From 7a40919688530fe51c29f6afcbaf2fb87c77b144 Mon Sep 17 00:00:00 2001 From: Ziming Zhang Date: Fri, 16 Aug 2019 15:25:24 +0800 Subject: [PATCH] optimized cicd Change-Id: I1f40391b790a329c470d8de39278f834c132fc95 Signed-off-by: Ziming Zhang --- .travis.yml | 18 +++--- build_base_docker.sh | 13 ++++ make/photon/Makefile | 7 +++ make/photon/chartserver/Dockerfile | 8 +-- make/photon/chartserver/Dockerfile-base | 8 +++ make/photon/clair/Dockerfile | 8 +-- make/photon/clair/Dockerfile-base | 8 +++ make/photon/core/Dockerfile | 7 +-- make/photon/core/Dockerfile-base | 6 ++ make/photon/db/Dockerfile | 20 +------ make/photon/db/Dockerfile-base | 19 ++++++ make/photon/jobservice/Dockerfile | 6 +- make/photon/jobservice/Dockerfile-base | 5 ++ make/photon/log/Dockerfile | 7 +-- make/photon/log/Dockerfile-base | 6 ++ make/photon/nginx/Dockerfile | 10 +--- make/photon/nginx/Dockerfile-base | 9 +++ make/photon/portal/Dockerfile | 13 +--- make/photon/portal/Dockerfile-base | 8 +++ make/photon/prepare/Dockerfile | 10 ++-- make/photon/prepare/Dockerfile-base | 8 +++ .../templates/nginx/nginx.https.conf.jinja | 2 +- make/photon/prepare/utils/docker_compose.py | 1 + make/photon/prepare/utils/nginx.py | 1 + make/photon/redis/Dockerfile | 4 +- make/photon/redis/Dockerfile-base | 3 + make/photon/registry/Dockerfile | 11 +--- make/photon/registry/Dockerfile-base | 8 +++ make/photon/registryctl/Dockerfile | 10 +--- make/photon/registryctl/Dockerfile-base | 7 +++ showtime.sh | 13 ++++ tests/cicd/.gitignore | 1 + tests/cicd/fixcicdharbor.py | 48 +++++++++++++++ tests/cicd/startcicdharbor.sh | 59 +++++++++++++++++++ tests/cicd/stopcicdharbor.sh | 9 +++ tests/travis/api_common_install.sh | 1 + tests/travis/api_run.sh | 1 + tests/travis/distro_installer.sh | 1 + tests/travis/ut_install.sh | 1 + tests/travis/ut_run.sh | 1 + 40 files changed, 280 insertions(+), 106 deletions(-) create mode 100755 build_base_docker.sh create mode 100644 make/photon/chartserver/Dockerfile-base create mode 100644 make/photon/clair/Dockerfile-base create mode 100644 make/photon/core/Dockerfile-base create mode 100644 make/photon/db/Dockerfile-base create mode 100644 make/photon/jobservice/Dockerfile-base create mode 100644 make/photon/log/Dockerfile-base create mode 100644 make/photon/nginx/Dockerfile-base create mode 100644 make/photon/portal/Dockerfile-base create mode 100644 make/photon/prepare/Dockerfile-base create mode 100644 make/photon/redis/Dockerfile-base create mode 100644 make/photon/registry/Dockerfile-base create mode 100644 make/photon/registryctl/Dockerfile-base create mode 100755 showtime.sh create mode 100644 tests/cicd/.gitignore create mode 100755 tests/cicd/fixcicdharbor.py create mode 100755 tests/cicd/startcicdharbor.sh create mode 100755 tests/cicd/stopcicdharbor.sh mode change 100644 => 100755 tests/travis/api_common_install.sh mode change 100644 => 100755 tests/travis/api_run.sh mode change 100644 => 100755 tests/travis/ut_install.sh diff --git a/.travis.yml b/.travis.yml index be4508a9720..ddc8ad2d22a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -34,7 +34,7 @@ env: - CORE_SECRET: tempString - KEY_PATH: "/data/secret/keys/secretkey" - REDIS_HOST: localhost - - REG_VERSION: v2.7.1 + - REG_VERSION: v2.7.1-patch-2819 - UI_BUILDER_VERSION: 1.6.0 - TOKEN_PRIVATE_KEY_PATH: "/home/travis/gopath/src/github.com/goharbor/harbor/tests/private_key.pem" addons: @@ -52,15 +52,17 @@ before_install: - IP=`ip addr s eth0 |grep "inet "|awk '{print $2}' |awk -F "/" '{print $1}'` - sudo sed -i '$a DOCKER_OPTS=\"--insecure-registry '$IP':5000\"' /etc/default/docker - export IP=$IP +- sudo cp ./tests/harbor_ca.crt /usr/local/share/ca-certificates/ +- sudo update-ca-certificates - sudo service docker restart install: -- if [ "$UTTEST" == true ]; then bash ./tests/travis/ut_install.sh ; fi -- if [ "$APITEST_DB" == true ]; then bash ./tests/travis/api_common_install.sh $IP +- if [ "$UTTEST" == true ]; then bash ./showtime.sh ./tests/travis/ut_install.sh ; fi +- if [ "$APITEST_DB" == true ]; then bash ./showtime.sh ./tests/travis/api_common_install.sh $IP DB; fi -- if [ "$APITEST_LDAP" == true ]; then bash ./tests/travis/api_common_install.sh $IP +- if [ "$APITEST_LDAP" == true ]; then bash ./showtime.sh ./tests/travis/api_common_install.sh $IP LDAP; fi script: -- if [ "$UTTEST" == true ]; then bash ./tests/travis/ut_run.sh $IP; fi -- if [ "$APITEST_DB" == true ]; then bash ./tests/travis/api_run.sh DB $IP; fi -- if [ "$APITEST_LDAP" == true ]; then bash ./tests/travis/api_run.sh LDAP $IP; fi -- if [ "$OFFLINE" == true ]; then bash ./tests/travis/distro_installer.sh; fi +- if [ "$UTTEST" == true ]; then bash ./showtime.sh ./tests/travis/ut_run.sh $IP; fi +- if [ "$APITEST_DB" == true ]; then bash ./showtime.sh ./tests/travis/api_run.sh DB $IP; fi +- if [ "$APITEST_LDAP" == true ]; then bash ./showtime.sh ./tests/travis/api_run.sh LDAP $IP; fi +- if [ "$OFFLINE" == true ]; then bash ./showtime.sh ./tests/travis/distro_installer.sh; fi diff --git a/build_base_docker.sh b/build_base_docker.sh new file mode 100755 index 00000000000..5ab8b2dbd4c --- /dev/null +++ b/build_base_docker.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +DOCKERCMD=docker +CICDHOST=cicd.harbor.bitsf.xin +DOCKERFILEPATH=make/photon + +${DOCKERCMD} login ${CICDHOST} || exit 2 +for name in chartserver clair core db jobservice log nginx portal prepare redis registry registryctl; do + echo building $name base docker image + $DOCKERCMD build -f $DOCKERFILEPATH/$name/Dockerfile-base -t $CICDHOST/harbor-depend/$name:base . && \ + $DOCKERCMD push $CICDHOST/harbor-depend/$name:base + if [ "$?" != "0" ]; then exit 1; fi +done diff --git a/make/photon/Makefile b/make/photon/Makefile index 8481fd7a7d6..42d1ac3a904 100644 --- a/make/photon/Makefile +++ b/make/photon/Makefile @@ -97,6 +97,13 @@ CHART_SERVER_CODE_BASE=github.com/helm/chartmuseum CHART_SERVER_MAIN_PATH=cmd/chartmuseum CHART_SERVER_BIN_NAME=chartm +build_base_docker: + for name in chartserver clair common core db jobservice log nginx notary portal prepare redis registry registryctl; do \ + echo $(name) ; \ + $(DOCKERBUILD) -f $(DOCKERFILEPATH)/$(name) -t cicd.harbor.bitsf.xin/harbor-depend/$(name):base . ; \ + $(DOCKERBUILD) push cicd.harbor.bitsf.xin/harbor-depend/$(name):base ; \ + done + _build_prepare: @echo "building prepare container for photon..." @$(DOCKERBUILD) -f $(DOCKERFILEPATH_PREPARE)/$(DOCKERFILENAME_PREPARE) -t $(DOCKERIMAGENAME_PREPARE):$(VERSIONTAG) . diff --git a/make/photon/chartserver/Dockerfile b/make/photon/chartserver/Dockerfile index 3ff8922216d..64811331b4e 100644 --- a/make/photon/chartserver/Dockerfile +++ b/make/photon/chartserver/Dockerfile @@ -1,11 +1,5 @@ -FROM photon:2.0 +FROM cicd.harbor.bitsf.xin/harbor-depend/chartserver:base -RUN tdnf install -y shadow sudo >>/dev/null\ - && tdnf clean all \ - && mkdir /chartserver/ \ - && mkdir /harbor/ \ - && groupadd -r -g 10000 chartuser \ - && useradd --no-log-init -m -r -g 10000 -u 10000 chartuser COPY ./make/photon/chartserver/binary/chartm /chartserver/ COPY ./make/photon/chartserver/docker-entrypoint.sh /docker-entrypoint.sh COPY ./make/photon/common/install_cert.sh /harbor diff --git a/make/photon/chartserver/Dockerfile-base b/make/photon/chartserver/Dockerfile-base new file mode 100644 index 00000000000..699af0f4c22 --- /dev/null +++ b/make/photon/chartserver/Dockerfile-base @@ -0,0 +1,8 @@ +FROM photon:2.0 + +RUN tdnf install -y shadow sudo >>/dev/null\ + && tdnf clean all \ + && mkdir /chartserver/ \ + && mkdir /harbor/ \ + && groupadd -r -g 10000 chartuser \ + && useradd --no-log-init -m -r -g 10000 -u 10000 chartuser \ No newline at end of file diff --git a/make/photon/clair/Dockerfile b/make/photon/clair/Dockerfile index 8ec5c732e28..15f04dc7319 100644 --- a/make/photon/clair/Dockerfile +++ b/make/photon/clair/Dockerfile @@ -1,11 +1,5 @@ -FROM photon:2.0 +FROM cicd.harbor.bitsf.xin/harbor-depend/clair:base -RUN tdnf install -y git shadow sudo rpm xz python-xml >>/dev/null\ - && tdnf clean all \ - && mkdir /clair/ \ - && mkdir /harbor \ - && groupadd -r -g 10000 clair \ - && useradd --no-log-init -m -r -g 10000 -u 10000 clair COPY ./make/photon/clair/binary/clair /clair/ COPY ./make/photon/clair/docker-entrypoint.sh /docker-entrypoint.sh COPY ./make/photon/clair/dumb-init /dumb-init diff --git a/make/photon/clair/Dockerfile-base b/make/photon/clair/Dockerfile-base new file mode 100644 index 00000000000..d2d14275735 --- /dev/null +++ b/make/photon/clair/Dockerfile-base @@ -0,0 +1,8 @@ +FROM photon:2.0 + +RUN tdnf install -y git shadow sudo rpm xz python-xml >>/dev/null\ + && tdnf clean all \ + && mkdir /clair/ \ + && mkdir /harbor \ + && groupadd -r -g 10000 clair \ + && useradd --no-log-init -m -r -g 10000 -u 10000 clair \ No newline at end of file diff --git a/make/photon/core/Dockerfile b/make/photon/core/Dockerfile index d585a98ee89..6f10e58f7b1 100644 --- a/make/photon/core/Dockerfile +++ b/make/photon/core/Dockerfile @@ -1,9 +1,4 @@ -FROM photon:2.0 - -RUN tdnf install sudo tzdata -y >> /dev/null \ - && tdnf clean all \ - && groupadd -r -g 10000 harbor && useradd --no-log-init -r -g 10000 -u 10000 harbor \ - && mkdir /harbor/ +FROM cicd.harbor.bitsf.xin/harbor-depend/core:base HEALTHCHECK CMD curl --fail -s http://127.0.0.1:8080/api/ping || exit 1 COPY ./make/photon/core/harbor_core ./UIVERSION /harbor/ diff --git a/make/photon/core/Dockerfile-base b/make/photon/core/Dockerfile-base new file mode 100644 index 00000000000..36be39b731d --- /dev/null +++ b/make/photon/core/Dockerfile-base @@ -0,0 +1,6 @@ +FROM photon:2.0 + +RUN tdnf install sudo tzdata -y >> /dev/null\ + && tdnf clean all \ + && groupadd -r -g 10000 harbor && useradd --no-log-init -r -g 10000 -u 10000 harbor \ + && mkdir /harbor/ diff --git a/make/photon/db/Dockerfile b/make/photon/db/Dockerfile index e9d765393b7..72d9c422cd6 100644 --- a/make/photon/db/Dockerfile +++ b/make/photon/db/Dockerfile @@ -1,22 +1,4 @@ -FROM photon:2.0 - -ENV PGDATA /var/lib/postgresql/data - -RUN tdnf install -y shadow gzip postgresql >> /dev/null\ - && groupadd -r postgres --gid=999 \ - && useradd -m -r -g postgres --uid=999 postgres \ - && mkdir -p /docker-entrypoint-initdb.d \ - && mkdir -p /run/postgresql \ - && chown -R postgres:postgres /run/postgresql \ - && chmod 2777 /run/postgresql \ - && mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" \ - && sed -i "s|#listen_addresses = 'localhost'.*|listen_addresses = '*'|g" /usr/share/postgresql/postgresql.conf.sample \ - && sed -i "s|#unix_socket_directories = '/tmp'.*|unix_socket_directories = '/run/postgresql'|g" /usr/share/postgresql/postgresql.conf.sample \ - && tdnf clean all - -RUN tdnf erase -y toybox && tdnf install -y util-linux net-tools - -VOLUME /var/lib/postgresql/data +FROM cicd.harbor.bitsf.xin/harbor-depend/db:base COPY ./make/photon/db/docker-entrypoint.sh /docker-entrypoint.sh COPY ./make/photon/db/docker-healthcheck.sh /docker-healthcheck.sh diff --git a/make/photon/db/Dockerfile-base b/make/photon/db/Dockerfile-base new file mode 100644 index 00000000000..652d885de54 --- /dev/null +++ b/make/photon/db/Dockerfile-base @@ -0,0 +1,19 @@ +FROM photon:2.0 + +ENV PGDATA /var/lib/postgresql/data + +RUN tdnf install -y shadow gzip postgresql >> /dev/null\ + && groupadd -r postgres --gid=999 \ + && useradd -m -r -g postgres --uid=999 postgres \ + && mkdir -p /docker-entrypoint-initdb.d \ + && mkdir -p /run/postgresql \ + && chown -R postgres:postgres /run/postgresql \ + && chmod 2777 /run/postgresql \ + && mkdir -p "$PGDATA" && chown -R postgres:postgres "$PGDATA" && chmod 777 "$PGDATA" \ + && sed -i "s|#listen_addresses = 'localhost'.*|listen_addresses = '*'|g" /usr/share/postgresql/postgresql.conf.sample \ + && sed -i "s|#unix_socket_directories = '/tmp'.*|unix_socket_directories = '/run/postgresql'|g" /usr/share/postgresql/postgresql.conf.sample \ + && tdnf clean all + +RUN tdnf erase -y toybox && tdnf install -y util-linux net-tools + +VOLUME /var/lib/postgresql/data diff --git a/make/photon/jobservice/Dockerfile b/make/photon/jobservice/Dockerfile index 1ee9277ddaf..d0692b8cda1 100644 --- a/make/photon/jobservice/Dockerfile +++ b/make/photon/jobservice/Dockerfile @@ -1,8 +1,4 @@ -FROM photon:2.0 - -RUN tdnf install sudo tzdata -y >> /dev/null \ - && tdnf clean all \ - && groupadd -r -g 10000 harbor && useradd --no-log-init -r -g 10000 -u 10000 harbor +FROM cicd.harbor.bitsf.xin/harbor-depend/jobservice:base COPY ./make/photon/jobservice/harbor_jobservice /harbor/ diff --git a/make/photon/jobservice/Dockerfile-base b/make/photon/jobservice/Dockerfile-base new file mode 100644 index 00000000000..bc5bd949306 --- /dev/null +++ b/make/photon/jobservice/Dockerfile-base @@ -0,0 +1,5 @@ +FROM photon:2.0 + +RUN tdnf install sudo tzdata -y >> /dev/null\ + && tdnf clean all \ + && groupadd -r -g 10000 harbor && useradd --no-log-init -r -g 10000 -u 10000 harbor \ No newline at end of file diff --git a/make/photon/log/Dockerfile b/make/photon/log/Dockerfile index 6eb00bed141..2b026c8dba3 100644 --- a/make/photon/log/Dockerfile +++ b/make/photon/log/Dockerfile @@ -1,9 +1,4 @@ -FROM photon:2.0 - -RUN tdnf install -y cronie rsyslog logrotate shadow tar gzip sudo >> /dev/null\ - && mkdir /var/spool/rsyslog \ - && groupadd -r -g 10000 syslog && useradd --no-log-init -r -g 10000 -u 10000 syslog \ - && tdnf clean all +FROM cicd.harbor.bitsf.xin/harbor-depend/log:base COPY ./make/photon/log/rsyslog.conf /etc/rsyslog.conf diff --git a/make/photon/log/Dockerfile-base b/make/photon/log/Dockerfile-base new file mode 100644 index 00000000000..96f9cc17d11 --- /dev/null +++ b/make/photon/log/Dockerfile-base @@ -0,0 +1,6 @@ +FROM photon:2.0 + +RUN tdnf install -y cronie rsyslog logrotate shadow tar gzip sudo >> /dev/null\ + && mkdir /var/spool/rsyslog \ + && groupadd -r -g 10000 syslog && useradd --no-log-init -r -g 10000 -u 10000 syslog \ + && tdnf clean all \ No newline at end of file diff --git a/make/photon/nginx/Dockerfile b/make/photon/nginx/Dockerfile index 902107205df..5b7f555168f 100644 --- a/make/photon/nginx/Dockerfile +++ b/make/photon/nginx/Dockerfile @@ -1,12 +1,4 @@ -FROM photon:2.0 - -RUN tdnf install sudo nginx -y >> /dev/null\ - && tdnf clean all \ - && groupadd -r -g 10000 nginx && useradd --no-log-init -r -g 10000 -u 10000 nginx \ - && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log - -VOLUME /var/cache/nginx /var/log/nginx /run +FROM cicd.harbor.bitsf.xin/harbor-depend/nginx:base EXPOSE 8080 diff --git a/make/photon/nginx/Dockerfile-base b/make/photon/nginx/Dockerfile-base new file mode 100644 index 00000000000..25f95055e98 --- /dev/null +++ b/make/photon/nginx/Dockerfile-base @@ -0,0 +1,9 @@ +FROM photon:2.0 + +RUN tdnf install sudo nginx -y >> /dev/null\ + && tdnf clean all \ + && groupadd -r -g 10000 nginx && useradd --no-log-init -r -g 10000 -u 10000 nginx \ + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log + +VOLUME /var/cache/nginx /var/log/nginx /run \ No newline at end of file diff --git a/make/photon/portal/Dockerfile b/make/photon/portal/Dockerfile index 9f71410f70d..617c978f069 100644 --- a/make/photon/portal/Dockerfile +++ b/make/photon/portal/Dockerfile @@ -17,22 +17,15 @@ RUN cp -r /portal_src/* /build_dir \ && npm run release -FROM photon:2.0 +FROM cicd.harbor.bitsf.xin/harbor-depend/portal:base + +COPY make/photon/portal/nginx.conf /etc/nginx/nginx.conf COPY --from=nodeportal /build_dir/dist /usr/share/nginx/html COPY --from=nodeportal /build_dir/swagger.yaml /usr/share/nginx/html COPY --from=nodeportal /build_dir/swagger.json /usr/share/nginx/html COPY --from=nodeportal /build_dir/LICENSE /usr/share/nginx/html -COPY make/photon/portal/nginx.conf /etc/nginx/nginx.conf - -RUN tdnf install -y nginx sudo >> /dev/null \ - && ln -sf /dev/stdout /var/log/nginx/access.log \ - && ln -sf /dev/stderr /var/log/nginx/error.log \ - && groupadd -r -g 10000 nginx && useradd --no-log-init -r -g 10000 -u 10000 nginx \ - && chown -R nginx:nginx /etc/nginx \ - && tdnf clean all - EXPOSE 8080 VOLUME /var/cache/nginx /var/log/nginx /run diff --git a/make/photon/portal/Dockerfile-base b/make/photon/portal/Dockerfile-base new file mode 100644 index 00000000000..28d4a036fe4 --- /dev/null +++ b/make/photon/portal/Dockerfile-base @@ -0,0 +1,8 @@ +FROM photon:2.0 + +RUN tdnf install -y nginx sudo >> /dev/null \ + && ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ + && groupadd -r -g 10000 nginx && useradd --no-log-init -r -g 10000 -u 10000 nginx \ + && chown -R nginx:nginx /etc/nginx \ + && tdnf clean all \ No newline at end of file diff --git a/make/photon/prepare/Dockerfile b/make/photon/prepare/Dockerfile index 58e8430c4e9..05f6ce3fe36 100644 --- a/make/photon/prepare/Dockerfile +++ b/make/photon/prepare/Dockerfile @@ -1,4 +1,4 @@ -FROM photon:2.0 +FROM cicd.harbor.bitsf.xin/harbor-depend/prepare:base ENV LANG en_US.UTF-8 @@ -6,13 +6,11 @@ WORKDIR /usr/src/app RUN mkdir -p /harbor_make -RUN tdnf install -y python3 \ - && tdnf install -y python3-pip -RUN pip3 install pipenv==2018.11.26 - COPY make/photon/prepare /usr/src/app RUN set -ex && pipenv install --deploy --system ENTRYPOINT [ "python3", "main.py" ] -VOLUME ["/harbor_make"] \ No newline at end of file +VOLUME ["/harbor_make"] + +COPY make/harbor.yml /input/harbor.yml diff --git a/make/photon/prepare/Dockerfile-base b/make/photon/prepare/Dockerfile-base new file mode 100644 index 00000000000..40f541b6e40 --- /dev/null +++ b/make/photon/prepare/Dockerfile-base @@ -0,0 +1,8 @@ +FROM photon:2.0 + +ENV LANG en_US.UTF-8 + +RUN tdnf install -y python3 \ + && tdnf install -y python3-pip +RUN pip3 install pipenv==2018.11.26 + diff --git a/make/photon/prepare/templates/nginx/nginx.https.conf.jinja b/make/photon/prepare/templates/nginx/nginx.https.conf.jinja index e4ac93078d2..6a7cc331628 100644 --- a/make/photon/prepare/templates/nginx/nginx.https.conf.jinja +++ b/make/photon/prepare/templates/nginx/nginx.https.conf.jinja @@ -150,6 +150,6 @@ http { server { listen 8080; #server_name harbordomain.com; - return 308 https://$host$request_uri; + return 308 https://{{https_redirect}}$request_uri; } } diff --git a/make/photon/prepare/utils/docker_compose.py b/make/photon/prepare/utils/docker_compose.py index 648d6b979e3..e4cfa67d978 100644 --- a/make/photon/prepare/utils/docker_compose.py +++ b/make/photon/prepare/utils/docker_compose.py @@ -6,6 +6,7 @@ docker_compose_template_path = os.path.join(templates_dir, 'docker_compose', 'docker-compose.yml.jinja') docker_compose_yml_path = '/compose_location/docker-compose.yml' +os.makedirs('/compose_location',exist_ok=True) # render docker-compose def prepare_docker_compose(configs, with_clair, with_notary, with_chartmuseum): diff --git a/make/photon/prepare/utils/nginx.py b/make/photon/prepare/utils/nginx.py index 0d111744835..ae1f4003abd 100644 --- a/make/photon/prepare/utils/nginx.py +++ b/make/photon/prepare/utils/nginx.py @@ -59,6 +59,7 @@ def render_nginx_template(config_dict): nginx_conf, uid=DEFAULT_UID, gid=DEFAULT_GID, + https_redirect='$host' + ('https_port' in config_dict and (":" + str(config_dict['https_port'])) or ""), ssl_cert=SSL_CERT_PATH, ssl_cert_key=SSL_CERT_KEY_PATH) location_file_pattern = CUSTOM_NGINX_LOCATION_FILE_PATTERN_HTTPS diff --git a/make/photon/redis/Dockerfile b/make/photon/redis/Dockerfile index a90873b4b56..950b6bf55ba 100644 --- a/make/photon/redis/Dockerfile +++ b/make/photon/redis/Dockerfile @@ -1,6 +1,4 @@ -FROM photon:2.0 - -RUN tdnf install -y redis sudo +FROM cicd.harbor.bitsf.xin/harbor-depend/redis:base VOLUME /var/lib/redis WORKDIR /var/lib/redis diff --git a/make/photon/redis/Dockerfile-base b/make/photon/redis/Dockerfile-base new file mode 100644 index 00000000000..c670d7482c9 --- /dev/null +++ b/make/photon/redis/Dockerfile-base @@ -0,0 +1,3 @@ +FROM photon:2.0 + +RUN tdnf install -y redis sudo diff --git a/make/photon/registry/Dockerfile b/make/photon/registry/Dockerfile index b21cfe4bc2e..908abca837a 100644 --- a/make/photon/registry/Dockerfile +++ b/make/photon/registry/Dockerfile @@ -1,13 +1,4 @@ -FROM photon:2.0 - -MAINTAINER wangyan@vmware.com - -# The original script in the docker offical registry image. -RUN tdnf install sudo -y >> /dev/null\ - && tdnf clean all \ - && mkdir /harbor/ \ - && mkdir -p /etc/registry \ - && groupadd -r -g 10000 harbor && useradd --no-log-init -r -g 10000 -u 10000 harbor +FROM cicd.harbor.bitsf.xin/harbor-depend/registry:base COPY ./make/photon/common/install_cert.sh /harbor COPY ./make/photon/registry/entrypoint.sh / diff --git a/make/photon/registry/Dockerfile-base b/make/photon/registry/Dockerfile-base new file mode 100644 index 00000000000..95980f90cbf --- /dev/null +++ b/make/photon/registry/Dockerfile-base @@ -0,0 +1,8 @@ +FROM photon:2.0 + +# The original script in the docker offical registry image. +RUN tdnf install sudo -y >> /dev/null\ + && tdnf clean all \ + && mkdir /harbor/ \ + && mkdir -p /etc/registry \ + && groupadd -r -g 10000 harbor && useradd --no-log-init -r -g 10000 -u 10000 harbor diff --git a/make/photon/registryctl/Dockerfile b/make/photon/registryctl/Dockerfile index f1cef2afb86..8e8b9ce8c2c 100644 --- a/make/photon/registryctl/Dockerfile +++ b/make/photon/registryctl/Dockerfile @@ -1,12 +1,4 @@ -FROM photon:2.0 - -MAINTAINER wangyan@vmware.com - -RUN tdnf install sudo -y >> /dev/null \ - && tdnf clean all \ - && groupadd -r -g 10000 harbor && useradd --no-log-init -r -g 10000 -u 10000 harbor \ - && mkdir -p /etc/registry \ - && mkdir /harbor/ +FROM cicd.harbor.bitsf.xin/harbor-depend/registryctl:base COPY ./make/photon/common/install_cert.sh /harbor COPY ./make/photon/registry/binary/registry /usr/bin diff --git a/make/photon/registryctl/Dockerfile-base b/make/photon/registryctl/Dockerfile-base new file mode 100644 index 00000000000..e4a6e541c8e --- /dev/null +++ b/make/photon/registryctl/Dockerfile-base @@ -0,0 +1,7 @@ +FROM photon:2.0 + +RUN tdnf install sudo -y >> /dev/null \ + && tdnf clean all \ + && groupadd -r -g 10000 harbor && useradd --no-log-init -r -g 10000 -u 10000 harbor \ + && mkdir -p /etc/registry \ + && mkdir /harbor/ \ No newline at end of file diff --git a/showtime.sh b/showtime.sh new file mode 100755 index 00000000000..8215ec8c82f --- /dev/null +++ b/showtime.sh @@ -0,0 +1,13 @@ +#/bin/env bash + +if [ ! -z "$*" ]; then + $@ 2>&1 | while read line;do + echo $(date +"%T") $line + done + exit ${PIPESTATUS[0]} +else + while read line;do + echo $(date +"%T") $line + done + echo ret $? +fi diff --git a/tests/cicd/.gitignore b/tests/cicd/.gitignore new file mode 100644 index 00000000000..a31aedb8b96 --- /dev/null +++ b/tests/cicd/.gitignore @@ -0,0 +1 @@ +build.* diff --git a/tests/cicd/fixcicdharbor.py b/tests/cicd/fixcicdharbor.py new file mode 100755 index 00000000000..62640d161e5 --- /dev/null +++ b/tests/cicd/fixcicdharbor.py @@ -0,0 +1,48 @@ +#!/usr/bin/env python3 + +import yaml,os +print("fix cicd harbor") + +config=yaml.load(open('/input/harbor.yml')) +config['hostname']=os.environ.get('IP', '127.0.0.1') +config['data_volume']=os.environ.get('data_volume', '/data') +config['http']['port']=os.environ.get('HTTP_PORT', 80) +config['https']={} +config['https']['port']=os.environ.get('HTTPS_PORT', 443) +config['https']['certificate']=os.environ.get('certificate', '/cert/server.crt') +config['https']['private_key']=os.environ.get('private_key', '/cert/server.key') +config['log']['local']['location']=os.environ.get('data_volume', '/data')+'/logs' + +yaml.dump(config, open('/input/harbor.yml', 'w+')) + +versions=yaml.load(open('versions')) +versions['VERSION_TAG']=os.environ.get('TAG', 'dev') +yaml.dump(versions, open('versions', 'w+')) + +import main +try: + main.main() +except SystemExit as e: + if e.code != 0: + raise e + +compose=yaml.load(open('/compose_location/docker-compose.yml')) +NAMESPACE=os.environ.get('NAMESPACE', 'goharbor') +for s in compose['services'].values(): + s['image']=s['image'].replace('goharbor'+"/", NAMESPACE+'/') + s['container_name']=s['container_name']+"-"+versions['VERSION_TAG'] + if type(s['networks'])==dict: + nn={} + for n in s['networks']: + nn[n+"-"+versions['VERSION_TAG']]=s['networks'][n] + s['networks']=nn + else: + nn=[] + for n in s['networks']: + nn.append(n+"-"+versions['VERSION_TAG']) + s['networks']=nn +nn={} +for n in compose['networks']: + nn[n+"-"+versions['VERSION_TAG']]=compose['networks'][n] +compose['networks']=nn +yaml.dump(compose, open('/compose_location/docker-compose.yml', 'w+')) diff --git a/tests/cicd/startcicdharbor.sh b/tests/cicd/startcicdharbor.sh new file mode 100755 index 00000000000..44a86b927cf --- /dev/null +++ b/tests/cicd/startcicdharbor.sh @@ -0,0 +1,59 @@ +#!/usr/bin/env bash + +if [ -z "$2" ];then echo "$0 [http_port] [https_port]";exit 1;fi +IP=$1 +BUILDNUM=$2 +HTTP_PORT=${3:-80} +HTTPS_PORT=${4:-443} + +TAG=build.$BUILDNUM +NAMESPACE="cicd.harbor.bitsf.xin/harbor-dev" +data_path=`pwd`/$TAG/data +mkdir -p $data_path +config_dir=`pwd`/$TAG/common/config +mkdir -p $config_dir +mkdir -p $data_path/logs +compose_file=`pwd`/$TAG/docker-compose.yml +touch $compose_file +secret_dir=$data_path/secret +mkdir -p $secret_dir +cert_path=$data_path/cert +mkdir -p $cert_path + +docker pull $NAMESPACE/registry-photon:v2.7.1-patch-2819 +docker tag $NAMESPACE/registry-photon:v2.7.1-patch-2819 $NAMESPACE/registry-photon:v2.7.1-patch-2819-$TAG +for name in prepare harbor-registryctl nginx-photon harbor-portal harbor-jobservice harbor-core harbor-db redis-photon harbor-log; do + docker pull $NAMESPACE/$name:$TAG +done + +curl https://raw.githubusercontent.com/goharbor/harbor/master/tests/harbor_ca.key -o $cert_path/harbor_ca.key +curl https://raw.githubusercontent.com/goharbor/harbor/master/tests/harbor_ca.crt -o $cert_path/harbor_ca.crt +openssl req \ + -newkey rsa:4096 -nodes -sha256 -keyout $cert_path/$IP.key \ + -out $cert_path/$IP.csr -subj "/C=CN/ST=PEK/L=Bei Jing/O=VMware/CN=HarborManager" +echo subjectAltName = IP:$IP > $cert_path/extfile.cnf +openssl x509 -req -days 365 -sha256 -in $cert_path/$IP.csr -CA $cert_path/harbor_ca.crt \ + -CAkey $cert_path/harbor_ca.key -CAcreateserial -CAserial $cert_path/$IP.srl -extfile $cert_path/extfile.cnf -out $cert_path/$IP.crt + +docker run --rm -v `pwd`/fixcicdharbor.py:/usr/src/app/fixcicdharbor.py \ + -v $data_path:/data:z \ + -v $compose_file:/compose_location/docker-compose.yml:z \ + -v $config_dir:/config:z \ + -v $secret_dir:/secret:z \ + -v $cert_path/$IP.key:/hostfs/cert/server.key:z \ + -v $cert_path/$IP.crt:/hostfs/cert/server.crt:z \ + -e IP=$IP -e HTTP_PORT=$HTTP_PORT -e HTTPS_PORT=$HTTPS_PORT \ + -e data_volume=$data_path \ + -e TAG=$TAG -e NAMESPACE=$NAMESPACE \ + --entrypoint ./fixcicdharbor.py \ + $NAMESPACE/prepare:$TAG \ + || exit 1 + +sudo chmod -R +r $TAG +sudo chmod -R 700 $data_path/database + +cd $TAG +docker-compose down +docker-compose up -d + +echo enjoy you harbor at http://$IP:$HTTP_PORT diff --git a/tests/cicd/stopcicdharbor.sh b/tests/cicd/stopcicdharbor.sh new file mode 100755 index 00000000000..a71e60ab2f2 --- /dev/null +++ b/tests/cicd/stopcicdharbor.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +if [ -z "$1" ];then echo "$0 [action]";exit 1;fi +BUILDNUM=$1 +ACTION=${2:-stop} + +for name in nginx harbor-jobservice harbor-portal harbor-core registry registryctl harbor-db redis harbor-log; do + docker $ACTION $name-build.$BUILDNUM +done \ No newline at end of file diff --git a/tests/travis/api_common_install.sh b/tests/travis/api_common_install.sh old mode 100644 new mode 100755 index f698bd5346c..9011d2c20f1 --- a/tests/travis/api_common_install.sh +++ b/tests/travis/api_common_install.sh @@ -1,4 +1,5 @@ #!/bin/bash +set -x set +e sudo rm -fr /data/* diff --git a/tests/travis/api_run.sh b/tests/travis/api_run.sh old mode 100644 new mode 100755 index c6b34a76099..1e26ecb7992 --- a/tests/travis/api_run.sh +++ b/tests/travis/api_run.sh @@ -1,4 +1,5 @@ #!/bin/bash +set -x #source gskey.sh diff --git a/tests/travis/distro_installer.sh b/tests/travis/distro_installer.sh index 772d7667821..63051102cb3 100755 --- a/tests/travis/distro_installer.sh +++ b/tests/travis/distro_installer.sh @@ -1,4 +1,5 @@ #!/bin/bash +set-x set -e diff --git a/tests/travis/ut_install.sh b/tests/travis/ut_install.sh old mode 100644 new mode 100755 index bed85e34157..2a7e56693e4 --- a/tests/travis/ut_install.sh +++ b/tests/travis/ut_install.sh @@ -1,4 +1,5 @@ #!/bin/bash +set -x set -e diff --git a/tests/travis/ut_run.sh b/tests/travis/ut_run.sh index c1086f330a9..ba57e6a06ea 100755 --- a/tests/travis/ut_run.sh +++ b/tests/travis/ut_run.sh @@ -1,4 +1,5 @@ #!/bin/bash +set -x set -e