Merge "Update Dockerfile to allow override of FROM variable"

2018-07-26 17:54:09 +00:00 · 2018-07-26 17:54:09 +00:00 · 401ebe627c
parent 7e5eac94e3 4b8e0220b0
commit 401ebe627c
7 changed files with 76 additions and 7 deletions
--- a/17
+++ b/17
@ -29,6 +29,8 @@ PROXY                      ?= http://proxy.foo.com:8000
 NO_PROXY                   ?= localhost,127.0.0.1,.svc.cluster.local
 USE_PROXY                  ?= false

+PYTHON_BASE_IMAGE          ?= python:3.5
+UBUNTU_BASE_IMAGE          ?= ubuntu:16.04

 IMAGE:=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/$(IMAGE_NAME):${IMAGE_TAG}
 IMAGE_DIR:=images/$(IMAGE_NAME)
@ -85,6 +87,7 @@ run:
 build_airflow:
 ifeq ($(USE_PROXY), true)
 	docker build --network host -t $(IMAGE) --label $(LABEL) -f $(IMAGE_DIR)/Dockerfile \
+		--build-arg FROM=$(UBUNTU_BASE_IMAGE) \
 		--build-arg http_proxy=$(PROXY) \
 		--build-arg https_proxy=$(PROXY) \
 		--build-arg HTTP_PROXY=$(PROXY) \
@ -93,7 +96,9 @@ ifeq ($(USE_PROXY), true)
 		--build-arg NO_PROXY=$(NO_PROXY) \
 		--build-arg ctx_base=$(BUILD_CTX) .
 else
-	docker build --network host -t $(IMAGE) --label $(LABEL) -f $(IMAGE_DIR)/Dockerfile --build-arg ctx_base=$(BUILD_CTX) .
+	docker build --network host -t $(IMAGE) --label $(LABEL) -f $(IMAGE_DIR)/Dockerfile \
+		--build-arg FROM=$(UBUNTU_BASE_IMAGE) \
+		--build-arg ctx_base=$(BUILD_CTX) .
 endif
 ifeq ($(PUSH_IMAGE), true)
 	docker push $(IMAGE)
@ -102,15 +107,19 @@ endif
 .PHONY: build_shipyard
 build_shipyard:
 ifeq ($(USE_PROXY), true)
-	docker build --network host -t $(IMAGE) --label $(LABEL) -f $(IMAGE_DIR)/Dockerfile --build-arg ctx_base=$(BUILD_CTX) \
+	docker build --network host -t $(IMAGE) --label $(LABEL) -f $(IMAGE_DIR)/Dockerfile \
+		--build-arg FROM=$(PYTHON_BASE_IMAGE) \
 		--build-arg http_proxy=$(PROXY) \
 		--build-arg https_proxy=$(PROXY) \
 		--build-arg HTTP_PROXY=$(PROXY) \
 		--build-arg HTTPS_PROXY=$(PROXY) \
 		--build-arg no_proxy=$(NO_PROXY) \
-		--build-arg NO_PROXY=$(NO_PROXY) .
+		--build-arg NO_PROXY=$(NO_PROXY) \
+		--build-arg ctx_base=$(BUILD_CTX) .
 else
-	docker build --network host -t $(IMAGE) --label $(LABEL) -f $(IMAGE_DIR)/Dockerfile --build-arg ctx_base=$(BUILD_CTX) .
+	docker build --network host -t $(IMAGE) --label $(LABEL) -f $(IMAGE_DIR)/Dockerfile \
+		--build-arg FROM=$(PYTHON_BASE_IMAGE) \
+		--build-arg ctx_base=$(BUILD_CTX) .
 endif
 ifeq ($(PUSH_IMAGE), true)
 	docker push $(IMAGE)
--- a/images/airflow/Dockerfile
+++ b/images/airflow/Dockerfile
@ -13,7 +13,8 @@
 # limitations under the License.

 # Docker image to run Airflow on Kubernetes
-FROM ubuntu:16.04
+ARG FROM=ubuntu:16.04
+FROM ${FROM}

 # Do not prompt user for choices on installation/configuration of packages
 # Set port 8080 for Airflow Web
--- a/images/shipyard/Dockerfile
+++ b/images/shipyard/Dockerfile
@ -12,7 +12,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-FROM python:3.5
+ARG FROM=python:3.5
+FROM ${FROM}

 ENV container docker
 ENV PORT 9000
--- a/tools/gate/playbooks/run-image.yaml
+++ b/tools/gate/playbooks/run-image.yaml
@ -15,6 +15,8 @@
 - hosts: all
  gather_facts: False
  become: yes
+  vars_files:
+    - vars.yaml
  roles:
    - build-images
  tags:
--- a/tools/gate/playbooks/vars.yaml
+++ b/tools/gate/playbooks/vars.yaml
@ -12,4 +12,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-null: null
+docker_daemon:
+  group: zuul
+  registry-mirrors:
+    - "http://{{ zuul_site_mirror_fqdn }}:8082/"
+  storage-driver: overlay2
--- a/tools/gate/roles/build-images/files/docker-systemd.conf
+++ b/tools/gate/roles/build-images/files/docker-systemd.conf
@ -0,0 +1,8 @@
+# NOTE(SamYaple): CentOS cannot be build with userns-remap enabled. httpd uses
+# cap_set_file capability and there is no way to pass that in at build as of
+# docker 17.06.
+# TODO(SamYaple): Periodically check to see if this is possible in newer
+# versions of Docker
+[Service]
+ExecStart=
+ExecStart=/usr/bin/dockerd
--- a/tools/gate/roles/build-images/tasks/airship-shipyard.yaml
+++ b/tools/gate/roles/build-images/tasks/airship-shipyard.yaml
@ -36,6 +36,50 @@
  debug:
    var: image_tags

+- name: Install Docker (Debian)
+  when: ansible_os_family == 'Debian'
+  block:
+    - file:
+        path: "{{ item }}"
+        state: directory
+      with_items:
+        - /etc/docker/
+        - /etc/systemd/system/docker.service.d/
+        - /var/lib/docker/
+    - mount:
+        path: /var/lib/docker/
+        src: tmpfs
+        fstype: tmpfs
+        opts: size=25g
+        state: mounted
+    - copy: "{{ item }}"
+      with_items:
+        - content: "{{ docker_daemon | to_json }}"
+          dest: /etc/docker/daemon.json
+        - src: files/docker-systemd.conf
+          dest: /etc/systemd/system/docker.service.d/
+    - apt_key:
+        url: https://download.docker.com/linux/ubuntu/gpg
+    - apt_repository:
+        repo: deb http://{{ zuul_site_mirror_fqdn }}/deb-docker xenial stable
+    - apt:
+        name: "{{ item }}"
+        allow_unauthenticated: True
+      with_items:
+        - docker-ce
+        - python-pip
+    - pip:
+        name: docker
+        version: 2.7.0
+    # NOTE(SamYaple): Allow all connections from containers to host so the
+    # containers can access the http server for git and wheels
+    - iptables:
+        action: insert
+        chain: INPUT
+        in_interface: docker0
+        jump: ACCEPT
+  become: True
+
 - name: Make images
  when: not publish
  block: