From 5b503f892a2e8a4832e9ce1d9ec1b218ed309c46 Mon Sep 17 00:00:00 2001 From: Jeffrey Clark Date: Sat, 20 Apr 2024 19:09:39 -0500 Subject: [PATCH 1/7] (maint) fix docker makefile and workflow --- .github/workflows/docker.yml | 68 ++++++++++++++++++++++-------- CHANGELOG.md | 1 + docker/Gemfile | 2 +- docker/Makefile | 65 +++++++++++++++------------- docker/README.md | 2 +- docker/ezbake/Dockerfile | 68 ++++++++++++------------------ docker/ezbake/docker-entrypoint.sh | 6 +++ docker/spec/ezbake_spec.rb | 8 ++-- 8 files changed, 124 insertions(+), 96 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index b406a507..3286e874 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,32 +1,64 @@ +--- name: Docker test and publish on: push: - branches: - - main + tags: + - '*.*.*' jobs: build-and-publish: runs-on: ubuntu-latest + permissions: + contents: read + packages: write steps: - - uses: actions/checkout@master - - name: Set up Ruby 2.6 - uses: actions/setup-ruby@v1 + - name: Setup environment + run: | + if [[ "${{ secrets.DOCKERHUB_USERNAME }}" == '' ]] ; then + # defaults to ghcr.io + echo "REPOSITORY=${{ vars.REPOSITORY != '' && vars.REPOSITORY || github.repository }}" >> $GITHUB_ENV + echo "REGISTRY=${{ vars.REGISTRY != '' && vars.REGISTRY || 'ghcr.io' }}" >> $GITHUB_ENV + echo "REGISTRY_USERNAME=${{ vars.REGISTRY_USERNAME != '' && vars.REGISTRY_USERNAME || github.actor }}" >> $GITHUB_ENV + echo "REGISTRY_PASSWORD=${{ secrets.REGISTRY_PASSWORD != '' && secrets.REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" >> $GITHUB_ENV + else + echo "::warning title=deprecated::Project workflow called with deprecated action variables or secrets" + # legacy variable/secrets + echo "REPOSITORY=puppet/ezbake" >> $GITHUB_ENV + echo "REGISTRY=docker.io" >> $GITHUB_ENV + echo "REGISTRY_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}" >> $GITHUB_ENV + echo "REGISTRY_PASSWORD=${{ secrets.DOCKERHUB_PASSWORD }}" >> $GITHUB_ENV + fi + echo "TAG_LATEST=${{ github.event_name == 'push' && 'true' || 'false' }}" >> $GITHUB_ENV + + - name: Login to ${{ env.REGISTRY }} + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ env.REGISTRY_USERNAME }} + password: ${{ env.REGISTRY_PASSWORD }} + + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Ruby + uses: ruby/setup-ruby@v1 with: - ruby-version: 2.6.x - - run: gem install bundler - - name: Build container - env: - IS_LATEST: true + ruby-version: '3.2' + + - name: Lint working-directory: docker - run: make lint build test + run: make lint + + - name: Build + working-directory: docker + run: make build source_url=${{ github.server_url }}/${{ github.repository }} + + - name: Test + working-directory: docker + run: make test + - name: Publish container - env: - DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} - DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} - IS_LATEST: true working-directory: docker - run: | - docker login -u "$DOCKERHUB_USERNAME" -p "$DOCKERHUB_PASSWORD" - make publish + run: make publish diff --git a/CHANGELOG.md b/CHANGELOG.md index 44d22efb..887b487a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ This changelog adheres to [Keep a CHANGELOG](http://keepachangelog.com/). ## [Unreleased] Bugfix: + * Fix docker image build, test, and publish * Fix java dependency on SLES 15 when building Puppet Platform 7 ## [2.5.5] diff --git a/docker/Gemfile b/docker/Gemfile index 51a7d4dd..c73eace4 100644 --- a/docker/Gemfile +++ b/docker/Gemfile @@ -3,5 +3,5 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org" gem 'rspec' gem 'pupperware', :git => 'https://github.com/puppetlabs/pupperware.git', - :branch => 'master', + :branch => 'main', :glob => 'gem/*.gemspec' diff --git a/docker/Makefile b/docker/Makefile index 7b81cf0c..b7b1757f 100644 --- a/docker/Makefile +++ b/docker/Makefile @@ -1,62 +1,67 @@ -NAMESPACE ?= puppet -git_describe = $(shell git describe) +REGISTRY ?= docker.io +REPOSITORY ?= puppet/ezbake + +source_url := https://github.com/puppetlabs/ezbake vcs_ref := $(shell git rev-parse HEAD) build_date := $(shell date -u +%FT%T) hadolint_available := $(shell hadolint --help > /dev/null 2>&1; echo $$?) -hadolint_command := hadolint --ignore DL3008 --ignore DL3018 --ignore DL3028 --ignore DL4000 --ignore DL4001 +hadolint_command := hadolint --ignore DL3008 --ignore DL3018 --ignore DL3028 --ignore DL3033 --ignore DL4000 --ignore DL4001 hadolint_container := hadolint/hadolint:latest export BUNDLE_PATH = $(PWD)/.bundle/gems export BUNDLE_BIN = $(PWD)/.bundle/bin export GEMFILE = $(PWD)/Gemfile -version ?= $(shell echo $(git_describe) | sed 's/-.*//') +version := $(shell sed -rn 's~.*defproject .*"([^"]+)"~\1~p' ../project.clj) dockerfile := Dockerfile -prep: - @git fetch --unshallow 2> /dev/null ||: - @git fetch origin 'refs/tags/*:refs/tags/*' - lint: + $(info -> $@ Dockerfile) ifeq ($(hadolint_available),0) @$(hadolint_command) ezbake/$(dockerfile) else - @docker pull $(hadolint_container) @docker run --rm -v $(PWD)/ezbake/$(dockerfile):/Dockerfile -i $(hadolint_container) $(hadolint_command) Dockerfile endif -build: prep +build: + $(info -> $@ verison $(version) [$(build_date) $(source_url) $(vcs_ref)]) @docker build \ --pull \ --build-arg vcs_ref=$(vcs_ref) \ --build-arg build_date=$(build_date) \ --build-arg version=$(version) \ + --build-arg source_url=$(source_url) \ --file ezbake/$(dockerfile) \ - --tag $(NAMESPACE)/ezbake:$(version) $(PWD)/.. -ifeq ($(IS_LATEST),true) - @docker tag $(NAMESPACE)/ezbake:$(version) $(NAMESPACE)/ezbake:latest -endif + --tag $(REPOSITORY):$(version) \ + $(if $(findstring true,$(TAG_LATEST)),--tag $(REPOSITORY):latest,) \ + $(PWD)/.. -test: prep +test: + $(info -> $@ image with rspec) @bundle install --path $$BUNDLE_PATH --gemfile $$GEMFILE - @PUPPET_TEST_DOCKER_IMAGE=$(NAMESPACE)/ezbake:$(version) \ - bundle exec --gemfile $$GEMFILE rspec spec + @PUPPET_TEST_DOCKER_IMAGE=$(REPOSITORY):$(version) \ + bundle exec --gemfile $$GEMFILE rspec --format documentation spec -push-image: prep - @docker push $(NAMESPACE)/ezbake:$(version) -ifeq ($(IS_LATEST),true) - @docker push $(NAMESPACE)/ezbake:latest +push-image: + $(info -> $@ to $(REGISTRY)/$(REPOSITORY)) + @docker tag $(REPOSITORY):$(version) $(REGISTRY)/$(REPOSITORY):$(version) + @docker push $(REGISTRY)/$(REPOSITORY):$(version) +ifeq ($(TAG_LATEST),true) + @docker tag $(REPOSITORY):latest $(REGISTRY)/$(REPOSITORY):latest + @docker push $(REGISTRY)/$(REPOSITORY):latest endif push-readme: - @docker pull sheogorath/readme-to-dockerhub - @docker run --rm \ - -v $(PWD)/README.md:/data/README.md \ - -e DOCKERHUB_USERNAME="$(DOCKERHUB_USERNAME)" \ - -e DOCKERHUB_PASSWORD="$(DOCKERHUB_PASSWORD)" \ - -e DOCKERHUB_REPO_PREFIX=puppet \ - -e DOCKERHUB_REPO_NAME=ezbake \ - sheogorath/readme-to-dockerhub +ifeq ($(REGISTRY),docker.io) + $(info -> $@ to $(REGISTRY)/$(REPOSITORY)) + @docker run -v $(PWD):/workspace \ + -e DOCKERHUB_USERNAME="$(REGISTRY_USERNAME)" \ + -e DOCKERHUB_PASSWORD="$(REGISTRY_PASSWORD)" \ + -e DOCKERHUB_REPOSITORY=$(REPOSITORY) \ + -e README_FILEPATH='/workspace/README.md' \ + peterevans/dockerhub-description:3 +endif publish: push-image push-readme + $(info -> $@ to $(REGISTRY)) -.PHONY: prep lint build test publish push-image push-readme +.PHONY: lint build test publish push-image push-readme diff --git a/docker/README.md b/docker/README.md index b1676a81..5465bd71 100644 --- a/docker/README.md +++ b/docker/README.md @@ -133,4 +133,4 @@ working directory), but it still takes significantly more than the builds from r docker run --rm --volume $(PWD)/output:/output --volume $(PWD)/src:/workspace/src --volume $(PWD)/project.clj:/workspace/project.clj --volume $(PWD)/resources:/workspace/resources --volume $(PWD)/.git:/workspace/.git puppet/ezbake ``` -[1]: https://github.com/puppetlabs/ezbake/blob/master/docker/ezbake/Dockerfile +[1]: https://github.com/puppetlabs/ezbake/blob/main/docker/ezbake/Dockerfile diff --git a/docker/ezbake/Dockerfile b/docker/ezbake/Dockerfile index fe1d1534..1486eb30 100644 --- a/docker/ezbake/Dockerfile +++ b/docker/ezbake/Dockerfile @@ -1,25 +1,9 @@ -FROM centos:7 as build -ARG ruby_major_ver=2.6 -ARG ruby_patch_ver=2 -ENV ruby_ver="$ruby_major_ver.$ruby_patch_ver" +FROM ruby:3.2-slim-bookworm -RUN yum -y groupinstall "Development Tools" && \ - yum -y install wget openssl-devel - -RUN wget "http://cache.ruby-lang.org/pub/ruby/$ruby_major_ver/ruby-$ruby_ver.tar.gz" && \ - tar xf "ruby-$ruby_ver.tar.gz" - -WORKDIR /ruby-$ruby_ver -RUN ./configure && \ - make && \ - make install - -FROM centos:7 - -ARG sles_12_mirror=http://osmirror.delivery.puppetlabs.net/sles-12-sp2-x86_64/RPMS.os -ARG version="2.0.4" +ARG version ARG vcs_ref ARG build_date +ARG source_url ENV LANG="en_US.utf8" ENV EZBAKE_ALLOW_UNREPRODUCIBLE_BUILDS=true @@ -28,34 +12,33 @@ ENV EZBAKE_VERSION="$version" ENV GEM_SOURCE=https://rubygems.org ENV LEIN_PROFILES=ezbake -LABEL org.label-schema.maintainer="Puppet Release Team " \ - org.label-schema.vendor="Puppet" \ - org.label-schema.url="https://github.com/puppetlabs/ezbake" \ - org.label-schema.name="ezbake" \ - org.label-schema.license="Apache-2.0" \ - org.label-schema.version="$EZBAKE_VERSION" \ - org.label-schema.vcs-url="https://github.com/puppetlabs/ezbake" \ - org.label-schema.vcs-ref="$vcs_ref" \ - org.label-schema.build-date="$build_date" \ - org.label-schema.schema-version="1.0" \ - org.label-schema.dockerfile="/Dockerfile" - -COPY --from=build /usr/local/bin /usr/local/bin -COPY --from=build /usr/local/include /usr/local/include -COPY --from=build /usr/local/lib /usr/local/lib -COPY --from=build /usr/local/share /usr/local/share - -RUN yum clean all && \ - yum install --assumeyes rpm-build java-1.8.0-openjdk-devel git curl ruby ruby-devel gcc-c++ make zlib-devel && \ - yum localinstall --assumeyes $sles_12_mirror/systemd-rpm-macros-3-8.374.noarch.rpm && \ - git config --global user.name "Puppet Release Team" && \ +LABEL org.opencontainers.image.title="ezbake" \ + org.opencontainers.image.vendor="Puppet" \ + org.opencontainers.image.url="$source_url" \ + org.opencontainers.image.version="$EZBAKE_VERSION" \ + org.opencontainers.image.source="$source_url" \ + org.opencontainers.image.revision="$vcs_ref" \ + org.opencontainers.image.created="$build_date" \ + org.opencontainers.image.documentation="$source_url/docker/README.md" \ + org.opencontainers.image.description="Build custom packages for projects using ezbake, including PuppetServer and PuppetDB" \ + org.opencontainers.image.authors="Puppet Release Team " \ + org.opencontainers.image.licenses="Apache-2.0" + +RUN apt-get update -q && \ + apt-get -y install --no-install-recommends build-essential rpm openjdk-17-jdk-headless git curl rsync && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* + +RUN git config --global user.name "Puppet Release Team" && \ git config --global user.email "release@puppet.com" + RUN curl --output /usr/local/bin/lein https://raw.githubusercontent.com/technomancy/leiningen/stable/bin/lein && \ chmod 0755 /usr/local/bin/lein && \ /usr/local/bin/lein + RUN gem install --no-doc bundler fpm && \ - mkdir /workspace && \ - mkdir /ezbake_src + mkdir /workspace /ezbake_src + COPY docker/ezbake/docker-entrypoint.sh / RUN chmod +x /docker-entrypoint.sh @@ -69,3 +52,4 @@ WORKDIR / ENTRYPOINT ["/docker-entrypoint.sh"] COPY docker/ezbake/Dockerfile / +RUN rm -rf /ezbake_src diff --git a/docker/ezbake/docker-entrypoint.sh b/docker/ezbake/docker-entrypoint.sh index 9a3f26c3..6c6ac758 100644 --- a/docker/ezbake/docker-entrypoint.sh +++ b/docker/ezbake/docker-entrypoint.sh @@ -3,22 +3,28 @@ set -e if [ -n "$EZBAKE_REPO" ]; then + echo "cloning $EZBAKE_REPO" git clone $EZBAKE_REPO /ezbake cd /ezbake if [ -n "$EZBAKE_BRANCH" ]; then + echo "checkout origin/$EZBAKE_BRANCH" git checkout origin/$EZBAKE_BRANCH elif [ -n "$EZBAKE_REF" ]; then + echo "checkout $EZBAKE_REF" git checkout $EZBAKE_REF fi lein clean && lein install fi if [ -n "$PROJECT_REPO" ]; then + echo "cloning $PROJECT_REPO" git clone $PROJECT_REPO /workspace cd /workspace if [ -n "$PROJECT_BRANCH" ]; then + echo "checkout $PROJECT_BRANCH" git checkout origin/$PROJECT_BRANCH elif [ -n "$PROJECT_REF" ]; then + echo "checkout $PROJECT_REF" git checkout $PROJECT_REF fi fi diff --git a/docker/spec/ezbake_spec.rb b/docker/spec/ezbake_spec.rb index 91cdfdbd..331fe3e0 100644 --- a/docker/spec/ezbake_spec.rb +++ b/docker/spec/ezbake_spec.rb @@ -30,18 +30,18 @@ def run_build(repo, branch) end it 'should be able to build puppetserver' do - result = run_build('https://github.com/puppetlabs/puppetserver', 'master') + result = run_build('https://github.com/puppetlabs/puppetserver', 'main') container = result[:stdout].chomp - wait_on_container_exit(container, 450) + wait_on_container_exit(container, 450) unless container.empty? expect(get_container_exit_code(container)).to eq(0) emit_log(container) teardown_container(container) end it 'should be able to build puppetdb' do - result = run_build('https://github.com/puppetlabs/puppetdb', 'master') + result = run_build('https://github.com/puppetlabs/puppetdb', 'main') container = result[:stdout].chomp - wait_on_container_exit(container, 450) + wait_on_container_exit(container, 450) unless container.empty? expect(get_container_exit_code(container)).to eq(0) emit_log(container) teardown_container(container) From f1e8bdcf8b247603c5167440ce3fdab84ada135e Mon Sep 17 00:00:00 2001 From: Jeffrey Clark Date: Sat, 20 Apr 2024 19:10:58 -0500 Subject: [PATCH 2/7] (maint) add java 17 to pr test --- .github/workflows/pr.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 18614b54..047f055f 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -1,13 +1,13 @@ name: PR testing -on: [push, pull_request] +on: [pull_request] jobs: test: runs-on: ubuntu-latest strategy: matrix: - java: [ '8', '11' ] + java: [ '8', '11', '17' ] env: LEIN_HOME: local @@ -15,7 +15,7 @@ jobs: steps: - uses: actions/checkout@master - name: setup java - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'temurin' java-version: ${{ matrix.java }} From e3d495197d8d803ef0c2621d5f36cb73afee8d11 Mon Sep 17 00:00:00 2001 From: Jeffrey Clark Date: Sun, 21 Apr 2024 11:14:30 -0500 Subject: [PATCH 3/7] (maint) skip mend workflow if not puppetlabs update dependencies and minor cleanup --- .github/workflows/mend.yaml | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/.github/workflows/mend.yaml b/.github/workflows/mend.yaml index 1044a7bb..9eef577c 100644 --- a/.github/workflows/mend.yaml +++ b/.github/workflows/mend.yaml @@ -4,21 +4,28 @@ on: push: branches: - main + +env: + MEND_API_KEY: ${{ secrets.MEND_API_KEY }} + MEND_TOKEN: ${{ secrets.MEND_TOKEN }} + SERVICE_KEY: ${{ secrets.TWINGATE_PUBLIC_REPO_KEY }} + jobs: build: runs-on: ubuntu-latest + if: github.repository_owner == 'puppetlabs' steps: - name: connect_twingate uses: twingate/github-action@v1 with: - service-key: ${{ secrets.TWINGATE_PUBLIC_REPO_KEY }} + service-key: ${{ env.SERVICE_KEY }} - name: checkout repo content - uses: actions/checkout@v2 # checkout the repository content to github runner. + uses: actions/checkout@v4 # checkout the repository content to github runner. with: fetch-depth: 1 # install java which is required for mend and clojure - name: setup java - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: temurin java-version: 17 @@ -45,8 +52,8 @@ jobs: - name: run mend run: env WS_INCLUDES=pom.xml java -jar wss-unified-agent.jar env: - WS_APIKEY: ${{ secrets.MEND_API_KEY }} + WS_APIKEY: ${{ env.MEND_API_KEY }} WS_WSS_URL: https://saas-eu.whitesourcesoftware.com/agent - WS_USERKEY: ${{ secrets.MEND_TOKEN }} + WS_USERKEY: ${{ env.MEND_TOKEN }} WS_PRODUCTNAME: Puppet Enterprise WS_PROJECTNAME: ${{ github.event.repository.name }} From 1dc43df49a0fca308b1a6e549a5a216a3c89ed7d Mon Sep 17 00:00:00 2001 From: Jeffrey Clark Date: Sat, 27 Apr 2024 02:43:32 -0500 Subject: [PATCH 4/7] (maint) automatically set custom ezbake version --- docker/ezbake/Dockerfile | 18 ++++++++++++------ docker/ezbake/docker-entrypoint.sh | 13 +++++++++++-- 2 files changed, 23 insertions(+), 8 deletions(-) diff --git a/docker/ezbake/Dockerfile b/docker/ezbake/Dockerfile index 1486eb30..497f15fe 100644 --- a/docker/ezbake/Dockerfile +++ b/docker/ezbake/Dockerfile @@ -8,14 +8,13 @@ ARG source_url ENV LANG="en_US.utf8" ENV EZBAKE_ALLOW_UNREPRODUCIBLE_BUILDS=true ENV EZBAKE_NODEPLOY=true -ENV EZBAKE_VERSION="$version" ENV GEM_SOURCE=https://rubygems.org ENV LEIN_PROFILES=ezbake LABEL org.opencontainers.image.title="ezbake" \ org.opencontainers.image.vendor="Puppet" \ org.opencontainers.image.url="$source_url" \ - org.opencontainers.image.version="$EZBAKE_VERSION" \ + org.opencontainers.image.version="$version" \ org.opencontainers.image.source="$source_url" \ org.opencontainers.image.revision="$vcs_ref" \ org.opencontainers.image.created="$build_date" \ @@ -48,8 +47,15 @@ WORKDIR /ezbake_src RUN lein clean && lein install WORKDIR / - -ENTRYPOINT ["/docker-entrypoint.sh"] - COPY docker/ezbake/Dockerfile / -RUN rm -rf /ezbake_src +RUN < .docker_build_args +rm -rf /ezbake_src +EOF + +ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/docker/ezbake/docker-entrypoint.sh b/docker/ezbake/docker-entrypoint.sh index 6c6ac758..2e0d8b54 100644 --- a/docker/ezbake/docker-entrypoint.sh +++ b/docker/ezbake/docker-entrypoint.sh @@ -2,6 +2,10 @@ set -e +source /.docker_build_args + +echo "Ezbake docker image $version, build $build_date, ref $vcs_ref, source $source_url" + if [ -n "$EZBAKE_REPO" ]; then echo "cloning $EZBAKE_REPO" git clone $EZBAKE_REPO /ezbake @@ -14,6 +18,10 @@ if [ -n "$EZBAKE_REPO" ]; then git checkout $EZBAKE_REF fi lein clean && lein install + + if [ -z "$EZBAKE_VERSION" ] ; then + export EZBAKE_VERSION=$(sed -rn 's@.*defproject .* "([^"]+)".*@\1@p' project.clj) + fi fi if [ -n "$PROJECT_REPO" ]; then @@ -33,8 +41,9 @@ cd /workspace if [ "$UPDATE_EZBAKE_VERSION" == 'true' ]; then if [ -z "$EZBAKE_VERSION" ]; then - echo '$EZBAKE_VERSION is required when $UPDATE_EZBAKE_VERSION=true' - exit 1 + # default to ezbake version in image + export EZBAKE_VERSION=$version + echo '$UPDATE_EZBAKE_VERSION=true but $EZBAKE_VERSION not set! Using ezbake version included in container image.' fi echo "Building with ezbake version $EZBAKE_VERSION" From 308f200ed1d4bc3e7c5f33d525e6e8e317f90021 Mon Sep 17 00:00:00 2001 From: Jeffrey Clark Date: Sat, 27 Apr 2024 03:10:46 -0500 Subject: [PATCH 5/7] (maint) ezbake docker quiet git checkout runtime --- docker/ezbake/Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docker/ezbake/Dockerfile b/docker/ezbake/Dockerfile index 497f15fe..675804b5 100644 --- a/docker/ezbake/Dockerfile +++ b/docker/ezbake/Dockerfile @@ -29,7 +29,10 @@ RUN apt-get update -q && \ rm -rf /var/lib/apt/lists/* RUN git config --global user.name "Puppet Release Team" && \ - git config --global user.email "release@puppet.com" + git config --global user.email "release@puppet.com" && \ + git config --global advice.detachedHead false && \ + git config --global --add safe.directory /workspace && \ + git config --global --add safe.directory /ezbak RUN curl --output /usr/local/bin/lein https://raw.githubusercontent.com/technomancy/leiningen/stable/bin/lein && \ chmod 0755 /usr/local/bin/lein && \ From cc3ae2aca6735a91eebc0c7e3c769ac79f29e894 Mon Sep 17 00:00:00 2001 From: Jeffrey Clark Date: Sat, 27 Apr 2024 00:46:21 -0500 Subject: [PATCH 6/7] (maint) silence usermod: no changes message --- .../lein-ezbake/template/global/ext/debian/preinst.erb | 2 +- .../lein-ezbake/template/global/ext/redhat/preinst.erb | 2 +- resources/puppetlabs/lein-ezbake/template/global/install.sh.erb | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/resources/puppetlabs/lein-ezbake/template/global/ext/debian/preinst.erb b/resources/puppetlabs/lein-ezbake/template/global/ext/debian/preinst.erb index d69e179e..b3c5c12e 100644 --- a/resources/puppetlabs/lein-ezbake/template/global/ext/debian/preinst.erb +++ b/resources/puppetlabs/lein-ezbake/template/global/ext/debian/preinst.erb @@ -14,7 +14,7 @@ if [ "$1" = install ] || [ "$1" = upgrade ]; then if getent passwd <%= EZBake::Config[:user] %> > /dev/null; then usermod --gid <%= EZBake::Config[:group] %> \ --home /opt/puppetlabs/server/data/<%= EZBake::Config[:real_name] %> \ - --comment "<%= EZBake::Config[:project] %> daemon" <%= EZBake::Config[:user] %> || : + --comment "<%= EZBake::Config[:project] %> daemon" <%= EZBake::Config[:user] %> > /dev/null || : else useradd -r --gid <%= EZBake::Config[:group] %> \ --home /opt/puppetlabs/server/data/<%= EZBake::Config[:real_name] %> --shell $(which nologin) \ diff --git a/resources/puppetlabs/lein-ezbake/template/global/ext/redhat/preinst.erb b/resources/puppetlabs/lein-ezbake/template/global/ext/redhat/preinst.erb index 0b985645..c7dabefb 100644 --- a/resources/puppetlabs/lein-ezbake/template/global/ext/redhat/preinst.erb +++ b/resources/puppetlabs/lein-ezbake/template/global/ext/redhat/preinst.erb @@ -11,7 +11,7 @@ getent group <%= EZBake::Config[:group] %> >/dev/null || groupadd --system --for # Add <%= EZBake::Config[:user] %> user if getent passwd <%= EZBake::Config[:user] %> > /dev/null; then usermod --gid <%= EZBake::Config[:group] %> --home %{_app_data} \ - --comment "<%= EZBake::Config[:project] %> daemon" <%= EZBake::Config[:user] %> || : + --comment "<%= EZBake::Config[:project] %> daemon" <%= EZBake::Config[:user] %> > /dev/null || : else useradd_options=('--system' '--gid' '<%= EZBake::Config[:group] %>' '--home' '%{_app_data}' '--shell' "$(which nologin)" '--comment' '<%= EZBake::Config[:project] %> daemon') <% unless EZBake::Config[:numeric_uid_gid].nil? -%> diff --git a/resources/puppetlabs/lein-ezbake/template/global/install.sh.erb b/resources/puppetlabs/lein-ezbake/template/global/install.sh.erb index e460d680..26109638 100755 --- a/resources/puppetlabs/lein-ezbake/template/global/install.sh.erb +++ b/resources/puppetlabs/lein-ezbake/template/global/install.sh.erb @@ -306,7 +306,7 @@ function task_service_account { # Add or update <%= EZBake::Config[:user] %> user if getent passwd <%= EZBake::Config[:user] %> > /dev/null; then usermod --gid <%= EZBake::Config[:group] %> --home "${app_data}" \ - --comment "<%= EZBake::Config[:project] %> daemon" <%= EZBake::Config[:user] %> || : + --comment "<%= EZBake::Config[:project] %> daemon" <%= EZBake::Config[:user] %> > /dev/null || : else useradd -r --gid <%= EZBake::Config[:group] %> --home "${app_data}" --shell $(which nologin) \ --comment "<%= EZBake::Config[:project] %> daemon" <%= EZBake::Config[:user] %> || : From 15a07f4c01986eb3358705bac036d2c688a9595a Mon Sep 17 00:00:00 2001 From: Jeffrey Clark Date: Sat, 27 Apr 2024 11:40:04 -0500 Subject: [PATCH 7/7] (maint) auto configure lein local-repo for caching between builds --- docker/README.md | 3 +++ docker/ezbake/docker-entrypoint.sh | 8 ++++++++ 2 files changed, 11 insertions(+) diff --git a/docker/README.md b/docker/README.md index 5465bd71..f1aff952 100644 --- a/docker/README.md +++ b/docker/README.md @@ -95,6 +95,9 @@ This container assumes that the code you're building will be in `/workspace`. Th will be copied into `/output` before the container terminates, and if you're building a custom ezbake that will be cloned into `/ezbake`. +If `/repo` is volume mapped, lein will automatically be configured to it as the local-repo. +Useful for saving the maven repository cache between builds. + 1. Run from a remotely accessible repo (github, gitlab, etc) This is by far the fastest build option, but does require the extra step of committing and pushing your code diff --git a/docker/ezbake/docker-entrypoint.sh b/docker/ezbake/docker-entrypoint.sh index 2e0d8b54..b20760aa 100644 --- a/docker/ezbake/docker-entrypoint.sh +++ b/docker/ezbake/docker-entrypoint.sh @@ -6,6 +6,14 @@ source /.docker_build_args echo "Ezbake docker image $version, build $build_date, ref $vcs_ref, source $source_url" +# setup maven repository cache +if [ -d /repo ] ; then + cp -na /root/.m2/repository/* /repo/ + rm -rf /root/.m2/repository + ln -s /repo /root/.m2/repository + echo '{:user {:local-repo "/repo"}}' > /root/.lein/profiles.clj +fi + if [ -n "$EZBAKE_REPO" ]; then echo "cloning $EZBAKE_REPO" git clone $EZBAKE_REPO /ezbake