copr / copr

Clone

#89 Dockerfile with less layers
Merged 6 years ago by clime. Opened 6 years ago by msuchy.
copr/ msuchy/copr layers  into  master

file modified
+96 -75 
@@ -2,45 +2,46 @@ 
 

  MAINTAINER clime@redhat.com
 

  

  # base packages
 

- RUN dnf -y update
 

- RUN dnf -y install dnf-plugins-core
 

- RUN dnf -y install htop
 

- RUN dnf -y install tito
 

- RUN dnf -y install wget
 

- RUN dnf -y install net-tools
 

- RUN dnf -y install iputils
 

- RUN dnf -y install vim
 

- RUN dnf -y install mlocate
 

- RUN dnf -y install git
 

- RUN dnf -y install sudo
 

- RUN dnf -y install openssh-server
 

- RUN dnf -y install supervisor
 

- RUN dnf -y install psmisc
 

- RUN dnf -y install nginx
 

- 

+ RUN dnf -y update && \
 

+     dnf -y install dnf-plugins-core \
 

+                    htop \
 

+                    tito \
 

+                    wget \
 

+                    net-tools \
 

+                    iputils \
 

+                    vim \
 

+                    mlocate \
 

+                    git \
 

+                    sudo \
 

+                    openssh-server \
 

+                    supervisor \
 

+                    psmisc \
 

+                    nginx \
 

  # builder packages
 

- RUN dnf -y install packagedb-cli
 

- RUN dnf -y install fedora-cert
 

- RUN dnf -y install mock
 

- RUN dnf -y install mock-lvm
 

- RUN dnf -y install createrepo
 

- RUN dnf -y install yum-utils
 

- RUN dnf -y install pyliblzma
 

- RUN dnf -y install rsync
 

- RUN dnf -y install openssh-clients
 

- RUN dnf -y install libselinux-python
 

- RUN dnf -y install libsemanage-python
 

- RUN dnf -y install rpm
 

- RUN dnf -y install glib2
 

- RUN dnf -y install ca-certificates
 

- RUN dnf -y install scl-utils-build
 

- RUN dnf -y install ethtool
 

- 

+                    packagedb-cli \
 

+                    fedora-cert \
 

+                    mock \
 

+                    mock-lvm \
 

+                    createrepo \
 

+                    yum-utils \
 

+                    pyliblzma \
 

+                    rsync \
 

+                    openssh-clients \
 

+                    libselinux-python \
 

+                    libsemanage-python \
 

+                    rpm \
 

+                    glib2 \
 

+                    ca-certificates \
 

+                    scl-utils-build \
 

+                    ethtool \
 

  # packages for copr-keygen
 

- RUN dnf -y install uwsgi
 

- RUN dnf -y install uwsgi-plugin-python
 

- RUN dnf -y install rng-tools # to get more entropy for generation of gpg keys
 

- RUN dnf -y install expect # for unbuffer package
 

+                    uwsgi \
 

+                    uwsgi-plugin-python \
 

+ # to get more entropy for generation of gpg keys
 

+                    rng-tools \
 

+ # for unbuffer package
 

+                    expect && \
 

+     dnf clean all
 

  

  # needed to be able to ping
 

  RUN setcap cap_net_raw,cap_net_admin+p /usr/bin/ping
 
@@ -49,22 +50,22 @@ 
 

  RUN ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -q
 

  

  # setup root user
 

- RUN echo 'root:passwd' | chpasswd
 

- RUN mkdir /root/.ssh &&  chmod 700 /root /root/.ssh
 

- RUN touch /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys
 

- RUN ssh-keygen -f /root/.ssh/id_rsa -N '' -q -C root@locahost
 

- RUN cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
 

+ RUN echo 'root:passwd' | chpasswd && \
 

+     mkdir /root/.ssh &&  chmod 700 /root /root/.ssh && \
 

+     touch /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys && \
 

+     ssh-keygen -f /root/.ssh/id_rsa -N '' -q -C root@locahost && \
 

+     cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
 

  

  # setup copr user
 

- RUN useradd copr
 

- RUN echo 'copr:passwd' | chpasswd
 

- RUN echo 'copr ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers
 

- RUN mkdir -p /home/copr/.ssh && chmod 700 /home/copr /home/copr/.ssh
 

- RUN ssh-keygen -f /home/copr/.ssh/id_rsa -N '' -q -C copr@locahost
 

- RUN touch /home/copr/.ssh/authorized_keys && chmod 600 /home/copr/.ssh/authorized_keys
 

- RUN cat /home/copr/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
 

- RUN cat /home/copr/.ssh/id_rsa.pub >> /home/copr/.ssh/authorized_keys
 

- RUN chown copr:copr -R /home/copr
 

+ RUN useradd copr && \
 

+     echo 'copr:passwd' | chpasswd && \
 

+     echo 'copr ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers && \
 

+     mkdir -p /home/copr/.ssh && chmod 700 /home/copr /home/copr/.ssh && \
 

+     ssh-keygen -f /home/copr/.ssh/id_rsa -N '' -q -C copr@locahost && \
 

+     touch /home/copr/.ssh/authorized_keys && chmod 600 /home/copr/.ssh/authorized_keys && \
 

+     cat /home/copr/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys && \
 

+     cat /home/copr/.ssh/id_rsa.pub >> /home/copr/.ssh/authorized_keys && \
 

+     chown copr:copr -R /home/copr
 

  

  # setup user for web access
 

  RUN useradd -r apache
 
@@ -73,28 +74,33 @@ 
 

  ARG RELEASETEST
 

  

  # enable appropriate copr repos
 

- RUN dnf -y copr enable @copr/copr
 

- RUN dnf -y copr enable @modularity/modulemd
 

- RUN if [ ! $RELEASETEST ]; then dnf -y copr enable @copr/copr-dev; fi
 

+ RUN dnf -y copr enable @copr/copr && \
 

+     dnf -y copr enable @modularity/modulemd && \
 

+     if [ ! $RELEASETEST ]; then dnf -y copr enable @copr/copr-dev; fi
 

  

  # additional builder packages from COPR repos
 

- RUN dnf -y install copr-rpmbuild
 

+ RUN dnf -y install copr-rpmbuild && dnf clean all
 

  

  # preinstall copr-keygen and its builddeps to utilize most of Docker cache
 

- RUN cd `mktemp -d` && dnf -y download --source copr-keygen && dnf -y builddep *.src.rpm --allowerasing
 

- RUN dnf -y install copr-keygen
 

+ RUN cd `mktemp -d` && dnf -y download --source copr-keygen && \
 

+     dnf -y builddep *.src.rpm --allowerasing && \
 

+     dnf -y install copr-keygen && \
 

+     dnf clean all
 

  

  # system setup for copr-keygen
 

- RUN mkdir /var/log/uwsgi
 

- RUN chown apache:apache /var/log/uwsgi
 

- RUN chmod 775 /var/log/uwsgi
 

- RUN chown apache:apache /var/run/uwsgi
 

- RUN chmod 775 /var/run/uwsgi
 

- RUN usermod copr-signer -G apache
 

+ RUN mkdir /var/log/uwsgi && \
 

+     chown apache:apache /var/log/uwsgi && \
 

+     chmod 775 /var/log/uwsgi && \
 

+     chown apache:apache /var/run/uwsgi && \
 

+     chmod 775 /var/run/uwsgi && \
 

+     usermod copr-signer -G apache
 

  

  # preinstall backend and its builddeps to utilize most of Docker cache
 

- RUN cd `mktemp -d` && dnf -y download --source copr-backend && dnf -y builddep *.src.rpm --allowerasing
 

- RUN dnf -y install copr-backend
 

+ RUN cd `mktemp -d` && \
 

+     dnf -y download --source copr-backend && \
 

+     dnf -y builddep *.src.rpm --allowerasing && \
 

+     dnf -y install copr-backend && \
 

+     dnf clean all
 

  

  # system setup for copr-backend
 

  RUN usermod -a -G mock copr
 
@@ -103,23 +109,38 @@ 
 

  COPY . /copr
 

  

  # build copr-backend from sources
 

- RUN dnf -y builddep /copr/backend/copr-backend.spec --allowerasing # fix for python-requests package (the cmd is failing python2-requests is already installed)
 

- RUN cd /copr/backend && export LANG=en_US.UTF-8 && if [ ! $RELEASETEST ]; then tito build --test --rpm; else tito build --rpm; fi
 

+ # fix for python-requests package (the cmd is failing python2-requests is already installed)
 

+ RUN dnf -y builddep /copr/backend/copr-backend.spec --allowerasing && \
 

+     cd /copr/backend && \
 

+     export LANG=en_US.UTF-8 && \
 

+     if [ ! $RELEASETEST ]; then \
 

+         tito build --test --rpm; \
 

+     else \
 

+         tito build --rpm; \
 

+     fi && \
 

  # upgrade the already pre-installed package if possible
 

- RUN dnf -y upgrade /tmp/tito/noarch/copr-backend*.noarch.rpm || true
 

- 

+     dnf -y upgrade /tmp/tito/noarch/copr-backend*.noarch.rpm || true && \
 

  # build copr-keygen from sources
 

- RUN dnf -y builddep /copr/keygen/copr-keygen.spec --allowerasing
 

- RUN cd /copr/keygen && export LANG=en_US.UTF-8 && if [ ! $RELEASETEST ]; then tito build --test --rpm; else tito build --rpm; fi
 

+     dnf -y builddep /copr/keygen/copr-keygen.spec --allowerasing && \
 

+     cd /copr/keygen && \
 

+     export LANG=en_US.UTF-8 && \
 

+     if [ ! $RELEASETEST ]; then \
 

+         tito build --test --rpm; \
 

+     else \
 

+         tito build --rpm; \
 

+     fi && \
 

  # upgrade the already pre-installed package if possible
 

- RUN dnf -y upgrade /tmp/tito/noarch/copr-keygen*.noarch.rpm || true
 

+     dnf -y upgrade /tmp/tito/noarch/copr-keygen*.noarch.rpm || true && \
 

+     dnf clean all
 

  

  # copy filesystem setup and setup ownership and permissions
 

  COPY backend/docker/files/ /
 

- RUN chmod 700 /root && chmod 700 /home/copr && chown copr:copr /home/copr
 

- RUN chown copr-signer:apache /etc/uwsgi.d/copr-keygen.ini
 

+ RUN chmod 700 /root && \
 

+     chmod 700 /home/copr && \
 

+     chown copr:copr /home/copr && \
 

+     chown copr-signer:apache /etc/uwsgi.d/copr-keygen.ini && \
 

  # fix permissions on /var/log/copr-keygen/main.log which is
 

  # owned by root after copr-keygen installation tests are run
 

- RUN chown copr-signer:copr-signer /var/log/copr-keygen/main.log
 

+     chown copr-signer:copr-signer /var/log/copr-keygen/main.log
 

  

  CMD ["/bin/run.sh"]

file modified
+7 -8 
@@ -1,17 +1,16 @@ 
 

  FROM fedora:25
 

  MAINTAINER clime@redhat.com
 

  

- RUN dnf -y install tito
 

- RUN dnf -y install pyp2rpm
 

- RUN dnf -y install rubygem-gem2rpm
 

- RUN dnf -y install mock mock-scm
 

- 

- # tito's GitAnnexBuilder needs '/bin/which' (rhbz#1450950)
 

- RUN dnf -y install git-annex which
 

+ RUN dnf -y install tito \
 

+                    pyp2rpm \
 

+                    rubygem-gem2rpm \
 

+                    mock mock-scm \
 

+                    git-annex which
 

  

  # ensure all possible locales are installed
 

  RUN truncate /etc/rpm/macros.image-language-conf --size=0
 

- RUN dnf -y reinstall glibc-all-langpacks || dnf -y install glibc-all-langpacks --best
 

+ RUN dnf -y reinstall glibc-all-langpacks || dnf -y install glibc-all-langpacks --best \
clime commented 6 years ago

Here should be perhaps be && \ to connect to next line properly.

 
+     dnf clean all
 

  

  ENV LANG en_US.UTF-8

This make less layers, therefore the image is smaller and faster.

Thanks.

Here should be perhaps be && \ to connect to next line properly.

Pull-Request has been merged by clime
6 years ago
Metadata
None
No Tags
Changes Summary 2
+96 -75
file changed
backend/docker/Dockerfile
+7 -8
file changed
dist-git/dist_git/docker/Dockerfile
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.