RANGER-4734: Docker setup updated to build Trino plugin package - #2
diff --git a/dev-support/ranger-docker/.env b/dev-support/ranger-docker/.env
index d671841..8102737 100644
--- a/dev-support/ranger-docker/.env
+++ b/dev-support/ranger-docker/.env
@@ -5,6 +5,10 @@
PROFILE=
BUILD_OPTS=
+# To build Trino plugins package, use following PROFILE and BUILD_OPTS
+PROFILE=ranger-jdk11,!all,!linux
+BUILD_OPTS=-pl !unixauthnative
+
# Java version for RangerBase image.
# This image gets used as base docker image for all images.
# Valid values: 8, 11, 17
@@ -13,7 +17,7 @@
# Java version to use to build Apache Ranger
# Valid values: 8, 11, 17
# Trino builds on jdk 11 and above
-RANGER_BUILD_JAVA_VERSION=8
+RANGER_BUILD_JAVA_VERSION=11
# Java version to use to run Ranger Admin server
# Valid values: 8, 11, 17
diff --git a/dev-support/ranger-docker/Dockerfile.ranger-trino b/dev-support/ranger-docker/Dockerfile.ranger-trino
index 546b118..c376b18 100644
--- a/dev-support/ranger-docker/Dockerfile.ranger-trino
+++ b/dev-support/ranger-docker/Dockerfile.ranger-trino
@@ -34,37 +34,41 @@
ARG TRINO_PLUGIN_VERSION
ENV PLUGIN_DIR=ranger-${TRINO_PLUGIN_VERSION}-trino-plugin
-RUN mkdir -p /home/ranger/dist
-RUN mkdir -p /opt/ranger
-RUN mkdir -p /home/ranger/scripts
-RUN groupadd ranger
-RUN useradd -g ranger -ms /bin/bash ranger
-RUN usermod -a -G ranger trino
-RUN chown -R ranger:ranger /home/ranger
-RUN chown -R ranger:ranger /opt/ranger
+RUN mkdir -p /home/ranger/dist /home/ranger/scripts /opt/ranger
COPY ./dist/version /home/ranger/dist
COPY ./dist/ranger-${TRINO_PLUGIN_VERSION}-trino-plugin.tar.gz /home/ranger/dist
COPY ./scripts/ranger-trino.sh /home/ranger/scripts
+COPY ./scripts/ranger-trino-setup.sh /home/ranger/scripts
COPY ./scripts/ranger-trino-plugin-install.properties /home/ranger/scripts
RUN if [ $TRINO_VERSION -ge 370 ] && [ $TRINO_VERSION -lt 390 ] || [ $TRINO_VERSION -eq 392 ]; then\
dnf install -y initscripts;\
dnf install -y openssh-clients;\
dnf install -y openssh-server;\
+ dnf install -y sudo;\
elif [ $TRINO_VERSION -ge 432 ]; then\
microdnf install -y gzip;\
microdnf install -y initscripts;\
microdnf install -y openssh-clients;\
microdnf install -y openssh-server;\
+ microdnf install -y sudo;\
else\
- apt-get update; DEBIAN_FRONTEND="noninteractive" apt-get -y install ssh;\
+ apt-get update; DEBIAN_FRONTEND="noninteractive" apt-get -y install ssh sudo;\
fi
-RUN tar xvfz /home/ranger/dist/${PLUGIN_DIR}.tar.gz --directory=/opt/ranger
-RUN ln -s /opt/ranger/${PLUGIN_DIR} /opt/ranger/ranger-trino-plugin
-RUN rm -f /home/ranger/dist/${PLUGIN_DIR}.tar.gz
-RUN cp -f /home/ranger/scripts/ranger-trino-plugin-install.properties /opt/ranger/ranger-trino-plugin/install.properties
-RUN chmod 744 /home/ranger/scripts/ranger-trino.sh
+RUN tar xvfz /home/ranger/dist/${PLUGIN_DIR}.tar.gz --directory=/opt/ranger && \
+ ln -s /opt/ranger/${PLUGIN_DIR} /opt/ranger/ranger-trino-plugin && \
+ rm -f /home/ranger/dist/${PLUGIN_DIR}.tar.gz && \
+ cp -f /home/ranger/scripts/ranger-trino-plugin-install.properties /opt/ranger/ranger-trino-plugin/install.properties && \
+ chown -R trino:trino /home/ranger /opt/ranger && \
+ chown root:root /home/ranger/scripts /home/ranger/scripts/ranger-trino-setup.sh && \
+ chmod 744 /home/ranger/scripts/ranger-trino-setup.sh /home/ranger/scripts/ranger-trino.sh
+
+# enable trino user to execute setup script as root
+RUN echo "trino ALL=(ALL) NOPASSWD:/home/ranger/scripts/ranger-trino-setup.sh" > /etc/sudoers.d/trino
+
+
+USER trino
ENTRYPOINT ["/home/ranger/scripts/ranger-trino.sh"]
diff --git a/dev-support/ranger-docker/docker-compose.ranger-build.yml b/dev-support/ranger-docker/docker-compose.ranger-build.yml
index 3dd4a4a..c8760aa 100644
--- a/dev-support/ranger-docker/docker-compose.ranger-build.yml
+++ b/dev-support/ranger-docker/docker-compose.ranger-build.yml
@@ -22,6 +22,7 @@
environment:
- BRANCH
- BUILD_HOST_SRC
+ - BUILD_OPTS
- PROFILE
- GIT_URL
- RANGER_VERSION
diff --git a/dev-support/ranger-docker/docker-compose.ranger-trino.yml b/dev-support/ranger-docker/docker-compose.ranger-trino.yml
index 1b15b85..14b42c2 100644
--- a/dev-support/ranger-docker/docker-compose.ranger-trino.yml
+++ b/dev-support/ranger-docker/docker-compose.ranger-trino.yml
@@ -9,7 +9,6 @@
- TRINO_VERSION=${TRINO_VERSION}
image: ranger-trino
hostname: ranger-trino
- user: root
container_name: ranger-trino
stdin_open: true
tty: true
diff --git a/dev-support/ranger-docker/scripts/ranger-build.sh b/dev-support/ranger-docker/scripts/ranger-build.sh
index 610b48c..0d3d75e 100755
--- a/dev-support/ranger-docker/scripts/ranger-build.sh
+++ b/dev-support/ranger-docker/scripts/ranger-build.sh
@@ -84,7 +84,7 @@
done
fi
-mvn ${ARG_PROFILES} ${ARG_SKIPTESTS} -DskipDocs ${BUILD_OPTS} clean package
+mvn ${ARG_PROFILES} ${BUILD_OPTS} ${ARG_SKIPTESTS} -DskipDocs clean package
mv -f target/version /home/ranger/dist/
mv -f target/ranger-* /home/ranger/dist/
diff --git a/dev-support/ranger-docker/scripts/ranger-trino-plugin-install.properties b/dev-support/ranger-docker/scripts/ranger-trino-plugin-install.properties
index c027cd3..8446f93 100644
--- a/dev-support/ranger-docker/scripts/ranger-trino-plugin-install.properties
+++ b/dev-support/ranger-docker/scripts/ranger-trino-plugin-install.properties
@@ -158,12 +158,12 @@
# Custom component user
# CUSTOM_COMPONENT_USER=<custom-user>
# keep blank if component user is default
-CUSTOM_USER=root
+CUSTOM_USER=
#
# Custom component group
# CUSTOM_COMPONENT_GROUP=<custom-group>
# keep blank if component group is default
-CUSTOM_GROUP=root
+CUSTOM_GROUP=
XAAUDIT.SUMMARY.ENABLE=false
diff --git a/dev-support/ranger-docker/scripts/ranger-trino-setup.sh b/dev-support/ranger-docker/scripts/ranger-trino-setup.sh
new file mode 100755
index 0000000..c3ac73a
--- /dev/null
+++ b/dev-support/ranger-docker/scripts/ranger-trino-setup.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+source /tmp/trino-setup-env.sh
+
+TRINO_PLUGIN_HOME=/opt/ranger/ranger-trino-plugin
+
+ssh-keygen -A
+/usr/sbin/sshd
+
+if [ ! -e ${TRINO_PLUGIN_HOME}/.setupDone ]
+then
+ su -c "ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa" trino
+ su -c "cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys" trino
+ su -c "chmod 0600 ~/.ssh/authorized_keys" trino
+
+ cat <<EOF > /etc/ssh/ssh_config
+Host *
+ StrictHostKeyChecking no
+ UserKnownHostsFile=/dev/null
+EOF
+
+ cd ${TRINO_PLUGIN_HOME} || exit
+ ./enable-trino-plugin.sh
+
+ touch ${TRINO_PLUGIN_HOME}/.setupDone
+ echo "Ranger Trino Plugin Installation is complete!"
+fi
diff --git a/dev-support/ranger-docker/scripts/ranger-trino.sh b/dev-support/ranger-docker/scripts/ranger-trino.sh
index 6ca92ec..e41bb02 100644
--- a/dev-support/ranger-docker/scripts/ranger-trino.sh
+++ b/dev-support/ranger-docker/scripts/ranger-trino.sh
@@ -1,26 +1,25 @@
#!/bin/bash
-ssh-keygen -A
-/usr/sbin/sshd
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
-if [ ! -e "${TRINO_HOME}"/.setupDone ]
-then
- su -c "ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa" trino
- su -c "cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys" trino
- su -c "chmod 0600 ~/.ssh/authorized_keys" trino
- cat <<EOF > /etc/ssh/ssh_config
-Host *
- StrictHostKeyChecking no
- UserKnownHostsFile=/dev/null
-EOF
+echo "export JAVA_HOME=${JAVA_HOME}" >> /tmp/trino-setup-env.sh
- cd /opt/ranger/ranger-trino-plugin || exit
- ./enable-trino-plugin.sh
-
- touch "${TRINO_HOME}"/.setupDone
- echo "Ranger Trino Plugin Installation is complete!"
-fi
+sudo /home/ranger/scripts/ranger-trino-setup.sh
/usr/lib/trino/bin/run-trino
