From 8113c9c5e52c663d01f30faf85377fa94688eb21 Mon Sep 17 00:00:00 2001 From: rabi Date: Mon, 11 Nov 2024 07:56:43 +0530 Subject: [PATCH] Use ubi9 image for aee The current adt image is with fedora base image that installs packages using pip without constraints and prone to be broken with latest changes in packages. We also probably need a way to control what should be installed with pip and dnf when using ubi9. Signed-off-by: rabi --- Makefile | 2 +- openstack_ansibleee/Containerfile | 36 +++++++++++++++++++ openstack_ansibleee/Dockerfile | 23 ------------ .../ansibleee-requirements.yaml | 3 ++ openstack_ansibleee/requirements.txt | 4 +++ openstack_ansibleee/setup.sh | 24 +++++++++++++ 6 files changed, 68 insertions(+), 24 deletions(-) create mode 100644 openstack_ansibleee/Containerfile delete mode 100644 openstack_ansibleee/Dockerfile create mode 100644 openstack_ansibleee/ansibleee-requirements.yaml create mode 100644 openstack_ansibleee/requirements.txt create mode 100755 openstack_ansibleee/setup.sh diff --git a/Makefile b/Makefile index bce109122..c8675f200 100644 --- a/Makefile +++ b/Makefile @@ -41,7 +41,7 @@ execute_molecule: setup_test_environment ## Setup the test environment and execu .PHONY: openstack_ansibleee_build openstack_ansibleee_build: ## Build the openstack-ansibleee-runner image - podman build . -f openstack_ansibleee/Dockerfile -t ${IMG} + podman build --no-cache . -f openstack_ansibleee/Containerfile -t ${IMG} .PHONY: openstack_ansibleee_push openstack_ansibleee_push: ## Push the openstack-ansibleee-runner image diff --git a/openstack_ansibleee/Containerfile b/openstack_ansibleee/Containerfile new file mode 100644 index 000000000..d58e0f3e7 --- /dev/null +++ b/openstack_ansibleee/Containerfile @@ -0,0 +1,36 @@ +FROM registry.access.redhat.com/ubi9/ubi-minimal:latest as builder +ARG PYV=3.12 +ARG REMOTE_SOURCE=. +ARG REMOTE_SOURCE_DIR=/var/tmp/edpm-ansible + +COPY $REMOTE_SOURCE $REMOTE_SOURCE_DIR + +RUN $REMOTE_SOURCE_DIR/openstack_ansibleee/setup.sh + +RUN cd $REMOTE_SOURCE_DIR/openstack_ansibleee && \ + ansible-galaxy collection install -U --timeout 120 -r ansibleee-requirements.yaml --collections-path "/usr/share/ansible/collections" && \ + ansible-galaxy collection install -U --timeout 120 -r requirements.yaml --collections-path "/usr/share/ansible/collections" && \ + ansible-galaxy collection install -U $REMOTE_SOURCE_DIR --collections-path "/usr/share/ansible/collections" + + +FROM registry.access.redhat.com/ubi9/ubi-minimal:latest as runner + +ARG PYV=3.12 +ARG REMOTE_SOURCE=. +ARG REMOTE_SOURCE_DIR=/var/tmp/edpm-ansible + +COPY $REMOTE_SOURCE/openstack_ansibleee $REMOTE_SOURCE_DIR/openstack_ansibleee + +RUN $REMOTE_SOURCE_DIR/openstack_ansibleee/setup.sh + +COPY --from=builder /usr/share/ansible /usr/share/ansible +COPY $REMOTE_SOURCE/openstack_ansibleee/settings /runner/env/settings +COPY $REMOTE_SOURCE/openstack_ansibleee/edpm_entrypoint.sh /opt/builder/bin/edpm_entrypoint + +RUN sed '1d' /usr/local/lib/python${PYV}/site-packages/ansible_builder/_target_scripts/entrypoint >> /opt/builder/bin/edpm_entrypoint +RUN mkdir /runner/project && chmod -R 775 /runner && chmod +x /opt/builder/bin/edpm_entrypoint && chmod ug+rw /etc/passwd + +ENV EDPM_SYSTEMROLES='fedora.linux_system_roles' +WORKDIR /runner +LABEL ansible-execution-environment=true +ENTRYPOINT ["/opt/builder/bin/edpm_entrypoint", "dumb-init"] diff --git a/openstack_ansibleee/Dockerfile b/openstack_ansibleee/Dockerfile deleted file mode 100644 index 6a82ebde6..000000000 --- a/openstack_ansibleee/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -FROM ghcr.io/ansible/community-ansible-dev-tools:v24.10.0 as builder - -ARG REMOTE_SOURCE=. -ARG REMOTE_SOURCE_DIR=/var/tmp/edpm-ansible - -COPY $REMOTE_SOURCE $REMOTE_SOURCE_DIR -RUN cd $REMOTE_SOURCE_DIR && \ - ansible-galaxy collection install -U --timeout 120 -r requirements.yml --collections-path "/usr/share/ansible/collections" && \ - ansible-galaxy collection install -U $REMOTE_SOURCE_DIR --collections-path "/usr/share/ansible/collections" - -FROM ghcr.io/ansible/community-ansible-dev-tools:v24.10.0 as runner - -COPY --from=builder /usr/share/ansible /usr/share/ansible -COPY $REMOTE_SOURCE/openstack_ansibleee/settings /runner/env/settings -COPY $REMOTE_SOURCE/openstack_ansibleee/edpm_entrypoint.sh /opt/builder/bin/edpm_entrypoint - -RUN sed '1d' /opt/builder/bin/entrypoint >> /opt/builder/bin/edpm_entrypoint -RUN chmod 775 /runner/env/settings && chmod +x /opt/builder/bin/edpm_entrypoint && chmod ug+rw /etc/passwd - -ENV EDPM_SYSTEMROLES='fedora.linux_system_roles' -WORKDIR /runner -LABEL ansible-execution-environment=true -ENTRYPOINT ["/opt/builder/bin/edpm_entrypoint", "dumb-init"] diff --git a/openstack_ansibleee/ansibleee-requirements.yaml b/openstack_ansibleee/ansibleee-requirements.yaml new file mode 100644 index 000000000..a9c13c46c --- /dev/null +++ b/openstack_ansibleee/ansibleee-requirements.yaml @@ -0,0 +1,3 @@ +--- +collections: + - name: fedora.linux_system_roles diff --git a/openstack_ansibleee/requirements.txt b/openstack_ansibleee/requirements.txt new file mode 100644 index 000000000..f1a262c7d --- /dev/null +++ b/openstack_ansibleee/requirements.txt @@ -0,0 +1,4 @@ +ansible-core>=2.16.1 +ansible-runner>=2.4.0 +ansible-builder>=3.1.0 +dumb-init>=1.2.2 diff --git a/openstack_ansibleee/setup.sh b/openstack_ansibleee/setup.sh new file mode 100755 index 000000000..37f32a5b8 --- /dev/null +++ b/openstack_ansibleee/setup.sh @@ -0,0 +1,24 @@ +#!/bin/bash -e +set -eux pipefail + +microdnf -y makecache +microdnf install -y \ + gcc \ + libssh-devel \ + iputils \ + bind-utils \ + ncurses \ + openssh-clients \ + "python${PYV}" \ + "python${PYV}-cffi" \ + "python${PYV}-pip" \ + "python${PYV}-pyyaml" \ + "python${PYV}-wheel" \ + util-linux-user \ + which \ + rsync \ + zsh + +microdnf -y clean all + +"/usr/bin/python${PYV}" -m pip install --no-cache -r $REMOTE_SOURCE_DIR/openstack_ansibleee/requirements.txt