-
-
Notifications
You must be signed in to change notification settings - Fork 12
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: build alpine container from release tar.gz
- Loading branch information
Showing
2 changed files
with
177 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| puppetdb-* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,176 @@ | ||
| FROM alpine:3.20 AS base | ||
|
|
||
| # Install JDK | ||
| RUN apk update && apk upgrade \ | ||
| && apk add openjdk17-jre-headless bash \ | ||
| && rm -rf /var/cache/apk/* | ||
|
|
||
| ################################################################################ | ||
|
|
||
| FROM base AS build | ||
|
|
||
| ARG DB_VERSION=8.8.1 | ||
| ADD https://downloads.puppet.com/puppetdb/puppetdb-${DB_VERSION}.tar.gz / | ||
|
|
||
| ARG prefix=${prefix:=/usr} | ||
| ARG initdir=${initdir:=/etc/init.d} | ||
| ARG unitdir_redhat=${unitdir:-/usr/lib/systemd/system} | ||
| ARG unitdir_debian=${unitdir:-/lib/systemd/system} | ||
| ARG defaultsdir_redhat=${defaultsdir:-/etc/sysconfig} | ||
| ARG defaultsdir_debian=${defaultsdir:-/etc/default} | ||
| ARG tmpfilesdir=${tmpfilesdir:=/usr/lib/tmpfiles.d} | ||
| ARG datadir=${datadir:=${prefix}/share} | ||
| ARG real_name=${real_name:=puppetdb} | ||
| ARG projdatadir=${projdatadir:=${datadir}/${real_name}} | ||
| ARG confdir=${confdir:=/etc} | ||
| ARG projconfdir=${projconfdir:=${confdir}/puppetlabs/${real_name}} | ||
| ARG rundir=${rundir:=/var/run/puppetlabs/${real_name}} | ||
| # Application specific bin directory | ||
| ARG bindir=${bindir:=/opt/puppetlabs/server/apps/${r`eal_name}/bin} | ||
| # User facing bin directory, expected to be added to interactive shell PATH | ||
| ARG uxbindir=${uxbindir:=/opt/puppetlabs/bin} | ||
| # symlinks of server binaries | ||
| ARG symbindir=${symbindir:=/opt/puppetlabs/server/bin} | ||
| ARG app_prefix=${app_prefix:=/opt/puppetlabs/server/apps/${real_name}} | ||
| ARG dest_apps_dir="${DESTDIR}${app_prefix}" | ||
| ARG app_data=${app_data:=/opt/puppetlabs/server/data/${real_name}} | ||
| ARG app_logdir=${app_logdir:=/var/log/puppetlabs/${real_name}} | ||
| ARG system_config_dir=${system_config_dir:=${app_prefix}/config} | ||
| ARG needrestart_confdir=${needrestart_dir:=/etc/needrestart/conf.d} | ||
|
|
||
| RUN tar -xzf /puppetdb-${DB_VERSION}.tar.gz \ | ||
| && cd /puppetdb-${SERVER_VERSION} \ | ||
| && install -d -m 0755 "${dest_apps_dir}" \ | ||
| && install -d -m 0770 "${app_data}" \ | ||
| && install -m 0644 puppetdb.jar "${dest_apps_dir}" \ | ||
| && install -m 0755 ext/ezbake-functions.sh "${dest_apps_dir}" \ | ||
| && install -m 0644 ext/ezbake.manifest "${dest_apps_dir}" \ | ||
| && install -d -m 0755 "${projconfdir}/conf.d" \ | ||
| && install -m 0644 ext/config/bootstrap.cfg "${projconfdir}/bootstrap.cfg" \ | ||
| && install -m 0644 ext/config/request-logging.xml "${projconfdir}/request-logging.xml" \ | ||
| && install -m 0644 ext/config/logback.xml "${projconfdir}/logback.xml" \ | ||
| && install -m 0644 ext/config/conf.d/config.ini "${projconfdir}/conf.d/config.ini" \ | ||
| && install -m 0644 ext/config/conf.d/jetty.ini "${projconfdir}/conf.d/jetty.ini" \ | ||
| && install -m 0644 ext/config/conf.d/repl.ini "${projconfdir}/conf.d/repl.ini" \ | ||
| && install -m 0644 ext/config/conf.d/database.ini "${projconfdir}/conf.d/database.ini" \ | ||
| && install -m 0644 ext/config/conf.d/auth.conf "${projconfdir}/conf.d/auth.conf" \ | ||
| && install -d -m 0755 "${dest_apps_dir}/scripts" \ | ||
| && install -m 0755 install.sh "${dest_apps_dir}/scripts" \ | ||
| && install -d -m 0755 "${dest_apps_dir}/cli" \ | ||
| && install -d -m 0755 "${dest_apps_dir}/cli/apps" \ | ||
| && install -d -m 0755 "${bindir}" \ | ||
| && install -m 0755 "ext/bin/${real_name}" "${bindir}/${real_name}" \ | ||
| && install -d -m 0755 "${symbindir}" \ | ||
| && ln -s "../apps/${real_name}/bin/${real_name}" "${symbindir}/${real_name}" \ | ||
| && install -d -m 0755 "${uxbindir}" \ | ||
| && ln -s "../server/apps/${real_name}/bin/${real_name}" "${uxbindir}/${real_name}" \ | ||
| && install -m 0755 ext/cli/stop "${dest_apps_dir}/cli/apps/stop" \ | ||
| && install -m 0755 ext/cli/config-migration "${dest_apps_dir}/cli/apps/config-migration" \ | ||
| && install -m 0755 ext/cli/start "${dest_apps_dir}/cli/apps/start" \ | ||
| && install -m 0755 ext/cli/foreground "${dest_apps_dir}/cli/apps/foreground" \ | ||
| && install -m 0755 ext/cli/ssl-setup "${dest_apps_dir}/cli/apps/ssl-setup" \ | ||
| && install -m 0755 ext/cli/anonymize "${dest_apps_dir}/cli/apps/anonymize" \ | ||
| && install -m 0755 ext/cli/reload "${dest_apps_dir}/cli/apps/reload" \ | ||
| && install -m 0755 ext/cli/delete-reports "${dest_apps_dir}/cli/apps/delete-reports" \ | ||
| && install -m 0755 ext/cli/upgrade "${dest_apps_dir}/cli/apps/upgrade" \ | ||
| && install -m 0755 ext/cli_defaults/cli-defaults.sh "${dest_apps_dir}/cli/" \ | ||
| && install -d -m 0755 "${rundir}" \ | ||
| && install -d -m 700 "${app_logdir}" | ||
|
|
||
| ################################################################################ | ||
|
|
||
| FROM base AS final | ||
|
|
||
| ARG vcs_ref | ||
| ARG build_date | ||
|
|
||
| LABEL org.label-schema.maintainer="Voxpupuli Release Team <[email protected]>" \ | ||
| org.label-schema.vendor="Vox Pupuli" \ | ||
| org.label-schema.url="https://github.com/voxpupuli/container-puppetdb" \ | ||
| org.label-schema.license="Apache-2.0" \ | ||
| org.label-schema.vcs-url="https://github.com/voxpupuli/container-puppetdb" \ | ||
| org.label-schema.schema-version="1.0" \ | ||
| org.label-schema.dockerfile="/Dockerfile" \ | ||
| org.label-schema.name="PuppetDB ($build_type)" \ | ||
| org.label-schema.vcs-ref="$vcs_ref" \ | ||
| org.label-schema.build-date="$build_date" | ||
|
|
||
| ARG LOGDIR | ||
| ENV LOGDIR=${LOGDIR:-/opt/puppetlabs/server/data/puppetdb/logs} | ||
|
|
||
| ARG SSLDIR | ||
| ENV SSLDIR=${SSLDIR:-/opt/puppetlabs/server/data/puppetdb/certs} | ||
|
|
||
| ENV PUPPETDB_POSTGRES_HOSTNAME="postgres" \ | ||
| PUPPETDB_POSTGRES_PORT="5432" \ | ||
| PUPPETDB_POSTGRES_DATABASE="puppetdb" \ | ||
| CERTNAME=puppetdb \ | ||
| DNS_ALT_NAMES="" \ | ||
| WAITFORCERT="" \ | ||
| PUPPETDB_USER=puppetdb \ | ||
| PUPPETDB_PASSWORD=puppetdb \ | ||
| PUPPETDB_NODE_TTL=7d \ | ||
| PUPPETDB_NODE_PURGE_TTL=14d \ | ||
| PUPPETDB_REPORT_TTL=14d \ | ||
| # used by entrypoint to determine if puppetserver should be contacted for config | ||
| # set to false when container tests are run | ||
| USE_PUPPETSERVER=true \ | ||
| # this value may be set by users, keeping in mind that some of these values are mandatory | ||
| # -Djavax.net.debug=ssl may be particularly useful to set for debugging SSL | ||
| PUPPETDB_JAVA_ARGS="-Djava.net.preferIPv4Stack=true -Xms256m -Xmx256m -XX:+UseParallelGC -Xlog:gc*:file=$LOGDIR/puppetdb_gc.log -Djdk.tls.ephemeralDHKeySize=2048" \ | ||
| PUPPET_DEB=puppet${PUPPET_RELEASE}-release-${UBUNTU_CODENAME}.deb \ | ||
| DEBIAN_FRONTEND=noninteractive | ||
|
|
||
| COPY --from=build /opt/puppetlabs /opt/puppetlabs | ||
| COPY --from=build /etc/puppetlabs /etc/puppetlabs | ||
| COPY --from=build /var/log/puppetlabs /var/log/puppetlabs | ||
| COPY --from=build /var/run/puppetlabs /var/run/puppetlabs | ||
|
|
||
| # puppetdb data and generated certs | ||
| VOLUME /opt/puppetlabs/server/data/puppetdb | ||
|
|
||
| ADD https://apt.puppet.com/${PUPPET_DEB} /${PUPPET_DEB} | ||
|
|
||
| ADD ssl.sh \ | ||
| wtfc.sh \ | ||
| docker-entrypoint.sh \ | ||
| healthcheck.sh \ | ||
| / | ||
|
|
||
| COPY docker-entrypoint.d /docker-entrypoint.d | ||
|
|
||
| RUN dpkg -i /${PUPPET_DEB} && \ | ||
| rm /${PUPPET_DEB} && \ | ||
| apt update && \ | ||
| apt install --no-install-recommends -y ca-certificates curl dnsutils netcat-traditional dumb-init && \ | ||
| chmod +x /ssl.sh /wtfc.sh /docker-entrypoint.sh /healthcheck.sh /docker-entrypoint.d/*.sh && \ | ||
| apt install --no-install-recommends -y puppetdb=${PUPPETDB_VERSION}-1${UBUNTU_CODENAME} && \ | ||
| apt install --no-install-recommends -y openjdk-17-jre-headless && \ | ||
| apt autoremove && \ | ||
| rm -rf /var/lib/apt/lists/* && \ | ||
| mkdir -p "$LOGDIR" && \ | ||
| chown puppetdb:puppetdb "$LOGDIR" && \ | ||
| # We want to use the HOCON database.conf and config.conf files, so get rid | ||
| # of the packaged files | ||
| rm -f /etc/puppetlabs/puppetdb/conf.d/database.ini && \ | ||
| rm -f /etc/puppetlabs/puppetdb/conf.d/config.ini | ||
|
|
||
| COPY logback.xml \ | ||
| request-logging.xml \ | ||
| /etc/puppetlabs/puppetdb/ | ||
| COPY conf.d /etc/puppetlabs/puppetdb/conf.d/ | ||
| COPY puppetdb /etc/default/puppetdb | ||
| COPY Dockerfile / | ||
|
|
||
| # The start-period is just a wild guess how long it takes PuppetDB to come | ||
| # up in the worst case. The other timing parameters are set so that it | ||
| # takes at most a minute to realize that PuppetDB has failed. | ||
| # Probe failure during --start-period will not be counted towards the maximum number of retries | ||
| # NOTE: k8s uses livenessProbe, startupProbe, readinessProbe and ignores HEALTHCHECK | ||
| HEALTHCHECK --start-period=5m --interval=10s --timeout=10s --retries=6 CMD ["/healthcheck.sh"] | ||
|
|
||
| # NOTE: this is just documentation on defaults | ||
| EXPOSE 8080 8081 | ||
|
|
||
| ENTRYPOINT ["dumb-init", "/docker-entrypoint.sh"] | ||
| CMD ["foreground"] |