From 1e2a404f2934f607e8bb68696b7463fa02ec61b8 Mon Sep 17 00:00:00 2001 From: Alexander Vollschwitz Date: Fri, 2 Apr 2021 17:25:55 +0200 Subject: [PATCH] #47: added Ubuntu-based container image --- .dockerignore | 4 + Makefile | 91 ++++++++++--------- hack/devenvutil | 49 ++++++++++ ...sy.Dockerfile => dregsy.alpine.Dockerfile} | 0 hack/dregsy.ubuntu.Dockerfile | 50 ++++++++++ ...sts.Dockerfile => tests.alpine.Dockerfile} | 10 +- hack/tests.ubuntu.Dockerfile | 47 ++++++++++ 7 files changed, 204 insertions(+), 47 deletions(-) create mode 100644 .dockerignore rename hack/{dregsy.Dockerfile => dregsy.alpine.Dockerfile} (100%) create mode 100644 hack/dregsy.ubuntu.Dockerfile rename hack/{tests.Dockerfile => tests.alpine.Dockerfile} (81%) create mode 100644 hack/tests.ubuntu.Dockerfile diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..48a6a20 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,4 @@ +.git +scratchpad +_build/cache +_build/pkg \ No newline at end of file diff --git a/Makefile b/Makefile index fccc302..265484c 100644 --- a/Makefile +++ b/Makefile @@ -17,15 +17,16 @@ .DEFAULT_GOAL := help SHELL = /bin/bash -REPO=dregsy -DREGSY_VERSION=$$(git describe --always --tag --dirty) +REPO = dregsy +DREGSY_VERSION = $$(git describe --always --tag --dirty) -BUILD_OUTPUT=_build -BINARIES=$(BUILD_OUTPUT)/bin -ISOLATED_PKG=$(BUILD_OUTPUT)/pkg -ISOLATED_CACHE=$(BUILD_OUTPUT)/cache +ROOT = $(shell pwd) +BUILD_OUTPUT =_build +BINARIES = $(BUILD_OUTPUT)/bin +ISOLATED_PKG = $(BUILD_OUTPUT)/pkg +ISOLATED_CACHE = $(BUILD_OUTPUT)/cache -GO_IMAGE=golang:1.13.6-buster@sha256:f6cefbdd25f9a66ec7dcef1ee5deb417882b9db9629a724af8a332fe54e3f7b3 +GO_IMAGE = golang:1.13.6-buster@sha256:f6cefbdd25f9a66ec7dcef1ee5deb417882b9db9629a724af8a332fe54e3f7b3 ## makerc # You need to set the following parameters in configuration file ${DIM}.makerc${NRM}, with every line @@ -82,20 +83,20 @@ else endif ifeq ($(MAKECMDGOALS),release) - ISOLATED=y + ISOLATED = y endif ISOLATED ?= ifeq ($(ISOLATED),y) - CACHE_VOLS=-v $$(pwd)/$(ISOLATED_PKG):/go/pkg -v $$(pwd)/$(ISOLATED_CACHE):/.cache + CACHE_VOLS = -v $(ROOT)/$(ISOLATED_PKG):/go/pkg -v $(ROOT)/$(ISOLATED_CACHE):/.cache else - CACHE_VOLS=-v $(GOPATH)/pkg:/go/pkg -v /home/$(USER)/.cache:/.cache + CACHE_VOLS = -v $(GOPATH)/pkg:/go/pkg -v /home/$(USER)/.cache:/.cache endif ifeq ($(GCP_CREDENTIALS),) - GCP_CREDS= + GCP_CREDS = else - GCP_CREDS=-v $(GCP_CREDENTIALS):/var/run/secrets/gcp-creds.json -e GOOGLE_APPLICATION_CREDENTIALS=/var/run/secrets/gcp-creds.json + GCP_CREDS = -v $(GCP_CREDENTIALS):/var/run/secrets/gcp-creds.json -e GOOGLE_APPLICATION_CREDENTIALS=/var/run/secrets/gcp-creds.json endif export @@ -111,7 +112,7 @@ help: .PHONY: release -release: clean rmi dregsy imgdregsy imgtests registryrestart tests registrydown +release: clean rmi dregsy imgdregsy imgtests tests registrydown # clean, do an isolated build, create container images, and test # @@ -131,72 +132,78 @@ dregsy: prep .PHONY: imgdregsy imgdregsy: -# build the ${ITL}dregsy${NRM} container image; assumes binary was built +# build the ${ITL}dregsy${NRM} container images (Alpine and Ubuntu based); +# assumes binary was built # - docker build -t xelalex/$(REPO) -f ./hack/dregsy.Dockerfile \ - --build-arg binaries=$(BINARIES) . + echo -e "\nBuilding Alpine-based image...\n" + docker build -t xelalex/$(REPO):latest-alpine \ + -f ./hack/dregsy.alpine.Dockerfile --build-arg binaries=$(BINARIES) . + # for historical reasons, the `xelalex/dregsy` image is the Alpine image + docker tag xelalex/$(REPO):latest-alpine xelalex/$(REPO):latest + echo -e "\n\nBuilding Ubuntu-based image...\n" + docker build -t xelalex/$(REPO):latest-ubuntu \ + -f ./hack/dregsy.ubuntu.Dockerfile --build-arg binaries=$(BINARIES) . + echo -e "\nDone\n" .PHONY: imgtests imgtests: -# build the container image for running tests; assumes ${ITL}dregsy${NRM} image was built +# build the container images for running tests (Alpine and Ubuntu based); +# assumes ${ITL}dregsy-...${NRM} images were built # - docker build -t xelalex/$(REPO)-tests -f ./hack/tests.Dockerfile . + echo -e "\nBuilding Alpine-based test image...\n" + docker build -t xelalex/$(REPO)-tests-alpine \ + -f ./hack/tests.alpine.Dockerfile . + echo -e "\n\nBuilding Ubuntu-based test image...\n" + docker build -t xelalex/$(REPO)-tests-ubuntu \ + -f ./hack/tests.ubuntu.Dockerfile . + echo -e "\nDone\n" .PHONY: rmi rmi: # remove the ${ITL}dregsy${NRM} and testing container images # - docker rmi -f xelalex/$(REPO) - docker rmi -f xelalex/$(REPO)-tests + docker rmi -f xelalex/$(REPO):latest + docker rmi -f xelalex/$(REPO):latest-alpine + docker rmi -f xelalex/$(REPO):latest-ubuntu + docker rmi -f xelalex/$(REPO)-tests-alpine + docker rmi -f xelalex/$(REPO)-tests-ubuntu .PHONY: tests tests: prep -# run tests; assumes tests image was built and local ${ITL}Docker${NRM} registry running -# on localhost:5000 (start with ${DIM}make registryup${NRM}); +# run tests; assumes test images were built; local ${ITL}Docker${NRM} registry gets +# (re-)started on localhost:5000 # ifeq (,$(wildcard .makerc)) $(warning ***** Missing .makerc! Some tests may be skipped or fail!) endif - @echo -e "\ntests:" - docker run --privileged --network host --rm \ - -v $(shell pwd):/go/src/$(REPO) -w /go/src/$(REPO) \ - -v $(shell pwd)/$(BINARIES):/go/bin \ - -v /var/run/docker.sock:/var/run/docker.sock \ - $(CACHE_VOLS) \ - $(GCP_CREDS) \ - -e CGO_ENABLED=0 -e GOOS=linux -e GOARCH=amd64 \ - -e LOG_LEVEL=debug -e LOG_FORMAT=text -e LOG_FORCE_COLORS=true \ - --env-file <(sed -E 's/\ +=\ +/=/g' .makerc) \ - xelalex/$(REPO)-tests sh -c "\ - go test $(TEST_OPTS) \ - -coverpkg=./... -coverprofile=$(BUILD_OUTPUT)/coverage.out \ - -covermode=count ./... && \ - go tool cover -html=$(BUILD_OUTPUT)/coverage.out \ - -o $(BUILD_OUTPUT)/coverage.html" - @echo -e "\ncoverage report is in $(BUILD_OUTPUT)/coverage.html\n" + $(call utils, registry_restart) + $(call utils, run_tests alpine) + $(call utils, registry_restart) + $(call utils, run_tests ubuntu) .PHONY: registryup registryup: # start local ${ITL}Docker${NRM} registry for running tests # - docker run -d --rm -p 5000:5000 --name dregsy-test-registry registry:2 + $(call utils, registry_up) .PHONY: registrydown registrydown: # stop local ${ITL}Docker${NRM} registry # - docker stop dregsy-test-registry || true + $(call utils, registry_down) || true .PHONY: registryrestart -registryrestart: registrydown registryup +registryrestart: # restart local ${ITL}Docker${NRM} registry # + $(call utils, registry_restart) .PHONY: clean diff --git a/hack/devenvutil b/hack/devenvutil index 21c6e28..4c988db 100755 --- a/hack/devenvutil +++ b/hack/devenvutil @@ -38,6 +38,8 @@ function synopsis { files=() + command -v gawk > /dev/null || echo "Note: proper help display requires gawk!" + for file in ${MAKEFILE_LIST}; do if [[ "$(basename "${file}")" == "Makefile" ]]; then files+=( "../${file}" ) @@ -100,6 +102,53 @@ function apply_shell_expansion { eval "${command}" } +# +# +# +function registry_up { + docker run -d --rm -p 5000:5000 --name dregsy-test-registry registry:2 +} + +# +# +# +function registry_down { + docker stop dregsy-test-registry +} + +# +# +# +function registry_restart { + registry_down + registry_up +} + +# +# $1 test image variant (`alpine` or `ubuntu`) +# +function run_tests { + + echo -e "\ntesting using $1-based image:" + + docker run --privileged --network host --rm \ + -v "${ROOT}:/go/src/${REPO}" -w "/go/src/${REPO}" \ + -v "${ROOT}/${BINARIES}:/go/bin" \ + -v /var/run/docker.sock:/var/run/docker.sock \ + ${CACHE_VOLS} ${GCP_CREDS} \ + -e CGO_ENABLED=0 -e GOOS=linux -e GOARCH=amd64 \ + -e LOG_LEVEL=debug -e LOG_FORMAT=text -e LOG_FORCE_COLORS=true \ + --env-file <(sed -E 's/\ +=\ +/=/g' "${ROOT}/.makerc") \ + "xelalex/${REPO}-tests-$1" sh -c "\ + go test ${TEST_OPTS} \ + -coverpkg=./... -coverprofile=${BUILD_OUTPUT}/coverage.out \ + -covermode=count ./... && \ + go tool cover -html=${BUILD_OUTPUT}/coverage.out \ + -o ${BUILD_OUTPUT}/coverage-$1.html" + + echo -e "\ncoverage report is in ${BUILD_OUTPUT}/coverage-$1.html\n" +} + # # # diff --git a/hack/dregsy.Dockerfile b/hack/dregsy.alpine.Dockerfile similarity index 100% rename from hack/dregsy.Dockerfile rename to hack/dregsy.alpine.Dockerfile diff --git a/hack/dregsy.ubuntu.Dockerfile b/hack/dregsy.ubuntu.Dockerfile new file mode 100644 index 0000000..146c73b --- /dev/null +++ b/hack/dregsy.ubuntu.Dockerfile @@ -0,0 +1,50 @@ +# +# Copyright 2021 Alexander Vollschwitz +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +FROM docker.io/ubuntu:20.04@sha256:c65d2b75a62135c95e2c595822af9b6f6cf0f32c11bcd4a38368d7b7c36b66f5 + +LABEL maintainer "vollschwitz@gmx.net" + +ARG binaries + +ENV DEBIAN_FRONTEND=noninteractive +ENV APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=yes + +RUN apt-get update && \ + apt-get upgrade -y --fix-missing && \ + apt-get install -y --no-install-recommends --fix-missing \ + ca-certificates \ + apt-utils \ + gpg \ + curl && \ + echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/ /' \ + > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list && \ + curl -fsSL https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_20.04/Release.key \ + | gpg --dearmor > /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_stable.gpg && \ + apt-get update && \ + apt-get install -y --no-install-recommends --fix-missing \ + skopeo=100:1.2.2-2 && \ + apt-get clean -y && \ + rm -rf \ + /var/cache/debconf/* \ + /var/lib/apt/lists/* \ + /var/log/* \ + /tmp/* \ + /var/tmp/* + +COPY ${binaries}/dregsy /usr/local/bin + +CMD ["dregsy", "-config=config.yaml"] diff --git a/hack/tests.Dockerfile b/hack/tests.alpine.Dockerfile similarity index 81% rename from hack/tests.Dockerfile rename to hack/tests.alpine.Dockerfile index f11cf42..1d64970 100644 --- a/hack/tests.Dockerfile +++ b/hack/tests.alpine.Dockerfile @@ -14,7 +14,7 @@ # limitations under the License. # -FROM xelalex/dregsy:latest +FROM xelalex/dregsy:latest-alpine # install & configure Go RUN apk add --no-cache go @@ -28,10 +28,10 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin ${GOPATH}/pkg ${GOCACHE} ARG USER=go ENV HOME /home/${USER} RUN apk add --update sudo -RUN adduser -D ${USER} \ - && adduser ${USER} ping \ - && echo "${USER} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/${USER} \ - && chmod 0440 /etc/sudoers.d/${USER} +RUN adduser -D ${USER} && \ + adduser ${USER} ping && \ + echo "${USER} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/${USER} && \ + chmod 0440 /etc/sudoers.d/${USER} USER ${USER} WORKDIR ${GOPATH} diff --git a/hack/tests.ubuntu.Dockerfile b/hack/tests.ubuntu.Dockerfile new file mode 100644 index 0000000..2c18e08 --- /dev/null +++ b/hack/tests.ubuntu.Dockerfile @@ -0,0 +1,47 @@ +# +# Copyright 2021 Alexander Vollschwitz +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +FROM xelalex/dregsy:latest-ubuntu + +# install & configure Go +RUN apt-get update && \ + apt-get install -y --no-install-recommends --fix-missing \ + golang && \ + apt-get clean -y && \ + rm -rf \ + /var/cache/debconf/* \ + /var/lib/apt/lists/* \ + /var/log/* \ + /tmp/* \ + /var/tmp/* + +ENV GOROOT /usr/lib/go +ENV GOPATH /go +ENV GOCACHE /.cache +ENV PATH /go/bin:${PATH} +RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin ${GOPATH}/pkg ${GOCACHE} + +# non-root user +ARG USER=go +RUN groupadd -g ${GROUP_ID:-1000} ${USER} && \ + useradd -l -u ${USER_ID:-1000} -g ${USER} ${USER} && \ + install -d -m 0755 -o ${USER} -g ${USER} /home/${USER} +ENV HOME /home/${USER} +USER ${USER} + +WORKDIR ${GOPATH} + +CMD ["go", "version"]