/dockerfiles

🐳 Collection of dockerfiles and automated docker hub builds

Primary LanguageDockerfileMIT LicenseMIT

dockerfiles

This is a collection of Dockerfiles maintained by the Kiwi.com Platform Team.

You can use ./release to build and publish new versions of the images.

Some of them are also configured to be built automatically by Docker Hub for the :latest tag, but this is not that reliable so we recommend manually publishing versions from your dev machine.

kiwicom/ansible

  • Base image python:3.6-alpine3.7
  • Packages: CA certificates, ansible

We use this in CI to run Ansible playbooks.

kiwicom/aws-cli

  • Base image: python:3.7-alpine3.8
  • Packages: python awscli

We use this to use AWS cli from Docker.

kiwicom/black

  • Base image: python:3.7-alpine
  • Packages: black

Image used to format python code using pre-commit hooks and to check if all the files are correctly formatted on CI.

pre-commit hook example:

- repo: local
  hooks:
    - id: black
      name: black-code-formatter
      language: docker_image
      entry: --entrypoint black kiwicom/black:18.9b0
      types: [python]

GitLab CI example:

code-format:
  stage: build
  image: kiwicom/black:18.9b0
  script:
    - black --check .

CLI usage example:

docker run -ti -v "$(pwd)":/src -v "$(pwd)/.blackcache":/home/black/.cache --workdir=/src kiwicom/black:18.9b0 black .

kiwicom/curl

  • Base image: alpine:3.6
  • Packages: curl, jq, ca-certificates

We use this mostly in our GitLab CI or otherwise automated tasks. It's useful when the task is about making or parsing HTTPS requests.

kiwicom/cypress-cli

  • Base image: node:8-slim
  • Packages: npm's cypress-cli and dependencies from apt

This is a container with cypress.io we use to automate our frontend tests.

kiwicom/detekt

  • Base image: zenika/kotlin:1.3-jdk12-alpine
  • Packages: detekt

Image used to perform static code analysis of Kotlin code we use on CI.

Usage example:

docker run -ti -v "$(pwd)":/src --workdir=/src kiwicom/detekt:1.0.0rc14 detekt --input .

GitLab CI example:

detekt:
  stage: build
  image: kiwicom/detekt:1.0.0rc14
  script:
    - detekt --input . --report xml:gl-detekt-report.xml
  artifacts:
    paths:
    - gl-detekt-report.xml

kiwicom/dgoss

  • Base image: docker:18.02
  • Packages: goss and dgoss

goss is a tool for quick and easy server validation.

We use in CI to to start a container and test if it responds on a certain endpoint.

.misc/goss/goss.yaml example

http:
  http://localhost/ping:
    status: 200
    timeout: 100  # milliseconds
    body:
      - pong

.gitlab-ci.yml example

goss:
  image: kiwicom/dgoss
  variables:
    GOSS_FILES_PATH: .misc/goss
    GOSS_FILES_STRATEGY: cp
  script:
    - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA && dgoss run $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA

kiwicom/docker-cleanup

  • Base image: alpine:3.5
  • Packages: docker, curl, Spotify's docker-gc, and a script to remove dangling volumes.

We use this to cleanup docker garbage. It removes more garbage than docker system prune. Mostly for dev machines purposes.

Usage is docker run -v/var/run/docker.sock:/var/run/docker.sock kiwicom/docker-cleanup

kiwicom/docker-cron

  • Base image: docker:1.12
  • Packages: tini

This image runs crond in the foreground

It takes a CRONTAB environment variable such as 37 13 * * * * echo hi, to print hi everyday at 13:37 UTC.

kiwicom/docker-gc-cron

This is a copy of clockworksoul's docker-gc-cron, which is maintained in our GitHub repo for security.

Requires the /var/run/docker.sock socket mounted.

kiwicom/elasticsearch-icu

  • Base image: docker.elastic.co/elasticsearch/elasticsearch:5.2.2
  • Packages: ElasticSearch's analysis-icu

We use this for integration tests in CI, as a GitLab CI service.

kiwicom/flow

  • Base image: alpine:3.6
  • Packages: facebook's flow, and its dependencies

We use this in CI to check JavaScript code's type correctness, mounting code to /app and running flow check --show-all-errors.

kiwicom/gitlab-datadog-agent

  • Base image: datadog/agent:6.3.3

A Datadog Agent image that collects metrics exposed by GitLab and GitLab CI.

kiwicom/gitlab-pipeline-checker

  • Base image: alpine:3.9

A simple script for checking (and waiting for) pipeline status of a Project's commit.

CLI usage example:

docker run -t -e GITLAB_API_TOKEN=<token> kiwicom/gitlab-pipeline-checker wait_for_pipeline <project/name> <commit-sha>

Gitlab CI example:

check_pipeline:
  stage: test
  image: kiwicom/gitlab-pipeline-checker
  script:
    - wait_for_pipeline project/name $(cat remote-build/commit-sha)

Note that the GITLAB_API_TOKEN variable can be configured in Settings > CI/CD.

kiwicom/mypy

  • Base image: python:3.7-alpine
  • Packages: mypy

Image used to type-check python code using pre-commit hooks and in CI.

pre-commit hook example:

- repo: local
  hooks:
    - id: mypy
      name: mypy-type-checks
      language: docker_image
      entry: --entrypoint mypy kiwicom/mypy
      types: [python]

GitLab CI example:

type-checks:
  stage: build
  image: kiwicom/mypy
  script:
    - mypy -p kw

CLI usage example:

docker run -ti -v "$(pwd)":/src --workdir=/src kiwicom/mypy mypy -p kw

kiwicom/markdownlint

Image used to perform static code analysis of Markdown files we use on CI.

Usage example:

docker run -ti -v "$(pwd)":/src --workdir=/src kiwicom/markdownlint:0.15.0 markdownlint .

GitLab CI example:

markdownlint:
  stage: build
  image: kiwicom/markdownlint:0.15.0
  script:
    - markdownlint .

kiwicom/nginx-301-https

  • Base image: nginx:alpine

We use this to redirect http to https in Rancher.

kiwicom/nodesecurity

  • Base image: node:9-alpine
  • Packages: npm nsm

We use this in CI to check security issues of Node.js dependencies.

kiwicom/oauth2-proxy

  • Base image: buildpack-deps:jessie-curl

We use this as reverse proxy that provides authentication with Gitlab or other provider.

Source: https://github.com/chauffer/dockerfiles/tree/master/oauth2-proxy

kiwicom/pre-commit

  • Base image: python:3.7-alpine
  • packages: git npm bash build-base pre-commit

We use this image to run our pre-commit hooks in CI

kiwicom/python-rancher-compose

  • Base image: python:3.6-alpine
  • Packages: rancher-compose, CA certificates

We use this mostly to programmatically create stacks in Rancher.

kiwicom/s3-sftp

  • Base image: alpine:3.5
  • Packages: OpenSSH server, s3fs 1.82 and dependencies

This is a pretty cool image. ⛄ It's a containerized SFTP server with S3 as a backend for storage.

Check the entrypoint file to see how it works.

kiwicom/s3cmd-plus-docker

  • Base image: python:2-alpine
  • Packages: docker from apk, python s3cmd

We use this to copy static files from Docker images and put them onto S3 which serves them.

kiwicom/s3cmd

  • Base image: python:2-alpine

Like above, but no docker.

kiwicom/s4cmd-plus-docker

Like above, but s4cmd instead of s3cmd

kiwicom/sentry

Our own sentry image. With GitLab SSO support

kiwicom/sls

Docker image for Serverless deployment to GCP/AWS.

Gitlab CI example:

deploy:
  stage: deploy
  image: kiwicom/sls:latest
  script:
    - echo $GCLOUD_CREDENTIALS > credentials.json
    - npm install
    - serverless deploy -v

kiwicom/sonarqube

  • Base image: openjdk:8-alpine
  • Packages: sonarqube-developer

Because of the bug SONAR-9384 we were experiencing many problems in our CI pipelines so we needed to upgrade our Sonarqube docker image. As Sonarqube doesn't offer a docker image for 7.2 we decided to build our own.

The usage is the same as with the official image

kiwicom/sonar-scanner

  • Base image: openjdk:8-jre-alpine
  • Packages: sonar-scanner

We use this to scan code for SonarQube. It assumes it's running on GitLab CI.

Usage: $ scan list,of,dirs or $ preview list,of,dirs for preview mode. Requires setting SONARQUBE_URL

kiwicom/tox

  • Base image alpine:3.8
  • Packages: tox, pyenv and its dependencies

Image that allows running tox tests on multiple python versions.

kiwicom/jackalope

  • Base image ubuntu:16.04

Used for JAMF audit log in slack.