feat(09-tooling-portable-setup-01): create build.sh and verify image builds with all 5 tools

- build.sh: single-command entry point (D-04/D-05) - Architecture detection for AWS CLI and pup (x86_64 + arm64/aarch64) - Fixed terraform version string to use -1 suffix - Fixed helm version from 4.2.1 to 4.2.0 (actual repo version) - Fixed lsb_release issue by sourcing /etc/os-release directly - Verified: aws-cli 2.35.4, terraform 1.15.6, helm 4.2.0, kubectl 1.36.2, pup 1.1.0 - All tools run natively on ARM64 (Apple Silicon)
2026-06-15 23:24:02 +08:00
parent 78fd4002fd
commit 2797a64b28
2 changed files with 45 additions and 6 deletions
--- a/docker/build.sh
+++ b/docker/build.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+# =============================================================================
+# ngn-agent Docker Image Build Script
+#
+# Builds the custom Hermes Docker image with platform engineering tools.
+# Tag: ngn-agent:latest (local only, no registry push — per D-05)
+# =============================================================================
+set -euo pipefail
+
+IMAGE_NAME="ngn-agent"
+IMAGE_TAG="latest"
+
+# Resolve script location — ensures build context is the docker/ directory
+# (not the repo root, preventing accidental build context leaks — T-09-02)
+DOCKER_DIR="$(cd "$(dirname "$0")" && pwd)"
+
+echo "==> Building ${IMAGE_NAME}:${IMAGE_TAG}..."
+
+docker build \
+    -t "${IMAGE_NAME}:${IMAGE_TAG}" \
+    -f "${DOCKER_DIR}/Dockerfile" \
+    "${DOCKER_DIR}"
+
+echo "==> Build complete: ${IMAGE_NAME}:${IMAGE_TAG}"
+docker images "${IMAGE_NAME}:${IMAGE_TAG}"