Browse Source
This change creates a role that implements the Dockerfile specification via simple template, which will allow us to generate our container files based on our current needs. When container files are generated, both a Dockerfile and Buildah script will be created in the selected base path. This will maintain flexability in our build choices. Change-Id: I86102fe7075fd6918644e3e981a28e0b31ae9694 Signed-off-by: Kevin Carter <kecarter@redhat.com>changes/57/722557/18
12 changed files with 545 additions and 0 deletions
@ -0,0 +1,50 @@
|
||||
==================================== |
||||
Role - tripleo_container_image_build |
||||
==================================== |
||||
|
||||
.. ansibleautoplugin:: |
||||
:role: tripleo_ansible/roles/tripleo_container_image_build |
||||
|
||||
This is an example application variable file. |
||||
|
||||
.. code-block:: yaml |
||||
|
||||
--- |
||||
|
||||
# FROM |
||||
tcib_from: "ubi8" |
||||
|
||||
# Path where container file be generated |
||||
tcib_path: "{{ lookup('env', 'HOME') }}/tripleo-base" |
||||
|
||||
# this ends up being a LABEL |
||||
tcib_labels: |
||||
maintainer: "TripleO" |
||||
|
||||
# ENTRYPOINT |
||||
tcib_entrypoint: "dumb-init --single-child --" |
||||
|
||||
# STOPSIGNAL |
||||
tcib_stopsignal: "SIGTERM" |
||||
|
||||
# ENV |
||||
tcib_envs: |
||||
LANG: en_US.UTF-8 |
||||
|
||||
# RUN commands |
||||
tcib_runs: |
||||
- mkdir -p /etc/ssh |
||||
- touch /etc/ssh/ssh_known_host |
||||
- mkdir -p /openstack |
||||
- dnf install -y crudini curl |
||||
|
||||
# COPY |
||||
tcib_copies: |
||||
- /usr/share/tripleo-common/healthcheck/common.sh /openstack/common.sh |
||||
|
||||
|
||||
This role can be used with the TripleO playbook, `cli-generate-containerfile.yaml`. |
||||
|
||||
.. code-block:: shell |
||||
|
||||
ansible-playbook -i 'localhost,' /usr/share/ansible/tripleo-playbooks/cli-generate-containerfile.yaml -e @~/tripleo-base.yaml |
@ -0,0 +1,24 @@
|
||||
--- |
||||
# Copyright 2019 Red Hat, Inc. |
||||
# All Rights Reserved. |
||||
# |
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
||||
# not use this file except in compliance with the License. You may obtain |
||||
# a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
||||
# License for the specific language governing permissions and limitations |
||||
# under the License. |
||||
|
||||
- name: Generate container file(s) |
||||
connection: "{{ (tripleo_target_host is defined) | ternary('ssh', 'local') }}" |
||||
hosts: "{{ tripleo_target_host | default('localhost') }}" |
||||
remote_user: "{{ tripleo_target_user | default(lookup('env', 'USER')) }}" |
||||
gather_facts: "{{ (tripleo_target_host is defined) | ternary(true, false) }}" |
||||
any_errors_fatal: true |
||||
roles: |
||||
- role: tripleo_container_image_build |
@ -0,0 +1,81 @@
|
||||
--- |
||||
# Copyright 2020 Red Hat, Inc. |
||||
# All Rights Reserved. |
||||
# |
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
||||
# not use this file except in compliance with the License. You may obtain |
||||
# a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
||||
# License for the specific language governing permissions and limitations |
||||
# under the License. |
||||
|
||||
|
||||
# All variables intended for modification should be placed in this file. |
||||
tcib_path: "{{ lookup('env', 'HOME') }}" |
||||
|
||||
# Dictionary, single level key:value pairs, optional, implements https://docs.docker.com/engine/reference/builder/#arg |
||||
tcib_args: {} |
||||
|
||||
# String, required, 'item', implements https://docs.docker.com/engine/reference/builder/#from |
||||
tcib_from: "centos:8" |
||||
|
||||
# Dictionary, single level key:value pairs, optional, implements https://docs.docker.com/engine/reference/builder/#label |
||||
tcib_labels: {} |
||||
|
||||
# Dictionary, single level key:value pairs, optional, implements https://docs.docker.com/engine/reference/builder/#env |
||||
tcib_envs: {} |
||||
|
||||
# List of Strings, optional, <item>, implements https://docs.docker.com/engine/reference/builder/#onbuild |
||||
tcib_onbuilds: [] |
||||
|
||||
# List of Strings, optional, <item>, implements https://docs.docker.com/engine/reference/builder/#volume |
||||
tcib_volumes: [] |
||||
|
||||
# String, optional, 'item', implements https://docs.docker.com/engine/reference/builder/#workdir |
||||
tcib_workdir: '' |
||||
|
||||
# List of Strings, optional, <item>, implements https://docs.docker.com/engine/reference/builder/#add |
||||
tcib_adds: [] |
||||
|
||||
# List of Strings, optional, <item>, implements https://docs.docker.com/engine/reference/builder/#copy |
||||
tcib_copies: [] |
||||
|
||||
# List of Strings, optional, <item>, implements https://docs.docker.com/engine/reference/builder/#expose |
||||
tcib_exposes: [] |
||||
|
||||
# String, optional, 'item', implements https://docs.docker.com/engine/reference/builder/#user |
||||
tcib_user: '' |
||||
|
||||
# String, optional, 'item', implements https://docs.docker.com/engine/reference/builder/#shell |
||||
tcib_shell: '' |
||||
|
||||
# List of Strings, optional, <item>, implements https://docs.docker.com/engine/reference/builder/#run |
||||
tcib_runs: [] |
||||
|
||||
# String, optional, 'item', implements https://docs.docker.com/engine/reference/builder/#healthcheck |
||||
tcib_healthcheck: '' |
||||
|
||||
# String, optional, 'item', implements https://docs.docker.com/engine/reference/builder/#stopsignal |
||||
tcib_stopsignal: '' |
||||
|
||||
# String, optional, 'item', implements https://docs.docker.com/engine/reference/builder/#entrypoint |
||||
tcib_entrypoint: '' |
||||
|
||||
# String, optional, 'item', implements https://docs.docker.com/engine/reference/builder/#cmd |
||||
tcib_cmd: '' |
||||
|
||||
# List of Dictionaries, single level key:value pairs, key=VERB, value=verb action. |
||||
# NOTE(cloudnull): This allows for arbitrary docker verbs and maintains ordering. |
||||
# all available verbs can be found here: https://docs.docker.com/engine/reference/builder |
||||
tcib_actions: [] |
||||
|
||||
# List of Strings, optional, <item>, Collects file from the host and stores them in the build directory. |
||||
tcib_gather_files: [] |
||||
|
||||
# Boolean, enables the gathering of files. |
||||
tcib_pre_build: false |
@ -0,0 +1,42 @@
|
||||
--- |
||||
# Copyright 2020 Red Hat, Inc. |
||||
# All Rights Reserved. |
||||
# |
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
||||
# not use this file except in compliance with the License. You may obtain |
||||
# a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
||||
# License for the specific language governing permissions and limitations |
||||
# under the License. |
||||
|
||||
|
||||
galaxy_info: |
||||
author: OpenStack |
||||
description: TripleO OpenStack Role -- tripleo_container_image_build |
||||
company: Red Hat |
||||
license: Apache-2.0 |
||||
min_ansible_version: 2.7 |
||||
# |
||||
# Provide a list of supported platforms, and for each platform a list of versions. |
||||
# If you don't wish to enumerate all versions for a particular platform, use 'all'. |
||||
# To view available platforms and versions (or releases), visit: |
||||
# https://galaxy.ansible.com/api/v1/platforms/ |
||||
# |
||||
platforms: |
||||
- name: CentOS |
||||
versions: |
||||
- 7 |
||||
- 8 |
||||
|
||||
galaxy_tags: |
||||
- tripleo |
||||
|
||||
|
||||
# List your role dependencies here, one per line. Be sure to remove the '[]' above, |
||||
# if you add dependencies to this list. |
||||
dependencies: [] |
@ -0,0 +1,37 @@
|
||||
# Molecule managed |
||||
# Copyright 2020 Red Hat, Inc. |
||||
# All Rights Reserved. |
||||
# |
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
||||
# not use this file except in compliance with the License. You may obtain |
||||
# a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
||||
# License for the specific language governing permissions and limitations |
||||
# under the License. |
||||
|
||||
|
||||
{% if item.registry is defined %} |
||||
FROM {{ item.registry.url }}/{{ item.image }} |
||||
{% else %} |
||||
FROM {{ item.image }} |
||||
{% endif %} |
||||
|
||||
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ |
||||
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install sudo python*-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \ |
||||
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ |
||||
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \ |
||||
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \ |
||||
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi |
||||
|
||||
{% for pkg in item.easy_install | default([]) %} |
||||
# install pip for centos where there is no python-pip rpm in default repos |
||||
RUN easy_install {{ pkg }} |
||||
{% endfor %} |
||||
|
||||
|
||||
CMD ["sh", "-c", "while true; do sleep 10000; done"] |
@ -0,0 +1,21 @@
|
||||
--- |
||||
# Copyright 2020 Red Hat, Inc. |
||||
# All Rights Reserved. |
||||
# |
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
||||
# not use this file except in compliance with the License. You may obtain |
||||
# a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
||||
# License for the specific language governing permissions and limitations |
||||
# under the License. |
||||
|
||||
|
||||
- name: Converge |
||||
hosts: all |
||||
roles: |
||||
- role: "tripleo_container_image_build" |
@ -0,0 +1,38 @@
|
||||
--- |
||||
driver: |
||||
name: podman |
||||
|
||||
log: true |
||||
|
||||
platforms: |
||||
- name: centos8 |
||||
hostname: centos8 |
||||
image: centos:8 |
||||
dockerfile: Dockerfile |
||||
pkg_extras: python*-setuptools |
||||
volumes: |
||||
- /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro |
||||
environment: &env |
||||
http_proxy: "{{ lookup('env', 'http_proxy') }}" |
||||
https_proxy: "{{ lookup('env', 'https_proxy') }}" |
||||
ulimits: &ulimit |
||||
- host |
||||
|
||||
provisioner: |
||||
name: ansible |
||||
log: true |
||||
env: |
||||
ANSIBLE_STDOUT_CALLBACK: yaml |
||||
|
||||
scenario: |
||||
test_sequence: |
||||
- destroy |
||||
- create |
||||
- prepare |
||||
- converge |
||||
- check |
||||
- verify |
||||
- destroy |
||||
|
||||
verifier: |
||||
name: testinfra |
@ -0,0 +1,21 @@
|
||||
--- |
||||
# Copyright 2020 Red Hat, Inc. |
||||
# All Rights Reserved. |
||||
# |
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
||||
# not use this file except in compliance with the License. You may obtain |
||||
# a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
||||
# License for the specific language governing permissions and limitations |
||||
# under the License. |
||||
|
||||
|
||||
- name: Prepare |
||||
hosts: all |
||||
roles: |
||||
- role: test_deps |
@ -0,0 +1,43 @@
|
||||
--- |
||||
# Copyright 2020 Red Hat, Inc. |
||||
# All Rights Reserved. |
||||
# |
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
||||
# not use this file except in compliance with the License. You may obtain |
||||
# a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
||||
# License for the specific language governing permissions and limitations |
||||
# under the License. |
||||
|
||||
|
||||
# "tripleo_container_image_build" will search for and load any operating system variable file |
||||
|
||||
- name: Ensure path exists |
||||
file: |
||||
path: "{{ tcib_path }}" |
||||
state: "directory" |
||||
|
||||
- name: Gather files |
||||
fetch: |
||||
src: "{{ item }}" |
||||
dest: "{{ tcib_path }}/{{ item }}" |
||||
flat: true |
||||
loop: "{{ tcib_gather_files }}" |
||||
when: |
||||
- tcib_pre_build | bool |
||||
|
||||
- name: Create a container file |
||||
template: |
||||
src: "Containerfile.j2" |
||||
dest: "{{ tcib_path }}/Dockerfile" |
||||
|
||||
- name: Create a buildah file |
||||
template: |
||||
src: "buildahfile.sh.j2" |
||||
dest: "{{ tcib_path }}/buildahfile.sh" |
||||
mode: "0755" |
@ -0,0 +1,77 @@
|
||||
# Copyright 2020 Red Hat, Inc. |
||||
# All Rights Reserved. |
||||
# |
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
||||
# not use this file except in compliance with the License. You may obtain |
||||
# a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
||||
# License for the specific language governing permissions and limitations |
||||
# under the License. |
||||
|
||||
{% for key, value in tcib_args.items() %} |
||||
ARG = {{ key }}={{ value | to_json }} |
||||
{% endfor %} |
||||
FROM {{ tcib_from }} |
||||
{% for key, value in tcib_labels.items() %} |
||||
LABEL {{ key }}={{ value | to_json }} |
||||
{% endfor %} |
||||
{% for key, value in tcib_envs.items() %} |
||||
ENV {{ key }}={{ value | to_json }} |
||||
{% endfor %} |
||||
{% for item in tcib_onbuilds %} |
||||
ONBUILD {{ item }} |
||||
{% endfor %} |
||||
{% if tcib_volumes | length > 0 %} |
||||
VOLUME {{ tcib_volumes }} |
||||
{% endif %} |
||||
{% if tcib_workdir | length > 0 %} |
||||
WORKDIR {{ tcib_workdir | to_json }} |
||||
{% endif %} |
||||
{% for item in tcib_adds %} |
||||
ADD {{ item }} |
||||
{% endfor %} |
||||
{% for item in tcib_exposes %} |
||||
EXPOSE {{ item }} |
||||
{% endfor %} |
||||
{% for item in tcib_copies %} |
||||
COPY {{ item }} |
||||
{% endfor %} |
||||
{% if tcib_shell | length > 0 %} |
||||
SHELL {{ tcib_shell.split() | to_json }} |
||||
{% endif %} |
||||
{% for item in tcib_runs %} |
||||
{% if item is iterable and item is not string %} |
||||
RUN {{ item | to_json }} |
||||
{% else %} |
||||
RUN {{ item }} |
||||
{% endif %} |
||||
{% endfor %} |
||||
{% for item in tcib_actions %} |
||||
{% for key, value in item.items() %} |
||||
{% if value is iterable and value is not string %} |
||||
{{ key.upper() }} {{ value | to_json }} |
||||
{% else %} |
||||
{{ key.upper() }} {{ value }} |
||||
{% endif %} |
||||
{% endfor %} |
||||
{% endfor %} |
||||
{% if tcib_healthcheck | length > 0 %} |
||||
HEALTHCHECK {{ tcib_healthcheck }} |
||||
{% endif %} |
||||
{% if tcib_stopsignal | length > 0 %} |
||||
STOPSIGNAL {{ tcib_stopsignal }} |
||||
{% endif %} |
||||
{% if tcib_entrypoint | length > 0 %} |
||||
ENTRYPOINT {{ tcib_entrypoint.split() | to_json }} |
||||
{% endif %} |
||||
{% if tcib_cmd | length > 0 %} |
||||
CMD {{ tcib_cmd.split() | to_json }} |
||||
{% endif %} |
||||
{% if tcib_user | length > 0 %} |
||||
USER {{ tcib_user }} |
||||
{% endif %} |
@ -0,0 +1,102 @@
|
||||
#!/usr/bin/env bash |
||||
# Copyright 2020 Red Hat, Inc. |
||||
# All Rights Reserved. |
||||
# |
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
||||
# not use this file except in compliance with the License. You may obtain |
||||
# a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
||||
# License for the specific language governing permissions and limitations |
||||
# under the License. |
||||
|
||||
set -ev |
||||
|
||||
{% set verb_matrix = { |
||||
'label': 'label', |
||||
'cmd': 'cmd', |
||||
'entrypoint': 'entrypoint', |
||||
'env': 'env', |
||||
'expose': 'port', |
||||
'healthcheck': 'healthcheck', |
||||
'onbuild': 'onbuild', |
||||
'shell': 'shell', |
||||
'stopsignal': 'stop-signal', |
||||
'user': 'user', |
||||
'volume': 'volume', |
||||
'workdir': 'workingdir' |
||||
} |
||||
%} |
||||
{% for key, value in tcib_args.items() %} |
||||
export {{ key }}={{ value | to_json }} |
||||
{% endfor %} |
||||
CONTAINER=$(buildah from {{ tcib_from }}) |
||||
MOUNTPOINT=$(buildah mount ${CONTAINER}) |
||||
{% for key, value in tcib_labels.items() %} |
||||
buildah config --label {{ key }}={{ value | to_json }} ${CONTAINER} |
||||
{% endfor %} |
||||
{% for key, value in tcib_envs.items() %} |
||||
buildah config --env {{ key }}={{ value | to_json }} ${CONTAINER} |
||||
{% endfor %} |
||||
{% if tcib_workdir | length > 0 %} |
||||
buildah config --workingdir {{ tcib_workdir | to_json }} ${CONTAINER} |
||||
{% endif %} |
||||
{% for item in tcib_onbuilds %} |
||||
buildah config --onbuild {{ item }} ${CONTAINER} |
||||
{% endfor %} |
||||
{% for item in tcib_volumes %} |
||||
buildah config --volume {{ item }} ${CONTAINER} |
||||
{% endfor %} |
||||
{% for item in tcib_exposes %} |
||||
buildah config --port {{ item }} ${CONTAINER} |
||||
{% endfor %} |
||||
{% if tcib_shell | length > 0 %} |
||||
buildah config --shell {{ tcib_shell | to_json }} ${CONTAINER} |
||||
{% endif %} |
||||
{% if tcib_healthcheck | length > 0 %} |
||||
buildah config --healthcheck {{ tcib_healthcheck | to_json }} ${CONTAINER} |
||||
{% endif %} |
||||
{% if tcib_stopsignal | length > 0 %} |
||||
buildah config --stop-signal {{ tcib_stopsignal }} ${CONTAINER} |
||||
{% endif %} |
||||
{% if tcib_entrypoint | length > 0 %} |
||||
buildah config --entrypoint {{ tcib_entrypoint | to_json }} ${CONTAINER} |
||||
{% endif %} |
||||
{% if tcib_cmd | length > 0 %} |
||||
buildah config --cmd {{ tcib_cmd | to_json }} ${CONTAINER} |
||||
{% endif %} |
||||
{% for item in tcib_adds %} |
||||
buildah add ${CONTAINER} {{ item }} |
||||
{% endfor %} |
||||
{% for item in tcib_copies %} |
||||
buildah copy ${CONTAINER} {{ item }} |
||||
{% endfor %} |
||||
{% for item in tcib_runs %} |
||||
{% if item is iterable and item is not string %} |
||||
buildah run ${CONTAINER} {{ item | join(' ') }} |
||||
{% else %} |
||||
buildah run ${CONTAINER} {{ item }} |
||||
{% endif %} |
||||
{% endfor %} |
||||
{% for item in tcib_actions %} |
||||
{% for key, value in item.items() %} |
||||
{% if key.lower() in verb_matrix.keys() %} |
||||
buildah config --{{ verb_matrix[key.lower()] | to_json }} ${CONTAINER} |
||||
{% else %} |
||||
{% if value is iterable and value is not string %} |
||||
buildah {{ key.lower() }} ${CONTAINER} {{ value | join(' ') }} |
||||
{% else %} |
||||
buildah {{ key.lower() }} ${CONTAINER} {{ value }} |
||||
{% endif %} |
||||
{% endif %} |
||||
{% endfor %} |
||||
{% endfor %} |
||||
{% if tcib_user | length > 0 %} |
||||
buildah config --user {{ tcib_user }} ${CONTAINER} |
||||
{% endif %} |
||||
buildah commit ${CONTAINER} {{ tcib_path | basename }} |
||||
buildah unmount ${CONTAINER} |
Loading…
Reference in new issue