kolla/docker/openstack-base/Dockerfile.j2
Michal Arbet 7f5a904e98 Fix openstack CADF audit maps and installation
This patch fixes missing pycadf's audit maps
for services and change the way how pycadf
is installed.

Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/905858

Closes-Bug: #2047941
Change-Id: I9b43d1a9990ad8aa7381ea81b0f2d692967be949
2024-01-17 11:52:20 +00:00

225 lines
5.7 KiB
Django/Jinja

FROM {{ namespace }}/{{ image_prefix }}base:{{ tag }}
{% block labels %}
LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}"
{% endblock %}
{% block openstack_base_header %}{% endblock %}
{% import "macros.j2" as macros with context %}
{{ macros.enable_extra_repos(['crb']) }}
{% if base_package_type == 'rpm' %}
{% set openstack_base_packages = [
'gcc',
'gcc-c++',
'git',
'httpd',
'iproute',
'libffi-devel',
'libxml2-devel',
'libxslt-devel',
'libyaml-devel',
'make',
'mod_ssl',
'openssl',
'openssl-devel',
'pcre-devel',
'postgresql',
'postgresql-devel',
'python3-devel',
'python3-mod_wsgi',
'sqlite-devel',
'zip'
] %}
{% elif base_package_type == 'deb' %}
{% set openstack_base_packages = [
'apache2',
'build-essential',
'ca-certificates',
'git',
'libapache2-mod-wsgi-py3',
'libffi-dev',
'libpcre3-dev',
'libpq-dev',
'libssl-dev',
'libxml2-dev',
'libxslt1-dev',
'libyaml-dev',
'libz-dev',
'pkg-config',
'python3-dev',
'python3-venv',
'zip'
] %}
{% endif %}
{{ macros.install_packages(openstack_base_packages | customizable("packages")) }}
{% set openstack_base_pip_packages = [
'Babel',
'Mako',
'MarkupSafe',
'Paste',
'PasteDeploy',
'PyNaCl',
'PyYAML',
'Routes',
'SQLAlchemy',
'Tempita',
'WSME',
'WebOb',
'alembic',
'amqp',
'aodhclient',
'appdirs',
'automaton',
'bcrypt',
'cachetools',
'castellan',
'click',
'cliff',
'cmd2',
'contextlib2',
'cryptography',
'debtcollector',
'decorator',
'eventlet',
'fasteners',
'fluent-logger',
'funcsigs',
'futurist',
'gnocchiclient',
'greenlet',
'httplib2',
'iso8601',
'jinja2',
'jsonpatch',
'jsonpointer',
'jsonschema',
'keystoneauth1',
'keystonemiddleware',
'kombu',
'logutils',
'monotonic',
'netaddr',
'netifaces',
'os-brick',
'os-client-config',
'os-traits',
'os-win',
'oslo.concurrency',
'oslo.config',
'oslo.context',
'oslo.db',
'oslo.i18n',
'oslo.log',
'oslo.messaging',
'oslo.middleware',
'oslo.policy',
'oslo.privsep',
'oslo.reports',
'oslo.rootwrap',
'oslo.serialization',
'oslo.service',
'oslo.upgradecheck',
'oslo.utils',
'oslo.versionedobjects',
'oslo.vmware',
'osprofiler',
'paramiko',
'pbr',
'pecan',
'pika',
'prettytable',
'psutil',
'/pycadf',
'pyinotify',
'pymysql',
'pyngus',
'pyparsing',
'pyroute2',
'python-barbicanclient',
'python-binary-memcached',
'python-cinderclient',
'python-cloudkittyclient',
'python-dateutil',
'python-designateclient',
'python-editor',
'python-glanceclient',
'python-heatclient',
'python-ironicclient',
'python-keystoneclient',
'python-magnumclient',
'python-manilaclient',
'python-memcached',
'python-mistralclient',
'python-muranoclient',
'python-neutronclient',
'python-novaclient',
'python-openstackclient',
'python-qpid-proton',
'python-saharaclient',
'python-swiftclient',
'python-troveclient',
'python-vitrageclient',
'pytz',
'repoze.lru',
'requests',
'requestsexceptions',
'retrying',
'setproctitle',
'simplegeneric',
'simplejson',
'six',
'sqlalchemy-migrate',
'sqlparse',
'stevedore',
'tooz[consul,etcd,etcd3gw,zake,redis,postgresql,mysql,zookeeper,memcached,ipc]',
'unicodecsv',
'warlock',
'wrapt'
]
%}
ADD openstack-base-archive /openstack-base-source
ADD plugins-archive /openstack-base-source
RUN ln -s openstack-base-source/plugins/* /pycadf \
&& mkdir -p /etc/pycadf \
&& cp /pycadf/etc/pycadf/* /etc/pycadf/
RUN ln -s openstack-base-source/*requirements* /requirements \
{# NOTE(mnasiadka): Remove ovs from upper-constraints.txt because python3-openvswitch
is usually newer than UC entry and older version would get installed
in venv (see https://launchpad.net/bugs/1961874).
#}
&& {{ macros.upper_constraints_remove("ovs") }} \
&& mkdir -p /var/lib/kolla \
&& python3 -m venv --system-site-packages /var/lib/kolla/venv
{# Block used for overriding global version constraints.
Overriding the package version using upper_constraints_remove(package_name) or
upper_constraints_version_change(package_name, from, to) at this location will
apply to all services.
#}
{% block openstack_base_override_upper_constraints %}{% endblock %}
ENV PATH /var/lib/kolla/venv/bin:$PATH
RUN {{ macros.install_pip(['pip', 'wheel', 'setuptools==67.2.*']) }} \
&& {{ macros.install_pip(openstack_base_pip_packages | customizable("pip_packages")) }}
{% if base_package_type == 'rpm' %}
RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf \
&& sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
{% elif base_package_type == 'deb' %}
RUN echo > /etc/apache2/ports.conf
{% endif %}
{% block openstack_base_footer %}{% endblock %}