[jenkins-ci PATCH v2 7/9] lcitool: avoid using an env var to store package list

Daniel P. Berrangé <berrange@xxxxxxxxxx> · Tue, 5 Feb 2019 17:53:04 +0000

Every statement in a dockerfile results in a new layer in the
image. There is no need for an env var to store the package list
when it can be included inline. This avoids the env variable being
later exposed to the container at runtime.

Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
 guests/lcitool | 27 +++++++++++++++------------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/guests/lcitool b/guests/lcitool
index eb111b8..cd757eb 100755
--- a/guests/lcitool
+++ b/guests/lcitool
@@ -530,43 +530,46 @@ class Application:
                 if os_full in mappings[package]:
                     temp[package] = mappings[package][os_full]
 
-        flattened = []
+        pkgs = []
         for item in temp:
-            if temp[item] is not None and temp[item] not in flattened:
-                flattened += [temp[item]]
+            pkgname = temp[item]
+            if pkgname is None:
+                continue
+            if pkgname not in pkgs:
+                pkgs.append(pkgname)
 
         print("FROM {}".format(facts["docker_base"]))
 
-        sys.stdout.write("ENV PACKAGES ")
-        sys.stdout.write(" \\\n             ".join(sorted(flattened)))
-
+        varmap = {}
+        varmap["pkgs"] = "".join([" \\\n            " + pkgname
+                                  for pkgname in sorted(pkgs)])
         if package_format == "deb":
             sys.stdout.write(textwrap.dedent("""
                 RUN DEBIAN_FRONTEND=noninteractive && \\
                     ( \\
                         apt-get update && \\
                         apt-get dist-upgrade -y && \\
-                        apt-get install --no-install-recommends -y ${PACKAGES} && \\
+                        apt-get install --no-install-recommends -y %(pkgs)s && \\
                         apt-get autoremove -y && \\
                         apt-get autoclean -y \\
                     )
-            """))
+            """) % varmap )
         elif package_format == "rpm":
             if os_name == "Fedora" and os_version == "Rawhide":
                 sys.stdout.write(textwrap.dedent("""
                     RUN yum update -y --nogpgcheck fedora-gpg-keys && \\
                         yum update -y && \\
-                        yum install -y ${PACKAGES} && \\
+                        yum install -y %(pkgs)s && \\
                         yum autoremove -y && \\
                         yum clean all -y
-                """))
+                """) % varmap )
             else:
                 sys.stdout.write(textwrap.dedent("""
                     RUN yum update -y && \\
-                        yum install -y ${PACKAGES} && \\
+                        yum install -y %(pkgs)s && \\
                         yum autoremove -y && \\
                         yum clean all -y
-                """))
+                """) % varmap )
 
     def run(self):
         cmdline = self._parser.parse_args()
-- 
2.20.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list







