fix odl patches

[ccsdk/distribution.git] / ansible-server / src / main / Dockerfile

diff --git a/ansible-server/src/main/Dockerfile b/ansible-server/src/main/Dockerfile
index 4a9c414..984333d 100644 (file)
--- a/ansible-server/src/main/Dockerfile
+++ b/ansible-server/src/main/Dockerfile
@@ -1,31 +1,45 @@
-FROM alpine:3.8
-
+FROM onap/integration-python:8.0.0
 LABEL maintainer="SDN-C Team (sdnc@lists.openecomp.org)"
-ARG PIP_TAG=18.0
+USER root
 
-WORKDIR /opt/
+ARG http_proxy
+ARG https_proxy
+ARG no_proxy
+ARG CURL_CA_BUNDLE
 
-COPY ansible-server/requirements.txt ansible-server/requirements.txt
+ENV http_proxy $http_proxy
+ENV https_proxy $https_proxy
+ENV no_proxy $no_proxy
+ENV PIP_EXTRA_OPTS ${https_proxy:+"--trusted-host pypi.org --trusted-host files.pythonhosted.org --proxy=${https_proxy}"}
+ENV PIP_EXTRA_OPTS ${PIP_EXTRA_OPTS:-""}
+ENV CURL_CA_BUNDLE=$CURL_CA_BUNDLE
 
-RUN apk add --no-cache curl \
-                       bash \
-                       py2-pip \
-                       python2 &&\
-    apk add --no-cache --virtual .build-deps build-base \
-                                             libffi-dev \
-                                             openssl-dev \
-                                             python2-dev &&\
-    pip install --no-cache-dir --upgrade pip==$PIP_TAG && \
-    pip install --no-cache-dir -r ansible-server/requirements.txt &&\
-    apk del .build-deps
+ARG PIP_TAG=18.0
 
-COPY ansible-server ansible-server
-COPY configuration/ansible.cfg /etc/ansible/ansible.cfg
+RUN addgroup -S ansible && adduser -S ansible -G ansible
+COPY --chown=ansible:ansible ansible-server /opt/ansible-server
+COPY --chown=ansible:ansible configuration/ansible.cfg /etc/ansible/ansible.cfg
 
-WORKDIR /opt/ansible-server
+# Copy any certs
+COPY *.md *.pem /etc/ssl/certs/
 
-RUN mkdir /opt/onap ; ln -s /opt/ansible-server /opt/onap/ccsdk
+# Install certs
+RUN update-ca-certificates
 
-EXPOSE 8000
+RUN echo $CURL_CA_BUNDLE && ls -l $CURL_CA_BUNDLE
+
+RUN apk add --no-cache curl iputils bash openssh-client \
+    && curl -k https://sh.rustup.rs -sSf | sh -s -- -y \
+    && source $HOME/.cargo/env \
+    && apk add --no-cache --virtual .build-deps build-base libffi-dev openssl-dev python3-dev \
+    && pip3 install --no-cache-dir --trusted-host pypi.org --trusted-host files.pythonhosted.org --upgrade pip ${PIP_EXTRA_OPTS} \
+    && pip3 install --no-cache-dir --trusted-host pypi.org --trusted-host files.pythonhosted.org -r /opt/ansible-server/requirements.txt ${PIP_EXTRA_OPTS} \
+    && apk del .build-deps \
+    && mkdir -p /opt/onap \
+    && touch /var/log/ansible-server.log \
+    && chown -R ansible:ansible /var/log
 
+USER ansible:ansible
+EXPOSE 8000
+WORKDIR /opt/ansible-server
 ##ENTRYPOINT ["python2", "RestServer.py"]