From dc80696e82f96348eb18ae2d3ed7bb0596670a3a Mon Sep 17 00:00:00 2001 From: Pawan Pinjarkar Date: Tue, 2 Sep 2025 11:27:01 -0400 Subject: [PATCH 1/6] AGENT-1261: Update dependency sourcing to remote --- .../Containerfile.ocp | 42 ++++++++++++++++--- 1 file changed, 36 insertions(+), 6 deletions(-) diff --git a/apps/assisted-disconnected-ui/Containerfile.ocp b/apps/assisted-disconnected-ui/Containerfile.ocp index 34a4503ef3..f182410215 100644 --- a/apps/assisted-disconnected-ui/Containerfile.ocp +++ b/apps/assisted-disconnected-ui/Containerfile.ocp @@ -1,19 +1,49 @@ FROM registry.ci.openshift.org/ocp/builder:rhel-9-base-nodejs-openshift-4.19 AS ui-build + +# The REMOTE_SOURCES value is set by the build system to indicate the location of the cachito-backed artifacts cache. +# As cachito might not be available in all environments, we need to make sure the value is set before trying to use it and +# that the COPY layer below doesn't fail. Setting it to be the Dockerfile itself is fairly safe, as it will always be +# available. +ARG REMOTE_SOURCES +ARG REMOTE_SOURCES_DIR=/remote-sources + +COPY $REMOTE_SOURCES $REMOTE_SOURCES_DIR + USER root WORKDIR /app -COPY --chown=1001:0 / /app -RUN ls /app +COPY --chown=1001:0 . /app ENV NODE_OPTIONS='--max-old-space-size=8192' RUN git config --global --add safe.directory /app -RUN npm install -g corepack@0.24.1 -RUN yarn install --immutable && yarn build:all + +# bootstrap yarn so we can install and run the other tools. +USER 0 +ARG YARN_VERSION=v3.4.1 +RUN CACHED_YARN=./artifacts/yarn-${YARN_VERSION}.tar.gz; \ + if [ -f ${CACHED_YARN} ]; then \ + npm install -g ${CACHED_YARN}; \ + else \ + echo "need yarn at ${CACHED_YARN}"; \ + exit 1; \ + fi + +# use dependencies provided by Cachito +RUN test -d ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps || exit 1; \ + cp -f $REMOTE_SOURCES_DIR/cachito-gomod-with-deps/app/{.npmrc,.yarnrc,yarn.lock,registry-ca.pem} . \ + && source ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/cachito.env \ + && yarn install --immutable && yarn build:all FROM registry.ci.openshift.org/ocp/builder:rhel-9-golang-1.23-openshift-4.19 as proxy-build +ARG REMOTE_SOURCES_DIR=/remote-sources WORKDIR /app -COPY apps/assisted-disconnected-ui/proxy /app +# Use Cachito-provided source + deps for offline build +COPY --from=ui-build ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/app/ /app USER 0 -RUN go build +# Build deterministically and name the output explicitly +ENV CGO_ENABLED=0 +RUN source ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/cachito.env; \ + if [ -d vendor ]; then export GOFLAGS="-mod=vendor"; fi; \ + go build -o assisted-disconnected-ui . FROM registry.ci.openshift.org/ocp/ubi-micro:9 COPY --from=ui-build /app/apps/assisted-disconnected-ui/build /app/proxy/dist From 534f5be00ebc5688d05c20d84ed0015e8e8a41c2 Mon Sep 17 00:00:00 2001 From: Pawan Pinjarkar Date: Tue, 2 Sep 2025 17:43:16 -0400 Subject: [PATCH 2/6] review fixes --- apps/assisted-disconnected-ui/Containerfile.ocp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/assisted-disconnected-ui/Containerfile.ocp b/apps/assisted-disconnected-ui/Containerfile.ocp index f182410215..2f943634a1 100644 --- a/apps/assisted-disconnected-ui/Containerfile.ocp +++ b/apps/assisted-disconnected-ui/Containerfile.ocp @@ -4,7 +4,7 @@ FROM registry.ci.openshift.org/ocp/builder:rhel-9-base-nodejs-openshift-4.19 AS # As cachito might not be available in all environments, we need to make sure the value is set before trying to use it and # that the COPY layer below doesn't fail. Setting it to be the Dockerfile itself is fairly safe, as it will always be # available. -ARG REMOTE_SOURCES +ARG REMOTE_SOURCES=apps/assisted-disconnected-ui/Containerfile ARG REMOTE_SOURCES_DIR=/remote-sources COPY $REMOTE_SOURCES $REMOTE_SOURCES_DIR @@ -23,7 +23,7 @@ RUN CACHED_YARN=./artifacts/yarn-${YARN_VERSION}.tar.gz; \ if [ -f ${CACHED_YARN} ]; then \ npm install -g ${CACHED_YARN}; \ else \ - echo "need yarn at ${CACHED_YARN}"; \ + npm install https://github.com/yarnpkg/yarn/releases/download/${YARN_VERSION}/yarn-${YARN_VERSION}.tar.gz; \ exit 1; \ fi From 987f5f2785f92ff093f54014f93d799950ec25a8 Mon Sep 17 00:00:00 2001 From: Pawan Pinjarkar Date: Tue, 2 Sep 2025 17:55:18 -0400 Subject: [PATCH 3/6] Making the structure as close as Console repo's dockerfile --- .../Containerfile.ocp | 38 ++++++++++++------- 1 file changed, 25 insertions(+), 13 deletions(-) diff --git a/apps/assisted-disconnected-ui/Containerfile.ocp b/apps/assisted-disconnected-ui/Containerfile.ocp index 2f943634a1..822cf7a072 100644 --- a/apps/assisted-disconnected-ui/Containerfile.ocp +++ b/apps/assisted-disconnected-ui/Containerfile.ocp @@ -1,5 +1,21 @@ +################################################## +# +# nodejs frontend build FROM registry.ci.openshift.org/ocp/builder:rhel-9-base-nodejs-openshift-4.19 AS ui-build +USER 0 + +ARG YARN_VERSION=v3.4.1 + +# bootstrap yarn so we can install and run the other tools. +RUN CACHED_YARN=./artifacts/yarn-${YARN_VERSION}.tar.gz; \ + if [ -f ${CACHED_YARN} ]; then \ + npm install -g ${CACHED_YARN}; \ + else \ + npm install https://github.com/yarnpkg/yarn/releases/download/${YARN_VERSION}/yarn-${YARN_VERSION}.tar.gz; \ + exit 1; \ + fi + # The REMOTE_SOURCES value is set by the build system to indicate the location of the cachito-backed artifacts cache. # As cachito might not be available in all environments, we need to make sure the value is set before trying to use it and # that the COPY layer below doesn't fail. Setting it to be the Dockerfile itself is fairly safe, as it will always be @@ -9,33 +25,26 @@ ARG REMOTE_SOURCES_DIR=/remote-sources COPY $REMOTE_SOURCES $REMOTE_SOURCES_DIR -USER root - WORKDIR /app COPY --chown=1001:0 . /app ENV NODE_OPTIONS='--max-old-space-size=8192' RUN git config --global --add safe.directory /app -# bootstrap yarn so we can install and run the other tools. -USER 0 -ARG YARN_VERSION=v3.4.1 -RUN CACHED_YARN=./artifacts/yarn-${YARN_VERSION}.tar.gz; \ - if [ -f ${CACHED_YARN} ]; then \ - npm install -g ${CACHED_YARN}; \ - else \ - npm install https://github.com/yarnpkg/yarn/releases/download/${YARN_VERSION}/yarn-${YARN_VERSION}.tar.gz; \ - exit 1; \ - fi - # use dependencies provided by Cachito RUN test -d ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps || exit 1; \ cp -f $REMOTE_SOURCES_DIR/cachito-gomod-with-deps/app/{.npmrc,.yarnrc,yarn.lock,registry-ca.pem} . \ && source ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/cachito.env \ && yarn install --immutable && yarn build:all +################################################## +# +# go backend build FROM registry.ci.openshift.org/ocp/builder:rhel-9-golang-1.23-openshift-4.19 as proxy-build + ARG REMOTE_SOURCES_DIR=/remote-sources + WORKDIR /app + # Use Cachito-provided source + deps for offline build COPY --from=ui-build ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/app/ /app USER 0 @@ -45,6 +54,9 @@ RUN source ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/cachito.env; \ if [ -d vendor ]; then export GOFLAGS="-mod=vendor"; fi; \ go build -o assisted-disconnected-ui . +################################################## +# +# actual base image for final product FROM registry.ci.openshift.org/ocp/ubi-micro:9 COPY --from=ui-build /app/apps/assisted-disconnected-ui/build /app/proxy/dist COPY --from=proxy-build /app/assisted-disconnected-ui /app/proxy From 89f4ae70e2dd4b64d5849d59a9ddb67b4816fcd5 Mon Sep 17 00:00:00 2001 From: Pawan Pinjarkar Date: Tue, 2 Sep 2025 18:00:43 -0400 Subject: [PATCH 4/6] =?UTF-8?q?Use=20POSIX=20=E2=80=98.=E2=80=99=20instead?= =?UTF-8?q?=20of=20=E2=80=98source=E2=80=99=20to=20load=20cachito.env?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assisted-disconnected-ui/Containerfile.ocp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/assisted-disconnected-ui/Containerfile.ocp b/apps/assisted-disconnected-ui/Containerfile.ocp index 822cf7a072..78a91c8e90 100644 --- a/apps/assisted-disconnected-ui/Containerfile.ocp +++ b/apps/assisted-disconnected-ui/Containerfile.ocp @@ -33,7 +33,7 @@ RUN git config --global --add safe.directory /app # use dependencies provided by Cachito RUN test -d ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps || exit 1; \ cp -f $REMOTE_SOURCES_DIR/cachito-gomod-with-deps/app/{.npmrc,.yarnrc,yarn.lock,registry-ca.pem} . \ - && source ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/cachito.env \ + && . ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/cachito.env \ && yarn install --immutable && yarn build:all ################################################## @@ -50,7 +50,7 @@ COPY --from=ui-build ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/app/ /app USER 0 # Build deterministically and name the output explicitly ENV CGO_ENABLED=0 -RUN source ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/cachito.env; \ +RUN . ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/cachito.env; \ if [ -d vendor ]; then export GOFLAGS="-mod=vendor"; fi; \ go build -o assisted-disconnected-ui . From e4669cb71a8f82778ce091dc7a4c63c2d269c28d Mon Sep 17 00:00:00 2001 From: Pawan Pinjarkar Date: Tue, 2 Sep 2025 18:44:43 -0400 Subject: [PATCH 5/6] fix filename --- apps/assisted-disconnected-ui/Containerfile.ocp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/assisted-disconnected-ui/Containerfile.ocp b/apps/assisted-disconnected-ui/Containerfile.ocp index 78a91c8e90..044fa722b1 100644 --- a/apps/assisted-disconnected-ui/Containerfile.ocp +++ b/apps/assisted-disconnected-ui/Containerfile.ocp @@ -20,7 +20,7 @@ RUN CACHED_YARN=./artifacts/yarn-${YARN_VERSION}.tar.gz; \ # As cachito might not be available in all environments, we need to make sure the value is set before trying to use it and # that the COPY layer below doesn't fail. Setting it to be the Dockerfile itself is fairly safe, as it will always be # available. -ARG REMOTE_SOURCES=apps/assisted-disconnected-ui/Containerfile +ARG REMOTE_SOURCES=apps/assisted-disconnected-ui/Containerfile.ocp ARG REMOTE_SOURCES_DIR=/remote-sources COPY $REMOTE_SOURCES $REMOTE_SOURCES_DIR From 028616f3727f8e65f46ffb336eca9fdba5d5d061 Mon Sep 17 00:00:00 2001 From: Pawan Pinjarkar Date: Wed, 3 Sep 2025 09:48:22 -0400 Subject: [PATCH 6/6] Updated base image, fixed unwanted cachito.env usage --- apps/assisted-disconnected-ui/Containerfile.ocp | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/apps/assisted-disconnected-ui/Containerfile.ocp b/apps/assisted-disconnected-ui/Containerfile.ocp index 044fa722b1..9e754b01ab 100644 --- a/apps/assisted-disconnected-ui/Containerfile.ocp +++ b/apps/assisted-disconnected-ui/Containerfile.ocp @@ -32,7 +32,7 @@ RUN git config --global --add safe.directory /app # use dependencies provided by Cachito RUN test -d ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps || exit 1; \ - cp -f $REMOTE_SOURCES_DIR/cachito-gomod-with-deps/app/{.npmrc,.yarnrc,yarn.lock,registry-ca.pem} . \ + cp -f $REMOTE_SOURCES_DIR/cachito-gomod-with-deps/app/{.yarnrc.yml,yarn.lock,.package.json,apps/assisted-disconnected-ui/package.json} . \ && . ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/cachito.env \ && yarn install --immutable && yarn build:all @@ -50,14 +50,13 @@ COPY --from=ui-build ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/app/ /app USER 0 # Build deterministically and name the output explicitly ENV CGO_ENABLED=0 -RUN . ${REMOTE_SOURCES_DIR}/cachito-gomod-with-deps/cachito.env; \ - if [ -d vendor ]; then export GOFLAGS="-mod=vendor"; fi; \ +RUN if [ -d vendor ]; then export GOFLAGS="-mod=vendor"; fi; \ go build -o assisted-disconnected-ui . ################################################## # # actual base image for final product -FROM registry.ci.openshift.org/ocp/ubi-micro:9 +FROM registry.ci.openshift.org/ocp/4.20:base-rhel9 COPY --from=ui-build /app/apps/assisted-disconnected-ui/build /app/proxy/dist COPY --from=proxy-build /app/assisted-disconnected-ui /app/proxy WORKDIR /app/proxy