97 lines
2.8 KiB
Docker
97 lines
2.8 KiB
Docker
|
ARG EE_BASE_IMAGE="quay.io/centos/centos:stream9"
|
||
|
ARG PYCMD="/usr/bin/python3.12"
|
||
|
ARG PYPKG="python3.12"
|
||
|
ARG PKGMGR_PRESERVE_CACHE=""
|
||
|
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS=""
|
||
|
ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS=""
|
||
|
ARG ANSIBLE_INSTALL_REFS="ansible-core>=2.17.0 ansible-runner==2.4.0"
|
||
|
ARG PKGMGR="/usr/bin/dnf"
|
||
|
|
||
|
# Base build stage
|
||
|
FROM $EE_BASE_IMAGE as base
|
||
|
USER root
|
||
|
ENV PIP_BREAK_SYSTEM_PACKAGES=1
|
||
|
ARG EE_BASE_IMAGE
|
||
|
ARG PYCMD
|
||
|
ARG PYPKG
|
||
|
ARG PKGMGR_PRESERVE_CACHE
|
||
|
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS
|
||
|
ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS
|
||
|
ARG ANSIBLE_INSTALL_REFS
|
||
|
ARG PKGMGR
|
||
|
|
||
|
COPY _build/scripts/ /output/scripts/
|
||
|
COPY _build/scripts/entrypoint /opt/builder/bin/entrypoint
|
||
|
RUN $PKGMGR install $PYPKG -y ; if [ -z $PKGMGR_PRESERVE_CACHE ]; then $PKGMGR clean all; fi
|
||
|
RUN /output/scripts/pip_install $PYCMD
|
||
|
RUN $PYCMD -m pip install --no-cache-dir $ANSIBLE_INSTALL_REFS
|
||
|
|
||
|
# Galaxy build stage
|
||
|
FROM base as galaxy
|
||
|
ARG EE_BASE_IMAGE
|
||
|
ARG PYCMD
|
||
|
ARG PYPKG
|
||
|
ARG PKGMGR_PRESERVE_CACHE
|
||
|
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS
|
||
|
ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS
|
||
|
ARG ANSIBLE_INSTALL_REFS
|
||
|
ARG PKGMGR
|
||
|
|
||
|
RUN /output/scripts/check_galaxy
|
||
|
COPY _build /build
|
||
|
WORKDIR /build
|
||
|
|
||
|
RUN mkdir -p /usr/share/ansible
|
||
|
RUN ansible-galaxy role install $ANSIBLE_GALAXY_CLI_ROLE_OPTS -r requirements.yml --roles-path "/usr/share/ansible/roles"
|
||
|
RUN ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path "/usr/share/ansible/collections"
|
||
|
|
||
|
# Builder build stage
|
||
|
FROM base as builder
|
||
|
ENV PIP_BREAK_SYSTEM_PACKAGES=1
|
||
|
WORKDIR /build
|
||
|
ARG EE_BASE_IMAGE
|
||
|
ARG PYCMD
|
||
|
ARG PYPKG
|
||
|
ARG PKGMGR_PRESERVE_CACHE
|
||
|
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS
|
||
|
ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS
|
||
|
ARG ANSIBLE_INSTALL_REFS
|
||
|
ARG PKGMGR
|
||
|
|
||
|
RUN $PYCMD -m pip install --no-cache-dir bindep pyyaml packaging
|
||
|
|
||
|
COPY --from=galaxy /usr/share/ansible /usr/share/ansible
|
||
|
|
||
|
COPY _build/requirements.txt requirements.txt
|
||
|
COPY _build/bindep.txt bindep.txt
|
||
|
RUN $PYCMD /output/scripts/introspect.py introspect --user-pip=requirements.txt --user-bindep=bindep.txt --write-bindep=/tmp/src/bindep.txt --write-pip=/tmp/src/requirements.txt
|
||
|
RUN /output/scripts/assemble
|
||
|
|
||
|
# Final build stage
|
||
|
FROM base as final
|
||
|
ENV PIP_BREAK_SYSTEM_PACKAGES=1
|
||
|
ARG EE_BASE_IMAGE
|
||
|
ARG PYCMD
|
||
|
ARG PYPKG
|
||
|
ARG PKGMGR_PRESERVE_CACHE
|
||
|
ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS
|
||
|
ARG ANSIBLE_GALAXY_CLI_ROLE_OPTS
|
||
|
ARG ANSIBLE_INSTALL_REFS
|
||
|
ARG PKGMGR
|
||
|
|
||
|
RUN /output/scripts/check_ansible $PYCMD
|
||
|
|
||
|
COPY --from=galaxy /usr/share/ansible /usr/share/ansible
|
||
|
|
||
|
COPY --from=builder /output/ /output/
|
||
|
RUN /output/scripts/install-from-bindep && rm -rf /output/wheels
|
||
|
RUN chmod ug+rw /etc/passwd
|
||
|
RUN mkdir -p /runner && chgrp 0 /runner && chmod -R ug+rwx /runner
|
||
|
WORKDIR /runner
|
||
|
RUN $PYCMD -m pip install --no-cache-dir 'dumb-init==1.2.5'
|
||
|
RUN rm -rf /output
|
||
|
LABEL ansible-execution-environment=true
|
||
|
USER 1000
|
||
|
ENTRYPOINT ["/opt/builder/bin/entrypoint", "dumb-init"]
|
||
|
CMD ["bash"]
|