Skip to content
Snippets Groups Projects
Unverified Commit ce11d76a authored by Andrej Shadura's avatar Andrej Shadura
Browse files

Build Docker images 


Was:

Create a Docker image with a Debian package built from the current Git
source. This eliminates an extra round trip with a manual upload to OBS
and the package getting published and fetched from apt repos.
Unfortunately, doing this in a way compatible with what was previously
done requires some non-trivial hacks.

Since we want fairly recent OmniAuth gems, we install them from external
sources directly into the resulting Docker image.

ruby-faraday is used by the OAuth2 auth backend, but new versions
require newer Ruby than what stretch has, so we preinstall it from
packages to avoid pinning it.

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora/sso
Gbp-Pq: Name Build-a-Docker-image-with-the-Web-UI-only.patch

Build Docker images in GitLab CI

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora/sso
Gbp-Pq: Name Build-Docker-images-in-GitLab-CI.patch

Split docker-entrypoint.sh into three separate files

Gbp-Pq: Topic collabora/sso
Gbp-Pq: Name Split-docker-entrypoint.sh-into-three-separate-files.patch

Move Docker-related files under docker/

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora/sso
Gbp-Pq: Name Move-Docker-related-files-under-docker.patch

Clean up stale pid files on start

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora
Gbp-Pq: Name Clean-up-stale-pid-files-on-start.patch

Install and configure mstmp

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora
Gbp-Pq: Name Install-and-configure-mstmp.patch

Allow changing the session lifetime

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora
Gbp-Pq: Name Allow-changing-the-session-lifetime.patch

Preinstall apt-transport-https ca-certificates build-essential

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Simplify the db config generation

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Remove MariaDB/MySQL from the API container

There’s no need to keep the database inside when it can be a separate
container.

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Switch to an external memcached

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Drop Apache and TLS termination, use Puma instead of Passenger

When the container is deployed, it will have a real HTTP server in front
of it, so there is no need to have Apache and TLS inside.

Since Passenger (at least of the version in Debian stretch) cannot be
easily used without Apache, use the standard solution for such cases
which is Puma, and expose OBS_FRONTEND_WORKERS (default: 4) to allow
scaling it.

Drop no longer necessary supervisord.

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Rename the frontend image to a more sensible name

A front-end is what it really is, and it’s also the name the upstream
uses for their container.

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Generalise the build process to enable building multiple images

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Teach deb-arch-to-obs-arch to work with an arbitrary argument

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Build the backend Docker image

This Docker image installs obs-build and obs-productconverter from
packages and everything else directly from the sources.

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

WIP: update Docker stuff

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Pass TAG argument

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Don't purge or install unnecessary packages

Don't update packages

Install puma

Wip wup

Support buster

tags

more deps

unify log names with upstream

add cloud uploader

ensure correct permissions for log/tmp/sphinx

init app before db so that permissions are all correct

db setup needs command line mysql client

init or migrate database

remove more gem cruft

pre-create run dir with correct perms

provide our custom docker-compose

move services confs into a subdir because the worker also needs some

fix frontend

fix scripts

build worker image

add worker again

Build Docker images

Was:

Create a Docker image with a Debian package built from the current Git
source. This eliminates an extra round trip with a manual upload to OBS
and the package getting published and fetched from apt repos.
Unfortunately, doing this in a way compatible with what was previously
done requires some non-trivial hacks.

Since we want fairly recent OmniAuth gems, we install them from external
sources directly into the resulting Docker image.

ruby-faraday is used by the OAuth2 auth backend, but new versions
require newer Ruby than what stretch has, so we preinstall it from
packages to avoid pinning it.

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora/sso
Gbp-Pq: Name Build-a-Docker-image-with-the-Web-UI-only.patch

Build Docker images in GitLab CI

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora/sso
Gbp-Pq: Name Build-Docker-images-in-GitLab-CI.patch

Split docker-entrypoint.sh into three separate files

Gbp-Pq: Topic collabora/sso
Gbp-Pq: Name Split-docker-entrypoint.sh-into-three-separate-files.patch

Move Docker-related files under docker/

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora/sso
Gbp-Pq: Name Move-Docker-related-files-under-docker.patch

Clean up stale pid files on start

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora
Gbp-Pq: Name Clean-up-stale-pid-files-on-start.patch

Install and configure mstmp

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora
Gbp-Pq: Name Install-and-configure-mstmp.patch

Allow changing the session lifetime

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Gbp-Pq: Topic collabora
Gbp-Pq: Name Allow-changing-the-session-lifetime.patch

Preinstall apt-transport-https ca-certificates build-essential

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Simplify the db config generation

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Remove MariaDB/MySQL from the API container

There’s no need to keep the database inside when it can be a separate
container.

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Switch to an external memcached

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Drop Apache and TLS termination, use Puma instead of Passenger

When the container is deployed, it will have a real HTTP server in front
of it, so there is no need to have Apache and TLS inside.

Since Passenger (at least of the version in Debian stretch) cannot be
easily used without Apache, use the standard solution for such cases
which is Puma, and expose OBS_FRONTEND_WORKERS (default: 4) to allow
scaling it.

Drop no longer necessary supervisord.

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Rename the frontend image to a more sensible name

A front-end is what it really is, and it’s also the name the upstream
uses for their container.

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Generalise the build process to enable building multiple images

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Teach deb-arch-to-obs-arch to work with an arbitrary argument

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Build the backend Docker image

This Docker image installs obs-build and obs-productconverter from
packages and everything else directly from the sources.

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

WIP: update Docker stuff

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Pass TAG argument

Signed-off-by: Andrej Shadura's avatarAndrej Shadura <andrew.shadura@collabora.co.uk>

Don't purge or install unnecessary packages

Don't update packages

Install puma

Wip wup

Support buster

tags

more deps

unify log names with upstream

add cloud uploader

ensure correct permissions for log/tmp/sphinx

init app before db so that permissions are all correct

db setup needs command line mysql client

init or migrate database

remove more gem cruft

pre-create run dir with correct perms

provide our custom docker-compose

move services confs into a subdir because the worker also needs some

fix frontend

fix scripts

build worker image

add worker again

depend on xml-structured

sphinxsearch is not in bullseye

adjust path
parent 7bd1bdf3
Branches
Tags
No related merge requests found
Pipeline #34589 passed
Stage: docker
Show whitespace changes
Inline Side-by-side
Showing
with 648 additions and 36 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment