From 970708dd00fb99d6676a23212b2e7160a1f45ddd Mon Sep 17 00:00:00 2001 From: Steve Baker Date: Tue, 13 Nov 2018 17:20:03 +1300 Subject: [PATCH] Use a tempfile for the modified Dockerfile When using modify_image.yml directly with a multiple image prepare, the Dockerfile.modified can be overwritten multiple times in a race which causes the wrong images to be built. This change uses a tempfile for the modified Dockerfile, avoiding this issue. yum_update.yml and rpm_install.yml is not affected by this because they write out the Dockerfile to a temp directory for each image. Change-Id: I374f76650ef0b0211d92435d66fdead2b7730b21 --- tasks/modify_image.yml | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/tasks/modify_image.yml b/tasks/modify_image.yml index 769a6ed..4b4851d 100644 --- a/tasks/modify_image.yml +++ b/tasks/modify_image.yml @@ -13,25 +13,31 @@ modified_append_tag: "{{ lookup('pipe','date +-modified-%Y%m%d%H%M%S') }}" when: modified_append_tag is undefined -- name: Copy Dockerfile to Dockerfile.modified +- name: Create Dockerfile tempfile name + tempfile: + path: "{{ modify_dir_path }}" + prefix: Dockerfile. + register: dockerfile + +- name: Copy Dockerfile to {{ dockerfile.path }} copy: src: "{{ modify_dir_path }}/Dockerfile" - dest: "{{ modify_dir_path }}/Dockerfile.modified" + dest: "{{ dockerfile.path }}" - name: Replace FROM directive lineinfile: - path: "{{ modify_dir_path }}/Dockerfile.modified" + path: "{{ dockerfile.path }}" regexp: "^FROM " line: "FROM {{ source_image }}" - name: Add LABEL modified_append_tag={{ modified_append_tag }} lineinfile: - path: "{{ modify_dir_path }}/Dockerfile.modified" + path: "{{ dockerfile.path }}" insertafter: "^FROM " line: "LABEL modified_append_tag={{ modified_append_tag }}" - name: Modify image from {{ modify_dir_path }} - command: "{{ build_commands[container_build_tool] }} --tag {{ target_image | default(source_image) }}{{ modified_append_tag }} --file Dockerfile.modified --network host ./" + command: "{{ build_commands[container_build_tool] }} --tag {{ target_image | default(source_image) }}{{ modified_append_tag }} --file {{ dockerfile.path }} --network host ./" #FIXME: buildah should not required root commands to build an image become: "{{ true if build_commands[container_build_tool] == 'buildah' else false }}" args: