From 721f686cc687d2c47f7651520be06d49866b54e4 Mon Sep 17 00:00:00 2001
From: Timo Sairiala <timo.sairiala@unikie.com>
Date: Thu, 29 Aug 2024 13:07:41 +0300
Subject: [PATCH] update baseimage v3.3 in tii-mesh-com.yaml

---
 ...mesh-com.yaml.to-fix => tii-mesh-com.yaml} |  2 --
 common/tools/squid/squid.conf                 | 27 -----------------
 modules/mesh_com/Dockerfile                   | 29 ++-----------------
 3 files changed, 3 insertions(+), 55 deletions(-)
 rename .github/workflows/{tii-mesh-com.yaml.to-fix => tii-mesh-com.yaml} (93%)
 delete mode 100644 common/tools/squid/squid.conf

diff --git a/.github/workflows/tii-mesh-com.yaml.to-fix b/.github/workflows/tii-mesh-com.yaml
similarity index 93%
rename from .github/workflows/tii-mesh-com.yaml.to-fix
rename to .github/workflows/tii-mesh-com.yaml
index 9d77adc3..856317d4 100644
--- a/.github/workflows/tii-mesh-com.yaml.to-fix
+++ b/.github/workflows/tii-mesh-com.yaml
@@ -56,8 +56,6 @@ jobs:
         uses: docker/build-push-action@v5
         with:
           context: .
-          build-args: |
-            "ARTIFACTORY_CLOUD_TOKEN=${{ secrets.ARTIFACTORY_CLOUD_TOKEN }}"
           platforms: linux/amd64,linux/arm64,linux/riscv64
           file: ./modules/mesh_com/Dockerfile
           push: true
diff --git a/common/tools/squid/squid.conf b/common/tools/squid/squid.conf
deleted file mode 100644
index 07d357db..00000000
--- a/common/tools/squid/squid.conf
+++ /dev/null
@@ -1,27 +0,0 @@
-http_port 127.0.0.1:3128 ssl-bump \
-  cert=/etc/squid/ssl_cert/myCA.pem \
-  generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
-
-http_access allow all
-cache allow all
-
-sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/squid/ssl_db -M 4MB
-
-acl step1 at_step SslBump1
-
-ssl_bump peek step1
-ssl_bump bump all
-
-acl artifactory dstdomain artifactory.ssrcdevops.tii.ae
-
-request_header_add Authorization "Bearer <token>" artifactory
-
-pid_filename none
-logfile_rotate 0
-
-# Debug
-# access_log stdio:/dev/fd/1
-# cache_log stdio:/dev/fd/2
-
-# Needed to prevent bug in docker
-max_filedescriptors 1048576
diff --git a/modules/mesh_com/Dockerfile b/modules/mesh_com/Dockerfile
index cd0be10c..d82c19ad 100644
--- a/modules/mesh_com/Dockerfile
+++ b/modules/mesh_com/Dockerfile
@@ -1,13 +1,9 @@
 # Given dynamically from CI job.
-FROM --platform=${BUILDPLATFORM:-linux/amd64} ghcr.io/tiiuae/fog-ros-sdk:v3.2.0-${TARGETARCH:-amd64} AS builder
+FROM --platform=${BUILDPLATFORM:-linux/amd64} ghcr.io/tiiuae/fog-ros-sdk:v3.3.0-${TARGETARCH:-amd64} AS builder
 
 # Must be defined another time after "FROM" keyword.
 ARG TARGETARCH
 
-# Needed for apt to authenticate with the custom private repo
-ARG ARTIFACTORY_CLOUD_TOKEN
-ENV ARTIFACTORY_CLOUD_TOKEN=${ARTIFACTORY_CLOUD_TOKEN}
-
 # SRC_DIR environment variable is defined in the fog-ros-sdk image.
 # The same workspace path is used by all ROS2 components.
 # See: https://github.com/tiiuae/fog-ros-baseimage/blob/main/Dockerfile.sdk_builder
@@ -21,29 +17,12 @@ RUN /packaging/build_colcon_sdk.sh ${TARGETARCH:-amd64}
 #  ▲               runtime ──┐
 #  └── build                 ▼
 
-FROM ghcr.io/tiiuae/fog-ros-baseimage:v3.2.0
+FROM ghcr.io/tiiuae/fog-ros-baseimage:v3.3.0
 
 ENTRYPOINT [ "/entrypoint.sh" ]
 
 RUN apt update \
-    && apt install -y --no-install-recommends squid-openssl \
-    && apt clean \
-    && rm -rf /var/lib/apt/lists/*  \
-    && mkdir -p /etc/squid/ssl_cert \
-    && openssl req -new -newkey rsa:2048 -sha256 -days 365 -nodes -x509 -extensions v3_ca -keyout /etc/squid/ssl_cert/myCA.pem -out /etc/squid/ssl_cert/myCA.pem -batch \
-    && openssl x509 -in /etc/squid/ssl_cert/myCA.pem -outform PEM -out /usr/local/share/ca-certificates/squid.crt \
-    && update-ca-certificates \
-    && mkdir -p /var/lib/squid \
-    && /usr/lib/squid/security_file_certgen -c -s /var/lib/squid/ssl_db -M 4MB
-
-COPY common/tools/squid/ /etc/squid/
-
-# Squid proxy needed to add Authorization: Bearer <token> header for apt to authenticate with priv repo
-RUN echo "deb [trusted=yes] https://artifactory.ssrcdevops.tii.ae/artifactory/debian-public-local focal fog-sw" >> /etc/apt/sources.list \
-    && sed -i "s/<token>/$ARTIFACTORY_CLOUD_TOKEN/" /etc/squid/squid.conf \
-    && squid \
-    && apt -o "acquire::http::proxy=http://127.0.0.1:3128" update \
-    && apt -o "acquire::http::proxy=http://127.0.0.1:3128" install -y --no-install-recommends \
+    && apt install -y --no-install-recommends \
         alfred \
         batctl \
         iproute2 \
@@ -53,9 +32,7 @@ RUN echo "deb [trusted=yes] https://artifactory.ssrcdevops.tii.ae/artifactory/de
         pcsc-lite \
         rfkill \
         wpa-supplicant=2.9-r0 \
-    && pkill squid \
     && apt clean \
-    && rm /etc/squid/squid.conf \
     && rm -rf /var/lib/apt/lists/*
 
 COPY modules/mesh_com/entrypoint.sh /entrypoint.sh