| Mohammed Naser | da99423 | 2024-04-13 12:34:01 -0400 | [diff] [blame] | 1 | # Copyright (c) 2024 VEXXHOST, Inc. |
| 2 | # |
| 3 | # Licensed under the Apache License, Version 2.0 (the "License"); you may |
| 4 | # not use this file except in compliance with the License. You may obtain |
| 5 | # a copy of the License at |
| 6 | # |
| 7 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | # |
| 9 | # Unless required by applicable law or agreed to in writing, software |
| 10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| 11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
| 12 | # License for the specific language governing permissions and limitations |
| 13 | # under the License. |
| 14 | |
| Mohammed Naser | d30f18d | 2024-04-17 01:20:43 -0400 | [diff] [blame] | 15 | ARG RELEASE |
| 16 | |
| 17 | FROM registry.atmosphere.dev/library/openstack-venv-builder:${RELEASE} AS build |
| Mohammed Naser | 5d4d441 | 2024-05-24 19:36:35 +0200 | [diff] [blame^] | 18 | ARG KEYSTONE_GIT_REF=084eeec60b259f2852002881cdb171a3f20584d4 |
| Mohammed Naser | da99423 | 2024-04-13 12:34:01 -0400 | [diff] [blame] | 19 | ADD --keep-git-dir=true https://opendev.org/openstack/keystone.git#${KEYSTONE_GIT_REF} /src/keystone |
| 20 | RUN git -C /src/keystone fetch --unshallow |
| Mohammed Naser | 5d4d441 | 2024-05-24 19:36:35 +0200 | [diff] [blame^] | 21 | COPY patches/keystone /patches/keystone |
| 22 | RUN git -C /src/keystone apply --verbose /patches/keystone/* |
| Mohammed Naser | da99423 | 2024-04-13 12:34:01 -0400 | [diff] [blame] | 23 | RUN --mount=type=cache,mode=0755,target=/root/.cache/pip,sharing=private <<EOF bash -xe |
| 24 | pip3 install \ |
| 25 | --constraint /upper-constraints.txt \ |
| 26 | /src/keystone[ldap] \ |
| 27 | keystone-keycloak-backend==0.1.8 |
| 28 | EOF |
| 29 | |
| Mohammed Naser | d30f18d | 2024-04-17 01:20:43 -0400 | [diff] [blame] | 30 | FROM registry.atmosphere.dev/library/openstack-python-runtime:${RELEASE} |
| Mohammed Naser | da99423 | 2024-04-13 12:34:01 -0400 | [diff] [blame] | 31 | RUN <<EOF bash -xe |
| 32 | apt-get update -qq |
| 33 | apt-get install -qq -y --no-install-recommends \ |
| 34 | apache2 libapache2-mod-wsgi-py3 |
| 35 | apt-get clean |
| 36 | rm -rf /var/lib/apt/lists/* |
| 37 | EOF |
| 38 | ARG MOD_AUTH_OPENIDC_VERSION=2.4.12.1 |
| 39 | ARG TARGETARCH |
| 40 | RUN <<EOF bash -xe |
| 41 | apt-get update -qq |
| 42 | apt-get install -qq -y --no-install-recommends \ |
| 43 | curl |
| 44 | curl -LO https://github.com/OpenIDC/mod_auth_openidc/releases/download/v${MOD_AUTH_OPENIDC_VERSION}/libapache2-mod-auth-openidc_${MOD_AUTH_OPENIDC_VERSION}-1.$(lsb_release -sc)_${TARGETARCH}.deb |
| 45 | apt-get install -y --no-install-recommends ./libapache2-mod-auth-openidc_${MOD_AUTH_OPENIDC_VERSION}-1.$(lsb_release -sc)_${TARGETARCH}.deb |
| 46 | a2enmod auth_openidc |
| 47 | apt-get purge -y --auto-remove curl |
| 48 | apt-get clean |
| 49 | rm -rfv /var/lib/apt/lists/* libapache2-mod-auth-openidc_${MOD_AUTH_OPENIDC_VERSION}-1.$(lsb_release -sc)_${TARGETARCH}.deb |
| 50 | EOF |
| 51 | COPY --from=build --link /var/lib/openstack /var/lib/openstack |