X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=docker%2FRO%2FDockerfile;h=b056c3dffe6aabf7a13e98bff769ea9d9636a2a3;hb=21503ab215361ec06b534df59246cacaa242270d;hp=25907b783b6ce83a6a153449963b1c8f1c9800c5;hpb=fa81f28edaf5962fbc034ddcf783c4298573500b;p=osm%2Fdevops.git

diff --git a/docker/RO/Dockerfile b/docker/RO/Dockerfile
index 25907b78..b056c3df 100644
--- a/docker/RO/Dockerfile
+++ b/docker/RO/Dockerfile
@@ -1,58 +1,132 @@
-##
-# Copyright 2019 ETSI
+#######################################################################################
+# Copyright ETSI Contributors and Others.
 #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
 #
-#         http://www.apache.org/licenses/LICENSE-2.0
+#    http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-##
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+
+FROM ubuntu:22.04 as INSTALL
+
+ARG APT_PROXY
+RUN if [ ! -z $APT_PROXY ] ; then \
+    echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
+    echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
+    fi
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
+    DEBIAN_FRONTEND=noninteractive apt-get --yes install \
+    gcc=4:11.* \
+    python3=3.10.* \
+    python3-dev=3.10.* \
+    python3-pip=22.0.* \
+    curl=7.81.* \
+    && rm -rf /var/lib/apt/lists/*
+
+#######################################################################################
+# End of common preparation
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
+    DEBIAN_FRONTEND=noninteractive apt-get --yes install \
+    genisoimage=9:1.1.* \
+    netbase=6.*
+
+ARG PYTHON3_OSM_COMMON_URL
+ARG PYTHON3_OSM_NG_RO_URL
+ARG PYTHON3_OSM_RO_PLUGIN_URL
+ARG PYTHON3_OSM_ROSDN_ARISTA_CLOUDVISION_URL
+ARG PYTHON3_OSM_ROSDN_DPB_URL
+ARG PYTHON3_OSM_ROSDN_DYNPAC_URL
+ARG PYTHON3_OSM_ROSDN_FLOODLIGHTOF_URL
+ARG PYTHON3_OSM_ROSDN_IETFL2VPN_URL
+ARG PYTHON3_OSM_ROSDN_JUNIPER_CONTRAIL_URL
+ARG PYTHON3_OSM_ROSDN_ODLOF_URL
+ARG PYTHON3_OSM_ROSDN_ONOSOF_URL
+ARG PYTHON3_OSM_ROSDN_ONOS_VPLS_URL
+ARG PYTHON3_OSM_ROVIM_AWS_URL
+ARG PYTHON3_OSM_ROVIM_AZURE_URL
+ARG PYTHON3_OSM_ROVIM_GCP_URL
+ARG PYTHON3_OSM_ROVIM_OPENSTACK_URL
+ARG PYTHON3_OSM_ROVIM_OPENVIM_URL
+ARG PYTHON3_OSM_ROVIM_VMWARE_URL
+
+RUN for URL in \
+    $PYTHON3_OSM_COMMON_URL \
+    $PYTHON3_OSM_NG_RO_URL \
+    $PYTHON3_OSM_RO_PLUGIN_URL \
+    $PYTHON3_OSM_ROSDN_ARISTA_CLOUDVISION_URL \
+    $PYTHON3_OSM_ROSDN_DPB_URL \
+    $PYTHON3_OSM_ROSDN_DYNPAC_URL \
+    $PYTHON3_OSM_ROSDN_FLOODLIGHTOF_URL \
+    $PYTHON3_OSM_ROSDN_IETFL2VPN_URL \
+    $PYTHON3_OSM_ROSDN_JUNIPER_CONTRAIL_URL \
+    $PYTHON3_OSM_ROSDN_ODLOF_URL \
+    $PYTHON3_OSM_ROSDN_ONOSOF_URL \
+    $PYTHON3_OSM_ROSDN_ONOS_VPLS_URL \
+    $PYTHON3_OSM_ROVIM_AWS_URL \
+    $PYTHON3_OSM_ROVIM_AZURE_URL \
+    $PYTHON3_OSM_ROVIM_GCP_URL \
+    $PYTHON3_OSM_ROVIM_OPENSTACK_URL \
+    $PYTHON3_OSM_ROVIM_OPENVIM_URL \
+    $PYTHON3_OSM_ROVIM_VMWARE_URL ; do \
+        curl -s $URL -O ; \
+    done
+
+RUN dpkg -i *.deb
+
+RUN pip3 install \
+    -r /usr/lib/python3/dist-packages/osm_common/requirements.txt \
+    -r /usr/lib/python3/dist-packages/osm_ng_ro/requirements.txt
+
+#######################################################################################
+#######################################################################################
+FROM ubuntu:22.04 as FINAL
+
+ARG APT_PROXY
+RUN if [ ! -z $APT_PROXY ] ; then \
+    echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
+    echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
+    fi
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
+    DEBIAN_FRONTEND=noninteractive apt-get --yes install \
+    python3-minimal=3.10.* \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY --from=INSTALL /usr/lib/python3/dist-packages /usr/lib/python3/dist-packages
+COPY --from=INSTALL /usr/local/lib/python3.10/dist-packages  /usr/local/lib/python3.10/dist-packages
+
+#######################################################################################
+# End of common preparation
+
+RUN rm -f /etc/apt/apt.conf.d/proxy.conf
+
+COPY --from=INSTALL /usr/bin/genisoimage /usr/bin/genisoimage
+COPY --from=INSTALL /etc/protocols /etc/protocols
 
-########################################################################
-
-FROM ubuntu:18.04
-
-MAINTAINER Gennadiy Dubina <gennadiy.dubina@dataat.com>; Alfonso Tierno <alfonso.tiernosepulveda@telefoncia.com>
-
-RUN apt-get update && apt-get -y install curl software-properties-common git tox python3-pip \
-    && python3 -m pip install --upgrade pip && python3 -m pip install pyangbind networking-l2gw
-
-ARG REPOSITORY_BASE=http://osm-download.etsi.org/repository/osm/debian
-ARG RELEASE=ReleaseNINE-daily
-ARG REPOSITORY_KEY=OSM%20ETSI%20Release%20Key.gpg
-ARG REPOSITORY=testing
-
-RUN curl ${REPOSITORY_BASE}/${RELEASE}/${REPOSITORY_KEY} | apt-key add -
-RUN add-apt-repository -y "deb ${REPOSITORY_BASE}/${RELEASE} ${REPOSITORY} RO IM common" && apt-get update
-
-ARG RO_VERSION
-ARG IM_VERSION
-
-RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y python3-osm-im${IM_VERSION} \
-    python3-osm-ro-plugin${RO_VERSION} \
-    python3-osm-ro${RO_VERSION} python3-osm-roclient${RO_VERSION} python3-osm-ng-ro${RO_VERSION} \
-    python3-osm-rosdn-arista-cloudvision${RO_VERSION} python3-osm-rosdn-dpb${RO_VERSION} \
-    python3-osm-rosdn-dynpac${RO_VERSION} python3-osm-rosdn-floodlightof${RO_VERSION} \
-    python3-osm-rosdn-ietfl2vpn${RO_VERSION}  python3-osm-rosdn-juniper-contrail${RO_VERSION} \
-    python3-osm-rosdn-odlof${RO_VERSION} python3-osm-rosdn-onos-vpls${RO_VERSION} \
-    python3-osm-rosdn-onosof${RO_VERSION} \
-    python3-osm-rovim-aws${RO_VERSION} python3-osm-rovim-azure${RO_VERSION} \
-    python3-osm-rovim-fos${RO_VERSION} python3-osm-rovim-opennebula${RO_VERSION} \
-    python3-osm-rovim-openstack${RO_VERSION} python3-osm-rovim-openvim${RO_VERSION} \
-    python3-osm-rovim-vmware${RO_VERSION}
+EXPOSE 9090
 
-# ensure right version is installed as pyhton3-ccryptography install an old version
-RUN python3 -m pip install --upgrade "cryptography>=2.5"
+# Creating the user for the app
+RUN groupadd -g 1000 appuser && \
+    useradd -u 1000 -g 1000 -d /app appuser && \
+    mkdir -p /app/osm_ro && \
+    mkdir -p /app/storage/kafka && \
+    mkdir /app/log && \
+    chown -R appuser:appuser /app
 
-VOLUME /var/log/osm
+WORKDIR /app/osm_ro
 
-EXPOSE 9090
+# Changing the security context
+USER appuser
 
 # Two mysql databases are needed (DB and DB_OVIM). Can be hosted on same or separated containers
 # These ENV must be provided
@@ -93,7 +167,5 @@ ENV OSMRO_LOG_LEVEL       INFO
 
 HEALTHCHECK --start-period=130s --interval=10s --timeout=5s --retries=12 \
   CMD curl --silent --fail http://localhost:9090/ro || exit 1
-  # CMD curl --silent --fail localhost:9090/openmano/tenants || exit 1
-# CMD /usr/bin/RO-start.sh
-CMD python3 -m osm_ng_ro.ro_main
 
+CMD ["python3", "-u", "-m", "osm_ng_ro.ro_main"]