From 225cd5ec2edc7683d377712b2e577eaa4a006e9c Mon Sep 17 00:00:00 2001
From: Yuxiang Zhu <yuxzhu@redhat.com>
Date: Oct 25 2018 09:57:14 +0000
Subject: CI/CD: Install build dependencies at runtime


Following https://pagure.io/waiverdb/pull-request/249.

When you add more build dependencies to waiverdb.spec in a PR,
the RPM build test will fail because they are not present in the
Jenkins slave image. This PR adds the ability to install build
dependencies at runtime.

---

diff --git a/openshift/containers/jenkins-slave/Dockerfile b/openshift/containers/jenkins-slave/Dockerfile
index 8df3a7a..c8630e8 100644
--- a/openshift/containers/jenkins-slave/Dockerfile
+++ b/openshift/containers/jenkins-slave/Dockerfile
@@ -10,7 +10,7 @@ USER root
 ARG TINI_VERSION=0.18.0
 
 RUN dnf -y install 'dnf-command(builddep)' dnf-utils git mock-core-configs tar gzip skopeo \
-    wget postgresql make rpmdevtools rpmlint \
+    sudo wget postgresql make rpmdevtools rpmlint \
     python3-flake8 python3-pylint python3-pytest \
     python3-sphinx python3-sphinxcontrib-httpdomain \
     origin-clients \
@@ -23,6 +23,9 @@ RUN dnf -y install 'dnf-command(builddep)' dnf-utils git mock-core-configs tar g
   # clean up
   && dnf clean all
 
+# Allow OpenShift assigned user to use sudo
+RUN echo '%root   ALL=(ALL)       NOPASSWD: ALL' > /etc/sudoers.d/root-group
+
 # install build dependencies for WaiverDB
 COPY waiverdb.spec /usr/local/src/waiverdb/waiverdb.spec
 RUN cd /usr/local/src/waiverdb \
@@ -30,5 +33,7 @@ RUN cd /usr/local/src/waiverdb \
   && dnf clean all \
   && cd / && rm -rf /usr/local/src/waiverdb
 WORKDIR /var/lib/jenkins/
-ENTRYPOINT ["/usr/local/bin/tini", "--", "jenkins-slave"]
+# Install entrypoint.sh
+COPY openshift/containers/jenkins-slave/entrypoint.sh /entrypoint.sh
+ENTRYPOINT ["/usr/local/bin/tini", "--", "/entrypoint.sh", "jenkins-slave"]
 USER 1000
diff --git a/openshift/containers/jenkins-slave/entrypoint.sh b/openshift/containers/jenkins-slave/entrypoint.sh
new file mode 100755
index 0000000..c2cb419
--- /dev/null
+++ b/openshift/containers/jenkins-slave/entrypoint.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+# Dynamically associate a username to OpenShift assigned UIDs.
+# See: https://docs.openshift.org/latest/creating_images/guidelines.html#openshift-origin-specific-guidelines
+
+export USER_ID=$(id -u)
+export GROUP_ID=$(id -g)
+
+# Skip for root user
+if [ x"$USER_ID" != x"0" ]; then
+    echo "jenkins:x:${USER_ID}:${GROUP_ID}:jenkins:${HOME}:/bin/bash" >> /etc/passwd
+fi
+
+exec "$@"
diff --git a/openshift/pipelines/templates/waiverdb-dev.Jenkinsfile b/openshift/pipelines/templates/waiverdb-dev.Jenkinsfile
index d079f1f..10fc8ea 100644
--- a/openshift/pipelines/templates/waiverdb-dev.Jenkinsfile
+++ b/openshift/pipelines/templates/waiverdb-dev.Jenkinsfile
@@ -94,6 +94,8 @@ pipeline {
           env.TEMP_TAG = env.WAIVERDB_CONTAINER_VERSION + '-jenkins-' + currentBuild.id
         }
         sh 'cp conf/settings.py.example conf/settings.py'
+        // install build dependencies
+        sh 'dnf -y builddep waiverdb.spec'
       }
     }
     stage('Run checks') {