feat(dev): create local dev stack

for testing in real usescases, we need - A local Docker Registry with TLS (+ WebUI) - A set of Docker images to be built (with DAG simulation) - A "dev" config file
radiofrance · Jun 24, 2024 · 2ffd10f · 2ffd10f
1 parent 3f71cb0
commit 2ffd10f
Show file tree

Hide file tree

Showing 17 changed files with 254 additions and 0 deletions.
diff --git a/test/end2end/.dib.yaml b/test/end2end/.dib.yaml
@@ -0,0 +1,9 @@
+registry_url: registry.localhost
+placeholder_tag: dib_managed
+#log_level: debug
+backend: docker
+local_only: true
+rate_limit: 2
+include_tests:
+- "goss"
+- "trivy"
diff --git a/test/end2end/.dib_list.tmpl b/test/end2end/.dib_list.tmpl
@@ -0,0 +1,21 @@
+# List of Docker images managed by DIB
+
+<!---
+This file is managed by DIB
+DO NOT EDIT IT, ANY MANUAL CHANGES WILL BE LOST.
+
+Run following command to update :
+```sh
+$ dib list \
+  -o go-template-file=.dib_list.tmpl \
+  > dib_images_list.md
+```
+-->
+
+**Total: `{{ len . }}`**
+
+| Image Name | Tags | current hash |
+|------------|------|--------------|
+{{- range . }}
+| `{{ .Name }}` | `latest, {{ .ExtraTags }}` | `{{ .Hash }}` |
+{{- end }}
diff --git a/test/end2end/.gitignore b/test/end2end/.gitignore
@@ -0,0 +1 @@
+reports
diff --git a/test/end2end/Makefile b/test/end2end/Makefile
@@ -0,0 +1,32 @@
+##-----------------------
+## Available make targets
+##-----------------------
+##
+
+ROOT_PATH=${PWD}/../..
+
+default: help
+
+help: ## Display this message
+	@grep -E '(^[a-zA-Z0-9_.-]+:.*?##.*$$)|(^##)' Makefile | \
+		awk 'BEGIN {FS = ":.*?## "}; {printf "\033[32m%-30s\033[0m %s\n", $$1, $$2}' | \
+		sed -e 's/\[32m##/[33m/'
+
+##
+## ----------------------
+## DIB end2end tests
+## ----------------------
+##
+
+registry.start: ## Start required local Docker registry
+	docker compose up --detach
+	docker compose ps
+
+dib.install: ## Generate binary and copy it to $GOPATH/bin (equivalent to go install)
+	$(MAKE) --directory=${ROOT_PATH} install
+
+dib.list: ## Update list of Docker images managed by DIB
+	dib list -o go-template-file=.dib_list.tmpl > dib_images_list.md
+
+dib.build: ## Build updated Docker images managed by DIB
+	dib build
diff --git a/test/end2end/certs/registry.localhost.cert.pem b/test/end2end/certs/registry.localhost.cert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB7jCCAXWgAwIBAgIIDuS6JhFQdxQwCgYIKoZIzj0EAwMwIDEeMBwGA1UEAxMV
+bWluaWNhIHJvb3QgY2EgNDJkYWFkMB4XDTI0MDYyMjAwMzU1MVoXDTI2MDcyMjAw
+MzU1MVowHTEbMBkGA1UEAxMScmVnaXN0cnkubG9jYWxob3N0MHYwEAYHKoZIzj0C
+AQYFK4EEACIDYgAEBRFJiMRNlyyMIbkVGzIBROE962BTaoF/yQcz9u748MquyzAc
+zoo8MJMsWCCYxWv3CMKFSW8W1PBZJJD87aWe7+o+2srDQk9kstACKIDSriID92qz
+v8sacvTaANqvSTkKo38wfTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUyYht5jTo
+kYDsucyTbtJjD00ma8owHQYDVR0RBBYwFIIScmVnaXN0cnkubG9jYWxob3N0MAoG
+CCqGSM49BAMDA2cAMGQCMEXavsrDKWKZd7dFd1Y0OBmWLqSzUaj78VW+rrs8VstV
+K0KZyY7D7Jx3948tIBDRPAIwW1YOAPxdGwH+4V7YVt09A/Vp2NOSz8hxi9ytS3lU
+q63nguC7z34zLjoINa+Tzn1z
+-----END CERTIFICATE-----
diff --git a/test/end2end/certs/registry.localhost.key.pem b/test/end2end/certs/registry.localhost.key.pem
@@ -0,0 +1,6 @@
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCOgb4rASX2EbknriaX
+5ZPSFO3Tc4COn1iKohCK/v43Yhxa45HZG6uGC0UoG3yueZyhZANiAAQFEUmIxE2X
+LIwhuRUbMgFE4T3rYFNqgX/JBzP27vjwyq7LMBzOijwwkyxYIJjFa/cIwoVJbxbU
+8FkkkPztpZ7v6j7aysNCT2Sy0AIogNKuIgP3arO/yxpy9NoA2q9JOQo=
+-----END PRIVATE KEY-----
diff --git a/test/end2end/dib_images_list.md b/test/end2end/dib_images_list.md
@@ -0,0 +1,24 @@
+# List of Docker images managed by DIB
+
+<!---
+This file is managed by DIB
+DO NOT EDIT IT, ANY MANUAL CHANGES WILL BE LOST.
+
+Run following command to update :
+```sh
+$ dib list \
+  -o go-template-file=.dib_list.tmpl \
+  > dib_images_list.md
+```
+-->
+
+**Total: `6`**
+
+| Image Name | Tags | current hash |
+|------------|------|--------------|
+| `registry.localhost/app-curl` | `latest, []` | `green-autumn-quebec-montana` |
+| `registry.localhost/app-git` | `latest, []` | `texas-bluebird-low-ten` |
+| `registry.localhost/app-skipped` | `latest, []` | `vegan-alabama-fanta-oranges` |
+| `registry.localhost/base-alpine-3.19` | `latest, []` | `angel-leopard-idaho-winner` |
+| `registry.localhost/base-alpine-3.20` | `latest, []` | `grey-colorado-pennsylvania-two` |
+| `registry.localhost/base-debian-bookworm` | `latest, []` | `butter-social-twenty-whiskey` |
diff --git a/test/end2end/docker-compose.yml b/test/end2end/docker-compose.yml
@@ -0,0 +1,56 @@
+# This docker-compose file is used during Dib development.
+# It declares 2 services :
+# - A Docker registry
+# - A webui for the registry
+
+services:
+  # https://github.com/distribution/distribution
+  registry:
+    image: "registry:2.8.3@sha256:79b29591e1601a73f03fcd413e655b72b9abfae5a23f1ad2e883d4942fbb4351"
+    container_name: "registry"
+    ports:
+    - "443:443"
+    volumes:
+    - "registry-data:/var/lib/registry"
+    - "./certs:/certs"
+    environment:
+    - "REGISTRY_HTTP_ADDR=0.0.0.0:443"
+    - "REGISTRY_HTTP_TLS_CERTIFICATE=/certs/registry.localhost.cert.pem"
+    - "REGISTRY_HTTP_TLS_KEY=/certs/registry.localhost.key.pem"
+    - "REGISTRY_HTTP_HEADERS_Access-Control-Allow-Origin=[http://registry.localhost]"
+    - "REGISTRY_HTTP_HEADERS_Access-Control-Allow-Methods=[HEAD,GET,OPTIONS,DELETE]"
+    - "REGISTRY_HTTP_HEADERS_Access-Control-Allow-Credentials=[true]"
+    - "REGISTRY_HTTP_HEADERS_Access-Control-Allow-Headers=[Authorization,Accept,Cache-Control]"
+    - "REGISTRY_HTTP_HEADERS_Access-Control-Expose-Headers=[Docker-Content-Digest]"
+    - "REGISTRY_STORAGE_DELETE_ENABLED=true"
+    networks:
+    - "dib_registry"
+
+  # https://github.com/Joxit/docker-registry-ui
+  registry-ui:
+    image: "joxit/docker-registry-ui:2.5.7@sha256:5594b76bf8dd9de479648e28f38572d020d260568be40b7e52b9758b442275e1"
+    container_name: "registry-ui"
+    depends_on:
+    - registry
+    ports:
+    - "80:80"
+    environment:
+    - "SINGLE_REGISTRY=true"
+    - "REGISTRY_SECURED=false"
+    - "REGISTRY_TITLE=DIB local registry"
+    - "NGINX_PROXY_PASS_URL=https://registry"
+    - "SHOW_CONTENT_DIGEST=true"
+    - "SHOW_CATALOG_NB_TAGS=true"
+    - "SHOW_TAG_HISTORY=true"
+    - "DELETE_IMAGES=true"
+    networks:
+    - "dib_registry"
+
+volumes:
+  registry-data:
+    driver: local
+
+networks:
+  dib_registry:
+    name: dib_registry
+    driver: bridge
diff --git a/test/end2end/docker/app/curl/Dockerfile b/test/end2end/docker/app/curl/Dockerfile
@@ -0,0 +1,4 @@
+# This image build but test always fail
+# Build OK, Test KO
+FROM registry.localhost/base-debian-bookworm:dib_managed
+LABEL name="app-curl"
diff --git a/test/end2end/docker/app/curl/goss.yaml b/test/end2end/docker/app/curl/goss.yaml
@@ -0,0 +1,16 @@
+---
+user:
+  # this test always fail
+  debiane:
+    exists: true
+    uid: 1666
+    gid: 1664
+    groups:
+    - debiane
+    home: /home/debiane
+    shell: /bin/sh
+
+group:
+  debian:
+    exists: true
+    gid: 1666
diff --git a/test/end2end/docker/app/git/Dockerfile b/test/end2end/docker/app/git/Dockerfile
@@ -0,0 +1,10 @@
+# This image should not build
+# Build KO, Test SKIP
+FROM registry.localhost/base-debian-bookworm:dib_managed
+LABEL name="app-git"
+
+USER root
+
+RUN \
+   apt-get update \
+   && apt-get install -y lorem
diff --git a/test/end2end/docker/app/git/goss.yaml b/test/end2end/docker/app/git/goss.yaml
@@ -0,0 +1,15 @@
+---
+user:
+  debian:
+    exists: true
+    uid: 1664
+    gid: 1664
+    groups:
+    - debian
+    home: /home/debian
+    shell: /bin/bash
+
+group:
+  debian:
+    exists: true
+    gid: 1664
diff --git a/test/end2end/docker/app/lorem/Dockerfile b/test/end2end/docker/app/lorem/Dockerfile
@@ -0,0 +1,4 @@
+# This image is never built (because it parent image "app-git" fail to build)
+# Build SKIP, Test SKIP
+FROM registry.localhost/app-git:dib_managed
+LABEL name="app-skipped"
diff --git a/test/end2end/docker/base/alpine/3.19/Dockerfile b/test/end2end/docker/base/alpine/3.19/Dockerfile
@@ -0,0 +1,2 @@
+FROM alpine:3.19.2@sha256:af4785ccdbcd5cde71bfd5b93eabd34250b98651f19fe218c91de6c8d10e21c5
+LABEL name="base-alpine-3.19"
diff --git a/test/end2end/docker/base/alpine/3.20/Dockerfile b/test/end2end/docker/base/alpine/3.20/Dockerfile
@@ -0,0 +1,2 @@
+FROM alpine:3.20.1@sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0
+LABEL name="base-alpine-3.20"
diff --git a/test/end2end/docker/base/debian/bullseye/Dockerfile b/test/end2end/docker/base/debian/bullseye/Dockerfile
@@ -0,0 +1,24 @@
+# Base image used to test DIB html report
+# Build OK, Test OK
+FROM debian:bookworm@sha256:a92ed51e0996d8e9de041ca05ce623d2c491444df6a535a566dabd5cb8336946
+LABEL name="base-debian-bookworm"
+
+ENV DOCKER_USER_ID=1664
+ENV DOCKER_USER=debian
+
+USER root
+
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+RUN set +x \
+  # Create dedicated user
+  && groupadd --gid ${DOCKER_USER_ID} ${DOCKER_USER} \
+  && useradd \
+    --comment "${DOCKER_USER} user" \
+    --uid ${DOCKER_USER_ID} \
+    --gid ${DOCKER_USER_ID} \
+    --create-home \
+    --home-dir /home/${DOCKER_USER} \
+    --shell /bin/bash \
+    ${DOCKER_USER}
+
+USER ${DOCKER_USER}
diff --git a/test/end2end/docker/base/debian/bullseye/goss.yaml b/test/end2end/docker/base/debian/bullseye/goss.yaml
@@ -0,0 +1,15 @@
+---
+user:
+  debian:
+    exists: true
+    uid: 1664
+    gid: 1664
+    groups:
+    - debian
+    home: /home/debian
+    shell: /bin/bash
+
+group:
+  debian:
+    exists: true
+    gid: 1664
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		FROM alpine:3.19.2@sha256:af4785ccdbcd5cde71bfd5b93eabd34250b98651f19fe218c91de6c8d10e21c5
		LABEL name="base-alpine-3.19"
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		FROM alpine:3.20.1@sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0
		LABEL name="base-alpine-3.20"