commit fa39e6ee67d661aae820cd4336fc6213866fb312
author Scott Baker <smbaker@gmail.com> Mon Apr 10 17:46:51 2017 -0700
committer Scott Baker <scottb@onlab.us> Tue Apr 11 12:51:25 2017 -0700
tree 99d0db1b8aa9e305c61a8fb8c5a77921cb9ec154
parent 8a57c663dc17a149cedf6d819229e15ed419f146

CORD-1111 volume mount certs into legacy container images

Change-Id: I9b7a3b977b0ff056502c9c569982b4ca4f995480

xos/synchronizers/onboarding/xosbuilder.py

diff --git a/xos/synchronizers/onboarding/xosbuilder.py b/xos/synchronizers/onboarding/xosbuilder.py
index 1d1222a..ad7efd4 100644
--- a/xos/synchronizers/onboarding/xosbuilder.py
+++ b/xos/synchronizers/onboarding/xosbuilder.py
@@ -27,7 +27,6 @@
     SYNC_ALLCONTROLLER_KINDS = ["models", "django_library"]
 
     def __init__(self):
-        self.source_sync_image = "xosproject/xos"  # "xosproject/xos-synchronizer-openstack"
         self.build_dir = "/opt/xos/BUILD/"
         self.build_tainted = False
 
@@ -277,7 +276,7 @@
             return None
 
         dockerfile_fn = "Dockerfile.%s" % controller.name
-        dockerfile = ["FROM %s" % self.source_sync_image]
+        dockerfile = ["FROM %s" % controller.xos.source_ui_image]
         script = []
 
         # Now bake in models from this controller as well as the others
@@ -314,6 +313,13 @@
                                 "container_path": volume.container_path,
                                 "read_only": volume.read_only})
 
+        # Force all legacy UI and Synchronizer containers to include
+        # the certificate, so that it does not have to be built at build time.
+
+        volume_list.append({"host_path": "/opt/cord_profile/im_cert_chain.pem",
+                                  "container_path": "/usr/local/share/ca-certificates/local_certs.crt",
+                                  "read_only": True})
+
         if xos.extra_hosts:
             extra_hosts = [x.strip() for x in xos.extra_hosts.split(",")]
         else:
@@ -323,10 +329,6 @@
 
         containers = {}
 
-#         containers["xos_db"] = \
-#                            {"image": "xosproject/xos-postgres",
-#                             "expose": [5432]}
-
         external_links = []
         if xos.db_container_name:
             external_links.append("%s:%s" % (xos.db_container_name, "xos_db"))
@@ -469,9 +471,9 @@
                 elif c.loadable_module_resources.filter(kind="synchronizer").exists():
                     # old-style synchronizer containers
                     if c.synchronizer_run and c.synchronizer_config:
-                        command = 'bash -c "sleep 120; cd /opt/xos/synchronizers/%s; python ./%s -C %s"' % (c.name, c.synchronizer_run, c.synchronizer_config)
+                        command = 'bash -c "sleep 120; update-ca-certificates; cd /opt/xos/synchronizers/%s; python ./%s -C %s"' % (c.name, c.synchronizer_run, c.synchronizer_config)
                     else:
-                        command = 'bash -c "sleep 120; cd /opt/xos/synchronizers/%s; bash ./run.sh"' % c.name
+                        command = 'bash -c "sleep 120; update-ca-certificates; cd /opt/xos/synchronizers/%s; bash ./run.sh"' % c.name
 
                     containers["xos_synchronizer_%s" % c.name] = {
                         "image": "xosproject/xos-synchronizer-%s" % c.name,