Add containerization for the ipa-tuura+Apache service #47
Conversation
antoniotorresm
force-pushed
the
podman
branch
2 times, most recently
from
c9f52e4
to
200c825
Compare
There was a problem hiding this comment.
Hi, @antoniotorresm In some repositories we have used this registry to not reach the pull limit from docker hub. Maybe you can consider the same.
|
And because of my fault a rebase on top of #48 would be needed to get better action results |
antoniotorresm
force-pushed
the
podman
branch
2 times, most recently
from
f68620a
to
d8b41a7
Compare
|
Weird, the automation does not pick the PR |
.github/workflows/gating.yaml
Outdated
| @@ -64,7 +64,7 @@ jobs: | |||
| ${{ ( github.event_name != 'pull_request' && github.ref == 'refs/heads/main' && format('{0}:latest', env.IMAGE_REGISTRY_QUAY) ) || '' }} | |||
| ${{ ( github.event_name != 'pull_request' && github.ref_type == 'tag' && format('{0}:{1}', env.IMAGE_REGISTRY_QUAY, github.ref_name) ) || '' }} | |||
| containerfiles: | | |||
| ./Dockerfile.test | |||
| ./Containerfile | |||
There was a problem hiding this comment.
I think we should keep using a Development mode container for gating workflow. Maybe we should improve the naming?
podman-compose.yaml
Outdated
| @@ -0,0 +1,11 @@ | |||
| version: "3" | |||
There was a problem hiding this comment.
this file can be just an example on how to deploy in production mode, I think we should set ENVVARS in addition, check:
src/conf/ipa.conf
Outdated
| [alternate_names] | ||
| # Extra domain names to associate with our cert | ||
| # - These can be a mix of wildcard, IP address, subdomain, etc. | ||
| DNS.1 = *.ipa.test |
There was a problem hiding this comment.
we need to think how to handle these hard-coded values.
src/conf/ipa.conf
Outdated
| @@ -0,0 +1,71 @@ | |||
| # Key: | |||
There was a problem hiding this comment.
perhaps we could delete all comments and keep just the settigns.
There was a problem hiding this comment.
thanks for the PR @antoniotorresm , I added few comments. I would also improve the commit message and include the issue ticket:
Related: #29
I'm not sure if we are ready to switch everything to prod. This PR could be just the configuration files so that it is simple to deploy in prod until we figure out how to test this mode.
antoniotorresm
force-pushed
the
podman
branch
2 times, most recently
from
740406f
to
9a588f4
Compare
|
I have restored the Dockerfile.test and moved the new Containerfile to a prod directory, in order to preserve the test environment. Added needed environment variables for Django to the podman-compose file as well. We can probably keep |
|
I think gating should use production Dockerfile whatever that means in |
Add Containerfile and podman-compose files that containerize ipa-tuura using Apache as HTTPS server. By running the podman-compose.yaml, the container is built and deployed with the needed port mapping and environment variables. Related: freeipa#29 Signed-off-by: Antonio Torres <antorres@redhat.com>
|
Thanks, pushed requested changes. |
Add Containerfile and podman-compose files that containerize ipa-tuura using httpd as HTTPS server. This replaces the previous Dockerfile.test, using Apache HTTPS server instead of the insecure built-in Django HTTP server.
By running the podman-compose.yaml, the container is built and deployed with the needed port mapping.