Mohammed Naser | 682ba51 | 2024-04-03 13:56:18 -0400 | [diff] [blame] | 1 | FROM ubuntu:jammy-20240227 AS ubuntu |
| 2 | LABEL org.opencontainers.image.source=https://github.com/vexxhost/atmosphere |
| 3 | |
| 4 | FROM ubuntu AS ubuntu-cloud-archive |
| 5 | ADD --chmod=644 https://git.launchpad.net/ubuntu/+source/ubuntu-keyring/plain/keyrings/ubuntu-cloud-keyring.gpg /etc/apt/trusted.gpg.d/ubuntu-cloud-keyring.gpg |
| 6 | ARG RELEASE |
| 7 | RUN <<EOF bash -xe |
| 8 | source /etc/os-release |
| 9 | if [ "\${VERSION_CODENAME}" = "jammy" ]; then \ |
| 10 | if [ "${RELEASE}" = "yoga" ]; then \ |
| 11 | # NOTE: Yoga shipped with 22.04, so no need to add an extra repository. |
| 12 | echo "" > /etc/apt/sources.list.d/cloudarchive.list; \ |
| 13 | elif [ "${RELEASE}" = "zed" ]; then \ |
| 14 | echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/${RELEASE} main" > /etc/apt/sources.list.d/cloudarchive.list; \ |
| 15 | elif [ "${RELEASE}" = "2023.1" ]; then \ |
| 16 | echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/antelope main" > /etc/apt/sources.list.d/cloudarchive.list; \ |
| 17 | elif [ "${RELEASE}" = "2023.2" ]; then \ |
| 18 | echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/bobcat main" > /etc/apt/sources.list.d/cloudarchive.list; \ |
| 19 | elif [ "${RELEASE}" = "master" ]; then \ |
| 20 | echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/caracal main" > /etc/apt/sources.list.d/cloudarchive.list; \ |
| 21 | else \ |
| 22 | echo "${RELEASE} is not supported on \${VERSION_CODENAME}"; \ |
| 23 | exit 1; \ |
| 24 | fi; \ |
| 25 | else |
| 26 | echo "Unsupported release"; \ |
| 27 | exit 1; \ |
| 28 | fi |
| 29 | EOF |
| 30 | |
| 31 | FROM alpine/git AS requirements |
| 32 | ARG BRANCH |
| 33 | ADD https://opendev.org/openstack/requirements.git#${BRANCH} /src |
| 34 | RUN <<EOF sh -xe |
| 35 | sed -i 's/cryptography===36.0.2/cryptography===42.0.4/' /src/upper-constraints.txt |
| 36 | sed -i 's/cryptography===40.0.2/cryptography===42.0.4/' /src/upper-constraints.txt |
| 37 | sed -i 's/cryptography===41.0.7/cryptography===42.0.4/' /src/upper-constraints.txt |
| 38 | sed -i 's/Django===3.2.18/Django===3.2.24/' /src/upper-constraints.txt |
| 39 | sed -i 's/Flask===2.2.3/Flask===2.2.5/' /src/upper-constraints.txt |
| 40 | sed -i 's/Jinja2===3.1.2/Jinja2===3.1.3/' /src/upper-constraints.txt |
| 41 | sed -i 's/oauthlib===3.2.0/oauthlib===3.2.2/' /src/upper-constraints.txt |
| 42 | sed -i 's/paramiko===2.11.0/paramiko===3.4.0/' /src/upper-constraints.txt |
| 43 | sed -i 's/paramiko===3.1.0/paramiko===3.4.0/' /src/upper-constraints.txt |
| 44 | sed -i 's/protobuf===4.21.5/protobuf===4.21.6/' /src/upper-constraints.txt |
| 45 | sed -i 's/pyOpenSSL===22.0.0/pyOpenSSL===24.0.0/' /src/upper-constraints.txt |
| 46 | sed -i 's/pyOpenSSL===23.1.1/pyOpenSSL===24.0.0/' /src/upper-constraints.txt |
| 47 | sed -i 's/requests===2.28.1/requests===2.31.0/' /src/upper-constraints.txt |
| 48 | sed -i 's/requests===2.28.2/requests===2.31.0/' /src/upper-constraints.txt |
| 49 | sed -i 's/sqlparse===0.4.2/sqlparse===0.4.4/' /src/upper-constraints.txt |
| 50 | sed -i 's/urllib3===1.26.12/urllib3===1.26.18/' /src/upper-constraints.txt |
| 51 | sed -i 's/urllib3===1.26.15/urllib3===1.26.18/' /src/upper-constraints.txt |
| 52 | sed -i 's/Werkzeug===2.2.2/Werkzeug===2.3.8/' /src/upper-constraints.txt |
| 53 | sed -i 's/Werkzeug===2.2.3/Werkzeug===2.3.8/' /src/upper-constraints.txt |
| 54 | sed -i 's/zstd===1.5.2.5/zstd===1.5.4.0/' /src/upper-constraints.txt |
| 55 | sed -i '/glance-store/d' /src/upper-constraints.txt |
| 56 | sed -i '/horizon/d' /src/upper-constraints.txt |
| 57 | EOF |
| 58 | |
| 59 | FROM ubuntu-cloud-archive AS openstack-venv-builder |
| 60 | RUN <<EOF bash -xe |
| 61 | apt-get update -qq |
| 62 | apt-get install -qq -y --no-install-recommends \ |
| 63 | build-essential \ |
| 64 | git \ |
| 65 | libldap2-dev \ |
| 66 | libpcre3-dev \ |
| 67 | libsasl2-dev \ |
| 68 | libssl-dev \ |
| 69 | lsb-release \ |
| 70 | openssh-client \ |
| 71 | python3 \ |
| 72 | python3-dev \ |
| 73 | python3-pip \ |
| 74 | python3-venv |
| 75 | EOF |
| 76 | RUN <<EOF bash -xe |
| 77 | python3 -m venv --upgrade-deps --system-site-packages /var/lib/openstack |
| 78 | EOF |
| 79 | ENV PATH=/var/lib/openstack/bin:$PATH |
| 80 | COPY --link --from=requirements /src/upper-constraints.txt /upper-constraints.txt |
| 81 | RUN <<EOF bash -xe |
| 82 | pip3 install \ |
| 83 | --constraint /upper-constraints.txt \ |
| 84 | cryptography \ |
| 85 | pymysql \ |
| 86 | python-binary-memcached \ |
| 87 | python-memcached \ |
| 88 | uwsgi |
| 89 | EOF |
| 90 | |
| 91 | FROM ubuntu-cloud-archive AS openstack-runtime |
| 92 | RUN <<EOF bash -xe |
| 93 | apt-get update -qq |
| 94 | apt-get install -qq -y --no-install-recommends \ |
| 95 | ca-certificates \ |
| 96 | libpython3.10 \ |
| 97 | lsb-release \ |
| 98 | python3-distutils \ |
| 99 | sudo |
| 100 | EOF |
| 101 | ARG PROJECT |
| 102 | ARG SHELL=/usr/sbin/nologin |
| 103 | RUN \ |
| 104 | groupadd -g 42424 ${PROJECT} && \ |
| 105 | useradd -u 42424 -g 42424 -M -d /var/lib/${PROJECT} -s ${SHELL} -c "${PROJECT} User" ${PROJECT} && \ |
| 106 | mkdir -p /etc/${PROJECT} /var/log/${PROJECT} /var/lib/${PROJECT} /var/cache/${PROJECT} && \ |
| 107 | chown -Rv ${PROJECT}:${PROJECT} /etc/${PROJECT} /var/log/${PROJECT} /var/lib/${PROJECT} /var/cache/${PROJECT} |
| 108 | ENV PATH=/var/lib/openstack/bin:$PATH |
| 109 | |
| 110 | FROM alpine/git AS barbican-src |
| 111 | ARG BARBICAN_GIT_REF |
| 112 | ADD --keep-git-dir=true https://opendev.org/openstack/barbican.git#${BARBICAN_GIT_REF} /src |
| 113 | RUN git -C /src fetch --unshallow |
| 114 | |
| 115 | FROM openstack-venv-builder AS barbican-build |
| 116 | COPY --from=barbican-src --link /src /src/barbican |
| 117 | RUN <<EOF bash -xe |
| 118 | pip3 install \ |
| 119 | --constraint /upper-constraints.txt \ |
| 120 | /src/barbican \ |
| 121 | pykmip |
| 122 | EOF |
| 123 | |
| 124 | FROM openstack-runtime AS barbican |
| 125 | COPY --from=barbican-build --link /var/lib/openstack /var/lib/openstack |