mirror of
https://github.com/quay/quay.git
synced 2026-01-26 06:21:37 +03:00
5471d3cbcb
Removes read support for Clair V2, along with the need to package jwtproxy with Quay. TODO: Drop deprecate image api + image table, remove image data model.
152 lines
4.5 KiB
Docker
152 lines
4.5 KiB
Docker
FROM registry.redhat.io/ubi8:latest AS build-npm
|
|
|
|
COPY $REMOTE_SOURCE $REMOTE_SOURCE_DIR
|
|
WORKDIR $REMOTE_SOURCE_DIR/app
|
|
|
|
RUN INSTALL_PKGS="\
|
|
nodejs \
|
|
" && \
|
|
yum -y --setopt=tsflags=nodocs --setopt=skip_missing_names_on_install=False install $INSTALL_PKGS
|
|
|
|
RUN cd source/config-tool/pkg/lib/editor && \
|
|
npm config list && \
|
|
npm install --ignore-engines --loglevel verbose && \
|
|
npm run build
|
|
|
|
RUN cd source/quay && \
|
|
npm config list && \
|
|
npm install --ignore-engines --loglevel verbose && \
|
|
npm run build
|
|
|
|
|
|
FROM openshift/golang-builder:1.15 AS build-gomod
|
|
|
|
COPY --from=build-npm $REMOTE_SOURCE_DIR $REMOTE_SOURCE_DIR
|
|
WORKDIR $REMOTE_SOURCE_DIR/app
|
|
RUN source $CACHITO_ENV_FILE
|
|
|
|
COPY --from=build-npm $REMOTE_SOURCE_DIR/app/source/config-tool/pkg/lib/editor/static/build $REMOTE_SOURCE_DIR/app/source/config-tool/pkg/lib/editor/static/build
|
|
|
|
RUN cd source/config-tool && \
|
|
go mod vendor && \
|
|
go build ./cmd/config-tool
|
|
|
|
RUN cd source/pushgateway && \
|
|
go mod vendor && \
|
|
go build
|
|
|
|
|
|
FROM registry.redhat.io/ubi8:latest
|
|
|
|
LABEL com.redhat.component="quay-registry-container"
|
|
LABEL name="quay/quay-rhel8"
|
|
LABEL version="v3.6.0"
|
|
LABEL io.k8s.display-name="Red Hat Quay"
|
|
LABEL io.k8s.description="Red Hat Quay"
|
|
LABEL summary="Red Hat Quay"
|
|
LABEL maintainer="support@redhat.com"
|
|
LABEL io.openshift.tags="quay"
|
|
ENV RED_HAT_QUAY=true
|
|
|
|
ENV PYTHON_VERSION=3.8 \
|
|
PYTHON_ROOT=/usr/local/lib/python3.8 \
|
|
PATH=$HOME/.local/bin/:$PATH \
|
|
PYTHONUNBUFFERED=1 \
|
|
PYTHONIOENCODING=UTF-8 \
|
|
LANG=en_US.utf8 \
|
|
PYTHONUSERBASE_SITE_PACKAGE=/usr/local/lib/python3.8/site-packages
|
|
|
|
ENV QUAYDIR=/quay-registry \
|
|
QUAYCONF=/quay-registry/conf \
|
|
QUAYRUN /quay-registry/conf \
|
|
QUAYPATH="."
|
|
|
|
RUN mkdir $QUAYDIR
|
|
WORKDIR $QUAYDIR
|
|
|
|
ARG PIP_CERT
|
|
COPY --from=build-npm $REMOTE_SOURCE_DIR $REMOTE_SOURCE_DIR
|
|
COPY --from=build-npm $PIP_CERT $PIP_CERT
|
|
RUN cp -Rp $REMOTE_SOURCE_DIR/app/source/quay/* $QUAYDIR
|
|
|
|
COPY --from=build-gomod $REMOTE_SOURCE_DIR/app/source/config-tool/config-tool /usr/local/bin/config-tool
|
|
COPY --from=build-gomod $REMOTE_SOURCE_DIR/app/source/config-tool/pkg/lib/editor $QUAYDIR/config_app
|
|
COPY --from=build-gomod $REMOTE_SOURCE_DIR/app/source/pushgateway/pushgateway /usr/local/bin/pushgateway
|
|
|
|
RUN rm -Rf node_modules config_app/node_modules
|
|
|
|
RUN INSTALL_PKGS="\
|
|
python38 \
|
|
nginx \
|
|
openldap \
|
|
postgresql \
|
|
gcc-c++ git \
|
|
openldap-devel \
|
|
dnsmasq \
|
|
memcached \
|
|
openssl \
|
|
skopeo \
|
|
python38-devel \
|
|
libffi-devel \
|
|
openssl-devel \
|
|
postgresql-devel \
|
|
libjpeg-devel \
|
|
" && \
|
|
yum -y --setopt=tsflags=nodocs --setopt=skip_missing_names_on_install=False install $INSTALL_PKGS && \
|
|
yum -y update && \
|
|
yum -y clean all
|
|
|
|
RUN alternatives --set python /usr/bin/python3 && \
|
|
python -m pip install --no-cache-dir --upgrade setuptools pip && \
|
|
python -m pip install --no-cache-dir wheel && \
|
|
python -m pip install --no-cache-dir -r requirements-osbs.txt --no-cache && \
|
|
python -m pip freeze
|
|
|
|
RUN ln -s $QUAYCONF /conf && \
|
|
ln -sf /dev/stdout /var/log/nginx/access.log && \
|
|
ln -sf /dev/stdout /var/log/nginx/error.log && \
|
|
chmod -R a+rwx /var/log/nginx
|
|
|
|
# Cleanup
|
|
RUN UNINSTALL_PKGS="\
|
|
gcc-c++ git \
|
|
openldap-devel \
|
|
python38-devel \
|
|
libffi-devel \
|
|
openssl-devel \
|
|
postgresql-devel \
|
|
libjpeg-devel \
|
|
kernel-headers \
|
|
" && \
|
|
yum remove -y $UNINSTALL_PKGS && \
|
|
yum clean all && \
|
|
rm -rf /var/cache/yum /tmp/* /var/tmp/* /root/.cache && \
|
|
rm -rf $REMOTE_SOURCE_DIR
|
|
|
|
EXPOSE 8080 8443 7443
|
|
|
|
RUN chgrp -R 0 $QUAYDIR && \
|
|
chmod -R g=u $QUAYDIR
|
|
|
|
RUN mkdir /datastorage && chgrp 0 /datastorage && chmod g=u /datastorage && \
|
|
mkdir -p /var/log/nginx && chgrp 0 /var/log/nginx && chmod g=u /var/log/nginx && \
|
|
mkdir -p /conf/stack && chgrp 0 /conf/stack && chmod g=u /conf/stack && \
|
|
mkdir -p /tmp && chgrp 0 /tmp && chmod g=u /tmp && \
|
|
chmod g=u /etc/passwd
|
|
|
|
RUN chgrp 0 /var/log/nginx && \
|
|
chmod g=u /var/log/nginx && \
|
|
chgrp -R 0 /etc/pki/ca-trust/extracted && \
|
|
chmod -R g=u /etc/pki/ca-trust/extracted && \
|
|
chgrp -R 0 /etc/pki/ca-trust/source/anchors && \
|
|
chmod -R g=u /etc/pki/ca-trust/source/anchors && \
|
|
chgrp -R 0 /usr/local/lib/python3.8/site-packages/certifi && \
|
|
chmod -R g=u /usr/local/lib/python3.8/site-packages/certifi
|
|
|
|
VOLUME ["/var/log", "/datastorage", "/tmp", "/conf/stack"]
|
|
|
|
USER 1001
|
|
|
|
ENTRYPOINT ["dumb-init", "--", "/quay-registry/quay-entrypoint.sh"]
|
|
CMD ["registry"]
|