stx tool: Create initial aptly container Dockerfile

Create the initial Dockerfile of aptly used to manage Debian repository.

Story: 2008846
Task: 43026

Signed-off-by: ZhangXiao <xiao.zhang@windriver.com>
Change-Id: I4a2fe2d7922c9f535275f7c56c06a062de446ca4

stx/dockerfiles/stx-aptly.Dockerfile

@@ -0,0 +1,80 @@
+#
+# MIT License
+#
+# Copyright (c) 2021 Mark Asselstine
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+#
+
+FROM golang:1.16.5-buster AS builder
+LABEL stage=builder
+
+
+# Build Aptly with mirror API support
+RUN mkdir -p $GOPATH/src/github.com/aptly-dev/aptly && \
+    git clone https://github.com/masselstine/aptly $GOPATH/src/github.com/aptly-dev/aptly && \
+    cd $GOPATH/src/github.com/aptly-dev/aptly && \
+    go mod init && go mod download && go mod vendor && go mod verify && \
+    make install && \
+    cd $GOPATH && \
+    curl -O https://nginx.org/keys/nginx_signing.key && apt-key add ./nginx_signing.key
+
+# Build our actual container
+FROM debian:buster
+
+MAINTAINER mark.asselstine@windriver.com
+
+COPY --from=builder /go/nginx_signing.key nginx_signing.key
+
+# Add Nginx repository and install required packages
+RUN apt-get -q update && apt-get -y install gnupg2 && \
+    echo "deb http://nginx.org/packages/debian/ buster nginx" > /etc/apt/sources.list.d/nginx.list && \
+    apt-key add ./nginx_signing.key && \
+    apt-get -q update && apt-get -y install \
+                                            aptly \
+                                            supervisor \
+                                            gettext-base \
+                                            nginx && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/* && \
+    rm -rf /usr/share/man && \
+    rm -rf /usr/share/doc && \
+    rm -rf /usr/share/grub2 && \
+    rm -rf /usr/share/texmf/fonts && \
+    rm -rf /usr/share/texmf/doc
+
+# Copy our  Aptly build and configure Aptly
+COPY --from=builder /go/bin/aptly /usr/bin/aptly
+COPY stx/toCOPY/aptly/aptly.conf /etc/aptly.conf
+COPY stx/toCOPY/aptly/supervisord.aptly.conf /etc/supervisor/conf.d/aptly.conf
+
+# Configure Nginx
+RUN echo "daemon off;" >> /etc/nginx/nginx.conf
+COPY stx/toCOPY/aptly/nginx.conf.template /etc/nginx/nginx.conf.template
+COPY stx/toCOPY/aptly/supervisord.nginx.conf /etc/supervisor/conf.d/nginx.conf
+
+# Bind mount locations
+VOLUME [ "/var/aptly" ]
+
+# Ports
+EXPOSE 80 8080
+
+# Configure startup
+COPY stx/toCOPY/aptly/entrypoint.sh /bin/entrypoint.sh
+ENTRYPOINT [ "/bin/entrypoint.sh" ]

stx/toCOPY/aptly/aptly.conf

@@ -0,0 +1,21 @@
+{
+  "rootDir": "/var/aptly",
+  "downloadConcurrency": 4,
+  "downloadSpeedLimit": 0,
+  "architectures": [],
+  "dependencyFollowSuggests": false,
+  "dependencyFollowRecommends": false,
+  "dependencyFollowAllVariants": false,
+  "dependencyFollowSource": false,
+  "dependencyVerboseResolve": false,
+  "gpgDisableSign": true,
+  "gpgDisableVerify": true,
+  "gpgProvider": "gpg",
+  "downloadSourcePackages": false,
+  "skipLegacyPool": true,
+  "ppaDistributorID": "ubuntu",
+  "ppaCodename": "",
+  "FileSystemPublishEndpoints": {},
+  "S3PublishEndpoints": {},
+  "SwiftPublishEndpoints": {}
+}

stx/toCOPY/aptly/entrypoint.sh

@@ -0,0 +1,42 @@
+#! /bin/bash
+#
+# MIT License
+#
+# Copyright (c) 2021 Mark Asselstine
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+#
+
+# Copy user aptly.conf
+if [ -f /var/aptly/aptly.conf ]; then
+    cp /var/aptly/aptly.conf /etc/aptly.conf
+else
+    cp /etc/aptly.conf /var/aptly/aptly.conf
+fi
+
+# Setup default nginx config
+if [ -f /var/aptly/nginx.conf ]; then
+    cp /var/aptly/nginx.conf /etc/nginx/conf.d/default.conf
+else
+    envsubst '$HOSTNAME' < /etc/nginx/nginx.conf.template > /etc/nginx/conf.d/default.conf
+    cp /etc/nginx/conf.d/default.conf /var/aptly/nginx.conf
+fi
+
+# Start Supervisor
+/usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf

stx/toCOPY/aptly/nginx.conf.template

@@ -0,0 +1,16 @@
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    server_name $HOSTNAME;
+
+    if ( $https = "on" ) {
+       return 301 http://$host$request_uri;
+    }
+
+    root /var/aptly/public;
+
+    location / {
+        autoindex on;
+        try_files $uri $uri/ =404;
+    }
+}

stx/toCOPY/aptly/supervisord.aptly.conf

@@ -0,0 +1,4 @@
+[program:aptly]
+command=/usr/bin/aptly api serve --no-lock --listen=":8080"
+redirect_stderr=true
+stdout_logfile_maxbytes=1MB

stx/toCOPY/aptly/supervisord.nginx.conf

@@ -0,0 +1,4 @@
+[program:nginx]
+command=/usr/sbin/nginx
+redirect_stderr=true
+stdout_logfile_maxbytes=1MB