labaneilers/Dockerfile

## Dockerfile
FROM registry.access.redhat.com/dotnet/dotnet-22-rhel7:2.2-8

## init.sh
# Dynamically create a "jenkins" user when the container starts
# tha maps to the uid that OpenShift has assigned to the container

userid=$(id -u)
username="jenkins"

if ! whoami &> /dev/null; then
  if [ -w /etc/passwd ]; then
    echo "${username}:x:${userid}:0:${username}:/usr/sbin:/usr/sbin/nologin" >> /etc/passwd
  fi
fi

echo "devkit-build-tools version: $TAG"

## jenkins-dockerfile
FROM quay.io/podman/stable

USER root

RUN yum update -y
RUN yum install -y jq
RUN yum install -y gettext
RUN yum install -y findutils
RUN yum install -y which

# Install oc and kubectl
RUN mkdir -p /install
RUN curl https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest/openshift-client-linux-4.1.11.tar.gz -o /install/openshift-client.tar.gz
RUN tar xvfz /install/openshift-client.tar.gz -C /usr/local/bin

# Install docker shim
COPY docker /usr/bin/docker
RUN chmod +x /usr/bin/docker

# Add user namespace mappings so podman can run rootless
RUN echo "jenkins:1000000000:999999" | tee /etc/subuid
RUN echo "jenkins:1000000000:999999" | tee /etc/subgid

# Ensure files can be read/written by the jenkins (runtime) user
RUN chgrp -R 0 /etc/subuid && chmod g=u /etc/subuid
RUN chgrp -R 0 /etc/subgid && chmod g=u /etc/subgid

# Ensure that we can add an entry for the Jenkins user on startup
RUN chmod g=u /etc/passwd
RUN chmod -R 777 /home

# Setup docker registry configuration for podman
COPY registries.conf /etc/containers/registries.conf
RUN chgrp -R 0 /etc/containers/registries.conf && chmod g=u /etc/containers/registries.conf

COPY init.sh /init.sh
RUN chmod 777 /init.sh

# Store the tag/version for this container for debugging
ARG TAG
ENV TAG=${TAG}

## Jenkinsfile
node {
    podTemplate(
        label: "devkit-pod-inline",
        containers: [
            containerTemplate(
                name: "devkit-container-inline",
                image: "${image}",
                ttyEnabled: true,
                privileged: false,
                command: "tail",
                args: "-f /dev/null"
            )],
        imagePullSecrets: [ "${imageSecret}" ]
    ) {
        node("devkit-pod-inline") {
            container ("devkit-container-inline") {
                // sh "echo \"\$(whoami):\$(whoami):65536\" | tee /etc/subuid"
                // sh "echo \"\$(whoami):\$(whoami):65536\" | tee /etc/subgid"

                stage("checkout") {
                    checkout scm
                }
                stage("Build") {
                    bash """
                        /init.sh

                        echo "CAP_SETUID: \$CAP_SETUID"
                        echo "CAP_SETGID: \$CAP_SETGID"

                        whoami
                        docker info

                        echo "subuid:"
                        cat /etc/subuid

                        echo "subgid:"
                        cat /etc/subgid

                        echo "password:"
                        cat /etc/passwd

                        exec ./bs/build.sh docker
                    """

                    // Build deployment package
                    bash "exec ./bs/build-deploypkg.sh"
                }

                stage("Test") {
                    bash "podman build ."
                }
            }
        }
    }
}
	# Dynamically create a "jenkins" user when the container starts
	# tha maps to the uid that OpenShift has assigned to the container

	userid=$(id -u)
	username="jenkins"

	if ! whoami &> /dev/null; then
	if [ -w /etc/passwd ]; then
	echo "${username}:x:${userid}:0:${username}:/usr/sbin:/usr/sbin/nologin" >> /etc/passwd
	fi
	fi

	echo "devkit-build-tools version: $TAG"
	FROM quay.io/podman/stable

	USER root

	RUN yum update -y
	RUN yum install -y jq
	RUN yum install -y gettext
	RUN yum install -y findutils
	RUN yum install -y which

	# Install oc and kubectl
	RUN mkdir -p /install
	RUN curl https://mirror.openshift.com/pub/openshift-v4/clients/ocp/latest/openshift-client-linux-4.1.11.tar.gz -o /install/openshift-client.tar.gz
	RUN tar xvfz /install/openshift-client.tar.gz -C /usr/local/bin

	# Install docker shim
	COPY docker /usr/bin/docker
	RUN chmod +x /usr/bin/docker

	# Add user namespace mappings so podman can run rootless
	RUN echo "jenkins:1000000000:999999" \| tee /etc/subuid
	RUN echo "jenkins:1000000000:999999" \| tee /etc/subgid

	# Ensure files can be read/written by the jenkins (runtime) user
	RUN chgrp -R 0 /etc/subuid && chmod g=u /etc/subuid
	RUN chgrp -R 0 /etc/subgid && chmod g=u /etc/subgid

	# Ensure that we can add an entry for the Jenkins user on startup
	RUN chmod g=u /etc/passwd
	RUN chmod -R 777 /home

	# Setup docker registry configuration for podman
	COPY registries.conf /etc/containers/registries.conf
	RUN chgrp -R 0 /etc/containers/registries.conf && chmod g=u /etc/containers/registries.conf

	COPY init.sh /init.sh
	RUN chmod 777 /init.sh

	# Store the tag/version for this container for debugging
	ARG TAG
	ENV TAG=${TAG}
	node {
	podTemplate(
	label: "devkit-pod-inline",
	containers: [
	containerTemplate(
	name: "devkit-container-inline",
	image: "${image}",
	ttyEnabled: true,
	privileged: false,
	command: "tail",
	args: "-f /dev/null"
	)],
	imagePullSecrets: [ "${imageSecret}" ]
	) {
	node("devkit-pod-inline") {
	container ("devkit-container-inline") {
	// sh "echo \"\$(whoami):\$(whoami):65536\" \| tee /etc/subuid"
	// sh "echo \"\$(whoami):\$(whoami):65536\" \| tee /etc/subgid"

	stage("checkout") {
	checkout scm
	}
	stage("Build") {
	bash """
	/init.sh

	echo "CAP_SETUID: \$CAP_SETUID"
	echo "CAP_SETGID: \$CAP_SETGID"

	whoami
	docker info

	echo "subuid:"
	cat /etc/subuid

	echo "subgid:"
	cat /etc/subgid

	echo "password:"
	cat /etc/passwd

	exec ./bs/build.sh docker
	"""

	// Build deployment package
	bash "exec ./bs/build-deploypkg.sh"
	}

	stage("Test") {
	bash "podman build ."
	}
	}
	}
	}
	}