-
Notifications
You must be signed in to change notification settings - Fork 79
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
738c1ee
commit df934a1
Showing
5 changed files
with
141 additions
and
84 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,55 +21,95 @@ FROM alpine:latest as gocd-server-unzip | |
RUN \ | ||
apk --no-cache upgrade && \ | ||
apk add --no-cache curl && \ | ||
curl --fail --location --silent --show-error "https://download.gocd.org/binaries/19.5.0-9272/generic/go-server-19.5.0-9272.zip" > /tmp/go-server-19.5.0-9272.zip | ||
RUN unzip /tmp/go-server-19.5.0-9272.zip -d / | ||
RUN mv /go-server-19.5.0 /go-server | ||
curl --fail --location --silent --show-error "https://download.gocd.org/binaries/19.6.0-9515/generic/go-server-19.6.0-9515.zip" > /tmp/go-server-19.6.0-9515.zip | ||
RUN unzip /tmp/go-server-19.6.0-9515.zip -d / | ||
RUN mv /go-server-19.6.0 /go-server | ||
|
||
FROM alpine:3.9 | ||
MAINTAINER ThoughtWorks, Inc. <[email protected]> | ||
|
||
LABEL gocd.version="19.5.0" \ | ||
LABEL gocd.version="19.6.0" \ | ||
description="GoCD server based on alpine version 3.9" \ | ||
maintainer="ThoughtWorks, Inc. <[email protected]>" \ | ||
url="https://www.gocd.org" \ | ||
gocd.full.version="19.5.0-9272" \ | ||
gocd.git.sha="496bf8b95e603c1f3980ae59042bc559eecbbbc0" | ||
gocd.full.version="19.6.0-9515" \ | ||
gocd.git.sha="4b674c10941b6c27d7ec2a28dd946518d9211b7a" | ||
|
||
# the ports that go server runs on | ||
EXPOSE 8153 8154 | ||
|
||
ADD https://github.com/krallin/tini/releases/download/v0.18.0/tini-static-amd64 /usr/local/sbin/tini | ||
ADD https://github.com/tianon/gosu/releases/download/1.11/gosu-amd64 /usr/local/sbin/gosu | ||
|
||
# force encoding | ||
ENV LANG en_US.UTF-8 | ||
ENV LANGUAGE en_US:en | ||
ENV LC_ALL en_US.UTF-8 | ||
ENV GO_JAVA_HOME="/gocd-jre" | ||
|
||
ARG UID=1000 | ||
ARG GID=1000 | ||
|
||
RUN \ | ||
# add mode and permissions for files we added above | ||
chmod 0755 /usr/local/sbin/tini && \ | ||
chown root:root /usr/local/sbin/tini && \ | ||
chmod 0755 /usr/local/sbin/gosu && \ | ||
chown root:root /usr/local/sbin/gosu && \ | ||
# add our user and group first to make sure their IDs get assigned consistently, | ||
# regardless of whatever dependencies get added | ||
addgroup -g ${GID} go && \ | ||
adduser -D -u ${UID} -s /bin/bash -G go go && \ | ||
# add user to root group for gocd to work on openshift | ||
adduser -D -u ${UID} -s /bin/bash -G root go && \ | ||
apk add --no-cache cyrus-sasl cyrus-sasl-plain && \ | ||
apk --no-cache upgrade && \ | ||
apk add --no-cache nss git mercurial subversion openssh-client bash curl && \ | ||
apk add --no-cache openjdk8-jre-base && \ | ||
mkdir -p /docker-entrypoint.d | ||
apk add --no-cache nss git mercurial subversion openssh-client bash curl procps && \ | ||
# install glibc and zlib for adoptopenjdk && \ | ||
# See https://github.com/AdoptOpenJDK/openjdk-docker/blob/ce8b120411b131e283106ab89ea5921ebb1d1759/8/jdk/alpine/Dockerfile.hotspot.releases.slim#L24-L54 && \ | ||
apk add --no-cache --virtual .build-deps curl binutils && \ | ||
GLIBC_VER="2.29-r0" && \ | ||
ALPINE_GLIBC_REPO="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ | ||
GCC_LIBS_URL="https://archive.archlinux.org/packages/g/gcc-libs/gcc-libs-9.1.0-2-x86_64.pkg.tar.xz" && \ | ||
GCC_LIBS_SHA256=91dba90f3c20d32fcf7f1dbe91523653018aa0b8d2230b00f822f6722804cf08 && \ | ||
ZLIB_URL="https://archive.archlinux.org/packages/z/zlib/zlib-1%3A1.2.11-3-x86_64.pkg.tar.xz" && \ | ||
ZLIB_SHA256=17aede0b9f8baa789c5aa3f358fbf8c68a5f1228c5e6cba1a5dd34102ef4d4e5 && \ | ||
curl -LfsS https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub -o /etc/apk/keys/sgerrand.rsa.pub && \ | ||
SGERRAND_RSA_SHA256="823b54589c93b02497f1ba4dc622eaef9c813e6b0f0ebbb2f771e32adf9f4ef2" && \ | ||
echo "${SGERRAND_RSA_SHA256} */etc/apk/keys/sgerrand.rsa.pub" | sha256sum -c - && \ | ||
curl -LfsS ${ALPINE_GLIBC_REPO}/${GLIBC_VER}/glibc-${GLIBC_VER}.apk > /tmp/glibc-${GLIBC_VER}.apk && \ | ||
apk add /tmp/glibc-${GLIBC_VER}.apk && \ | ||
curl -LfsS ${ALPINE_GLIBC_REPO}/${GLIBC_VER}/glibc-bin-${GLIBC_VER}.apk > /tmp/glibc-bin-${GLIBC_VER}.apk && \ | ||
apk add /tmp/glibc-bin-${GLIBC_VER}.apk && \ | ||
curl -Ls ${ALPINE_GLIBC_REPO}/${GLIBC_VER}/glibc-i18n-${GLIBC_VER}.apk > /tmp/glibc-i18n-${GLIBC_VER}.apk && \ | ||
apk add /tmp/glibc-i18n-${GLIBC_VER}.apk && \ | ||
/usr/glibc-compat/bin/localedef --force --inputfile POSIX --charmap UTF-8 "$LANG" || true && \ | ||
echo "export LANG=$LANG" > /etc/profile.d/locale.sh && \ | ||
curl -LfsS ${GCC_LIBS_URL} -o /tmp/gcc-libs.tar.xz && \ | ||
echo "${GCC_LIBS_SHA256} */tmp/gcc-libs.tar.xz" | sha256sum -c - && \ | ||
mkdir /tmp/gcc && \ | ||
tar -xf /tmp/gcc-libs.tar.xz -C /tmp/gcc && \ | ||
mv /tmp/gcc/usr/lib/libgcc* /tmp/gcc/usr/lib/libstdc++* /usr/glibc-compat/lib && \ | ||
strip /usr/glibc-compat/lib/libgcc_s.so.* /usr/glibc-compat/lib/libstdc++.so* && \ | ||
curl -LfsS ${ZLIB_URL} -o /tmp/libz.tar.xz && \ | ||
echo "${ZLIB_SHA256} */tmp/libz.tar.xz" | sha256sum -c - && \ | ||
mkdir /tmp/libz && \ | ||
tar -xf /tmp/libz.tar.xz -C /tmp/libz && \ | ||
mv /tmp/libz/usr/lib/libz.so* /usr/glibc-compat/lib && \ | ||
apk del --purge .build-deps glibc-i18n && \ | ||
rm -rf /tmp/*.apk /tmp/gcc /tmp/gcc-libs.tar.xz /tmp/libz /tmp/libz.tar.xz /var/cache/apk/* && \ | ||
# end installing adoptopenjre && \ | ||
curl --fail --location --silent --show-error 'https://github.com/AdoptOpenJDK/openjdk12-binaries/releases/download/jdk-12.0.1%2B12/OpenJDK12U-jre_x64_linux_hotspot_12.0.1_12.tar.gz' --output /tmp/jre.tar.gz && \ | ||
mkdir -p /gocd-jre && \ | ||
tar -xf /tmp/jre.tar.gz -C /gocd-jre --strip 1 && \ | ||
rm -rf /tmp/jre.tar.gz && \ | ||
mkdir -p /go-server /docker-entrypoint.d /go-working-dir /godata | ||
|
||
ADD docker-entrypoint.sh / | ||
|
||
COPY --from=gocd-server-unzip /go-server /go-server | ||
# ensure that logs are printed to console output | ||
COPY logback-include.xml /go-server/config/logback-include.xml | ||
COPY install-gocd-plugins /usr/local/sbin/install-gocd-plugins | ||
COPY git-clone-config /usr/local/sbin/git-clone-config | ||
COPY --chown=go:root logback-include.xml /go-server/config/logback-include.xml | ||
COPY --chown=go:root install-gocd-plugins /usr/local/sbin/install-gocd-plugins | ||
COPY --chown=go:root git-clone-config /usr/local/sbin/git-clone-config | ||
|
||
ADD docker-entrypoint.sh / | ||
RUN chown -R go:root /go-server /docker-entrypoint.d /go-working-dir /godata /docker-entrypoint.sh \ | ||
&& chmod -R g=u /go-server /docker-entrypoint.d /go-working-dir /godata /docker-entrypoint.sh | ||
|
||
ENTRYPOINT ["/docker-entrypoint.sh"] | ||
|
||
USER go |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
#!/bin/bash | ||
|
||
# Copyright 2018 ThoughtWorks, Inc. | ||
# Copyright 2019 ThoughtWorks, Inc. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
|
@@ -18,76 +18,88 @@ yell() { echo "$0: $*" >&2; } | |
die() { yell "$*"; exit 111; } | ||
try() { echo "$ $@" 1>&2; "$@" || die "cannot $*"; } | ||
|
||
VOLUME_DIR="/godata" | ||
declare -a _stringToArgs | ||
function stringToArgsArray() { | ||
_stringToArgs=("$@") | ||
} | ||
|
||
SERVER_WORK_DIR="/go-working-dir" | ||
|
||
# no arguments are passed so assume user wants to run the gocd server | ||
# we prepend "/go-server/server.sh" to the argument list | ||
# we prepend "${SERVER_WORK_DIR}/bin/go-server console" to the argument list | ||
if [[ $# -eq 0 ]] ; then | ||
set -- /go-server/server.sh "$@" | ||
set -- "${SERVER_WORK_DIR}/bin/go-server" console "$@" | ||
fi | ||
|
||
# if running go server as root, then initialize directory structure and call ourselves as `go` user | ||
if [ "$1" = '/go-server/server.sh' ]; then | ||
if [ "$1" = "${SERVER_WORK_DIR}/bin/go-server" ]; then | ||
VOLUME_DIR="/godata" | ||
|
||
if [ "$(id -u)" = '0' ]; then | ||
export SERVER_WORK_DIR="/go-working-dir" | ||
export GO_CONFIG_DIR="/go-working-dir/config" | ||
server_data_dirs=(artifacts config db logs plugins addons) | ||
|
||
server_dirs=(artifacts config db logs plugins addons) | ||
yell "Creating directories and symlinks to hold GoCD configuration, data, and logs" | ||
|
||
yell "Creating directories and symlinks to hold GoCD configuration, data, and logs" | ||
for each_dir in "${server_data_dirs[@]}"; do | ||
if [ ! -e "${VOLUME_DIR}/${each_dir}" ]; then | ||
try mkdir -v "${VOLUME_DIR}/${each_dir}" | ||
fi | ||
|
||
# ensure working dir exist | ||
if [ ! -e "${SERVER_WORK_DIR}" ]; then | ||
try mkdir "${SERVER_WORK_DIR}" | ||
try chown go:go "${SERVER_WORK_DIR}" | ||
if [ ! -e "${SERVER_WORK_DIR}/${each_dir}" ]; then | ||
try ln -sv "${VOLUME_DIR}/${each_dir}" "${SERVER_WORK_DIR}/${each_dir}" | ||
fi | ||
done | ||
|
||
wrapper_dirs=(bin lib run wrapper wrapper-config) | ||
|
||
yell "Creating directories and symlinks to hold GoCD wrapper binaries" | ||
|
||
# ensure proper directory structure in the volume directory | ||
if [ ! -e "${VOLUME_DIR}" ]; then | ||
try mkdir "${VOLUME_DIR}" | ||
try chown go:go "${VOLUME_DIR}" | ||
for each_dir in "${wrapper_dirs[@]}"; do | ||
if [ ! -e "${SERVER_WORK_DIR}/${each_dir}" ]; then | ||
try ln -sv "/go-server/${each_dir}" "${SERVER_WORK_DIR}/${each_dir}" | ||
fi | ||
done | ||
|
||
if [ ! -e "${SERVER_WORK_DIR}/config/logback-include.xml" ]; then | ||
try cp -rfv "/go-server/config/logback-include.xml" "${SERVER_WORK_DIR}/config/logback-include.xml" | ||
fi | ||
|
||
try install-gocd-plugins | ||
try git-clone-config | ||
|
||
for each_dir in "${server_dirs[@]}"; do | ||
if [ ! -e "${VOLUME_DIR}/${each_dir}" ]; then | ||
try mkdir -v "${VOLUME_DIR}/${each_dir}" | ||
try chown go:go "${VOLUME_DIR}/${each_dir}" | ||
fi | ||
|
||
if [ ! -e "${SERVER_WORK_DIR}/${each_dir}" ]; then | ||
try ln -sv "${VOLUME_DIR}/${each_dir}" "${SERVER_WORK_DIR}/${each_dir}" | ||
try chown go:go "${SERVER_WORK_DIR}/${each_dir}" | ||
fi | ||
done | ||
|
||
if [ ! -e "${SERVER_WORK_DIR}/config/logback-include.xml" ]; then | ||
try cp -rfv "/go-server/config/logback-include.xml" "${SERVER_WORK_DIR}/config/logback-include.xml" | ||
try chown go:go "${VOLUME_DIR}/config/logback-include.xml" | ||
yell "Running custom scripts in /docker-entrypoint.d/ ..." | ||
|
||
# to prevent expansion to literal string `/docker-entrypoint.d/*` when there is nothing matching the glob | ||
shopt -s nullglob | ||
|
||
for file in /docker-entrypoint.d/*; do | ||
if [ -f "$file" ] && [ -x "$file" ]; then | ||
try "$file" | ||
else | ||
yell "Ignoring $file, it is either not a file or is not executable" | ||
fi | ||
done | ||
|
||
try install-gocd-plugins | ||
try git-clone-config | ||
# setup the java binary and wrapper log | ||
try sed -i \ | ||
-e "[email protected]=.*@/wrapper.logfile=${SERVER_WORK_DIR}/logs/go-server-wrapper.log@g" \ | ||
-e "[email protected]=.*@wrapper.java.command=${GO_JAVA_HOME}/bin/java@g" \ | ||
-e "[email protected]=.*@wrapper.working.dir=${SERVER_WORK_DIR}@g" \ | ||
/go-server/wrapper-config/wrapper.conf | ||
|
||
yell "Running custom scripts in /docker-entrypoint.d/ ..." | ||
# parse/split an environment var to an array like how it should pass to the CLI | ||
# GOCD_SERVER_JVM_OPTS is mostly for advanced users. | ||
eval stringToArgsArray "$GOCD_SERVER_JVM_OPTS" | ||
GOCD_SERVER_JVM_OPTS=("${_stringToArgs[@]}") | ||
|
||
# to prevent expansion to literal string `/docker-entrypoint.d/*` when there is nothing matching the glob | ||
shopt -s nullglob | ||
|
||
for file in /docker-entrypoint.d/*; do | ||
if [ -f "$file" ] && [ -x "$file" ]; then | ||
try "$file" | ||
else | ||
yell "Ignoring $file, it is either not a file or is not executable" | ||
fi | ||
done | ||
GOCD_SERVER_JVM_OPTS+=("-Dgo.console.stdout=true") | ||
|
||
try exec /usr/local/sbin/tini -- /usr/local/sbin/gosu go "$0" "$@" | ||
fi | ||
fi | ||
# write out each system property using its own index | ||
for array_index in "${!GOCD_SERVER_JVM_OPTS[@]}" | ||
do | ||
tanuki_index=$(($array_index + 100)) | ||
echo "wrapper.java.additional.${tanuki_index}=${GOCD_SERVER_JVM_OPTS[$array_index]}" >> /go-server/wrapper-config/wrapper-properties.conf | ||
done | ||
|
||
# these 3 vars are used by `/go-server/server.sh`, so we export | ||
export GO_SERVER_SYSTEM_PROPERTIES="${GO_SERVER_SYSTEM_PROPERTIES}${GO_SERVER_SYSTEM_PROPERTIES:+ }-Dgo.console.stdout=true" | ||
fi | ||
|
||
try exec "$@" | ||
try exec /usr/local/sbin/tini -- "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters