import cloudfoundry-incubator/docker-boshrelease

.github/dependabot.yml

@@ -0,0 +1,12 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  # Ruby dependencies
+  - package-ecosystem: "bundler"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/stale.yml

@@ -0,0 +1,22 @@
+name: Mark stale issues and pull requests
+
+on:
+  schedule:
+  - cron: '43 9 * * *'
+
+jobs:
+  stale:
+
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
+
+    steps:
+    - uses: actions/stale@v3
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+        stale-issue-message: 'Stale issue message'
+        stale-pr-message: 'Stale pull request message'
+        stale-issue-label: 'no-issue-activity'
+        stale-pr-label: 'no-pr-activity'

jobs/containers/monit

@@ -0,0 +1,7 @@
+<% p('containers', []).each do |container| %>
+check process <%= container['name'] %> with pidfile /var/vcap/sys/run/containers/<%= container['name'] %>.pid
+  group vcap
+  start program "/var/vcap/packages/bosh-helpers/monit_debugger <%= container['name'] %>_ctl '/var/vcap/jobs/containers/bin/ctl start <%= container['name'] %>'" <% unless container['timeout'].to_s.empty? %>with timeout <%= container['timeout'] %> seconds<% end %>
+  stop program "/var/vcap/packages/bosh-helpers/monit_debugger <%= container['name'] %>_ctl '/var/vcap/jobs/containers/bin/ctl stop <%= container['name'] %>'"
+  depends on <%= ['docker'].concat(Array(container.fetch('depends_on', []))).join(',') %>
+<% end %>

jobs/containers/spec

@@ -0,0 +1,63 @@
+---
+name: containers
+
+packages:
+  - bosh-helpers
+
+templates:
+  bin/ctl: bin/ctl
+  bin/job_properties.sh.erb: bin/job_properties.sh
+
+properties:
+  containers:
+    description: "Containers Array (see below for details)"
+    example: |
+      containers.name: String containing the name of the container
+      containers.image: String containing the name of the image to create/run
+      containers.command: Optional String containing the command to the run (including arguments)
+      containers.blkio_weight: Optional string containing the Block IO (relative weight)
+      containers.cap_adds: Optional array of Linux capabilities to add
+      containers.cap_drops: Optional array of Linux capabilities to drop
+      containers.cpu_period: Optional string containing the CPU CFS (Completely Fair Scheduler) period limit
+      containers.cpu_quota: Optional string containing the CPU CFS (Completely Fair Scheduler) quota limit
+      containers.cpu_shares: Optional string containing the CPU shares to assign to the container (relative weight)
+      containers.depends_on: Optional array of names of others containers in the same job that this container depends on
+      containers.devices: Optional array of host devices to add to the container
+      containers.disable_content_trust: Optional boolean to skip image verification
+      containers.dns: Optional array of strings to set custom DNS servers
+      containers.dns_options: Optional array of strings to set custom DNS servers
+      containers.dns_search: Optional array of strings to set custom DNS search domains
+      containers.entrypoint: Optional string containing the entrypoint (only if you want to override the default entrypoint set by the image)
+      containers.env_file: Optional paths to files of environment variables to pass to the container
+      containers.env_vars: Optional array of environment variables to pass to the container
+      containers.expose_ports: Optional array of network port to expose from the container without publishing it to your host
+      containers.group_adds: Optional array of additional groups to join
+      containers.hostname: Optional string containing the container host name
+      containers.kernel_memory: Optional string containing the kernel memory limit
+      containers.labels: Optional array of container labels meta data
+      containers.links: Optional array of links to another containers (name:alias)
+      containers.log_driver: Optional string containing the log driver for the container
+      containers.log_options: Optional array of log driver options
+      containers.lxc_options: Optional array of custom lxc options
+      containers.mac_address: Optional string containing the container MAC address
+      containers.memory: Optional string containing the memory limit to assign to the container (format: <number><optional unit>, where unit = b, k, m or g)
+      containers.memory_reservation: Optional string containing the memory soft limit
+      containers.memory_swap: Optional string containing the total memory usage (memory + swap), set '-1' to disable swap (format: <number><optional unit>, where unit = b, k, m or g)
+      containers.memory_swappiness: Optional string containing the tuning container memory swappiness
+      containers.net: Optional string containing the network for the container
+      containers.oom_kill_disable: Optional boolean to disable OOM Killer
+      containers.privileged: Optional boolean to enable/disable extended privileges to this container
+      containers.bind_ports: Optional array of network ports to map to the container
+      containers.read_only: Optional boolean to mount the container's root filesystem as read only
+      containers.restart: Optional string containing the restart policy to apply when a container exits (no, on-failure, always)
+      containers.security_options: Optional array of security options
+      containers.stop_signal: Optional string containing the signal to stop a container, SIGTERM by default
+      containers.timeout: Optional string containing the length of Monit timeout in seconds
+      containers.ulimits: Optional array of Ulimit options
+      containers.user: Optional string containing the username or UID to run the first process
+      containers.volumes: Optional array of volumes to bind mount
+      containers.bind_volumes: Optional array of container mountpoints to bind to a host directory
+      containers.volumes_from: Optional array of mount volumes from the specified container(s)
+      containers.volume_driver: Optional string containing the volume driver for the container
+      containers.workdir: Optional string containing the working directory inside the container
+      containers.store_dir: Optional string containing directory to store the containers data files

jobs/containers/templates/bin/ctl

@@ -0,0 +1,109 @@
+#!/bin/bash
+
+set -e # exit immediately if a simple command exits with a non-zero status
+
+container_name=$2
+
+# Setup common env vars and folders
+source /var/vcap/packages/bosh-helpers/ctl_setup.sh 'containers' "${container_name}"
+export CONTAINER_PID_FILE=${CONTAINERS_PID_DIR}/${container_name}.pid
+
+case $1 in
+
+  start)
+    pid_guard ${CONTAINER_PID_FILE} ${JOB_NAME}
+    echo $$ > ${CONTAINER_PID_FILE}
+
+    # Stop and remove previously Docker Container if exists
+    ${DOCKER_COMMAND} stop ${container_name} || true
+    ${DOCKER_COMMAND} rm ${container_name} || true
+
+    # Create Container persistent disk path
+    if [ ! -d ${CONTAINERS_STORE_DIR}/${container_name} ]; then
+      mkdir -p ${CONTAINERS_STORE_DIR}/${container_name}
+      chmod 777 ${CONTAINERS_STORE_DIR}/${container_name}
+    fi
+
+    # Build the Docker image from Dockerfile
+    if [ -a "${CONTAINERS_CONF_DIR}/${container_name}/Dockerfile" ]; then
+        image=$(${DOCKER_COMMAND} images | grep "$(eval echo "\$${container_name}_image")") || true
+        if [ -z "${image}" ]; then
+            ${DOCKER_COMMAND} \
+                build -t "$(eval echo "\$${container_name}_image")" ${CONTAINERS_CONF_DIR}/${container_name} \
+                >>${LOG_DIR}/${OUTPUT_LABEL}.stdout.log \
+                2>>${LOG_DIR}/${OUTPUT_LABEL}.stderr.log
+        fi
+    fi
+
+    # Start Docker container
+    docker_options="run --detach \
+      --name ${container_name} \
+      "$(eval echo "\$${container_name}_blkio_weight")" \
+      "$(eval echo "\$${container_name}_cap_adds")" \
+      "$(eval echo "\$${container_name}_cap_drops")" \
+      "$(eval echo "\$${container_name}_cpu_period")" \
+      "$(eval echo "\$${container_name}_cpu_quota")" \
+      "$(eval echo "\$${container_name}_cpu_shares")" \
+      "$(eval echo "\$${container_name}_devices")" \
+      "$(eval echo "\$${container_name}_disable_content_trust")" \
+      "$(eval echo "\$${container_name}_dns")" \
+      "$(eval echo "\$${container_name}_dns_options")" \
+      "$(eval echo "\$${container_name}_dns_search")" \
+      "$(eval echo "\$${container_name}_entrypoint")" \
+      "$(eval echo "\$${container_name}_env_file")" \
+      "$(eval echo "\$${container_name}_env")" \
+      "$(eval echo "\$${container_name}_expose")" \
+      "$(eval echo "\$${container_name}_group_adds")" \
+      "$(eval echo "\$${container_name}_hostname")" \
+      "$(eval echo "\$${container_name}_kernel_memory")" \
+      "$(eval echo "\$${container_name}_labels")" \
+      "$(eval echo "\$${container_name}_links")" \
+      "$(eval echo "\$${container_name}_log_driver")" \
+      "$(eval echo "\$${container_name}_log_options")" \
+      "$(eval echo "\$${container_name}_lxc_options")" \
+      "$(eval echo "\$${container_name}_mac_address")" \
+      "$(eval echo "\$${container_name}_memory")" \
+      "$(eval echo "\$${container_name}_memory_reservation")" \
+      "$(eval echo "\$${container_name}_memory_swap")" \
+      "$(eval echo "\$${container_name}_memory_swappiness")" \
+      "$(eval echo "\$${container_name}_net")" \
+      "$(eval echo "\$${container_name}_oom_kill_disable")" \
+      "$(eval echo "\$${container_name}_privileged")" \
+      "$(eval echo "\$${container_name}_publish")" \
+      "$(eval echo "\$${container_name}_read_only")" \
+      "$(eval echo "\$${container_name}_restart")" \
+      "$(eval echo "\$${container_name}_security_options")" \
+      "$(eval echo "\$${container_name}_stop_signal")" \
+      "$(eval echo "\$${container_name}_ulimits")" \
+      "$(eval echo "\$${container_name}_user")" \
+      "$(eval echo "\$${container_name}_volumes")" \
+      "$(eval echo "\$${container_name}_bind_volumes")" \
+      "$(eval echo "\$${container_name}_volumes_from")" \
+      "$(eval echo "\$${container_name}_volume_driver")" \
+      "$(eval echo "\$${container_name}_workdir")" \
+      "$(eval echo "\$${container_name}_image")" \
+      "$(eval echo "\$${container_name}_command")" \
+    "
+    echo "$(date) Running Docker command with options: ${docker_options}"
+    eval echo ${docker_options} | xargs ${DOCKER_COMMAND}  \
+        >>${LOG_DIR}/${OUTPUT_LABEL}.stdout.log \
+        2>>${LOG_DIR}/${OUTPUT_LABEL}.stderr.log
+
+    # Grab Container process pid
+    pid_process=$(${DOCKER_COMMAND} inspect -f '{{ .State.Pid }}' ${container_name})
+    echo $pid_process > ${CONTAINER_PID_FILE}
+    ;;
+
+  stop)
+    # Stop and remove Docker Container
+    ${DOCKER_COMMAND} stop ${container_name} || true
+    ${DOCKER_COMMAND} rm ${container_name} || true
+    ;;
+
+  *)
+    echo "Usage: $0 {start|stop}"
+    exit 1
+    ;;
+
+esac
+exit 0