-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile.osbs
154 lines (123 loc) · 4.64 KB
/
Dockerfile.osbs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
FROM registry.redhat.io/ubi8:latest AS build-npm
COPY $REMOTE_SOURCE $REMOTE_SOURCE_DIR
WORKDIR $REMOTE_SOURCE_DIR/app
RUN INSTALL_PKGS="\
nodejs \
" && \
yum -y --setopt=tsflags=nodocs --setopt=skip_missing_names_on_install=False install $INSTALL_PKGS
RUN cd source/config-tool/pkg/lib/editor && \
npm config list && \
npm install --ignore-engines --loglevel verbose && \
npm run build
RUN cd source/quay && \
npm config list && \
npm install --ignore-engines --loglevel verbose && \
npm run build
FROM openshift/golang-builder:1.15 AS build-gomod
COPY --from=build-npm $REMOTE_SOURCE_DIR $REMOTE_SOURCE_DIR
WORKDIR $REMOTE_SOURCE_DIR/app
RUN source $CACHITO_ENV_FILE
COPY --from=build-npm $REMOTE_SOURCE_DIR/app/source/config-tool/pkg/lib/editor/static/build $REMOTE_SOURCE_DIR/app/source/config-tool/pkg/lib/editor/static/build
RUN cd source/config-tool && \
go mod vendor && \
go build ./cmd/config-tool
RUN cd source/jwtproxy && \
go build ./cmd/jwtproxy
RUN cd source/pushgateway && \
go mod vendor && \
go build
FROM registry.redhat.io/ubi8:latest
LABEL com.redhat.component="quay-registry-container"
LABEL name="quay/quay-rhel8"
LABEL version="v3.6.0"
LABEL io.k8s.display-name="Red Hat Quay"
LABEL io.k8s.description="Red Hat Quay"
LABEL summary="Red Hat Quay"
LABEL maintainer="[email protected]"
LABEL io.openshift.tags="quay"
ENV RED_HAT_QUAY=true
ENV PYTHON_VERSION=3.8 \
PYTHON_ROOT=/usr/local/lib/python3.8 \
PATH=$HOME/.local/bin/:$PATH \
PYTHONUNBUFFERED=1 \
PYTHONIOENCODING=UTF-8 \
LANG=en_US.utf8 \
PYTHONUSERBASE_SITE_PACKAGE=/usr/local/lib/python3.8/site-packages
ENV QUAYDIR=/quay-registry \
QUAYCONF=/quay-registry/conf \
QUAYPATH="."
RUN mkdir $QUAYDIR
WORKDIR $QUAYDIR
ARG PIP_CERT
COPY --from=build-npm $REMOTE_SOURCE_DIR $REMOTE_SOURCE_DIR
COPY --from=build-npm $PIP_CERT $PIP_CERT
RUN cp -Rp $REMOTE_SOURCE_DIR/app/source/quay/* $QUAYDIR
COPY --from=build-gomod $REMOTE_SOURCE_DIR/app/source/config-tool/config-tool /usr/local/bin/config-tool
COPY --from=build-gomod $REMOTE_SOURCE_DIR/app/source/jwtproxy/jwtproxy /usr/local/bin/jwtproxy
COPY --from=build-gomod $REMOTE_SOURCE_DIR/app/source/config-tool/pkg/lib/editor $QUAYDIR/config_app
COPY --from=build-gomod $REMOTE_SOURCE_DIR/app/source/pushgateway/pushgateway /usr/local/bin/pushgateway
RUN rm -Rf node_modules config_app/node_modules
RUN INSTALL_PKGS="\
python38 \
nginx \
openldap \
postgresql \
gcc-c++ git \
openldap-devel \
dnsmasq \
memcached \
openssl \
skopeo \
python38-devel \
libffi-devel \
openssl-devel \
postgresql-devel \
libjpeg-devel \
" && \
yum -y --setopt=tsflags=nodocs --setopt=skip_missing_names_on_install=False install $INSTALL_PKGS && \
yum -y update && \
yum -y clean all
RUN alternatives --set python /usr/bin/python3 && \
python -m pip install --no-cache-dir --upgrade setuptools pip && \
python -m pip install --no-cache-dir wheel && \
python -m pip install --no-cache-dir -r requirements-osbs.txt --no-cache && \
python -m pip freeze
RUN ln -s $QUAYCONF /conf && \
ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stdout /var/log/nginx/error.log && \
chmod -R a+rwx /var/log/nginx
# Cleanup
RUN UNINSTALL_PKGS="\
gcc-c++ git \
openldap-devel \
python38-devel \
libffi-devel \
openssl-devel \
postgresql-devel \
libjpeg-devel \
kernel-headers \
" && \
yum remove -y $UNINSTALL_PKGS && \
yum clean all && \
rm -rf /var/cache/yum /tmp/* /var/tmp/* /root/.cache && \
rm -rf $REMOTE_SOURCE_DIR
EXPOSE 8080 8443 7443
RUN chgrp -R 0 $QUAYDIR && \
chmod -R g=u $QUAYDIR
RUN mkdir /datastorage && chgrp 0 /datastorage && chmod g=u /datastorage && \
mkdir -p /var/log/nginx && chgrp 0 /var/log/nginx && chmod g=u /var/log/nginx && \
mkdir -p /conf/stack && chgrp 0 /conf/stack && chmod g=u /conf/stack && \
mkdir -p /tmp && chgrp 0 /tmp && chmod g=u /tmp && \
chmod g=u /etc/passwd
RUN chgrp 0 /var/log/nginx && \
chmod g=u /var/log/nginx && \
chgrp -R 0 /etc/pki/ca-trust/extracted && \
chmod -R g=u /etc/pki/ca-trust/extracted && \
chgrp -R 0 /etc/pki/ca-trust/source/anchors && \
chmod -R g=u /etc/pki/ca-trust/source/anchors && \
chgrp -R 0 /usr/local/lib/python3.8/site-packages/certifi && \
chmod -R g=u /usr/local/lib/python3.8/site-packages/certifi
VOLUME ["/var/log", "/datastorage", "/tmp", "/conf/stack"]
USER 1001
ENTRYPOINT ["dumb-init", "--", "/quay-registry/quay-entrypoint.sh"]
CMD ["registry"]