🔧 Update Dockerfile to match with new version

Author: dinushchathurya

Dockerfile

@@ -1,9 +1,14 @@
-FROM projectoss/alpine:3.20.0
+FROM alpine:3.18
 
-# Install security updates first
-RUN apk update && apk upgrade
+# Metadata
+LABEL maintainer="dinushchathurya21@gmail.com"
+LABEL version="2.0.0-rc.1"
+LABEL description="EKS Helm Client with private infrastructure support"
+LABEL org.opencontainers.image.source="https://github.com/open-source-srilanka/eks-helm-client-github-action"
+LABEL org.opencontainers.image.description="Deploy Helm charts to EKS clusters with support for private clusters and registries"
+LABEL org.opencontainers.image.licenses="MIT"
 
-# Install required packages
+# Install base packages
 RUN apk add --no-cache \
     ca-certificates \
     bash \
@@ -13,67 +18,71 @@ RUN apk add --no-cache \
     curl \
     gettext \
     openssl \
-    python3 \
     py3-pip \
-    unzip \
-    groff
+    python3 \
+    netcat-openbsd \
+    && pip3 install --upgrade awscli \
+    && rm -rf /var/cache/apk/*
 
-# Install AWS CLI v1 using pip (more compatible with Alpine)
-RUN pip3 install --break-system-packages --no-cache-dir awscli
+# Set environment variables
+ENV KUBECONFIG="/opt/kubernetes/config"
+ENV HELM_HOME="/opt/helm"
+ENV XDG_CONFIG_HOME="/opt/helm" 
+ENV HELM_CACHE_HOME="/opt/helm/cache"
+ENV HELM_CONFIG_HOME="/opt/helm"
+ENV HELM_DATA_HOME="/opt/helm"
+ENV PATH="/usr/local/bin:$PATH"
 
-# Alternative: Install Python packages in virtual environment if needed
-# RUN python3 -m venv /opt/venv \
-#     && /opt/venv/bin/pip install --no-cache-dir boto3 \
-#     && ln -s /opt/venv/bin/python3 /usr/local/bin/python-venv
+# Install kubectl (version will be overridden by input parameter)
+ARG KUBECTL_VERSION="1.28.4"
+RUN curl -s -L "https://dl.k8s.io/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl" -o /usr/local/bin/kubectl \
+    && chmod +x /usr/local/bin/kubectl
 
-# Set versions - update these regularly
-ARG KUBECTL_VERSION="1.30.0"
-ARG HELM_VERSION="3.14.4"
-ARG KUBESEAL_VERSION="0.26.0"
+# Install Helm (version will be overridden by input parameter)
+ARG HELM_VERSION="3.13.3"
+RUN curl -s -L "https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz" | tar -xzO linux-amd64/helm > /usr/local/bin/helm \
+    && chmod +x /usr/local/bin/helm
 
-# Install kubectl
-RUN curl -L "https://dl.k8s.io/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl" -o /usr/local/bin/kubectl \
-    && curl -L "https://dl.k8s.io/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl.sha256" -o kubectl.sha256 \
-    && echo "$(cat kubectl.sha256)  /usr/local/bin/kubectl" | sha256sum -c \
-    && chmod +x /usr/local/bin/kubectl \
-    && rm kubectl.sha256
+# Install AWS IAM Authenticator
+ARG IAM_AUTHENTICATOR_VERSION="0.6.14"
+RUN curl -o aws-iam-authenticator "https://github.com/kubernetes-sigs/aws-iam-authenticator/releases/download/v${IAM_AUTHENTICATOR_VERSION}/aws-iam-authenticator_${IAM_AUTHENTICATOR_VERSION}_linux_amd64" \
+    && chmod +x ./aws-iam-authenticator \
+    && mv ./aws-iam-authenticator /usr/local/bin
 
-# Install Helm using official installer script (more reliable)
-RUN curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 \
-    && chmod 700 get_helm.sh \
-    && ./get_helm.sh --version v${HELM_VERSION} \
-    && rm get_helm.sh
+# Install eksctl for additional EKS operations
+RUN curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp \
+    && mv /tmp/eksctl /usr/local/bin
 
-# Install kubeseal for sealed secrets support
-RUN curl -L "https://github.com/bitnami-labs/sealed-secrets/releases/download/v${KUBESEAL_VERSION}/kubeseal-${KUBESEAL_VERSION}-linux-amd64.tar.gz" -o kubeseal.tar.gz \
-    && tar -xzf kubeseal.tar.gz \
-    && mv kubeseal /usr/local/bin/ \
-    && chmod +x /usr/local/bin/kubeseal \
-    && rm kubeseal.tar.gz
+# Create necessary directories with proper permissions
+RUN mkdir -p /opt/kubernetes /opt/helm /opt/scripts && \
+    chmod a+rwx /opt/kubernetes /opt/helm /opt/scripts
 
-# Create non-root user for security
-RUN addgroup -g 1001 runner && \
-    adduser -D -u 1001 -G runner runner
+# Create non-root user for better security
+RUN addgroup -g 1000 runner && \
+    adduser -D -u 1000 -G runner runner && \
+    chown -R runner:runner /opt/kubernetes /opt/helm /opt/scripts
 
-# Set up directories with proper permissions
-RUN mkdir -p /opt/kubernetes /opt/helm /app && \
-    chown -R runner:runner /opt/kubernetes /opt/helm /app
+# Copy configuration files and scripts
+COPY templates/config.template /config.template
+COPY templates/private-config.template /private-config.template
+COPY scripts/entrypoint.sh /entrypoint.sh
+COPY scripts/health-check.sh /health-check.sh
+COPY scripts/setup-tools.sh /setup-tools.sh
+COPY scripts/cleanup.sh /cleanup.sh
 
-# Environment variables
-ENV KUBECONFIG="/opt/kubernetes/config"
-ENV HELM_HOME="/opt/helm"
-ENV XDG_CONFIG_HOME="/opt/helm"
-ENV HELM_CACHE_HOME="/opt/helm/cache"
-ENV PYTHONUNBUFFERED=1
+# Set proper permissions for scripts
+RUN chmod +x /entrypoint.sh /health-check.sh /setup-tools.sh /cleanup.sh && \
+    chown runner:runner /entrypoint.sh /health-check.sh /setup-tools.sh /cleanup.sh
 
-# Copy files
-COPY --chown=runner:runner . /app/
-WORKDIR /app
+# Set working directory
+WORKDIR /opt/scripts
 
-# Make scripts executable
-RUN chmod +x /app/entrypoint.sh /app/scripts/*.sh
+# Add health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+    CMD /health-check.sh
 
-# Switch to non-root user
+# Security: Use non-root user for execution
 USER runner
 
-ENTRYPOINT ["/app/entrypoint.sh"]
+# Set the entrypoint
+ENTRYPOINT ["/entrypoint.sh"]