Merge pull request #105 from tsurai/main

Fix controller regression errors

controller/README.md

@@ -10,10 +10,12 @@ The container engine must have an enabled user socket for the executing user to
 * Podman: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/building_running_and_managing_containers/assembly_using-the-container-tools-api_using-the-container-tools-cli#proc_enabling-the-podman-api-using-systemd-in-rootless-mode_assembly_using-the-container-tools-api
 
 ### Networking
-The controller uses a shared service network namespace to communicate with the node. For docker either the flag `--network=service:node-service-name` or the docker-compose setting `network_mode: "service:node-service-name"` has to be set for the controller container. For Podman running both the controller and node together in one pod is sufficient.
+By default the node will try to connect to the controller via the 127.0.0.1 loopback address. A different IP can be configured in `indy_config.py` using the setting `controlServiceHost=x.x.x.x`.
+Alternatively both docker and podman allow container to share the same network via either the docker flag `--network=service:node-service-name` or the docker-compose setting `network_mode: "service:node-service-name"`. For Podman runniggng both the controller and node together in one pod is sufficient.
 
 ### Environment variables
-* CONTAINER: name of the indy node container to be controlled
+* NODE_CONTAINER: name of the indy node container to be controlled
+* CONTROLLER_CONTAINER: name of the indy node controller itself
 * ENGINE: container engine to be used. Defaults to docker
 
 ### Mountpoints

controller/upgrade_indy.sh

@@ -24,22 +24,23 @@ if [[ "$ENGINE" != "podman" && "$ENGINE" != "docker" ]]; then
 fi
 
 for container in $NODE_CONTAINER $CONTROLLER_CONTAINER; do
-    inspect="$ENGINE container inspect $container --format "
+    inspect_container="$ENGINE container inspect $container --format "
 
-    if [[ "$($inspect '{{.State.Status}}')" != "running" ]]; then
+    if [[ "$($inspect_container '{{.State.Status}}')" != "running" ]]; then
         echo "Skipping upgrade because the container '$container' is not running"
         continue
     fi
 
     # get name of the image used by the container
-    image_name="$($inspect '{{.Config.Image}}')"
+    image_name="$($inspect_container '{{.Config.Image}}')"
     if [[ -z "$image_name" ]]; then
         print_error "Container $container does not exist"
         exit 22
     fi
+    inspect_image="$ENGINE image inspect $image_name --format "
 
-    # save the creation date of the image
-    image_date="$($ENGINE image inspect "$image_name" --format '{{.Created}}')"
+    # save the current image hash
+    image_hash="$($inspect_container '{{.Image}}')"
 
     # try to pull a new image
     output="$($ENGINE image pull "$image_name")"
@@ -49,19 +50,19 @@ for container in $NODE_CONTAINER $CONTROLLER_CONTAINER; do
         exit 1
     fi
 
-    # compare the old and new creation date to verify that a newer image has been pulled
-    if [[ "$($ENGINE image inspect $image_name --format '{{.Created}}')" != "$image_date" && "$container" == "$NODE_CONTAINER" ]]; then
+    # compare the old and new image hash to verify that a newer image has been pulled
+    if [[ "$($inspect_image '{{.Id}}')" != "$image_hash" && "$container" == "$NODE_CONTAINER" ]]; then
         # parse and save various container parameter to supply to the new one
-        binds="-v $($inspect '{{join .HostConfig.Binds " -v "}}')"
-        ports="$($inspect '{{range $k, $v := .NetworkSettings.Ports}}{{range $v}}{{print "-p " .HostIp ":" .HostPort ":" $k " "}}{{end}}{{end}}' | sed 's/:::/[::]:/g')"
-        network="$($inspect '{{range $k, $v := .NetworkSettings.Networks}}{{$id := slice "'$($inspect {{.Id}})'" 0 12}}{{$aliases := join $v.Aliases " --network-alias "}}{{println "--network" $k "--ip" $v.IPAddress "--network-alias" $aliases "--network-alias" $id}}{{end}}' | head -n1)"
-        restart="--restart $($inspect '{{.HostConfig.RestartPolicy.Name}}')"
-        init="$($inspect '{{.HostConfig.Init}}' | sed 's/true/--init/g; /--init/!s/.*//')"
-        $inspect '{{join .Config.Env "\n"}}' > /tmp/envs
+        binds="-v $($inspect_container '{{join .HostConfig.Binds " -v "}}')"
+        ports="$($inspect_container '{{range $k, $v := .NetworkSettings.Ports}}{{range $v}}{{print "-p " .HostIp ":" .HostPort ":" $k " "}}{{end}}{{end}}' | sed 's/:::/[::]:/g')"
+        network="$($inspect_container '{{range $k, $v := .NetworkSettings.Networks}}{{$id := slice "'$($inspect_container {{.Id}})'" 0 12}}{{$aliases := join $v.Aliases " --network-alias "}}{{println "--network" $k "--ip" $v.IPAddress "--network-alias" $aliases "--network-alias" $id}}{{end}}' | head -n1)"
+        restart="--restart $($inspect_container '{{.HostConfig.RestartPolicy.Name}}')"
+        init="$($inspect_container '{{.HostConfig.Init}}' | sed 's/true/--init/g; /--init/!s/.*//')"
+        $inspect_container '{{join .Config.Env "\n"}}' > /tmp/envs
         envs="$(if [ -s /tmp/envs ]; then echo "--env-file /tmp/envs"; else echo ""; fi)"
-        $inspect '{{range $k,$v := .Config.Labels}}{{printf "%s=%s\n" $k $v}}{{end}}' | grep -v "^org.opencontainers.image" > /tmp/labels
+        $inspect_container '{{range $k,$v := .Config.Labels}}{{printf "%s=%s\n" $k $v}}{{end}}' | grep -v "^org.opencontainers.image" > /tmp/labels
         # patch image hash in the docker-compose labels
-        sed -i "s/sha256.*/$($ENGINE image inspect docker --format '{{.Id}}')/g" /tmp/labels
+        sed -i "s/sha256.*/$($inspect_image '{{.Id}}')/g" /tmp/labels
         labels="$(if [ -s /tmp/labels ]; then echo "--label-file /tmp/labels"; else echo ""; fi)"
 
         output=$($ENGINE container create --name ${container}_new $binds $ports $network $init $restart $envs $labels $image_name) 1> /dev/null