Skip to content

Instantly share code, notes, and snippets.

@fabianvf
Created June 27, 2019 17:58
Show Gist options
  • Save fabianvf/e202686aab93786c7c3b91ff1ec93b0b to your computer and use it in GitHub Desktop.
Save fabianvf/e202686aab93786c7c3b91ff1ec93b0b to your computer and use it in GitHub Desktop.
FROM openshift/origin-release:golang-1.11 AS builder
WORKDIR /go/src/github.com/operator-framework/operator-sdk
COPY . .
RUN make build/operator-sdk-dev-x86_64-linux-gnu VERSION=dev
ENV GO111MODULE=on
RUN build/operator-sdk-dev-x86_64-linux-gnu new tmp \
--type=ansible \
--kind=Tmp \
--api-version=tmp.example.com/v1 \
&& cd tmp \
&& ../build/operator-sdk-dev-x86_64-linux-gnu migrate
FROM registry.access.redhat.com/ubi8/python-27
USER 0
RUN mkdir -p /etc/ansible \
&& echo "localhost ansible_connection=local" > /etc/ansible/hosts \
&& echo '[defaults]' > /etc/ansible/ansible.cfg \
&& echo 'roles_path = /opt/ansible/roles' >> /etc/ansible/ansible.cfg \
&& echo 'library = /usr/share/ansible/openshift' >> /etc/ansible/ansible.cfg
ENV OPERATOR=/usr/local/bin/ansible-operator \
USER_UID=1001 \
USER_NAME=ansible-operator\
HOME=/opt/ansible
# Install python dependencies
RUN pip install --no-cache-dir ansible-runner ansible-runner-http openshift \
&& yum remove -y python-devel gcc \
&& yum clean all \
&& rm -rf /var/cache/yum
COPY --from=builder /go/src/github.com/operator-framework/operator-sdk/build/operator-sdk-dev-x86_64-linux-gnu ${OPERATOR}
COPY --from=builder /go/src/github.com/operator-framework/operator-sdk/tmp/library/k8s_status.py /usr/share/ansible/openshift/
# Ensure directory permissions are properly set
RUN mkdir -p ${HOME}/.ansible/tmp \
&& chown -R ${USER_UID}:0 ${HOME} \
&& chmod -R ug+rwx ${HOME} \
&& chmod g+rw /etc/passwd
RUN printf '#!/bin/bash -e\n\
if ! whoami &>/dev/null; then\n\
if [ -w /etc/passwd ]; then\n\
echo "${USER_NAME:-runner}:x:$(id -u):$(id -g):${USER_NAME:-runner} user:${HOME}:/sbin/nologin" >> /etc/passwd\n\
fi\n\
fi\n\
exec ${OPERATOR} run ansible --watches-file=/opt/ansible/watches.yaml $@\n'\
> /usr/local/bin/entrypoint \
&& chmod +x /usr/local/bin/entrypoint
ENTRYPOINT ["init", "--", "${OPERATOR}", "run", "ansible", "--watches-file=/opt/ansible/watches.yaml", "$@"]
USER 1001
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment