From 994efff9249ca29a1d51c5cf7d3f3a61ad05e3c0 Mon Sep 17 00:00:00 2001 From: Rob Parker Date: Tue, 10 Apr 2018 10:10:10 +0100 Subject: [PATCH 01/11] Patch libssl vulnerability --- install-mq.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install-mq.sh b/install-mq.sh index 430b463b..937baba7 100644 --- a/install-mq.sh +++ b/install-mq.sh @@ -130,7 +130,7 @@ rm -rf ${DIR_EXTRACT} # Apply any bug fixes not included in base Ubuntu or MQ image. # Don't upgrade everything based on Docker best practices https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#run -$UBUNTU && apt-get upgrade -y sensible-utils +$UBUNTU && apt-get upgrade -y sensible-utils libssl1.0.0 # End of bug fixes # Clean up cached files From 70eeff1e09e12601cdec2c052378416b12ccd706 Mon Sep 17 00:00:00 2001 From: Rob Parker Date: Tue, 10 Apr 2018 13:38:26 +0100 Subject: [PATCH 02/11] Set makefile to download 9.0.5 driver --- Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index f7f1e2b0..caf87c37 100644 --- a/Makefile +++ b/Makefile @@ -19,7 +19,7 @@ # BASE_IMAGE is the base image to use for MQ, for example "ubuntu" or "rhel" BASE_IMAGE ?= ubuntu:16.04 # MQ_VERSION is the fully qualified MQ version number to build -MQ_VERSION ?= 9.0.4.0 +MQ_VERSION ?= 9.0.5.0 # MQ_ARCHIVE is the name of the file, under the downloads directory, from which MQ Advanced can # be installed. The default value is derived from MQ_VERSION, BASE_IMAGE and architecture # Does not apply to MQ Advanced for Developers. @@ -71,6 +71,7 @@ endif # Archive names for IBM MQ Advanced for Developers for Ubuntu MQ_ARCHIVE_DEV_9.0.3.0=mqadv_dev903_ubuntu_x86-64.tar.gz MQ_ARCHIVE_DEV_9.0.4.0=mqadv_dev904_ubuntu_x86-64.tar.gz +MQ_ARCHIVE_DEV_9.0.5.0=mqadv_dev905_ubuntu_x86-64.tar.gz ############################################################################### # Build targets From 9959eacdafd96cd5dfa70fd19a3a56f22b9b1d5d Mon Sep 17 00:00:00 2001 From: Rob Parker Date: Tue, 10 Apr 2018 14:39:47 +0100 Subject: [PATCH 03/11] ensure all references to 904/903 are changed to 905 --- incubating/Dockerfile-sfbridge | 2 +- incubating/mq-explorer/Dockerfile | 4 ++-- incubating/mqadvanced-server-dev/Dockerfile | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/incubating/Dockerfile-sfbridge b/incubating/Dockerfile-sfbridge index 134cc4fa..3f7360f6 100644 --- a/incubating/Dockerfile-sfbridge +++ b/incubating/Dockerfile-sfbridge @@ -15,7 +15,7 @@ FROM ubuntu:16.04 # The URL to download the MQ installer from in tar.gz format -ARG MQ_URL=https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev903_ubuntu_x86-64.tar.gz +ARG MQ_URL=https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev905_ubuntu_x86-64.tar.gz # The MQ packages to install ARG MQ_PACKAGES="ibmmq-sfbridge" diff --git a/incubating/mq-explorer/Dockerfile b/incubating/mq-explorer/Dockerfile index 0deffcb2..32575d17 100644 --- a/incubating/mq-explorer/Dockerfile +++ b/incubating/mq-explorer/Dockerfile @@ -15,7 +15,7 @@ FROM ubuntu:16.04 # The URL to download the MQ installer from in tar.gz format -ARG MQ_URL=https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev903_ubuntu_x86-64.tar.gz +ARG MQ_URL=https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev905_ubuntu_x86-64.tar.gz # The MQ packages to install ARG MQ_PACKAGES="ibmmq-explorer" @@ -35,4 +35,4 @@ ENV LANG=en_US.UTF-8 # Run as mqm (999) USER 999 -ENTRYPOINT ["MQExplorer"] \ No newline at end of file +ENTRYPOINT ["MQExplorer"] diff --git a/incubating/mqadvanced-server-dev/Dockerfile b/incubating/mqadvanced-server-dev/Dockerfile index bf0ef99c..8dd5fbff 100644 --- a/incubating/mqadvanced-server-dev/Dockerfile +++ b/incubating/mqadvanced-server-dev/Dockerfile @@ -15,7 +15,7 @@ ############################################################################### # Build stage to build Go code ############################################################################### -FROM golang:1.9 as builder +FROM golang:1.9 as builder WORKDIR /go/src/github.com/ibm-messaging/mq-container/ COPY cmd/ ./cmd COPY internal/ ./internal @@ -29,7 +29,7 @@ RUN go test -v ./cmd/runmqdevserver/... ############################################################################### # Main build stage ############################################################################### -FROM mqadvanced-server-dev-base:9.0.4.0-x86_64-ubuntu-16.04 +FROM mqadvanced-server-dev-base:9.0.5.0-x86_64-ubuntu-16.04 # Enable MQ developer default configuration ENV MQ_DEV=true @@ -53,4 +53,4 @@ RUN chmod +x /usr/local/bin/runmq* EXPOSE 9443 -ENTRYPOINT ["runmqdevserver"] \ No newline at end of file +ENTRYPOINT ["runmqdevserver"] From 53a991b891e1e2733bc3489b50cb3928fd5d9d74 Mon Sep 17 00:00:00 2001 From: Rob Parker Date: Wed, 11 Apr 2018 09:13:10 +0100 Subject: [PATCH 04/11] backport Fix timing problem in mirroring tests --- cmd/runmqserver/mirror.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cmd/runmqserver/mirror.go b/cmd/runmqserver/mirror.go index 170e6082..0a78cbaa 100644 --- a/cmd/runmqserver/mirror.go +++ b/cmd/runmqserver/mirror.go @@ -33,7 +33,7 @@ func waitForFile(ctx context.Context, path string) (os.FileInfo, error) { select { // Check to see if cancellation has been requested case <-ctx.Done(): - return nil, nil + return os.Stat(path) default: fi, err = os.Stat(path) if err != nil { @@ -145,7 +145,8 @@ func mirrorLog(ctx context.Context, wg *sync.WaitGroup, path string, fromStart b for { // If there's already data there, mirror it now. mirrorAvailableMessages(f, mf) - newFI, err := os.Stat(path) + // Wait for the new log file (after rotation) + newFI, err := waitForFile(ctx, path) if err != nil { log.Error(err) errorChannel <- err From 09cc18cd0c75446e0379f62a053261e8bfce3b33 Mon Sep 17 00:00:00 2001 From: Rob Parker Date: Thu, 12 Apr 2018 11:01:20 +0100 Subject: [PATCH 05/11] backport docker exec timeout fix and web console test fix --- test/docker/Gopkg.toml | 2 +- test/docker/devconfig_test.go | 30 +------------- test/docker/devconfig_test_util.go | 42 +++++++++++++++----- test/docker/docker_api_test.go | 40 +++++++++++-------- test/docker/docker_api_test_util.go | 61 +++++++++-------------------- 5 files changed, 77 insertions(+), 98 deletions(-) diff --git a/test/docker/Gopkg.toml b/test/docker/Gopkg.toml index d13cde4c..c29f50ed 100644 --- a/test/docker/Gopkg.toml +++ b/test/docker/Gopkg.toml @@ -14,7 +14,7 @@ [[constraint]] name = "github.com/docker/docker" - version = "^1.12" + version = "=v17.03.2-ce" [[constraint]] name = "github.com/docker/go-connections" diff --git a/test/docker/devconfig_test.go b/test/docker/devconfig_test.go index 4c8ddd49..770e21b6 100644 --- a/test/docker/devconfig_test.go +++ b/test/docker/devconfig_test.go @@ -18,11 +18,7 @@ limitations under the License. package main import ( - "crypto/tls" - "fmt" - "net/http" "testing" - "time" "github.com/docker/docker/api/types/container" "github.com/docker/docker/client" @@ -41,31 +37,7 @@ func TestDevGoldenPath(t *testing.T) { defer cleanContainer(t, cli, id) waitForReady(t, cli, id) - waitForWebReady(t, cli, id) - - timeout := time.Duration(30 * time.Second) - // Disable TLS verification (server uses a self-signed certificate by default, - // so verification isn't useful anyway) - tr := &http.Transport{ - TLSClientConfig: &tls.Config{ - InsecureSkipVerify: true, - }, - } - httpClient := http.Client{ - Timeout: timeout, - Transport: tr, - } - - url := fmt.Sprintf("https://localhost:%s/ibmmq/rest/v1/admin/installation", getWebPort(t, cli, id)) - req, err := http.NewRequest("GET", url, nil) - req.SetBasicAuth("admin", "passw0rd") - resp, err := httpClient.Do(req) - if err != nil { - t.Fatal(err) - } - if resp.StatusCode != http.StatusOK { - t.Errorf("Expected HTTP status code %v from 'GET installation'; got %v", http.StatusOK, resp.StatusCode) - } + waitForWebReady(t, cli, id, insecureTLSConfig) // Stop the container cleanly stopContainer(t, cli, id) diff --git a/test/docker/devconfig_test_util.go b/test/docker/devconfig_test_util.go index e3051cbf..6ceb0622 100644 --- a/test/docker/devconfig_test_util.go +++ b/test/docker/devconfig_test_util.go @@ -18,25 +18,49 @@ limitations under the License. package main import ( - "crypto/tls" "fmt" "testing" "time" + "net/http" + "crypto/tls" "github.com/docker/docker/client" ) -func waitForWebReady(t *testing.T, cli *client.Client, ID string) { - config := tls.Config{InsecureSkipVerify: true} - a := fmt.Sprintf("localhost:%s", getWebPort(t, cli, ID)) + +const devAdminPassword string = "passw0rd" +const devAppPassword string = "passw0rd" + +// Disable TLS verification (server uses a self-signed certificate by default, +// so verification isn't useful anyway) +var insecureTLSConfig *tls.Config = &tls.Config{ + InsecureSkipVerify: true, +} + +func waitForWebReady(t *testing.T, cli *client.Client, ID string, tlsConfig *tls.Config) { + httpClient := http.Client{ + Timeout: time.Duration(3 * time.Second), + Transport: &http.Transport{ + TLSClientConfig: tlsConfig, + }, + } + url := fmt.Sprintf("https://localhost:%s/ibmmq/rest/v1/admin/installation", getWebPort(t, cli, ID)) for { - conn, err := tls.Dial("tcp", a, &config) - if err == nil { - conn.Close() - // Extra sleep to allow web apps to start - time.Sleep(3 * time.Second) + req, err := http.NewRequest("GET", url, nil) + req.SetBasicAuth("admin", devAdminPassword) + resp, err := httpClient.Do(req) + if err == nil && resp.StatusCode == http.StatusOK { t.Log("MQ web server is ready") return } + // conn, err := tls.Dial("tcp", a, &config) + // if err == nil { + // conn.Close() + // // Extra sleep to allow web apps to start + // time.Sleep(5 * time.Second) + // t.Log("MQ web server is ready") + // return + // } + time.Sleep(1 * time.Second) } } diff --git a/test/docker/docker_api_test.go b/test/docker/docker_api_test.go index 08be3068..24cf3002 100644 --- a/test/docker/docker_api_test.go +++ b/test/docker/docker_api_test.go @@ -126,7 +126,7 @@ func utilTestNoQueueManagerName(t *testing.T, hostName string, expectedName stri id := runContainer(t, cli, &containerConfig) defer cleanContainer(t, cli, id) waitForReady(t, cli, id) - out := execContainerWithOutput(t, cli, id, "mqm", []string{"dspmq"}) + _, out := execContainer(t, cli, id, "mqm", []string{"dspmq"}) if !strings.Contains(out, search) { t.Errorf("Expected result of running dspmq to contain name=%v, got name=%v", search, out) } @@ -285,16 +285,18 @@ func TestVolumeUnmount(t *testing.T) { defer cleanContainer(t, cli, ctr.ID) waitForReady(t, cli, ctr.ID) // Unmount the volume as root - rc := execContainerWithExitCode(t, cli, ctr.ID, "root", []string{"umount", "-l", "-f", "/mnt/mqm"}) + rc, _ := execContainer(t, cli, ctr.ID, "root", []string{"umount", "-l", "-f", "/mnt/mqm"}) if rc != 0 { t.Fatalf("Expected umount to work with rc=0, got %v", rc) } time.Sleep(3 * time.Second) - rc = execContainerWithExitCode(t, cli, ctr.ID, "mqm", []string{"chkmqhealthy"}) + rc, _ = execContainer(t, cli, ctr.ID, "mqm", []string{"chkmqhealthy"}) if rc == 0 { t.Errorf("Expected chkmqhealthy to fail") - t.Logf(execContainerWithOutput(t, cli, ctr.ID, "mqm", []string{"df"})) - t.Logf(execContainerWithOutput(t, cli, ctr.ID, "mqm", []string{"ps", "-ef"})) + _, output := execContainer(t, cli, ctr.ID, "mqm", []string{"df"}) + t.Logf(output) + _, output = execContainer(t, cli, ctr.ID, "mqm", []string{"ps", "-ef"}) + t.Logf(output) } } @@ -318,12 +320,12 @@ func TestZombies(t *testing.T) { waitForReady(t, cli, id) // Kill an MQ process with children. After it is killed, its children // will be adopted by PID 1, and should then be reaped when they die. - out := execContainerWithOutput(t, cli, id, "mqm", []string{"pkill", "--signal", "kill", "-c", "amqzxma0"}) + _, out := execContainer(t, cli, id, "mqm", []string{"pkill", "--signal", "kill", "-c", "amqzxma0"}) if out == "0" { t.Fatalf("Expected pkill to kill a process, got %v", out) } time.Sleep(3 * time.Second) - out = execContainerWithOutput(t, cli, id, "mqm", []string{"bash", "-c", "ps -lA | grep '^. Z'"}) + _, out = execContainer(t, cli, id, "mqm", []string{"bash", "-c", "ps -lA | grep '^. Z'"}) if out != "" { count := strings.Count(out, "\n") + 1 t.Errorf("Expected zombies=0, got %v", count) @@ -356,7 +358,7 @@ func TestMQSC(t *testing.T) { id := runContainer(t, cli, &containerConfig) defer cleanContainer(t, cli, id) waitForReady(t, cli, id) - rc := execContainerWithExitCode(t, cli, id, "mqm", []string{"bash", "-c", "echo 'DISPLAY QLOCAL(test)' | runmqsc"}) + rc, _ := execContainer(t, cli, id, "mqm", []string{"bash", "-c", "echo 'DISPLAY QLOCAL(test)' | runmqsc"}) if rc != 0 { t.Fatalf("Expected runmqsc to exit with rc=0, got %v", rc) } @@ -392,17 +394,19 @@ func TestReadiness(t *testing.T) { id := runContainer(t, cli, &containerConfig) defer cleanContainer(t, cli, id) queueCheckCommand := fmt.Sprintf("echo 'DISPLAY QLOCAL(test%v)' | runmqsc", numQueues) - t.Log(execContainerWithOutput(t, cli, id, "root", []string{"cat", "/etc/mqm/test.mqsc"})) + _, output := execContainer(t, cli, id, "root", []string{"cat", "/etc/mqm/test.mqsc"}) + t.Log(output) for { - readyRC := execContainerWithExitCode(t, cli, id, "mqm", []string{"chkmqready"}) - queueCheckRC := execContainerWithExitCode(t, cli, id, "mqm", []string{"bash", "-c", queueCheckCommand}) + readyRC, _ := execContainer(t, cli, id, "mqm", []string{"chkmqready"}) + queueCheckRC, _ := execContainer(t, cli, id, "mqm", []string{"bash", "-c", queueCheckCommand}) t.Logf("readyRC=%v,queueCheckRC=%v\n", readyRC, queueCheckRC) if readyRC == 0 { if queueCheckRC != 0 { t.Fatalf("chkmqready returned %v when MQSC had not finished", readyRC) } else { // chkmqready says OK, and the last queue exists, so return - t.Log(execContainerWithOutput(t, cli, id, "root", []string{"bash", "-c", "echo 'DISPLAY QLOCAL(test1)' | runmqsc"})) + _, output = execContainer(t, cli, id, "root", []string{"bash", "-c", "echo 'DISPLAY QLOCAL(test1)' | runmqsc"}) + t.Log(output) return } } @@ -463,11 +467,13 @@ func TestErrorLogRotation(t *testing.T) { waitForReady(t, cli, id) dir := "/var/mqm/qmgrs/" + qmName + "/errors" // Generate some content for the error logs, by trying to put messages under an unauthorized user - // execContainerWithOutput(t, cli, id, "fred", []string{"bash", "-c", "for i in {1..30} ; do /opt/mqm/samp/bin/amqsput FAKE; done"}) - execContainerWithOutput(t, cli, id, "root", []string{"useradd", "fred"}) + // execContainer(t, cli, id, "fred", []string{"bash", "-c", "for i in {1..30} ; do /opt/mqm/samp/bin/amqsput FAKE; done"}) + execContainer(t, cli, id, "root", []string{"useradd", "fred"}) for { - execContainerWithOutput(t, cli, id, "fred", []string{"bash", "-c", "/opt/mqm/samp/bin/amqsput FAKE"}) - amqerr02size, err := strconv.Atoi(execContainerWithOutput(t, cli, id, "mqm", []string{"bash", "-c", "wc -c < " + filepath.Join(dir, "AMQERR02.json")})) + execContainer(t, cli, id, "fred", []string{"bash", "-c", "/opt/mqm/samp/bin/amqsput FAKE"}) + + _, atoiStr := execContainer(t, cli, id, "mqm", []string{"bash", "-c", "wc -c < " + filepath.Join(dir, "AMQERR02.json")}) + amqerr02size, err := strconv.Atoi(atoiStr) if err != nil { t.Fatal(err) } @@ -476,7 +482,7 @@ func TestErrorLogRotation(t *testing.T) { break } } - out := execContainerWithOutput(t, cli, id, "root", []string{"ls", "-l", dir}) + _, out := execContainer(t, cli, id, "root", []string{"ls", "-l", dir}) t.Log(out) stopContainer(t, cli, id) b := copyFromContainer(t, cli, id, filepath.Join(dir, "AMQERR01.json")) diff --git a/test/docker/docker_api_test_util.go b/test/docker/docker_api_test_util.go index 5409b456..ce9dd7f8 100644 --- a/test/docker/docker_api_test_util.go +++ b/test/docker/docker_api_test_util.go @@ -31,6 +31,7 @@ import ( "strings" "testing" "time" + "regexp" "github.com/docker/docker/api/types" "github.com/docker/docker/api/types/container" @@ -254,10 +255,9 @@ func waitForContainer(t *testing.T, cli *client.Client, ID string, timeout int64 return rc } -// execContainerWithExitCode runs a command in a running container, and returns the exit code -// Note: due to a bug in Docker/Moby code, you always get an exit code of 0 if you attach to the -// container to get output. This is why these are two separate commands. -func execContainerWithExitCode(t *testing.T, cli *client.Client, ID string, user string, cmd []string) int { +// execContainer runs a command in a running container, and returns the exit code and output +func execContainer(t *testing.T, cli *client.Client, ID string, user string, cmd []string) (int, string) { + rerun: config := types.ExecConfig{ User: user, Privileged: false, @@ -273,56 +273,23 @@ func execContainerWithExitCode(t *testing.T, cli *client.Client, ID string, user if err != nil { t.Fatal(err) } - cli.ContainerExecStart(context.Background(), resp.ID, types.ExecStartCheck{ - Detach: false, - Tty: false, - }) - if err != nil { - t.Fatal(err) - } - inspect, err := cli.ContainerExecInspect(context.Background(), resp.ID) - if err != nil { - t.Fatal(err) - } - return inspect.ExitCode -} - -// execContainerWithOutput runs a command in a running container, and returns the output from stdout/stderr -// Note: due to a bug in Docker/Moby code, you always get an exit code of 0 if you attach to the -// container to get output. This is why these are two separate commands. -func execContainerWithOutput(t *testing.T, cli *client.Client, ID string, user string, cmd []string) string { - config := types.ExecConfig{ - User: user, - Privileged: false, - Tty: false, - AttachStdin: false, - AttachStdout: true, - AttachStderr: true, - Detach: false, - Cmd: cmd, - } - resp, err := cli.ContainerExecCreate(context.Background(), ID, config) - if err != nil { - t.Fatal(err) - } hijack, err := cli.ContainerExecAttach(context.Background(), resp.ID, config) if err != nil { t.Fatal(err) } - err = cli.ContainerExecStart(context.Background(), resp.ID, types.ExecStartCheck{ + cli.ContainerExecStart(context.Background(), resp.ID, types.ExecStartCheck{ Detach: false, Tty: false, }) - if err != nil { - t.Fatal(err) - } // Wait for the command to finish + var exitcode int for { inspect, err := cli.ContainerExecInspect(context.Background(), resp.ID) if err != nil { t.Fatal(err) } if !inspect.Running { + exitcode = inspect.ExitCode break } } @@ -332,12 +299,22 @@ func execContainerWithOutput(t *testing.T, cli *client.Client, ID string, user s if err != nil { log.Fatal(err) } - return strings.TrimSpace(buf.String()) + + outputStr := strings.TrimSpace(buf.String()) + + // Before we go let's just double check it did actually run because sometimes we get a "Exec command already running error" + alreadyRunningErr := regexp.MustCompile("Error: Exec command .* is already running") + if alreadyRunningErr.MatchString(outputStr) { + time.Sleep(1 * time.Second) + goto rerun + } + + return exitcode, outputStr } func waitForReady(t *testing.T, cli *client.Client, ID string) { for { - rc := execContainerWithExitCode(t, cli, ID, "mqm", []string{"chkmqready"}) + rc, _ := execContainer(t, cli, ID, "mqm", []string{"chkmqready"}) if rc == 0 { t.Log("MQ is ready") return From 309562051a3efa38cd131e7bbc9375f4ee924025 Mon Sep 17 00:00:00 2001 From: Rob Parker Date: Mon, 30 Apr 2018 17:02:27 +0200 Subject: [PATCH 06/11] Fix License to include Copyright * Fix License to include Copyright * Fix Copyright line --- LICENSE | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/LICENSE b/LICENSE index 7a4a3ea2..f2249fdc 100644 --- a/LICENSE +++ b/LICENSE @@ -176,18 +176,7 @@ END OF TERMS AND CONDITIONS - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] + © Copyright IBM Corporation. 2015, 2018 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -199,4 +188,4 @@ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and - limitations under the License. \ No newline at end of file + limitations under the License. From 67eb420f3bb0ad90c92b71751fa987748f92035f Mon Sep 17 00:00:00 2001 From: Stephen Marshall Date: Fri, 25 May 2018 09:57:30 +0100 Subject: [PATCH 07/11] Security upgrade for libprocps4 and procps (#86) --- install-mq.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install-mq.sh b/install-mq.sh index 937baba7..d8283492 100644 --- a/install-mq.sh +++ b/install-mq.sh @@ -130,7 +130,7 @@ rm -rf ${DIR_EXTRACT} # Apply any bug fixes not included in base Ubuntu or MQ image. # Don't upgrade everything based on Docker best practices https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#run -$UBUNTU && apt-get upgrade -y sensible-utils libssl1.0.0 +$UBUNTU && apt-get upgrade -y libprocps4 procps # End of bug fixes # Clean up cached files From c9a7d796e9fe663d4293d758767ee5dd44157435 Mon Sep 17 00:00:00 2001 From: Arthur Barr Date: Thu, 31 May 2018 15:09:10 +0100 Subject: [PATCH 08/11] Support POWER and z/Linux (#101) --- Makefile | 1 - cmd/runmqserver/mqconfig_linux.go | 3 ++- install-mq.sh | 15 +++++++++++---- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/Makefile b/Makefile index caf87c37..573f21f9 100644 --- a/Makefile +++ b/Makefile @@ -222,7 +222,6 @@ build-advancedserver: downloads/$(MQ_ARCHIVE) docker-version # Target-specific variable to add web server into devserver image build-devserver: MQ_PACKAGES=ibmmq-server ibmmq-java ibmmq-jre ibmmq-gskit ibmmq-msg-.* ibmmq-samples ibmmq-ams ibmmq-web build-devserver: downloads/$(MQ_ARCHIVE_DEV) docker-version - @test "$(shell uname -m)" = "x86_64" || (echo "Error: MQ Advanced for Developers is only available for x86_64 architecture" && exit 1) $(info $(shell printf $(TITLE)"Build $(MQ_IMAGE_DEVSERVER_BASE)"$(END))) $(call docker-build-mq,$(MQ_IMAGE_DEVSERVER_BASE),Dockerfile-server,$(MQ_ARCHIVE_DEV),"98102d16795c4263ad9ca075190a2d4d","IBM MQ Advanced for Developers (Non-Warranted)",$(MQ_VERSION)) docker build --tag $(MQ_IMAGE_DEVSERVER) --file incubating/mqadvanced-server-dev/Dockerfile . diff --git a/cmd/runmqserver/mqconfig_linux.go b/cmd/runmqserver/mqconfig_linux.go index 8371395b..f37fd127 100644 --- a/cmd/runmqserver/mqconfig_linux.go +++ b/cmd/runmqserver/mqconfig_linux.go @@ -40,7 +40,8 @@ func checkFS(path string) { log.Println(err) return } - t := fsTypes[statfs.Type] + // Use a type conversion to make type an int64. On s390x it's a uint32. + t := fsTypes[int64(statfs.Type)] switch t { case "aufs", "overlayfs", "tmpfs": log.Fatalf("Error: %v uses unsupported filesystem type %v", path, t) diff --git a/install-mq.sh b/install-mq.sh index d8283492..f6179b74 100644 --- a/install-mq.sh +++ b/install-mq.sh @@ -29,12 +29,19 @@ fi if ($UBUNTU); then export DEBIAN_FRONTEND=noninteractive + source /etc/os-release + # Figure out the correct apt URL based on the CPU architecture + CPU_ARCH=$(uname -p) + if [ ${CPU_ARCH} == "x86_64" ]; then + APT_URL="http://archive.ubuntu.com/ubuntu/" + else + APT_URL="http://ports.ubuntu.com/ubuntu-ports/" + fi # Use a reduced set of apt repositories. # This ensures no unsupported code gets installed, and makes the build faster - source /etc/os-release - echo "deb http://archive.ubuntu.com/ubuntu/ ${UBUNTU_CODENAME} main restricted" > /etc/apt/sources.list - echo "deb http://archive.ubuntu.com/ubuntu/ ${UBUNTU_CODENAME}-updates main restricted" >> /etc/apt/sources.list - echo "deb http://archive.ubuntu.com/ubuntu/ ${UBUNTU_CODENAME}-security main restricted" >> /etc/apt/sources.list + echo "deb ${APT_URL} ${UBUNTU_CODENAME} main restricted" > /etc/apt/sources.list + echo "deb ${APT_URL} ${UBUNTU_CODENAME}-updates main restricted" >> /etc/apt/sources.list + echo "deb ${APT_URL} ${UBUNTU_CODENAME}-security main restricted" >> /etc/apt/sources.list # Install additional packages required by MQ, this install process and the runtime scripts apt-get update apt-get install -y --no-install-recommends \ From c9682cde993361992659f2aac9f77daca69f3566 Mon Sep 17 00:00:00 2001 From: Rob Parker Date: Mon, 4 Jun 2018 13:36:47 +0100 Subject: [PATCH 09/11] Add platform specific URL for test --- test/docker/docker_api_test.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/test/docker/docker_api_test.go b/test/docker/docker_api_test.go index 24cf3002..ff9cc21c 100644 --- a/test/docker/docker_api_test.go +++ b/test/docker/docker_api_test.go @@ -24,6 +24,7 @@ import ( "fmt" "io" "path/filepath" + "runtime" "strconv" "strings" "testing" @@ -103,7 +104,13 @@ func TestSecurityVulnerabilities(t *testing.T) { t.Skip("Skipping test because container is not Ubuntu-based") } // Override the entrypoint to make "apt" only receive security updates, then check for updates - rc, log := runContainerOneShot(t, cli, "bash", "-c", "source /etc/os-release && echo \"deb http://security.ubuntu.com/ubuntu/ ${VERSION_CODENAME}-security main restricted\" > /etc/apt/sources.list && apt-get update 2>&1 >/dev/null && apt-get --simulate -qq upgrade") + var url string + if runtime.GOARCH == "amd64" { + url = "http://security.ubuntu.com/ubuntu/" + } else { + url = "http://ports.ubuntu.com/ubuntu-ports/" + } + rc, log := runContainerOneShot(t, cli, "bash", "-c", "source /etc/os-release && echo \"deb "+url+" ${VERSION_CODENAME}-security main restricted\" > /etc/apt/sources.list && apt-get update 2>&1 >/dev/null && apt-get --simulate -qq upgrade") if rc != 0 { t.Fatalf("Expected success, got %v", rc) } From 26dde44ec2a364ee12b1963686ba7048c924b919 Mon Sep 17 00:00:00 2001 From: Rob Parker Date: Mon, 4 Jun 2018 14:55:46 +0100 Subject: [PATCH 10/11] Add platform specific URL for test (#109) --- test/docker/docker_api_test.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/test/docker/docker_api_test.go b/test/docker/docker_api_test.go index 24cf3002..ff9cc21c 100644 --- a/test/docker/docker_api_test.go +++ b/test/docker/docker_api_test.go @@ -24,6 +24,7 @@ import ( "fmt" "io" "path/filepath" + "runtime" "strconv" "strings" "testing" @@ -103,7 +104,13 @@ func TestSecurityVulnerabilities(t *testing.T) { t.Skip("Skipping test because container is not Ubuntu-based") } // Override the entrypoint to make "apt" only receive security updates, then check for updates - rc, log := runContainerOneShot(t, cli, "bash", "-c", "source /etc/os-release && echo \"deb http://security.ubuntu.com/ubuntu/ ${VERSION_CODENAME}-security main restricted\" > /etc/apt/sources.list && apt-get update 2>&1 >/dev/null && apt-get --simulate -qq upgrade") + var url string + if runtime.GOARCH == "amd64" { + url = "http://security.ubuntu.com/ubuntu/" + } else { + url = "http://ports.ubuntu.com/ubuntu-ports/" + } + rc, log := runContainerOneShot(t, cli, "bash", "-c", "source /etc/os-release && echo \"deb "+url+" ${VERSION_CODENAME}-security main restricted\" > /etc/apt/sources.list && apt-get update 2>&1 >/dev/null && apt-get --simulate -qq upgrade") if rc != 0 { t.Fatalf("Expected success, got %v", rc) } From 12dcd648e97dbf767d75a71275c9bc5446b4b661 Mon Sep 17 00:00:00 2001 From: Rob Parker Date: Mon, 4 Jun 2018 16:33:51 +0100 Subject: [PATCH 11/11] s --- incubating/mqadvanced-server-dev/Dockerfile | 1 - test/docker/docker_api_test.go | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/incubating/mqadvanced-server-dev/Dockerfile b/incubating/mqadvanced-server-dev/Dockerfile index 6c752f58..7ac59194 100644 --- a/incubating/mqadvanced-server-dev/Dockerfile +++ b/incubating/mqadvanced-server-dev/Dockerfile @@ -16,7 +16,6 @@ # Build stage to build Go code ############################################################################### FROM golang:1.10 as builder - WORKDIR /go/src/github.com/ibm-messaging/mq-container/ COPY cmd/ ./cmd COPY internal/ ./internal diff --git a/test/docker/docker_api_test.go b/test/docker/docker_api_test.go index f630ba5a..3fda0b4d 100644 --- a/test/docker/docker_api_test.go +++ b/test/docker/docker_api_test.go @@ -416,8 +416,8 @@ func TestReadiness(t *testing.T) { t.Fatalf("Runmqsc returned %v with error %v. chkmqready returned %v when MQSC had not finished", queueCheckRC, r.FindString(queueCheckOut), readyRC) } else { // chkmqready says OK, and the last queue exists, so return - _, output := execContainer(t, cli, id, "root", []string{"bash", "-c", "echo 'DISPLAY QLOCAL(test1)' | runmqsc"}) - t.Log(output) + _, runmqsc := execContainer(t, cli, id, "root", []string{"bash", "-c", "echo 'DISPLAY QLOCAL(test1)' | runmqsc"}) + t.Log(runmqsc) return } }