forked from RedHatInsights/vulnerability-engine
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
70 lines (57 loc) · 2.95 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
FROM registry.access.redhat.com/ubi8/ubi-minimal
# install postgresql from centos if not building on RHSM system
RUN FULL_RHEL=$(microdnf repolist --enabled | grep rhel-8) ; \
if [ -z "$FULL_RHEL" ] ; then \
rpm -Uvh http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os/Packages/centos-stream-repos-8-4.el8.noarch.rpm \
http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os/Packages/centos-gpg-keys-8-4.el8.noarch.rpm && \
sed -i 's/^\(enabled.*\)/\1\npriority=200/;' /etc/yum.repos.d/CentOS*.repo ; \
fi
RUN microdnf module enable postgresql:12 && \
microdnf install --setopt=install_weak_deps=0 --setopt=tsflags=nodocs \
python38 python38-pip which shadow-utils diffutils systemd libicu git-core postgresql pg_repack && \
microdnf clean all
# missing pg_config, gcc, python3-devel needed for psycopg on aarch64
RUN [ "$(uname -m)" == "aarch64" ] && \
microdnf install --setopt=install_weak_deps=0 --setopt=tsflags=nodocs \
libpq-devel gcc gcc-c++ python38-devel && \
microdnf clean all || true
# for manager purposes
RUN mkdir -p /tmp/prometheus_multiproc
ENV prometheus_multiproc_dir=/tmp/prometheus_multiproc
# minimal schema required by application, used for waiting in services until DB migration is finished
ENV MINIMAL_SCHEMA=110
WORKDIR /engine
ADD /Pipfile* /engine/
ENV LC_ALL=C.utf8
ENV LANG=C.utf8
ARG PIPENV_CHECK=1
ARG PIPENV_PYUP_API_KEY=""
RUN pip3 install --upgrade pip && \
pip3 install --upgrade pipenv && \
pipenv install --ignore-pipfile --deploy --system && \
if [ "${PIPENV_CHECK}" == 1 ] ; then pipenv check --system ; fi
RUN adduser --gid 0 -d /engine --no-create-home insights
# for manager purposes
RUN chown -R insights:0 /tmp/prometheus_multiproc && \
chgrp -R 0 /tmp/prometheus_multiproc && \
chmod -R g=u /tmp/prometheus_multiproc
USER insights
EXPOSE 8000
ADD entrypoint.sh /engine/
ADD manager.healthz.spec.yaml /engine/
ADD manager.admin.spec.yaml /engine/
ADD /database/upgrade/dbupgrade.sh /engine/
ADD /advisor_listener/*.py /engine/advisor_listener/
ADD /taskomatic/*.py /engine/taskomatic/
ADD /taskomatic/jobs/*.py /engine/taskomatic/jobs/
ADD /vmaas_sync/*.py /engine/vmaas_sync/
ADD /database/*.py /engine/database/
ADD /database/upgrade/*.py /engine/database/upgrade/
ADD /database/schema/*.sql /engine/database/schema/
ADD /database/schema/upgrade_scripts/*.sql /engine/database/schema/upgrade_scripts/
ADD /evaluator/*.py /engine/evaluator/
ADD /listener/*.py /engine/listener/
ADD manager.spec.yaml /engine/
ADD /common/*.py /engine/common/
ADD /manager/*.py /engine/manager/
ADD /notificator/*.py /engine/notificator/