michaelschiemer/docker/ci/Dockerfile.build

# Dockerfile für Docker Build Jobs in CI/CD
# Enthält: Docker CLI, Docker Buildx, Git, Bash
FROM docker:latest

# Installiere zusätzliche Tools
RUN apk add --no-cache \
    git \
    bash \
    curl \
    openssh-client \
    ca-certificates \
    python3 \
    py3-pip

# Installiere Docker Buildx (global für alle User)
RUN mkdir -p /usr/local/lib/docker/cli-plugins && \
    ARCH=$(uname -m) && \
    if [ "$ARCH" = "x86_64" ]; then ARCH="amd64"; elif [ "$ARCH" = "aarch64" ]; then ARCH="arm64"; fi && \
    BUILDX_VERSION="v0.29.1" && \
    curl -fL "https://github.com/docker/buildx/releases/download/${BUILDX_VERSION}/buildx-${BUILDX_VERSION}.linux-${ARCH}" \
    -o /usr/local/lib/docker/cli-plugins/docker-buildx && \
    chmod +x /usr/local/lib/docker/cli-plugins/docker-buildx && \
    # Verifiziere Download (sollte mindestens 1MB sein)
    test -f /usr/local/lib/docker/cli-plugins/docker-buildx && \
    test $(stat -c%s /usr/local/lib/docker/cli-plugins/docker-buildx) -gt 1000000 && \
    # Auch für root installieren (als Fallback)
    mkdir -p /root/.docker/cli-plugins && \
    cp /usr/local/lib/docker/cli-plugins/docker-buildx /root/.docker/cli-plugins/docker-buildx

# Installiere Ansible (global für alle User)
# --break-system-packages ist nötig in Alpine, da pip PEP 668 befolgt
RUN pip3 install --no-cache-dir --break-system-packages ansible-core docker

# Verifiziere Installation
RUN docker --version && \
    git --version && \
    bash --version && \
    docker buildx version && \
    python3 --version && \
    ansible --version

# Arbeitsverzeichnis
WORKDIR /workspace

# Standard-User für CI (UID/GID 1000)
RUN addgroup -g 1000 ci && adduser -u 1000 -G ci -D ci && \
    # Installiere Buildx auch für ci-User
    mkdir -p /home/ci/.docker/cli-plugins && \
    cp /usr/local/lib/docker/cli-plugins/docker-buildx /home/ci/.docker/cli-plugins/docker-buildx && \
    chown -R ci:ci /home/ci/.docker