fix(dockerfiles): increase verbosity of the shell commands

also improve find commands, skipping some directories
netmanagers · Jun 3, 2020 · 2958e2f · 2958e2f
1 parent 64256bf
commit 2958e2f
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 13 deletions.
diff --git a/Dockerfile.apt b/Dockerfile.apt
@@ -15,7 +15,7 @@ ARG PKGS="udev git net-tools sudo curl locales procps openssh-server lsb-release
 COPY files/dpkg-nodoc /etc/dpkg/dpkg.cfg.d/01_nodoc
 COPY files/apt-no-recommends /etc/apt/apt.conf.d/99synaptic
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/bash", "-x", "-o", "pipefail", "-c"]
 # hadolint ignore=DL3008
 RUN apt-get update \
  && apt-get install --yes --no-install-recommends $PKGS \
@@ -31,8 +31,8 @@ RUN apt-get update \
            /lib/systemd/system/systemd*udev* \
            /lib/systemd/system/getty.target \
           /etc/default/locale /etc/locale.gen \
- && (find / -name "*pyc"; \
-     find / -name "__pycache__"; \
+ && (find / ! -path "/{proc,sys,dev}" -name "*.pyc"; \
+     find / ! -path "/{proc,sys,dev}" -name "__pycache__"; \
      find /var/log -type f) | \
     grep -v /proc | xargs rm -rf \
     # Also obscure any `getty` binaries https://github.com/moby/moby/issues/4040#issuecomment-339022455

diff --git a/Dockerfile.dnf b/Dockerfile.dnf
@@ -10,7 +10,7 @@ ARG PYTHON_VERSION
 ARG EXTRA_PACKAGES=""
 ARG PKGS="udev git net-tools sudo curl openssh-server openssh-clients which findutils glibc-langpack-en $EXTRA_PACKAGES"
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/bash", "-x", "-o", "pipefail", "-c"]
 RUN dnf -y update && dnf -y install ${PKGS} \
  && curl -L https://raw.githubusercontent.com/saltstack/salt-bootstrap/develop/bootstrap-salt.sh | \
     sh -s -- -XUdfP -x python$PYTHON_VERSION $SALT_INSTALL_METHOD $SALT_VERSION \
@@ -20,8 +20,8 @@ RUN dnf -y update && dnf -y install ${PKGS} \
  && rm -rf /var/cache/{salt,pacman} \
            /usr/lib/systemd/system/systemd*udev* \
            /usr/lib/systemd/system/getty.target \
- && (find / -name "*pyc"; \
-     find / -name "__pycache__"; \
+ && (find / ! -path "/{proc,sys,dev}" -name "*.pyc"; \
+     find / ! -path "/{proc,sys,dev}" -name "__pycache__"; \
      find /var/log -type f) | \
     grep -v /proc | xargs rm -rf \
     # Also obscure any `getty` binaries (https://github.com/moby/moby/issues/4040#issuecomment-339022455)

diff --git a/Dockerfile.pac b/Dockerfile.pac
@@ -10,7 +10,7 @@ ARG PYTHON_VERSION
 ARG EXTRA_PACKAGES=""
 ARG PKGS="udev git net-tools sudo curl $EXTRA_PACKAGES"
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/bash", "-x", "-o", "pipefail", "-c"]
 RUN pacman --noconfirm -Sy archlinux-keyring \
  && pacman-db-upgrade \
  && pacman --noconfirm -Syu ${PKGS} \
@@ -23,8 +23,8 @@ RUN pacman --noconfirm -Sy archlinux-keyring \
  && rm -rf /var/cache/{salt,pacman} \
            /usr/lib/systemd/system/systemd*udev* \
            /usr/lib/systemd/system/getty.target \
- && (find / -name "*pyc"; \
-     find / -name "__pycache__"; \
+ && (find / ! -path "/{proc,sys,dev}" -name "*.pyc"; \
+     find / ! -path "/{proc,sys,dev}" -name "__pycache__"; \
      find /var/log -type f) | \
     grep -v /proc | xargs rm -rf \
     # Also obscure any `getty` binaries (https://github.com/moby/moby/issues/4040#issuecomment-339022455)

diff --git a/Dockerfile.yum b/Dockerfile.yum
@@ -12,7 +12,7 @@ ARG PYTHON_VERSION
 ARG EXTRA_PACKAGES=""
 ARG PKGS="udev git net-tools sudo curl openssh-server openssh-clients which $EXTRA_PACKAGES"
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/bash", "-x", "-o", "pipefail", "-c"]
 # Centos 7 requires EPEL repo before being able to install python2-pip
 RUN if [[ "${DISTRO_NAME}" = "centos" && "${DISTRO_VERSION}" = "7" ]]; \
     then yum -y install epel-release; \
@@ -40,8 +40,9 @@ RUN if [[ "${DISTRO_NAME}" = "centos" && "${DISTRO_VERSION}" = "7" ]]; \
  && rm -rf /var/cache/{salt,yum} \
            /usr/lib/systemd/system/systemd*udev* \
            /usr/lib/systemd/system/getty.target \
- && (find / -name "*pyc"; \
-     find / -name "__pycache__") | \
+ && (find / ! -path "/{proc,sys,dev}" -name "*.pyc"; \
+     find / ! -path "/{proc,sys,dev}" -name "__pycache__"; \
+     find /var/log -type f) | \
     grep -v /proc | xargs rm -rf \
     # Also obscure any `getty` binaries (https://github.com/moby/moby/issues/4040#issuecomment-339022455)
  && cp /bin/true /sbin/agetty \

diff --git a/Dockerfile.zyp b/Dockerfile.zyp
@@ -10,7 +10,7 @@ ARG PYTHON_VERSION
 ARG EXTRA_PACKAGES=""
 ARG PKGS="udev git net-tools net-tools-deprecated sudo curl glibc-locale openssh which python-xml $EXTRA_PACKAGES"
 
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/bash", "-x", "-o", "pipefail", "-c"]
 RUN zypper refresh && zypper install -y ${PKGS} \
  && systemctl enable sshd \
     # https://github.com/inspec/train/issues/377