From 6bf614309cc75e727f776d05e365c49cc86a948f Mon Sep 17 00:00:00 2001 From: Brandon Dunne Date: Wed, 22 Apr 2026 09:36:48 -0400 Subject: [PATCH 1/3] Upgrade to UBI 10 --- Dockerfile | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9aae776..1626319 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.access.redhat.com/ubi9/ubi-minimal:latest AS manifest +FROM registry.access.redhat.com/ubi10/ubi-minimal:latest AS manifest COPY .git /tmp/.git @@ -7,7 +7,7 @@ RUN cd /tmp && \ if [[ "$(cat .git/HEAD)" == "ref:"* ]]; then sha=$(cat .git/$sha); fi && \ echo "$(date +"%Y%m%d%H%M%S")-$sha" > /tmp/BUILD -FROM registry.access.redhat.com/ubi9/ubi-init +FROM registry.access.redhat.com/ubi10/ubi-init MAINTAINER ManageIQ https://github.com/ManageIQ/container-httpd ARG DBUS_API_REF=master @@ -19,7 +19,14 @@ LABEL name="auth-httpd" \ description="An httpd image which includes packages and configuration necessary for handling external authentication." RUN ARCH=$(uname -m) && \ - dnf -y --disableplugin=subscription-manager --setopt=tsflags=nodocs install \ + sed -i "s/enabled=1/enabled=0/g" /etc/dnf/plugins/subscription-manager.conf && \ + dnf -y install \ + http://mirror.stream.centos.org/10-stream/BaseOS/${ARCH}/os/Packages/centos-stream-repos-10.0-21.el10.noarch.rpm \ + http://mirror.stream.centos.org/10-stream/BaseOS/${ARCH}/os/Packages/centos-gpg-keys-10.0-21.el10.noarch.rpm && \ + dnf -y --setopt=protected_packages= swap redhat-release centos-stream-release && \ + dnf -y install epel-release && \ + /usr/bin/crb enable && \ + dnf -y --setopt=tsflags=nodocs install \ httpd \ mod_ssl \ # Apache External Authentication Module Packages \ @@ -27,14 +34,8 @@ RUN ARCH=$(uname -m) && \ mod_authnz_pam \ mod_intercept_form_submit \ mod_lookup_identity \ - mod_auth_mellon && \ - dnf -y --setopt=protected_packages= remove redhat-release && \ - dnf -y remove *subscription-manager* && \ - dnf -y --setopt=tsflags=nodocs install \ - http://mirror.stream.centos.org/9-stream/BaseOS/${ARCH}/os/Packages/centos-stream-release-9.0-34.el9.noarch.rpm \ - http://mirror.stream.centos.org/9-stream/BaseOS/${ARCH}/os/Packages/centos-stream-repos-9.0-34.el9.noarch.rpm \ - http://mirror.stream.centos.org/9-stream/BaseOS/${ARCH}/os/Packages/centos-gpg-keys-9.0-34.el9.noarch.rpm && \ - dnf -y --disableplugin=subscription-manager --setopt=tsflags=nodocs install \ + # Apache External Authentication Module Packages \ + mod_auth_mellon \ # IPA External Authentication Packages \ c-ares \ certmonger \ From a80ef15bd5e140573d22206591e187a90b943fbf Mon Sep 17 00:00:00 2001 From: Brandon Dunne Date: Wed, 22 Apr 2026 16:39:02 -0400 Subject: [PATCH 2/3] Reuse common logic --- Dockerfile | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1626319..d93f7fe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,14 +18,9 @@ LABEL name="auth-httpd" \ summary="httpd image with external authentication" \ description="An httpd image which includes packages and configuration necessary for handling external authentication." -RUN ARCH=$(uname -m) && \ - sed -i "s/enabled=1/enabled=0/g" /etc/dnf/plugins/subscription-manager.conf && \ - dnf -y install \ - http://mirror.stream.centos.org/10-stream/BaseOS/${ARCH}/os/Packages/centos-stream-repos-10.0-21.el10.noarch.rpm \ - http://mirror.stream.centos.org/10-stream/BaseOS/${ARCH}/os/Packages/centos-gpg-keys-10.0-21.el10.noarch.rpm && \ - dnf -y --setopt=protected_packages= swap redhat-release centos-stream-release && \ - dnf -y install epel-release && \ - /usr/bin/crb enable && \ +RUN --mount=type=bind,from=quay.io/manageiq/build_tools:v1,source=/tools,target=/usr/local/bin \ + miq_switch_to_centos_stream_10 && \ + miq_enable_epel && \ dnf -y --setopt=tsflags=nodocs install \ httpd \ mod_ssl \ @@ -53,8 +48,7 @@ RUN ARCH=$(uname -m) && \ oddjob-mkhomedir \ samba-common \ samba-common-tools && \ - dnf clean all && \ - rm -rf /var/cache/dnf + miq_clean_dnf_rpm ## Remove any existing configurations RUN rm -f /etc/httpd/conf.d/* && \ From 8ca9414ed88c78726f26dbf7b8c0c0c00fc34528 Mon Sep 17 00:00:00 2001 From: Brandon Dunne Date: Wed, 22 Apr 2026 16:43:40 -0400 Subject: [PATCH 3/3] Cleanup --- Dockerfile | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index d93f7fe..1b67ccc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,28 +24,27 @@ RUN --mount=type=bind,from=quay.io/manageiq/build_tools:v1,source=/tools,target= dnf -y --setopt=tsflags=nodocs install \ httpd \ mod_ssl \ + ruby \ # Apache External Authentication Module Packages \ mod_auth_gssapi \ + mod_auth_mellon \ + mod_auth_openidc \ mod_authnz_pam \ mod_intercept_form_submit \ mod_lookup_identity \ - # Apache External Authentication Module Packages \ - mod_auth_mellon \ # IPA External Authentication Packages \ c-ares \ certmonger \ - ipa-client \ ipa-admintools \ + ipa-client \ # SSSD Packages \ sssd \ sssd-dbus \ - # Apache External Authentication Module Packages \ - mod_auth_openidc \ # Active Directory External Authentication Packages \ adcli \ - realmd \ oddjob \ oddjob-mkhomedir \ + realmd \ samba-common \ samba-common-tools && \ miq_clean_dnf_rpm @@ -55,11 +54,6 @@ RUN rm -f /etc/httpd/conf.d/* && \ sed -i 's+ErrorLog "logs/error_log"+ErrorLog "/dev/stderr"+g' /etc/httpd/conf/httpd.conf && \ sed -i 's+CustomLog "logs/access_log" combined+CustomLog "/dev/stdout" combined+g' /etc/httpd/conf/httpd.conf -RUN dnf -y --disableplugin=subscription-manager --setopt=tsflags=nodocs install \ - ruby && \ - dnf clean all && \ - rm -rf /var/cache/dnf - ## Install DBus API Service ENV HTTPD_DBUS_API_SERVICE_DIRECTORY=/opt/dbus_api_service ENV HTTPD_DBUS_API_SERVICE_PORT=8081