Created
June 27, 2019 17:21
-
-
Save fabianvf/d6079a437603ac33f84a1346088d5ac9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM openshift/origin-release:golang-1.11 AS builder | |
COPY . /go/src/github.com/operator-framework/operator-sdk | |
RUN cd /go/src/github.com/operator-framework/operator-sdk \ | |
&& make build/operator-sdk-dev-x86_64-linux-gnu VERSION=dev | |
FROM registry.access.redhat.com/ubi8/python-27 | |
USER 0 | |
RUN mkdir -p /etc/ansible \ | |
&& echo "localhost ansible_connection=local" > /etc/ansible/hosts \ | |
&& echo '[defaults]' > /etc/ansible/ansible.cfg \ | |
&& echo 'roles_path = /opt/ansible/roles' >> /etc/ansible/ansible.cfg \ | |
&& echo 'library = /usr/share/ansible/openshift' >> /etc/ansible/ansible.cfg | |
ENV OPERATOR=/usr/local/bin/ansible-operator \ | |
USER_UID=1001 \ | |
USER_NAME=ansible-operator\ | |
HOME=/opt/ansible | |
# Install python dependencies | |
RUN pip install --no-cache-dir ansible-runner ansible-runner-http openshift \ | |
&& yum remove -y python-devel gcc \ | |
&& yum clean all \ | |
&& rm -rf /var/cache/yum | |
COPY --from=builder /go/src/github.com/operator-framework/operator-sdk/build/operator-sdk-dev-x86_64-linux-gnu ${OPERATOR} | |
COPY --from=builder /go/src/github.com/operator-framework/operator-sdk/library/k8s_status.py /usr/share/ansible/openshift/ | |
# Ensure directory permissions are properly set | |
RUN mkdir -p ${HOME}/.ansible/tmp \ | |
&& chown -R ${USER_UID}:0 ${HOME} \ | |
&& chmod -R ug+rwx ${HOME} \ | |
&& chmod g+rw /etc/passwd | |
RUN printf '#!/bin/bash -e\n\ | |
if ! whoami &>/dev/null; then\n\ | |
if [ -w /etc/passwd ]; then\n\ | |
echo "${USER_NAME:-runner}:x:$(id -u):$(id -g):${USER_NAME:-runner} user:${HOME}:/sbin/nologin" >> /etc/passwd\n\ | |
fi\n\ | |
fi\n\ | |
exec ${OPERATOR} run ansible --watches-file=/opt/ansible/watches.yaml $@\n'\ | |
> /usr/local/bin/entrypoint \ | |
&& chmod +x /usr/local/bin/entrypoint | |
ENTRYPOINT ["init", "--", "${OPERATOR}", "run", "ansible", "--watches-file=/opt/ansible/watches.yaml", "$@"] | |
USER 1001 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment