326327acba
* add ironic-inspector(-archive) source to docker image * pip install from above source code * move in-container config files to /etc/ironic-inspector * add sudoers file to allow ironic-rootwrap * copy rootwrap conf and filters from source repo Change-Id: Ie3cce19810b9940d06bb636b28015160fea6ddfb Closes-bug: #1624457 Closes-bug: #1624833 Closes-bug: #1624845
37 lines
1.5 KiB
Django/Jinja
37 lines
1.5 KiB
Django/Jinja
FROM {{ namespace }}/{{ image_prefix }}ironic-base:{{ tag }}
|
|
MAINTAINER {{ maintainer }}
|
|
|
|
{% block ironic_inspector_header %}{% endblock %}
|
|
|
|
{% import "macros.j2" as macros with context %}
|
|
|
|
{% if install_type == 'binary' %}
|
|
{% if base_distro in ['centos', 'fedora', 'oraclelinux', 'rhel'] %}
|
|
{% set ironic_inspector_packages = ['openstack-ironic-inspector'] %}
|
|
{% elif base_distro in ['ubuntu'] %}
|
|
{% set ironic_inspector_packages = ['ironic-inspector'] %}
|
|
{% endif %}
|
|
|
|
{{ macros.install_packages(ironic_inspector_packages | customizable("packages")) }}
|
|
|
|
{% elif install_type == 'source' %}
|
|
ADD ironic-inspector-archive /ironic-inspector-source
|
|
RUN ln -s ironic-inspector-source/* ironic-inspector \
|
|
&& mv /etc/ironic /etc/ironic-inspector \
|
|
&& /var/lib/kolla/venv/bin/pip --no-cache-dir install --upgrade -c requirements/upper-constraints.txt /ironic-inspector \
|
|
&& cp /ironic-inspector/rootwrap.conf /etc/ironic-inspector/ \
|
|
&& cp -r /ironic-inspector/rootwrap.d/ /etc/ironic-inspector/ \
|
|
&& sed -i 's|^exec_dirs.*|exec_dirs=/var/lib/kolla/venv/bin,/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin|g' /etc/ironic-inspector/rootwrap.conf
|
|
|
|
{% endif %}
|
|
|
|
COPY ironic_sudoers /etc/sudoers.d/kolla_ironic_inspector_sudoers
|
|
RUN chmod 750 /etc/sudoers.d \
|
|
&& chmod 440 /etc/sudoers.d/kolla_ironic_inspector_sudoers
|
|
|
|
{% block ironic_inspector_footer %}{% endblock %}
|
|
{% block footer %}{% endblock %}
|
|
{{ include_footer }}
|
|
|
|
USER ironic
|