diff --git a/.gitignore b/.gitignore index b968ec6f..3f82f1bd 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ settings/ containers/ pgsql/ pulp_storage/ +s6-overlay-amd64.tar.gz diff --git a/images/Containerfile.core.base b/images/Containerfile.core.base index 17cc6b07..0a33ada4 100644 --- a/images/Containerfile.core.base +++ b/images/Containerfile.core.base @@ -73,22 +73,6 @@ RUN dnf -y install python${PYTHON_VERSION} python3-cryptography python${PYTHON_V getcap /usr/bin/newuidmap | grep cap_setuid || dnf -y reinstall -y shadow-utils && \ dnf clean all -# Needed to prevent the wrong version of cryptography from being installed, -# which would break PyOpenSSL. -# Need to install optional dep, rhsm, for pulp-certguard -RUN pip3 install --upgrade pip setuptools wheel && \ - rm -rf /root/.cache/pip && \ - pip3 install \ - rhsm \ - setproctitle \ - gunicorn \ - python-nginx \ - django-auth-ldap \ - django-storages\[boto3,azure]\>=1.12.2 \ - requests\[use_chardet_on_py3] && \ - rm -rf /root/.cache/pip - - RUN groupadd -g 700 --system pulp RUN useradd -d /var/lib/pulp --system -u 700 -g pulp pulp @@ -130,6 +114,7 @@ COPY images/assets/add_signing_service.sh /usr/bin/add_signing_service.sh COPY images/assets/pulp-api /usr/bin/pulp-api COPY images/assets/pulp-content /usr/bin/pulp-content COPY images/assets/pulp-worker /usr/bin/pulp-worker +COPY images/assets/constraints.txt /constraints.txt # Need to precreate when running pulp as the pulp user RUN touch /var/log/galaxy_api_access.log && \ diff --git a/images/assets/constraints.txt b/images/assets/constraints.txt new file mode 100644 index 00000000..358a1de9 --- /dev/null +++ b/images/assets/constraints.txt @@ -0,0 +1,2 @@ +pulpcore>=3.21 +pulp_container>=2.14 diff --git a/images/galaxy-minimal/nightly/Containerfile.core b/images/galaxy-minimal/nightly/Containerfile.core index a70b601b..0036c0f7 100644 --- a/images/galaxy-minimal/nightly/Containerfile.core +++ b/images/galaxy-minimal/nightly/Containerfile.core @@ -1,7 +1,9 @@ ARG FROM_TAG="latest" FROM pulp/base:${FROM_TAG} -RUN pip3 install git+https://github.com/ansible/galaxy_ng +RUN pip3 install git+https://github.com/ansible/galaxy_ng \ + -c /constraints.txt && \ + rm -rf /root/.cache/pip USER pulp:pulp RUN PULP_STATIC_ROOT=/var/lib/operator/static/ PULP_CONTENT_ORIGIN=localhost \ diff --git a/images/galaxy-minimal/stable/Containerfile.core b/images/galaxy-minimal/stable/Containerfile.core index d28a132c..21e6284a 100644 --- a/images/galaxy-minimal/stable/Containerfile.core +++ b/images/galaxy-minimal/stable/Containerfile.core @@ -6,7 +6,8 @@ ARG GALAXY_NG_VERSION="" RUN pip3 install --upgrade \ galaxy-ng${GALAXY_NG_VERSION} \ - pulpcore${PULPCORE_VERSION} && \ + pulpcore${PULPCORE_VERSION} \ + -c /constraints.txt && \ rm -rf /root/.cache/pip # Prevent pip-installed /usr/local/bin/pulp-content from getting run instead of diff --git a/images/galaxy/nightly/Containerfile b/images/galaxy/nightly/Containerfile index 4c11c17f..1013de08 100644 --- a/images/galaxy/nightly/Containerfile +++ b/images/galaxy/nightly/Containerfile @@ -5,7 +5,8 @@ ARG GALAXY_NG_VERSION="" RUN pip3 install --upgrade \ git+https://github.com/ansible/galaxy_ng.git@master \ - requests && \ + requests \ + -c /constraints.txt && \ rm -rf /root/.cache/pip USER pulp:pulp diff --git a/images/galaxy/stable/Containerfile b/images/galaxy/stable/Containerfile index 47641bb5..96b43106 100644 --- a/images/galaxy/stable/Containerfile +++ b/images/galaxy/stable/Containerfile @@ -7,7 +7,8 @@ ARG GALAXY_NG_VERSION="" RUN pip3 install --upgrade \ galaxy-ng${GALAXY_NG_VERSION} \ pulpcore${PULPCORE_VERSION} \ - requests && \ + requests \ + -c /constraints.txt && \ rm -rf /root/.cache/pip USER pulp:pulp diff --git a/images/pulp-minimal/nightly/Containerfile.core b/images/pulp-minimal/nightly/Containerfile.core index 69cb582b..8fffb094 100644 --- a/images/pulp-minimal/nightly/Containerfile.core +++ b/images/pulp-minimal/nightly/Containerfile.core @@ -9,10 +9,12 @@ RUN pip3 install git+https://github.com/pulp/pulpcore.git#egg=pulpcore \ git+https://github.com/pulp/pulp_file.git \ git+https://github.com/pulp/pulp_gem.git \ git+https://github.com/pulp/pulp_maven.git \ - git+https://github.com/pulp/pulp_npm.git \ git+https://github.com/pulp/pulp_ostree.git \ git+https://github.com/pulp/pulp_python.git \ - git+https://github.com/pulp/pulp_rpm.git + git+https://github.com/pulp/pulp_rpm.git \ + rhsm \ + -c /constraints.txt && \ + rm -rf /root/.cache/pip USER pulp:pulp RUN PULP_STATIC_ROOT=/var/lib/operator/static/ PULP_CONTENT_ORIGIN=localhost \ diff --git a/images/pulp-minimal/stable/Containerfile.core b/images/pulp-minimal/stable/Containerfile.core index 5ffda238..1ffb70fe 100644 --- a/images/pulp-minimal/stable/Containerfile.core +++ b/images/pulp-minimal/stable/Containerfile.core @@ -22,7 +22,9 @@ RUN pip3 install --upgrade \ pulp-maven${PULP_MAVEN_VERSION} \ pulp-python${PULP_PYTHON_VERSION} \ pulp-rpm${PULP_RPM_VERSION} \ - pulp-ostree${PULP_OSTREE_VERSION} && \ + pulp-ostree${PULP_OSTREE_VERSION} \ + rhsm \ + -c /constraints.txt && \ rm -rf /root/.cache/pip # Prevent pip-installed /usr/local/bin/pulp-content from getting run instead of diff --git a/images/pulp/nightly/Containerfile b/images/pulp/nightly/Containerfile index deb36a3c..3828ab33 100644 --- a/images/pulp/nightly/Containerfile +++ b/images/pulp/nightly/Containerfile @@ -10,11 +10,11 @@ RUN pip3 install --upgrade \ git+https://github.com/pulp/pulp_file@main \ git+https://github.com/pulp/pulp_gem@main \ git+https://github.com/pulp/pulp_maven@main \ - git+https://github.com/pulp/pulp_npm@main \ git+https://github.com/pulp/pulp_ostree@main \ git+https://github.com/pulp/pulp_python@main \ git+https://github.com/pulp/pulp_rpm@main \ - requests && \ + rhsm \ + -c /constraints.txt && \ rm -rf /root/.cache/pip USER pulp:pulp diff --git a/images/pulp/stable/Containerfile b/images/pulp/stable/Containerfile index cd2bce7e..7d410455 100644 --- a/images/pulp/stable/Containerfile +++ b/images/pulp/stable/Containerfile @@ -25,7 +25,9 @@ RUN pip3 install --upgrade \ pulp-python${PULP_PYTHON_VERSION} \ pulp-rpm${PULP_RPM_VERSION} \ pulp-ostree${PULP_OSTREE_VERSION} \ - requests && \ + rhsm \ + requests \ + -c /constraints.txt && \ rm -rf /root/.cache/pip USER pulp:pulp diff --git a/images/s6_assets/openssl.cnf b/images/s6_assets/openssl.cnf index f850eb17..0af72898 100644 --- a/images/s6_assets/openssl.cnf +++ b/images/s6_assets/openssl.cnf @@ -375,3 +375,4 @@ DNS.3 = ci.pulp.com DNS.4 = galaxy DNS.5 = galaxy.example.com DNS.6 = ci.galaxy.com +DNS.7 = pulp-ephemeral