Rhel docker and dependancies adding

OpsMx · Mar 10, 2023 · fd4cca7 · fd4cca7
1 parent ef229a1
commit fd4cca7
Show file tree

Hide file tree

Showing 3 changed files with 166 additions and 0 deletions.
diff --git a/docker/ubi8/Dockerfile b/docker/ubi8/Dockerfile
@@ -0,0 +1,29 @@
+FROM registry.access.redhat.com/ubi8/ubi:8.3
+MAINTAINER sig-platform@spinnaker.io
+LABEL name='deck'
+LABEL maintainer='info@opsmx.io'
+LABEL release=2
+LABEL summary='Red Hat certified Open Enterprise Spinnaker ubi8 container image for deck'
+LABEL description='Certified Open Enterprise Spinnaker is an Enterprise grade, Red Hat certified and OpsMx supported release of the popular and critically acclaimed Continuous Delivery platform Spinnaker'
+LABEL vendor='OpsMx'
+WORKDIR /opt/deck
+RUN yum -y install java-11-openjdk-headless.x86_64 wget vim  net-tools curl nettle
+RUN yum -y update
+COPY docker        /opt/deck/docker
+COPY docker/run-apache2.sh docker/run-apache2.sh
+COPY docker/setup-apache2.sh docker/setup-apache2.sh
+RUN chmod -R 777 docker/setup-apache2.sh
+RUN docker/setup-apache2.sh
+COPY build/webpack /opt/deck/html
+RUN chown -R apache:apache /opt/deck
+USER root
+RUN chown -Rf apache:root /var/log/httpd && chmod -Rf 775 /var/log/httpd
+RUN chgrp -Rf root /var/lib && chmod -Rf g+w /var/lib
+RUN chgrp -Rf root /etc/httpd && chmod -Rf g+w /etc/httpd
+RUN chgrp -Rf root /opt/deck && chmod -Rf g+w /opt/deck
+RUN chgrp -Rf root /var/lock && chmod -Rf g+w /var/lock
+RUN chgrp -Rf root /run/lock && chmod -Rf g+w /run/lock
+RUN chown -Rf apache:root /var/run/httpd && chmod -Rf 775 /var/run/httpd
+RUN chmod g+w /etc/passwd
+USER apache
+CMD docker/run-apache2.sh
diff --git a/docker/ubi8/runapache2.sh b/docker/ubi8/runapache2.sh
@@ -0,0 +1,106 @@
+# Set any missing env variables used to configure deck
+
+_DECK_HOST=$DECK_HOST
+_DECK_PORT=$DECK_PORT
+_API_HOST=$API_HOST
+_DECK_CERT_PATH=$DECK_CERT
+_DECK_KEY_PATH=$DECK_KEY
+_PASSPHRASE=$PASSPHRASE
+
+if [ ! -e "/etc/redhat-release" ]; then
+    dir=apache2
+    sites=/etc/$dir/sites-available
+    conf=/etc/$dir
+    a2=true
+else
+    dir=httpd
+    sites=/etc/$dir/conf.d
+    conf=/etc/$dir/conf.d
+    a2=false
+fi
+
+if [ -z "$_DECK_HOST" ];
+then
+    _DECK_HOST=0.0.0.0
+fi
+
+if [ -z "$_DECK_PORT" ];
+then
+    _DECK_PORT=9000
+fi
+
+if [ -z "$_API_HOST" ];
+then
+    _API_HOST=http://localhost:8084
+fi
+
+if [ -z "$_DECK_CERT_PATH" ];
+then
+  cp docker/spinnaker.conf.gen spinnaker.conf
+  # remove ssl config, httpd doesn't start without certs
+  if [ -e "/etc/redhat-release" ]; then
+    rm $conf/ssl.conf
+  fi
+else
+  if [ ! -e "/etc/redhat-release" ]; then
+    a2enmod ssl
+  fi
+  # on RHEL it's enabled through config
+  rm $conf/ssl.conf
+  cp docker/spinnaker.conf.ssl spinnaker.conf
+  sed -ie 's|{%DECK_CERT_PATH%}|'$_DECK_CERT_PATH'|g' spinnaker.conf
+  sed -ie 's|{%DECK_KEY_PATH%}|'$_DECK_KEY_PATH'|g' spinnaker.conf
+fi
+
+# Generate spinnaker.conf site & enable it
+
+sed -ie 's|{%DECK_HOST%}|'$_DECK_HOST'|g' spinnaker.conf
+sed -ie 's|{%DECK_PORT%}|'$_DECK_PORT'|g' spinnaker.conf
+sed -ie 's|{%API_HOST%}|'$_API_HOST'|g' spinnaker.conf
+
+mkdir -p $sites
+mv spinnaker.conf $sites
+
+if [ "a2" == "true" ]; then
+  a2ensite spinnaker
+fi
+
+# Update ports.conf to reflect desired deck host
+
+cp docker/ports.conf.gen ports.conf
+
+sed -ie "s|{%DECK_HOST%}|$_DECK_HOST|g" ports.conf
+sed -ie "s|{%DECK_PORT%}|$_DECK_PORT|g" ports.conf
+sed -ie "s|apache2|$dir|g" ports.conf
+mv ports.conf $conf/ports.conf
+
+# Create a passphrase file to inject the SSL passphrase into apache's startup
+
+cp docker/passphrase.gen passphrase
+
+sed -ie "s|{%PASSPHRASE%}|$_PASSPHRASE|g" passphrase
+
+# Clear password from env vars
+
+_PASSPHRASE=""
+PASSPHRASE=""
+
+chmod +x passphrase
+mv passphrase /etc/$dir/passphrase
+
+if [ -e /opt/spinnaker/config/settings.js ];
+then
+        cp /opt/spinnaker/config/settings.js /opt/deck/html/settings.js
+fi
+
+if [ -e /opt/spinnaker/config/settings-local.js ];
+then
+        cp /opt/spinnaker/config/settings-local.js /opt/deck/html/settings-local.js
+fi
+
+if [ ! -e "/etc/redhat-release" ]; then
+  apache2ctl -D FOREGROUND
+else
+  sed -ie "s|Listen 80|#Listen 80|" /etc/httpd/conf/httpd.conf
+  exec /usr/sbin/apachectl -DFOREGROUND
+fi
diff --git a/docker/ubi8/setupapache2.sh b/docker/ubi8/setupapache2.sh
@@ -0,0 +1,31 @@
+if [ ! -e "/etc/redhat-release" ]; then
+  user=www-data
+  group=$user
+  app=apache2
+
+  apt-get update
+  apt-get install $app -y
+  service $app stop
+  a2enmod proxy proxy_ajp proxy_http rewrite deflate headers proxy_balancer proxy_connect proxy_html xml2enc
+else
+  user=apache
+  group=$user
+  app=httpd
+
+  yum update
+  maj=$(cat /etc/system-release-cpe | awk -F: '{ print $5 }' | awk -F. '{ print $1 }')
+  if [ "$maj" == "7" ];then
+    prep="httpd24-"
+  else
+    prep=""
+  fi
+  yum install -y ${prep}mod_proxy_html mod_ssl $app
+fi
+
+chown -R $user:$group /etc/$app
+for dir in /var/lib /var/run /var/log;
+do
+   mkdir -p $dir/$app
+  chown -R $user:$group $dir/$app
+done
+