From 9bb1c731393341d59cad6bcc3c07c5782902e2e6 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Sat, 27 Jul 2019 11:12:46 -0400 Subject: [PATCH] Split out bazel builder and gerrit base image There is a bunch of duplication which needs to be redone almost never. Split those into their own images so we can run them once and reuse them. Change-Id: I923d4bff96dae75eb52a1c271fa52d5ae79933a0 --- .zuul.yaml | 127 ++++++++++++++++++++++++++++++--- docker/bazel/Dockerfile | 31 ++++++++ docker/gerrit/base/Dockerfile | 49 +++++++++++++ docker/gerrit/bazel/Dockerfile | 53 +------------- 4 files changed, 200 insertions(+), 60 deletions(-) create mode 100644 docker/bazel/Dockerfile create mode 100644 docker/gerrit/base/Dockerfile diff --git a/.zuul.yaml b/.zuul.yaml index c3ae28528f..2d36667458 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -223,6 +223,8 @@ tags: - 2.15 files: &gerrit_files_2_15 + - docker/bazel/.* + - docker/gerrit/base/.* - docker/gerrit/bazel/.* - playbooks/zuul/gerrit/.* @@ -281,6 +283,8 @@ gerrit_additional_plugins: - codemirror-editor files: &gerrit_files_2_16 + - docker/bazel/.* + - docker/gerrit/base/.* - docker/gerrit/bazel/.* - playbooks/zuul/gerrit/.* @@ -351,6 +355,8 @@ - plugin-manager - webhooks files: &gerrit_files_3_0 + - docker/bazel/.* + - docker/gerrit/base/.* - docker/gerrit/bazel/.* - playbooks/zuul/gerrit/.* @@ -421,6 +427,58 @@ vars: *python-base_vars files: *python-base_files +# bazel jobs +- job: + name: system-config-build-image-bazel + description: Build a bazel image. + parent: system-config-build-image + vars: &bazel_vars + docker_images: + - context: docker/bazel + repository: opendevorg/bazel + files: &bazel_files + - docker/bazel/.* + +- job: + name: system-config-upload-image-bazel + description: Build and upload a bazel image. + parent: system-config-upload-image + vars: *bazel_vars + files: *bazel_files + +- job: + name: system-config-promote-image-bazel + description: Promote a previously published bazel image to latest. + parent: system-config-promote-image + vars: *bazel_vars + files: *bazel_files + +# gerrit-base jobs +- job: + name: system-config-build-image-gerrit-base + description: Build a gerrit-base image. + parent: system-config-build-image + vars: &gerrit-base_vars + docker_images: + - context: docker/gerrit/base + repository: opendevorg/gerrit-base + files: &gerrit-base_files + - docker/gerrit-base/.* + +- job: + name: system-config-upload-image-gerrit-base + description: Build and upload a gerrit-base image. + parent: system-config-upload-image + vars: *gerrit-base_vars + files: *gerrit-base_files + +- job: + name: system-config-promote-image-gerrit-base + description: Promote a previously published gerrit-base image to latest. + parent: system-config-promote-image + vars: *gerrit-base_vars + files: *gerrit-base_files + # Role integration jobs. These test the top-level generic roles/* # under Zuul. The range of platforms should be the same as those for # openstack-zuul-jobs. @@ -920,13 +978,30 @@ soft: true - system-config-run-zuul-preview - system-config-run-letsencrypt + - system-config-build-image-bazel - system-config-build-image-jinja-init - system-config-build-image-gitea-init - system-config-build-image-gitea + - system-config-build-image-gerrit-base - system-config-build-image-gerrit-2.13 - - system-config-build-image-gerrit-2.15 - - system-config-build-image-gerrit-2.16 - - system-config-build-image-gerrit-3.0 + - system-config-build-image-gerrit-2.15: + dependencies: + - name: system-config-build-image-bazel + soft: true + - name: system-config-build-image-gerrit-base + soft: true + - system-config-build-image-gerrit-2.16: + dependencies: + - name: system-config-build-image-bazel + soft: true + - name: system-config-build-image-gerrit-base + soft: true + - system-config-build-image-gerrit-3.0: + dependencies: + - name: system-config-build-image-bazel + soft: true + - name: system-config-build-image-gerrit-base + soft: true - system-config-build-image-haproxy-statsd - system-config-build-image-python-base - system-config-build-image-python-builder @@ -951,25 +1026,59 @@ soft: true - system-config-run-zuul-preview - system-config-run-letsencrypt + - system-config-upload-image-bazel - system-config-upload-image-jinja-init - system-config-upload-image-gitea-init - system-config-upload-image-gitea + - system-config-upload-image-gerrit-base - system-config-upload-image-gerrit-2.13 - - system-config-upload-image-gerrit-2.15 - - system-config-upload-image-gerrit-2.16 - - system-config-upload-image-gerrit-3.0 + - system-config-upload-image-gerrit-2.15: + dependencies: + - name: system-config-upload-image-bazel + soft: true + - name: system-config-upload-image-gerrit-base + soft: true + - system-config-upload-image-gerrit-2.16: + dependencies: + - name: system-config-upload-image-bazel + soft: true + - name: system-config-upload-image-gerrit-base + soft: true + - system-config-upload-image-gerrit-3.0: + dependencies: + - name: system-config-upload-image-bazel + soft: true + - name: system-config-upload-image-gerrit-base + soft: true - system-config-upload-image-haproxy-statsd - system-config-upload-image-python-base - system-config-upload-image-python-builder promote: jobs: + - system-config-promote-image-bazel - system-config-promote-image-jinja-init - system-config-promote-image-gitea-init - system-config-promote-image-gitea + - system-config-promote-image-gerrit-base - system-config-promote-image-gerrit-2.13 - - system-config-promote-image-gerrit-2.15 - - system-config-promote-image-gerrit-2.16 - - system-config-promote-image-gerrit-3.0 + - system-config-promote-image-gerrit-2.15: + dependencies: + - name: system-config-promote-image-bazel + soft: true + - name: system-config-promote-image-gerrit-base + soft: true + - system-config-promote-image-gerrit-2.16: + dependencies: + - name: system-config-promote-image-bazel + soft: true + - name: system-config-promote-image-gerrit-base + soft: true + - system-config-promote-image-gerrit-3.0: + dependencies: + - name: system-config-promote-image-bazel + soft: true + - name: system-config-promote-image-gerrit-base + soft: true - system-config-promote-image-haproxy-statsd - system-config-promote-image-python-base - system-config-promote-image-python-builder diff --git a/docker/bazel/Dockerfile b/docker/bazel/Dockerfile new file mode 100644 index 0000000000..68c94d2b2d --- /dev/null +++ b/docker/bazel/Dockerfile @@ -0,0 +1,31 @@ +# Copyright (c) 2019 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM l.gcr.io/google/bazel:0.27.1 as bazel + +# The bazel image comes with bazel only runnable by root for some weird reason. +# The bower build in gerrit does not work as root. +# Fix the bazel image. +RUN groupadd builder && \ + useradd builder --home-dir /usr/src --create-home -g builder +RUN chown -R builder /usr/src /usr/local/lib/bazel \ + && chmod +x /usr/local/lib/bazel + +RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - \ + && apt-get update \ + && apt-get install -y nodejs + +USER builder +WORKDIR /usr/src diff --git a/docker/gerrit/base/Dockerfile b/docker/gerrit/base/Dockerfile new file mode 100644 index 0000000000..d0b9905299 --- /dev/null +++ b/docker/gerrit/base/Dockerfile @@ -0,0 +1,49 @@ +# Copyright (c) 2019 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM openjdk:8 + +RUN apt-get update \ + && apt-get install -y dumb-init \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +# 3000 is what the existing opendev gerrit2 user is +RUN addgroup gerrit --gid 3000 --system \ + && adduser \ + --system \ + --uid 3000 \ + --home /var/gerrit \ + --shell /bin/bash \ + --ingroup gerrit \ + gerrit + +USER gerrit +RUN mkdir /var/gerrit/bin + +# Allow incoming traffic +EXPOSE 29418 8080 + +VOLUME /var/gerrit/git /var/gerrit/index /var/gerrit/cache /var/gerrit/db /var/gerrit/etc /var/log/gerrit + +RUN ln -s /var/log/gerrit /var/gerrit/logs + +# container.javaOptions +# Also include container.heapLimit - but with -Xmx prefixing it +ENV JAVA_OPTIONS "" + +# Ulimits should be set on command line or in docker-compose.yaml +ENTRYPOINT ["/usr/bin/dumb-init", "--"] +CMD ["/usr/bin/java", ${JAVA_OPTIONS}, "-jar", "/var/gerrit/bin/gerrit.war"] diff --git a/docker/gerrit/bazel/Dockerfile b/docker/gerrit/bazel/Dockerfile index f9f4bb684b..f0335f48ad 100644 --- a/docker/gerrit/bazel/Dockerfile +++ b/docker/gerrit/bazel/Dockerfile @@ -13,24 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM l.gcr.io/google/bazel:0.27.1 as bazel - -# The bazel image comes with bazel only runnable by root for some weird reason. -# The bower build in gerrit does not work as root. -# Fix the bazel image. -RUN groupadd builder && \ - useradd builder --home-dir /usr/src --create-home -g builder -RUN chown -R builder /usr/src /usr/local/lib/bazel \ - && chmod +x /usr/local/lib/bazel - -RUN curl -sL https://deb.nodesource.com/setup_10.x | bash - \ - && apt-get update \ - && apt-get install -y nodejs - -USER builder -WORKDIR /usr/src - -FROM bazel as builder +FROM opendevorg/bazel as builder USER builder COPY . /usr/src @@ -38,38 +21,6 @@ COPY . /usr/src ARG BAZEL_OPTS RUN cd /usr/src && bash build-gerrit.sh -FROM openjdk:8 +FROM opendevorg/gerrit-base -RUN apt-get update \ - && apt-get install -y dumb-init \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* - -# 3000 is what the existing opendev gerrit2 user is -RUN addgroup gerrit --gid 3000 --system \ - && adduser \ - --system \ - --uid 3000 \ - --home /var/gerrit \ - --shell /bin/bash \ - --ingroup gerrit \ - gerrit - -USER gerrit -RUN mkdir /var/gerrit/bin COPY --from=builder /usr/src/bazel-bin/release.war /var/gerrit/bin/gerrit.war - -# Allow incoming traffic -EXPOSE 29418 8080 - -VOLUME /var/gerrit/git /var/gerrit/index /var/gerrit/cache /var/gerrit/db /var/gerrit/etc /var/log/gerrit - -RUN ln -s /var/log/gerrit /var/gerrit/logs - -# container.javaOptions -# Also include container.heapLimit - but with -Xmx prefixing it -ENV JAVA_OPTIONS "" - -# Ulimits should be set on command line or in docker-compose.yaml -ENTRYPOINT ["/usr/bin/dumb-init", "--"] -CMD ["/usr/bin/java", ${JAVA_OPTIONS}, "-jar", "/var/gerrit/bin/gerrit.war"]