Dockerfile.upi.ci

# This Dockerfile is used by CI to test UPI platforms for OpenShift Installer
# It builds an image containing binaries like jq, terraform, awscli, oc, etc. to allow bringing up UPI infrastructure.
# It also contains the `upi` directory that contains various terraform and cloud formation templates that are used to create infrastructure resources.


FROM registry.ci.openshift.org/ocp/builder:rhel-8-golang-1.16-openshift-4.8 AS builder
ARG TAGS=""
WORKDIR /go/src/github.com/openshift/installer
COPY . .
RUN DEFAULT_ARCH="$(go env GOHOSTARCH)" hack/build.sh

FROM registry.ci.openshift.org/ocp/4.8:cli as cli

FROM registry.ci.openshift.org/ocp/4.8:base
COPY --from=cli /usr/bin/oc /bin/oc
COPY --from=builder /go/src/github.com/openshift/installer/bin/openshift-install /bin/openshift-install
COPY --from=builder /go/src/github.com/openshift/installer/upi /var/lib/openshift-install/upi
COPY --from=builder /go/src/github.com/openshift/installer/data/data/rhcos.json /var/lib/openshift-install/rhcos.json

RUN rpm --import https://packages.microsoft.com/keys/microsoft.asc
RUN sh -c 'echo -e "[azure-cli]\nname=Azure CLI\nbaseurl=https://packages.microsoft.com/yumrepos/azure-cli\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" >/etc/yum.repos.d/azure-cli.repo'

RUN sh -c 'echo -e "[google-cloud-sdk]\nname=Google Cloud SDK\nbaseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64\nenabled=1\ngpgcheck=1\nrepo_gpgcheck=0\ngpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg\n       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg" > /etc/yum.repos.d/google-cloud-sdk.repo'

RUN yum update -y && \
    yum install --setopt=tsflags=nodocs -y \
      azure-cli \
      gettext \
      google-cloud-sdk \
      gzip \
      jq \
      unzip \
      openssh-clients \
      openssl \
      PyYAML \
      util-linux && \
    yum clean all && \
    rm -rf /var/cache/yum/* && \
    chmod g+w /etc/passwd

ARG YQ_URI=https://github.com/mikefarah/yq/releases/download/3.3.0/yq_linux_amd64
ARG YQ_HASH=e70e482e7ddb9cf83b52f5e83b694a19e3aaf36acf6b82512cbe66e41d569201
RUN echo "${YQ_HASH} -" > /tmp/sum.txt && \
  curl -L --fail "${YQ_URI}" | tee /bin/yq-go | sha256sum -c /tmp/sum.txt >/dev/null && \
  chmod +x /bin/yq-go && \
  rm /tmp/sum.txt

RUN curl https://bootstrap.pypa.io/pip/2.7/get-pip.py -o get-pip.py
RUN python get-pip.py 'pip<21.0'
RUN python -m pip install pyopenssl
ENV CLOUDSDK_PYTHON=/usr/bin/python

ENV TERRAFORM_VERSION=0.12.24
RUN curl -O https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
    unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /bin/
ENV MATCHBOX_PROVIDER_VERSION=v0.3.0
RUN curl -L -O https://github.com/poseidon/terraform-provider-matchbox/releases/download/${MATCHBOX_PROVIDER_VERSION}/terraform-provider-matchbox-${MATCHBOX_PROVIDER_VERSION}-linux-amd64.tar.gz && \
    tar xzf terraform-provider-matchbox-${MATCHBOX_PROVIDER_VERSION}-linux-amd64.tar.gz && \
    mv terraform-provider-matchbox-${MATCHBOX_PROVIDER_VERSION}-linux-amd64/terraform-provider-matchbox /bin/terraform-provider-matchbox
ENV IGNITION_PROVIDER_VERSION=v2.1.0
RUN curl -L -O https://github.com/community-terraform-providers/terraform-provider-ignition/releases/download/${IGNITION_PROVIDER_VERSION}/terraform-provider-ignition-${IGNITION_PROVIDER_VERSION}-linux-amd64.tar.gz && \
    tar xzf terraform-provider-ignition-${IGNITION_PROVIDER_VERSION}-linux-amd64.tar.gz && \
    mv terraform-provider-ignition-${IGNITION_PROVIDER_VERSION}-linux-amd64/terraform-provider-ignition /bin/terraform-provider-ignition
RUN curl -L -O https://github.com/vmware/govmomi/releases/download/v0.20.0/govc_linux_amd64.gz && \
    gzip -d govc_linux_amd64.gz && \
    chmod +x govc_linux_amd64 && mv govc_linux_amd64 /bin/govc
RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && \
    unzip awscliv2.zip && \
    ./aws/install -b /bin && \
    rm -rf ./aws awscliv2.zip

RUN mkdir /output && chown 1000:1000 /output
USER 1000:1000
ENV PATH /bin
ENV HOME /output
WORKDIR /output