Improve the container image (#570)

Signed-off-by: Marc Schöchlin <[email protected]>
osism · Mar 12, 2024 · ab31223 · ab31223
1 parent 68933b6
commit ab31223
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 4 deletions.
diff --git a/Containerfile b/Containerfile
@@ -1,7 +1,7 @@
 ARG PYTHON_VERSION=3.10
 FROM python:${PYTHON_VERSION}-alpine
 
-COPY . /data
+COPY requirements.txt /tmp/requirements.txt
 
 # hadolint ignore=DL3018
 RUN apk add --no-cache \
@@ -17,14 +17,17 @@ RUN apk add --no-cache \
       python3-dev \
       rust \
     && pip3 --no-cache-dir install --upgrade 'pip==24.0' \
-    && pip3 --no-cache-dir install -r /data/requirements.txt \
+    && pip3 --no-cache-dir install -r /tmp/requirements.txt \
     && apk del .build-deps \
     && mkdir /output
 
+COPY . /data
+
 WORKDIR /data
 
 VOLUME ["/output"]
-CMD ["cookiecutter", "-o", "/output", "/data"]
+
+ENTRYPOINT ["/data/entrypoint.sh"]
 
 LABEL "org.opencontainers.image.documentation"="https://osism.github.io/docs/intro" \
       "org.opencontainers.image.licenses"="ASL 2.0" \

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+if [ "$1" = "/bin/bash" ];then
+  exec /bin/bash
+fi
+
+if [ -z "$TARGET_UID" ];then
+   echo "ERROR: ENVIRONMENT VARIABLE TARGET_UID IS NOT PROVIDED"
+   exit 1
+fi
+if [ -z "$TARGET_GID" ];then
+   echo "ERROR: ENVIRONMENT VARIABLE TARGET_GID IS NOT PROVIDED"
+   exit 1
+fi
+
+set -x
+umask 0077
+cookiecutter -o /output /data $@
+chown -R $TARGET_UID:$TARGET_GID /output
+
+set +x
+echo "COOKIECUTTER COMPLETED"
diff --git a/hooks/post_gen_project.sh b/hooks/post_gen_project.sh
@@ -21,6 +21,7 @@ python3 scripts/set-secrets.py
 python3 scripts/set-ssh-keypairs.py
 
 python3 scripts/generate-keepass.py
+
 chmod 0600 secrets/keepass.kdbx
 
 pwgen -1 32 > secrets/vaultpass

diff --git a/playbooks/build.yml b/playbooks/build.yml
@@ -34,6 +34,7 @@
 
           docker buildx build \
               --build-arg "VERSION=$version" \
+              --progress=plain \
               --label "org.opencontainers.image.created=$created" \
               --label "org.opencontainers.image.documentation=https://docs.osism.tech" \
               --label "org.opencontainers.image.licenses=ASL 2.0" \

diff --git a/requirements.txt b/requirements.txt
@@ -8,7 +8,7 @@ oslo.utils==7.1.0
 paramiko==3.4.0
 passlib==1.7.4
 pwgen==0.8.2.post0
-pycrypto==2.6.1
+pycryptodome==3.20.0
 pykeepass==4.0.7
 python-gilt==1.2.3
 ruamel.yaml==0.18.6