From a34c170f1afac4f2995130c1b10cea3e7d33c9c2 Mon Sep 17 00:00:00 2001 From: "Petr \"Stone\" Hracek" Date: Mon, 29 Jul 2024 12:40:32 +0200 Subject: [PATCH 1/4] Create Dockerfile.c10s based on Dockerfile.c9s Signed-off-by: Petr "Stone" Hracek --- 1.26/Dockerfile.c10s | 89 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 1.26/Dockerfile.c10s diff --git a/1.26/Dockerfile.c10s b/1.26/Dockerfile.c10s new file mode 100644 index 00000000..ebe54610 --- /dev/null +++ b/1.26/Dockerfile.c10s @@ -0,0 +1,89 @@ +FROM quay.io/sclorg/s2i-core-c9s:c9s + +EXPOSE 8080 +EXPOSE 8443 + +ENV NAME=nginx \ + NGINX_VERSION=1.26 \ + NGINX_SHORT_VER=126 \ + VERSION=0 + +ENV SUMMARY="Platform for running nginx $NGINX_VERSION or building nginx-based application" \ + DESCRIPTION="Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP \ +protocols, with a strong focus on high concurrency, performance and low memory usage. The container \ +image provides a containerized packaging of the nginx $NGINX_VERSION daemon. The image can be used \ +as a base image for other applications based on nginx $NGINX_VERSION web server. \ +Nginx server image can be extended using source-to-image tool." + +LABEL summary="${SUMMARY}" \ + description="${DESCRIPTION}" \ + io.k8s.description="${DESCRIPTION}" \ + io.k8s.display-name="Nginx ${NGINX_VERSION}" \ + io.openshift.expose-services="8080:http" \ + io.openshift.expose-services="8443:https" \ + io.openshift.tags="builder,${NAME},${NAME}-${NGINX_SHORT_VER}" \ + com.redhat.component="${NAME}-${NGINX_SHORT_VER}-container" \ + name="sclorg/${NAME}-${NGINX_SHORT_VER}-c9s" \ + version="1" \ + com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI" \ + maintainer="SoftwareCollections.org " \ + help="For more information visit https://github.com/sclorg/${NAME}-container" \ + usage="s2i build quay.io/sclorg/${NAME}-${NGINX_SHORT_VER}-c9s:latest " + +ENV NGINX_CONFIGURATION_PATH=${APP_ROOT}/etc/nginx.d \ + NGINX_CONF_PATH=/etc/nginx/nginx.conf \ + NGINX_DEFAULT_CONF_PATH=${APP_ROOT}/etc/nginx.default.d \ + NGINX_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/nginx \ + NGINX_APP_ROOT=${APP_ROOT} \ + NGINX_LOG_PATH=/var/log/nginx \ + NGINX_PERL_MODULE_PATH=${APP_ROOT}/etc/perl + +# Modules does not exist +RUN yum -y module enable nginx:$NGINX_VERSION && \ + INSTALL_PKGS="nss_wrapper bind-utils gettext hostname nginx nginx-mod-stream nginx-mod-http-perl" && \ + yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + nginx -v 2>&1 | grep -qe "nginx/$NGINX_VERSION\." && echo "Found VERSION $NGINX_VERSION" && \ + yum -y clean all --enablerepo='*' + +# Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH +COPY $NGINX_VERSION/s2i/bin/ $STI_SCRIPTS_PATH + +# Copy extra files to the image. +COPY $NGINX_VERSION/root/ / + +# Changing ownership and user rights to support following use-cases: +# 1) running container on OpenShift, whose default security model +# is to run the container under random UID, but GID=0 +# 2) for working root-less container with UID=1001, which does not have +# to have GID=0 +# 3) for default use-case, that is running container directly on operating system, +# with default UID and GID (1001:0) +# Supported combinations of UID:GID are thus following: +# UID=1001 && GID=0 +# UID=&& GID=0 +# UID=1001 && GID= +RUN sed -i -f ${NGINX_APP_ROOT}/nginxconf.sed ${NGINX_CONF_PATH} && \ + mkdir -p ${NGINX_APP_ROOT}/etc/nginx.d/ && \ + mkdir -p ${NGINX_APP_ROOT}/etc/nginx.default.d/ && \ + mkdir -p ${NGINX_APP_ROOT}/src/nginx-start/ && \ + mkdir -p ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \ + mkdir -p ${NGINX_LOG_PATH} && \ + mkdir -p ${NGINX_PERL_MODULE_PATH} && \ + chown -R 1001:0 ${NGINX_CONF_PATH} && \ + chown -R 1001:0 ${NGINX_APP_ROOT}/etc && \ + chown -R 1001:0 ${NGINX_APP_ROOT}/src/nginx-start/ && \ + chown -R 1001:0 ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \ + chown -R 1001:0 /var/lib/nginx /var/log/nginx /run && \ + chmod ug+rw ${NGINX_CONF_PATH} && \ + chmod -R ug+rwX ${NGINX_APP_ROOT}/etc && \ + chmod -R ug+rwX ${NGINX_APP_ROOT}/src/nginx-start/ && \ + chmod -R ug+rwX ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \ + chmod -R ug+rwX /var/lib/nginx /var/log/nginx /run && \ + rpm-file-permissions + +USER 1001 + +STOPSIGNAL SIGQUIT + +CMD $STI_SCRIPTS_PATH/usage From 5d48447641263b79e343401323e58c574abf5eab Mon Sep 17 00:00:00 2001 From: "Petr \"Stone\" Hracek" Date: Mon, 29 Jul 2024 12:41:31 +0200 Subject: [PATCH 2/4] Update Dockerfile.c10s to use CentOS Stream 10. Update Dockerfile.fedora against Dockerfile.c10s so that they are a bit more closer Signed-off-by: Petr "Stone" Hracek --- 1.26/Dockerfile.c10s | 13 ++++++------- 1.26/Dockerfile.fedora | 8 ++------ 2 files changed, 8 insertions(+), 13 deletions(-) diff --git a/1.26/Dockerfile.c10s b/1.26/Dockerfile.c10s index ebe54610..989a5150 100644 --- a/1.26/Dockerfile.c10s +++ b/1.26/Dockerfile.c10s @@ -1,4 +1,4 @@ -FROM quay.io/sclorg/s2i-core-c9s:c9s +FROM quay.io/sclorg/s2i-core-c10s:c10s EXPOSE 8080 EXPOSE 8443 @@ -23,12 +23,12 @@ LABEL summary="${SUMMARY}" \ io.openshift.expose-services="8443:https" \ io.openshift.tags="builder,${NAME},${NAME}-${NGINX_SHORT_VER}" \ com.redhat.component="${NAME}-${NGINX_SHORT_VER}-container" \ - name="sclorg/${NAME}-${NGINX_SHORT_VER}-c9s" \ + name="sclorg/${NAME}-${NGINX_SHORT_VER}-c10s" \ version="1" \ com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI" \ maintainer="SoftwareCollections.org " \ help="For more information visit https://github.com/sclorg/${NAME}-container" \ - usage="s2i build quay.io/sclorg/${NAME}-${NGINX_SHORT_VER}-c9s:latest " + usage="s2i build quay.io/sclorg/${NAME}-${NGINX_SHORT_VER}-c10s:latest " ENV NGINX_CONFIGURATION_PATH=${APP_ROOT}/etc/nginx.d \ NGINX_CONF_PATH=/etc/nginx/nginx.conf \ @@ -39,12 +39,11 @@ ENV NGINX_CONFIGURATION_PATH=${APP_ROOT}/etc/nginx.d \ NGINX_PERL_MODULE_PATH=${APP_ROOT}/etc/perl # Modules does not exist -RUN yum -y module enable nginx:$NGINX_VERSION && \ - INSTALL_PKGS="nss_wrapper bind-utils gettext hostname nginx nginx-mod-stream nginx-mod-http-perl" && \ - yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ +RUN INSTALL_PKGS="nss_wrapper bind-utils gettext hostname nginx nginx-mod-stream nginx-mod-http-perl" && \ + dnf install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ rpm -V $INSTALL_PKGS && \ nginx -v 2>&1 | grep -qe "nginx/$NGINX_VERSION\." && echo "Found VERSION $NGINX_VERSION" && \ - yum -y clean all --enablerepo='*' + dnf -y clean all --enablerepo='*' # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH COPY $NGINX_VERSION/s2i/bin/ $STI_SCRIPTS_PATH diff --git a/1.26/Dockerfile.fedora b/1.26/Dockerfile.fedora index fa4f2a7a..dbad289b 100644 --- a/1.26/Dockerfile.fedora +++ b/1.26/Dockerfile.fedora @@ -1,9 +1,5 @@ FROM quay.io/fedora/s2i-core:40 -# nginx 1.26 image. -# -# Volumes: -# * /var/log/nginx/ - Storage for logs EXPOSE 8080 EXPOSE 8443 @@ -27,8 +23,8 @@ LABEL summary="${SUMMARY}" \ io.k8s.display-name="Nginx ${NGINX_VERSION}" \ io.openshift.expose-services="8080:http" \ io.openshift.expose-services="8443:https" \ - io.openshift.tags="builder,${NAME},${NAME}${NGINX_SHORT_VER}" \ - com.redhat.component="${NAME}" \ + io.openshift.tags="builder,${NAME},${NAME}-${NGINX_SHORT_VER}" \ + com.redhat.component="${NAME}-${NGINX_SHORT_VER}" \ name="fedora/${NAME}-${NGINX_SHORT_VER}" \ version="${VERSION}" \ maintainer="SoftwareCollections.org " \ From f3d0e7e736e20c9c531957f8161dc05ee94b394c Mon Sep 17 00:00:00 2001 From: "Petr \"Stone\" Hracek" Date: Mon, 29 Jul 2024 12:44:36 +0200 Subject: [PATCH 3/4] Update README's with CentOS Stream 10 support Signed-off-by: Petr "Stone" Hracek --- 1.26/README.md | 3 ++- README.md | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/1.26/README.md b/1.26/README.md index 47a6cb04..829edfb0 100644 --- a/1.26/README.md +++ b/1.26/README.md @@ -199,5 +199,6 @@ See also Dockerfile and other sources for this container image are available on https://github.com/sclorg/nginx-container. In that repository you also can find another versions of Python environment Dockerfiles. -for RHEL8 it's `Dockerfile.rhel8`, Dockerfile for CentOS Stream 9 is called `Dockerfile.c9s`, and the Fedora Dockerfile is called `Dockerfile.fedora`. +for RHEL8 it's `Dockerfile.rhel8`, Dockerfile for CentOS Stream 9 is called `Dockerfile.c9s`, +Dockerfile for CentOS Stream 10 is called `Dockerfile.c10s`, and the Fedora Dockerfile is called `Dockerfile.fedora`. diff --git a/README.md b/README.md index b540b7a7..74fe0847 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,8 @@ Nginx container images Images available on Quay are: * CentOS Stream 9 [nginx-1.20](https://quay.io/repository/sclorg/nginx-120-c9s) +* CentOS Stream 9 [nginx-1.24](https://quay.io/repository/sclorg/nginx-124-c9s) +* CentOS Stream 10 [nginx-1.26](https://quay.io/repository/sclorg/nginx-126-c10s) * Fedora [nginx-1.20](https://quay.io/repository/fedora/nginx-120) * Fedora [nginx-1.22](https://quay.io/repository/fedora/nginx-122) * Fedora [nginx-1.24](https://quay.io/repository/fedora/nginx-124) @@ -37,6 +39,7 @@ RHEL versions currently supported are: CentOS Stream versions currently supported are: * CentOS Stream 9 +* CentOS Stream 10 Installation From 32379c3c51cf040c3dd88b27aa32d739014bead5 Mon Sep 17 00:00:00 2001 From: "Petr \"Stone\" Hracek" Date: Mon, 29 Jul 2024 12:44:54 +0200 Subject: [PATCH 4/4] Update build-and-push action with pushing to quay.io 1.26 version Signed-off-by: Petr "Stone" Hracek --- .github/workflows/build-and-push.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml index 9f22d978..2baf6354 100644 --- a/.github/workflows/build-and-push.yml +++ b/.github/workflows/build-and-push.yml @@ -53,6 +53,14 @@ jobs: quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN" image_name: "nginx-124-c9s" + - version: "1.26" + tag: "c10s" + dockerfile: "Dockerfile.c10s" + registry_namespace: "sclorg" + quayio_username: "QUAY_IMAGE_SCLORG_BUILDER_USERNAME" + quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN" + image_name: "nginx-126-c10s" + steps: - name: Build and push to quay.io registry uses: sclorg/build-and-push-action@main