Update Dockerfile to allow override of FROM variable
Change-Id: I8c4d4402c22e7c68982207ff1216b8f9b1d0dd06
This commit is contained in:
parent
683d757995
commit
14989ed7c2
|
@ -0,0 +1,155 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- project:
|
||||
check:
|
||||
jobs:
|
||||
- airship-berth-linter
|
||||
- airship-berth-doc-build
|
||||
- airship-berth-lint-pep8
|
||||
- airship-berth-unit-py35
|
||||
- airship-berth-security-bandit
|
||||
- airship-berth-docker-build-gate
|
||||
gate:
|
||||
jobs:
|
||||
- airship-berth-linter
|
||||
- airship-berth-doc-build
|
||||
- airship-berth-lint-pep8
|
||||
- airship-berth-unit-py35
|
||||
- airship-berth-security-bandit
|
||||
- airship-berth-docker-build-gate
|
||||
post:
|
||||
jobs:
|
||||
- airship-berth-docker-publish
|
||||
|
||||
- nodeset:
|
||||
name: airship-berth-single-node
|
||||
nodes:
|
||||
- name: primary
|
||||
label: ubuntu-xenial
|
||||
|
||||
- job:
|
||||
name: airship-berth-linter
|
||||
description: |
|
||||
Lints all files by checking them for whitespace.
|
||||
run: tools/gate/playbooks/zuul-linter.yaml
|
||||
nodeset: airship-berth-single-node
|
||||
|
||||
- job:
|
||||
name: airship-berth-lint-pep8
|
||||
description: |
|
||||
Lints Python files against the PEP8 standard
|
||||
run: tools/gate/playbooks/pep8-linter.yaml
|
||||
timeout: 300
|
||||
nodeset: airship-berth-single-node
|
||||
irrelevant-files:
|
||||
- ^.*\.rst$
|
||||
- ^doc/.*$
|
||||
- ^etc/.*$
|
||||
- ^releasenotes/.*$
|
||||
- ^setup.cfg$
|
||||
|
||||
- job:
|
||||
name: airship-berth-unit-py35
|
||||
description: |
|
||||
Executes unit tests under Python 3.5
|
||||
run: tools/gate/playbooks/unit-py35.yaml
|
||||
timeout: 300
|
||||
nodeset: airship-berth-single-node
|
||||
irrelevant-files:
|
||||
- ^.*\.rst$
|
||||
- ^doc/.*$
|
||||
- ^etc/.*$
|
||||
- ^releasenotes/.*$
|
||||
- ^setup.cfg$
|
||||
|
||||
- job:
|
||||
name: airship-berth-security-bandit
|
||||
description: |
|
||||
Executes the Bandit security scanner against Python files
|
||||
run: tools/gate/playbooks/security-bandit.yaml
|
||||
timeout: 300
|
||||
nodeset: airship-berth-single-node
|
||||
irrelevant-files:
|
||||
- ^.*\.rst$
|
||||
- ^doc/.*$
|
||||
- ^etc/.*$
|
||||
- ^releasenotes/.*$
|
||||
- ^setup.cfg$
|
||||
|
||||
- job:
|
||||
name: airship-berth-doc-build
|
||||
description: |
|
||||
Locally build the documentation to check for errors
|
||||
run: tools/gate/playbooks/doc-build.yaml
|
||||
timeout: 300
|
||||
nodeset: airship-berth-single-node
|
||||
irrelevant-files:
|
||||
- ^src/bin/berth/tests/.*$
|
||||
- ^setup.cfg$
|
||||
|
||||
- job:
|
||||
name: airship-berth-docker-build-gate
|
||||
timeout: 1800
|
||||
run: tools/gate/playbooks/docker-image-build.yaml
|
||||
nodeset: airship-berth-single-node
|
||||
irrelevant-files:
|
||||
- '^docs/.*'
|
||||
vars:
|
||||
publish: false
|
||||
tags:
|
||||
dynamic:
|
||||
patch_set: true
|
||||
|
||||
- job:
|
||||
name: airship-berth-docker-publish
|
||||
timeout: 1800
|
||||
run: tools/gate/playbooks/docker-image-build.yaml
|
||||
nodeset: airship-berth-single-node
|
||||
secrets:
|
||||
- airship_berth_quay_creds
|
||||
irrelevant-files:
|
||||
- '^docs/.*'
|
||||
vars:
|
||||
publish: true
|
||||
tags:
|
||||
dynamic:
|
||||
branch: true
|
||||
commit: true
|
||||
static:
|
||||
- latest
|
||||
|
||||
- secret:
|
||||
name: airship_berth_quay_creds
|
||||
data:
|
||||
username: !encrypted/pkcs1-oaep
|
||||
- BI1sCnCyps8RaXf/BQ2ZtobrXn4MfnimRr5wE5Rv3U95NCCK5EoUwBEvnz7yNmQ8m99D7
|
||||
9Gx4qA0N1ry7QL+o2Ll0D/ahb/HsaVBNU3CeVfe+3shpEVEuSi2xrA8K9LQPfIK1237vr
|
||||
wVvN/R+y/uYm7mpPr/aEPjQwJf3wgEK8xV/ZTvqYSVCpGylbfV0tWxm6uEVdBc1kMPLJN
|
||||
8uItJPaAaYMkFEasnVlI/DV8suiK13BLT7bNpNZBQsQ3AlcBCoq9mt50C3slV1wIneaz9
|
||||
qK+O++z7r8OTWUDMQqWE5d1m6jz1WIp5DROmnOvb9dfS73XsTcgmXwilrQt3VSvFCToga
|
||||
gAVHcoWbIKfxgrbOhoLFr+68id3VwVKN+NXgkoxTAJSzFCWwrs0X4n4W6D4O9buQyFTiZ
|
||||
s9o5rB1f2bdF5iI8Npqg6YchPtWn2eR78w1hRyge2HJk2RQgN1CqjpbiQ0uiEy0QA/Ksu
|
||||
VTtuONyV3T7FUYXaK3cHYrCwhV/idquSNRCWnKQAbs8mU8w298UbpOq4lZk1Njeg9StIs
|
||||
0DYyG1SX2k4mBS4//9i488qBSss2CBMhZWHbesSDi/OW4fNzz/2wm2FaW1uaJJSOTXEyJ
|
||||
E3p4+eejcYknXR+XD6BWfSvSwabsCezGSCg7wg7CRFsuTYXx5a4y/+P8Jh+Y7Y=
|
||||
password: !encrypted/pkcs1-oaep
|
||||
- x/0RHX1OlOfFgyb5ed0sknZQi8waSQLzWv+Aog0CziVMf9r3MtZ29LAcrqp9VUdFRYGCk
|
||||
Hf71TJb1Zb8b+WNcUJH2JjVo//Z1smU5F5xEqzhz0gTm1HYQjMAlqd1VNDYv0IpWl2dLE
|
||||
sGnEOT/Uq0RfH3rRt+33GagmXBUNuOIMdx41ubrMaF6ddg8IbjISRaCdfPOlNIrj24gCj
|
||||
a16UNiSyAhvqkod2G2HO7JE7Nv2//5hI1MD1o7sip8/eub12XtHMjpDRKR+KymX81LGAS
|
||||
PeCAn+Hw41uUKnxI/OTW47YtNvQVZZ4gRTOKTumsSNSceFfbf5ljm/JHTWx0SO6Z/kvzH
|
||||
RAJwBmLPHg7leD2wF9vWXwcmlyWJFyeEW/K/+6gYycQ2H0OnRuRxzYaNpSa96zPWUfNsA
|
||||
3TEKJcXjFXJSr00KnWmUZw8ZmPYAziu+pZoBXpkIhYoP1MAtggv/pvVsODDHmokP9nVE6
|
||||
s6YbtUXzthM/TgsE5KMZ2QP4udetj11RGDC+7fz/edtLcrpL3Nrq2rkJ2tRV+yR1ElKGx
|
||||
b2YX7cwM/vx3DPhWRBPJJfOoSRl+ZJByDM1KKWmAB91LT9vB3oVk/vq2XUsbTH2w20LcK
|
||||
xBXFJMtVHOavHIIWM7qHvkvZzWSBON7ydspje9MbYtTS5/97ccdLxDHA0MX0wM=
|
|
@ -1,4 +1,5 @@
|
|||
FROM ubuntu:16.04
|
||||
ARG FROM=ubuntu:16.04
|
||||
FROM ${FROM}
|
||||
|
||||
RUN apt-get update && apt-get install -y qemu-kvm dnsmasq bridge-utils mkisofs curl jq wget iptables
|
||||
RUN apt-get clean
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
tasks:
|
||||
- name: Build documents locally
|
||||
make:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
target: docs
|
||||
register: result
|
||||
failed_when: result.failed
|
|
@ -0,0 +1,129 @@
|
|||
# Copyright 2018 AT&T Intellectual Property. All other rights reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
tasks:
|
||||
- include_vars: vars.yaml
|
||||
|
||||
- name: Debug tag generation inputs
|
||||
block:
|
||||
- debug:
|
||||
var: publish
|
||||
- debug:
|
||||
var: tags
|
||||
- debug:
|
||||
var: zuul
|
||||
- debug:
|
||||
msg: "{{ tags | to_json }}"
|
||||
|
||||
- name: Determine tags
|
||||
shell: echo '{{ tags | to_json }}' | python {{ zuul.project.src_dir }}/tools/image_tags.py
|
||||
environment:
|
||||
BRANCH: "{{ zuul.branch }}"
|
||||
CHANGE: "{{ zuul.change }}"
|
||||
COMMIT: "{{ zuul.newrev }}"
|
||||
PATCHSET: "{{ zuul.patchset }}"
|
||||
register: image_tags
|
||||
|
||||
- name: Debug computed tags
|
||||
debug:
|
||||
var: image_tags
|
||||
|
||||
- name: Install Docker (Debian)
|
||||
when: ansible_os_family == 'Debian'
|
||||
block:
|
||||
- file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
with_items:
|
||||
- /etc/docker/
|
||||
- /etc/systemd/system/docker.service.d/
|
||||
- /var/lib/docker/
|
||||
- mount:
|
||||
path: /var/lib/docker/
|
||||
src: tmpfs
|
||||
fstype: tmpfs
|
||||
opts: size=25g
|
||||
state: mounted
|
||||
- copy: "{{ item }}"
|
||||
with_items:
|
||||
- content: "{{ docker_daemon | to_json }}"
|
||||
dest: /etc/docker/daemon.json
|
||||
- src: files/docker-systemd.conf
|
||||
dest: /etc/systemd/system/docker.service.d/
|
||||
- apt_key:
|
||||
url: https://download.docker.com/linux/ubuntu/gpg
|
||||
- apt_repository:
|
||||
repo: deb http://{{ zuul_site_mirror_fqdn }}/deb-docker xenial stable
|
||||
- apt:
|
||||
name: "{{ item }}"
|
||||
allow_unauthenticated: True
|
||||
with_items:
|
||||
- docker-ce
|
||||
- python-pip
|
||||
- pip:
|
||||
name: docker
|
||||
version: 2.7.0
|
||||
# NOTE(SamYaple): Allow all connections from containers to host so the
|
||||
# containers can access the http server for git and wheels
|
||||
- iptables:
|
||||
action: insert
|
||||
chain: INPUT
|
||||
in_interface: docker0
|
||||
jump: ACCEPT
|
||||
become: True
|
||||
|
||||
- name: Make images
|
||||
when: not publish
|
||||
block:
|
||||
- make:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
target: images
|
||||
params:
|
||||
IMAGE_TAG: "{{ item }}"
|
||||
with_items: "{{ image_tags.stdout_lines }}"
|
||||
|
||||
- shell: "docker images"
|
||||
register: docker_images
|
||||
|
||||
- debug:
|
||||
var: docker_images
|
||||
|
||||
become: True
|
||||
|
||||
- name: Publish images
|
||||
block:
|
||||
- docker_login:
|
||||
username: "{{ airship_berth_quay_creds.username }}"
|
||||
password: "{{ airship_berth_quay_creds.password }}"
|
||||
registry_url: "https://quay.io/api/v1/"
|
||||
|
||||
- make:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
target: images
|
||||
params:
|
||||
DOCKER_REGISTRY: "quay.io"
|
||||
IMAGE_PREFIX: "airshipit"
|
||||
IMAGE_TAG: "{{ item }}"
|
||||
PUSH_IMAGE: "true"
|
||||
with_items: "{{ image_tags.stdout_lines }}"
|
||||
|
||||
- shell: "docker images"
|
||||
register: docker_images
|
||||
|
||||
- debug:
|
||||
var: docker_images
|
||||
|
||||
when: publish
|
||||
become: True
|
|
@ -0,0 +1,8 @@
|
|||
# NOTE(SamYaple): CentOS cannot be build with userns-remap enabled. httpd uses
|
||||
# cap_set_file capability and there is no way to pass that in at build as of
|
||||
# docker 17.06.
|
||||
# TODO(SamYaple): Periodically check to see if this is possible in newer
|
||||
# versions of Docker
|
||||
[Service]
|
||||
ExecStart=
|
||||
ExecStart=/usr/bin/dockerd
|
|
@ -0,0 +1,20 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
tasks:
|
||||
- name: Execute the make target for PEP8 linting
|
||||
make:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
target: py_lint
|
||||
register: result
|
||||
failed_when: result.failed
|
|
@ -0,0 +1,20 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
tasks:
|
||||
- name: Execute the make target for security scanning
|
||||
make:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
target: security
|
||||
register: result
|
||||
failed_when: result.failed
|
|
@ -0,0 +1,20 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
tasks:
|
||||
- name: Execute the make target for unit testing
|
||||
make:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
target: tests
|
||||
register: result
|
||||
failed_when: result.failed
|
|
@ -0,0 +1,19 @@
|
|||
# Copyright 2017 The Openstack-Helm Authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
docker_daemon:
|
||||
group: zuul
|
||||
registry-mirrors:
|
||||
- "http://{{ zuul_site_mirror_fqdn }}:8082/"
|
||||
storage-driver: overlay2
|
|
@ -0,0 +1,20 @@
|
|||
# Copyright 2017 The Openstack-Helm Authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
tasks:
|
||||
- name: Execute a Whitespace Linter check
|
||||
command: find . -not -path "*/\.*" -not -path "*/doc/build/*" -not -name "*.tgz" -type f -exec egrep -l " +$" {} \;
|
||||
register: result
|
||||
failed_when: result.stdout != ""
|
Loading…
Reference in New Issue