From a8df624124c4de534f633d87b8a4c37a006cc676 Mon Sep 17 00:00:00 2001 From: vharseko Date: Thu, 2 May 2024 08:59:34 +0300 Subject: [PATCH] ADD Docker build images, test, release (#25) * ADD Docker build images, test, release * snappy exclude linux/arm64/8 --- .github/workflows/build.yml | 95 ++++++++++++++++++++++++++++++++++ .github/workflows/release.yml | 96 +++++++++++++++++++++++++++++++++++ Dockerfile | 34 +++++++++++++ Dockerfile-alpine | 35 +++++++++++++ README.md | 1 + openidm-zip/Dockerfile | 14 ----- 6 files changed, 261 insertions(+), 14 deletions(-) create mode 100644 Dockerfile create mode 100644 Dockerfile-alpine delete mode 100644 openidm-zip/Dockerfile diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1dbba6a57d..3f48c3a6f6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -72,3 +72,98 @@ jobs: retention-days: 5 path: | openidm-zip/target/*.zip + build-docker: + runs-on: 'ubuntu-latest' + services: + registry: + image: registry:2 + ports: + - 5000:5000 + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Get latest release version + shell: bash + run: | + export git_version_last="$(curl -i -o - --silent https://api.github.com/repos/OpenIdentityPlatform/OpenIDM/releases/latest | grep -m1 "\"name\"" | cut -d\" -f4)" ; echo "last release: $git_version_last" + echo "release_version=$git_version_last" >> $GITHUB_ENV + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + localhost:5000/${{ github.repository }} + tags: | + type=raw,value=${{ env.release_version }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + driver-opts: network=host + - name: Build image (default) + uses: docker/build-push-action@v5 + continue-on-error: true + with: + context: . + file: ./Dockerfile + build-args: | + VERSION=${{ env.release_version }} + platforms: linux/amd64, linux/arm64/8, linux/arm/v7, linux/ppc64le #, linux/s390x + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + - name: Docker test + shell: bash + run: | + docker run --rm -it -d --memory="1g" --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }} + timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done' + build-docker-alpine: + runs-on: 'ubuntu-latest' + services: + registry: + image: registry:2 + ports: + - 5000:5000 + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Get latest release version + shell: bash + run: | + export git_version_last="$(curl -i -o - --silent https://api.github.com/repos/OpenIdentityPlatform/OpenIDM/releases/latest | grep -m1 "\"name\"" | cut -d\" -f4)" ; echo "last release: $git_version_last" + echo "release_version=$git_version_last" >> $GITHUB_ENV + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + localhost:5000/${{ github.repository }} + tags: | + type=raw,value=alpine + type=raw,value=${{ env.release_version }}-alpine + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + driver-opts: network=host + - name: Build image + continue-on-error: true + uses: docker/build-push-action@v5 + with: + context: . + file: ./Dockerfile-alpine + build-args: | + VERSION=${{ env.release_version }} + platforms: linux/amd64, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le #,linux/arm64/8 + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + - name: Docker test + shell: bash + run: | + docker run --rm -it -d --memory="1g" --name=test localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine + timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test | grep -q \"healthy\"; do sleep 10; done' \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7b1f900e94..7485344b77 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -69,3 +69,99 @@ jobs: generate_release_notes: true files: | openidm-zip/target/*.zip + release-docker: + name: Docker release + runs-on: 'ubuntu-latest' + needs: + - release-maven + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.releaseVersion }} + fetch-depth: 1 + submodules: recursive + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ${{ github.repository }} + ghcr.io/${{ github.repository }}/${{ github.event.repository.name }} + tags: | + type=raw,value=latest + type=raw,value=${{ github.event.inputs.releaseVersion }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to DockerHub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Login to GHCR + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push image + uses: docker/build-push-action@v5 + continue-on-error: true + with: + context: . + file: ./Dockerfile + build-args: | + VERSION=${{ github.event.inputs.releaseVersion }} + platforms: linux/amd64, linux/arm64/8, linux/arm/v7, linux/ppc64le #, linux/s390x + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + release-docker-alpine: + name: Docker release + runs-on: 'ubuntu-latest' + needs: + - release-maven + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.releaseVersion }} + fetch-depth: 1 + submodules: recursive + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ${{ github.repository }} + ghcr.io/${{ github.repository }}/${{ github.event.repository.name }} + tags: | + type=raw,value=alpine + type=raw,value=${{ github.event.inputs.releaseVersion }}-alpine + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to DockerHub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Login to GHCR + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push image + continue-on-error: true + uses: docker/build-push-action@v5 + with: + context: . + file: ./Dockerfile-alpine + build-args: | + VERSION=${{ github.event.inputs.releaseVersion }} + platforms: linux/amd64, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6, linux/ppc64le #,linux/arm64/8 + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000..f06c9d784d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,34 @@ +FROM eclipse-temurin:8-jre-jammy + +MAINTAINER Open Identity Platform Community + +ENV USER="openidm" +ENV OPENIDM_OPTS="-server -XX:+UseContainerSupport -Dlogback.configurationFile=conf/logging-config.groovy" +ENV OPENIDM_PASSWORD="openidm-admin" + +ARG VERSION + +WORKDIR /opt + +#COPY openidm-zip/target/openidm-*.zip ./ + +RUN apt-get update +RUN apt-get install -y --no-install-recommends curl unzip +RUN if [ ! -z "$VERSION" ] ; then rm -rf ./*.zip ; curl -L https://github.com/OpenIdentityPlatform/OpenIDM/releases/download/$VERSION/openidm-$VERSION.zip --output openidm-$VERSION.zip ; fi +RUN unzip openidm-*.zip && rm -rf *.zip +RUN apt-get remove -y --purge unzip +RUN rm -rf /var/lib/apt/lists/* +RUN groupadd $USER +RUN useradd -m -r -u 1001 -g $USER $USER +RUN install -d -o $USER /opt/openidm +RUN chown -R $USER:$USER /opt/openidm +RUN chmod -R g=u /opt/openidm +RUN chmod +x /opt/openidm/*.sh + +EXPOSE 8080 + +USER $USER + +HEALTHCHECK --interval=30s --timeout=30s --start-period=10s --retries=3 CMD curl -i -o - --silent --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: $OPENIDM_PASSWORD" http://127.0.0.1:8080/openidm/info/ping | grep -q "\"ACTIVE_READY\"" + +ENTRYPOINT ["/opt/openidm/startup.sh"] \ No newline at end of file diff --git a/Dockerfile-alpine b/Dockerfile-alpine new file mode 100644 index 0000000000..0ec0cb4a0c --- /dev/null +++ b/Dockerfile-alpine @@ -0,0 +1,35 @@ +FROM openjdk:8-jre-alpine + +MAINTAINER Open Identity Platform Community + +ENV USER="openidm" +ENV OPENIDM_OPTS="-server -XX:+UseContainerSupport -Dlogback.configurationFile=conf/logging-config.groovy" +ENV OPENIDM_PASSWORD="openidm-admin" + +ARG VERSION + +WORKDIR /opt + +#COPY openidm-zip/target/openidm-*.zip ./ + +RUN apk add --update --no-cache --virtual builddeps curl unzip +RUN apk upgrade --update --no-cache +RUN apk add bash +RUN apk update && apk add java-snappy && apk add gcompat +RUN if [ ! -z "$VERSION" ] ; then rm -rf ./*.zip ; curl -L https://github.com/OpenIdentityPlatform/OpenIDM/releases/download/$VERSION/openidm-$VERSION.zip --output openidm-$VERSION.zip ; fi +RUN unzip openidm-*.zip && rm -rf *.zip +RUN apk del unzip +RUN addgroup -S $USER +RUN adduser -S -u 1001 -G $USER $USER +RUN install -d -o $USER /opt/openidm +RUN chown -R $USER:$USER /opt/openidm +RUN chmod -R g=u /opt/openidm +RUN chmod +x /opt/openidm/*.sh + +EXPOSE 8080 + +USER $USER + +HEALTHCHECK --interval=30s --timeout=30s --start-period=10s --retries=3 CMD curl -i -o - --silent --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: $OPENIDM_PASSWORD" http://127.0.0.1:8080/openidm/info/ping | grep -q "\"ACTIVE_READY\"" + +ENTRYPOINT ["/opt/openidm/startup.sh"] \ No newline at end of file diff --git a/README.md b/README.md index 8764cdb508..fc449c5d6d 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ [![Last commit](https://img.shields.io/github/last-commit/OpenIdentityPlatform/OpenIDM.svg)](https://github.com/OpenIdentityPlatform/OpenIDM/commits/master) [![License](https://img.shields.io/badge/license-CDDL-blue.svg)](https://github.com/OpenIdentityPlatform/OpenIDM/blob/master/LICENSE.md) [![Downloads](https://img.shields.io/github/downloads/OpenIdentityPlatform/OpenIDM/total.svg)](https://github.com/OpenIdentityPlatform/OpenIDM/releases) +[![Docker](https://img.shields.io/docker/pulls/openidentityplatform/openidm.svg)](https://hub.docker.com/r/openidentityplatform/openidm) [![Gitter](https://img.shields.io/gitter/room/nwjs/nw.js.svg)](https://gitter.im/OpenIdentityPlatform/OpenIDM) [![Top language](https://img.shields.io/github/languages/top/OpenIdentityPlatform/OpenIDM.svg)](https://github.com/OpenIdentityPlatform/OpenIDM) [![Code size in bytes](https://img.shields.io/github/languages/code-size/OpenIdentityPlatform/OpenIDM.svg)](https://github.com/OpenIdentityPlatform/OpenIDM) diff --git a/openidm-zip/Dockerfile b/openidm-zip/Dockerfile deleted file mode 100644 index 53bc67d2c3..0000000000 --- a/openidm-zip/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -FROM java:8 - -MAINTAINER Open Identity Platform Community - -ENV USER="openidm" - -WORKDIR /opt -ADD target/*.zip . - -RUN apt-get install -y unzip -RUN unzip *.zip && rm -rf *.zip - -WORKDIR /opt/openidm -ENTRYPOINT ["/opt/openidm/startup.sh"] \ No newline at end of file