From 8e95b0b68cce9632847569275f8629f53deab992 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaros=C5=82aw=20Kalinowski?= Date: Tue, 12 Nov 2024 14:10:38 +0200 Subject: [PATCH] Update container definitions * Update outdated dependencies * Split installation into multiple steps to aid debugging * Remove replace ';' with '&&' to fail properly when anything fails --- client/container_preparation/Dockerfile | 38 +++++++++++++------------ client/data_preparation/Dockerfile | 33 ++++++++++++--------- client/job_preparation/Dockerfile | 18 ++++++++---- server/Dockerfile | 20 +++++++------ 4 files changed, 64 insertions(+), 45 deletions(-) diff --git a/client/container_preparation/Dockerfile b/client/container_preparation/Dockerfile index 5e0a955..9d2478d 100644 --- a/client/container_preparation/Dockerfile +++ b/client/container_preparation/Dockerfile @@ -2,11 +2,6 @@ ARG BUILDPLATFORM=linux/amd64 FROM --platform=$BUILDPLATFORM python:3.9-alpine - - -# Add rust binaries to PATH -ENV PATH="$PATH:/root/.cargo/bin" - # Create code directory, output directory RUN mkdir /container_preparation /output @@ -19,22 +14,29 @@ COPY ./utils /container_preparation/utils # Set workdir WORKDIR /container_preparation -# Install necessary packages, spire-agent and rust +# Install necessary packages RUN apk add --no-cache \ - git=2.43.0-r0 \ - curl=8.5.0-r0 \ + git=2.45.2-r0 \ + curl=8.11.0-r2 \ jq=1.7.1-r0 \ build-base=0.5-r3 \ - libffi-dev=3.4.4-r3 && \ -curl -LsSf -o spire-1.9.0-linux-amd64-musl.tar.gz https://github.com/spiffe/spire/releases/download/v1.9.0/spire-1.9.0-linux-amd64-musl.tar.gz && \ -tar xvf spire-1.9.0-linux-amd64-musl.tar.gz ; mv spire-1.9.0 /opt ; mv /opt/spire-1.9.0 /opt/spire && \ -ln -s /opt/spire/bin/spire-agent /usr/bin/spire-agent && \ -ln -s /opt/spire/bin/spire-server /usr/bin/spire-server && \ -rm -rf spire-1.9.0-linux-amd64-musl.tar.gz && \ -curl https://sh.rustup.rs -sSf -o rustup.sh ; chmod +x rustup.sh ; ./rustup.sh -y ; export PATH="$PATH":/root/.cargo/bin && \ -pip install --no-cache-dir -r ./requirements.txt && \ -pip install --no-cache-dir git+https://github.com/HewlettPackard/py-spiffe.git@3640af9d6629c05e027f99010abc934cb74122a8 && \ -rm -r /root/.cargo /root/.rustup + libffi-dev=3.4.6-r0 +# Install spire-agent +RUN curl -LsSf -o spire-1.9.0-linux-amd64-musl.tar.gz https://github.com/spiffe/spire/releases/download/v1.9.0/spire-1.9.0-linux-amd64-musl.tar.gz && \ + tar xvf spire-1.9.0-linux-amd64-musl.tar.gz && \ + mv spire-1.9.0 /opt && \ + mv /opt/spire-1.9.0 /opt/spire && \ + ln -s /opt/spire/bin/spire-agent /usr/bin/spire-agent && \ + ln -s /opt/spire/bin/spire-server /usr/bin/spire-server && \ + rm -rf spire-1.9.0-linux-amd64-musl.tar.gz +# Install python things (and rust temporarily) +RUN curl https://sh.rustup.rs -sSf -o rustup.sh && \ + chmod +x rustup.sh && \ + ./rustup.sh -y && \ + export PATH="$PATH:/root/.cargo/bin" && \ + pip install --no-cache-dir -r ./requirements.txt && \ + pip install --no-cache-dir git+https://github.com/HewlettPackard/py-spiffe.git@3640af9d6629c05e027f99010abc934cb74122a8 && \ + rm -r /root/.cargo /root/.rustup # Set entrypoint ENTRYPOINT [ "./entrypoint.sh" ] diff --git a/client/data_preparation/Dockerfile b/client/data_preparation/Dockerfile index 7836c1b..ae6a556 100644 --- a/client/data_preparation/Dockerfile +++ b/client/data_preparation/Dockerfile @@ -14,22 +14,29 @@ COPY ./utils /data_preparation/utils # Set workdir WORKDIR /data_preparation -# Install necessary packages, spire-agent and rust +# Install necessary packages RUN apk add --no-cache \ - git=2.43.0-r0 \ - curl=8.5.0-r0 \ + git=2.45.2-r0 \ + curl=8.11.0-r2 \ jq=1.7.1-r0 \ build-base=0.5-r3 \ - libffi-dev=3.4.4-r3 && \ -curl -LsSf -o spire-1.9.0-linux-amd64-musl.tar.gz https://github.com/spiffe/spire/releases/download/v1.9.0/spire-1.9.0-linux-amd64-musl.tar.gz && \ -tar xvf spire-1.9.0-linux-amd64-musl.tar.gz ; mv spire-1.9.0 /opt ; mv /opt/spire-1.9.0 /opt/spire && \ -ln -s /opt/spire/bin/spire-agent /usr/bin/spire-agent && \ -ln -s /opt/spire/bin/spire-server /usr/bin/spire-server && \ -rm -rf spire-1.9.0-linux-amd64-musl.tar.gz && \ -curl https://sh.rustup.rs -sSf -o rustup.sh ; chmod +x rustup.sh ; ./rustup.sh -y ; export PATH="$PATH":/root/.cargo/bin && \ -pip install --no-cache-dir -r ./requirements.txt && \ -pip install --no-cache-dir git+https://github.com/HewlettPackard/py-spiffe.git@3640af9d6629c05e027f99010abc934cb74122a8 && \ -rm -r /root/.cargo /root/.rustup + libffi-dev=3.4.6-r0 +# Install spire-agent +RUN curl -LsSf -o spire-1.9.0-linux-amd64-musl.tar.gz https://github.com/spiffe/spire/releases/download/v1.9.0/spire-1.9.0-linux-amd64-musl.tar.gz && \ + tar xvf spire-1.9.0-linux-amd64-musl.tar.gz && \ + mv spire-1.9.0 /opt && \ + mv /opt/spire-1.9.0 /opt/spire && \ + ln -s /opt/spire/bin/spire-agent /usr/bin/spire-agent && \ + ln -s /opt/spire/bin/spire-server /usr/bin/spire-server && \ + rm -rf spire-1.9.0-linux-amd64-musl.tar.gz +# Install python things (and rust temporarily) +RUN curl https://sh.rustup.rs -sSf -o rustup.sh && \ + chmod +x rustup.sh && \ + ./rustup.sh -y && \ + export PATH="$PATH:/root/.cargo/bin" && \ + pip install --no-cache-dir -r ./requirements.txt && \ + pip install --no-cache-dir git+https://github.com/HewlettPackard/py-spiffe.git@3640af9d6629c05e027f99010abc934cb74122a8 && \ + rm -r /root/.cargo /root/.rustup # Set entrypoint ENTRYPOINT [ "./entrypoint.sh" ] diff --git a/client/job_preparation/Dockerfile b/client/job_preparation/Dockerfile index 5df7d90..9bb8f8e 100644 --- a/client/job_preparation/Dockerfile +++ b/client/job_preparation/Dockerfile @@ -11,14 +11,20 @@ WORKDIR /job_preparation # Copy utils for SPIFFEID creation ... COPY ./utils /job_preparation/utils -# Install necessary packages and rust +# Install necessary packages RUN apk add --no-cache \ - curl=8.5.0-r0 \ + git=2.45.2-r0 \ + curl=8.11.0-r2 \ + jq=1.7.1-r0 \ build-base=0.5-r3 \ - libffi-dev=3.4.4-r3 && \ -curl https://sh.rustup.rs -sSf -o rustup.sh ; chmod +x rustup.sh ; ./rustup.sh -y ; export PATH="$PATH":/root/.cargo/bin && \ -pip install --no-cache-dir -r ./requirements.txt && \ -rm -r /root/.cargo /root/.rustup + libffi-dev=3.4.6-r0 +# Install python things (and rust temporarily) +RUN curl https://sh.rustup.rs -sSf -o rustup.sh && \ + chmod +x rustup.sh && \ + ./rustup.sh -y && \ + export PATH="$PATH:/root/.cargo/bin" && \ + pip install --no-cache-dir -r ./requirements.txt && \ + rm -r /root/.cargo /root/.rustup # Set entrypoint ENTRYPOINT [ "python3", "./prepare_job.py" ] diff --git a/server/Dockerfile b/server/Dockerfile index da5ff95..1310111 100644 --- a/server/Dockerfile +++ b/server/Dockerfile @@ -4,14 +4,18 @@ FROM --platform=$BUILDPLATFORM python:3.9-alpine # Install necessary packages and spire-agent RUN apk add --no-cache \ - git=2.43.0-r0 \ + git=2.45.2-r0 \ + curl=8.11.0-r2 \ build-base=0.5-r3 \ - openssl=3.1.4-r5 && \ -wget -q https://github.com/spiffe/spire/releases/download/v1.9.0/spire-1.9.0-linux-amd64-musl.tar.gz && \ -tar xvf spire-1.9.0-linux-amd64-musl.tar.gz ; mv spire-1.9.0 /opt ; mv /opt/spire-1.9.0 /opt/spire && \ -ln -s /opt/spire/bin/spire-agent /usr/bin/spire-agent && \ -ln -s /opt/spire/bin/spire-server /usr/bin/spire-server && \ -rm -rf spire-1.9.0-linux-amd64-musl.tar.gz + openssl=3.3.2-r1 +# Install spire-agent +RUN curl -LsSf -o spire-1.9.0-linux-amd64-musl.tar.gz https://github.com/spiffe/spire/releases/download/v1.9.0/spire-1.9.0-linux-amd64-musl.tar.gz && \ + tar xvf spire-1.9.0-linux-amd64-musl.tar.gz && \ + mv spire-1.9.0 /opt && \ + mv /opt/spire-1.9.0 /opt/spire && \ + ln -s /opt/spire/bin/spire-agent /usr/bin/spire-agent && \ + ln -s /opt/spire/bin/spire-server /usr/bin/spire-server && \ + rm -rf spire-1.9.0-linux-amd64-musl.tar.gz # Copy server COPY ./server /server @@ -21,7 +25,7 @@ WORKDIR /server # Install dependencies RUN pip install --no-cache-dir -r ./requirements.txt && \ -pip install --no-cache-dir git+https://github.com/HewlettPackard/py-spiffe.git@3640af9d6629c05e027f99010abc934cb74122a8 + pip install --no-cache-dir git+https://github.com/HewlettPackard/py-spiffe.git@3640af9d6629c05e027f99010abc934cb74122a8 # Copy utils COPY ./utils /server/utils