From fdbc721472e29f1772f9055647fd2692f27af445 Mon Sep 17 00:00:00 2001
From: Jason Frey <fryguy9@gmail.com>
Date: Fri, 8 Jul 2022 14:48:33 -0400
Subject: [PATCH] Clean more files after dnf installing

This change reduces the UI worker image size from 2.063GB to 2.018GB
(44MB, 2.1%)

- Add the removal of dnf logs, dnf history, and rpm __db lock files.
  This eliminates roughly 2-6MB per invocation.
- Move the cleaning of dnf and rpm assets into a script, which makes it
  easier to use across layers and images.
- Remove redundant rebuild of the rpm manifests, since ther are
  unnecessary unless rpm changes are made.
- Collapse the modifications of the httpd package into the same layer as
  when it's installed.

Part of #736
---
 images/manageiq-base-worker/Dockerfile        |  6 +---
 images/manageiq-base/Dockerfile               | 30 ++++++++++---------
 .../container-assets/clean_dnf_rpm            | 11 +++++++
 images/manageiq-orchestrator/Dockerfile       |  5 ----
 images/manageiq-ui-worker/Dockerfile          |  7 -----
 images/manageiq-webserver-worker/Dockerfile   | 27 +++++++++--------
 6 files changed, 42 insertions(+), 44 deletions(-)
 create mode 100755 images/manageiq-base/container-assets/clean_dnf_rpm

diff --git a/images/manageiq-base-worker/Dockerfile b/images/manageiq-base-worker/Dockerfile
index e9ac22047..e54188d18 100644
--- a/images/manageiq-base-worker/Dockerfile
+++ b/images/manageiq-base-worker/Dockerfile
@@ -7,6 +7,7 @@ COPY container-assets/ /vddk/
 
 RUN /vddk/extract-vmware-vddk
 
+################################################################################
 
 FROM ${FROM_REPO}/manageiq-base:${FROM_TAG}
 MAINTAINER ManageIQ https://manageiq.org
@@ -21,9 +22,4 @@ COPY --from=vddk /vddk/vmware-vix-disklib-distrib/ /usr/lib/vmware-vix-disklib/
 COPY container-assets/install-vmware-vddk /tmp/
 RUN /tmp/install-vmware-vddk
 
-RUN source /etc/default/evm && \
-    /usr/bin/generate_rpm_manifest.sh && \
-    dnf clean all && \
-    rm -rf /var/cache/dnf
-
 CMD ["entrypoint"]
diff --git a/images/manageiq-base/Dockerfile b/images/manageiq-base/Dockerfile
index b4bbab6b5..90745a924 100644
--- a/images/manageiq-base/Dockerfile
+++ b/images/manageiq-base/Dockerfile
@@ -9,6 +9,8 @@ ARG GIT_AUTH
 RUN mkdir build && \
     if [[ -n "$GIT_AUTH" ]]; then GIT_HOST=${GIT_AUTH}@${GIT_HOST}; fi && curl -L https://${GIT_HOST}/${BUILD_ORG}/${CORE_REPO_NAME}-appliance-build/tarball/${BUILD_REF} | tar vxz -C build --strip 1
 
+################################################################################
+
 FROM registry.access.redhat.com/ubi8/ubi
 MAINTAINER ManageIQ https://manageiq.org
 
@@ -33,8 +35,13 @@ LABEL name="manageiq-base" \
 RUN chmod -R g+w /etc/pki/ca-trust && \
     chmod -R g+w /usr/share/pki/ca-trust-legacy
 
+# Install dumb-init to be used as the entrypoiny
+RUN curl -L -o /usr/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v1.2.2/dumb-init_1.2.2_${ARCH} && \
+    chmod +x /usr/bin/dumb-init
+
 COPY rpms/* /tmp/rpms/
 COPY container-assets/create_local_yum_repo.sh /
+COPY container-assets/clean_dnf_rpm /usr/local/bin/
 
 RUN curl -L https://releases.ansible.com/ansible-runner/ansible-runner.el8.repo > /etc/yum.repos.d/ansible-runner.repo
 
@@ -56,30 +63,25 @@ RUN dnf -y --disableplugin=subscription-manager --setopt=tsflags=nodocs install
     dnf config-manager --setopt=ubi-8-*.exclude=dracut*,net-snmp*,perl-*,redhat-release* --save && \
     if [[ "$LOCAL_RPM" = "true" ]]; then /create_local_yum_repo.sh; fi && \
     dnf -y --setopt=tsflags=nodocs install \
-      ${RPM_PREFIX}-pods          \
-      python3-devel               \
-      &&                          \
-    dnf clean all && \
-    rm -rf /var/cache/dnf && \
+      ${RPM_PREFIX}-pods \
+      python3-devel && \
+    clean_dnf_rpm && \
     chgrp -R 0 $APP_ROOT && \
     chmod -R g=u $APP_ROOT
 
+# Add in the container_env file now that the APP_ROOT is created from the RPM
+ADD container-assets/container_env ${APP_ROOT}
+
 # Install python packages the same way the appliance does
 COPY --from=appliance_build build/kickstarts/partials/post/python_modules.ks.erb /tmp/python_modules
 RUN bash /tmp/python_modules && \
     rm -f /tmp/python_modules && \
     rm -rf /root/.cache/pip && \
-    dnf clean all && \
-    rm -rf /var/cache/dnf
-
-ADD container-assets/container_env ${APP_ROOT}
-
-RUN curl -L -o /usr/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v1.2.2/dumb-init_1.2.2_${ARCH} && \
-    chmod +x /usr/bin/dumb-init
+    clean_dnf_rpm
 
+# Build the RPM manifest
 RUN source /etc/default/evm && \
     /usr/bin/generate_rpm_manifest.sh && \
-    dnf clean all && \
-    rm -rf /var/cache/dnf
+    clean_dnf_rpm
 
 ENTRYPOINT ["/usr/bin/dumb-init", "--single-child", "--"]
diff --git a/images/manageiq-base/container-assets/clean_dnf_rpm b/images/manageiq-base/container-assets/clean_dnf_rpm
new file mode 100755
index 000000000..81f656d10
--- /dev/null
+++ b/images/manageiq-base/container-assets/clean_dnf_rpm
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# Cleanup dnf
+dnf clean all
+rm -rf /var/cache/dnf
+rm -rf /var/lib/dnf/history*
+rm -rf /var/log/dnf*.log
+rm -rf /var/log/hawkey.log
+
+# Cleanup rpm
+rm -rf /var/lib/rpm/__db.*
diff --git a/images/manageiq-orchestrator/Dockerfile b/images/manageiq-orchestrator/Dockerfile
index a859e49ed..29ed0cdc3 100644
--- a/images/manageiq-orchestrator/Dockerfile
+++ b/images/manageiq-orchestrator/Dockerfile
@@ -9,9 +9,4 @@ LABEL name="manageiq-orchestrator" \
 
 COPY container-assets/entrypoint /usr/local/bin
 
-RUN source /etc/default/evm && \
-    /usr/bin/generate_rpm_manifest.sh && \
-    dnf clean all && \
-    rm -rf /var/cache/dnf
-
 CMD ["entrypoint"]
diff --git a/images/manageiq-ui-worker/Dockerfile b/images/manageiq-ui-worker/Dockerfile
index 236417b38..4d61a89df 100644
--- a/images/manageiq-ui-worker/Dockerfile
+++ b/images/manageiq-ui-worker/Dockerfile
@@ -6,10 +6,3 @@ MAINTAINER ManageIQ https://manageiq.org
 
 LABEL name="manageiq-ui-worker" \
       summary="ManageIQ user interface worker image"
-
-RUN source /etc/default/evm && \
-    /usr/bin/generate_rpm_manifest.sh && \
-    dnf clean all && \
-    rm -rf /var/cache/dnf
-
-RUN rm -rf /tmp/rpms /create_local_yum_repo.sh /etc/yum.repos.d/local_rpm.repo
diff --git a/images/manageiq-webserver-worker/Dockerfile b/images/manageiq-webserver-worker/Dockerfile
index b3a7f4247..b8de9f004 100644
--- a/images/manageiq-webserver-worker/Dockerfile
+++ b/images/manageiq-webserver-worker/Dockerfile
@@ -9,23 +9,24 @@ ARG RPM_PREFIX=manageiq
 LABEL name="manageiq-webserver-worker" \
       summary="ManageIQ web server worker image"
 
-RUN dnf -y --setopt=tsflags=nodocs install ${RPM_PREFIX}-ui && \
-    dnf clean all && \
-    rm -rf /var/cache/dnf
-
 COPY container-assets/service-worker-entrypoint /usr/local/bin
 
-RUN rm -f /etc/httpd/conf.d/* && \
-    sed -i '/^Listen 80/d' /etc/httpd/conf/httpd.conf
-
-# Configure httpd to run without root privileges
-RUN chgrp root /var/run/httpd && chmod g+rwx /var/run/httpd && \
-    chgrp root /var/log/httpd && chmod g+rwx /var/log/httpd
-
+RUN dnf -y --setopt=tsflags=nodocs install \
+      ${RPM_PREFIX}-ui && \
+    clean_dnf_rpm && \
+    # Remove httpd default settings
+    rm -f /etc/httpd/conf.d/* && \
+    sed -i '/^Listen 80/d' /etc/httpd/conf/httpd.conf && \
+    # Configure httpd to run without root privileges
+    chgrp root /var/run/httpd && \
+    chmod g+rwx /var/run/httpd && \
+    chgrp root /var/log/httpd && \
+    chmod g+rwx /var/log/httpd
+
+# Build the RPM manifest
 RUN source /etc/default/evm && \
     /usr/bin/generate_rpm_manifest.sh && \
-    dnf clean all && \
-    rm -rf /var/cache/dnf
+    clean_dnf_rpm
 
 EXPOSE 3000
 EXPOSE 4000