Blame - docker/Keystone/Dockerfile - osm/devops

blob: b00b384823c0c9e63fb0ba36b786fe7fded74a28 [file] [log] [blame]

beierlm	e764625	2022-01-13 10:53:08 -0500	[diff] [blame]	1	#######################################################################################
				2	# Copyright ETSI Contributors and Others.
Eduardo Sousa	3c76174	2019-02-05 16:19:31 +0000	[diff] [blame]	3	#
beierlm	e764625	2022-01-13 10:53:08 -0500	[diff] [blame]	4	# Licensed under the Apache License, Version 2.0 (the "License");
				5	# you may not use this file except in compliance with the License.
				6	# You may obtain a copy of the License at
Eduardo Sousa	3c76174	2019-02-05 16:19:31 +0000	[diff] [blame]	7	#
beierlm	e764625	2022-01-13 10:53:08 -0500	[diff] [blame]	8	# http://www.apache.org/licenses/LICENSE-2.0
Eduardo Sousa	3c76174	2019-02-05 16:19:31 +0000	[diff] [blame]	9	#
				10	# Unless required by applicable law or agreed to in writing, software
beierlm	e764625	2022-01-13 10:53:08 -0500	[diff] [blame]	11	# distributed under the License is distributed on an "AS IS" BASIS,
				12	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
				13	# implied.
				14	# See the License for the specific language governing permissions and
				15	# limitations under the License.
				16	#######################################################################################
Gulsum Atici	24fb69d	2023-06-19 10:58:23 +0300	[diff] [blame^]	17	FROM ubuntu:22.04
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	18
beierlm	e764625	2022-01-13 10:53:08 -0500	[diff] [blame]	19	ARG APT_PROXY
				20	RUN if [ ! -z $APT_PROXY ] ; then \
				21	echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
				22	echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
				23	fi
				24
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	25	EXPOSE 5000
				26
sousaedu	9d1d0c1	2022-01-21 14:01:53 +0000	[diff] [blame]	27	WORKDIR /app
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	28
sousaedu	9d1d0c1	2022-01-21 14:01:53 +0000	[diff] [blame]	29	COPY scripts/start.sh /app/start.sh
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	30
bravof	7751aba	2021-10-20 11:48:16 -0300	[diff] [blame]	31	RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
				32	DEBIAN_FRONTEND=noninteractive apt-get upgrade -y && \
				33	DEBIAN_FRONTEND=noninteractive apt-get autoremove -y && \
				34	DEBIAN_FRONTEND=noninteractive apt-get install -y software-properties-common && \
Gulsum Atici	24fb69d	2023-06-19 10:58:23 +0300	[diff] [blame^]	35	add-apt-repository -y cloud-archive:antelope && \
bravof	7751aba	2021-10-20 11:48:16 -0300	[diff] [blame]	36	DEBIAN_FRONTEND=noninteractive apt-get update && \
				37	DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y && \
				38	DEBIAN_FRONTEND=noninteractive apt-get install -y \
				39	apache2=2.4.* \
Gulsum Atici	24fb69d	2023-06-19 10:58:23 +0300	[diff] [blame^]	40	keystone=2:23.0.* \
				41	libapache2-mod-wsgi-py3=4.9.* \
				42	python3-pip=22.0.* \
				43	build-essential=12.9* \
				44	python3-dev=3.10.* \
				45	libldap2-dev=2.5.* \
bravof	7751aba	2021-10-20 11:48:16 -0300	[diff] [blame]	46	libsasl2-dev=2.1.* \
Gulsum Atici	24fb69d	2023-06-19 10:58:23 +0300	[diff] [blame^]	47	libssl-dev=3.0.* \
				48	libffi-dev=3.4* \
bravof	7751aba	2021-10-20 11:48:16 -0300	[diff] [blame]	49	libxml2-dev=2.9.* \
				50	libxslt1-dev=1.1.* \
				51	zlib1g-dev=1:1.2.* \
Gulsum Atici	24fb69d	2023-06-19 10:58:23 +0300	[diff] [blame^]	52	ldap-utils=2.5.* \
				53	curl=7.81.* \
bravof	7751aba	2021-10-20 11:48:16 -0300	[diff] [blame]	54	net-tools=1.60* \
				55	mysql-client=8.0.* \
Gulsum Atici	24fb69d	2023-06-19 10:58:23 +0300	[diff] [blame^]	56	dnsutils=1:9.18.* && \
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	57	rm -rf /var/lib/apt/lists/* && \
				58	chmod +x start.sh
				59
Gulsum Atici	24fb69d	2023-06-19 10:58:23 +0300	[diff] [blame^]	60	RUN pip3 install python-ldap==3.2.0 ldappool==3.0.0 python-openstackclient==6.2.0
bravof	7751aba	2021-10-20 11:48:16 -0300	[diff] [blame]	61
sousaedu	9d1d0c1	2022-01-21 14:01:53 +0000	[diff] [blame]	62	# Creating the user for the app
				63	RUN groupadd -g 1000 appuser && \
				64	useradd -u 1000 -g 1000 -d /app appuser && \
				65	usermod -a -G keystone appuser && \
				66	usermod -a -G adm appuser && \
				67	chown -R appuser:appuser /app && \
				68	chown root:keystone /etc/keystone && \
				69	chmod 770 /etc/keystone && \
				70	chown root:keystone /etc/ssl/certs && \
				71	chmod 770 /etc/ssl/certs && \
				72	chown root:keystone /etc/apache2/apache2.conf && \
				73	chmod 664 /etc/apache2/apache2.conf && \
				74	sed -i 's/Listen 80/Listen 8080/g' /etc/apache2/ports.conf && \
				75	chown root:keystone /var/spool && \
				76	chmod 775 /var/spool && \
				77	chmod 770 /var/log/apache2 && \
				78	chmod 660 /var/log/apache2/* && \
				79	chmod 770 /var/log/keystone && \
				80	chown root:keystone /var/run/apache2 && \
				81	chmod 775 /var/run/apache2 && \
				82	mkdir -p /etc/sudoers.d && \
				83	echo "%appuser ALL= NOPASSWD: /sbin/service apache2 *" > /etc/sudoers.d/appuser
				84
				85	USER appuser
				86
Eduardo Sousa	e8d792a	2018-10-24 00:26:58 +0100	[diff] [blame]	87	# database
				88	ENV DB_HOST keystone-db
				89	ENV DB_PORT 3306
				90	ENV ROOT_DB_USER root
				91	ENV ROOT_DB_PASSWORD admin
Eduardo Sousa	e8d792a	2018-10-24 00:26:58 +0100	[diff] [blame]	92	ENV KEYSTONE_DB_PASSWORD admin
Eduardo Sousa	c50ed8f	2019-04-08 17:17:54 +0100	[diff] [blame]	93	# keystone
				94	ENV REGION_ID RegionOne
				95	ENV KEYSTONE_HOST keystone
				96	# admin user
				97	ENV ADMIN_USERNAME admin
Eduardo Sousa	e8d792a	2018-10-24 00:26:58 +0100	[diff] [blame]	98	ENV ADMIN_PASSWORD admin
Eduardo Sousa	c50ed8f	2019-04-08 17:17:54 +0100	[diff] [blame]	99	ENV ADMIN_PROJECT admin
				100	# nbi service user
				101	ENV SERVICE_USERNAME nbi
				102	ENV SERVICE_PASSWORD nbi
				103	ENV SERVICE_PROJECT service
David Garcia	6fff9af	2020-03-23 15:32:43 +0100	[diff] [blame]	104	# ldap
				105	# ENV LDAP_AUTHENTICATION_DOMAIN_NAME no default
				106	# ENV LDAP_URL ldap://localhost
sousaedu	126a443	2020-09-23 13:28:25 +0100	[diff] [blame]	107	# ENV LDAP_BIND_USER no default
David Garcia	6fff9af	2020-03-23 15:32:43 +0100	[diff] [blame]	108	# ENV LDAP_BIND_PASSWORD no default
sousaedu	bb631be	2020-10-20 01:15:37 +0100	[diff] [blame]	109	# ENV LDAP_CHASE_REFERRALS no default
				110	# ENV LDAP_PAGE_SIZE 0
David Garcia	6fff9af	2020-03-23 15:32:43 +0100	[diff] [blame]	111	# ENV LDAP_USER_TREE_DN no default
				112	# ENV LDAP_USER_OBJECTCLASS inetOrgPerson
				113	# ENV LDAP_USER_ID_ATTRIBUTE cn
				114	# ENV LDAP_USER_NAME_ATTRIBUTE sn
				115	# ENV LDAP_USER_PASS_ATTRIBUTE userPassword
				116	# ENV LDAP_USER_FILTER no default
				117	# ENV LDAP_USER_ENABLED_ATTRIBUTE enabled
				118	# ENV LDAP_USER_ENABLED_MASK 0
				119	# ENV LDAP_USER_ENABLED_DEFAULT true
				120	# ENV LDAP_USER_ENABLED_INVERT false
sousaedu	bb631be	2020-10-20 01:15:37 +0100	[diff] [blame]	121	# ENV LDAP_GROUP_OBJECTCLASS groupOfNames
				122	# ENV LDAP_GROUP_TREE_DN no default
David Garcia	6fff9af	2020-03-23 15:32:43 +0100	[diff] [blame]	123	# ENV LDAP_USE_STARTTLS false
				124	# ENV LDAP_TLS_CACERT_BASE64 no default
				125	# ENV LDAP_TLS_REQ_CERT demand
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	126
bravof	7751aba	2021-10-20 11:48:16 -0300	[diff] [blame]	127	ENTRYPOINT ["./start.sh"]