Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / ad382732396b9b189b5e49da91e707de2c18ab58 / . / Dockerfile
blob: 9c8e06b7d7940e50d71f4f4406e6ae986c3d535a [file] [log] [blame]
Mohammed Naser682ba512024-04-03 13:56:18 -0400[diff] [blame]1FROM ubuntu:jammy-20240227 AS ubuntu
2LABEL org.opencontainers.image.source=https://github.com/vexxhost/atmosphere
3
Mohammed Naseree1ff232024-04-05 13:52:18 -0400[diff] [blame]4FROM ubuntu AS helm
5ARG TARGETOS
6ARG TARGETARCH
7ARG HELM_VERSION=3.14.0
8ADD https://get.helm.sh/helm-v${HELM_VERSION}-${TARGETOS}-${TARGETARCH}.tar.gz /helm.tar.gz
9RUN tar -xzf /helm.tar.gz
10RUN mv /${TARGETOS}-${TARGETARCH}/helm /usr/bin/helm
11
Mohammed Naser682ba512024-04-03 13:56:18 -0400[diff] [blame]12FROM ubuntu AS ubuntu-cloud-archive
13ADD --chmod=644 https://git.launchpad.net/ubuntu/+source/ubuntu-keyring/plain/keyrings/ubuntu-cloud-keyring.gpg /etc/apt/trusted.gpg.d/ubuntu-cloud-keyring.gpg
14ARG RELEASE
15RUN <<EOF bash -xe
16source /etc/os-release
17if [ "\${VERSION_CODENAME}" = "jammy" ]; then \
18 if [ "${RELEASE}" = "yoga" ]; then \
19 # NOTE: Yoga shipped with 22.04, so no need to add an extra repository.
20 echo "" > /etc/apt/sources.list.d/cloudarchive.list; \
21 elif [ "${RELEASE}" = "zed" ]; then \
22 echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/${RELEASE} main" > /etc/apt/sources.list.d/cloudarchive.list; \
23 elif [ "${RELEASE}" = "2023.1" ]; then \
24 echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/antelope main" > /etc/apt/sources.list.d/cloudarchive.list; \
25 elif [ "${RELEASE}" = "2023.2" ]; then \
26 echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/bobcat main" > /etc/apt/sources.list.d/cloudarchive.list; \
27 elif [ "${RELEASE}" = "master" ]; then \
28 echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu \${VERSION_CODENAME}-updates/caracal main" > /etc/apt/sources.list.d/cloudarchive.list; \
29 else \
30 echo "${RELEASE} is not supported on \${VERSION_CODENAME}"; \
31 exit 1; \
32 fi; \
33else
34 echo "Unsupported release"; \
35 exit 1; \
36fi
37EOF
38
39FROM alpine/git AS requirements
40ARG BRANCH
41ADD https://opendev.org/openstack/requirements.git#${BRANCH} /src
42RUN <<EOF sh -xe
43sed -i 's/cryptography===36.0.2/cryptography===42.0.4/' /src/upper-constraints.txt
44sed -i 's/cryptography===40.0.2/cryptography===42.0.4/' /src/upper-constraints.txt
45sed -i 's/cryptography===41.0.7/cryptography===42.0.4/' /src/upper-constraints.txt
46sed -i 's/Django===3.2.18/Django===3.2.24/' /src/upper-constraints.txt
47sed -i 's/Flask===2.2.3/Flask===2.2.5/' /src/upper-constraints.txt
48sed -i 's/Jinja2===3.1.2/Jinja2===3.1.3/' /src/upper-constraints.txt
49sed -i 's/oauthlib===3.2.0/oauthlib===3.2.2/' /src/upper-constraints.txt
50sed -i 's/paramiko===2.11.0/paramiko===3.4.0/' /src/upper-constraints.txt
51sed -i 's/paramiko===3.1.0/paramiko===3.4.0/' /src/upper-constraints.txt
52sed -i 's/protobuf===4.21.5/protobuf===4.21.6/' /src/upper-constraints.txt
53sed -i 's/pyOpenSSL===22.0.0/pyOpenSSL===24.0.0/' /src/upper-constraints.txt
54sed -i 's/pyOpenSSL===23.1.1/pyOpenSSL===24.0.0/' /src/upper-constraints.txt
55sed -i 's/requests===2.28.1/requests===2.31.0/' /src/upper-constraints.txt
56sed -i 's/requests===2.28.2/requests===2.31.0/' /src/upper-constraints.txt
57sed -i 's/sqlparse===0.4.2/sqlparse===0.4.4/' /src/upper-constraints.txt
58sed -i 's/urllib3===1.26.12/urllib3===1.26.18/' /src/upper-constraints.txt
59sed -i 's/urllib3===1.26.15/urllib3===1.26.18/' /src/upper-constraints.txt
60sed -i 's/Werkzeug===2.2.2/Werkzeug===2.3.8/' /src/upper-constraints.txt
61sed -i 's/Werkzeug===2.2.3/Werkzeug===2.3.8/' /src/upper-constraints.txt
62sed -i 's/zstd===1.5.2.5/zstd===1.5.4.0/' /src/upper-constraints.txt
63sed -i '/glance-store/d' /src/upper-constraints.txt
64sed -i '/horizon/d' /src/upper-constraints.txt
65EOF
66
67FROM ubuntu-cloud-archive AS openstack-venv-builder
68RUN <<EOF bash -xe
69apt-get update -qq
70apt-get install -qq -y --no-install-recommends \
71 build-essential \
72 git \
73 libldap2-dev \
74 libpcre3-dev \
75 libsasl2-dev \
76 libssl-dev \
77 lsb-release \
78 openssh-client \
79 python3 \
80 python3-dev \
81 python3-pip \
82 python3-venv
83EOF
84RUN <<EOF bash -xe
85python3 -m venv --upgrade-deps --system-site-packages /var/lib/openstack
86EOF
87ENV PATH=/var/lib/openstack/bin:$PATH
88COPY --link --from=requirements /src/upper-constraints.txt /upper-constraints.txt
89RUN <<EOF bash -xe
90pip3 install \
91 --constraint /upper-constraints.txt \
92 cryptography \
93 pymysql \
94 python-binary-memcached \
95 python-memcached \
96 uwsgi
97EOF
98
99FROM ubuntu-cloud-archive AS openstack-runtime
100RUN <<EOF bash -xe
101apt-get update -qq
102apt-get install -qq -y --no-install-recommends \
103 ca-certificates \
104 libpython3.10 \
105 lsb-release \
106 python3-distutils \
107 sudo
108EOF
109ARG PROJECT
110ARG SHELL=/usr/sbin/nologin
111RUN \
112 groupadd -g 42424 ${PROJECT} && \
113 useradd -u 42424 -g 42424 -M -d /var/lib/${PROJECT} -s ${SHELL} -c "${PROJECT} User" ${PROJECT} && \
114 mkdir -p /etc/${PROJECT} /var/log/${PROJECT} /var/lib/${PROJECT} /var/cache/${PROJECT} && \
115 chown -Rv ${PROJECT}:${PROJECT} /etc/${PROJECT} /var/log/${PROJECT} /var/lib/${PROJECT} /var/cache/${PROJECT}
116ENV PATH=/var/lib/openstack/bin:$PATH
117
118FROM alpine/git AS barbican-src
119ARG BARBICAN_GIT_REF
120ADD --keep-git-dir=true https://opendev.org/openstack/barbican.git#${BARBICAN_GIT_REF} /src
121RUN git -C /src fetch --unshallow
122
123FROM openstack-venv-builder AS barbican-build
124COPY --from=barbican-src --link /src /src/barbican
125RUN <<EOF bash -xe
126pip3 install \
127 --constraint /upper-constraints.txt \
128 /src/barbican \
129 pykmip
130EOF
131
132FROM openstack-runtime AS barbican
133COPY --from=barbican-build --link /var/lib/openstack /var/lib/openstack
Mohammed Naseree1ff232024-04-05 13:52:18 -0400[diff] [blame]134
135FROM alpine/git AS magnum-src
136ARG MAGNUM_GIT_REF
137ADD --keep-git-dir=true https://opendev.org/openstack/magnum.git#${MAGNUM_GIT_REF} /src
138RUN git -C /src fetch --unshallow
139ARG RELEASE
140COPY patches/${RELEASE}/magnum /patches
141RUN if [ -n "$(ls -A /patches/*.patch)" ]; then git -C /src apply --verbose /patches/*; fi
142
143FROM openstack-venv-builder AS magnum-build
144COPY --from=magnum-src --link /src /src/magnum
145RUN <<EOF bash -xe
146pip3 install \
147 --constraint /upper-constraints.txt \
148 /src/magnum \
149 magnum-cluster-api==0.16.0
150EOF
151
152FROM openstack-runtime AS magnum
153RUN <<EOF bash -xe
154apt-get update -qq
155apt-get install -qq -y --no-install-recommends \
156 haproxy
157apt-get clean
158rm -rf /var/lib/apt/lists/*
159EOF
160COPY --from=helm --link /usr/bin/helm /usr/local/bin/helm
161COPY --from=magnum-build --link /var/lib/openstack /var/lib/openstack