Skip to content
Snippets Groups Projects
Commit a17a589c authored by Federico Fornari's avatar Federico Fornari
Browse files

Towards working docker image

parent 6170f7bd
No related branches found
No related tags found
No related merge requests found
stages:
- build
- docker-build
- docker-push
build-rpms:
stage: build
image: centos:7
script:
- env | sort
- yum -y install epel-release
- yum install -y wget openssl-devel zlib-devel pcre2-devel make rpmdevtools rpmlint boost-devel voms-devel gcc-c++
- source .devcontainer/assets/build-library.sh
- CI_PROJECT_DIR=$PWD
- downloadNginx
- buildHttpgNginxRPM
- buildVomsModuleRPM
- cd ${CI_PROJECT_DIR}/docker && mkdir artifacts
- cp ~/rpmbuild/SRPMS/* artifacts/
- cp ~/rpmbuild/RPMS/x86_64/* artifacts/
artifacts:
paths:
- docker/artifacts/
docker-build-rpms:
stage: docker-build
image: docker:latest
services:
- name: docker:dind
command: ["--tls=false"]
dependencies:
- build-rpms
script:
- apk add git bash
- git clone https://baltig.infn.it/mw-devel/helper-scripts.git helper-scripts
- cp helper-scripts/scripts/* /usr/local/bin
- rm ${CI_PROJECT_DIR}/docker/artifacts/*-debuginfo*.rpm
- docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}
- export DOCKER_REGISTRY_HOST=${CI_REGISTRY}
- export DOCKER_REGISTRY_NAMESPACE=${CI_PROJECT_PATH}
- cd docker && build-docker-image.sh && push-docker-image.sh
push-to-dockerhub:
stage: docker-push
image: docker:latest
services:
- name: docker:dind
command: ["--tls=false"]
dependencies:
- docker-build-rpms
script:
- apk add git bash
- git clone https://baltig.infn.it/mw-devel/helper-scripts.git helper-scripts
- cp helper-scripts/scripts/* /usr/local/bin
- export DOCKER_PUSH_TO_DOCKERHUB=y
- env | sort
- docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}
- export DOCKER_REGISTRY_HOST=${CI_REGISTRY}
- export DOCKER_REGISTRY_NAMESPACE=${CI_PROJECT_PATH}
- cd docker && pull-docker-image.sh && unset DOCKER_REGISTRY_HOST
- docker login -u ${DOCKERHUB_USER} -p ${DOCKERHUB_PASSWORD} && push-docker-image.sh
only:
- master
\ No newline at end of file
......@@ -5,11 +5,13 @@ FROM centos:7
ENV DOCKER_IN_DOCKER_ENABLED=true
ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/go/bin
ENV LD_LIBRARY_PATH=/usr/lib:/usr/lib64:/usr/local/lib:/usr/local/lib64:/opt/nginx/lib:/opt/nginx/auto/lib
VOLUME /var/run/docker.sock:/var/run/docker.sock
# Allow customization of nginx user ID and name
ARG USERNAME=nginx
ARG USER_UID=1000
ARG USER_UID=101
ARG USER_GID=${USER_UID}
# install dependencies
......@@ -39,11 +41,64 @@ RUN rpm -ivh /pkgs/nginx-httpg-1.24.0-1.el7.ngx.x86_64.rpm && \
EXPOSE 80
EXPOSE 443
EXPOSE 8443
STOPSIGNAL SIGQUIT
RUN yum install -y centos-release-scl && \
yum install -y devtoolset-7 cmake3 && \
source /opt/rh/devtoolset-7/enable && \
git clone https://github.com/microsoft/mimalloc.git && \
cd mimalloc && mkdir build && cd build && \
cmake3 .. && make && make install && \
ln -s /usr/local/lib64/libmimalloc.so /usr/local/lib/libmimalloc.so && \
cd ../.. && rm -rf mimalloc
RUN git clone https://github.com/kubernetes/ingress-nginx.git && \
cd ingress-nginx && git checkout tags/controller-v1.5.1 && \
make build && mv rootfs/bin/amd64/* /
make build && mv rootfs/bin/amd64/* / && \
mv rootfs/etc/nginx/* /etc/nginx/ && \
cd .. && rm -rf ingress-nginx && \
setcap cap_net_bind_service+ep /nginx-ingress-controller && \
mkdir -p /etc/ingress-controller && \
mkdir -p /etc/nginx/geoip && \
mkdir -p /tmp/nginx && \
mkdir -p /opt/nginx && \
mkdir -p /tmp/luajit2 && \
mkdir -p /tmp/ngx_devel_kit && \
mkdir -p /tmp/lua-nginx-module && \
mkdir -p /tmp/lua-resty-core && \
mkdir -p /tmp/lua-resty-lrucache && \
chown nginx: -R /etc/ingress-controller && \
chown nginx: -R /etc/nginx && \
chown nginx: -R /tmp/nginx && \
chown nginx: -R /opt/nginx
ENV LUAJIT_LIB=/usr/local/lib/lua/5.1
ENV LUAJIT_INC=/usr/local/include/luajit-2.1
RUN NGINX_VERSION=$(nginx -V 2>&1 |sed -n -e 's/nginx version: //p' |cut -d'/' -f2); \
curl -L "http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz" | tar -C /opt/nginx --strip-components=1 -xz && \
curl -L "https://github.com/openresty/luajit2/archive/refs/tags/v2.1-20230410.tar.gz" | tar -C /tmp/luajit2 --strip-components=1 -xz && \
curl -L "https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v0.3.2.tar.gz" | tar -C /tmp/ngx_devel_kit --strip-components=1 -xz && \
curl -L "https://github.com/openresty/lua-nginx-module/archive/refs/tags/v0.10.24.tar.gz" | tar -C /tmp/lua-nginx-module --strip-components=1 -xz && \
curl -L "https://github.com/openresty/lua-resty-core/archive/refs/tags/v0.1.24.tar.gz" | tar -C /tmp/lua-resty-core --strip-components=1 -xz && \
curl -L "https://github.com/openresty/lua-resty-lrucache/archive/refs/tags/v0.13.tar.gz" | tar -C /tmp/lua-resty-lrucache --strip-components=1 -xz && \
source /opt/rh/devtoolset-7/enable && \
cd /tmp/luajit2 && make && make install && \
cd /opt/nginx && ./configure \
--with-ld-opt="-Wl,-rpath,/usr/local/lib/lua/5.1" \
--add-dynamic-module=/tmp/ngx_devel_kit \
--add-dynamic-module=/tmp/lua-nginx-module \
--with-pcre --with-stream --with-http_ssl_module && \
make -j2 && make install && \
cd /tmp/lua-resty-core && \
make install PREFIX=/opt/nginx && \
cd /tmp/lua-resty-lrucache && \
make install PREFIX=/opt/nginx && \
ln -s /usr/local/nginx/sbin/nginx /usr/bin/nginx && \
ln -s /usr/local/nginx/modules/ngx_http_lua_module.so /etc/nginx/modules/ngx_http_lua_module.so && \
ln -s /usr/local/nginx/modules/ndk_http_module.so /etc/nginx/modules/ndk_http_module.so && \
chown nginx: -R /usr/local/nginx
CMD ["/nginx-ingress-controller"]
......@@ -19,6 +19,7 @@ yum -y install \
gettext \
less \
openssl \
openssl-devel \
zlib-devel \
pcre2-devel \
boost-devel \
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment