/
Dockerfile
132 lines (114 loc) · 4.85 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
FROM registry.access.redhat.com/ubi8/ubi
ENV PYTHONUNBUFFERED=0
ENV DJANGO_SETTINGS_MODULE=pulpcore.app.settings
ENV PULP_SETTINGS=/etc/pulp/settings.py
ENV _BUILDAH_STARTED_IN_USERNS=""
ENV BUILDAH_ISOLATION=chroot
ENV PULP_GUNICORN_TIMEOUT=${PULP_GUNICORN_TIMEOUT:-90}
ENV PULP_API_WORKERS=${PULP_API_WORKERS:-2}
ENV PULP_CONTENT_WORKERS=${PULP_CONTENT_WORKERS:-2}
ENV PULP_GUNICORN_RELOAD=${PULP_GUNICORN_RELOAD:-false}
ENV PULP_OTEL_ENABLED=${PULP_OTEL_ENABLED:-false}
ENV PULP_WORKERS=2
ENV PULP_HTTPS=false
ENV PULP_STATIC_ROOT=/var/lib/operator/static/
# Install updates & dnf plugins before disabling python36 to prevent errors
COPY images/repos.d/*.repo /etc/yum.repos.d/
RUN dnf -y install dnf-plugins-core && \
dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \
# dnf config-manager --set-enabled powertools && \
dnf -y update
# use python39
RUN dnf -y module disable python36
RUN dnf -y module enable python39
# lsof & procps-ng(`ps`) are needed for running pytests (unit/functional)
#
# glibc-langpack-en is needed to provide the en_US.UTF-8 locale, which Pulp
# seems to need.
#
# The last 5 lines (before clean) are needed until python3-createrepo_c gets an
# RPM upgrade to 0.16.2. Until then, we install & build it from PyPI.
#
# TODO: Investigate differences between `dnf builddep createrepo_c` vs the list
# of dependencies below. For example, drpm-devel.
RUN dnf -y install python39 python39-cryptography python39-devel && \
dnf -y install openssl openssl-devel && \
dnf -y install openldap-devel && \
dnf -y install wget git && \
dnf -y install lsof procps-ng && \
dnf -y install python3-psycopg2 && \
dnf -y install redhat-rpm-config gcc cargo libffi-devel && \
dnf -y install glibc-langpack-en && \
dnf -y install python3-libmodulemd && \
dnf -y install python3-libcomps && \
dnf -y install libpq-devel && \
dnf -y install python3-setuptools && \
dnf -y install swig && \
dnf -y install buildah --exclude container-selinux && \
dnf -y install xz && \
dnf -y install libmodulemd-devel && \
dnf -y install libcomps-devel && \
dnf -y install zchunk-devel && \
dnf -y install ninja-build && \
dnf -y install ostree-libs ostree --allowerasing --nobest && \
dnf -y install cairo-devel cmake gobject-introspection-devel cairo-gobject-devel && \
dnf -y install libcurl-devel libxml2-devel sqlite-devel file-devel && \
dnf -y install zstd
RUN dnf clean all
# Needed to prevent the wrong version of cryptography from being installed,
# which would break PyOpenSSL.
# Need to install optional dep, rhsm, for pulp-certguard
RUN pip3 install --upgrade pip setuptools wheel && \
rm -rf /root/.cache/pip && \
pip3 install \
rhsm \
setproctitle \
gunicorn \
python-nginx \
django-storages\[boto3,azure]\>=1.12.2 \
requests\[use_chardet_on_py3] \
importlib-metadata && \
rm -rf /root/.cache/pip
RUN pip3 install --upgrade \
pulpcore==3.52.0 \
pulp-rpm==3.25.2 \
pulp-gem==0.5.0 \
pulp-ostree==2.3.0 \
pulp-cli \
pulp-cli-gem \
sentry-sdk && \
rm -rf /root/.cache/pip
RUN sed 's|^#mount_program|mount_program|g' -i /etc/containers/storage.conf
RUN groupadd -g 700 --system pulp
RUN useradd -d /var/lib/pulp --system -u 700 -g pulp pulp
RUN usermod --add-subuids 100000-165535 --add-subgids 100000-165535 pulp
RUN mkdir -p /etc/pulp/certs \
/etc/ssl/pulp \
/var/lib/operator/static \
/var/lib/pgsql \
/var/lib/pulp/assets \
/var/lib/pulp/media \
/var/lib/pulp/scripts \
/var/lib/pulp/tmp
RUN chown pulp:pulp -R /var/lib/pulp \
/var/lib/operator/static
COPY images/assets/readyz.py /usr/bin/readyz.py
COPY images/assets/route_paths.py /usr/bin/route_paths.py
COPY images/assets/wait_on_postgres.py /usr/bin/wait_on_postgres.py
COPY images/assets/wait_on_database_migrations.sh /usr/bin/wait_on_database_migrations.sh
COPY images/assets/set_init_password.sh /usr/bin/set_init_password.sh
COPY images/assets/add_signing_service.sh /usr/bin/add_signing_service.sh
COPY images/assets/pulp-api /usr/bin/pulp-api
COPY images/assets/pulp-content /usr/bin/pulp-content
COPY images/assets/pulp-resource-manager /usr/bin/pulp-resource-manager
COPY images/assets/pulp-worker /usr/bin/pulp-worker
USER pulp:pulp
RUN PULP_STATIC_ROOT=/var/lib/operator/static/ PULP_CONTENT_ORIGIN=localhost \
/usr/local/bin/pulpcore-manager collectstatic --clear --noinput --link
USER root:root
RUN chmod 2775 /var/lib/pulp/{scripts,media,tmp,assets}
RUN chown :root /var/lib/pulp/{scripts,media,tmp,assets}
RUN dnf install -y patch && dnf clean all
COPY images/assets/otel-django.patch /tmp/otel-django.patch
RUN patch -p1 -d /usr/local/lib/python3.9/site-packages/ < /tmp/otel-django.patch || /bin/true
EXPOSE 80