Skip to content

Commit

Permalink
add entrypoint; change Dockerfile relative paths
Browse files Browse the repository at this point in the history
  • Loading branch information
juanvallejo committed Jul 12, 2017
1 parent 2bc1a2d commit fe203fb
Show file tree
Hide file tree
Showing 5 changed files with 47 additions and 23 deletions.
22 changes: 18 additions & 4 deletions images/installer/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -27,29 +27,39 @@ RUN yum install -y epel-release && yum clean all -y
RUN yum install -y --setopt=tsflags=nodocs python-pip python-devel && yum clean all -y
RUN pip install -Iv ansible==2.2.0.0

COPY ./bin /usr/bin
COPY ./bin/user_setup /tmp
COPY ./images/installer/bin /usr/bin
COPY ./images/installer/bin/user_setup /tmp

RUN mkdir -p /opt/app-root /opt/app-root/etc /opt/app-root/bin
RUN chmod -R ug+x /opt/app-root/bin /opt/app-root/etc /tmp/user_setup && \
/tmp/user_setup

# Add files for running as a system container
COPY ./system-container/root /
COPY ./images/installer/system-container/root /

# Create a symlink to /opt/app-root/src so that files under /usr/share/ansible are accessible.
# This is required since the system-container uses by default the playbook under
# /usr/share/ansible/openshift-ansible. With this change we won't need to keep two different
# configurations for the two images.
RUN mkdir -p /usr/share/ansible/ && ln -s /opt/app-root/src /usr/share/ansible/openshift-ansible

# Make home folder writable in order to let playbooks make changes
RUN chmod a+rwx -R /opt/app-root/src

RUN INSTALL_PKGS="skopeo openssl java-1.8.0-openjdk-headless httpd-tools" && \
yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
rpm -V $INSTALL_PKGS && \
yum clean all

USER ${USER_UID}

ENV APP_ROOT=/opt/app-root
ENV USER_NAME=default \
USER_UID=1000 \
APP_HOME=${APP_ROOT}/src \
HOME=${APP_ROOT}/src \
PATH=$PATH:${APP_ROOT}/bin

# The playbook to be run is specified via the PLAYBOOK_FILE env var.
# This sets a default of openshift_facts.yml as it's an informative playbook
# that can help test that everything is set properly (inventory, sshkeys)
Expand All @@ -61,9 +71,13 @@ ENV PLAYBOOK_FILE=playbooks/byo/openshift_facts.yml \
# /tmp/src (as per the source-to-image specs) so we import it there
ADD . /tmp/src

# Running the 'assemble' script provided by playbook2image will install
# Running the 'assemble' script will install
# dependencies specified in requirements.txt and install the 'oc' client
# as per the INSTALL_OC environment setting above
RUN /usr/bin/assemble

USER ${USER_UID}
WORKDIR ${APP_HOME}

ENTRYPOINT [ "/usr/bin/entrypoint" ]
CMD [ "/usr/bin/run" ]
3 changes: 1 addition & 2 deletions images/installer/Dockerfile.rhel7
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,6 @@ LABEL name="openshift3/ose-ansible" \

# Playbooks, roles and their dependencies are installed from packages.
# Unlike in Dockerfile, we don't invoke the 'assemble' script here
# because all content and dependencies (like 'oc') is already
# installed via yum.
USER root
RUN INSTALL_PKGS="atomic-openshift-utils atomic-openshift-clients python-boto skopeo openssl java-1.8.0-openjdk-headless httpd-tools" && \
yum repolist > /dev/null && \
Expand Down Expand Up @@ -69,4 +67,5 @@ ENV PLAYBOOK_FILE=playbooks/byo/openshift_facts.yml \

WORKDIR ${APP_HOME}

RUN sed "s@${USER_NAME}:x:${USER_UID}:0@${USER_NAME}:x:\${USER_ID}:\${GROUP_ID}@g" /etc/passwd > ${APP_ROOT}/etc/passwd.template
CMD [ "/usr/bin/run" ]
4 changes: 2 additions & 2 deletions images/installer/bin/assemble
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
#

if [[ "$1" == "-h" ]]; then
# If the 'playbook2image' assemble script is executed with '-h' flag,
# If the assemble script is executed with '-h' flag,
# print the usage.
exec /usr/bin/usage
fi
Expand Down Expand Up @@ -38,7 +38,7 @@ if [[ -v INSTALL_OC ]]; then
echo "---> Installing 'oc' binary..."
TMPDIR=$(mktemp -d)
cd ${TMPDIR}
OC_BINARY_URL=$(python -c "import requests;releases = requests.get('https://api.github.com/repos/openshift/origin/releases').json();print [s for s in [r for r in releases if not r['prerelease'] and '1.4' in r['name']][0]['assets'] if 'linux-64' in s['browser_download_url']][0]['browser_download_url']")
OC_BINARY_URL=$(python -c "import requests;releases = requests.get('https://api.github.com/repos/openshift/origin/releases?access_token=b9af3d7bf7706153d7a793af3ae2ddae2c4d9fa9').json();print [s for s in [r for r in releases if not r['prerelease'] and '1.4' in r['name']][0]['assets'] if 'linux-64' in s['browser_download_url']][0]['browser_download_url']")
curl -L ${OC_BINARY_URL} -o openshift-client.tar.gz
OC_PATH=`tar -tzf openshift-client.tar.gz |grep oc`
tar -xzf openshift-client.tar.gz ${OC_PATH}
Expand Down
24 changes: 24 additions & 0 deletions images/installer/bin/entrypoint
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
#!/bin/bash -e
#
# This file serves as the main entrypoint to the openshift-ansible image.
#
# For more information see the documentation:
# https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md


# Patch /etc/passwd file with the local user info.
# A user (name) must be defined in this file in order for
# the `ssh` command to work within the created container.

if [[ -z $USER ]];
then
USER=default
fi

# patch /etc/passwd with a username when running under a non-root user
# in order for some commands, like `ssh` to work properly.
if ! whoami &>/dev/null; then
echo "$USER:x:$(id -u):$(id -g):Default User:$HOME:/sbin/nologin" >> /etc/passwd
fi

exec "$@"
17 changes: 2 additions & 15 deletions images/installer/bin/run
Original file line number Diff line number Diff line change
@@ -1,23 +1,14 @@
#!/bin/bash -e
#
# This file serves as the main entrypoint to the openshift-ansible image.
# This file serves as the init command to the openshift-ansible image.
# Contains setup logic and runs a user-specified playbook via the
# $PLAYBOOK_FILE environment variable.
#
# For more information see the documentation:
# https://github.com/openshift/source-to-image/blob/master/docs/builder_image.md
#

# SOURCE and HOME DIRECTORY: /opt/app-root/src

USER_ID=$(id -u)
GROUP_ID=$(id -g)

# Patch /etc/passwd file with the local user info.
# A user (name) must be defined in this file in order for
# the `ssh` command to work within the created container.
sed "s@${USER_NAME}:x:\${USER_ID}:\${GROUP_ID}@${USER_NAME}:x:${USER_ID}:${GROUP_ID}@g" ${APP_ROOT}/etc/passwd.template > /etc/passwd

INVENTORY="$(mktemp)"
if [[ -v INVENTORY_FILE ]]; then
# If the pointed inventory has execute/search perms we can assume it
Expand All @@ -36,6 +27,7 @@ elif [[ -v DYNAMIC_SCRIPT_URL ]]; then
chmod 755 ${INVENTORY}
else
echo "One of INVENTORY_FILE, INVENTORY_URL or DYNAMIC_SCRIPT_URL must be provided"
exec /usr/bin/usage
exit 1
fi
INVENTORY_ARG="-i ${INVENTORY}"
Expand All @@ -54,9 +46,4 @@ WORK_DIR=${WORK_DIR:-${APP_HOME}}

cd ${WORK_DIR}

if [[ -z PLAYBOOK_FILE ]]; then
exec /usr/bin/usage
exit 0
fi

ansible-playbook ${INVENTORY_ARG} ${VAULT_PASS_ARG} ${OPTS} ${PLAYBOOK_FILE}

0 comments on commit fe203fb

Please sign in to comment.