diff --git a/.dockerignore b/.dockerignore index f5faf1f0e3..46c83b0467 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,2 +1 @@ -.git awx/ui/node_modules diff --git a/Makefile b/Makefile index 415abd7104..0b74a6fc17 100644 --- a/Makefile +++ b/Makefile @@ -19,7 +19,8 @@ PYCURL_SSL_LIBRARY ?= openssl COMPOSE_TAG ?= $(GIT_BRANCH) COMPOSE_HOST ?= $(shell hostname) -VENV_BASE ?= /venv +VENV_BASE ?= /var/lib/awx/venv/ +COLLECTION_BASE ?= /var/lib/awx/vendor/awx_ansible_collections SCL_PREFIX ?= CELERY_SCHEDULE_FILE ?= /var/lib/awx/beat.db diff --git a/awx/settings/development.py b/awx/settings/development.py index 108767b98c..db58f42245 100644 --- a/awx/settings/development.py +++ b/awx/settings/development.py @@ -148,7 +148,7 @@ include(optional('/etc/tower/settings.py'), scope=locals()) include(optional('/etc/tower/conf.d/*.py'), scope=locals()) # Installed differently in Dockerfile compared to production versions -AWX_ANSIBLE_COLLECTIONS_PATHS = '/vendor/awx_ansible_collections' +AWX_ANSIBLE_COLLECTIONS_PATHS = '/var/lib/awx/vendor/awx_ansible_collections' BASE_VENV_PATH = "/venv/" ANSIBLE_VENV_PATH = os.path.join(BASE_VENV_PATH, "ansible") diff --git a/awx/settings/local_settings.py.docker_compose b/awx/settings/local_settings.py.docker_compose index 213f4efe4b..f853f35e12 100644 --- a/awx/settings/local_settings.py.docker_compose +++ b/awx/settings/local_settings.py.docker_compose @@ -53,7 +53,7 @@ if "pytest" in sys.modules: PROJECTS_ROOT = '/var/lib/awx/projects/' # Location for cross-development of inventory plugins -AWX_ANSIBLE_COLLECTIONS_PATHS = '/vendor/awx_ansible_collections' +AWX_ANSIBLE_COLLECTIONS_PATHS = '/var/lib/awx/vendor/awx_ansible_collections' # Absolute filesystem path to the directory for job status stdout # This directory should not be web-accessible diff --git a/installer/roles/image_build/files/Dockerfile.sdist b/installer/roles/image_build/files/Dockerfile.sdist deleted file mode 100644 index c4ed45477f..0000000000 --- a/installer/roles/image_build/files/Dockerfile.sdist +++ /dev/null @@ -1,22 +0,0 @@ -FROM centos:8 - -RUN dnf -y update && dnf -y install epel-release && \ - dnf install -y bzip2 \ - gcc-c++ \ - gettext \ - git \ - make \ - nodejs \ - python3 \ - python3-setuptools - -# Use the distro provided npm to bootstrap our required version of node -RUN npm install -g n && n 14.15.1 && dnf remove -y nodejs - -RUN mkdir -p /.npm && chmod g+rwx /.npm - -ENV PATH=/usr/local/n/versions/node/14.15.1/bin:$PATH - -WORKDIR "/awx" - -CMD ["make", "sdist"] diff --git a/installer/roles/image_build/tasks/main.yml b/installer/roles/image_build/tasks/main.yml index 46add2552c..d14530b7a2 100644 --- a/installer/roles/image_build/tasks/main.yml +++ b/installer/roles/image_build/tasks/main.yml @@ -19,76 +19,6 @@ delegate_to: localhost when: awx_official|default(false)|bool -- name: Set sdist file name - set_fact: - awx_sdist_file: "awx-{{ awx_version }}.tar.gz" - -- name: AWX Distribution - debug: - msg: "{{ awx_sdist_file }}" - -- name: Stat distribution file - stat: - path: "../dist/{{ awx_sdist_file }}" - delegate_to: localhost - register: sdist - -- name: Clean distribution - command: make clean - args: - chdir: .. - ignore_errors: true - when: not sdist.stat.exists - delegate_to: localhost - -- name: Build sdist builder image - docker_image: - build: - path: "{{ role_path }}/files" - dockerfile: Dockerfile.sdist - pull: false - args: - http_proxy: "{{ http_proxy | default('') }}" - https_proxy: "{{ https_proxy | default('') }}" - no_proxy: "{{ no_proxy | default('') }}" - name: awx_sdist_builder - tag: "{{ awx_version }}" - source: 'build' - force_source: true - delegate_to: localhost - when: use_container_for_build|default(true)|bool - -- name: Get current uid - command: id -u - register: uid - -- name: Build AWX distribution using container - docker_container: - env: - http_proxy: "{{ http_proxy | default('') }}" - https_proxy: "{{ https_proxy | default('') }}" - no_proxy: "{{ no_proxy | default('') }}" - image: "awx_sdist_builder:{{ awx_version }}" - name: awx_sdist_builder - state: started - user: "{{ uid.stdout }}" - detach: false - volumes: - - ../:/awx:Z - delegate_to: localhost - when: use_container_for_build|default(true)|bool - -- name: Build AWX distribution locally - command: make sdist - args: - chdir: .. - delegate_to: localhost - when: not use_container_for_build|default(true)|bool - -- name: Set docker build base path - set_fact: - docker_base_path: "{{ awx_local_base_config_path|default('/tmp') }}/docker-image" - - name: Set awx image name set_fact: awx_image: "{{ awx_image|default('awx') }}" @@ -97,32 +27,16 @@ template: src: Dockerfile.j2 dest: ../Dockerfile - -- name: Build base awx image - docker_image: - build: - path: ".." - dockerfile: Dockerfile - pull: false - args: - http_proxy: "{{ http_proxy | default('') }}" - https_proxy: "{{ https_proxy | default('') }}" - no_proxy: "{{ no_proxy | default('') }}" - name: "{{ awx_image }}" - tag: "{{ awx_version }}" - source: 'build' - force_source: true delegate_to: localhost +# Calling Docker directly because docker-py doesnt support BuildKit +- name: Build AWX image + command: docker build -t {{ awx_image }}:{{ awx_version }} .. + delegate_to: localhost + when: use_container_for_build|default(true)|bool + - name: Tag awx images as latest command: "docker tag {{ item }}:{{ awx_version }} {{ item }}:latest" delegate_to: localhost with_items: - "{{ awx_image }}" - -- name: Clean docker base directory - file: - path: "{{ docker_base_path }}" - state: absent - when: cleanup_docker_base|default(True)|bool - delegate_to: localhost diff --git a/installer/roles/image_build/templates/Dockerfile.j2 b/installer/roles/image_build/templates/Dockerfile.j2 index 89e7d543d3..ebbd4f885e 100644 --- a/installer/roles/image_build/templates/Dockerfile.j2 +++ b/installer/roles/image_build/templates/Dockerfile.j2 @@ -9,15 +9,11 @@ {% endif %} # Locations - set globally to be used across stages -ARG VENV_BASE="{% if not build_dev|bool %}/var/lib/awx{% endif %}/venv" -ARG COLLECTION_BASE="{% if not build_dev|bool %}/var/lib/awx{% endif %}/vendor/awx_ansible_collections" +ARG COLLECTION_BASE="/var/lib/awx/vendor/awx_ansible_collections" # Build container FROM centos:8 as builder -ARG VENV_BASE -ARG COLLECTION_BASE - ENV LANG en_US.UTF-8 ENV LANGUAGE en_US:en ENV LC_ALL en_US.UTF-8 @@ -74,16 +70,21 @@ RUN cd /tmp && make requirements_collections ADD requirements/requirements_dev.txt /tmp/requirements RUN cd /tmp && make requirements_awx_dev requirements_ansible_dev {% endif %} + {% if not build_dev|bool %} -COPY dist/{{ awx_sdist_file }} /tmp/{{ awx_sdist_file }} -RUN mkdir -p -m 755 /var/lib/awx && \ - OFFICIAL=yes /var/lib/awx/venv/awx/bin/pip install /tmp/{{ awx_sdist_file }} +# Use the distro provided npm to bootstrap our required version of node +RUN npm install -g n && n 14.15.1 && dnf remove -y nodejs + +# Copy source into builder, build sdist, install it into awx venv +COPY . /tmp/src/ +WORKDIR /tmp/src/ +RUN make sdist && \ + /var/lib/awx/venv/awx/bin/pip install dist/awx-$(cat VERSION).tar.gz {% endif %} # Final container(s) FROM centos:8 -ARG VENV_BASE ARG COLLECTION_BASE ENV LANG en_US.UTF-8 @@ -92,28 +93,6 @@ ENV LC_ALL en_US.UTF-8 USER root -{% if build_dev|bool %} -# Install development/test requirements -RUN dnf -y install \ - gtk3 \ - gettext \ - alsa-lib \ - libX11-xcb \ - libXScrnSaver \ - strace \ - vim \ - nmap-ncat \ - nodejs \ - nss \ - make \ - patch \ - tmux \ - wget \ - diffutils \ - unzip && \ - npm install -g n && n 14.15.1 && dnf remove -y nodejs -{% endif %} - # Install runtime requirements RUN dnf -y update && \ dnf -y install epel-release 'dnf-command(config-manager)' && \ @@ -165,16 +144,40 @@ RUN cd /usr/local/bin && \ curl -L https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz | \ tar -xz --strip-components=1 --wildcards --no-anchored 'oc' +{% if build_dev|bool %} +# Install development/test requirements +RUN dnf --enablerepo=debuginfo -y install \ + gdb \ + gtk3 \ + gettext \ + alsa-lib \ + libX11-xcb \ + libXScrnSaver \ + strace \ + vim \ + nmap-ncat \ + nodejs \ + nss \ + make \ + patch \ + python3-debuginfo \ + socat \ + tmux \ + wget \ + diffutils \ + unzip && \ + npm install -g n && n 14.15.1 && dnf remove -y nodejs +{% endif %} + # Copy app from builder +COPY --from=builder /var/lib/awx /var/lib/awx + {%if build_dev|bool %} -COPY --from=builder /venv /venv -COPY --from=builder /vendor /vendor RUN openssl req -nodes -newkey rsa:2048 -keyout /etc/nginx/nginx.key -out /etc/nginx/nginx.csr \ -subj "/C=US/ST=North Carolina/L=Durham/O=Ansible/OU=AWX Development/CN=awx.localhost" && \ openssl x509 -req -days 365 -in /etc/nginx/nginx.csr -signkey /etc/nginx/nginx.key -out /etc/nginx/nginx.crt && \ chmod 640 /etc/nginx/nginx.{csr,key,crt} {% else %} -COPY --from=builder /var/lib/awx /var/lib/awx RUN ln -s /var/lib/awx/venv/awx/bin/awx-manage /usr/bin/awx-manage {% endif %} @@ -223,17 +226,17 @@ RUN chmod u+s /usr/bin/bwrap ; \ {% if build_dev|bool %} RUN for dir in \ - /venv \ - /venv/awx/lib/python3.6 \ + /var/lib/awx/venv \ + /var/lib/awx/venv/awx/lib/python3.6 \ /var/lib/awx/projects \ /var/lib/awx/rsyslog \ /var/run/awx-rsyslog \ /.ansible \ - /vendor ; \ + /var/lib/awx/vendor ; \ do mkdir -m 0775 -p $dir ; chmod g+rw $dir ; chgrp root $dir ; done && \ for file in \ /var/run/nginx.pid \ - /venv/awx/lib/python3.6/site-packages/awx.egg-link ; \ + /var/lib/awx/venv/awx/lib/python3.6/site-packages/awx.egg-link ; \ do touch $file ; chmod g+rw $file ; done {% endif %}