Use a tempfile for the modified Dockerfile

When using modify_image.yml directly with a multiple image prepare,
the Dockerfile.modified can be overwritten multiple times in a race
which causes the wrong images to be built.

This change uses a tempfile for the modified Dockerfile, avoiding this
issue.

yum_update.yml and rpm_install.yml is not affected by this because
they write out the Dockerfile to a temp directory for each image.

Change-Id: I374f76650ef0b0211d92435d66fdead2b7730b21
This commit is contained in:
Steve Baker 2018-11-13 17:20:03 +13:00
parent 97b54c3f7e
commit 970708dd00
1 changed files with 11 additions and 5 deletions

View File

@ -13,25 +13,31 @@
modified_append_tag: "{{ lookup('pipe','date +-modified-%Y%m%d%H%M%S') }}"
when: modified_append_tag is undefined
- name: Copy Dockerfile to Dockerfile.modified
- name: Create Dockerfile tempfile name
tempfile:
path: "{{ modify_dir_path }}"
prefix: Dockerfile.
register: dockerfile
- name: Copy Dockerfile to {{ dockerfile.path }}
copy:
src: "{{ modify_dir_path }}/Dockerfile"
dest: "{{ modify_dir_path }}/Dockerfile.modified"
dest: "{{ dockerfile.path }}"
- name: Replace FROM directive
lineinfile:
path: "{{ modify_dir_path }}/Dockerfile.modified"
path: "{{ dockerfile.path }}"
regexp: "^FROM "
line: "FROM {{ source_image }}"
- name: Add LABEL modified_append_tag={{ modified_append_tag }}
lineinfile:
path: "{{ modify_dir_path }}/Dockerfile.modified"
path: "{{ dockerfile.path }}"
insertafter: "^FROM "
line: "LABEL modified_append_tag={{ modified_append_tag }}"
- name: Modify image from {{ modify_dir_path }}
command: "{{ build_commands[container_build_tool] }} --tag {{ target_image | default(source_image) }}{{ modified_append_tag }} --file Dockerfile.modified --network host ./"
command: "{{ build_commands[container_build_tool] }} --tag {{ target_image | default(source_image) }}{{ modified_append_tag }} --file {{ dockerfile.path }} --network host ./"
#FIXME: buildah should not required root commands to build an image
become: "{{ true if build_commands[container_build_tool] == 'buildah' else false }}"
args: