From 723cedbedda6003a806c674b10fcc26c6b74d0fe Mon Sep 17 00:00:00 2001 From: Sorin Sbarnea Date: Mon, 30 Sep 2024 12:45:40 +0100 Subject: [PATCH 1/2] Use a setup.sh script for configuring ee final container This should reduce number of image layers. --- final/Containerfile | 55 ++++++--------------------------------------- final/setup.sh | 9 +++++++- final/setup2.sh | 36 +++++++++++++++++++++++++++++ tools/image.sh | 3 ++- tox.ini | 1 + 5 files changed, 54 insertions(+), 50 deletions(-) mode change 100644 => 100755 final/setup.sh create mode 100755 final/setup2.sh diff --git a/final/Containerfile b/final/Containerfile index 78b6c63..2f17c9e 100644 --- a/final/Containerfile +++ b/final/Containerfile @@ -1,25 +1,17 @@ # Builds community-ansible-dev-tools-container-base image which provides # container-in-container support and all installs all binary dependencies -# cspell:ignore minrate,opencontainers,cffi,ruamel,subuid,subgid,workdir,chgrp,mountopt,microdnf,makecache,setcaps,pylibssh,chsh,nodev,overlayfs,libssh,markupsafe,additionalimage,USERNS,onigurumacffi +# cspell:ignore minrate,opencontainers,cffi,ruamel,subuid,subgid,workdir,chgrp,mountopt,microdnf,makecache,setcaps,pylibssh,chsh,nodev,overlayfs,libssh,markupsafe,additionalimage,USERNS FROM community-ansible-dev-tools-base:latest - -USER root - -# When building for multiple-architectures in parallel using emulation -# it's really easy for one/more dnf processes to timeout or mis-count -# the minimum download rates. Bump both to be extremely forgiving of -# an overworked host. -RUN echo -e "\n\n# Added during image build" >> /etc/dnf/dnf.conf && \ - echo -e "minrate=100\ntimeout=60\n" >> /etc/dnf/dnf.conf - LABEL org.opencontainers.image.source=https://github.com/ansible/ansible-dev-tools LABEL org.opencontainers.image.authors="Ansible DevTools" LABEL org.opencontainers.image.vendor="Red Hat" LABEL org.opencontainers.image.licenses="GPL-3.0" LABEL org.opencontainers.image.description="An execution environment targeted for Ansible content creators." -WORKDIR /context -RUN --mount=type=bind,target=. --mount=type=cache,dst=/var/cache/dnf --mount=type=cache,dst=/root/.cache/pip context/setup.sh +USER root + +RUN --mount=type=bind,target=. --mount=type=cache,dst=/var/cache/dnf --mount=type=cache,dst=/root/.cache/pip ./setup.sh + ARG _REPO_URL="https://raw.githubusercontent.com/containers/image_build/main/podman" ADD $_REPO_URL/containers.conf /etc/containers/containers.conf @@ -75,42 +67,9 @@ RUN for dir in \ # base ansible-dev-tools setup COPY dist/*.whl /tmp/dist -RUN --mount=type=cache,dst=/root/.cache/pip sh -ec -o pipefail "ls -1 /tmp/dist/*.whl | xargs -I '{}' python3 -m pip install -q '{}[server,lock]' && rm -rf /tmp/dist" - -RUN \ -mkdir -p ~/.ansible/roles /usr/share/ansible/roles /etc/ansible/roles && \ -git config --system --add safe.directory / - -# The dev container for docker runs as root -RUN chsh -s $(which zsh) root - -RUN <> /etc/dnf/dnf.conf +echo -e "minrate=100\ntimeout=60\n" >> /etc/dnf/dnf.conf + microdnf -q -y makecache && microdnf -q -y update microdnf -q -y install shadow-utils rpm --setcaps shadow-utils 2>/dev/null diff --git a/final/setup2.sh b/final/setup2.sh new file mode 100755 index 0000000..ec7e525 --- /dev/null +++ b/final/setup2.sh @@ -0,0 +1,36 @@ +#!/bin/bash +# cspell: ignore euxo chsh +set -euxo pipefail + +# this must run as user root + +mkdir -p ~/.ansible/roles /usr/share/ansible/roles /etc/ansible/roles +git config --system --add safe.directory / + +# The dev container for docker runs as root +chsh -s "$(which zsh)" root + +# Install argcomplete +python3 -m pip install argcomplete +activate-global-python-argcomplete + +# Install oh-my-zsh +sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" + +# add some helpful CLI commands to check we do not remove them inadvertently and output some helpful version information at build time. +set -ex +ansible --version +ansible-lint --version +ansible-runner --version +molecule --version +molecule drivers +podman --version +python3 --version +git --version +ansible-galaxy role list +ansible-galaxy collection list +rpm -qa +uname -a + +# Make a workdir usable by the root user +mkdir -p /workdir diff --git a/tools/image.sh b/tools/image.sh index 43e8b4d..0533e45 100755 --- a/tools/image.sh +++ b/tools/image.sh @@ -12,8 +12,9 @@ python -m build --outdir "$REPO_DIR/final/dist/" --wheel "$REPO_DIR" ansible-builder create -f execution-environment.yml --output-filename Containerfile -v3 $BUILD_CMD -f context/Containerfile context/ --tag community-ansible-dev-tools-base:latest $BUILD_CMD -f final/Containerfile final/ --tag community-ansible-dev-tools:test -pytest --only-container --image-name community-ansible-dev-tools:test +pytest -v --only-container --container-engine=docker --image-name community-ansible-dev-tools:test +# -k test_navigator_simple # Test the build of example execution environment to avoid regressions pushd docs/examples ansible-builder build diff --git a/tox.ini b/tox.ini index ea6ec98..616dff1 100644 --- a/tox.ini +++ b/tox.ini @@ -120,6 +120,7 @@ deps = ansible-builder build setuptools # https://github.com/ansible/ansible-builder/issues/644 + -r .config/requirements-test.in commands_pre = commands = ./tools/image.sh From 0f3d9645e4401238148d4b6aaff4b6741c1f758d Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Mon, 7 Oct 2024 13:08:33 +0000 Subject: [PATCH 2/2] chore: auto fixes from pre-commit.com hooks --- tox.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tox.ini b/tox.ini index 616dff1..536b1bd 100644 --- a/tox.ini +++ b/tox.ini @@ -117,10 +117,10 @@ description = Build the container image skip_install = true deps = + -r .config/requirements-test.in ansible-builder build setuptools # https://github.com/ansible/ansible-builder/issues/644 - -r .config/requirements-test.in commands_pre = commands = ./tools/image.sh