Skip to content

Instantly share code, notes, and snippets.

@samvarankashyap
Last active June 17, 2020 16:21
Show Gist options
  • Save samvarankashyap/3d4481078fabc763b93689c222fd5e30 to your computer and use it in GitHub Desktop.
Save samvarankashyap/3d4481078fabc763b93689c222fd5e30 to your computer and use it in GitHub Desktop.
Update ansible and linchpin versions
FROM localhost/centos7-agent:latest
# Override with 'docker build --build-arg linchpin_version=x.x.x'
#ARG openstacksdk_version=0.27.0
#ARG linchpin_version=1.7.6.2
ARG linchpin_version=2.0.1
ARG ansible_version=2.9.0
ARG kubernetes_version=6.0.0
ARG openshift_version=0.6.3
#ARG urllib3_version=1.23
# See https://bugs.openjdk.java.net/browse/JDK-8193521
# and https://stackoverflow.com/questions/10575342/what-would-cause-a-java-process-to-greatly-exceed-the-xmx-or-xss-limit
ENV MALLOC_ARENA_MAX 2
RUN yum-config-manager --disable rhel-fast-datapath
RUN yum-config-manager --disable rhel-server
RUN yum-config-manager --save --setopt=rhel-server-extras.skip_if_unavailable=true
RUN yum-config-manager --save --setopt=rhel-server-optional.skip_if_unavailable=true
RUN yum-config-manager --save --setopt=rhel-server-ose.skip_if_unavailable=true
RUN yum-config-manager --save --setopt=rhel-server-rhscl.skip_if_unavailable=true
# Setup RH-IT-Root-CA certificate for RedHat
RUN curl \
-L https://password.corp.redhat.com/RH-IT-Root-CA.crt \
-o /etc/pki/ca-trust/source/anchors/RH-IT-Root-CA.crt \
&& update-ca-trust extract \
# install RCM tools to get brew CLI
&& curl \
-L http://download.devel.redhat.com/rel-eng/RCMTOOLS/rcm-tools-rhel-7-workstation.repo \
-o /etc/yum.repos.d/rcm-tools-rhel-7-workstation.repo \
# Install packages
&& yum install -y epel-release \
&& yum install -y \
koji brewkoji brewkoji-stage \
skopeo \
gcc \
jq \
ruby \
python3 \
# python-devel \
python3-devel \
# python-pip \
python3-pip \
nmap-ncat \
openldap-clients \
krb5-workstation \
file \
libffi-devel \
&& yum clean all \
# Install PyPI packages
&& pip3 install --upgrade wheel setuptools \
&& pip3 install \
ansible=="${ansible_version}" \
linchpin=="${linchpin_version}" \
kubernetes=="${kubernetes_version}" \
openshift=="${openshift_version}" \
# Install PyPI packages
# && pip install --upgrade wheel setuptools==44.0.0 \
# && pip install \
# openstacksdk=="${openstacksdk_version}" \
# GitPython==2.1.11 \
# ansible=="${ansible_version}" \
# linchpin=="${linchpin_version}" \
# kubernetes=="${kubernetes_version}" \
# openshift=="${openshift_version}" \
# gitdb2==2.0.6 \
# tinydb==3.15.2 \
# urllib3=="${urllib3_version}" \
# older versions of jenkins-slave-base-rhel7-container had write permissions
# for group but it was removed due to CVE-2019-19351
&& chmod 664 /etc/passwd
COPY ocp_s390x_applications.crt ocp_s390x_kube_api.crt /etc/pki/ca-trust/source/anchors/
RUN update-ca-trust extract
COPY redhat_com /etc/krb5.conf.d/
# this is a required patch for python2.7.x machines
# to run os_server module inside ansible
# RUN pip install --upgrade decorator
## Copy run to /tmp/bin/run
## It can be used as an entrypoint/command
## in a containerTemplate.
## We make use of it when using this image
## as the ansible-executor
#
## This is needed for 2 reasons:
## 1. It creates the required entry in /etc/passwd for
## the user running the container. Ansible requires it.
## e.x. KeyError: 'getpwuid(): uid not found: 1000260000'
## 2. It simply starts a blocking call to keep the container running
## so commands can be injected via the Jenkins Kubernetes plugin and 'sh'
##
COPY bin/ /tmp/bin/
ansible==2.9.0
apache-libcloud==3.1.0
appdirs==1.4.4
boto==2.49.0
boto3==1.14.4
botocore==1.17.4
cachetools==4.1.0
Cerberus==1.3.2
certifi==2020.4.5.2
cffi==1.14.0
chardet==3.0.4
click==7.1.2
configparser==5.0.0
cryptography==2.9.2
decorator==4.4.2
dictdiffer==0.8.1
docutils==0.15.2
dogpile.cache==0.9.0
future==0.18.2
gitdb==4.0.5
gitdb2==3.0.3.post1
GitPython==3.0.9
google-auth==1.17.2
idna==2.9
ipaddress==1.0.23
iso8601==0.1.12
Jinja2==2.11.2
jmespath==0.10.0
jsonpatch==1.25
jsonpointer==2.0
keystoneauth1==4.0.0
kubernetes==6.0.0
linchpin==2.0.1
MarkupSafe==1.1.1
mock==4.0.2
munch==2.5.0
Naked==0.1.31
netifaces==0.10.9
oauthlib==3.1.0
openshift==0.6.3
openstacksdk==0.46.0
os-client-config==2.1.0
os-service-types==1.7.0
pbr==5.4.5
pyasn1==0.4.8
pyasn1-modules==0.2.8
pycparser==2.20
pyOpenSSL==19.1.0
python-dateutil==2.8.1
python-string-utils==1.0.0
PyYAML==5.3.1
pyzmq==18.1.1
requests==2.23.0
requests-oauthlib==1.3.0
requestsexceptions==1.4.0
rsa==4.6
ruamel.yaml==0.16.10
ruamel.yaml.clib==0.2.0
s3transfer==0.3.3
shade==1.33.0
six==1.15.0
smmap==3.0.4
smmap2==2.0.5
stevedore==2.0.0
tinydb==4.1.1
tqdm==4.36.1
urllib3==1.24.3
websocket-client==0.57.0
yamlordereddictloader==0.4.0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment