root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 249 Packages Projects Releases Wiki Activity

Docker: OpenShift compatability (#27813) 

* openshift wip

* Docker: switches from grafana group to root group

* Docker: make group fully configurable

* Docker: create custom grafana group if needed

* Docker: removes duplicated group permission

* Docker: more unneccesary changes
This commit is contained in:
Leonard Gram 2020-10-14 13:38:04 +02:00 committed by GitHub
parent a779622982
commit fa45731b7f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
packaging/docker/Dockerfile
View File

@ -14,7 +14,7 @@ RUN mkdir /tmp/grafana && tar xzf /tmp/grafana.tar.gz --strip-components=1 -C /t
FROM ${BASE_IMAGE} FROM ${BASE_IMAGE}
ARG GF_UID="472" ARG GF_UID="472"
ARG GF_GID="472" ARG GF_GID="0"
ENV PATH=/usr/share/grafana/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ ENV PATH=/usr/share/grafana/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
GF_PATHS_CONFIG="/etc/grafana/grafana.ini" \ GF_PATHS_CONFIG="/etc/grafana/grafana.ini" \
@ -46,9 +46,13 @@ RUN if [ `arch` = "x86_64" ]; then \
COPY --from=0 /tmp/grafana "$GF_PATHS_HOME" COPY --from=0 /tmp/grafana "$GF_PATHS_HOME"
RUN mkdir -p "$GF_PATHS_HOME/.aws" && \ RUN if [ ! $(getent group "$GF_GID") ]; then \
addgroup -S -g $GF_GID grafana && \ addgroup -S -g $GF_GID grafana; \
adduser -S -u $GF_UID -G grafana grafana && \ fi
RUN export GF_GID_NAME=$(getent group $GF_GID | cut -d':' -f1) && \
mkdir -p "$GF_PATHS_HOME/.aws" && \
adduser -S -u $GF_UID -G "$GF_GID_NAME" grafana && \
mkdir -p "$GF_PATHS_PROVISIONING/datasources" \ mkdir -p "$GF_PATHS_PROVISIONING/datasources" \
"$GF_PATHS_PROVISIONING/dashboards" \ "$GF_PATHS_PROVISIONING/dashboards" \
"$GF_PATHS_PROVISIONING/notifiers" \ "$GF_PATHS_PROVISIONING/notifiers" \
@ -58,12 +62,12 @@ RUN mkdir -p "$GF_PATHS_HOME/.aws" && \
"$GF_PATHS_DATA" && \ "$GF_PATHS_DATA" && \
cp "$GF_PATHS_HOME/conf/sample.ini" "$GF_PATHS_CONFIG" && \ cp "$GF_PATHS_HOME/conf/sample.ini" "$GF_PATHS_CONFIG" && \
cp "$GF_PATHS_HOME/conf/ldap.toml" /etc/grafana/ldap.toml && \ cp "$GF_PATHS_HOME/conf/ldap.toml" /etc/grafana/ldap.toml && \
chown -R grafana:grafana "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING" && \ chown -R "grafana:$GF_GID_NAME" "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING" && \
chmod -R 777 "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING" chmod -R 777 "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING"
EXPOSE 3000 EXPOSE 3000
COPY ./run.sh /run.sh COPY ./run.sh /run.sh
USER grafana USER "$GF_UID"
ENTRYPOINT [ "/run.sh" ] ENTRYPOINT [ "/run.sh" ]

16
packaging/docker/ubuntu.Dockerfile
View File

@ -14,7 +14,7 @@ EXPOSE 3000
# Set DEBIAN_FRONTEND=noninteractive in environment at build-time # Set DEBIAN_FRONTEND=noninteractive in environment at build-time
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND=noninteractive
ARG GF_UID="472" ARG GF_UID="472"
ARG GF_GID="472" ARG GF_GID="0"
ENV PATH=/usr/share/grafana/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ ENV PATH=/usr/share/grafana/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
GF_PATHS_CONFIG="/etc/grafana/grafana.ini" \ GF_PATHS_CONFIG="/etc/grafana/grafana.ini" \
@ -33,9 +33,13 @@ RUN apt-get update && apt-get install -y ca-certificates curl tzdata && \
COPY --from=grafana-builder /tmp/grafana "$GF_PATHS_HOME" COPY --from=grafana-builder /tmp/grafana "$GF_PATHS_HOME"
RUN mkdir -p "$GF_PATHS_HOME/.aws" && \ RUN if [ ! $(getent group "$GF_GID") ]; then \
addgroup --system --gid $GF_GID grafana && \ addgroup --system --gid $GF_GID grafana; \
adduser --system --uid $GF_UID --ingroup grafana grafana && \ fi
RUN export GF_GID_NAME=$(getent group $GF_GID | cut -d':' -f1) && \
mkdir -p "$GF_PATHS_HOME/.aws" && \
adduser --system --uid $GF_UID --ingroup "$GF_GID_NAME" grafana && \
mkdir -p "$GF_PATHS_PROVISIONING/datasources" \ mkdir -p "$GF_PATHS_PROVISIONING/datasources" \
"$GF_PATHS_PROVISIONING/dashboards" \ "$GF_PATHS_PROVISIONING/dashboards" \
"$GF_PATHS_PROVISIONING/notifiers" \ "$GF_PATHS_PROVISIONING/notifiers" \
@ -45,10 +49,10 @@ RUN mkdir -p "$GF_PATHS_HOME/.aws" && \
"$GF_PATHS_DATA" && \ "$GF_PATHS_DATA" && \
cp "$GF_PATHS_HOME/conf/sample.ini" "$GF_PATHS_CONFIG" && \ cp "$GF_PATHS_HOME/conf/sample.ini" "$GF_PATHS_CONFIG" && \
cp "$GF_PATHS_HOME/conf/ldap.toml" /etc/grafana/ldap.toml && \ cp "$GF_PATHS_HOME/conf/ldap.toml" /etc/grafana/ldap.toml && \
chown -R grafana:grafana "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING" && \ chown -R "grafana:$GF_GID_NAME" "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING" && \
chmod -R 777 "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING" chmod -R 777 "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING"
COPY ./run.sh /run.sh COPY ./run.sh /run.sh
USER grafana USER "$GF_UID"
ENTRYPOINT [ "/run.sh" ] ENTRYPOINT [ "/run.sh" ]