-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add containerization for the ipa-tuura+Apache service #47
Conversation
c9f52e4
to
200c825
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi, @antoniotorresm In some repositories we have used this registry to not reach the pull limit from docker hub. Maybe you can consider the same.
And because of my fault a rebase on top of #48 would be needed to get better action results |
f68620a
to
d8b41a7
Compare
Weird, the automation does not pick the PR |
.github/workflows/gating.yaml
Outdated
@@ -64,7 +64,7 @@ jobs: | |||
${{ ( github.event_name != 'pull_request' && github.ref == 'refs/heads/main' && format('{0}:latest', env.IMAGE_REGISTRY_QUAY) ) || '' }} | |||
${{ ( github.event_name != 'pull_request' && github.ref_type == 'tag' && format('{0}:{1}', env.IMAGE_REGISTRY_QUAY, github.ref_name) ) || '' }} | |||
containerfiles: | | |||
./Dockerfile.test | |||
./Containerfile |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should keep using a Development mode container for gating workflow. Maybe we should improve the naming?
podman-compose.yaml
Outdated
@@ -0,0 +1,11 @@ | |||
version: "3" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this file can be just an example on how to deploy in production mode, I think we should set ENVVARS in addition, check:
src/conf/ipa.conf
Outdated
[alternate_names] | ||
# Extra domain names to associate with our cert | ||
# - These can be a mix of wildcard, IP address, subdomain, etc. | ||
DNS.1 = *.ipa.test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we need to think how to handle these hard-coded values.
src/conf/ipa.conf
Outdated
@@ -0,0 +1,71 @@ | |||
# Key: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
perhaps we could delete all comments and keep just the settigns.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks for the PR @antoniotorresm , I added few comments. I would also improve the commit message and include the issue ticket:
Related: #29
I'm not sure if we are ready to switch everything to prod. This PR could be just the configuration files so that it is simple to deploy in prod until we figure out how to test this mode.
740406f
to
9a588f4
Compare
I have restored the Dockerfile.test and moved the new Containerfile to a prod directory, in order to preserve the test environment. Added needed environment variables for Django to the podman-compose file as well. We can probably keep |
I think gating should use production Dockerfile whatever that means in |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@antoniotorresm added few comments.
Add Containerfile and podman-compose files that containerize ipa-tuura using Apache as HTTPS server. By running the podman-compose.yaml, the container is built and deployed with the needed port mapping and environment variables. Related: freeipa#29 Signed-off-by: Antonio Torres <antorres@redhat.com>
Thanks, pushed requested changes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
Add Containerfile and podman-compose files that containerize ipa-tuura using httpd as HTTPS server. This replaces the previous Dockerfile.test, using Apache HTTPS server instead of the insecure built-in Django HTTP server.
By running the podman-compose.yaml, the container is built and deployed with the needed port mapping.