From 5ef3724d99a6f5af88486f45c7e56f3dd3210842 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Mon, 15 Jan 2024 14:39:46 -0500 Subject: [PATCH 1/7] chore(base): change base to SeaweedFS --- Dockerfile | 18 +++++++++--------- README.md | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9d0b0ab..b18ab45 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,10 @@ -FROM docker.io/minio/minio:RELEASE.2023-12-14T18-51-57Z +FROM registry.access.redhat.com/ubi8/ubi:8.9 AS builder +ARG ref=master +RUN dnf install -y go git make +RUN git clone --depth 1 --branch $ref https://github.com/seaweedfs/seaweedfs \ + && pushd seaweedfs/weed \ + && make install -ENV MINIO_USER minio -ENV MINIO_UID_GID 5001 - -RUN echo "${MINIO_USER}:x:${MINIO_UID_GID}:${MINIO_UID_GID}:${MINIO_USER}:/home/${MINIO_USER}:/sbin/nologin" >> /etc/passwd && \ - echo "${MINIO_USER}:x:${MINIO_UID_GID}:" >> /etc/group && \ - mkdir "/home/${MINIO_USER}" - -USER 5001 +FROM registry.access.redhat.com/ubi8/ubi-micro:8.9 +COPY --from=builder /root/go/bin/weed /usr/bin/weed +ENTRYPOINT ["/usr/bin/weed"] diff --git a/README.md b/README.md index a149076..70aa73e 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![Image Repository on Quay](https://quay.io/repository/cryostat/cryostat-storage/status "Image Repository on Quay")](https://quay.io/repository/cryostat/cryostat-storage) [![Google Group : Cryostat Development](https://img.shields.io/badge/Google%20Group-Cryostat%20Development-blue.svg)](https://groups.google.com/g/cryostat-development) -This is a lightly customized [Minio](https://github.com/minio/minio) storage image for use by [cryostat](https://github.com/cryostatio/cryostat3). +This is a lightly customized [SeaweedFS](https://github.com/seaweedfs/seaweedfs) storage image for use by [cryostat](https://github.com/cryostatio/cryostat3). ## CONTRIBUTING From d46e226be5e31c65821f450635b0c7a95dfc612c Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Mon, 15 Jan 2024 15:15:16 -0500 Subject: [PATCH 2/7] add customized config template and entrypoint script --- Dockerfile | 18 ++++++++++++------ entrypoint.bash | 21 +++++++++++++++++++++ seaweed_conf.template.json | 28 ++++++++++++++++++++++++++++ 3 files changed, 61 insertions(+), 6 deletions(-) create mode 100755 entrypoint.bash create mode 100644 seaweed_conf.template.json diff --git a/Dockerfile b/Dockerfile index b18ab45..a56ef94 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,16 @@ -FROM registry.access.redhat.com/ubi8/ubi:8.9 AS builder +ARG builder_version=8.9 +ARG runner_version=8.9 + +FROM registry.access.redhat.com/ubi8/ubi:${builder_version} AS builder ARG ref=master -RUN dnf install -y go git make -RUN git clone --depth 1 --branch $ref https://github.com/seaweedfs/seaweedfs \ +RUN dnf install -y go git make gettext \ + && git clone --depth 1 --branch $ref https://github.com/seaweedfs/seaweedfs \ && pushd seaweedfs/weed \ && make install -FROM registry.access.redhat.com/ubi8/ubi-micro:8.9 -COPY --from=builder /root/go/bin/weed /usr/bin/weed -ENTRYPOINT ["/usr/bin/weed"] +FROM registry.access.redhat.com/ubi8/ubi-micro:${runner_version} +COPY --from=builder /usr/bin/envsubst /usr/bin/ +COPY --from=builder /root/go/bin/weed /usr/local/bin/weed +COPY ./entrypoint.bash /usr/local/ +COPY seaweed_conf.template.json /etc/seaweed_conf.template.json +ENTRYPOINT ["/usr/local/entrypoint.bash"] diff --git a/entrypoint.bash b/entrypoint.bash new file mode 100755 index 0000000..643087b --- /dev/null +++ b/entrypoint.bash @@ -0,0 +1,21 @@ +#!/usr/bin/env bash + +if [ -z "${CRYOSTAT_ACCESS_KEY}" ]; then + echo 'CRYOSTAT_ACCESS_KEY must be set and non-empty' + exit 1 +fi + +if [ -z "${CRYOSTAT_SECRET_KEY}" ]; then + echo 'CRYOSTAT_SECRET_KEY must be set and non-empty' + exit 2 +fi + +set -xe + +cfg="$(mktemp)" +envsubst '$CRYOSTAT_ACCESS_KEY $CRYOSTAT_SECRET_KEY' < /etc/seaweed_conf.template.json > "${cfg}" + +exec /usr/local/bin/weed \ + server -dir="${DATA_DIR:-/data}" \ + -s3 -s3.config="${cfg}" \ + "$@" diff --git a/seaweed_conf.template.json b/seaweed_conf.template.json new file mode 100644 index 0000000..866eceb --- /dev/null +++ b/seaweed_conf.template.json @@ -0,0 +1,28 @@ +{ + "identities": [ + { + "name": "anonymous", + "actions": [ + "Read" + ] + }, + { + "name": "cryostat", + "credentials": [ + { + "accessKey": "$CRYOSTAT_ACCESS_KEY", + "secretKey": "$CRYOSTAT_SECRET_KEY" + } + ], + "actions": [ + "Admin", + "Read", + "ReadAcp", + "List", + "Tagging", + "Write", + "WriteAcp" + ] + } + ] +} From b5ee22b5aac09c013903aadc2eaae3abad054cc8 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Mon, 15 Jan 2024 15:17:00 -0500 Subject: [PATCH 3/7] add timed rebuilds --- .github/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c1ec7bb..3d2d37e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,6 +6,8 @@ concurrency: on: workflow_dispatch: + schedule: + - cron: '0 0 * * 1' # every Monday at midnight push: branches: - main From 897d46435f53fb34f687f2fc579279085946d135 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Mon, 15 Jan 2024 16:13:37 -0500 Subject: [PATCH 4/7] delegate to original entrypoint rather than built binary directly --- Dockerfile | 12 ++++++++---- build.bash | 2 +- entrypoint.bash => cryostat-entrypoint.bash | 2 +- 3 files changed, 10 insertions(+), 6 deletions(-) rename entrypoint.bash => cryostat-entrypoint.bash (93%) diff --git a/Dockerfile b/Dockerfile index a56ef94..cf51864 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,13 +4,17 @@ ARG runner_version=8.9 FROM registry.access.redhat.com/ubi8/ubi:${builder_version} AS builder ARG ref=master RUN dnf install -y go git make gettext \ + && pushd /root \ && git clone --depth 1 --branch $ref https://github.com/seaweedfs/seaweedfs \ && pushd seaweedfs/weed \ - && make install + && make install \ + && popd \ + && popd FROM registry.access.redhat.com/ubi8/ubi-micro:${runner_version} COPY --from=builder /usr/bin/envsubst /usr/bin/ -COPY --from=builder /root/go/bin/weed /usr/local/bin/weed -COPY ./entrypoint.bash /usr/local/ +COPY --from=builder /root/go/bin/weed /usr/bin/weed +COPY --from=builder /root/seaweedfs/docker/entrypoint.sh /usr/local +COPY ./cryostat-entrypoint.bash /usr/local/ COPY seaweed_conf.template.json /etc/seaweed_conf.template.json -ENTRYPOINT ["/usr/local/entrypoint.bash"] +ENTRYPOINT ["/usr/local/cryostat-entrypoint.bash"] diff --git a/build.bash b/build.bash index 7d25872..8d5c65a 100755 --- a/build.bash +++ b/build.bash @@ -4,4 +4,4 @@ DIR="$(dirname "$(readlink -f "$0")")" BUILDER="${BUILDER:-podman}" -${BUILDER} build "${DIR}" -f "${DIR}/Dockerfile" -t quay.io/cryostat/cryostat-storage:latest +${BUILDER} build "${DIR}" -f "${DIR}/Dockerfile" -t quay.io/cryostat/cryostat-storage:latest --build-arg="ref=3.61" diff --git a/entrypoint.bash b/cryostat-entrypoint.bash similarity index 93% rename from entrypoint.bash rename to cryostat-entrypoint.bash index 643087b..a84f0af 100755 --- a/entrypoint.bash +++ b/cryostat-entrypoint.bash @@ -15,7 +15,7 @@ set -xe cfg="$(mktemp)" envsubst '$CRYOSTAT_ACCESS_KEY $CRYOSTAT_SECRET_KEY' < /etc/seaweed_conf.template.json > "${cfg}" -exec /usr/local/bin/weed \ +exec /usr/local/entrypoint.sh \ server -dir="${DATA_DIR:-/data}" \ -s3 -s3.config="${cfg}" \ "$@" From 45b7e1bcd11789407033f3817e3178018ac25baf Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Mon, 15 Jan 2024 16:26:36 -0500 Subject: [PATCH 5/7] revert ref build arg --- build.bash | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.bash b/build.bash index 8d5c65a..7d25872 100755 --- a/build.bash +++ b/build.bash @@ -4,4 +4,4 @@ DIR="$(dirname "$(readlink -f "$0")")" BUILDER="${BUILDER:-podman}" -${BUILDER} build "${DIR}" -f "${DIR}/Dockerfile" -t quay.io/cryostat/cryostat-storage:latest --build-arg="ref=3.61" +${BUILDER} build "${DIR}" -f "${DIR}/Dockerfile" -t quay.io/cryostat/cryostat-storage:latest From 143605473e6125534191a9e1679888a81b6e4aa2 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Mon, 15 Jan 2024 16:27:09 -0500 Subject: [PATCH 6/7] simplify COPY layers --- Dockerfile | 8 +++----- cryostat-entrypoint.bash | 2 +- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index cf51864..b61c732 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,9 +12,7 @@ RUN dnf install -y go git make gettext \ && popd FROM registry.access.redhat.com/ubi8/ubi-micro:${runner_version} -COPY --from=builder /usr/bin/envsubst /usr/bin/ -COPY --from=builder /root/go/bin/weed /usr/bin/weed -COPY --from=builder /root/seaweedfs/docker/entrypoint.sh /usr/local -COPY ./cryostat-entrypoint.bash /usr/local/ +COPY --from=builder /usr/bin/envsubst /root/go/bin/weed /root/seaweedfs/docker/entrypoint.sh /usr/bin/ +COPY ./cryostat-entrypoint.bash /usr/bin/ COPY seaweed_conf.template.json /etc/seaweed_conf.template.json -ENTRYPOINT ["/usr/local/cryostat-entrypoint.bash"] +ENTRYPOINT ["/usr/bin/cryostat-entrypoint.bash"] diff --git a/cryostat-entrypoint.bash b/cryostat-entrypoint.bash index a84f0af..ccb2229 100755 --- a/cryostat-entrypoint.bash +++ b/cryostat-entrypoint.bash @@ -15,7 +15,7 @@ set -xe cfg="$(mktemp)" envsubst '$CRYOSTAT_ACCESS_KEY $CRYOSTAT_SECRET_KEY' < /etc/seaweed_conf.template.json > "${cfg}" -exec /usr/local/entrypoint.sh \ +exec /usr/bin/entrypoint.sh \ server -dir="${DATA_DIR:-/data}" \ -s3 -s3.config="${cfg}" \ "$@" From 4b69e2c1a1cfb9857ce893d7a57fceae46cd106b Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Wed, 17 Jan 2024 09:39:19 -0500 Subject: [PATCH 7/7] default data dir to /tmp --- cryostat-entrypoint.bash | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cryostat-entrypoint.bash b/cryostat-entrypoint.bash index ccb2229..68ef82c 100755 --- a/cryostat-entrypoint.bash +++ b/cryostat-entrypoint.bash @@ -16,6 +16,6 @@ cfg="$(mktemp)" envsubst '$CRYOSTAT_ACCESS_KEY $CRYOSTAT_SECRET_KEY' < /etc/seaweed_conf.template.json > "${cfg}" exec /usr/bin/entrypoint.sh \ - server -dir="${DATA_DIR:-/data}" \ + server -dir="${DATA_DIR:-/tmp}" \ -s3 -s3.config="${cfg}" \ "$@"