diff options
Diffstat (limited to 'container/Containerfile')
| -rw-r--r-- | container/Containerfile | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/container/Containerfile b/container/Containerfile index 2f75c8c6ce6..9a5a88e76a1 100644 --- a/container/Containerfile +++ b/container/Containerfile @@ -22,6 +22,7 @@ ARG OSD_FLAVOR="default" # (optional) Should be 'true' for CI builds (pull from shaman, etc.) ARG CI_CONTAINER="true" + RUN /bin/echo -e "\ FROM_IMAGE: ${FROM_IMAGE}\n\ CEPH_REF: ${CEPH_REF}\n\ @@ -61,30 +62,36 @@ RUN \ echo "enabled=1" >> /etc/yum.repos.d/ganesha.repo # ISCSI repo -RUN set -x && \ +RUN set -ex && \ curl -s -L https://shaman.ceph.com/api/repos/tcmu-runner/main/latest/centos/9/repo?arch=$(arch) -o /etc/yum.repos.d/tcmu-runner.repo && \ case "${CEPH_REF}" in \ quincy|reef) \ - curl -s -L https://download.ceph.com/ceph-iscsi/3/rpm/el9/ceph-iscsi.repo -o /etc/yum.repos.d/ceph-iscsi.repo ;\ + curl -fs -L https://download.ceph.com/ceph-iscsi/3/rpm/el9/ceph-iscsi.repo -o /etc/yum.repos.d/ceph-iscsi.repo ;\ ;;\ main|*) \ - curl -s -L https://shaman.ceph.com/api/repos/ceph-iscsi/main/latest/centos/9/repo -o /etc/yum.repos.d/ceph-iscsi.repo ;\ + curl -fs -L https://shaman.ceph.com/api/repos/ceph-iscsi/main/latest/centos/9/repo -o /etc/yum.repos.d/ceph-iscsi.repo ;\ ;;\ esac # Ceph repo -RUN set -x && \ +RUN --mount=type=secret,id=prerelease_creds set -ex && \ rpm --import 'https://download.ceph.com/keys/release.asc' && \ ARCH=$(arch); if [ "${ARCH}" == "aarch64" ]; then ARCH="arm64"; fi ;\ IS_RELEASE=0 ;\ if [[ "${CI_CONTAINER}" == "true" ]] ; then \ # TODO: this can return different ceph builds (SHA1) for x86 vs. arm runs. is it important to fix? - REPO_URL=$(curl -s "https://shaman.ceph.com/api/search/?project=ceph&distros=centos/9/${ARCH}&flavor=${OSD_FLAVOR}&ref=${CEPH_REF}&sha1=latest" | jq -r .[0].url) ;\ + REPO_URL=$(curl -fs "https://shaman.ceph.com/api/search/?project=ceph&distros=centos/9/${ARCH}&flavor=${OSD_FLAVOR}&ref=${CEPH_REF}&sha1=latest" | jq -r .[0].url) ;\ else \ IS_RELEASE=1 ;\ - REPO_URL="http://download.ceph.com/rpm-${CEPH_REF}/el9/" ;\ + source /run/secrets/prerelease_creds; \ + REPO_URL="https://${PRERELEASE_USERNAME}:${PRERELEASE_PASSWORD}@download.ceph.com/prerelease/ceph/rpm-${CEPH_REF}/el9/" ;\ fi && \ - rpm -Uvh "$REPO_URL/noarch/ceph-release-1-${IS_RELEASE}.el9.noarch.rpm" + rpm -Uvh "$REPO_URL/noarch/ceph-release-1-${IS_RELEASE}.el9.noarch.rpm" ; \ + if [[ "$IS_RELEASE" == 1 ]] ; then \ + sed -i "s;http://download.ceph.com/;https://${PRERELEASE_USERNAME}:${PRERELEASE_PASSWORD}@download.ceph.com/prerelease/ceph/;" /etc/yum.repos.d/ceph.repo ; \ + dnf clean expire-cache ; \ + fi + # Copr repos # scikit for mgr-diskprediction-local @@ -186,7 +193,7 @@ RUN \ grep -sqo "obtain_device_list_from_udev = 0" /etc/lvm/lvm.conf # CLEAN UP! -RUN set -x && \ +RUN set -ex && \ dnf clean all && \ rm -rf /var/cache/dnf/* && \ rm -rf /var/lib/dnf/* && \ @@ -194,7 +201,8 @@ RUN set -x && \ # remove unnecessary files with big impact rm -rf /etc/selinux /usr/share/{doc,man,selinux} && \ # don't keep compiled python binaries - find / -xdev \( -name "*.pyc" -o -name "*.pyo" \) -delete + find / -xdev \( -name "*.pyc" -o -name "*.pyo" \) -delete && \ + rm -f /etc/yum.repos.d/{ceph,ganesha,tcmu-runner,ceph-iscsi}.repo # Verify that the packages installed haven't been accidentally cleaned, then # clean the package list and re-clean unnecessary RPM database files @@ -204,6 +212,7 @@ RUN rpm -q $(cat packages.txt) && rm -f /var/lib/rpm/__db* && rm -f *packages.tx # Set some envs in the container for quickly inspecting details about the build at runtime ENV CEPH_IS_DEVEL="${CI_CONTAINER}" \ CEPH_REF="${CEPH_REF}" \ + CEPH_VERSION="${CEPH_REF}" \ CEPH_OSD_FLAVOR="${OSD_FLAVOR}" \ FROM_IMAGE="${FROM_IMAGE}" |