Merge pull request #7 from wilma-digital/main

mautz-et-tong · web-flow · commit 09fefac598dc · 2025-08-29T17:47:39.000+02:00
[INFRA] add trixie to stack
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        version: [ 'bullseye', 'bookworm' ]
+        version: [ 'bullseye', 'bookworm', 'trixie']
     steps:
       - name: Checkout
         uses: actions/checkout@v4
diff --git a/.github/workflows/schedule.yml b/.github/workflows/schedule.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        version: [ 'bullseye', 'bookworm' ]
+        version: [ 'bullseye', 'bookworm', 'trixie' ]
     steps:
       - name: Checkout
         uses: actions/checkout@v4
diff --git a/src/trixie/src/Dockerfile b/src/trixie/src/Dockerfile
@@ -0,0 +1,26 @@
+FROM debian:trixie-slim
+
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+ENV BASH_ENV=/etc/profile \
+    DEBIAN_FRONTEND=noninteractive \
+    PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+WORKDIR /tmp/
+
+ARG CONTAINER_RUNTIME_REQUIREMENTS="less procps netcat ca-certificates iputils-ping iproute2 unzip"
+ARG CONTAINER_RUNTIME_REQUIREMENTS_EXTRA=""
+ARG CONTAINER_BUILD_REQUIREMENTS=""
+ARG CONTAINER_BUILD_REQUIREMENTS_EXTRA=""
+
+COPY root /
+
+# hadolint ignore=DL3008,DL3015
+RUN set -Eeu; \
+    chmod 755 /usr/local/bin/{docker-layer-clean,docker-install-requirements,docker-package-download}; \
+    echo "APT::Install-Recommends \"false\";" > /etc/apt/apt.conf.d/docker-disable-recommends; \
+    echo "export PATH=\"${PATH}\"" > /etc/environment; \
+    mkdir -p /usr/share/man/man1; \
+    mkdir -p /usr/share/man/man7; \
+    /usr/local/bin/docker-install-requirements; \
+    sed -i '/^mozilla\/DST_Root_CA_X3/s/^/!/' /etc/ca-certificates.conf; \
+    update-ca-certificates -f; \
+    /usr/local/bin/docker-layer-clean
diff --git a/src/trixie/src/root/usr/local/bin/docker-install-requirements b/src/trixie/src/root/usr/local/bin/docker-install-requirements
@@ -0,0 +1,58 @@
+#!/usr/bin/env bash
+
+set -o errexit  # Exit script when a command exits with non-zero status
+set -o errtrace # Exit on error inside any functions or sub-shells
+set -o nounset  # Exit script on use of an undefined variable
+set -o pipefail # Return exit status of the last command in the pipe that failed
+
+# ------------------------------------------------------------------------------
+# Displays a status message
+#
+# Arguments:
+#   $* Status message to display
+# Returns:
+#   Exit code
+# ------------------------------------------------------------------------------
+display_status_message() {
+  local status=$*
+
+  echo "-----> ${status}"
+}
+
+# ------------------------------------------------------------------------------
+# get apt package requirements from env vars
+#
+# Arguments:
+#   $1 Filter prefix
+#   $2 BUILD or Runtime
+# Returns:
+#   string
+# ------------------------------------------------------------------------------
+get_requirements() {
+  #printf "'%s'='%s'\n" "$n" "$v"
+  while IFS='=' read -r -d '' n v; do
+    if [[ "$n" == "${1^^}_${2^^}_REQUIREMENTS"* ]]; then
+        echo "${v}"
+    fi
+  done < <(env -0)
+}
+
+apt-get update -y || true
+
+display_status_message "Installing runtime requirements"
+for REQUIREMENT in $(get_requirements "${1:-container}" "runtime"); do
+    apt-get install -y "${REQUIREMENT}"
+done
+
+display_status_message "Installing build requirements"
+for REQUIREMENT in $(get_requirements "${1:-container}"  "build"); do
+    if ! dpkg -l | grep -P "^ii(?:[\s]{2})${REQUIREMENT//=*}(:?\:.*)?(?:[\s]+).*(?:all|amd64).*$" > /dev/null 2>&1; then
+        apt-get install -y "${REQUIREMENT}"
+        apt-mark auto "${REQUIREMENT}"
+    else
+        echo "Package ${REQUIREMENT} already installed skipping automatic remove during cleanup."
+        apt-get install -y "${REQUIREMENT}"
+    fi
+done
+apt-get update -y || true
+display_status_message "Installing container requirements finished"
diff --git a/src/trixie/src/root/usr/local/bin/docker-layer-clean b/src/trixie/src/root/usr/local/bin/docker-layer-clean
@@ -0,0 +1,179 @@
+#!/usr/bin/env bash
+
+set -o errexit  # Exit script when a command exits with non-zero status
+set -o errtrace # Exit on error inside any functions or sub-shells
+set -o nounset  # Exit script on use of an undefined variable
+set -o pipefail # Return exit status of the last command in the pipe that failed
+
+readonly EX_OK=0                # Successful termination
+readonly EX_UNKNOWN=1           # Unknown error occured
+
+declare CLEANUP_LOG_FILES=true
+declare CLEANUP_TMP_FOLDERS=true
+declare CLEANUP_APT=true
+declare CLEANUP_PIP=true
+
+# ------------------------------------------------------------------------------
+# Displays a error message and is able to terminate te script execution
+#
+# Arguments:
+#   $1 Error message
+#   $2 Exit code, script will continue execution when omitted
+# Returns:
+#   None
+# ------------------------------------------------------------------------------
+display_error_message() {
+  local status=${1}
+  local exitcode=${2:-0}
+
+  echo >&2
+  echo " !     ERROR: ${status}"
+  echo >&2
+
+  if [[ ${exitcode} -ne 0 ]]; then
+    exit "${exitcode}"
+  fi
+}
+
+# ------------------------------------------------------------------------------
+# Displays a notice
+#
+# Arguments:
+#   $* Notice message to display
+# Returns:
+#   Exit code
+# ------------------------------------------------------------------------------
+display_notice_message() {
+  local status=$*
+
+  echo
+  echo "NOTICE: ${status}"
+  echo
+}
+
+# ------------------------------------------------------------------------------
+# Displays a status message
+#
+# Arguments:
+#   $* Status message to display
+# Returns:
+#   Exit code
+# ------------------------------------------------------------------------------
+display_status_message() {
+  local status=$*
+
+  echo "-----> ${status}"
+}
+
+# ------------------------------------------------------------------------------
+# Docker build the image
+#
+# Arguments:
+#   None
+# Returns:
+#   Exit code
+# ------------------------------------------------------------------------------
+docker_clean() {
+    display_status_message "Running Docker clean"
+
+    cd /
+
+    if [[ "${CLEANUP_LOG_FILES}" = true ]]; then
+        find /var/log -type f -print0 | xargs -0 truncate -s0
+    fi
+
+    if [[ "${CLEANUP_APT}" = true ]]; then
+        apt-get autoremove --purge --yes --quiet;
+        apt-get clean -y
+    fi
+
+    if [[ "${CLEANUP_PIP}" = true && -d "${HOME}/.cache/pip" ]]; then
+        rm -rf "${HOME}/.cache/pip"
+    fi
+
+    if [[ "${CLEANUP_TMP_FOLDERS}" = true ]]; then
+        find /tmp/ -mindepth 1 -maxdepth 1 -exec rm -rf {} +
+        find /var/tmp/ -mindepth 1 -maxdepth 1 -exec rm -rf {} +
+    fi
+
+    rm -rf /var/lib/apt/lists/*
+    rm -rf /usr/share/doc/*
+    rm -rf /usr/share/groff/*
+    rm -rf /usr/share/info/*
+    rm -rf /usr/share/linda/*
+    rm -rf /usr/share/lintian/*
+    rm -rf /usr/share/man/*/*
+
+    display_status_message 'Docker clean finished'
+
+    return "${EX_OK}"
+}
+
+display_help () {
+    local exit_code=${1:-${EX_OK}}
+    local status=${2:-}
+
+    [[ -n "${status}" ]] && display_error_message "${status}"
+
+    cat << EOF
+Usage: /usr/local/bin/docker-layer-clean [options]
+Options:
+    -h, Display this help and exit.
+    -l, Do not truncate logfiles
+    -p, Do not remove *-dev packages
+    -a, Do not cleanup apt
+    -t, Do not cleanup tmp folders
+    -p, Do not cleanup python pip cache
+EOF
+
+    exit "${exit_code}"
+}
+
+parse_cli_arguments() {
+    local OPTIND o
+    while getopts ":hlpat" o; do
+        case "${o}" in
+            l)
+                CLEANUP_LOG_FILES=false
+                ;;
+            t)
+                CLEANUP_TMP_FOLDERS=false
+                ;;
+            a)
+                CLEANUP_APT=false
+                ;;
+            p)
+                CLEANUP_PIP=false
+                ;;
+            h)
+                display_help "${EX_OK}"
+                ;;
+            :)
+                display_help "${EX_UNKNOWN}" "Option -${OPTARG} requires an argument";
+            ;;
+            \?)
+                display_help "${EX_UNKNOWN}" "Invalid option: -${OPTARG}";
+            ;;
+            *)
+                display_help "${EX_UNKNOWN}" "Missing required arguments.";
+                ;;
+        esac
+    done
+    shift $((OPTIND-1))
+}
+
+# ==============================================================================
+# RUN LOGIC
+# ------------------------------------------------------------------------------
+main() {
+    # Parse input
+    parse_cli_arguments "$@"
+    docker_clean
+    exit "${EX_OK}"
+}
+
+# Bootstrap
+if [[ "${BASH_SOURCE[0]}" = "${0}" ]]; then
+    # Direct call to file
+    main "$@"
+fi  # Else file is included from another script
diff --git a/src/trixie/src/root/usr/local/bin/docker-package-download b/src/trixie/src/root/usr/local/bin/docker-package-download
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+set -e
+curl --connect-timeout 5 --max-time 10 --retry 5 --retry-delay 0 --retry-max-time 40 -s -S -L "$@"

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+#!/usr/bin/env bash`
	`2`	`+set -e`
	`3`	`+curl --connect-timeout 5 --max-time 10 --retry 5 --retry-delay 0 --retry-max-time 40 -s -S -L "$@"`