# FROM alpine:3.13 as BUILDER
#
# RUN wget https://github.com/ansible/ansible-runner/archive/refs/tags/1.4.7.tar.gz && \
# tar -xvf 1.4.7.tar.gz
#
# RUN apk add --no-cache py-pip build-base python3-dev linux-headers && \
# pip install virtualenvwrapper
# RUN cd ansible-runner-1.4.7 && virtualenv ansible-runner && pip install -e .
FROM quay.io/operator-framework/ansible-operator:v1.11.0 as BASE
FROM alpine:3.13
LABEL maintainer="litong01@us.ibm.com"
ENV PYTHONUNBUFFERED=1
RUN apk add --no-cache py-pip bash openssl py3-cryptography tini tar unzip && \
if [ ! -e /usr/bin/python ]; then ln -sf python3 /usr/bin/python ; fi && \
pip install ansible ansible-runner
RUN mkdir -p /etc/ansible \
&& echo "localhost ansible_connection=local" > /etc/ansible/hosts \
&& echo '[defaults]' > /etc/ansible/ansible.cfg \
&& echo 'roles_path = /opt/ansible/roles' >> /etc/ansible/ansible.cfg \
&& echo 'library = /usr/share/ansible/openshift' >> /etc/ansible/ansible.cfg
COPY --from=BASE /usr/local/bin/ansible-operator /usr/local/bin/ansible-operator
# COPY --from=BUILDER /usr/bin/ansible-runner /usr/local/bin/ansible-runner
ENV HOME=/opt/ansible \
USER_NAME=ansible \
USER_UID=1001
# Ensure directory permissions are properly set
RUN echo "${USER_NAME}:x:${USER_UID}:0:${USER_NAME} user:${HOME}:/sbin/nologin" >> /etc/passwd \
&& mkdir -p ${HOME}/.ansible/tmp \
&& chown -R ${USER_UID}:0 ${HOME} \
&& chmod -R ug+rwx ${HOME}
WORKDIR ${HOME}
USER ${USER_UID}
COPY requirements.yml ${HOME}/requirements.yml
RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \
&& chmod -R ug+rwx ${HOME}/.ansible \
&& mkdir -p ${HOME}/.ansible/plugins \
&& rm -rf /var/cache/apk/*
COPY watches.yaml ${HOME}/watches.yaml
COPY roles/ ${HOME}/roles/
COPY playbooks/ ${HOME}/playbooks/
COPY utilities/launcher/ ${HOME}/launcher/
COPY ansible.cfg ${HOME}/launcher/bin/
COPY utilities/downloader/ ${HOME}/downloader/
COPY plugins ${HOME}/.ansible/plugins
COPY ansible.cfg ${HOME}/.ansible.cfg
COPY test.yaml ${HOME}/test.yaml
ENTRYPOINT ["tini", "--", "/usr/local/bin/ansible-operator", "run", "--watches-file=./watches.yaml"]
No comments:
Post a Comment