7f5a904e98
This patch fixes missing pycadf's audit maps for services and change the way how pycadf is installed. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/905858 Closes-Bug: #2047941 Change-Id: I9b43d1a9990ad8aa7381ea81b0f2d692967be949
33 lines
1.2 KiB
Django/Jinja
33 lines
1.2 KiB
Django/Jinja
FROM {{ namespace }}/{{ image_prefix }}openstack-base:{{ tag }}
|
|
{% block labels %}
|
|
LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}"
|
|
{% endblock %}
|
|
|
|
{% block ironic_base_header %}{% endblock %}
|
|
|
|
{% import "macros.j2" as macros with context %}
|
|
|
|
{{ macros.configure_user(name='ironic') }}
|
|
|
|
ADD ironic-base-archive /ironic-base-source
|
|
ADD ironic_sudoers /etc/sudoers.d/kolla_ironic_sudoers
|
|
|
|
{% set ironic_base_pip_packages = [
|
|
'/ironic'
|
|
] %}
|
|
|
|
COPY extend_start.sh /usr/local/bin/kolla_extend_start
|
|
|
|
RUN ln -s ironic-base-source/* ironic \
|
|
&& {{ macros.install_pip(ironic_base_pip_packages | customizable("pip_packages")) }} \
|
|
&& mkdir -p /etc/ironic \
|
|
&& cp -r /var/lib/kolla/venv/etc/ironic/* /etc/ironic/ \
|
|
&& cp /etc/pycadf/ironic_api_audit_map.conf /etc/ironic/ \
|
|
&& sed -i 's|^exec_dirs.*|exec_dirs=/var/lib/kolla/venv/bin,/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin|g' /etc/ironic/rootwrap.conf \
|
|
&& chmod 750 /etc/sudoers.d \
|
|
&& chmod 440 /etc/sudoers.d/kolla_ironic_sudoers \
|
|
&& touch /usr/local/bin/kolla_ironic_extend_start \
|
|
&& chmod 644 /usr/local/bin/kolla_extend_start /usr/local/bin/kolla_ironic_extend_start
|
|
|
|
{% block ironic_base_footer %}{% endblock %}
|