Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / 27971162b1d2667a03a98ac2965855306cdf69fe / . / Dockerfile
blob: 1cf987f2e12cb15f0d2598cccb4d804290780575 [file] [log] [blame]
Mohammed Naser682ba512024-04-03 13:56:18 -0400[diff] [blame]1FROM ubuntu:jammy-20240227 AS ubuntu
2LABEL org.opencontainers.image.source=https://github.com/vexxhost/atmosphere
3
4FROM ubuntu AS ubuntu-cloud-archive
5ADD --chmod=644 https://git.launchpad.net/ubuntu/+source/ubuntu-keyring/plain/keyrings/ubuntu-cloud-keyring.gpg /etc/apt/trusted.gpg.d/ubuntu-cloud-keyring.gpg
6ARG RELEASE
7RUN <<EOF bash -xe
8source /etc/os-release
9if [ "\${VERSION_CODENAME}" = "jammy" ]; then \
10 if [ "${RELEASE}" = "yoga" ]; then \
11 # NOTE: Yoga shipped with 22.04, so no need to add an extra repository.
12 echo "" > /etc/apt/sources.list.d/cloudarchive.list; \
13 elif [ "${RELEASE}" = "zed" ]; then \
14 echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/${RELEASE} main" > /etc/apt/sources.list.d/cloudarchive.list; \
15 elif [ "${RELEASE}" = "2023.1" ]; then \
16 echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/antelope main" > /etc/apt/sources.list.d/cloudarchive.list; \
17 elif [ "${RELEASE}" = "2023.2" ]; then \
18 echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/bobcat main" > /etc/apt/sources.list.d/cloudarchive.list; \
19 elif [ "${RELEASE}" = "master" ]; then \
20 echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/caracal main" > /etc/apt/sources.list.d/cloudarchive.list; \
21 else \
22 echo "${RELEASE} is not supported on \${VERSION_CODENAME}"; \
23 exit 1; \
24 fi; \
25else
26 echo "Unsupported release"; \
27 exit 1; \
28fi
29EOF
30
31FROM alpine/git AS requirements
32ARG BRANCH
33ADD https://opendev.org/openstack/requirements.git#${BRANCH} /src
34RUN <<EOF sh -xe
35sed -i 's/cryptography===36.0.2/cryptography===42.0.4/' /src/upper-constraints.txt
36sed -i 's/cryptography===40.0.2/cryptography===42.0.4/' /src/upper-constraints.txt
37sed -i 's/cryptography===41.0.7/cryptography===42.0.4/' /src/upper-constraints.txt
38sed -i 's/Django===3.2.18/Django===3.2.24/' /src/upper-constraints.txt
39sed -i 's/Flask===2.2.3/Flask===2.2.5/' /src/upper-constraints.txt
40sed -i 's/Jinja2===3.1.2/Jinja2===3.1.3/' /src/upper-constraints.txt
41sed -i 's/oauthlib===3.2.0/oauthlib===3.2.2/' /src/upper-constraints.txt
42sed -i 's/paramiko===2.11.0/paramiko===3.4.0/' /src/upper-constraints.txt
43sed -i 's/paramiko===3.1.0/paramiko===3.4.0/' /src/upper-constraints.txt
44sed -i 's/protobuf===4.21.5/protobuf===4.21.6/' /src/upper-constraints.txt
45sed -i 's/pyOpenSSL===22.0.0/pyOpenSSL===24.0.0/' /src/upper-constraints.txt
46sed -i 's/pyOpenSSL===23.1.1/pyOpenSSL===24.0.0/' /src/upper-constraints.txt
47sed -i 's/requests===2.28.1/requests===2.31.0/' /src/upper-constraints.txt
48sed -i 's/requests===2.28.2/requests===2.31.0/' /src/upper-constraints.txt
49sed -i 's/sqlparse===0.4.2/sqlparse===0.4.4/' /src/upper-constraints.txt
50sed -i 's/urllib3===1.26.12/urllib3===1.26.18/' /src/upper-constraints.txt
51sed -i 's/urllib3===1.26.15/urllib3===1.26.18/' /src/upper-constraints.txt
52sed -i 's/Werkzeug===2.2.2/Werkzeug===2.3.8/' /src/upper-constraints.txt
53sed -i 's/Werkzeug===2.2.3/Werkzeug===2.3.8/' /src/upper-constraints.txt
54sed -i 's/zstd===1.5.2.5/zstd===1.5.4.0/' /src/upper-constraints.txt
55sed -i '/glance-store/d' /src/upper-constraints.txt
56sed -i '/horizon/d' /src/upper-constraints.txt
57EOF
58
59FROM ubuntu-cloud-archive AS openstack-venv-builder
60RUN <<EOF bash -xe
61apt-get update -qq
62apt-get install -qq -y --no-install-recommends \
63 build-essential \
64 git \
65 libldap2-dev \
66 libpcre3-dev \
67 libsasl2-dev \
68 libssl-dev \
69 lsb-release \
70 openssh-client \
71 python3 \
72 python3-dev \
73 python3-pip \
74 python3-venv
75EOF
76RUN <<EOF bash -xe
77python3 -m venv --upgrade-deps --system-site-packages /var/lib/openstack
78EOF
79ENV PATH=/var/lib/openstack/bin:$PATH
80COPY --link --from=requirements /src/upper-constraints.txt /upper-constraints.txt
81RUN <<EOF bash -xe
82pip3 install \
83 --constraint /upper-constraints.txt \
84 cryptography \
85 pymysql \
86 python-binary-memcached \
87 python-memcached \
88 uwsgi
89EOF
90
91FROM ubuntu-cloud-archive AS openstack-runtime
92RUN <<EOF bash -xe
93apt-get update -qq
94apt-get install -qq -y --no-install-recommends \
95 ca-certificates \
96 libpython3.10 \
97 lsb-release \
98 python3-distutils \
99 sudo
100EOF
101ARG PROJECT
102ARG SHELL=/usr/sbin/nologin
103RUN \
104 groupadd -g 42424 ${PROJECT} && \
105 useradd -u 42424 -g 42424 -M -d /var/lib/${PROJECT} -s ${SHELL} -c "${PROJECT} User" ${PROJECT} && \
106 mkdir -p /etc/${PROJECT} /var/log/${PROJECT} /var/lib/${PROJECT} /var/cache/${PROJECT} && \
107 chown -Rv ${PROJECT}:${PROJECT} /etc/${PROJECT} /var/log/${PROJECT} /var/lib/${PROJECT} /var/cache/${PROJECT}
108ENV PATH=/var/lib/openstack/bin:$PATH
109
110FROM alpine/git AS barbican-src
111ARG BARBICAN_GIT_REF
112ADD --keep-git-dir=true https://opendev.org/openstack/barbican.git#${BARBICAN_GIT_REF} /src
113RUN git -C /src fetch --unshallow
114
115FROM openstack-venv-builder AS barbican-build
116COPY --from=barbican-src --link /src /src/barbican
117RUN <<EOF bash -xe
118pip3 install \
119 --constraint /upper-constraints.txt \
120 /src/barbican \
121 pykmip
122EOF
123
124FROM openstack-runtime AS barbican
125COPY --from=barbican-build --link /var/lib/openstack /var/lib/openstack