fabianvf/Dockerfile.upstream

## Dockerfile.upstream
FROM openshift/origin-release:golang-1.11 AS builder

WORKDIR /go/src/github.com/operator-framework/operator-sdk

COPY . .

RUN make build/operator-sdk-dev-x86_64-linux-gnu VERSION=dev
ENV GO111MODULE=on
RUN build/operator-sdk-dev-x86_64-linux-gnu new tmp \
      --type=ansible \
      --kind=Tmp \
      --api-version=tmp.example.com/v1 \
 && cd tmp \
 && ../build/operator-sdk-dev-x86_64-linux-gnu migrate

FROM registry.access.redhat.com/ubi8/python-27

USER 0

RUN mkdir -p /etc/ansible \
    && echo "localhost ansible_connection=local" > /etc/ansible/hosts \
    && echo '[defaults]' > /etc/ansible/ansible.cfg \
    && echo 'roles_path = /opt/ansible/roles' >> /etc/ansible/ansible.cfg \
    && echo 'library = /usr/share/ansible/openshift' >> /etc/ansible/ansible.cfg

ENV OPERATOR=/usr/local/bin/ansible-operator \
    USER_UID=1001 \
    USER_NAME=ansible-operator\
    HOME=/opt/ansible

# Install python dependencies
RUN pip install --no-cache-dir ansible-runner ansible-runner-http openshift \
 && yum remove -y python-devel gcc \
 && yum clean all \
 && rm -rf /var/cache/yum

COPY --from=builder /go/src/github.com/operator-framework/operator-sdk/build/operator-sdk-dev-x86_64-linux-gnu ${OPERATOR}
COPY --from=builder /go/src/github.com/operator-framework/operator-sdk/tmp/library/k8s_status.py /usr/share/ansible/openshift/

# Ensure directory permissions are properly set
RUN mkdir -p ${HOME}/.ansible/tmp \
 && chown -R ${USER_UID}:0 ${HOME} \
 && chmod -R ug+rwx ${HOME} \
 && chmod g+rw /etc/passwd

RUN printf '#!/bin/bash -e\n\
if ! whoami &>/dev/null; then\n\
  if [ -w /etc/passwd ]; then\n\
    echo "${USER_NAME:-runner}:x:$(id -u):$(id -g):${USER_NAME:-runner} user:${HOME}:/sbin/nologin" >> /etc/passwd\n\
  fi\n\
fi\n\
exec ${OPERATOR} run ansible --watches-file=/opt/ansible/watches.yaml $@\n'\
> /usr/local/bin/entrypoint \
 && chmod +x /usr/local/bin/entrypoint

ENTRYPOINT ["init", "--", "${OPERATOR}", "run", "ansible", "--watches-file=/opt/ansible/watches.yaml", "$@"]

USER 1001
	FROM openshift/origin-release:golang-1.11 AS builder

	WORKDIR /go/src/github.com/operator-framework/operator-sdk

	COPY . .

	RUN make build/operator-sdk-dev-x86_64-linux-gnu VERSION=dev
	ENV GO111MODULE=on
	RUN build/operator-sdk-dev-x86_64-linux-gnu new tmp \
	--type=ansible \
	--kind=Tmp \
	--api-version=tmp.example.com/v1 \
	&& cd tmp \
	&& ../build/operator-sdk-dev-x86_64-linux-gnu migrate

	FROM registry.access.redhat.com/ubi8/python-27

	USER 0

	RUN mkdir -p /etc/ansible \
	&& echo "localhost ansible_connection=local" > /etc/ansible/hosts \
	&& echo '[defaults]' > /etc/ansible/ansible.cfg \
	&& echo 'roles_path = /opt/ansible/roles' >> /etc/ansible/ansible.cfg \
	&& echo 'library = /usr/share/ansible/openshift' >> /etc/ansible/ansible.cfg

	ENV OPERATOR=/usr/local/bin/ansible-operator \
	USER_UID=1001 \
	USER_NAME=ansible-operator\
	HOME=/opt/ansible

	# Install python dependencies
	RUN pip install --no-cache-dir ansible-runner ansible-runner-http openshift \
	&& yum remove -y python-devel gcc \
	&& yum clean all \
	&& rm -rf /var/cache/yum

	COPY --from=builder /go/src/github.com/operator-framework/operator-sdk/build/operator-sdk-dev-x86_64-linux-gnu ${OPERATOR}
	COPY --from=builder /go/src/github.com/operator-framework/operator-sdk/tmp/library/k8s_status.py /usr/share/ansible/openshift/

	# Ensure directory permissions are properly set
	RUN mkdir -p ${HOME}/.ansible/tmp \
	&& chown -R ${USER_UID}:0 ${HOME} \
	&& chmod -R ug+rwx ${HOME} \
	&& chmod g+rw /etc/passwd

	RUN printf '#!/bin/bash -e\n\
	if ! whoami &>/dev/null; then\n\
	if [ -w /etc/passwd ]; then\n\
	echo "${USER_NAME:-runner}:x:$(id -u):$(id -g):${USER_NAME:-runner} user:${HOME}:/sbin/nologin" >> /etc/passwd\n\
	fi\n\
	fi\n\
	exec ${OPERATOR} run ansible --watches-file=/opt/ansible/watches.yaml $@\n'\
	> /usr/local/bin/entrypoint \
	&& chmod +x /usr/local/bin/entrypoint

	ENTRYPOINT ["init", "--", "${OPERATOR}", "run", "ansible", "--watches-file=/opt/ansible/watches.yaml", "$@"]

	USER 1001