particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docker-compose: integrate dev container

Browse source 
Integrate the dev container into docker compose with the aim
of making test-case generation work as well as composer-cli.

This also makes docker-compose self contained, and no setup or configuration is required beyond running `docker compose up --build`.
This commit is contained in:
Tom Gundersen 2022-02-15 22:00:21 +00:00
parent bbbbe32b10
commit 9b89df57b6
6 changed files with 109 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.env Normal file
View file

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=composer

35
HACKING.md
View file

@ -63,45 +63,20 @@ The containers are a good way to quickly test small changes, but before
submitting a Pull Request, it's recommended to run through all the tests using
the [Virtual Machine](#virtual-machine) setup described above.
### Configuration
Each service (*composer* and *worker*) requires a configuration file and a set
of certificates. The storage location for these is shared between the
containers for simplicity. By default it's configured to be at
`./containers/config`, but this can be changed in the
[`./distribution/.env`](./distribution/.env) file by modifying the value of the
`$CONTAINER_CONFIG_DIR` variable (both absolute and relative paths work).
Use the [`tools/gen-certs.sh`](./tools/gen-certs.sh) script to
generate the certificates (using the test OpenSSL config file):
./tools/gen-certs.sh ./test/data/x509/openssl.cnf ./containers/config ./containers/config/ca
Note that the two arguments `./containers/config` and `./containers/config/ca`
should be the same location as the `$CONTAINER_CONFIG_DIR` described above
The services also require a config file each which they expect to be in the
same directory. The following test files can be copied into it:
cp ./test/data/composer/osbuild-composer.toml ./test/data/worker/osbuild-worker.toml ./containers/config/
The `$CONTAINER_CONFIG_DIR` (default `containers/config`) directory will be mounted inside both containers (see
the [`docker-composer.yml`](./distribution/docker-compose.yml) file).
### Build and run
To build the containers, change into the `distribution/` directory and run:
To build the containers run:
docker-compose build
To start the containers, change into the `distribution/` directory and run:
To start the containers run:
docker-compose up
You can send requests to the *osbuild-composer* container directly using the
generated certificate and client key. For example, from the project root, run:
You can send requests to the *osbuild-composer* container by entering the devel
container and running:
curl -k --cert ./containers/config/client-crt.pem --key ./containers/config/client-key.pem https://172.30.0.10:8080/api/composer-koji/v1/status
curl -k --cert /etc/osbuild-composer/client-crt.pem --key /etc/osbuild-composer/client-key.pem https://172.30.0.10:8080/api/composer-koji/v1/status
To rebuild the containers after a change, add the `--build` flag to the `docker-compose` command:

2
distribution/.env
View file

@ -1,2 +0,0 @@
COMPOSE_PROJECT_NAME=osbuild
CONTAINER_CONFIG_DIR=../containers/config

11
distribution/Dockerfile-config Normal file
View file

@ -0,0 +1,11 @@
FROM fedora:35
RUN dnf -y install \
openssl
COPY ./tools/gen-certs.sh .
COPY ./test/data/x509/openssl.cnf .
COPY ./test/data/composer/osbuild-composer.toml /config/
COPY ./test/data/worker/osbuild-worker.toml /config/
COPY ./repositories /config/repositories/
RUN ./gen-certs.sh ./openssl.cnf /config /config/ca

40
distribution/docker-compose.yml
View file

@ -1,40 +0,0 @@
version: '2.4'
services:
composer:
image: local/osbuild-composer
build:
context: ..
dockerfile: ./distribution/Dockerfile-ubi
volumes:
- ${CONTAINER_CONFIG_DIR}/:/etc/osbuild-composer
networks:
net:
ipv4_address: 172.30.0.10
worker:
image: local/osbuild-worker
build:
context: ..
dockerfile: ./distribution/Dockerfile-worker
# override the entrypoint to specify composer hostname and port
entrypoint: ["/usr/libexec/osbuild-composer/osbuild-worker" "https://composer:8700"]
volumes:
- ${CONTAINER_CONFIG_DIR}/:/etc/osbuild-composer
environment:
- CACHE_DIRECTORY=/var/cache/osbuild-worker
privileged: true
cap_add:
- MKNOD
- SYS_ADMIN
- NET_ADMIN
networks:
net:
ipv4_address: 172.30.0.20
depends_on:
- "composer"
networks:
net:
ipam:
driver: default
config:
- subnet: 172.30.0.0/16

92
docker-compose.yml Normal file
View file

@ -0,0 +1,92 @@
version: '2.4'
services:
devel:
image: local/osbuild-composer-devel
build:
context: .
dockerfile: ./.devcontainer/Dockerfile
volumes:
- config:/etc/osbuild-composer
- weldr:/run/weldr
- dnf-json:/run/osbuild-dnf-json
- .:/workspace
- go-cache:/root/.cache/go-build
- go-mod:/root/go/pkg/mod
networks:
net:
ipv4_address: 172.30.0.2
working_dir: /workspace
command: /bin/sh -c "while sleep 1000; do :; done"
create-config:
image: local/osbuild-composer-create-config
build:
context: .
dockerfile: ./distribution/Dockerfile-config
volumes:
- config:/config
composer:
image: local/osbuild-composer
build:
context: .
dockerfile: ./distribution/Dockerfile-ubi
entrypoint:
[
"python3",
"/opt/entrypoint.py",
"--dnf-json",
"--weldr-api",
"--remote-worker-api",
"--composer-api",
"--composer-api-port",
"8080"
]
volumes:
- config:/etc/osbuild-composer
- weldr:/run/weldr
- dnf-json:/run/osbuild-dnf-json
networks:
net:
ipv4_address: 172.30.0.10
depends_on:
- create-config
worker:
image: local/osbuild-worker
build:
context: .
dockerfile: ./distribution/Dockerfile-worker
# override the entrypoint to specify composer hostname and port
entrypoint:
[
"/usr/libexec/osbuild-composer/osbuild-worker",
"composer:8700"
]
volumes:
- config:/etc/osbuild-composer
- dnf-json:/run/osbuild-dnf-json
environment:
- CACHE_DIRECTORY=/var/cache/osbuild-worker
privileged: true
cap_add:
- MKNOD
- SYS_ADMIN
- NET_ADMIN
networks:
net:
ipv4_address: 172.30.0.20
depends_on:
- "create-config"
- "composer"
networks:
net:
ipam:
driver: default
config:
- subnet: 172.30.0.0/16
volumes:
config:
weldr:
dnf-json:
go-cache:
go-mod: