From 6c369af962621217afd5350e2bedb616e4fdfce9 Mon Sep 17 00:00:00 2001 From: sdawley Date: Thu, 5 Dec 2024 14:53:01 -0800 Subject: [PATCH 1/5] CRW-7636 Update Code Dockerfiles to use UBI images --- devspaces-code/build/dockerfiles/Dockerfile | 4 ++-- devspaces-code/build/dockerfiles/brew.Dockerfile | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/devspaces-code/build/dockerfiles/Dockerfile b/devspaces-code/build/dockerfiles/Dockerfile index 7a311012b5..31c33b16fa 100644 --- a/devspaces-code/build/dockerfiles/Dockerfile +++ b/devspaces-code/build/dockerfiles/Dockerfile @@ -186,8 +186,8 @@ COPY --chmod=755 /build/remote-config /mnt/rootfs/remote/data/Machine/ # ################################################################################################################## -# https://registry.access.redhat.com/ubi8-minimal -FROM registry.access.redhat.com/ubi8-minimal:8.10-1154 +# https://registry.access.redhat.com/ubi9-minimal +FROM registry.access.redhat.com/ubi9-minimal:9.5-1731593028 COPY --from=ubi-builder /mnt/rootfs/ / ENV HOME=/home/che USER 1001 diff --git a/devspaces-code/build/dockerfiles/brew.Dockerfile b/devspaces-code/build/dockerfiles/brew.Dockerfile index e9671494d8..56036c61e6 100644 --- a/devspaces-code/build/dockerfiles/brew.Dockerfile +++ b/devspaces-code/build/dockerfiles/brew.Dockerfile @@ -422,8 +422,8 @@ RUN npm install \ # NOTE: can't use scatch images in OSBS, because unable to start container process: exec: \"/bin/sh\": stat /bin/sh: no such file or directory # so we must rebuild machineexec binary in this build -# https://registry.access.redhat.com/rhel8/go-toolset -FROM registry.redhat.io/rhel8/go-toolset:1.22.9-1 as machineexec-builder +# https://registry.access.redhat.com/ubi9/go-toolset +FROM registry.redhat.io/ubi9/go-toolset:1.22.7-1733160835 as machineexec-builder ENV GOPATH=/go/ # hadolint ignore=DL3002 USER root @@ -472,8 +472,8 @@ RUN rm /mnt/rootfs/etc/hosts ############################# BUILD 5: minimal final image ############## ######################################################################### -# https://registry.access.redhat.com/ubi8-minimal -FROM registry.redhat.io/ubi8-minimal:8.10-1154 +# https://registry.access.redhat.com/ubi9-minimal +FROM registry.redhat.io/ubi9-minimal:9.5-1731593028 COPY --from=ubi-builder /mnt/rootfs/ / ENV HOME=/home/che USER 1001 From 046d942754a07aedabbcd4ec4cbca0ba101583bd Mon Sep 17 00:00:00 2001 From: sdawley Date: Wed, 8 Jan 2025 15:53:59 -0800 Subject: [PATCH 2/5] Disable rhel8 repos in ubi9 build and enable rhel9 repos --- devspaces-code/build/dockerfiles/Dockerfile | 6 ++--- .../build/dockerfiles/brew.Dockerfile | 26 +++++++++++++++---- 2 files changed, 24 insertions(+), 8 deletions(-) diff --git a/devspaces-code/build/dockerfiles/Dockerfile b/devspaces-code/build/dockerfiles/Dockerfile index 31c33b16fa..bc7f4b8b8e 100644 --- a/devspaces-code/build/dockerfiles/Dockerfile +++ b/devspaces-code/build/dockerfiles/Dockerfile @@ -156,8 +156,8 @@ RUN npm install \ && cp -r out/src/*.js /checode/launcher \ && chgrp -R 0 /checode && chmod -R g+rwX /checode -# https://registry.access.redhat.com/ubi8/ubi -FROM registry.access.redhat.com/ubi8/ubi:8.10-1161 AS ubi-builder +# https://registry.access.redhat.com/ubi9 +FROM registry.redhat.io/ubi9:9.5-1734495538 AS ubi-builder RUN mkdir -p /mnt/rootfs RUN yum install --installroot /mnt/rootfs brotli libstdc++ coreutils glibc-minimal-langpack --releasever 8 --setopt install_weak_deps=false --nodocs -y && yum --installroot /mnt/rootfs clean all @@ -187,7 +187,7 @@ COPY --chmod=755 /build/remote-config /mnt/rootfs/remote/data/Machine/ ################################################################################################################## # https://registry.access.redhat.com/ubi9-minimal -FROM registry.access.redhat.com/ubi9-minimal:9.5-1731593028 +FROM registry.redhat.io/ubi9-minimal:9.5-1734497536 COPY --from=ubi-builder /mnt/rootfs/ / ENV HOME=/home/che USER 1001 diff --git a/devspaces-code/build/dockerfiles/brew.Dockerfile b/devspaces-code/build/dockerfiles/brew.Dockerfile index 56036c61e6..1d5dec5eee 100644 --- a/devspaces-code/build/dockerfiles/brew.Dockerfile +++ b/devspaces-code/build/dockerfiles/brew.Dockerfile @@ -423,7 +423,7 @@ RUN npm install \ # NOTE: can't use scatch images in OSBS, because unable to start container process: exec: \"/bin/sh\": stat /bin/sh: no such file or directory # so we must rebuild machineexec binary in this build # https://registry.access.redhat.com/ubi9/go-toolset -FROM registry.redhat.io/ubi9/go-toolset:1.22.7-1733160835 as machineexec-builder +FROM registry.redhat.io/ubi9/go-toolset:9.5-1733160835 as machineexec-builder ENV GOPATH=/go/ # hadolint ignore=DL3002 USER root @@ -440,12 +440,28 @@ RUN CGO_ENABLED=0 GOOS=linux go build -mod=vendor -a -ldflags '-w -s' -a -instal ############################# BUILD 4: rootfs assembly ################## ######################################################################### -# https://registry.access.redhat.com/ubi8 -FROM registry.redhat.io/ubi8:8.10-1161 as ubi-builder +# https://registry.access.redhat.com/ubi9 +FROM registry.redhat.io/ubi9:9.5-1734495538 as ubi-builder RUN mkdir -p /mnt/rootfs/projects /mnt/rootfs/home/che /mnt/rootfs/remote/data/Machine/ # hadolint ignore=DL3033 -RUN yum install --installroot /mnt/rootfs tar gzip brotli libstdc++ coreutils glibc-minimal-langpack --releasever 8 --setopt install_weak_deps=false --nodocs -y && yum --installroot /mnt/rootfs clean all + +# Enable pulp content sets to resolve libsecret & libxkbfile as rpm +COPY $REMOTE_SOURCES/devspaces-images-code/app/devspaces-code/build/dockerfiles/content_sets_pulp.repo /etc/yum.repos.d/ + +RUN echo "Disabling rhel-8 based repos..." && \ + dnf config-manager --set-disabled 'rhel-8*' && \ + +# hadolint ignore=DL3040,DL3041 +RUN \ + dnf install -y \ + --enablerepo=rhel-9-for-baseos-rpms-pulp \ + --enablerepo=rhel-9-for-appstream-rpms-pulp \ + --enablerepo=rhel-9-for-codeready-builder-rpms-pulp \ + --installroot /mnt/rootfs \ + tar gzip brotli libstdc++ coreutils glibc-minimal-langpack \ + --releasever 9 --setopt install_weak_deps=false --nodocs -y && \ + yum --installroot /mnt/rootfs clean all RUN rm -rf /mnt/rootfs/var/cache/* /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.* WORKDIR /mnt/rootfs @@ -473,7 +489,7 @@ RUN rm /mnt/rootfs/etc/hosts ######################################################################### # https://registry.access.redhat.com/ubi9-minimal -FROM registry.redhat.io/ubi9-minimal:9.5-1731593028 +FROM registry.redhat.io/ubi9-minimal:9.5-1734497536 COPY --from=ubi-builder /mnt/rootfs/ / ENV HOME=/home/che USER 1001 From 2f71aa154520b786c12a204147259fef6a4de08a Mon Sep 17 00:00:00 2001 From: sdawley Date: Wed, 8 Jan 2025 20:58:41 -0800 Subject: [PATCH 3/5] rebase and remove line breaks --- devspaces-code/build/dockerfiles/brew.Dockerfile | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/devspaces-code/build/dockerfiles/brew.Dockerfile b/devspaces-code/build/dockerfiles/brew.Dockerfile index 1d5dec5eee..93c50e3153 100644 --- a/devspaces-code/build/dockerfiles/brew.Dockerfile +++ b/devspaces-code/build/dockerfiles/brew.Dockerfile @@ -458,10 +458,7 @@ RUN \ --enablerepo=rhel-9-for-baseos-rpms-pulp \ --enablerepo=rhel-9-for-appstream-rpms-pulp \ --enablerepo=rhel-9-for-codeready-builder-rpms-pulp \ - --installroot /mnt/rootfs \ - tar gzip brotli libstdc++ coreutils glibc-minimal-langpack \ - --releasever 9 --setopt install_weak_deps=false --nodocs -y && \ - yum --installroot /mnt/rootfs clean all + --installroot /mnt/rootfs tar gzip brotli libstdc++ coreutils glibc-minimal-langpack --releasever 9 --setopt install_weak_deps=false --nodocs -y && yum --installroot /mnt/rootfs clean all RUN rm -rf /mnt/rootfs/var/cache/* /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.* WORKDIR /mnt/rootfs From f820ffa6c43a7cd739ee90e50c65a3255d24c35c Mon Sep 17 00:00:00 2001 From: sdawley Date: Thu, 9 Jan 2025 14:28:08 -0800 Subject: [PATCH 4/5] Fix syntax, remove extra && \ --- devspaces-code/build/dockerfiles/brew.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devspaces-code/build/dockerfiles/brew.Dockerfile b/devspaces-code/build/dockerfiles/brew.Dockerfile index 93c50e3153..97e024ee4b 100644 --- a/devspaces-code/build/dockerfiles/brew.Dockerfile +++ b/devspaces-code/build/dockerfiles/brew.Dockerfile @@ -450,7 +450,7 @@ RUN mkdir -p /mnt/rootfs/projects /mnt/rootfs/home/che /mnt/rootfs/remote/data/M COPY $REMOTE_SOURCES/devspaces-images-code/app/devspaces-code/build/dockerfiles/content_sets_pulp.repo /etc/yum.repos.d/ RUN echo "Disabling rhel-8 based repos..." && \ - dnf config-manager --set-disabled 'rhel-8*' && \ + dnf config-manager --set-disabled 'rhel-8*' # hadolint ignore=DL3040,DL3041 RUN \ From c1dffb37a0c891be3251f2013f1304c78d4996a8 Mon Sep 17 00:00:00 2001 From: sdawley Date: Fri, 10 Jan 2025 09:56:01 -0800 Subject: [PATCH 5/5] Don't enable codeready-builder since we don't need any rpms from that repo. --- devspaces-code/build/dockerfiles/brew.Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/devspaces-code/build/dockerfiles/brew.Dockerfile b/devspaces-code/build/dockerfiles/brew.Dockerfile index 97e024ee4b..a1965cd608 100644 --- a/devspaces-code/build/dockerfiles/brew.Dockerfile +++ b/devspaces-code/build/dockerfiles/brew.Dockerfile @@ -457,7 +457,6 @@ RUN \ dnf install -y \ --enablerepo=rhel-9-for-baseos-rpms-pulp \ --enablerepo=rhel-9-for-appstream-rpms-pulp \ - --enablerepo=rhel-9-for-codeready-builder-rpms-pulp \ --installroot /mnt/rootfs tar gzip brotli libstdc++ coreutils glibc-minimal-langpack --releasever 9 --setopt install_weak_deps=false --nodocs -y && yum --installroot /mnt/rootfs clean all RUN rm -rf /mnt/rootfs/var/cache/* /mnt/rootfs/var/log/dnf* /mnt/rootfs/var/log/yum.*