projects / osm / devops.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix minor typo in Dockerfiles
[osm/devops.git] / docker / PLA / Dockerfile
diff --git a/docker/PLA/Dockerfile b/docker/PLA/Dockerfile
index 8c2f97f..e882de8 100644 (file)
--- a/docker/PLA/Dockerfile
+++ b/docker/PLA/Dockerfile
@@ -1,4 +1,5 @@
-# Copyright 2020 Arctos Labs Scandinavia AB
+#######################################################################################
+# Copyright ETSI Contributors and Others.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,42 +13,93 @@
 # implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+#######################################################################################
 
-FROM ubuntu:18.04
+FROM ubuntu:22.04 as INSTALL
 
-LABEL authors="Lars-Göran Magnusson"
+ARG APT_PROXY
+RUN if [ ! -z $APT_PROXY ] ; then \
+    echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
+    echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
+    fi
 
-RUN apt-get --yes update \
- &&DEBIAN_FRONTEND=noninteractive apt-get --yes install git python python-pip python3 python3-pip libmysqlclient-dev libssl-dev libffi-dev \
- &&DEBIAN_FRONTEND=noninteractive apt-get --yes install mysql-client curl software-properties-common libgl1-mesa-glx \
- && python3 -m pip install -U pip \
- && python3 -m pip install pymzn==0.18.3
+RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
+    DEBIAN_FRONTEND=noninteractive apt-get --yes install \
+    gcc=4:11.* \
+    python3=3.10.* \
+    python3-dev=3.10.* \
+    python3-pip=22.0.* \
+    curl=7.81.* \
+    && rm -rf /var/lib/apt/lists/*
 
-ARG REPOSITORY_BASE=http://osm-download.etsi.org/repository/osm/debian
-ARG RELEASE=ReleaseNINE-daily
-ARG REPOSITORY_KEY=OSM%20ETSI%20Release%20Key.gpg
-ARG REPOSITORY=testing
+#######################################################################################
+# End of common preparation
 
-RUN curl ${REPOSITORY_BASE}/${RELEASE}/${REPOSITORY_KEY} | apt-key add -
-RUN add-apt-repository -y "deb ${REPOSITORY_BASE}/${RELEASE} ${REPOSITORY} PLA common" && apt update
+ARG PYTHON3_OSM_COMMON_URL
+ARG PYTHON3_OSM_PLA_URL
 
-ARG PLA_VERSION
-ARG COMMON_VERSION
+RUN curl $PYTHON3_OSM_COMMON_URL -o osm_common.deb
+RUN dpkg -i ./osm_common.deb
 
-RUN apt-get --yes update  && DEBIAN_FRONTEND=noninteractive apt-get -y install python3-osm-common${COMMON_VERSION} python3-osm-pla${PLA_VERSION}
+RUN curl $PYTHON3_OSM_PLA_URL -o osm_pla.deb
+RUN dpkg -i ./osm_pla.deb
 
-COPY scripts/ scripts/
+RUN pip3 install \
+    -r /usr/lib/python3/dist-packages/osm_common/requirements.txt \
+    -r /usr/lib/python3/dist-packages/osm_pla/requirements.txt
 
 ADD https://github.com/MiniZinc/MiniZincIDE/releases/download/2.4.2/MiniZincIDE-2.4.2-bundle-linux-x86_64.tgz /minizinc.tgz
 
 RUN tar -zxf /minizinc.tgz && \
     mv /MiniZincIDE-2.4.2-bundle-linux /minizinc
 
-RUN mkdir /entry_data \
-    && mkdir /entry_data/mzn-lib \
-    && ln -s /entry_data/mzn-lib /minizinc/share/minizinc/exec
+#######################################################################################
+FROM ubuntu:22.04 as FINAL
+
+ARG APT_PROXY
+RUN if [ ! -z $APT_PROXY ] ; then \
+    echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
+    echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
+    fi
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
+    DEBIAN_FRONTEND=noninteractive apt-get --yes install \
+    python3-minimal=3.10.* \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY --from=INSTALL /usr/lib/python3/dist-packages /usr/lib/python3/dist-packages
+COPY --from=INSTALL /usr/local/lib/python3.10/dist-packages  /usr/local/lib/python3.10/dist-packages
+
+#######################################################################################
+# End of common preparation
+
+RUN rm -f /etc/apt/apt.conf.d/proxy.conf
+
+LABEL authors="Lars-Göran Magnusson"
+
+COPY --from=INSTALL /usr/bin/osm* /usr/bin/
+COPY --from=INSTALL /minizinc /minizinc
+
+RUN mkdir /entry_data && \
+    mkdir /placement && \
+    mkdir /entry_data/mzn-lib && \
+    ln -s /entry_data/mzn-lib /minizinc/share/minizinc/exec
+
+COPY scripts/ /app/osm_pla/scripts/
+
+# Creating the user for the app
+RUN groupadd -g 1000 appuser && \
+    useradd -u 1000 -g 1000 -d /app appuser && \
+    mkdir -p /app/osm_pla && \
+    chown -R appuser:appuser /app && \
+    chown -R appuser:appuser /entry_data && \
+    chown -R appuser:appuser /minizinc && \
+    chown -R appuser:appuser /placement
+
+WORKDIR /app/osm_pla
 
-RUN mkdir /placement
+# Changing the security context
+USER appuser
 
 ENV OSMPLA_MESSAGE_DRIVER kafka
 ENV OSMPLA_MESSAGE_HOST kafka
@@ -68,4 +120,4 @@ ENV LD_LIBRARY_PATH "/minizinc/lib:${LD_LIBRARY_PATH}"
 #HEALTHCHECK --start-period=120s --interval=10s --timeout=5s --retries=5 \
 #  CMD osm-pla-healthcheck || exit 1
 
-CMD /bin/bash scripts/start.sh
+CMD [ "/bin/bash", "scripts/start.sh" ]