Skip to content

Commit 9f55bee

Browse files
riprasadriprasad
authored
Merge pull request opendatahub-io#1383 from red-hat-data-services/RHOAIENG-31081
Add Konflux Dockerfile
2 parents 85da881 + 7580c21 commit 9f55bee

File tree

30 files changed

+4317
-0
lines changed

30 files changed

+4317
-0
lines changed

codeserver/ubi9-python-3.11/Dockerfile.konflux.cpu

Lines changed: 147 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,147 @@
1+
####################
2+
# base #
3+
####################
4+
FROM registry.access.redhat.com/ubi9/python-311:latest AS base
5+
6+
WORKDIR /opt/app-root/bin
7+
8+
# OS Packages needs to be installed as root
9+
USER 0
10+
11+
# Install useful OS packages
12+
RUN dnf install -y mesa-libGL skopeo && dnf clean all && rm -rf /var/cache/yum
13+
14+
# Other apps and tools installed as default user
15+
USER 1001
16+
17+
# Install micropipenv to deploy packages from Pipfile.lock
18+
RUN pip install --no-cache-dir -U "micropipenv[toml]"
19+
20+
# Install the oc client
21+
RUN curl -L https://mirror.openshift.com/pub/openshift-v4/$(uname -m)/clients/ocp/stable/openshift-client-linux.tar.gz \
22+
-o /tmp/openshift-client-linux.tar.gz && \
23+
tar -xzvf /tmp/openshift-client-linux.tar.gz oc && \
24+
rm -f /tmp/openshift-client-linux.tar.gz
25+
26+
27+
####################
28+
# codeserver #
29+
####################
30+
FROM base AS codeserver
31+
32+
ARG TARGETOS TARGETARCH
33+
34+
ARG CODESERVER_SOURCE_CODE=codeserver/ubi9-python-3.11
35+
ARG CODESERVER_VERSION=v4.98.0
36+
37+
USER 0
38+
39+
WORKDIR /opt/app-root/bin
40+
41+
# Install useful OS packages
42+
RUN dnf install -y jq git-lfs libsndfile && dnf clean all && rm -rf /var/cache/yum
43+
44+
# Install code-server
45+
RUN yum install -y "https://github.com/coder/code-server/releases/download/${CODESERVER_VERSION}/code-server-${CODESERVER_VERSION/v/}-${TARGETARCH}.rpm" && \
46+
yum -y clean all --enablerepo='*'
47+
48+
COPY --chown=1001:0 ${CODESERVER_SOURCE_CODE}/utils utils/
49+
50+
# Create and intall the extensions though build-time on a temporary directory. Later this directory will copied on the `/opt/app-root/src/.local/share/code-server/extensions` via run-code-server.sh file when it starts up.
51+
RUN mkdir -p /opt/app-root/extensions-temp && \
52+
code-server --install-extension /opt/app-root/bin/utils/ms-python.python-2025.2.0.vsix --extensions-dir /opt/app-root/extensions-temp && \
53+
code-server --install-extension /opt/app-root/bin/utils/ms-toolsai.jupyter-2025.2.0.vsix --extensions-dir /opt/app-root/extensions-temp
54+
55+
# Install NGINX to proxy code-server and pass probes check
56+
ENV NGINX_VERSION=1.24 \
57+
NGINX_SHORT_VER=124 \
58+
NGINX_CONFIGURATION_PATH=${APP_ROOT}/etc/nginx.d \
59+
NGINX_CONF_PATH=/etc/nginx/nginx.conf \
60+
NGINX_DEFAULT_CONF_PATH=${APP_ROOT}/etc/nginx.default.d \
61+
NGINX_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/nginx \
62+
NGINX_APP_ROOT=${APP_ROOT} \
63+
NGINX_LOG_PATH=/var/log/nginx \
64+
NGINX_PERL_MODULE_PATH=${APP_ROOT}/etc/perl
65+
66+
# Modules does not exist
67+
RUN yum install -y https://download.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm && \
68+
INSTALL_PKGS="bind-utils nginx nginx-mod-stream nginx-mod-http-perl fcgiwrap initscripts chkconfig supervisor" && \
69+
yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
70+
rpm -V $INSTALL_PKGS && \
71+
yum -y clean all --enablerepo='*'
72+
73+
COPY --chown=1001:0 ${CODESERVER_SOURCE_CODE}/supervisord/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
74+
75+
# Copy extra files to the image.
76+
COPY --chown=1001:0 ${CODESERVER_SOURCE_CODE}/nginx/root/ /
77+
78+
# Changing ownership and user rights to support following use-cases:
79+
# 1) running container on OpenShift, whose default security model
80+
# is to run the container under random UID, but GID=0
81+
# 2) for working root-less container with UID=1001, which does not have
82+
# to have GID=0
83+
# 3) for default use-case, that is running container directly on operating system,
84+
# with default UID and GID (1001:0)
85+
# Supported combinations of UID:GID are thus following:
86+
# UID=1001 && GID=0
87+
# UID=<any>&& GID=0
88+
# UID=1001 && GID=<any>
89+
RUN sed -i -f ${NGINX_APP_ROOT}/nginxconf.sed ${NGINX_CONF_PATH} && \
90+
mkdir -p ${NGINX_APP_ROOT}/etc/nginx.d/ && \
91+
mkdir -p ${NGINX_APP_ROOT}/etc/nginx.default.d/ && \
92+
mkdir -p ${NGINX_APP_ROOT}/api/ && \
93+
mkdir -p ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
94+
mkdir -p ${NGINX_LOG_PATH} && \
95+
mkdir -p ${NGINX_PERL_MODULE_PATH} && \
96+
chown -R 1001:0 ${NGINX_CONF_PATH} && \
97+
chown -R 1001:0 ${NGINX_APP_ROOT}/etc && \
98+
chown -R 1001:0 ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
99+
chown -R 1001:0 /var/lib/nginx /var/log/nginx /run && \
100+
chmod ug+rw ${NGINX_CONF_PATH} && \
101+
chmod -R ug+rwX ${NGINX_APP_ROOT}/etc && \
102+
chmod -R ug+rwX ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
103+
chmod -R ug+rwX /var/lib/nginx /var/log/nginx /run && \
104+
rpm-file-permissions && \
105+
# Ensure the temporary directory and target directory have the correct permissions
106+
mkdir -p /opt/app-root/src/.local/share/code-server/extensions && \
107+
mkdir -p /opt/app-root/src/.local/share/code-server/coder-logs && \
108+
chown -R 1001:0 /opt/app-root/src/.local/share/code-server && \
109+
chown -R 1001:0 /opt/app-root/extensions-temp && \
110+
chown -R 1001:0 /opt/app-root/src/.config/code-server
111+
112+
## Configure nginx
113+
COPY ${CODESERVER_SOURCE_CODE}/nginx/serverconf/ /opt/app-root/etc/nginx.default.d/
114+
COPY ${CODESERVER_SOURCE_CODE}/nginx/httpconf/ /opt/app-root/etc/nginx.d/
115+
COPY ${CODESERVER_SOURCE_CODE}/nginx/api/ /opt/app-root/api/
116+
117+
# Launcher
118+
COPY --chown=1001:0 ${CODESERVER_SOURCE_CODE}/run-code-server.sh ${CODESERVER_SOURCE_CODE}/run-nginx.sh ./
119+
120+
ENV SHELL=/bin/bash
121+
122+
ENV PYTHONPATH=/opt/app-root/bin/python3
123+
124+
USER 1001
125+
126+
# Install useful packages from Pipfile.lock
127+
COPY ${CODESERVER_SOURCE_CODE}/Pipfile.lock ./
128+
129+
# Install packages and cleanup
130+
RUN echo "Installing softwares and packages" && \
131+
micropipenv install && \
132+
rm -f ./Pipfile.lock && \
133+
# Fix permissions to support pip in Openshift environments \
134+
chmod -R g+w /opt/app-root/lib/python3.11/site-packages && \
135+
fix-permissions /opt/app-root -P
136+
137+
WORKDIR /opt/app-root/src
138+
139+
CMD ["/opt/app-root/bin/run-code-server.sh"]
140+
141+
LABEL name="rhoai/odh-workbench-codeserver-datascience-cpu-py311-rhel9" \
142+
com.redhat.component="odh-workbench-codeserver-datascience-cpu-py311-rhel9" \
143+
io.k8s.display-name="odh-workbench-codeserver-datascience-cpu-py311-rhel9" \
144+
summary="code-server image with python 3.11 based on UBI 9" \
145+
description="code-server image with python 3.11 based on UBI9" \
146+
io.k8s.description="code-server image with python 3.11 based on UBI9" \
147+
com.redhat.license_terms="https://www.redhat.com/licenses/Red_Hat_Standard_EULA_20191108.pdf"

codeserver/ubi9-python-3.12/Dockerfile.konflux.cpu

Lines changed: 147 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,147 @@
1+
####################
2+
# base #
3+
####################
4+
FROM registry.access.redhat.com/ubi9/python-312:latest AS base
5+
6+
WORKDIR /opt/app-root/bin
7+
8+
# OS Packages needs to be installed as root
9+
USER 0
10+
11+
# Install useful OS packages
12+
RUN dnf install -y mesa-libGL skopeo && dnf clean all && rm -rf /var/cache/yum
13+
14+
# Other apps and tools installed as default user
15+
USER 1001
16+
17+
# Install micropipenv to deploy packages from Pipfile.lock
18+
RUN pip install --no-cache-dir -U "micropipenv[toml]"
19+
20+
# Install the oc client
21+
RUN curl -L https://mirror.openshift.com/pub/openshift-v4/$(uname -m)/clients/ocp/stable/openshift-client-linux.tar.gz \
22+
-o /tmp/openshift-client-linux.tar.gz && \
23+
tar -xzvf /tmp/openshift-client-linux.tar.gz oc && \
24+
rm -f /tmp/openshift-client-linux.tar.gz
25+
26+
27+
####################
28+
# codeserver #
29+
####################
30+
FROM base AS codeserver
31+
32+
ARG TARGETOS TARGETARCH
33+
34+
ARG CODESERVER_SOURCE_CODE=codeserver/ubi9-python-3.12
35+
ARG CODESERVER_VERSION=v4.98.0
36+
37+
USER 0
38+
39+
WORKDIR /opt/app-root/bin
40+
41+
# Install useful OS packages
42+
RUN dnf install -y jq git-lfs libsndfile && dnf clean all && rm -rf /var/cache/yum
43+
44+
# Install code-server
45+
RUN yum install -y "https://github.com/coder/code-server/releases/download/${CODESERVER_VERSION}/code-server-${CODESERVER_VERSION/v/}-${TARGETARCH}.rpm" && \
46+
yum -y clean all --enablerepo='*'
47+
48+
COPY --chown=1001:0 ${CODESERVER_SOURCE_CODE}/utils utils/
49+
50+
# Create and intall the extensions though build-time on a temporary directory. Later this directory will copied on the `/opt/app-root/src/.local/share/code-server/extensions` via run-code-server.sh file when it starts up.
51+
RUN mkdir -p /opt/app-root/extensions-temp && \
52+
code-server --install-extension /opt/app-root/bin/utils/ms-python.python-2025.2.0.vsix --extensions-dir /opt/app-root/extensions-temp && \
53+
code-server --install-extension /opt/app-root/bin/utils/ms-toolsai.jupyter-2025.2.0.vsix --extensions-dir /opt/app-root/extensions-temp
54+
55+
# Install NGINX to proxy code-server and pass probes check
56+
ENV NGINX_VERSION=1.24 \
57+
NGINX_SHORT_VER=124 \
58+
NGINX_CONFIGURATION_PATH=${APP_ROOT}/etc/nginx.d \
59+
NGINX_CONF_PATH=/etc/nginx/nginx.conf \
60+
NGINX_DEFAULT_CONF_PATH=${APP_ROOT}/etc/nginx.default.d \
61+
NGINX_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/nginx \
62+
NGINX_APP_ROOT=${APP_ROOT} \
63+
NGINX_LOG_PATH=/var/log/nginx \
64+
NGINX_PERL_MODULE_PATH=${APP_ROOT}/etc/perl
65+
66+
# Modules does not exist
67+
RUN yum install -y https://download.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm && \
68+
INSTALL_PKGS="bind-utils nginx nginx-mod-stream nginx-mod-http-perl fcgiwrap initscripts chkconfig supervisor" && \
69+
yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
70+
rpm -V $INSTALL_PKGS && \
71+
yum -y clean all --enablerepo='*'
72+
73+
COPY --chown=1001:0 ${CODESERVER_SOURCE_CODE}/supervisord/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
74+
75+
# Copy extra files to the image.
76+
COPY --chown=1001:0 ${CODESERVER_SOURCE_CODE}/nginx/root/ /
77+
78+
# Changing ownership and user rights to support following use-cases:
79+
# 1) running container on OpenShift, whose default security model
80+
# is to run the container under random UID, but GID=0
81+
# 2) for working root-less container with UID=1001, which does not have
82+
# to have GID=0
83+
# 3) for default use-case, that is running container directly on operating system,
84+
# with default UID and GID (1001:0)
85+
# Supported combinations of UID:GID are thus following:
86+
# UID=1001 && GID=0
87+
# UID=<any>&& GID=0
88+
# UID=1001 && GID=<any>
89+
RUN sed -i -f ${NGINX_APP_ROOT}/nginxconf.sed ${NGINX_CONF_PATH} && \
90+
mkdir -p ${NGINX_APP_ROOT}/etc/nginx.d/ && \
91+
mkdir -p ${NGINX_APP_ROOT}/etc/nginx.default.d/ && \
92+
mkdir -p ${NGINX_APP_ROOT}/api/ && \
93+
mkdir -p ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
94+
mkdir -p ${NGINX_LOG_PATH} && \
95+
mkdir -p ${NGINX_PERL_MODULE_PATH} && \
96+
chown -R 1001:0 ${NGINX_CONF_PATH} && \
97+
chown -R 1001:0 ${NGINX_APP_ROOT}/etc && \
98+
chown -R 1001:0 ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
99+
chown -R 1001:0 /var/lib/nginx /var/log/nginx /run && \
100+
chmod ug+rw ${NGINX_CONF_PATH} && \
101+
chmod -R ug+rwX ${NGINX_APP_ROOT}/etc && \
102+
chmod -R ug+rwX ${NGINX_CONTAINER_SCRIPTS_PATH}/nginx-start && \
103+
chmod -R ug+rwX /var/lib/nginx /var/log/nginx /run && \
104+
rpm-file-permissions && \
105+
# Ensure the temporary directory and target directory have the correct permissions
106+
mkdir -p /opt/app-root/src/.local/share/code-server/extensions && \
107+
mkdir -p /opt/app-root/src/.local/share/code-server/coder-logs && \
108+
chown -R 1001:0 /opt/app-root/src/.local/share/code-server && \
109+
chown -R 1001:0 /opt/app-root/extensions-temp && \
110+
chown -R 1001:0 /opt/app-root/src/.config/code-server
111+
112+
## Configure nginx
113+
COPY ${CODESERVER_SOURCE_CODE}/nginx/serverconf/ /opt/app-root/etc/nginx.default.d/
114+
COPY ${CODESERVER_SOURCE_CODE}/nginx/httpconf/ /opt/app-root/etc/nginx.d/
115+
COPY ${CODESERVER_SOURCE_CODE}/nginx/api/ /opt/app-root/api/
116+
117+
# Launcher
118+
COPY --chown=1001:0 ${CODESERVER_SOURCE_CODE}/run-code-server.sh ${CODESERVER_SOURCE_CODE}/run-nginx.sh ./
119+
120+
ENV SHELL=/bin/bash
121+
122+
ENV PYTHONPATH=/opt/app-root/bin/python3
123+
124+
USER 1001
125+
126+
# Install useful packages from Pipfile.lock
127+
COPY ${CODESERVER_SOURCE_CODE}/Pipfile.lock ./
128+
129+
# Install packages and cleanup
130+
RUN echo "Installing softwares and packages" && \
131+
micropipenv install && \
132+
rm -f ./Pipfile.lock && \
133+
# Fix permissions to support pip in Openshift environments \
134+
chmod -R g+w /opt/app-root/lib/python3.12/site-packages && \
135+
fix-permissions /opt/app-root -P
136+
137+
WORKDIR /opt/app-root/src
138+
139+
CMD ["/opt/app-root/bin/run-code-server.sh"]
140+
141+
LABEL name="rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9" \
142+
com.redhat.component="odh-workbench-codeserver-datascience-cpu-py312-rhel9" \
143+
io.k8s.display-name="odh-workbench-codeserver-datascience-cpu-py312-rhel9" \
144+
summary="code-server image with python 3.12 based on UBI 9" \
145+
description="code-server image with python 3.12 based on UBI9" \
146+
io.k8s.description="code-server image with python 3.11 based on UBI9" \
147+
com.redhat.license_terms="https://www.redhat.com/licenses/Red_Hat_Standard_EULA_20191108.pdf"

0 commit comments

Comments
 (0)