From 40533b372542cf50c431490d909a1b50f5619992 Mon Sep 17 00:00:00 2001 From: Jim Van Fleet Date: Thu, 25 Aug 2016 09:54:04 -0400 Subject: [PATCH] Getting started with grouper --- BINSCRIPTS.md | 41 +++++++++++++++++++++++++ Dockerfile | 39 ++++++++++++++++++++++++ Jenkinsfile | 74 ++++++++++++++++++++++++++++++++++++++++++++++ bin/ci-run.sh | 6 ++++ bin/ci-stop.sh | 8 +++++ common.bash | 2 ++ tests/image.bats | 11 +++++++ tests/running.bats | 20 +++++++++++++ 8 files changed, 201 insertions(+) create mode 100644 BINSCRIPTS.md create mode 100644 Dockerfile create mode 100644 Jenkinsfile create mode 100755 bin/ci-run.sh create mode 100755 bin/ci-stop.sh create mode 100644 common.bash create mode 100644 tests/image.bats create mode 100644 tests/running.bats diff --git a/BINSCRIPTS.md b/BINSCRIPTS.md new file mode 100644 index 00000000..f5949ba8 --- /dev/null +++ b/BINSCRIPTS.md @@ -0,0 +1,41 @@ +# util + +This repository is intended to be downloaded into a container repository during development for convenience purposes. Since the major mechanisms of developing to the Docker container construction lifecycle are identical across container images, this repository allows for consistency and additional ease of use across all container images. + +## Install + +If you are reading this file in BINSCRIPTS.md, your container project is likely to be util-enabled. + +To use these scripts yourself, issue this command: + +``` +curl "https://github.internet2.edu/raw/docker/util/master/bin/install.sh?token=AAAAETsVKUnOEAMM8TvUUZccPYi13wsnks5Xq46jwA%3D%3D" | bash +``` + +### common.bash + +The installation process will create a common.bash file. This file should be the central, canonical authority for management of environment variables. While a subprocess may override them, the files in common.bash should be treated as authoritative defaults. Processes (e.g. `docker build`, `bats`, inside `Jenkinsfile`) can read this file and process the results therein. + +You should edit this file to change the image name, and add any other helpful environment variables. + +### Jenkinsfile + +This will also install a Jenkinsfile to your repository, if it doesn't have one. This will ensure that your Jenkins pipeline can leverage these scripts in the way intended. Ensuring the commands that you issue on your laptop match the commands issued by the build pipeline is critical to ensure predictable, reliable results. + +## Use + + +### Building + +#### build.sh +`bin/build.sh ` +#### destroy.sh +#### rebuild.sh + +### Running +### rerun.sh +### run.sh + + +### Testing +#### test.sh \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..3a558802 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,39 @@ +FROM bigfleet/centos7base + +# Define args and set a default value +ARG maintainer=tier +ARG imagename=shibboleth_sp +ARG version=2.3.0 + +MAINTAINER $maintainer +LABEL Vendor="Internet2" +LABEL ImageType="Base" +LABEL ImageName=$imagename +LABEL ImageOS=centos7 +LABEL Version=$version + +LABEL Build docker build --rm --tag $maintainer/$imagename . + +RUN curl -o /etc/yum.repos.d/security:shibboleth.repo \ + http://download.opensuse.org/repositories/security://shibboleth/CentOS_7/security:shibboleth.repo \ + && yum -y update \ + && yum -y install \ + dos2unix \ + httpd \ + java-1.8.0-openjdk \ + java-1.8.0-openjdk-devel \ + mlocate \ + mod_ssl \ + shibboleth.x86_64 \ + && yum clean all \ + && rm /etc/httpd/conf.d/autoindex.conf \ + && rm /etc/httpd/conf.d/ssl.conf \ + && rm /etc/httpd/conf.d/userdir.conf \ + && rm /etc/httpd/conf.d/welcome.conf \ + && mkdir -p /opt/grouper \ + && curl -o /opt/grouper/grouperInstaller.jar http://software.internet2.edu/grouper/release/$version/grouperInstaller.jar + +COPY httpd-shib-foreground /usr/local/bin/ + +EXPOSE 80 443 +CMD ["httpd-shib-foreground"] \ No newline at end of file diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 00000000..5b0564be --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,74 @@ +node('docker') { + + stage 'Checkout' + + checkout scm + + stage 'Acquire util' + + sh 'mkdir -p tmp' + dir('tmp'){ + git([ url: "https://github.internet2.edu/docker/util.git", + credentialsId: "jenkins-github-access-token" ]) + sh 'ls' + sh 'mv bin/* ../bin/.' + } + stage 'Environment' + + def maintainer = maintainer() + def imagename = imagename() + def tag = env.BRANCH_NAME + if(!imagename){ + echo "You must define an imagename in common.bash" + currentBuild.result = 'FAILURE' + } + if(maintainer){ + echo "Building ${maintainer}:${tag} for ${maintainer}" + } + + stage 'Build' + try{ + sh 'bin/build.sh &> debug' + } catch(error) { + def error_details = readFile('./debug'); + def message = "BUILD ERROR: There was a problem building the Base Image. \n\n ${error_details}" + sh "rm -f ./debug" + handleError(message) + } + stage 'Start container' + + sh 'bin/ci-run.sh' + + stage 'Tests' + + sh 'bin/test.sh' + // should build a finally construct here + stage 'Stop container' + + sh 'bin/ci-stop.sh' + + stage 'Push' + docker.withRegistry('https://registry.hub.docker.com/', "dockerhub-$maintainer") { + def baseImg = docker.build("$maintainer/$imagename") + baseImg.push("$tag") + } + + +} + +def maintainer() { + def matcher = readFile('common.bash') =~ 'maintainer="(.+)"' + matcher ? matcher[0][1] : 'tier' +} + +def imagename() { + def matcher = readFile('common.bash') =~ 'imagename="(.+)"' + matcher ? matcher[0][1] : null +} + +def handleError(String message){ + echo "${message}" + currentBuild.setResult("FAILED") + slackSend color: 'danger', message: "${message}" + sh 'exit 1' +} diff --git a/bin/ci-run.sh b/bin/ci-run.sh new file mode 100755 index 00000000..70761f08 --- /dev/null +++ b/bin/ci-run.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +# This file will run a container in the background +source common.bash . + +docker run -d --name=$imagename -p 80:80 -p 443:443 $maintainer/$imagename \ No newline at end of file diff --git a/bin/ci-stop.sh b/bin/ci-stop.sh new file mode 100755 index 00000000..54ab0196 --- /dev/null +++ b/bin/ci-stop.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +# This file will run a container in the background +source common.bash . + +echo "Cleaning up Docker image($maintainer/$imagename)" +docker stop $imagename >> /dev/null +docker rm $imagename diff --git a/common.bash b/common.bash new file mode 100644 index 00000000..d5cbc4de --- /dev/null +++ b/common.bash @@ -0,0 +1,2 @@ +maintainer="bigfleet" +imagename="grouper" \ No newline at end of file diff --git a/tests/image.bats b/tests/image.bats new file mode 100644 index 00000000..485b1533 --- /dev/null +++ b/tests/image.bats @@ -0,0 +1,11 @@ +#!/usr/bin/env bats + +load ../common + +@test "Shibd binary available" { + docker run -i $maintainer/$imagename find /usr/sbin/shibd +} + +@test "Shibboleth root available" { + docker run -i $maintainer/$imagename find /etc/shibboleth +} \ No newline at end of file diff --git a/tests/running.bats b/tests/running.bats new file mode 100644 index 00000000..882aaeca --- /dev/null +++ b/tests/running.bats @@ -0,0 +1,20 @@ +#!/usr/bin/env bats + +load ../common + +# These tests assume the pipeline will start and stop the container. + +@test "Leaves running process" { + result="$(docker ps | grep $imagename)" + [ "$result" != '' ] +} + +@test "Exposes running HTTP service" { + result="$(docker exec -i $imagename curl http://localhost/)" + [ "$result" != '' ] +} + +@test "Exposes running SSO process" { + result="$(docker exec -i $imagename curl http://localhost/Shibboleth.sso/Status)" + [ "$result" != '' ] +} \ No newline at end of file