docker-azure-pipelines-dockercli/Dockerfile at develop · swissgrc/docker-azure-pipelines-dockercli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# Base image containing dependencies used in builder and final image
FROM debian:13.4-slim AS base

# Make sure to fail due to an error at any stage in shell pipes
SHELL ["/bin/bash", "-o", "pipefail", "-c"]

# renovate: datasource=repology depName=debian_13/ca-certificates versioning=loose
ENV CACERTIFICATES_VERSION=20250419

RUN apt-get update -y && \
  # Install necessary dependencies
  apt-get install -y --no-install-recommends ca-certificates=${CACERTIFICATES_VERSION} && \
  # Clean up
  apt-get clean && \
  rm -rf /var/lib/apt/lists/*


# Builder image
FROM base AS build

# Make sure to fail due to an error at any stage in shell pipes
SHELL ["/bin/bash", "-o", "pipefail", "-c"]

# renovate: datasource=repology depName=debian_13/curl versioning=deb
ENV CURL_VERSION=8.14.1-2+deb13u2
# renovate: datasource=repology depName=debian_13/lsb-release versioning=deb
ENV LSBRELEASE_VERSION=12.1-1
# renovate: datasource=repology depName=debian_13/gnupg2 versioning=deb
ENV GNUPG_VERSION=2.4.7-21+deb13u1

RUN apt-get update -y && \
  # Install necessary dependencies
  apt-get install -y --no-install-recommends \
    curl=${CURL_VERSION} \
    gnupg=${GNUPG_VERSION} \
    lsb-release=${LSBRELEASE_VERSION} && \
  # Add Dockers public key
  mkdir -p /etc/apt/keyrings && \
  curl --proto "=https" -fsSL https://download.docker.com/linux/debian/gpg \
    | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \
  # Add Dockers APT repository to the list of sources
  echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" \
    | tee /etc/apt/sources.list.d/docker.list \
    > /dev/null && \
  rm -rf /tmp/*

# Final image
FROM base AS final

LABEL org.opencontainers.image.vendor="Swiss GRC AG"
LABEL org.opencontainers.image.authors="Swiss GRC AG <opensource@swissgrc.com>"
LABEL org.opencontainers.image.title="azure-pipelines-dockercli"
LABEL org.opencontainers.image.documentation="https://github.com/swissgrc/docker-azure-pipelines-dockercli"

# Make sure to fail due to an error at any stage in shell pipes
SHELL ["/bin/bash", "-o", "pipefail", "-c"]

WORKDIR /
# Copy Docker keyring
COPY --from=build /etc/apt/keyrings/ /etc/apt/keyrings
COPY --from=build /etc/apt/sources.list.d/ /etc/apt/sources.list.d

# Install Docker CLI

# renovate: datasource=github-tags depName=docker/cli extractVersion=^v(?<version>.*)$
ENV DOCKERCLI_VERSION=29.4.0
# renovate: datasource=github-tags depName=docker/buildx extractVersion=^v(?<version>.*)$
ENV DOCKERBUILDX_VERSION=0.33.0
# renovate: datasource=github-tags depName=docker/compose extractVersion=^v(?<version>.*)$
ENV DOCKERCOMPOSE_VERSION=5.1.3

RUN apt-get update -y && \
  # Install Docker CLI
  apt-get install -y --no-install-recommends \
    docker-buildx-plugin=${DOCKERBUILDX_VERSION}-1~debian.13~trixie \
    docker-ce-cli=5:${DOCKERCLI_VERSION}-1~debian.13~trixie \
    docker-compose-plugin=${DOCKERCOMPOSE_VERSION}-1~debian.13~trixie && \
  # Clean up
  apt-get clean && \
  rm -rf /var/lib/apt/lists/* && \
  # Smoke test
  docker --version && \
  docker buildx version && \
  docker compose version

# Add Docker plugins to path
ENV PATH="$PATH:/usr/libexec/docker/cli-plugins"
# Smoke test
RUN echo "$PATH" && \
  docker-buildx version && \
  docker-compose version