Skip to content

hawkmoth-studio/perforce-docker

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

79 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

License ci

perforce-docker

Docker images for Perforce source control.

helix-p4d

This image contains a Helix Core Server.

Quickstart

docker run -v /srv/helix-p4d/data:/data -p 1666:1666 --name=helix-p4d hawkmothstudio/helix-p4d

Volumes

Volume Name Description
/data Server data directory
/p4-depots List of depot specifications to load on start
/p4-groups List of group specifications to load on start
/p4-passwd Users password to load on start
/p4-protect List of protections to load on start
/p4-typemaps List of protections to load on start
/p4-users List of user specifications to load on start

Container environment variables

Variable Name Default value Description
P4NAME master Service name, leave default value (recommended).
P4ROOT /data/master p4d data directory, leave default value (recommended).
P4SSLDIR /data/master/root/ssl Directory with ssl certificate and private key.
P4PORT ssl:1666 Server port. By default, connection is secured by TLS.
P4USER p4admin Login of the admin user to be created.
P4PASSWD P@ssw0rd Password of the admin user to be created.
P4CHARSET auto if unicode is enabled. Charset the local client will to perform administrative tasks.
P4D_CASE_SENSITIVE false Set to true to enable case-sensitive mode.
P4D_USE_UNICODE true Set to false to disable unicode mode.
P4D_FILETYPE_BYPASSLOCK 1 Enable / disable bypasslock (needed by Swarm).
P4D_SECURITY 2 Server security level.
P4D_LOAD_TYPEMAPS false If true, loads typemap specifications on startup.
P4D_LOAD_USERS false If true, loads user specifications on startup.
P4D_LOAD_USER_PASSWORDS false If true, loads user passwords on startup.
P4D_LOAD_GROUPS false If true, loads group specifications on startup.
P4D_LOAD_DEPOTS false If true, loads depot specifications on startup.
P4D_LOAD_PROTECTIONS false If true, loads protection lists on startup.
P4D_SSL_CERTIFICATE_FILE If set, file is copied and used as a TLS certificate.
P4D_SSL_CERTIFICATE_KEY_FILE If set, file is copied and used as a TLS private key.
P4D_DATABASE_UPGRADE false Set to true to attempt database upgrade on start.
SWARM_URL If set, used to update P4.Swarm.URL property.
INSTALL_SWARM_TRIGGER false Set to true to automatically install / update swarm triggers.
SWARM_TRIGGER_HOST http://swarm URL to be used by p4d to access Swarm.
SWARM_TRIGGER_TOKEN Swarm token. Required if swarm trigger installation is enabled.

Initial configuration

When started for the first time, a new p4d server is initialized with superuser identified by $P4USER and $P4PASSWD. Changing these variables after the server has been initialized does not change server's superuser.

Unicode support

When initializing, p4d can create database files with (by default) or without unicode support. Please pay attention to this parameter when initializing p4d database, as unicode support cannot be turned off once it has been enabled. It is enabled by default as using non-unicode servers today is rather rare and can lead to unexpected issues with file sync.

If P4D_USE_UNICODE is enabled after p4d database has been initialized, helix-p4d will attempt to convert database files to unicode upon startup.

For more information on unicode support in Perforce, please refer to official documentation.

Automatic data loading

helix-p4d supports loading certain data on startup. This provides an easy way to automate production-ready container deployment.

Typemaps

If P4D_LOAD_TYPEMAPS is set to true, all .txt-files from /p4-typemap are loaded as typemap specification files when starting container (in alphabetic order).

See the following example specification files:

Users

If P4D_LOAD_USERS is set to true, all .txt-files from /p4-users are loaded as user specification files when starting container (in alphabetic order).

Example specification file:

User:       johndoe
Email:      john.doe@example.localdomain
FullName:   John Doe

User passwords

p4d disallows setting user password using specification file when security level is set to 2 or higher. If P4D_LOAD_USER_PASSWORDS is set to true, container uses all .txt-files from /p4-passwd to set/update user passwords on startup. All files should be named <username>.txt and contain only corresponding user password (without newlines).

Groups

If P4D_LOAD_GROUPS is set to true, all .txt-files from /p4-groups are loaded as group specification files when starting container (in alphabetic order).

Example specification file:

Group:      admins
Owners:     p4admin
Users:
            p4admin
            johndoe

Depots

If P4D_LOAD_DEPOTS is set to true, default depot depot is not created, and all .txt-files from /p4-depots are loaded as depot specification files when starting container.

Please be advised, certain operations (e.g. updating depot type) is not supported this way. In such case, perforce administrator should re-create perforce depot manually.

Example specification file:

Depot:          depot
Owner:          p4admin
Description:
                Default depot.
Type:           local
Address:        local
Suffix:         .p4s
StreamDepth:    //depot/1
Map:            depot/...

Depots

If P4D_LOAD_PROTECTIONS is set to true, all .txt-files from /p4-protect (in alphabetic order) are merged together and loaded as protection specification when starting container.

Example specification file (see documentation for p4 protect for more details):

    write user * * //...
    list user * * -//spec/...
    super user p4admin * //...

TLS support

If $P4PORT value starts with ssl:, p4d is configured with TLS support. It is strongly recommended to provide proper custom key and certificate using P4D_SSL_CERTIFICATE_FILE and P4D_SSL_CERTIFICATE_KEY_FILE environment variables are set - these file are copied into $P4SSLDIR as certificate.txt and privatekey.txt. Otherwise, new key and certificate are automatically generated (only during initialization).

Attention: when server detects that key and/or certificate has changed, a new server fingerprint is generated. All the clients (including local container client) must be updated to trust this new fingerprint.

Swarm trigger support

If INSTALL_SWARM_TRIGGER is set to true, swarm trigger script and configuration is installed / updated on every container startup. The following tasks are performed as part of trigger installation:

  1. Script creates .swarm depot if it does not exist.
  2. Script creates a temporary workspace and syncs it to temp directory. This workspace will be deleted later.
  3. Script installs / updates //.swarm/triggers/swarm-trigger.pl from the official package.
  4. Using SWARM_TRIGGER_HOST and SWARM_TRIGGER_TOKEN, the script installs / updates //.swarm/triggers/swarm-trigger.conf.
  5. Script submits changes (if any) to the p4d server.
  6. Script updated p4 triggers (see official documentation).

Beware, setting INSTALL_SWARM_TRIGGER to value other than true does not remove currently installed triggers!

helix-swarm

This image contains a Helix Swarm core review tool along with a Redis cache server. Currently using external Redis server is not supported.

Quickstart

docker run -it --rm -e P4PORT=ssl:p4d:1666 -p 80:80 --name helix-swarm hawkmothstudio/helix-swarm

Volumes

Volume Name Description
/opr/perforce/swarm/data Server data directory

Container environment variables

Variable Name Default value Description
P4PORT ssl:p4d:1666 p4d server connection string.
P4USER p4admin User to be used when running p4 commands from console.
P4PASSWD P@ssw0rd $P4USER's password.
P4CHARSET auto if unicode is enabled. Charset the local client will to connect to p4d.
P4D_USE_UNICODE false Set to true if server uses unicode mode.
SWARM_INIT_FORCE false Set to true to skip checking supplied P4PORT and credentials.
SWARM_USER p4admin User to be used by Swarm to connect to p4d.
SWARM_PASSWD P@ssw0rd $SWARM_USER's password.
SWARM_USER_CREATE false Set to true to create $SWARM_USER on the p4d server.
SWARM_GROUP_CREATE false Set to true to create long-lived ticket group for swarm user.
SWARM_HOST localhost Swarm machine hostname.
SWARM_PORT 80 Port Swarm is running on (HTTP).
SWARM_SSL_ENABLE false Set to true to enable TLS support.
SWARM_SSL_CERTIFICATE_FILE /etc/ssl/certs/ssl-cert-snakeoil.pem Path to certificate file.
SWARM_SSL_CERTIFICATE_KEY_FILE /etc/ssl/private/ssl-cert-snakeoil.key Path to private key file.
SWARM_TRIGGER_TOKEN Swarm trigger token to be installed, if not empty.
SWARM_P4D_NOWAIT Set to true to disable waiting for p4d to start.

Initial configuration

When started, container checks if /opt/perforce/swarm/data/config.php is present. If not, Swarm is initialized using provided environment variables.

After the container has been initialized, all modifications to the Swarm configuration should be done by editing the config.php (see official documentation).

TLS support

ATTENTION: it is highly recommended running Swarm behind a reverse proxy (e.g. httpd or nginx). Running Swarm with TLS enabled can interfere with Swarm's P4 client and lead to certain bugs, such as NetSslTransport::SslClientInit SSL_load_error_strings: error:0909006C:PEM routines:get_name:no start lin.

Set SWARM_SSL_ENABLE to true and provide correct certificate and key files to enable TLS support. TLS support can be enabled/disabled/updated through the environment variables at any time (container restart is required).

Swarm trigger support

If SWARM_TRIGGER_TOKEN is set, it is automatically added to a list of valid trigger tokens upon container startup.

Examples

Running with docker-compose

The following example docker-compose.yml starts both p4d and swarm:

version: '2.1'
services:
  p4d:
    image: hawkmothstudio/helix-p4d
    ports:
      - '1666:1666'
    environment:
      P4USER: 'p4admin'
      P4PASSWD: 'MySup3rPwd'
      P4D_SSL_CERTIFICATE_FILE: '/etc/letsencrypt/live/example.com/fullchain.pem'
      P4D_SSL_CERTIFICATE_KEY_FILE: '/etc/letsencrypt/live/example.com/privkey.pem'
      SWARM_HOST: 'http://perforce.example.com'
      SWARM_URL: 'https://perforce.example.com'
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - /etc/letsencrypt:/etc/letsecnrypt:ro
      - /srv/helix/p4d/data:/data
  swarm:
    image: hawkmothstudio/helix-swarm
    ports:
      - '80:80'
      - '443:443'
    environment:
      P4PORT: 'ssl:p4d:1666'
      P4USER: 'p4admin'
      P4PASSWD: 'MySup3rPwd'
      SWARM_USER: 'swarm'
      SWARM_PASSWD: 'MySwa3mPwd'
      SWARM_USER_CREATE: 'true'
      SWARM_GROUP_CREATE: 'true'
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - /etc/letsencrypt:/etc/letsecnrypt:ro
      - /srv/helix/swarm/data:/opt/perforce/swarm/data
    depends_on:
      - p4d

Loading typemap into p4d

Warning: helix-p4d image comes with pre-configured typemaps. Please consider using them first before using a custom typemap.

In this example we will load a UE4 Perforce Typemap.

There is a known issue with docker-compose and piping, so we need to use the docker command:

 docker exec -i helix_p4d_1 p4 typemap -i <<EOF
# Perforce File Type Mapping Specifications.
#
#  TypeMap:             a list of filetype mappings; one per line.
#                       Each line has two elements:
#
#                       Filetype: The filetype to use on 'p4 add'.
#
#                       Path:     File pattern which will use this filetype.
#
# See 'p4 help typemap' for more information.

TypeMap:
                binary+w //depot/....exe
                binary+w //depot/....dll
                binary+w //depot/....lib
                binary+w //depot/....app
                binary+w //depot/....dylib
                binary+w //depot/....stub
                binary+w //depot/....ipa
                binary //depot/....bmp
                text //depot/....ini
                text //depot/....config
                text //depot/....cpp
                text //depot/....h
                text //depot/....c
                text //depot/....cs
                text //depot/....m
                text //depot/....mm
                text //depot/....py
                binary+l //depot/....uasset
                binary+l //depot/....umap
                binary+l //depot/....upk
                binary+l //depot/....udk
                binary+l //depot/....ubulk
EOF