockerfile.debian b/docker/python/Dockerfile.debian deleted file mode 120000 index 1d1fe94df..000000000 --- a/docker/python/Dockerfile.debian +++ /dev/null @@ -1 +0,0 @@ -Dockerfile \ No newline at end of file diff --git a/docker/python/Dockerfile.ubi b/docker/python/Dockerfile.ubi deleted file mode 100644 index 86a558031..000000000 --- a/docker/python/Dockerfile.ubi +++ /dev/null @@ -1,27 +0,0 @@ -# syntax = docker/dockerfile:experimental -# Interim container so we can copy pulumi binaries -# Must be defined first -ARG PULUMI_VERSION=latest -ARG PULUMI_IMAGE=pulumi/pulumi-base -FROM ${PULUMI_IMAGE}:${PULUMI_VERSION} as pulumi - -# The runtime container -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest -WORKDIR /pulumi/projects - -# Install needed tools, like git -RUN --mount=target=/var/cache/yum,type=cache \ - microdnf install -y \ - git \ - tar \ - python3 \ - python3-pip \ - ca-certificates && \ - pip3 install --user pipenv - -# Uses the workdir, copies from pulumi interim container -COPY --from=pulumi /pulumi/bin/pulumi /pulumi/bin/pulumi -COPY --from=pulumi /pulumi/bin/*-python* /pulumi/bin/ -ENV PATH "/pulumi/bin:${PATH}" - -CMD ["pulumi"] diff --git a/scripts/test-containers.sh b/scripts/test-containers.sh deleted file mode 100755 index ec755f48a..000000000 --- a/scripts/test-containers.sh +++ /dev/null @@ -1,48 +0,0 @@ -# Clean up the CLI version for dev builds, since they aren't valid tag names. -# #!/bin/bash -# -# Builds the Pulumi docker containers locally. Optionally running tests or -# publishing to a container registry. -# -# Usage: build-docker cli-version [--test] [--publish] -set -o nounset -set -o errexit -set -o pipefail - -readonly SCRIPT_DIR="$( cd "$( dirname "${0}" )" && pwd )" -readonly ROOT=${SCRIPT_DIR}/.. - -if [ -z "${1:-}" ]; then - >&2 echo "error: missing version to publish" - exit 1 -fi - -# Sanitize the name of the version, e.g. -# "v1.14.0-alpha.1586190504+gf4e9f7e2" -> "v1.14.0-alpha.1586190504". -readonly CLI_VERSION="$(echo "${1}" | sed 's/\+.*//g')" - -echo_header() { - echo -e "\n\033[0;35m${1}\033[0m" -} - -echo_header "Building local copy of Pulumi containers (${CLI_VERSION})" -echo "- Building pulumi/pulumi" -docker build --build-arg PULUMI_VERSION="${CLI_VERSION}" \ - -t "pulumi/pulumi:${CLI_VERSION}" \ - -t "pulumi/pulumi:latest" \ - "${SCRIPT_DIR}/../docker/pulumi" -echo_header "Executing container runtime tests" - -# Run the container tests, note that we also build the binaries into /tmp for the next step. -pushd ${ROOT}/tests -GOOS=linux go test -c -o /tmp/pulumi-test-containers ./containers/... -popd - -# Run tests _within_ the "pulumi" container, ensuring that the CLI is installed -# and working correctly. -docker run -e RUN_CONTAINER_TESTS=true \ - -e PULUMI_ACCESS_TOKEN=${PULUMI_ACCESS_TOKEN} \ - --volume /tmp:/src \ - --entrypoint /bin/bash \ - pulumi/pulumi:latest \ - -c "pip install pipenv && /src/pulumi-test-containers -test.parallel=1 -test.timeout=1h -test.v -test.run TestPulumiDockerImage" diff --git a/tests/containers/containers_test.go b/tests/containers/containers_test.go deleted file mode 100644 index f0e012654..000000000 --- a/tests/containers/containers_test.go +++ /dev/null @@ -1,68 +0,0 @@ -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package containers - -import ( - "fmt" - "os" - "testing" - "time" - - "github.com/pulumi/pulumi/pkg/v3/testing/integration" - ptesting "github.com/pulumi/pulumi/sdk/v3/go/common/testing" -) - -// TestPulumiDockerImage simulates building and running Pulumi programs on the pulumi/pulumi Docker image. -// -// NOTE: This test is intended to be run inside the aforementioned container, unlike the actions test below. -func TestPulumiDockerImage(t *testing.T) { - const stackOwner = "moolumi" - - if os.Getenv("RUN_CONTAINER_TESTS") == "" { - t.Skip("Skipping container runtime tests because RUN_CONTAINER_TESTS not set.") - } - - // Confirm we have credentials. - if os.Getenv("PULUMI_ACCESS_TOKEN") == "" { - t.Fatal("PULUMI_ACCESS_TOKEN not found, aborting tests.") - } - - base := integration.ProgramTestOptions{ - Tracing: "https://tracing.pulumi-engineering.com/collector/api/v1/spans", - ExpectRefreshChanges: true, - Quick: true, - SkipRefresh: true, - NoParallel: true, // we mark tests as Parallel manually when instantiating - } - - for _, template := range []string{"csharp", "python", "typescript"} { - t.Run(template, func(t *testing.T) { - t.Parallel() - - e := ptesting.NewEnvironment(t) - defer func() { - e.RunCommand("pulumi", "stack", "rm", "--force", "--yes") - e.DeleteEnvironment() - }() - - stackName := fmt.Sprintf("%s/container-%s-%x", stackOwner, template, time.Now().UnixNano()) - e.RunCommand("pulumi", "new", template, "-y", "-f", "-s", stackName) - - example := base.With(integration.ProgramTestOptions{ - Dir: e.RootPath, - }) - - integration.ProgramTest(t, &example) - }) - } -} diff --git a/tests/containers/dotnet/.gitignore b/tests/containers/dotnet/.gitignore deleted file mode 100644 index e64527066..000000000 --- a/tests/containers/dotnet/.gitignore +++ /dev/null @@ -1,353 +0,0 @@ -## Ignore Visual Studio temporary files, build results, and -## files generated by popular Visual Studio add-ons. -## -## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore - -# User-specific files -*.rsuser -*.suo -*.user -*.userosscache -*.sln.docstates - -# User-specific files (MonoDevelop/Xamarin Studio) -*.userprefs - -# Mono auto generated files -mono_crash.* - -# Build results -[Dd]ebug/ -[Dd]ebugPublic/ -[Rr]elease/ -[Rr]eleases/ -x64/ -x86/ -[Aa][Rr][Mm]/ -[Aa][Rr][Mm]64/ -bld/ -[Bb]in/ -[Oo]bj/ -[Ll]og/ -[Ll]ogs/ - -# Visual Studio 2015/2017 cache/options directory -.vs/ -# Uncomment if you have tasks that create the project's static files in wwwroot -#wwwroot/ - -# Visual Studio 2017 auto generated files -Generated\ Files/ - -# MSTest test Results -[Tt]est[Rr]esult*/ -[Bb]uild[Ll]og.* - -# NUnit -*.VisualState.xml -TestResult.xml -nunit-*.xml - -# Build Results of an ATL Project -[Dd]ebugPS/ -[Rr]eleasePS/ -dlldata.c - -# Benchmark Results -BenchmarkDotNet.Artifacts/ - -# .NET Core -project.lock.json -project.fragment.lock.json -artifacts/ - -# StyleCop -StyleCopReport.xml - -# Files built by Visual Studio -*_i.c -*_p.c -*_h.h -*.ilk -*.meta -*.obj -*.iobj -*.pch -*.pdb -*.ipdb -*.pgc -*.pgd -*.rsp -*.sbr -*.tlb -*.tli -*.tlh -*.tmp -*.tmp_proj -*_wpftmp.csproj -*.log -*.vspscc -*.vssscc -.builds -*.pidb -*.svclog -*.scc - -# Chutzpah Test files -_Chutzpah* - -# Visual C++ cache files -ipch/ -*.aps -*.ncb -*.opendb -*.opensdf -*.sdf -*.cachefile -*.VC.db -*.VC.VC.opendb - -# Visual Studio profiler -*.psess -*.vsp -*.vspx -*.sap - -# Visual Studio Trace Files -*.e2e - -# TFS 2012 Local Workspace -$tf/ - -# Guidance Automation Toolkit -*.gpState - -# ReSharper is a .NET coding add-in -_ReSharper*/ -*.[Rr]e[Ss]harper -*.DotSettings.user - -# JustCode is a .NET coding add-in -.JustCode - -# TeamCity is a build add-in -_TeamCity* - -# DotCover is a Code Coverage Tool -*.dotCover - -# AxoCover is a Code Coverage Tool -.axoCover/* -!.axoCover/settings.json - -# Visual Studio code coverage results -*.coverage -*.coveragexml - -# NCrunch -_NCrunch_* -.*crunch*.local.xml -nCrunchTemp_* - -# MightyMoose -*.mm.* -AutoTest.Net/ - -# Web workbench (sass) -.sass-cache/ - -# Installshield output folder -[Ee]xpress/ - -# DocProject is a documentation generator add-in -DocProject/buildhelp/ -DocProject/Help/*.HxT -DocProject/Help/*.HxC -DocProject/Help/*.hhc -DocProject/Help/*.hhk -DocProject/Help/*.hhp -DocProject/Help/Html2 -DocProject/Help/html - -# Click-Once directory -publish/ - -# Publish Web Output -*.[Pp]ublish.xml -*.azurePubxml -# Note: Comment the next line if you want to checkin your web deploy settings, -# but database connection strings (with potential passwords) will be unencrypted -*.pubxml -*.publishproj - -# Microsoft Azure Web App publish settings. Comment the next line if you want to -# checkin your Azure Web App publish settings, but sensitive information contained -# in these scripts will be unencrypted -PublishScripts/ - -# NuGet Packages -*.nupkg -# NuGet Symbol Packages -*.snupkg -# The packages folder can be ignored because of Package Restore -**/[Pp]ackages/* -# except build/, which is used as an MSBuild target. -!**/[Pp]ackages/build/ -# Uncomment if necessary however generally it will be regenerated when needed -#!**/[Pp]ackages/repositories.config -# NuGet v3's project.json files produces more ignorable files -*.nuget.props -*.nuget.targets - -# Microsoft Azure Build Output -csx/ -*.build.csdef - -# Microsoft Azure Emulator -ecf/ -rcf/ - -# Windows Store app package directories and files -AppPackages/ -BundleArtifacts/ -Package.StoreAssociation.xml -_pkginfo.txt -*.appx -*.appxbundle -*.appxupload - -# Visual Studio cache files -# files ending in .cache can be ignored -*.[Cc]ache -# but keep track of directories ending in .cache -!?*.[Cc]ache/ - -# Others -ClientBin/ -~$* -*~ -*.dbmdl -*.dbproj.schemaview -*.jfm -*.pfx -*.publishsettings -orleans.codegen.cs - -# Including strong name files can present a security risk -# (https://github.com/github/gitignore/pull/2483#issue-259490424) -#*.snk - -# Since there are multiple workflows, uncomment next line to ignore bower_components -# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) -#bower_components/ - -# RIA/Silverlight projects -Generated_Code/ - -# Backup & report files from converting an old project file -# to a newer Visual Studio version. Backup files are not needed, -# because we have git ;-) -_UpgradeReport_Files/ -Backup*/ -UpgradeLog*.XML -UpgradeLog*.htm -ServiceFabricBackup/ -*.rptproj.bak - -# SQL Server files -*.mdf -*.ldf -*.ndf - -# Business Intelligence projects -*.rdl.data -*.bim.layout -*.bim_*.settings -*.rptproj.rsuser -*- [Bb]ackup.rdl -*- [Bb]ackup ([0-9]).rdl -*- [Bb]ackup ([0-9][0-9]).rdl - -# Microsoft Fakes -FakesAssemblies/ - -# GhostDoc plugin setting file -*.GhostDoc.xml - -# Node.js Tools for Visual Studio -.ntvs_analysis.dat -node_modules/ - -# Visual Studio 6 build log -*.plg - -# Visual Studio 6 workspace options file -*.opt - -# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) -*.vbw - -# Visual Studio LightSwitch build output -**/*.HTMLClient/GeneratedArtifacts -**/*.DesktopClient/GeneratedArtifacts -**/*.DesktopClient/ModelManifest.xml -**/*.Server/GeneratedArtifacts -**/*.Server/ModelManifest.xml -_Pvt_Extensions - -# Paket dependency manager -.paket/paket.exe -paket-files/ - -# FAKE - F# Make -.fake/ - -# CodeRush personal settings -.cr/personal - -# Python Tools for Visual Studio (PTVS) -__pycache__/ -*.pyc - -# Cake - Uncomment if you are using it -# tools/** -# !tools/packages.config - -# Tabs Studio -*.tss - -# Telerik's JustMock configuration file -*.jmconfig - -# BizTalk build output -*.btp.cs -*.btm.cs -*.odx.cs -*.xsd.cs - -# OpenCover UI analysis results -OpenCover/ - -# Azure Stream Analytics local run output -ASALocalRun/ - -# MSBuild Binary and Structured Log -*.binlog - -# NVidia Nsight GPU debugger configuration file -*.nvuser - -# MFractors (Xamarin productivity tool) working folder -.mfractor/ - -# Local History for Visual Studio -.localhistory/ - -# BeatPulse healthcheck temp database -healthchecksdb - -# Backup folder for Package Reference Convert tool in Visual Studio 2017 -MigrationBackup/ - -# Ionide (cross platform F# VS Code tools) working folder -.ionide/ diff --git a/tests/containers/dotnet/Infra.fsproj b/tests/containers/dotnet/Infra.fsproj deleted file mode 100644 index e7d7bd6fe..000000000 --- a/tests/containers/dotnet/Infra.fsproj +++ /dev/null @@ -1,13 +0,0 @@ - - - Exe - netcoreapp3.1 - enable - - - - - - - - diff --git a/tests/containers/dotnet/Program.fs b/tests/containers/dotnet/Program.fs deleted file mode 100644 index 863e39b60..000000000 --- a/tests/containers/dotnet/Program.fs +++ /dev/null @@ -1,16 +0,0 @@ -module Program - -open System -open Pulumi.FSharp - -let infra () = - let config = new Pulumi.Config() - let runtime = config.Get("runtime") - Console.WriteLine("Hello from {0}", runtime) - - // Stack outputs - dict [] - -[] -let main _ = - Deployment.run infra diff --git a/tests/containers/dotnet/Pulumi.yaml b/tests/containers/dotnet/Pulumi.yaml deleted file mode 100644 index 9e4f61159..000000000 --- a/tests/containers/dotnet/Pulumi.yaml +++ /dev/null @@ -1,3 +0,0 @@ -name: trivial-dotnet -runtime: dotnet -description: A trivial Pulumi program for .NET diff --git a/tests/containers/nodejs/.gitignore b/tests/containers/nodejs/.gitignore deleted file mode 100644 index 2ccbe4656..000000000 --- a/tests/containers/nodejs/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/node_modules/ diff --git a/tests/containers/nodejs/Pulumi.yaml b/tests/containers/nodejs/Pulumi.yaml deleted file mode 100644 index 724544943..000000000 --- a/tests/containers/nodejs/Pulumi.yaml +++ /dev/null @@ -1,3 +0,0 @@ -name: trivial-nodejs -runtime: nodejs -description: A trivial Pulumi program for Node diff --git a/tests/containers/nodejs/index.js b/tests/containers/nodejs/index.js deleted file mode 100644 index 567394161..000000000 --- a/tests/containers/nodejs/index.js +++ /dev/null @@ -1,4 +0,0 @@ -"use strict"; -const pulumi = require("@pulumi/pulumi"); -const config = new pulumi.Config(); -console.log("Hello from", config.require("runtime")); diff --git a/tests/containers/nodejs/package.json b/tests/containers/nodejs/package.json deleted file mode 100644 index d0b82114d..000000000 --- a/tests/containers/nodejs/package.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "name": "javascript", - "main": "index.js", - "dependencies": { - "@pulumi/pulumi": "^1.0.0" - } -} diff --git a/tests/containers/python/.gitignore b/tests/containers/python/.gitignore deleted file mode 100644 index a3807e5bd..000000000 --- a/tests/containers/python/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*.pyc -venv/ diff --git a/tests/containers/python/Pulumi.yaml b/tests/containers/python/Pulumi.yaml deleted file mode 100644 index c04c23ad3..000000000 --- a/tests/containers/python/Pulumi.yaml +++ /dev/null @@ -1,3 +0,0 @@ -name: trivial-python -runtime: python -description: A trivial Pulumi program for Python diff --git a/tests/containers/python/__main__.py b/tests/containers/python/__main__.py deleted file mode 100644 index 8329c9b72..000000000 --- a/tests/containers/python/__main__.py +++ /dev/null @@ -1,4 +0,0 @@ -import pulumi - -config = pulumi.Config() -print("Hello from %s" % (config.require("runtime"))) diff --git a/tests/containers/python/requirements.txt b/tests/containers/python/requirements.txt deleted file mode 100644 index 00815307a..000000000 --- a/tests/containers/python/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -pulumi>=1.0.0 diff --git a/tests/containers/python_venv/.gitignore b/tests/containers/python_venv/.gitignore deleted file mode 100644 index a3807e5bd..000000000 --- a/tests/containers/python_venv/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*.pyc -venv/ diff --git a/tests/containers/python_venv/Pulumi.yaml b/tests/containers/python_venv/Pulumi.yaml deleted file mode 100644 index 314b546b5..000000000 --- a/tests/containers/python_venv/Pulumi.yaml +++ /dev/null @@ -1,6 +0,0 @@ -name: trivial-python -description: A trivial Pulumi program for Python that has virtualenv set -runtime: - name: python - options: - virtualenv: venv diff --git a/tests/containers/python_venv/__main__.py b/tests/containers/python_venv/__main__.py deleted file mode 100644 index 8329c9b72..000000000 --- a/tests/containers/python_venv/__main__.py +++ /dev/null @@ -1,4 +0,0 @@ -import pulumi - -config = pulumi.Config() -print("Hello from %s" % (config.require("runtime"))) diff --git a/tests/containers/python_venv/requirements.txt b/tests/containers/python_venv/requirements.txt deleted file mode 100644 index 00815307a..000000000 --- a/tests/containers/python_venv/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -pulumi>=1.0.0