X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=docker%2FMON%2FDockerfile;h=acb7f6b410f7c868d5d9fa9c8f473e19ae2687ca;hb=21503ab215361ec06b534df59246cacaa242270d;hp=fdcdd4c78221795bd5c74342abac0f9937200ce8;hpb=fa81f28edaf5962fbc034ddcf783c4298573500b;p=osm%2Fdevops.git

diff --git a/docker/MON/Dockerfile b/docker/MON/Dockerfile
index fdcdd4c7..acb7f6b4 100644
--- a/docker/MON/Dockerfile
+++ b/docker/MON/Dockerfile
@@ -1,69 +1,113 @@
-# Copyright 2018 Whitestack, LLC
-# *************************************************************
-
-# This file is part of OSM Monitoring module
-# All Rights Reserved to Whitestack, LLC
-
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-
-#         http://www.apache.org/licenses/LICENSE-2.0
-
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
 # Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-# For those usages not covered by the Apache License, Version 2.0 please
-# contact: bdiaz@whitestack.com or glavado@whitestack.com
-##
-
-FROM ubuntu:18.04
-
-LABEL authors="Guillermo Calvino"
-
-RUN apt-get update \
-    && DEBIAN_FRONTEND=noninteractive apt-get install -y curl \
-                          software-properties-common \
-                          git \
-                          python \
-                          python-pip \
-                          python3 \
-                          python3-pip \
-                          libmysqlclient-dev \
-                          libssl-dev \
-                          libffi-dev \
-                          mysql-client \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/* \
-    && python3 -m pip install -U pip
-
-RUN pip3 install  'macaroonbakery>=1.1,<2.0' 'pyRFC3339>=1.0,<2.0' \
-      'pyyaml>=5.1.2' 'theblues>=0.3.8,<1.0' 'websockets>=4.0,<5.0' \
-      'paramiko' 'dogpile.cache==0.9.2'
-
-ARG REPOSITORY_BASE=http://osm-download.etsi.org/repository/osm/debian
-ARG RELEASE=ReleaseNINE-daily
-ARG REPOSITORY_KEY=OSM%20ETSI%20Release%20Key.gpg
-ARG REPOSITORY=testing
-
-ARG MON_VERSION
-ARG COMMON_VERSION
-ARG N2VC_VERSION
-
-RUN curl ${REPOSITORY_BASE}/${RELEASE}/${REPOSITORY_KEY} | apt-key add - \
-    && add-apt-repository -y "deb ${REPOSITORY_BASE}/${RELEASE} ${REPOSITORY} MON N2VC common" \
-    && apt update \
-    && DEBIAN_FRONTEND=noninteractive apt-get -y install python3-osm-common${COMMON_VERSION} \
-                          python3-osm-mon${MON_VERSION} \
-                          python3-n2vc${N2VC_VERSION}
-
-
-RUN python3 -m pip install -U "juju==2.8.4"
-
-COPY scripts/ scripts/
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+FROM ubuntu:22.04 as INSTALL
+
+ARG APT_PROXY
+RUN if [ ! -z $APT_PROXY ] ; then \
+    echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
+    echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
+    fi
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
+    DEBIAN_FRONTEND=noninteractive apt-get --yes install \
+    gcc=4:11.* \
+    python3=3.10.* \
+    python3-dev=3.10.* \
+    python3-pip=22.0.* \
+    curl=7.81.* \
+    && rm -rf /var/lib/apt/lists/*
+
+#######################################################################################
+# End of common preparation
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
+    DEBIAN_FRONTEND=noninteractive apt-get --yes install \
+    openssh-client=1:8.*
+
+ARG PYTHON3_OSM_COMMON_URL
+ARG PYTHON3_OSM_MON_URL
+ARG PYTHON3_N2VC_URL
+
+RUN curl $PYTHON3_OSM_COMMON_URL -o osm_common.deb
+RUN dpkg -i ./osm_common.deb
+
+RUN curl $PYTHON3_N2VC_URL -o n2vc.deb
+RUN dpkg -i ./n2vc.deb
+
+RUN curl $PYTHON3_OSM_MON_URL -o osm_mon.deb
+RUN dpkg -i ./osm_mon.deb
+
+RUN pip3 install \
+    -r /usr/lib/python3/dist-packages/n2vc/requirements.txt \
+    -r /usr/lib/python3/dist-packages/osm_common/requirements.txt \
+    -r /usr/lib/python3/dist-packages/osm_mon/requirements.txt
+
+#######################################################################################
+#######################################################################################
+FROM ubuntu:22.04 as FINAL
+
+ARG APT_PROXY
+RUN if [ ! -z $APT_PROXY ] ; then \
+    echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
+    echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
+    fi
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
+    DEBIAN_FRONTEND=noninteractive apt-get --yes install \
+    python3-minimal=3.10.* \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY --from=INSTALL /usr/lib/python3/dist-packages /usr/lib/python3/dist-packages
+COPY --from=INSTALL /usr/local/lib/python3.10/dist-packages  /usr/local/lib/python3.10/dist-packages
+
+#######################################################################################
+# End of common preparation
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
+    DEBIAN_FRONTEND=noninteractive apt-get --yes install \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN rm -f /etc/apt/apt.conf.d/proxy.conf
+
+COPY --from=INSTALL /usr/bin/osm* /usr/bin/
+COPY --from=INSTALL /usr/bin/scp /usr/bin/scp
+COPY --from=INSTALL /usr/bin/ssh-keygen /usr/bin/ssh-keygen
+COPY --from=INSTALL /usr/bin/ssh /usr/bin/ssh
+COPY --from=INSTALL /usr/lib/x86_64-linux-gnu/ /usr/lib/x86_64-linux-gnu/
+COPY --from=INSTALL /lib/x86_64-linux-gnu/ /lib/x86_64-linux-gnu/
+
+COPY scripts/ /app/osm_mon/scripts/
+
+# Creating the user for the app
+RUN groupadd -g 1000 appuser && \
+    useradd -u 1000 -g 1000 -d /app appuser && \
+    mkdir -p /app/osm_mon && \
+    mkdir -p /app/storage/kafka && \
+    mkdir /app/log && \
+    chown -R appuser:appuser /app
+
+WORKDIR /app/osm_mon
+
+# Changing the security context
+USER appuser
+
+########################################################################
 
 ENV OSMMON_MESSAGE_DRIVER kafka
 ENV OSMMON_MESSAGE_HOST kafka
@@ -90,7 +134,7 @@ ENV OSMMON_GRAFANA_PASSWORD admin
 
 EXPOSE 8000
 
-HEALTHCHECK --start-period=120s --interval=10s --timeout=5s --retries=5 \
+HEALTHCHECK --start-period=120s --interval=5s --timeout=2s --retries=12\
   CMD osm-mon-healthcheck || exit 1
 
 CMD /bin/bash scripts/start.sh