From 9b89df57b64b71d3e6549f1b136962693dc66ca0 Mon Sep 17 00:00:00 2001
From: Tom Gundersen <teg@jklm.no>
Date: Tue, 15 Feb 2022 22:00:21 +0000
Subject: [PATCH] docker-compose: integrate dev container

Integrate the dev container into docker compose with the aim
of making test-case generation work as well as composer-cli.

This also makes docker-compose self contained, and no setup or configuration is required beyond running `docker compose up --build`.
---
 .env                            |  1 +
 HACKING.md                      | 35 ++-----------
 distribution/.env               |  2 -
 distribution/Dockerfile-config  | 11 ++++
 distribution/docker-compose.yml | 40 --------------
 docker-compose.yml              | 92 +++++++++++++++++++++++++++++++++
 6 files changed, 109 insertions(+), 72 deletions(-)
 create mode 100644 .env
 delete mode 100644 distribution/.env
 create mode 100644 distribution/Dockerfile-config
 delete mode 100644 distribution/docker-compose.yml
 create mode 100644 docker-compose.yml

diff --git a/.env b/.env
new file mode 100644
index 000000000..59f95a660
--- /dev/null
+++ b/.env
@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=composer
diff --git a/HACKING.md b/HACKING.md
index 546dac2d8..d5f52fbd6 100644
--- a/HACKING.md
+++ b/HACKING.md
@@ -63,45 +63,20 @@ The containers are a good way to quickly test small changes, but before
 submitting a Pull Request, it's recommended to run through all the tests using
 the [Virtual Machine](#virtual-machine) setup described above.
 
-### Configuration
-
-Each service (*composer* and *worker*) requires a configuration file and a set
-of certificates. The storage location for these is shared between the
-containers for simplicity. By default it's configured to be at
-`./containers/config`, but this can be changed in the
-[`./distribution/.env`](./distribution/.env) file by modifying the value of the
-`$CONTAINER_CONFIG_DIR` variable (both absolute and relative paths work).
-
-Use the [`tools/gen-certs.sh`](./tools/gen-certs.sh) script to
-generate the certificates (using the test OpenSSL config file):
-
-    ./tools/gen-certs.sh ./test/data/x509/openssl.cnf ./containers/config  ./containers/config/ca
-
-Note that the two arguments `./containers/config` and `./containers/config/ca`
-should be the same location as the `$CONTAINER_CONFIG_DIR` described above
-
-The services also require a config file each which they expect to be in the
-same directory. The following test files can be copied into it:
-
-    cp ./test/data/composer/osbuild-composer.toml ./test/data/worker/osbuild-worker.toml ./containers/config/
-
-The `$CONTAINER_CONFIG_DIR` (default `containers/config`) directory will be mounted inside both containers (see
-the [`docker-composer.yml`](./distribution/docker-compose.yml) file).
-
 ### Build and run
 
-To build the containers, change into the `distribution/` directory and run:
+To build the containers run:
 
     docker-compose build
 
-To start the containers, change into the `distribution/` directory and run:
+To start the containers run:
 
     docker-compose up
 
-You can send requests to the *osbuild-composer* container directly using the
-generated certificate and client key. For example, from the project root, run:
+You can send requests to the *osbuild-composer* container by entering the devel
+container and running:
 
-    curl -k --cert ./containers/config/client-crt.pem --key ./containers/config/client-key.pem https://172.30.0.10:8080/api/composer-koji/v1/status
+    curl -k --cert /etc/osbuild-composer/client-crt.pem --key /etc/osbuild-composer/client-key.pem https://172.30.0.10:8080/api/composer-koji/v1/status
 
 To rebuild the containers after a change, add the `--build` flag to the `docker-compose` command:
 
diff --git a/distribution/.env b/distribution/.env
deleted file mode 100644
index 4e3c577af..000000000
--- a/distribution/.env
+++ /dev/null
@@ -1,2 +0,0 @@
-COMPOSE_PROJECT_NAME=osbuild
-CONTAINER_CONFIG_DIR=../containers/config
diff --git a/distribution/Dockerfile-config b/distribution/Dockerfile-config
new file mode 100644
index 000000000..20d2a9834
--- /dev/null
+++ b/distribution/Dockerfile-config
@@ -0,0 +1,11 @@
+FROM fedora:35
+
+RUN dnf -y install \
+    openssl
+
+COPY ./tools/gen-certs.sh .
+COPY ./test/data/x509/openssl.cnf .
+COPY ./test/data/composer/osbuild-composer.toml /config/
+COPY ./test/data/worker/osbuild-worker.toml /config/
+COPY ./repositories /config/repositories/
+RUN ./gen-certs.sh ./openssl.cnf /config  /config/ca
diff --git a/distribution/docker-compose.yml b/distribution/docker-compose.yml
deleted file mode 100644
index d8548335a..000000000
--- a/distribution/docker-compose.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-version: '2.4'
-services:
-  composer:
-    image: local/osbuild-composer
-    build:
-      context: ..
-      dockerfile: ./distribution/Dockerfile-ubi
-    volumes:
-      - ${CONTAINER_CONFIG_DIR}/:/etc/osbuild-composer
-    networks:
-      net:
-        ipv4_address: 172.30.0.10
-  worker:
-    image: local/osbuild-worker
-    build:
-      context: ..
-      dockerfile: ./distribution/Dockerfile-worker
-    # override the entrypoint to specify composer hostname and port
-    entrypoint: ["/usr/libexec/osbuild-composer/osbuild-worker" "https://composer:8700"]
-    volumes:
-      - ${CONTAINER_CONFIG_DIR}/:/etc/osbuild-composer
-    environment:
-      - CACHE_DIRECTORY=/var/cache/osbuild-worker
-    privileged: true
-    cap_add:
-      - MKNOD
-      - SYS_ADMIN
-      - NET_ADMIN
-    networks:
-      net:
-        ipv4_address: 172.30.0.20
-    depends_on:
-      - "composer"
-
-networks:
-  net:
-    ipam:
-      driver: default
-      config:
-        - subnet: 172.30.0.0/16
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 000000000..bbf7c43ff
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,92 @@
+version: '2.4'
+services:
+  devel:
+    image: local/osbuild-composer-devel
+    build:
+      context: .
+      dockerfile: ./.devcontainer/Dockerfile
+    volumes:
+      - config:/etc/osbuild-composer
+      - weldr:/run/weldr
+      - dnf-json:/run/osbuild-dnf-json
+      - .:/workspace
+      - go-cache:/root/.cache/go-build
+      - go-mod:/root/go/pkg/mod
+    networks:
+      net:
+        ipv4_address: 172.30.0.2
+    working_dir: /workspace
+    command: /bin/sh -c "while sleep 1000; do :; done"
+  create-config:
+    image: local/osbuild-composer-create-config
+    build:
+      context: .
+      dockerfile: ./distribution/Dockerfile-config
+    volumes:
+      - config:/config
+  composer:
+    image: local/osbuild-composer
+    build:
+      context: .
+      dockerfile: ./distribution/Dockerfile-ubi
+    entrypoint:
+      [
+        "python3",
+        "/opt/entrypoint.py",
+        "--dnf-json",
+        "--weldr-api",
+        "--remote-worker-api",
+        "--composer-api",
+        "--composer-api-port",
+        "8080"
+      ]
+    volumes:
+      - config:/etc/osbuild-composer
+      - weldr:/run/weldr
+      - dnf-json:/run/osbuild-dnf-json
+    networks:
+      net:
+        ipv4_address: 172.30.0.10
+    depends_on:
+      - create-config
+  worker:
+    image: local/osbuild-worker
+    build:
+      context: .
+      dockerfile: ./distribution/Dockerfile-worker
+    # override the entrypoint to specify composer hostname and port
+    entrypoint:
+      [
+        "/usr/libexec/osbuild-composer/osbuild-worker",
+        "composer:8700"
+      ]
+    volumes:
+      - config:/etc/osbuild-composer
+      - dnf-json:/run/osbuild-dnf-json
+    environment:
+      - CACHE_DIRECTORY=/var/cache/osbuild-worker
+    privileged: true
+    cap_add:
+      - MKNOD
+      - SYS_ADMIN
+      - NET_ADMIN
+    networks:
+      net:
+        ipv4_address: 172.30.0.20
+    depends_on:
+      - "create-config"
+      - "composer"
+
+networks:
+  net:
+    ipam:
+      driver: default
+      config:
+        - subnet: 172.30.0.0/16
+
+volumes:
+  config:
+  weldr:
+  dnf-json:
+  go-cache:
+  go-mod: