819d3ce480
3.4.5 is a fairly minor update. Some bugs are fixed and jgit is updated. 3.4.5 release notes: https://www.gerritcodereview.com/3.4.html#345 3.5.2 is a bigger update and important adds support for being able to upgrade to 3.6.0 later. There is a new copy-approvals command that must be run offline on 3.5.2 before upgrading to 3.6.0. This copies approvals in the notedb in a way that 3.6.0 can handle them apparently. The release notes indicate this may take some time to run. We don't need to run it now though and instead need to make note of it when we prepare for the 3.6.0 upgrade. 3.5.2 release notes: https://www.gerritcodereview.com/3.5.html#352 For now don't overthink things and instead just get up to date with our images. Change-Id: I837c2cbb09e9a4ff934973f6fc115142d459ae0f
81 lines
2.6 KiB
Docker
81 lines
2.6 KiB
Docker
# Copyright (c) 2019 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Wed May 25 15:37:12 UTC 2022 - trigger rebuild
|
|
|
|
FROM docker.io/opendevorg/python-builder:3.9-bullseye as builder
|
|
|
|
COPY . /tmp/src
|
|
RUN assemble
|
|
|
|
FROM docker.io/library/openjdk:11-bullseye as gerrit-base
|
|
|
|
RUN echo 'APT::Install-Recommends "0";' > /etc/apt/apt.conf.d/95disable-recommends
|
|
|
|
RUN apt-get update \
|
|
&& apt-get install -y dumb-init python3-launchpadlib python3-distutils unzip \
|
|
&& apt-get clean \
|
|
&& rm -rf /var/lib/apt/lists/* \
|
|
&& curl https://bootstrap.pypa.io/get-pip.py > /tmp/get-pip.py \
|
|
&& python3 /tmp/get-pip.py \
|
|
&& rm /tmp/get-pip.py
|
|
|
|
COPY --from=builder /output/ /output
|
|
RUN /output/install-from-bindep
|
|
|
|
# 3000 is what the existing opendev gerrit2 uid is
|
|
RUN addgroup gerrit --gid 3000 --system \
|
|
&& adduser \
|
|
--system \
|
|
--uid 3000 \
|
|
--home /var/gerrit \
|
|
--shell /bin/bash \
|
|
--ingroup gerrit \
|
|
gerrit
|
|
|
|
# Startup scripts
|
|
COPY wait-for-it.sh /wait-for-it.sh
|
|
RUN chmod +x /wait-for-it.sh
|
|
COPY run-gerrit.sh /run-gerrit.sh
|
|
RUN chmod +x /run-gerrit.sh
|
|
|
|
USER gerrit
|
|
RUN mkdir /var/gerrit/bin \
|
|
&& mkdir /var/gerrit/hooks \
|
|
&& mkdir /var/gerrit/static
|
|
|
|
# Download mariadb java client.
|
|
# Modern gerrit stopped downloading missing libs during init which means we
|
|
# need to do the downland and install ourselves.
|
|
# Note the perms on this are 0600 hence the need for the chown otherwise
|
|
# they are root owned and Gerrit can't use the jdbc driver.
|
|
ADD --chown=gerrit:gerrit https://repo1.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/2.7.2/mariadb-java-client-2.7.2.jar /var/gerrit/lib/mariadb-java-client.jar
|
|
|
|
# Allow incoming traffic
|
|
# OpenDev Gerrit listens on 8081 not default of 8080
|
|
EXPOSE 29418 8081
|
|
|
|
VOLUME /var/gerrit/git /var/gerrit/index /var/gerrit/cache /var/gerrit/db /var/gerrit/etc /var/log/gerrit /var/gerrit/tmp
|
|
|
|
RUN ln -s /var/log/gerrit /var/gerrit/logs
|
|
|
|
# container.javaOptions
|
|
# Also include container.heapLimit - but with -Xmx prefixing it
|
|
ENV JAVA_OPTIONS ""
|
|
|
|
# Ulimits should be set on command line or in docker-compose.yaml
|
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
|
CMD "/run-gerrit.sh"
|