Switch async images to UBI

Signed-off-by: Tom George <[email protected]>

dockerfiles/agent/Dockerfile

@@ -7,10 +7,11 @@
 #
 # SPDX-License-Identifier: EPL-2.0
 
-FROM alpine:3.11
+FROM registry.redhat.io/ubi8/ubi:8.3
 
 ENV USER=user \
     UID=12345 \
+    GROUP=group \
     GID=23456
 
 #cron task not work in openshift in case https://github.com/gliderlabs/docker-alpine/issues/381
@@ -20,36 +21,35 @@ ENV SUPERCRONIC_URL=https://github.com/aptible/supercronic/releases/download/v0.
     SUPERCRONIC_SHA1SUM=5ddf8ea26b56d4a7ff6faecdd8966610d5cb9d85
 
 COPY cron/backup-cron-job /etc/crontabs/backup-cron-job
-COPY scripts scripts
+COPY scripts /scripts
+COPY content_sets_centos8.repo /etc/yum.repos.d/
 
 # Add user that will be able to start watcher binary but nothing more
 # the result will be propagated then into scratch image
 # See https://stackoverflow.com/a/55757473/12429735RUN
-RUN addgroup --gid "$GID" "$USER" \
-       && adduser \
-       --disabled-password \
-       --gecos "" \
-       --home "$(pwd)" \
-       --ingroup "$USER" \
-       --no-create-home \
-       --uid "$UID" \
-       "$USER" \
+#
+RUN dnf update -y \ 
+      && dnf install -y \
+      shadow-utils \
+      rsync \
+      curl \
+      openssh-clients \
+      ca-certificates \
+      && dnf clean all \
+      && rm -rf /var/cache/yum \
+      && groupadd -g "$GID" "$GROUP" \ 
+      && useradd  --uid "$UID" \
+         --comment "" \
+         --home-dir "$(pwd)" \
+         --no-create-home \
+         "$USER" \
       && mkdir  /var/run/sshd && \
       # Change permissions to let any arbitrary user
       for f in  "/etc/passwd" "/var/run/sshd" "/scripts"; do \
         echo "Changing permissions on ${f}" && chgrp -R 0 ${f} && \
         chmod -R g+rwX ${f}; \
-      done \
-      # install needed software
-      && apk update \
-      && apk upgrade \
-      && apk add --no-cache \
-            rsync \
-            curl \
-            openssh \
-            ca-certificates \
-      && update-ca-certificates \
-      && rm -rf /var/cache/apk/* \
+      done  \
+      && update-ca-trust \
       #install supercronic
       && curl -fsSLO "$SUPERCRONIC_URL" \
       && echo "${SUPERCRONIC_SHA1SUM}  ${SUPERCRONIC}" | sha1sum -c - \

dockerfiles/agent/content_sets_centos8.repo

@@ -0,0 +1,11 @@
+[centos-8-for-appstream]
+name=centos-8-appstream
+baseurl=http://mirror.centos.org/centos-8/8/AppStream/$basearch/os
+enabled=1
+gpgcheck=0
+
+[centos-8-for-baseos]
+name=centos-8-baseos
+baseurl=http://mirror.centos.org/centos-8/8/BaseOS/$basearch/os
+enabled=1
+gpgcheck=0

dockerfiles/storage/Dockerfile

@@ -7,25 +7,26 @@
 #
 # SPDX-License-Identifier: EPL-2.0
 
-FROM alpine:3.11
+FROM registry.redhat.io/ubi8/ubi:8.3
 
+ADD content_sets_centos8.repo /etc/yum.repos.d/
 COPY  entrypoint.sh /usr/local/bin
 
 RUN mkdir /etc/ssh /var/run/sshd /.ssh \
+    && dnf update -y \
+    && dnf install -y \
+            rsync \
+            openssh-server \
+            ca-certificates \
+            passwd \
     && touch /.ssh/known_hosts \
+    && rm -rf /var/cache/yum /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key \
     # Change permissions to let any arbitrary user
     && for f in  "/etc/ssh" "/etc/passwd" "/.ssh" "/var/run/sshd" ; do \
         echo "Changing permissions on ${f}" && chgrp -R 0 ${f} && \
         chmod -R g+rwX ${f}; \
        done \
-    && apk update \
-    && apk upgrade \
-    && apk add --no-cache \
-            rsync \
-            openssh \
-            ca-certificates \
-    && update-ca-certificates \
-    && rm -rf /var/cache/apk/* /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key \
+    && update-ca-trust \
     && chmod 0550 /.ssh \
     && chmod 0777 /.ssh/known_hosts \
     && sed -i s/root:!/"root:*"/g /etc/shadow \

dockerfiles/storage/content_sets_centos8.repo

@@ -0,0 +1,11 @@
+[centos-8-for-appstream]
+name=centos-8-appstream
+baseurl=http://mirror.centos.org/centos-8/8/AppStream/$basearch/os
+enabled=1
+gpgcheck=0
+
+[centos-8-for-baseos]
+name=centos-8-baseos
+baseurl=http://mirror.centos.org/centos-8/8/BaseOS/$basearch/os
+enabled=1
+gpgcheck=0