task to yum update in the image

2018-05-02 16:51:16 +12:00 · 2018-05-02 16:51:16 +12:00 · cf858399d5
parent cad6e42217
commit cf858399d5
8 changed files with 161 additions and 13 deletions
--- a/README.md
+++ b/README.md
@ -4,7 +4,7 @@ A role to allow modification to container images built for the TripleO project.

 ## Role Variables ##

-**Variables used for modifying an image**
+**Variables used for modify image**

 | Name              | Default Value       | Description          |
 |-------------------|---------------------|----------------------|
@ -13,6 +13,15 @@ A role to allow modification to container images built for the TripleO project.
 | `modified_append_tag` | `None` | String to be appended after the tag to indicate this is a modified version of the source image. Defaults to the output of the command `date +-modified-%Y%m%d%H%M%S` |
 | `modified_image` | `{{source_image}}` | If set, the modified image will be tagged with this reference. If the purpose of the image is not changing, it may be enough to rely on `modified_append_tag` to identify that this is a modified version of the source image. `modified_append_tag` will still be appended to this reference. |

+**Variables used for yum update**
+
+| Name              | Default Value       | Description          |
+|-------------------|---------------------|----------------------|
+| `source_image` | `None` | See modify image variables |
+| `modified_append_tag` | `None` | See modify image variables |
+| `modified_image` | `{{source_image}}` | See modify image variables |
+| `yum_repos_dir_path` | `None` | Optional path of directory to be used as `/etc/yum.repos.d` during the update |
+| `compare_host_packages` | False | If True, skip yum update when package versions match host package versions |

 ## Requirements ##

@ -27,8 +36,11 @@ None

 ## Example Playbooks ##

-The following playbook will produce a modified image tagged with
-`latest-modified-<timestamp>`
+### Modify Image ###
+
+The following playbook will produce a modified image with the tag
+`:latest-modified-<timestamp>` based on the Dockerfile in the custom directory
+`/path/to/example_modify_dir`.

    - hosts: localhost
      tasks:
@ -56,6 +68,24 @@ the modification, for example:
    # switch the container back to the default user
    USER nova

+### Yum update ###
+
+The following playbook will produce a modified image with the tag
+`:latest-updated` which will do a yum update using the host's /etc/yum.repos.d.
+The yum update will only occur if there are differences between host and image
+package versions.
+
+    - hosts: localhost
+      tasks:
+      - name: include tripleo-modify-image
+        import_role:
+          name: tripleo-modify-image
+          tasks_from: yum_update.yml
+        vars:
+          source_image: docker.io/tripleomaster/centos-binary-nova-api:latest
+          compare_host_packages: true
+          yum_repos_dir_path: /etc/yum.repos.d
+          modified_append_tag: updated

 ## License ##

--- a/files/compare-package-json.py
+++ b/files/compare-package-json.py
@ -0,0 +1,20 @@
+#!/usr/bin/env python
+
+import json
+import subprocess
+import sys
+
+host_packages = json.load(sys.stdin)
+rpm_output = subprocess.check_output(
+    ['rpm', '-qa', '--qf', '%{NAME} %{VERSION}-%{RELEASE}\n']).split('\n')
+
+image_packages = dict(i.split(' ') for i in rpm_output if i)
+
+for pkg, version in image_packages.items():
+    host_version = host_packages.get(pkg)
+    if host_version and version != host_version:
+        print('%s-%s does not match host version %s' % (
+            pkg, version, host_version))
+        sys.exit(1)
+
+print('No package version differences found')
--- a/files/yum_update.sh
+++ b/files/yum_update.sh
@ -0,0 +1,13 @@
+#!/bin/sh
+
+set -ex
+
+if [ -f /tmp/host_packages.json ]; then
+    if /tmp/compare-package-json.py < /tmp/host_packages.json ; then
+        echo "Host package versions match, no update required"
+        exit
+    fi
+fi
+yum -y update
+yum clean all
+rm -rf /var/cache/yum
--- a/tasks/modify_image.yml
+++ b/tasks/modify_image.yml
@ -1,13 +1,13 @@
+- name: Set default facts
+  include_role:
+    name: tripleo-modify-image
+    tasks_from: set_defaults.yml
+
 - name: Copy Dockerfile to Dockerfile.modified
  copy:
    src: "{{ modify_dir_path }}/Dockerfile"
    dest: "{{ modify_dir_path }}/Dockerfile.modified"

- name: Set default modified_append_tag
-  set_fact:
-    modified_append_tag: "{{ lookup('pipe','date +-modified-%Y%m%d%H%M%S') }}"
-  when: modified_append_tag is undefined or modified_append_tag == None
-
 - name: Replace FROM directive
  lineinfile:
    path: "{{ modify_dir_path }}/Dockerfile.modified"
--- a/tasks/set_defaults.yml
+++ b/tasks/set_defaults.yml
@ -0,0 +1,9 @@
+- name: Set default modified_append_tag
+  set_fact:
+    modified_append_tag: "{{ lookup('pipe','date +-modified-%Y%m%d%H%M%S') }}"
+  when: modified_append_tag is undefined
+
+- name: Set default modified_image
+  set_fact:
+    modified_image: "{{source_image}}"
+  when: modified_image is undefined
--- a/tasks/yum_update.yml
+++ b/tasks/yum_update.yml
@ -0,0 +1,62 @@
+- name: Set default facts
+  include_role:
+    name: tripleo-modify-image
+    tasks_from: set_defaults.yml
+
+- name: Inspect image
+  docker_image_facts:
+    name: "{{ source_image }}"
+  register: source_image_facts
+
+- name: Set original_user
+  set_fact:
+    original_user: "{{ source_image_facts.images[0].Config.User }}"
+
+- name: Create image build context directory
+  tempfile:
+    state: directory
+    prefix: tripleo-modify-image
+  register: context_dir
+
+- name: Copy directory used for /etc/yum.repos.d
+  copy:
+    src: "{{ yum_repos_dir_path }}"
+    dest: "{{ context_dir.path }}/yum.repos.d"
+  when: yum_repos_dir_path is defined
+
+- name: Generate host package json file
+  block:
+
+  - command: |
+      rpm -qa --qf '"%{NAME}": "%{VERSION}-%{RELEASE}"\n'
+    register: rpm_query_output
+
+  - copy:
+      content: "{{ rpm_query_output.stdout | from_yaml | to_nice_json }}"
+      dest: "{{ context_dir.path }}/host_packages.json"
+    
+  when: compare_host_packages is defined and compare_host_packages
+
+- name: Write Dockerfile to {{ context_dir.path }}
+  template:
+    src: Dockerfile.j2
+    dest: "{{ context_dir.path }}/Dockerfile"
+
+- name: Write yum_update.sh
+  copy:
+    src: yum_update.sh
+    dest: "{{ context_dir.path }}/yum_update.sh"
+    mode: 0555
+
+- name: Write compare-package-json.py
+  copy:
+    src: compare-package-json.py
+    dest: "{{ context_dir.path }}/compare-package-json.py"
+    mode: 0555
+
+- name: Modify image
+  include_role:
+    name: tripleo-modify-image
+    tasks_from: modify_image.yml
+  vars:
+    modify_dir_path: "{{ context_dir.path }}"
--- a/templates/Dockerfile.j2
+++ b/templates/Dockerfile.j2
@ -1,2 +1,20 @@
 FROM {{ source_image }}
 LABEL modified_append_tag={{ modified_append_tag }}
+
+USER root
+
+COPY yum_update.sh /tmp/
+COPY compare-package-json.py /tmp/
+
+{% if yum_repos_dir_path is defined %}
+COPY yum.repos.d /etc/
+{% endif %}
+
+{% if compare_host_packages is defined %}
+COPY host_packages.json /tmp/
+{% endif %}
+
+RUN /tmp/yum_update.sh
+
+USER {{ original_user }}
+
--- a/vars/main.yml
+++ b/vars/main.yml
@ -1,5 +1 @@
-# Modify image
-source_image:
-modify_dir_path:
-modified_append_tag:
-modified_image: "{{ source_image }}"
+---