Skip to content

Commit bca8bad

Browse files
maltesandermaltesander
committed
consolidation
1 parent 4b3f492 commit bca8bad

File tree

1 file changed

+37
-13
lines changed

1 file changed

+37
-13
lines changed

hbase/Dockerfile

Lines changed: 37 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -89,9 +89,10 @@ if [ "${DELETE_CACHES}" = "true" ] ; then
8989
fi
9090

9191
# set correct groups
92-
chmod -R g=u /stackable
92+
chmod --recursive g=u /stackable
9393
EOF
9494

95+
9596
FROM stackable/image/java-devel AS opa-authorizer-builder
9697

9798
ARG OPA_AUTHORIZER
@@ -124,9 +125,10 @@ if [ "${DELETE_CACHES}" = "true" ] ; then
124125
fi
125126

126127
# set correct groups
127-
chmod -R g=u /stackable
128+
chmod --recursive g=u /stackable
128129
EOF
129130

131+
130132
FROM stackable/image/java-devel AS hbase-operator-tools-builder
131133

132134
ARG HBASE_OPERATOR_TOOLS
@@ -145,7 +147,7 @@ ARG DELETE_CACHES="true"
145147
COPY --chown=${STACKABLE_USER_UID}:0 hbase/stackable/bin/hbck2.env /stackable/bin/
146148
COPY --chown=${STACKABLE_USER_UID}:0 hbase/hbase-operator-tools/stackable/patches /stackable/patches
147149
COPY --chown=${STACKABLE_USER_UID}:0 hbase/stackable/patches/apply_patches.sh /stackable/patches
148-
COPY --chown=${STACKABLE_USER_UID}:0 --chmod=755 hbase/stackable/bin/hbase-entrypoint.sh /stackable/bin/
150+
COPY --chown=${STACKABLE_USER_UID}:0 hbase/stackable/bin/hbase-entrypoint.sh /stackable/bin/
149151

150152
USER ${STACKABLE_USER_UID}
151153
WORKDIR /stackable
@@ -193,7 +195,7 @@ if [ "${DELETE_CACHES}" = "true" ] ; then
193195
fi
194196

195197
# set correct groups
196-
chmod -R g=u /stackable
198+
chmod --recursive g=u /stackable
197199
EOF
198200

199201

@@ -227,9 +229,10 @@ chmod +x /stackable/bin/export-snapshot-to-s3
227229
rm /stackable/bin/export-snapshot-to-s3.env
228230

229231
# set correct groups
230-
chmod -R g=u /stackable
232+
chmod --recursive g=u /stackable
231233
EOF
232234

235+
233236
FROM stackable/image/java-devel AS phoenix-builder
234237

235238
ARG PRODUCT
@@ -290,7 +293,7 @@ if [ "${DELETE_CACHES}" = "true" ] ; then
290293
fi
291294

292295
# set correct groups
293-
chmod -R g=u /stackable
296+
chmod --recursive g=u /stackable
294297
EOF
295298

296299

@@ -365,24 +368,45 @@ microdnf install \
365368
microdnf clean all
366369
rpm -qa --qf "%{NAME}-%{VERSION}-%{RELEASE}\n" | sort > /stackable/package_manifest.txt
367370
chown ${STACKABLE_USER_UID}:0 /stackable/package_manifest.txt
371+
chmod g=u /stackable/package_manifest.txt
368372
rm -rf /var/cache/yum
369373

370374
ln --symbolic --logical --verbose "/stackable/hbase-${PRODUCT}" /stackable/hbase
371-
chown -h ${STACKABLE_USER_UID}:0 /stackable/hbase
375+
chown --no-dereference ${STACKABLE_USER_UID}:0 /stackable/hbase
376+
chmod g=u /stackable/hbase
372377

373378
ln --symbolic --logical --verbose "/stackable/hbase-operator-tools-${HBASE_OPERATOR_TOOLS}" /stackable/hbase-operator-tools
374-
chown -h ${STACKABLE_USER_UID}:0 /stackable/hbase-operator-tools
379+
chown --no-dereference ${STACKABLE_USER_UID}:0 /stackable/hbase-operator-tools
380+
chmod g=u /stackable/hbase-operator-tools
375381

376382
ln --symbolic --logical --verbose "/stackable/phoenix/phoenix-server-hbase-${HBASE_PROFILE}.jar" "/stackable/hbase/lib/phoenix-server-hbase-${HBASE_PROFILE}.jar"
377-
chown -h ${STACKABLE_USER_UID}:0 "/stackable/hbase/lib/phoenix-server-hbase-${HBASE_PROFILE}.jar"
383+
chown --no-dereference ${STACKABLE_USER_UID}:0 "/stackable/hbase/lib/phoenix-server-hbase-${HBASE_PROFILE}.jar"
384+
chmod g=u "/stackable/hbase/lib/phoenix-server-hbase-${HBASE_PROFILE}.jar"
385+
386+
# fix missing permissions
387+
chmod g=u /stackable/async-profiler
388+
chmod g=u /stackable/bin
389+
chmod g=u /stackable/jmx
390+
chmod g=u /stackable/phoenix
391+
# the whole directory tree /stackable/hadoop/share/hadoop/tools/lib/ must be adapted
392+
find /stackable/hadoop -type d -exec chmod g=u {} +
378393
EOF
379394

380395
# ----------------------------------------
381-
# Attention:
382-
# If you do any file based actions (copying / creating etc.) below this comment you
383-
# absolutely need to make sure that the correct permissions are applied!
384-
# chown ${STACKABLE_USER_UID}:0
396+
# Checks
397+
# This section is to run final checks to ensure the created final images
398+
# adhere to several minimal requirements like:
399+
# - check file permissions and ownerships
400+
# ----------------------------------------
401+
402+
# Check that permissions and ownership in /stackable are set correctly
403+
# This will fail and stop the build if any mismatches are found.
404+
RUN <<EOF
405+
/bin/check-permissions-ownership.sh /stackable ${STACKABLE_USER_UID} 0
406+
EOF
407+
385408
# ----------------------------------------
409+
# Attention: Do not perform any file based actions (copying/creating etc.) below this comment because the permissions would not be checked.
386410

387411
USER ${STACKABLE_USER_UID}
388412
ENV HBASE_CONF_DIR=/stackable/hbase/conf

0 commit comments

Comments
 (0)