FROM centos:8 ENV LANG en_US.UTF-8 ENV LANGUAGE en_US:en ENV LC_ALL en_US.UTF-8 USER root ADD google-cloud-sdk.repo /etc/yum.repos.d/ ADD rsyslog.repo /etc/yum.repos.d/rsyslog.repo # sync with installer/roles/image_build/templates/Dockerfile.j2 RUN dnf -y update && \ dnf -y install https://github.com/krallin/tini/releases/download/v0.18.0/tini_0.18.0.rpm && \ dnf -y install epel-release 'dnf-command(config-manager)' && \ dnf module -y enable 'postgresql:10' && \ dnf config-manager --set-enabled PowerTools && \ dnf -y install acl \ ansible \ bubblewrap \ curl \ diffutils \ dnf-utils \ gcc \ gcc-c++ \ gettext \ git-core \ glibc-langpack-en \ krb5-workstation \ kubectl \ libcurl-devel \ libffi-devel \ libstdc++.so.6 \ libtool-ltdl-devel \ libcgroup-tools \ make \ mercurial \ nginx \ nodejs \ nss \ openldap-devel \ openssh-server \ patch \ @postgresql:10 \ postgresql-devel \ python3-devel \ python3-libselinux \ python3-pip \ python3-psycopg2 \ python3-setuptools \ python3-pycurl \ rsync \ rsyslog-omhttp \ subversion \ sudo \ swig \ tmux \ unzip \ vim-minimal \ which \ xmlsec1 \ xmlsec1-devel \ xmlsec1-openssl \ xmlsec1-openssl-devel RUN python3 -m ensurepip && pip3 install "virtualenv < 20" supervisor # Install AWX + Requirements ADD Makefile /tmp/Makefile RUN mkdir /tmp/requirements ADD requirements/requirements_ansible.txt \ requirements/requirements_ansible_uninstall.txt \ requirements/requirements_ansible_git.txt \ requirements/requirements.txt \ requirements/requirements_tower_uninstall.txt \ requirements/requirements_git.txt \ requirements/collections_requirements.yml \ /tmp/requirements/ RUN cd /tmp && VENV_BASE="/var/lib/awx/venv" make requirements_awx requirements_ansible_py3 RUN cd /tmp && COLLECTION_BASE="/var/lib/awx/vendor/inventory_collections" make requirements_collections COPY {{ awx_sdist_file }} /tmp/{{ awx_sdist_file }} RUN echo "{{ awx_version }}" > /var/lib/awx/.tower_version && \ OFFICIAL=yes /var/lib/awx/venv/awx/bin/pip install /tmp/{{ awx_sdist_file }} && \ ln -s /var/lib/awx/venv/awx/bin/awx-manage /usr/bin/awx-manage RUN dnf -y remove *-devel \ gcc \ gcc-c++ \ nodejs ADD settings.py /etc/tower/settings.py ADD supervisor.conf /supervisor.conf ADD supervisor_task.conf /supervisor_task.conf ADD launch_awx.sh /usr/bin/launch_awx.sh ADD launch_awx_task.sh /usr/bin/launch_awx_task.sh ADD config-watcher /usr/bin/config-watcher # Install OpenShift CLI RUN cd /usr/local/bin && \ curl -L https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz | \ tar -xz --strip-components=1 --wildcards --no-anchored 'oc' # Pre-create things that we need to write to RUN for dir in /home/awx /var/run/supervisor /var/lib/awx /var/lib/awx/rsyslog /var/lib/awx/rsyslog/conf.d /var/run/awx-rsyslog /var/log/tower /var/log/nginx /var/lib/nginx; \ do mkdir -p $dir; chmod -R g+rwx $dir; chgrp -R root $dir; done && \ \ for file in /etc/passwd /var/run/nginx.pid; \ do touch $file; chmod -R g+rwx $file; chgrp -R root $file; done # Create default awx rsyslog config ADD rsyslog.conf /var/lib/awx/rsyslog/rsyslog.conf # Fix up permissions RUN find /var/lib/awx -not -path '/var/lib/awx/venv*' | xargs chgrp root && \ find /var/lib/awx -not -path '/var/lib/awx/venv*' | xargs chmod g+w && \ chgrp root /var/lib/awx/rsyslog/rsyslog.conf && \ chmod +rx /usr/bin/launch_awx.sh && \ chmod +rx /usr/bin/launch_awx_task.sh && \ chmod +rx /usr/bin/config-watcher && \ chmod u+s /usr/bin/bwrap # https://github.com/ansible/awx/issues/5224 RUN ln -sf /dev/stdout /var/log/nginx/access.log && \ ln -sf /dev/stderr /var/log/nginx/error.log RUN dnf -y clean all && rm -rf /root/.cache rm -rf /tmp/* ENV HOME=/home/awx ENV PATH="/usr/pgsql-10/bin:${PATH}" WORKDIR ${HOME} USER 1000 EXPOSE 8052 ENTRYPOINT ["tini", "--"] CMD /usr/bin/launch_awx.sh VOLUME /var/lib/nginx