From 7c36ba66438ffc251e3b3973718db4383604f1cd Mon Sep 17 00:00:00 2001 From: "Alexander A. Klimov" Date: Mon, 15 Jun 2020 18:07:52 +0200 Subject: [PATCH 1/4] Revert "Initial import of raw version" This reverts commit 34c7cf0f116b7ac2269acd002d53c2b9632d3958. --- Dockerfile | 42 ------------------------------------------ Makefile | 9 --------- README.md | 9 --------- 3 files changed, 60 deletions(-) delete mode 100644 Dockerfile delete mode 100644 Makefile diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 009f322..0000000 --- a/Dockerfile +++ /dev/null @@ -1,42 +0,0 @@ -## -## We are using many RUN blocks in order to make development easier -## They will replaced with minimal RUN blocks before release -## -ARG BUILD_BASE=ubuntu:bionic - -FROM $BUILD_BASE - -ENV \ - TERM=xterm \ - DEBIAN_FRONTEND=noninteractive \ - APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn - -RUN apt-get update \ - && apt-get upgrade -y - -RUN apt-get install -y apt-file ; apt-file update - -RUN apt-file search lsb_release -RUN apt-file search lsb-release -RUN apt-cache search lsb-release - -RUN apt-get install -y curl wget gnupg2 lsb-release - -RUN curl -LsS https://packages.icinga.com/icinga.key | apt-key add - - -RUN DIST="$(lsb_release -c | awk '{print $2}')"; \ - echo "deb http://packages.icinga.com/ubuntu icinga-${DIST} main" >/etc/apt/sources.list.d/icinga.list - -RUN apt-get update - -RUN apt-get install -y --no-install-recommends icinga2-bin icinga2-common icinga2-ido-mysql monitoring-plugins - -RUN rm -fr /var/lib/apt/lists/* - -RUN mkdir /run/icinga2 && chown nagios. /run/icinga2 - -VOLUME /var/lib/icinga2 - -ENTRYPOINT /usr/lib/x86_64-linux-gnu/icinga2/sbin/icinga2 --no-stack-rlimit daemon - -EXPOSE 5665 diff --git a/Makefile b/Makefile deleted file mode 100644 index 0aaa85f..0000000 --- a/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -IMAGE := icinga/icinga2:latest -BUILD_BASE := ubuntu:bionic - -all: build - -build: - docker build --rm \ - --build-arg BUILD_BASE=$(BUILD_BASE) \ - --tag $(IMAGE) . diff --git a/README.md b/README.md index 18bec82..b6b4fbc 100644 --- a/README.md +++ b/README.md @@ -73,12 +73,3 @@ This needs some further research to figure out what would work best for us. Avai Some other condcerns have been brought up that we should keep in mind. One is that long running containers (> 2 Weeks) may become stale and need a restart. It is unclear whether this is an Icinga issue or something else. Another concern is that networking can be a challenge when separating services into separate containers. - -### Development -For easier development and changes of earlier stages the containers will contain lots of `RUN` blocks which is very "not best-practice" in Docker. This will be changed before the first release. - -### Influences -There are many Docker containers for Icinga 2 out in the wild. Most were built to serve a special purpose and might not be fit for what this project is aiming for. Nonetheless the first commits rely heavily on the work of following users: -* [lazyfrosch](https://github.com/lazyfrosch/docker-icinga2) -* [bodsch](https://github.com/bodsch/docker-icinga2) -* [jjethwa](https://github.com/jjethwa/icinga2) From 183233801f3976ab19e586455ce90684f6e968ea Mon Sep 17 00:00:00 2001 From: "Alexander A. Klimov" Date: Thu, 18 Jun 2020 13:16:43 +0200 Subject: [PATCH 2/4] action.yml: checkout the source, build a Docker image and push it --- Dockerfile | 1 + action.Dockerfile | 20 +++++++++++++++++++ action.bash | 50 +++++++++++++++++++++++++++++++++++++++++++++++ action.yml | 4 ++++ 4 files changed, 75 insertions(+) create mode 100644 Dockerfile create mode 100644 action.Dockerfile create mode 100755 action.bash create mode 100644 action.yml diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..524e6cd --- /dev/null +++ b/Dockerfile @@ -0,0 +1 @@ +FROM debian:buster-slim diff --git a/action.Dockerfile b/action.Dockerfile new file mode 100644 index 0000000..831e9a0 --- /dev/null +++ b/action.Dockerfile @@ -0,0 +1,20 @@ +FROM buildpack-deps:scm as clone +SHELL ["/bin/bash", "-exo", "pipefail", "-c"] + +RUN mkdir actions ;\ + cd actions ;\ + git clone --bare https://github.com/actions/checkout.git ;\ + git -C checkout.git archive --prefix=checkout/ v2 |tar -x ;\ + git clone --bare https://github.com/actions/upload-artifact.git ;\ + git -C upload-artifact.git archive --prefix=upload-artifact/ v2 |tar -x ;\ + rm -rf *.git + + +FROM docker + +RUN ["apk", "add", "bash", "grep", "nodejs"] +COPY --from=clone /actions /actions + +COPY action.bash Dockerfile / + +CMD ["/action.bash"] diff --git a/action.bash b/action.bash new file mode 100755 index 0000000..9ded191 --- /dev/null +++ b/action.bash @@ -0,0 +1,50 @@ +#!/bin/bash +set -exo pipefail + +TARGET=icinga/icinga2 + +mkimg () { + test -n "$TAG" + + node /actions/checkout/dist/index.js |grep -vFe ::add-matcher:: + docker build -f /Dockerfile -t "${TARGET}:$TAG" . + STATE_isPost=1 node /actions/checkout/dist/index.js + + docker save "${TARGET}:$TAG" |gzip >docker-save.tgz + INPUT_NAME=docker-image INPUT_PATH=docker-save.tgz node /actions/upload-artifact/dist/index.js + rm docker-save.tgz +} + +push () { + test -n "$TAG" + + if [ "$(tr -d '\n' <<<"$DOCKER_HUB_PASSWORD" |wc -c)" -gt 0 ]; then + docker login -u icingaadmin --password-stdin <<<"$DOCKER_HUB_PASSWORD" + docker push "${TARGET}:$TAG" + docker logout + fi +} + +case "$GITHUB_EVENT_NAME" in + pull_request) + grep -qEe '^refs/pull/[0-9]+' <<<"$GITHUB_REF" + TAG="pr$(grep -oEe '[0-9]+' <<<"$GITHUB_REF")" + mkimg + ;; + push) + grep -qEe '^refs/heads/.' <<<"$GITHUB_REF" + TAG="$(cut -d / -f 3- <<<"$GITHUB_REF")" + mkimg + push + ;; + release) + grep -qEe '^refs/tags/v[0-9]' <<<"$GITHUB_REF" + TAG="$(cut -d v -f 2- <<<"$GITHUB_REF")" + mkimg + push + ;; + *) + echo "Unknown event: $GITHUB_EVENT_NAME" >&2 + false + ;; +esac diff --git a/action.yml b/action.yml new file mode 100644 index 0000000..29ba6af --- /dev/null +++ b/action.yml @@ -0,0 +1,4 @@ +name: Icinga 2 Docker image +runs: + using: docker + image: action.Dockerfile From 4fecaed2ddf8abd9867d78547656be2ededee9de Mon Sep 17 00:00:00 2001 From: "Alexander A. Klimov" Date: Fri, 19 Jun 2020 10:39:00 +0200 Subject: [PATCH 3/4] action.bash: build Icinga 2 --- action-base.Dockerfile | 39 +++++++++++++++++++++++++++++++++++++++ action-base.list | 2 ++ action.Dockerfile | 17 +---------------- action.bash | 29 +++++++++++++++++++++++++++++ 4 files changed, 71 insertions(+), 16 deletions(-) create mode 100644 action-base.Dockerfile create mode 100644 action-base.list diff --git a/action-base.Dockerfile b/action-base.Dockerfile new file mode 100644 index 0000000..e707806 --- /dev/null +++ b/action-base.Dockerfile @@ -0,0 +1,39 @@ +FROM buildpack-deps:scm as clone +SHELL ["/bin/bash", "-exo", "pipefail", "-c"] + +RUN mkdir actions ;\ + cd actions ;\ + git clone --bare https://github.com/actions/checkout.git ;\ + git -C checkout.git archive --prefix=checkout/ v2 |tar -x ;\ + git clone --bare https://github.com/actions/cache.git ;\ + git -C cache.git archive --prefix=cache/ v2 |tar -x ;\ + git clone --bare https://github.com/actions/upload-artifact.git ;\ + git -C upload-artifact.git archive --prefix=upload-artifact/ v2 |tar -x ;\ + rm -rf *.git + + +FROM debian:buster-slim +SHELL ["/bin/bash", "-exo", "pipefail", "-c"] +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get update ;\ + apt-get install --no-install-{recommends,suggests} -y \ + apt-transport-https gnupg2 dirmngr ca-certificates ;\ + apt-get clean ;\ + rm -vrf /var/lib/apt/lists/* ;\ + apt-key adv --fetch-keys https://download.docker.com/linux/debian/gpg ;\ + apt-get purge -y gnupg2 dirmngr ;\ + apt-get autoremove --purge -y + +ADD action-base.list /etc/apt/sources.list.d/misc.list + +RUN apt-get update ;\ + apt-get install --no-install-{recommends,suggests} -y \ + bison cmake docker-ce-cli flex g++ \ + libboost{,-{context,coroutine,date-time,filesystem,program-options,regex,system,thread}}1.67-dev \ + libedit-dev libmariadbclient-dev libpq-dev libssl-dev make nodejs ;\ + apt-get install --no-install-{recommends,suggests} -y ccache ;\ + apt-get clean ;\ + rm -vrf /var/lib/apt/lists/* + +COPY --from=clone /actions /actions diff --git a/action-base.list b/action-base.list new file mode 100644 index 0000000..6b92268 --- /dev/null +++ b/action-base.list @@ -0,0 +1,2 @@ +deb http://deb.debian.org/debian buster-backports main +deb [arch=amd64] https://download.docker.com/linux/debian buster stable diff --git a/action.Dockerfile b/action.Dockerfile index 831e9a0..b1a762b 100644 --- a/action.Dockerfile +++ b/action.Dockerfile @@ -1,19 +1,4 @@ -FROM buildpack-deps:scm as clone -SHELL ["/bin/bash", "-exo", "pipefail", "-c"] - -RUN mkdir actions ;\ - cd actions ;\ - git clone --bare https://github.com/actions/checkout.git ;\ - git -C checkout.git archive --prefix=checkout/ v2 |tar -x ;\ - git clone --bare https://github.com/actions/upload-artifact.git ;\ - git -C upload-artifact.git archive --prefix=upload-artifact/ v2 |tar -x ;\ - rm -rf *.git - - -FROM docker - -RUN ["apk", "add", "bash", "grep", "nodejs"] -COPY --from=clone /actions /actions +FROM icinga/icinga2-builder COPY action.bash Dockerfile / diff --git a/action.bash b/action.bash index 9ded191..9587239 100755 --- a/action.bash +++ b/action.bash @@ -3,11 +3,40 @@ set -exo pipefail TARGET=icinga/icinga2 +cache () { + INPUT_KEY=docker-image/ccache INPUT_PATH=ccache \ + STATE_CACHE_KEY=1 STATE_CACHE_RESULT=2 \ + node "/actions/cache/dist/${1}/index.js" +} + mkimg () { test -n "$TAG" node /actions/checkout/dist/index.js |grep -vFe ::add-matcher:: + cache restore + + export PATH="/usr/lib/ccache:$PATH" + mkdir -p ccache + ln -vs "$(pwd)/ccache" ~/.ccache + + mkdir icinga2-bin + mkdir build + cd build + + cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_SYSCONFDIR=/etc \ + -DCMAKE_INSTALL_LOCALSTATEDIR=/var -DICINGA2_RUNDIR=/run \ + -DICINGA2_SYSCONFIGFILE=/etc/sysconfig/icinga2 -DICINGA2_WITH_{COMPAT,LIVESTATUS}=OFF .. + + make + make test + + make install "DESTDIR=$(pwd)/../icinga2-bin" + + cd .. + + cache save docker build -f /Dockerfile -t "${TARGET}:$TAG" . + STATE_isPost=1 node /actions/checkout/dist/index.js docker save "${TARGET}:$TAG" |gzip >docker-save.tgz From e9c7792d1f19f99448442b74bda4cb27759a5029 Mon Sep 17 00:00:00 2001 From: "Alexander A. Klimov" Date: Fri, 19 Jun 2020 11:02:18 +0200 Subject: [PATCH 4/4] Dockerfile: run Icinga 2 --- Dockerfile | 7 ++++++- action.bash | 2 ++ deps.Dockerfile | 5 +++++ 3 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 deps.Dockerfile diff --git a/Dockerfile b/Dockerfile index 524e6cd..703262a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1 +1,6 @@ -FROM debian:buster-slim +FROM icinga/icinga2-deps + +COPY --chown=icinga:icinga icinga2-bin/ / + +USER icinga +CMD ["icinga2", "daemon"] diff --git a/action.bash b/action.bash index 9587239..42070b9 100755 --- a/action.bash +++ b/action.bash @@ -34,6 +34,8 @@ mkimg () { cd .. + rm icinga2-bin/etc/icinga2/features-enabled/mainlog.conf + cache save docker build -f /Dockerfile -t "${TARGET}:$TAG" . diff --git a/deps.Dockerfile b/deps.Dockerfile new file mode 100644 index 0000000..1173dd5 --- /dev/null +++ b/deps.Dockerfile @@ -0,0 +1,5 @@ +FROM debian:buster-slim + +RUN ["/bin/bash", "-exo", "pipefail", "-c", "apt-get update; apt-get install --no-install-{recommends,suggests} -y libboost-{context,coroutine,date-time,filesystem,program-options,regex,system,thread}1.67 libedit2 libmariadb3 libpq5 libssl1.1; apt-get clean; rm -vrf /var/lib/apt/lists/*"] + +RUN ["adduser", "--system", "--group", "--home", "/var/lib/icinga2", "--disabled-login", "--force-badname", "--no-create-home", "icinga"]