Merge "Update Dockerfile to allow override of FROM variable"

2018-07-27 17:02:11 +00:00 · 2018-07-27 17:02:11 +00:00 · 843d1a5010
parent f25b5b6593 4727df6b80
commit 843d1a5010
5 changed files with 70 additions and 19 deletions
--- a/35
+++ b/35
@ -12,18 +12,19 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-PEGLEG_BUILD_CTX ?= src/bin/pegleg
-IMAGE_NAME       ?= pegleg
-IMAGE_PREFIX     ?= attcomdev
-DOCKER_REGISTRY  ?= quay.io
-IMAGE_TAG        ?= latest
-HELM             ?= helm
-PROXY            ?= http://proxy.foo.com:8000
-NO_PROXY         ?= localhost,127.0.0.1,.svc.cluster.local
-USE_PROXY        ?= false
-PUSH_IMAGE       ?= false
-LABEL            ?= commit-id
-IMAGE            ?= $(DOCKER_REGISTRY)/$(IMAGE_PREFIX)/$(IMAGE_NAME):$(IMAGE_TAG)
+PEGLEG_BUILD_CTX  ?= src/bin/pegleg
+IMAGE_NAME        ?= pegleg
+IMAGE_PREFIX      ?= airshipit
+DOCKER_REGISTRY   ?= quay.io
+IMAGE_TAG         ?= latest
+HELM              ?= helm
+PROXY             ?= http://proxy.foo.com:8000
+NO_PROXY          ?= localhost,127.0.0.1,.svc.cluster.local
+USE_PROXY         ?= false
+PUSH_IMAGE        ?= false
+LABEL             ?= commit-id
+IMAGE             ?= $(DOCKER_REGISTRY)/$(IMAGE_PREFIX)/$(IMAGE_NAME):$(IMAGE_TAG)
+PYTHON_BASE_IMAGE ?= python:3.6
 export

 # Build all docker images for this project
@ -62,15 +63,19 @@ format: py_format
 .PHONY: build_pegleg
 build_pegleg:
 ifeq ($(USE_PROXY), true)
-	docker build -t $(IMAGE) --network=host --label $(LABEL) -f images/pegleg/Dockerfile --build-arg ctx_base=$(PEGLEG_BUILD_CTX) \
+	docker build -t $(IMAGE) --network=host --label $(LABEL) -f images/pegleg/Dockerfile \
+		--build-arg FROM=$(PYTHON_BASE_IMAGE) \
 		--build-arg http_proxy=$(PROXY) \
 		--build-arg https_proxy=$(PROXY) \
 		--build-arg HTTP_PROXY=$(PROXY) \
 		--build-arg HTTPS_PROXY=$(PROXY) \
 		--build-arg no_proxy=$(NO_PROXY) \
-		--build-arg NO_PROXY=$(NO_PROXY) .
+		--build-arg NO_PROXY=$(NO_PROXY) \
+		--build-arg ctx_base=$(PEGLEG_BUILD_CTX) .
 else
-	docker build -t $(IMAGE) --network=host --label $(LABEL) -f images/pegleg/Dockerfile --build-arg ctx_base=$(PEGLEG_BUILD_CTX) .
+	docker build -t $(IMAGE) --network=host --label $(LABEL) -f images/pegleg/Dockerfile \
+		--build-arg FROM=$(PYTHON_BASE_IMAGE) \
+		--build-arg ctx_base=$(PEGLEG_BUILD_CTX) .
 endif
 ifeq ($(PUSH_IMAGE), true)
 	docker push $(IMAGE)
--- a/images/pegleg/Dockerfile
+++ b/images/pegleg/Dockerfile
@ -1,4 +1,5 @@
-FROM python:3.6
+ARG FROM=python:3.6
+FROM ${FROM}

 VOLUME /var/pegleg
 WORKDIR /var/pegleg
--- a/tools/gate/playbooks/docker-image-build.yaml
+++ b/tools/gate/playbooks/docker-image-build.yaml
@ -14,6 +14,8 @@

 - hosts: primary
  tasks:
+    - include_vars: vars.yaml
+
    - name: Debug tag generation inputs
      block:
        - debug:
@ -39,16 +41,47 @@
        var: image_tags

    - name: Install Docker (Debian)
+      when: ansible_os_family == 'Debian'
      block:
+        - file:
+            path: "{{ item }}"
+            state: directory
+          with_items:
+            - /etc/docker/
+            - /etc/systemd/system/docker.service.d/
+            - /var/lib/docker/
+        - mount:
+            path: /var/lib/docker/
+            src: tmpfs
+            fstype: tmpfs
+            opts: size=25g
+            state: mounted
+        - copy: "{{ item }}"
+          with_items:
+            - content: "{{ docker_daemon | to_json }}"
+              dest: /etc/docker/daemon.json
+            - src: files/docker-systemd.conf
+              dest: /etc/systemd/system/docker.service.d/
+        - apt_key:
+            url: https://download.docker.com/linux/ubuntu/gpg
+        - apt_repository:
+            repo: deb http://{{ zuul_site_mirror_fqdn }}/deb-docker xenial stable
        - apt:
            name: "{{ item }}"
+            allow_unauthenticated: True
          with_items:
-            - docker.io
+            - docker-ce
            - python-pip
-          when: ansible_os_family == 'Debian'
        - pip:
            name: docker
            version: 2.7.0
+        # NOTE(SamYaple): Allow all connections from containers to host so the
+        # containers can access the http server for git and wheels
+        - iptables:
+            action: insert
+            chain: INPUT
+            in_interface: docker0
+            jump: ACCEPT
      become: True

    - name: Make images
--- a/tools/gate/playbooks/files/docker-systemd.conf
+++ b/tools/gate/playbooks/files/docker-systemd.conf
@ -0,0 +1,8 @@
+# NOTE(SamYaple): CentOS cannot be build with userns-remap enabled. httpd uses
+# cap_set_file capability and there is no way to pass that in at build as of
+# docker 17.06.
+# TODO(SamYaple): Periodically check to see if this is possible in newer
+# versions of Docker
+[Service]
+ExecStart=
+ExecStart=/usr/bin/dockerd
--- a/tools/gate/playbooks/vars.yaml
+++ b/tools/gate/playbooks/vars.yaml
@ -12,4 +12,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-null: null
+docker_daemon:
+  group: zuul
+  registry-mirrors:
+    - "http://{{ zuul_site_mirror_fqdn }}:8082/"
+  storage-driver: overlay2