diff --git a/.gitignore b/.gitignore index 02a0e1d..c09751d 100644 --- a/.gitignore +++ b/.gitignore @@ -12,6 +12,10 @@ __pycache__ coverage.xml testresults.xml +# local build files +anms-core/build/ +anms-ui/release/ + # Javascript and ESLint related content to be ignored node_modules package-lock.json diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index beed615..c9790be 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -31,7 +31,7 @@ default: # All jobs run within a target-like environment - image: registry.access.redhat.com/ubi8/ubi:8.6 + image: registry.access.redhat.com/ubi9/ubi:9.2 include: # Run pipeline only on branches, not MRs @@ -61,7 +61,7 @@ stages: update-ca-trust # to /etc/pki/tls/certs/ca-bundle.crt .prep-install-python: &prep-install-python | - dnf install -y python39 python39-pip python39-wheel + dnf install -y python3 python3-pip python3-wheel dnf clean all && rm -rf /var/cache/yum pip3 install --upgrade pip pip-tools && ln -s pip3 /usr/bin/pip @@ -82,7 +82,7 @@ stages: docker login -u $DOCKER_REGISTRY_USERNAME -p $DOCKER_REGISTRY_PASSWORD $DOCKER_REGISTRY .prep-install-compose: &prep-install-compose | - dnf install -y python39 python39-pip python39-wheel + dnf install -y python3 python3-pip python3-wheel pip3 install docker-compose docker-compose version @@ -346,13 +346,13 @@ deploy: - dnf install -y hostname - ./build.sh push - | - dnf install -y https://yum.puppet.com/puppet-release-el-8.noarch.rpm - dnf install -y https://yum.puppet.com/puppet-tools-release-el-8.noarch.rpm - dnf install -y puppet-agent-7.24.0-1.el8 puppet-bolt + dnf install -y https://yum.puppet.com/puppet-release-el-9.noarch.rpm + dnf install -y https://yum.puppet.com/puppet-tools-release-el-9.noarch.rpm + dnf install -y puppet-agent-7.28.0-1.el9 puppet-bolt update-alternatives --install /usr/bin/puppet puppet-agent /opt/puppetlabs/bin/puppet 10 - chmod +t /tmp # workaround ruby need within prep.sh - ./puppet/prep.sh - - mkdir -p $HOME/.ssh && cat apl-known-hosts.txt >>$HOME/.ssh/known_hosts + - mkdir -p $HOME/.ssh && cat $KNOWN_HOSTS >>$HOME/.ssh/known_hosts - |- ANMS_VERSION="$(git describe --always --tags --dirty) on ${CI_COMMIT_REF_NAME}" mkdir -p puppet/data/fqdn/ diff --git a/anms-core/Dockerfile b/anms-core/Dockerfile index 9742997..0f1198a 100644 --- a/anms-core/Dockerfile +++ b/anms-core/Dockerfile @@ -33,7 +33,7 @@ COPY pyproject.toml ${APP_WORK_DIR}/ RUN --mount=type=cache,target=/root/.cache/pip \ cd ${APP_WORK_DIR} && \ pip-compile --find-links ${PY_WHEEL_DIR} pyproject.toml && \ - pip3 install -r requirements.txt + pip3 install --ignore-installed -r requirements.txt # Actual main package COPY anms ${APP_WORK_DIR}/anms RUN --mount=type=cache,target=/root/.cache/pip \ diff --git a/anms-core/integration_test/Dockerfile b/anms-core/integration_test/Dockerfile index 1de2111..a7520aa 100644 --- a/anms-core/integration_test/Dockerfile +++ b/anms-core/integration_test/Dockerfile @@ -19,7 +19,7 @@ ## the prime contract 80NM0018D0004 between the Caltech and NASA under ## subcontract 1658085. ## -FROM registry.access.redhat.com/ubi8/ubi:8.6 +FROM registry.access.redhat.com/ubi9/ubi:9.2 # Optional APL network configuration from # https://aplprod.servicenowservices.com/sp?id=kb_article&sys_id=c0de6fe91b83d85071b143bae54bcb34 diff --git a/anms-ui/Dockerfile b/anms-ui/Dockerfile index c214ff4..4121ff4 100644 --- a/anms-ui/Dockerfile +++ b/anms-ui/Dockerfile @@ -26,7 +26,8 @@ ENV NODE_OPTIONS=--use-openssl-ca # Install System Level Dependencies # Yarn cannot be installed via RPM because of FIPS-mode restrictions -RUN dnf -y module install nodejs:16 && \ +RUN dnf -y install https://rpm.nodesource.com/pub_16.x/el/9/x86_64/nodesource-release-el9-1.noarch.rpm && \ + dnf -y install nodejs && \ dnf clean all && rm -rf /var/cache/yum && \ npm install --global yarn && \ yarn config set --global cafile ${PIP_CERT} diff --git a/anms-ui/check_packages.sh b/anms-ui/check_packages.sh index 0dd348f..009ac49 100755 --- a/anms-ui/check_packages.sh +++ b/anms-ui/check_packages.sh @@ -22,7 +22,7 @@ ## # Update yarn lockfiles from current package versions. -# On RHEL8 the prerequites are: +# On RHEL9 the prerequites are: # dnf -y module install nodejs:16 # npm install --global yarn # diff --git a/authnz-emu/Dockerfile b/authnz-emu/Dockerfile index 5377ce0..0f877cf 100644 --- a/authnz-emu/Dockerfile +++ b/authnz-emu/Dockerfile @@ -26,8 +26,7 @@ FROM anms-base # Install Apache -RUN dnf -y module install httpd:2.4 && \ - dnf -y install httpd-tools mod_ssl mod_session +RUN dnf -y install httpd-tools mod_ssl mod_session # Update Apache Configuration COPY httpd.conf /etc/httpd/conf/httpd.conf diff --git a/authnz-emu/httpd.conf b/authnz-emu/httpd.conf index c3654ba..d13165e 100644 --- a/authnz-emu/httpd.conf +++ b/authnz-emu/httpd.conf @@ -164,8 +164,8 @@ LoadModule ssl_module modules/mod_ssl.so #LoadModule optional_fn_import_module modules/mod_optional_fn_import.so #LoadModule optional_fn_export_module modules/mod_optional_fn_export.so #LoadModule dialup_module modules/mod_dialup.so -LoadModule http2_module modules/mod_http2.so -LoadModule proxy_http2_module modules/mod_proxy_http2.so +#LoadModule http2_module modules/mod_http2.so +#LoadModule proxy_http2_module modules/mod_proxy_http2.so #LoadModule md_module modules/mod_md.so #LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so #LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so diff --git a/base.Dockerfile b/base.Dockerfile index c4c19ab..73c4eb0 100644 --- a/base.Dockerfile +++ b/base.Dockerfile @@ -20,9 +20,9 @@ ## subcontract 1658085. ## -# The base image is just RHEL-8 OS with configuration for all ANMS containers. +# The base image is just RHEL-9 OS with configuration for all ANMS containers. # -FROM registry.access.redhat.com/ubi8/ubi:8.6 AS anms-base +FROM registry.access.redhat.com/ubi9/ubi:9.2 AS anms-base # Optional APL network configuration from # https://aplprod.servicenowservices.com/sp?id=kb_article&sys_id=c0de6fe91b83d85071b143bae54bcb34 @@ -43,7 +43,7 @@ RUN groupadd -r -g 9999 ${APP_USER} && \ # This image uses systemd init process to manage local services. # Derived image targets choose which servies are enabled. # -FROM registry.access.redhat.com/ubi8/ubi-init:8.6 AS anms-init +FROM registry.access.redhat.com/ubi9/ubi-init:9.2 AS anms-init # Optional APL network configuration from # https://aplprod.servicenowservices.com/sp?id=kb_article&sys_id=c0de6fe91b83d85071b143bae54bcb34 @@ -54,6 +54,7 @@ RUN ( \ ) || true ENV PIP_CERT=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem ENV PIP_DEFAULT_TIMEOUT=300 +RUN dnf -y install container-tools # Container service config RUN systemctl disable dnf-makecache.timer @@ -67,9 +68,9 @@ FROM anms-base AS anms-acelib # Install System Level Dependencies RUN --mount=type=cache,target=/root/.cache/pip \ - dnf -y install python39 python39-pip python39-wheel python39-setuptools && \ + dnf -y install python3 python3-pip python3-wheel python3-setuptools && \ dnf clean all && rm -rf /var/cache/yum && \ - pip3 install --upgrade pip pip-tools && ln -s pip3 /usr/bin/pip + pip3 install --upgrade pip pip-tools # Submodules with dependencies env PY_WHEEL_DIR=/usr/local/lib/wheels diff --git a/cam-gateway/Dockerfile b/cam-gateway/Dockerfile index 9f98fa6..2f5d762 100644 --- a/cam-gateway/Dockerfile +++ b/cam-gateway/Dockerfile @@ -1,6 +1,6 @@ # Dockerfile to create docker image for ASEC CAM Gateway -FROM redhat/ubi8 +FROM redhat/ubi9 MAINTAINER "Kam Tso" diff --git a/cam-gateway/README.md b/cam-gateway/README.md index 539dcdd..c542db6 100644 --- a/cam-gateway/README.md +++ b/cam-gateway/README.md @@ -4,7 +4,7 @@ This Git repo consists a Dockerfile, httpd config files, CAM web agent, and setu The Dockerfile is used to create the docker image of the 5.1.0 CAM Gateway. The image contains: -- Redhat ubi8 (Universal Base Image 8) +- Redhat ubi9 (Universal Base Image 9) - Apache httpd 2.4 - CAM web agent 5.9.1 - CAM Gateway setup scripts diff --git a/checkout-test/Dockerfile b/checkout-test/Dockerfile index fee7af1..420cd83 100644 --- a/checkout-test/Dockerfile +++ b/checkout-test/Dockerfile @@ -25,7 +25,7 @@ FROM anms-base COPY . /usr/src/checkout-test RUN --mount=type=cache,target=/var/cache/yum \ - dnf -y install python39 python39-pip python39-wheel + dnf -y install python3 python3-pip python3-wheel RUN --mount=type=cache,target=/root/.cache/pip \ pip3 install -r /usr/src/checkout-test/requirements.txt diff --git a/create_volume.sh b/create_volume.sh index 49de696..f462e38 100755 --- a/create_volume.sh +++ b/create_volume.sh @@ -19,7 +19,7 @@ fi docker volume create ${VOLNAME} CTRNAME=$(docker run --detach --rm \ -v ${VOLNAME}:${VOLPATH} -it \ - redhat/ubi8 tail -f /dev/null) + redhat/ubi9 tail -f /dev/null) docker exec ${CTRNAME} rm -rf ${VOLPATH}/* for FN in ${SRCPATH}/* diff --git a/ion/Dockerfile b/ion/Dockerfile index daa4f03..2adac6f 100644 --- a/ion/Dockerfile +++ b/ion/Dockerfile @@ -28,7 +28,7 @@ RUN dnf -y install \ perl-CPAN \ gdb less && \ dnf clean all && rm -rf /var/cache/yum && \ - PERL_MM_USE_DEFAULT=1 cpan --notest JSON REST::Client Expect File::Slurp + PERL_MM_USE_DEFAULT=1 cpan -T JSON REST::Client Expect File::Slurp # Build from added source COPY src *.patch /usr/src/ion-ios/ diff --git a/transcoder/Dockerfile b/transcoder/Dockerfile index 155dea6..ff74781 100644 --- a/transcoder/Dockerfile +++ b/transcoder/Dockerfile @@ -19,15 +19,9 @@ ## the prime contract 80NM0018D0004 between the Caltech and NASA under ## subcontract 1658085. ## -FROM anms-base - +FROM anms-acelib ENV APP_WORK_DIR /opt/app -# Install System Level Dependencies -RUN dnf -y install python39 python39-pip && \ - dnf clean all && rm -rf /var/cache/yum && \ - pip3 install --upgrade pip - # Copy over all required content (source, data, etc.) COPY --chown=${APP_USER}:${APP_USER} . ${APP_WORK_DIR}