From e9c6cb0419cac00a4928ba1e0ad9e8d9b6c9f02d Mon Sep 17 00:00:00 2001
From: "Manoj Alva(ma257n)" <ma257n@att.com>
Date: Fri, 4 Jun 2021 07:29:05 +0000
Subject: [PATCH] Support for minideb based image with gnutls package

This image could be used for TLS cert creation using
certtool.

Change-Id: Iaffcb1497fbf0f8ce24a25b38564854b9ad61083
---
 gnu-tls/Dockerfile |  19 ++++++++
 gnu-tls/Makefile   | 109 +++++++++++++++++++++++++++++++++++++++++++++
 gnu-tls/README.md  |   4 ++
 3 files changed, 132 insertions(+)
 create mode 100644 gnu-tls/Dockerfile
 create mode 100644 gnu-tls/Makefile
 create mode 100644 gnu-tls/README.md

diff --git a/gnu-tls/Dockerfile b/gnu-tls/Dockerfile
new file mode 100644
index 0000000..fc0e382
--- /dev/null
+++ b/gnu-tls/Dockerfile
@@ -0,0 +1,19 @@
+ARG FROM=bitnami/minideb
+FROM ${FROM}
+
+LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc://#airshipit@freenode' \
+      org.opencontainers.image.url='https://airshipit.org' \
+      org.opencontainers.image.documentation='https://airshipit.readthedocs.io' \
+      org.opencontainers.image.source='https://opendev.org/airship/images' \
+      org.opencontainers.image.vendor='The Airship Authors' \
+      org.opencontainers.image.licenses='Apache-2.0'
+
+RUN set -xe \
+    && export DEBIAN_FRONTEND=noninteractive \
+    && apt-get update -qq && apt-get -y dist-upgrade \
+    && apt-get install -y gnutls-bin \
+    && apt-get autoremove -y --purge \
+    && apt-get clean \
+    && rm -rf /var/lib/apt-get/lists/*
+
+CMD ["/bin/bash"]
diff --git a/gnu-tls/Makefile b/gnu-tls/Makefile
new file mode 100644
index 0000000..8cf8e21
--- /dev/null
+++ b/gnu-tls/Makefile
@@ -0,0 +1,109 @@
+# Copyright 2018 AT&T Intellectual Property.  All other rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+SHELL             := /bin/bash
+BUILD_DIR         ?= build
+PUSH_IMAGE        ?= false
+IMAGE_ID          ?= none
+COMMIT            ?= $(shell git rev-parse HEAD)
+LABEL             ?= org.airshipit.build=community
+IMAGE_NAME        ?= gnu-tls
+DOCKER_REGISTRY   ?= quay.io
+IMAGE_PREFIX      ?= airshipit
+IMAGE_TAG         ?= latest
+DISTRO            ?= minideb
+IMAGE             := ${DOCKER_REGISTRY}/${IMAGE_PREFIX}/${IMAGE_NAME}:${IMAGE_TAG}-${DISTRO}
+SH_TO_CHECK       := $(wildcard files/*.sh )
+PROXY             ?= http://proxy.foo.com:8000
+NO_PROXY          ?= localhost,127.0.0.1,.svc.cluster.local
+USE_PROXY         ?= false
+
+all: lint images
+
+check-docker:
+	@if [ -z $$(which docker) ]; then \
+	  echo "Missing \`docker\` client which is required for development"; \
+	  exit 2; \
+	fi
+
+images: check-docker build_image
+
+docs: clean build_docs
+
+build_docs:
+	echo TODO
+
+build_image:
+	mkdir -p $(BUILD_DIR)
+ifeq ($(IMAGE_ID), none)
+ifeq ($(USE_PROXY), true)
+	docker build . \
+	--iidfile $(BUILD_DIR)/image_id \
+	--tag $(IMAGE) \
+	--label $(LABEL) \
+	--label "org.opencontainers.image.revision=$(COMMIT)" \
+	--label "org.opencontainers.image.created=\
+	$(shell date --rfc-3339=seconds --utc)" \
+	--label "org.opencontainers.image.title=$(IMAGE_NAME)" \
+	--build-arg http_proxy=$(PROXY) \
+	--build-arg https_proxy=$(PROXY) \
+	--build-arg HTTP_PROXY=$(PROXY) \
+	--build-arg HTTPS_PROXY=$(PROXY) \
+	--build-arg no_proxy=$(NO_PROXY) \
+	--build-arg NO_PROXY=$(NO_PROXY) \
+	--build-arg GIT_COMMIT=$(COMMIT)
+else
+	docker build . \
+	--iidfile $(BUILD_DIR)/image_id \
+	--tag $(IMAGE) \
+	--label $(LABEL) \
+	--label "org.opencontainers.image.revision=$(COMMIT)" \
+	--label "org.opencontainers.image.created=\
+	$(shell date --rfc-3339=seconds --utc)" \
+	--label "org.opencontainers.image.title=$(IMAGE_NAME)" \
+	--build-arg GIT_COMMIT=$(COMMIT)
+endif
+else
+	echo $(IMAGE_ID) > $(BUILD_DIR)/image_id
+endif
+ifeq ($(PUSH_IMAGE), true)
+	docker push $(IMAGE)
+endif
+
+clean:
+ifeq ($(IMAGE_ID), none)
+	if [[ -s $(BUILD_DIR)/image_id ]]; \
+	then \
+	docker rmi $$(cat $(BUILD_DIR)/image_id); \
+	fi
+endif
+	rm -rf $(BUILD_DIR)
+
+# style checks
+lint: test-shellcheck
+	echo "TODO"
+
+tests: lint unit_tests
+
+test-shellcheck: $(SH_TO_CHECK)
+
+unit_tests:
+	echo TODO
+
+$(SH_TO_CHECK):
+	docker run --rm -v $(shell pwd):/mnt \
+	nlknguyen/alpine-shellcheck -x /mnt/$(@)
+
+.PHONY: test clean $(SH_TO_CHECK) test-shellcheck tests lint build_image \
+  all build_docs docs check-docker images
diff --git a/gnu-tls/README.md b/gnu-tls/README.md
new file mode 100644
index 0000000..e30a4f9
--- /dev/null
+++ b/gnu-tls/README.md
@@ -0,0 +1,4 @@
+# gnu-tls-image
+
+This image serves mindeb image with gnu-tls utils for use in tls cert
+generation.