This repository has been archived by the owner on Nov 3, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathDockerfile
66 lines (53 loc) · 2.16 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
FROM registry.opensource.zalan.do/library/python-3.8:latest
MAINTAINER team-code@zalando.de
ARG BACKUP_UTILS_VERSION=stable
# folder structure and user
RUN \
# read package lists
apt-get update -y && \
# update w/ latest security patches
# install python pip3 & english, git, screen etc
apt-get install -y --no-install-recommends unattended-upgrades python3 python3-dev python3-pip python3-yaml && \
apt-get install -y --no-install-recommends git && \
apt-get install -y --no-install-recommends ssh && \
apt-get install -y --no-install-recommends bash && \
apt-get install -y --no-install-recommends rsync && \
apt-get install -y --no-install-recommends cron && \
# install boto3
pip3 install --upgrade boto boto3 && \
# clean apt-get lists
rm -rf /var/lib/apt/lists/* && \
# create directories
mkdir -p /backup/backup-utils/ && \
mkdir -p /kms && mkdir -p /var/log/ && mkdir /delete-instuck-backups
WORKDIR /backup
RUN \
# clone backup-utils
git clone https://github.com/github/backup-utils.git && \
git -C /backup/backup-utils checkout $BACKUP_UTILS_VERSION
# copy predefined backup config
COPY backup.config /backup/backup-utils/backup.config
# copy files to decrypt private ssh key using kms
COPY python/extract_decrypt_kms.py /kms/extract_decrypt_kms.py
COPY convert-kms-private-ssh-key.sh /kms/convert-kms-private-ssh-key.sh
COPY start_backup.sh /start_backup.sh
# copy file to drop in stuck backup
COPY python/delete_instuck_progress.py /delete-instuck-backups/delete_instuck_progress.py
# copy cron job
COPY cron-ghe-backup /etc/cron.d/ghe-backup
# copy finale CMD commands
COPY final-docker-cmd.sh /backup/final-docker-cmd.sh
COPY replace-convert-properties.sh /backup/replace-convert-properties.sh
#PLACEHOLDER_4_COPY_SCM_SOURCE_JSON
RUN \
# change mode of files
chmod 0644 /etc/cron.d/ghe-backup && \
chmod +x /kms/extract_decrypt_kms.py && \
chmod +x /kms/convert-kms-private-ssh-key.sh && \
chmod +x /delete-instuck-backups/delete_instuck_progress.py && \
chmod +x /start_backup.sh && \
chmod +x /backup/replace-convert-properties.sh && \
chmod +x /backup/final-docker-cmd.sh
USER root
# cron must run as root
CMD "/backup/final-docker-cmd.sh"