2014-11-20 18:48:51 +00:00
|
|
|
# vim:ft=dockerfile
|
2014-12-18 16:53:10 +00:00
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
FROM phusion/baseimage:0.10.0
|
2014-05-16 22:31:24 +00:00
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
ENV DEBIAN_FRONTEND noninteractive
|
|
|
|
ENV HOME /root
|
|
|
|
ENV QUAYDIR /quay-registry
|
|
|
|
ENV QUAYCONF /quay-registry/conf
|
|
|
|
ENV QUAYPATH "."
|
2017-12-19 22:13:37 +00:00
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
RUN mkdir $QUAYDIR
|
2017-02-01 23:17:25 +00:00
|
|
|
WORKDIR $QUAYDIR
|
2016-05-26 21:28:57 +00:00
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
# This is so we don't break http golang/go#17066
|
|
|
|
# When Ubuntu has nginx >= 1.11.0 we can switch back.
|
2018-07-13 18:53:53 +00:00
|
|
|
ENV NGINX_GPGKEY 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
|
|
|
|
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 \
|
|
|
|
--keyserver-options timeout=10 --recv-keys "${NGINX_GPGKEY}"
|
|
|
|
|
|
|
|
RUN add-apt-repository --enable-source \
|
|
|
|
"deb http://nginx.org/packages/ubuntu/ xenial nginx"
|
2014-05-22 16:13:41 +00:00
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
# Add Yarn repository until it is officially added to Ubuntu
|
|
|
|
RUN curl -fsSL https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
|
2018-07-13 18:53:53 +00:00
|
|
|
&& add-apt-repository "deb https://dl.yarnpkg.com/debian/ stable main"
|
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
RUN curl -fsSL https://deb.nodesource.com/setup_8.x | bash -
|
2018-07-13 18:53:53 +00:00
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
# Install system packages
|
|
|
|
RUN apt-get update && apt-get upgrade -y \
|
|
|
|
&& apt-get install -y \
|
|
|
|
dnsmasq \
|
|
|
|
g++ \
|
|
|
|
gdb \
|
|
|
|
gdebi-core \
|
|
|
|
git \
|
|
|
|
jpegoptim \
|
|
|
|
libevent-2.0.5 \
|
|
|
|
libevent-dev \
|
|
|
|
libffi-dev \
|
|
|
|
libfreetype6-dev \
|
|
|
|
libgpgme11 \
|
|
|
|
libgpgme11-dev \
|
|
|
|
libjpeg62 \
|
|
|
|
libjpeg62-dev \
|
|
|
|
libjpeg8 \
|
|
|
|
libldap-2.4-2 \
|
|
|
|
libldap2-dev \
|
|
|
|
libmagic1 \
|
|
|
|
libpq-dev \
|
|
|
|
libpq5 \
|
|
|
|
libsasl2-dev \
|
|
|
|
libsasl2-modules \
|
|
|
|
memcached \
|
|
|
|
monit \
|
|
|
|
nginx \
|
|
|
|
nodejs \
|
|
|
|
optipng \
|
|
|
|
openssl \
|
|
|
|
python-dbg \
|
|
|
|
python-dev \
|
|
|
|
python-pip \
|
|
|
|
python-virtualenv \
|
|
|
|
yarn=0.22.0-1 \
|
2018-07-13 18:53:53 +00:00
|
|
|
w3m # 13JUL2018
|
|
|
|
|
|
|
|
# Install nginx-module-vts
|
|
|
|
COPY scripts/build-nginx-vts.sh /tmp/build-nginx-vts.sh
|
|
|
|
RUN /tmp/build-nginx-vts.sh v0.1.18
|
2016-05-26 21:28:57 +00:00
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
# Install cfssl
|
|
|
|
RUN curl -fsSL -o /bin/cfssljson https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64 \
|
|
|
|
&& curl -fsSL -o /bin/cfssl https://pkg.cfssl.org/R1.2/cfssl_linux-amd64 \
|
|
|
|
&& chmod 0755 /bin/cfssl /bin/cfssljson
|
|
|
|
|
|
|
|
# Install jwtproxy
|
|
|
|
RUN curl -fsSL -o /usr/local/bin/jwtproxy https://github.com/coreos/jwtproxy/releases/download/v0.0.1/jwtproxy-linux-x64 \
|
|
|
|
&& chmod +x /usr/local/bin/jwtproxy
|
|
|
|
|
|
|
|
# Install prometheus-aggregator
|
|
|
|
RUN curl -fsSL -o /usr/local/bin/prometheus-aggregator https://github.com/coreos/prometheus-aggregator/releases/download/v0.0.1-alpha/prometheus-aggregator \
|
|
|
|
&& chmod +x /usr/local/bin/prometheus-aggregator
|
|
|
|
|
|
|
|
# Install python dependencies
|
|
|
|
COPY requirements.txt requirements-tests.txt ./
|
2017-07-11 14:34:46 +00:00
|
|
|
RUN virtualenv --distribute venv \
|
|
|
|
&& venv/bin/pip install -r requirements.txt \
|
|
|
|
&& venv/bin/pip install -r requirements-tests.txt \
|
|
|
|
&& venv/bin/pip freeze
|
2017-07-11 02:34:41 +00:00
|
|
|
|
2017-07-11 14:34:46 +00:00
|
|
|
# Install front-end dependencies
|
2018-05-07 22:34:01 +00:00
|
|
|
COPY static/ package.json tsconfig.json webpack.config.js tslint.json yarn.lock ./
|
2017-08-01 17:28:24 +00:00
|
|
|
RUN yarn install --ignore-engines
|
2017-07-11 02:34:41 +00:00
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
|
|
|
|
RUN mkdir -p /etc/my_init.d /etc/systlog-ng /usr/local/bin /etc/monit $QUAYDIR/static/fonts $QUAYDIR/static/ldn /usr/local/nginx/logs/
|
|
|
|
|
|
|
|
RUN rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache
|
|
|
|
VOLUME ["/var/log", "/datastorage", "/tmp"]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
RUN adduser memcached --disabled-login --system
|
|
|
|
|
|
|
|
WORKDIR $QUAYDIR
|
|
|
|
|
|
|
|
# Check python dependencies for the GPL
|
|
|
|
# Due to the following bug, pip results must be piped to a file before grepping:
|
|
|
|
# https://github.com/pypa/pip/pull/3304
|
|
|
|
RUN cat requirements.txt | grep -v "^-e" | awk -F'==' '{print $1}' | xargs venv/bin/pip --disable-pip-version-check show > pipinfo.txt && \
|
|
|
|
test -z "$(cat pipinfo.txt | grep GPL | grep -v LGPL)" && \
|
|
|
|
rm pipinfo.txt
|
|
|
|
|
2017-07-11 14:34:46 +00:00
|
|
|
# JS compile
|
2018-10-26 17:58:52 +00:00
|
|
|
COPY bill-of-materials.json bill-of-materials.json
|
2017-07-11 14:34:46 +00:00
|
|
|
COPY static static
|
|
|
|
RUN yarn build \
|
2017-08-01 17:28:24 +00:00
|
|
|
&& jpegoptim static/img/**/*.jpg \
|
|
|
|
&& optipng -clobber -quiet static/img/**/*.png
|
2017-07-11 02:34:41 +00:00
|
|
|
|
2018-06-05 17:43:01 +00:00
|
|
|
# Config app js compile
|
|
|
|
COPY config_app/ config_app/
|
|
|
|
RUN yarn build-config-app
|
|
|
|
|
2017-07-11 02:34:41 +00:00
|
|
|
COPY . .
|
2015-11-20 20:03:56 +00:00
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
RUN PYTHONPATH=$QUAYPATH venv/bin/python -m external_libraries
|
|
|
|
|
2017-09-27 21:14:04 +00:00
|
|
|
# Update local copy of AWS IP Ranges.
|
2018-05-07 22:34:01 +00:00
|
|
|
RUN curl -fsSL https://ip-ranges.amazonaws.com/ip-ranges.json -o util/ipresolver/aws-ip-ranges.json
|
2017-09-27 21:14:04 +00:00
|
|
|
|
2016-06-11 00:29:45 +00:00
|
|
|
# Set up the init system
|
2017-07-06 21:50:38 +00:00
|
|
|
RUN mkdir -p /etc/my_init.d /etc/systlog-ng /usr/local/bin /etc/monit static/fonts static/ldn /usr/local/nginx/logs/ \
|
|
|
|
&& cp $QUAYCONF/init/syslog-ng.conf /etc/syslog-ng/ \
|
|
|
|
&& cp $QUAYCONF/kill-buildmanager.sh /usr/local/bin/kill-buildmanager.sh \
|
|
|
|
&& cp $QUAYCONF/monitrc /etc/monit/monitrc \
|
|
|
|
&& chmod 0600 /etc/monit/monitrc \
|
|
|
|
&& cp $QUAYCONF/init/logrotate.conf /etc/logrotate.conf \
|
|
|
|
&& cp .git/HEAD GIT_HEAD \
|
|
|
|
&& rm -rf /etc/service/syslog-forwarder
|
2014-05-16 22:31:24 +00:00
|
|
|
|
2017-07-11 14:34:46 +00:00
|
|
|
RUN ln -s $QUAYCONF /conf
|
|
|
|
|
2017-02-23 20:34:58 +00:00
|
|
|
# Cleanup any NPM-related stuff.
|
2017-07-06 21:50:38 +00:00
|
|
|
# RUN apt-get remove -y --auto-remove python-dev g++ libjpeg62-dev libevent-dev libldap2-dev libsasl2-dev libpq-dev libffi-dev libgpgme11-dev nodejs jpegoptim optipng w3m \
|
|
|
|
# && apt-get autoremove -y \
|
|
|
|
# && apt-get clean
|
|
|
|
# && rm -rf /root/.npm /.npm /usr/local/lib/node_modules /usr/share/yarn/node_modules \
|
|
|
|
# /root/node_modules /node_modules /grunt
|
|
|
|
RUN PYTHONPATH=$QUAYPATH venv/bin/alembic heads | grep -E '^[0-9a-f]+ \(head\)$' > ALEMBIC_HEAD
|
2017-07-27 17:54:29 +00:00
|
|
|
|
2018-01-31 23:57:08 +00:00
|
|
|
RUN ./scripts/detect-config.sh
|
2018-01-31 23:56:50 +00:00
|
|
|
|
2018-05-07 22:34:01 +00:00
|
|
|
EXPOSE 443 8443 80
|
|
|
|
|
2018-06-13 17:26:45 +00:00
|
|
|
ENTRYPOINT ["/quay-registry/quay-entrypoint.sh"]
|