Skip to content
Permalink
Browse files

wip: setup containers with releases

  • Loading branch information...
InoMurko committed May 4, 2019
1 parent 10d1bc1 commit e912c5929895fed8873760a920b31131aac5cf45
Showing with 463 additions and 3 deletions.
  1. +66 −1 .circleci/config.yml
  2. +0 −2 .gitignore
  3. +67 −0 Dockerfile.child_chain
  4. +67 −0 Dockerfile.watcher
  5. +128 −0 Makefile
  6. +67 −0 rootfs/child_chain_entrypoint
  7. +68 −0 rootfs/watcher_entrypoint
@@ -1,4 +1,36 @@
version: 2
version: 2.1

executors:
child_chain-builder:
docker:
- image: omisegoimages/elixir-omg-builder:v1.2
working_directory: ~/src
watcher-builder:
docker:
- image: omisegoimages/elixir-omg-builder:v1.2
working_directory: ~/src

builder_pg:
docker:
- image: omisegoimages/elixir-omg-builder:v1.2
- image: postgres:9.6-alpine
working_directory: ~/src

deploy:
docker:
- image: omisegoimages/elixir-omg-deploy:stable
working_directory: ~/src

child_chain-metal:
machine: true
environment:
IMAGE_NAME: "omisego/child_chain"

watcher-metal:
machine: true
environment:
IMAGE_NAME: "omisego/watcher"

jobs:
build:
docker:
@@ -325,6 +357,23 @@ jobs:
name: Uploading watcher CI artifacts
path: ./ci_artifact

publish:
executor: metal
steps:
- checkout
- run: make docker IMAGE_NAME=$IMAGE_NAME
- run: make docker CHILD_CHAIN_IMAGE_NAME=$CHILD_CHAIN_IMAGE_NAME
- notify_slack_failure
- notify_slack

deploy:
executor: deploy
steps:
- checkout
#- run: sh .circleci/ci_deploy.sh
#- notify_slack_failure
#- notify_slack_deploy

coveralls_merge:
docker:
# Ensure .tool-versions matches
@@ -481,3 +530,19 @@ workflows:
branches:
only:
- v0.1
# Publish in case of master branch.
- publish:
requires: [child_chain_coveralls_and_integration_tests, watcher_coveralls_and_integration_tests, common_coveralls_and_integration_tests, test, dialyzer, lint]
filters:
branches:
only:
- master
- 579-publish_release_docker
# Release deploy to development in case of master branch.
- deploy:
requires: [publish]
filters:
branches:
only:
- master
- 579-publish_release_docker
@@ -25,8 +25,6 @@ erl_crash.dump
# Dev sqllite db
*ecto_simple.sqlite3*

Makefile

# Developers config file
your_config_file.exs

@@ -0,0 +1,67 @@
FROM alpine:3.8

LABEL maintainer="OmiseGO Team <omg@omise.co>"
LABEL description="Official image for OmiseGO (Watcher) Plasma Network"

ENV LANG=C.UTF-8

## S6
##

ENV S6_VERSION="1.21.4.0"

RUN set -xe \
&& apk add --update --no-cache --virtual .fetch-deps \
curl \
ca-certificates \
&& S6_DOWNLOAD_URL="https://github.com/just-containers/s6-overlay/releases/download/v${S6_VERSION}/s6-overlay-amd64.tar.gz" \
&& S6_DOWNLOAD_SHA256="e903f138dea67e75afc0f61e79eba529212b311dc83accc1e18a449d58a2b10c" \
&& curl -fsL -o s6-overlay.tar.gz "${S6_DOWNLOAD_URL}" \
&& echo "${S6_DOWNLOAD_SHA256} s6-overlay.tar.gz" |sha256sum -c - \
&& tar -xzC / -f s6-overlay.tar.gz \
&& rm s6-overlay.tar.gz \
&& apk del .fetch-deps

## Application
##

RUN apk add --update --no-cache --virtual .child_chain-runtime \
bash \
libressl \
libressl-dev \
lksctp-tools

COPY rootfs /

# USER directive is not being used here since privileges are dropped via
# s6-setuigid in /entrypoint. s6-overlay is required to be run as root.
ARG user=child_chain
ARG group=child_chain
ARG uid=10000
ARG gid=10000

RUN set -xe \
&& addgroup -g ${gid} ${group} \
&& adduser -D -h /app -u ${uid} -G ${group} ${user} \
&& chown "${uid}:${gid}" "/app" \
&& chmod +x /child_chain_entrypoint

ARG release_version

ADD _build/prod/rel/watcher/releases/${release_version}/watcher.tar.gz /app
RUN chown -R "${uid}:${gid}" /app
WORKDIR /app

# Child Chain app is using PORT environment variable to determine which port to run
# the application server.
ENV PORT 9656

EXPOSE $PORT

# These are ports required for clustering. The range is defined in vm.args
# in inet_dist_listen_min and inet_dist_listen_max.
#EXPOSE 4369 6900 6901 6902 6903 6904 6905 6906 6907 6908 6909

ENTRYPOINT ["/init", "/entrypoint"]

CMD ["foreground"]
@@ -0,0 +1,67 @@
FROM alpine:3.8

LABEL maintainer="OmiseGO Team <omg@omise.co>"
LABEL description="Official image for OmiseGO (Watcher) Plasma Network"

ENV LANG=C.UTF-8

## S6
##

ENV S6_VERSION="1.21.4.0"

RUN set -xe \
&& apk add --update --no-cache --virtual .fetch-deps \
curl \
ca-certificates \
&& S6_DOWNLOAD_URL="https://github.com/just-containers/s6-overlay/releases/download/v${S6_VERSION}/s6-overlay-amd64.tar.gz" \
&& S6_DOWNLOAD_SHA256="e903f138dea67e75afc0f61e79eba529212b311dc83accc1e18a449d58a2b10c" \
&& curl -fsL -o s6-overlay.tar.gz "${S6_DOWNLOAD_URL}" \
&& echo "${S6_DOWNLOAD_SHA256} s6-overlay.tar.gz" |sha256sum -c - \
&& tar -xzC / -f s6-overlay.tar.gz \
&& rm s6-overlay.tar.gz \
&& apk del .fetch-deps

## Application
##

RUN apk add --update --no-cache --virtual .watcher-runtime \
bash \
libressl \
libressl-dev \
lksctp-tools

COPY rootfs /

# USER directive is not being used here since privileges are dropped via
# s6-setuigid in /entrypoint. s6-overlay is required to be run as root.
ARG user=watcher
ARG group=watcher
ARG uid=10000
ARG gid=10000

RUN set -xe \
&& addgroup -g ${gid} ${group} \
&& adduser -D -h /app -u ${uid} -G ${group} ${user} \
&& chown "${uid}:${gid}" "/app" \
&& chmod +x /watcher_entrypoint

ARG release_version

ADD _build/prod/rel/watcher/releases/${release_version}/watcher.tar.gz /app
RUN chown -R "${uid}:${gid}" /app
WORKDIR /app

# Watcher app is using PORT environment variable to determine which port to run
# the application server.
ENV PORT 7434

EXPOSE $PORT

# These are ports required for clustering. The range is defined in vm.args
# in inet_dist_listen_min and inet_dist_listen_max.
#EXPOSE 4369 6900 6901 6902 6903 6904 6905 6906 6907 6908 6909

ENTRYPOINT ["/init", "/entrypoint"]

CMD ["foreground"]
128 Makefile
@@ -0,0 +1,128 @@
all: clean build-child_chain-prod build-watcher-prod

WATCHER_IMAGE_NAME ?= "omisego/watcher:latest"
CHILD_CHAIN_IMAGE_NAME ?= "omisego/child_chain:latest"
IMAGE_BUILDER ?= "omisegoimages/elixir-omg-builder:v1.2"
IMAGE_BUILD_DIR ?= $(PWD)

ENV_DEV ?= env MIX_ENV=dev
ENV_TEST ?= env MIX_ENV=test
ENV_PROD ?= env MIX_ENV=prod

#
# Setting-up
#

deps: deps-elixir-omg

deps-elixir-omg:
mix deps.get

.PHONY: deps deps-elixir-omg

#
# Cleaning
#

clean: clean-elixir-omg

clean-elixir-omg:
rm -rf _build/
rm -rf deps/


.PHONY: clean clean-elixir-omg

#
# Linting
#

format:
mix format

check-format:
mix format --check-formatted 2>&1

check-credo:
$(ENV_TEST) mix credo 2>&1

check-dialyzer:
$(ENV_TEST) mix dialyzer --halt-exit-status 2>&1

.PHONY: format check-format check-credo

#
# Building
#


build-child_chain-prod: deps-elixir-omg
$(ENV_PROD) mix do compile, release --name child_chain

build-child_chain-dev: deps-elixir-omg
$(ENV_DEV) mix do compile, release dev --name child_chain

build-watcher-prod: deps-elixir-omg
$(ENV_PROD) mix do compile, release --name watcher

build-watcher-dev: deps-elixir-omg
$(ENV_DEV) mix do compile, release dev --name watcher

build-test: deps-elixir-omg
$(ENV_TEST) mix compile

.PHONY: build-prod build-dev build-test

#
# Testing
#

test: test-elixir-omg

test-elixir-omg-watcher: build-test
$(ENV_TEST) mix test

.PHONY: test test-elixir-omg

#
# Docker
#

docker-child_chain-prod:
docker run --rm -it \
-v $(PWD):/app \
-v $(IMAGE_BUILD_DIR)/deps:/app/deps \
-u root \
--entrypoint /bin/sh \
$(CHILD_CHAIN_IMAGE_NAME) \
-c "cd /app && make build-child_chain-prod"

docker-watcher-prod:
docker run --rm -it \
-v $(PWD):/app \
-v $(IMAGE_BUILD_DIR)/deps:/app/deps \
-u root \
--entrypoint /bin/sh \
$(WATCHER_IMAGE_NAME) \
-c "cd /app && make build-watcher-prod"

docker-child_chain-build:
docker build -f Dockerfile.child_chain \
--build-arg release_version=$$(awk '/umbrella_version:/ { gsub(/[^0-9a-z\.\-]+/, "", $$2); print $$2 }' $(PWD)/mix.exs) \
--cache-from $(CHILD_CHAIN_IMAGE_NAME) \
-t $(CHILD_CHAIN_IMAGE_NAME) \
.
docker-watcher-build:
docker build -f Dockerfile.watcher \
--build-arg release_version=$$(awk '/umbrella_version:/ { gsub(/[^0-9a-z\.\-]+/, "", $$2); print $$2 }' $(PWD)/mix.exs) \
--cache-from $(WATCHER_IMAGE_NAME) \
-t $(WATCHER_IMAGE_NAME) \
.

docker: docker-child_chain-prod docker-child_chain-build docker-wacher-prod docker-watcher-build

docker-push: docker
docker push $(CHILD_CHAIN_IMAGE_NAME)
docker push $(WATCHER_IMAGE_NAME)

.PHONY: docker docker-child_chain-prod docker-child_chain-build docker-watcher-prod docker-watcher-build docker-push

0 comments on commit e912c59

Please sign in to comment.
You can’t perform that action at this time.