From 9e7289b99419027845cd2119aa9bd1ed57304a18 Mon Sep 17 00:00:00 2001 From: Reingold Shekhtel <13565058+raikbitters@users.noreply.github.com> Date: Thu, 13 Jul 2023 15:41:16 +0400 Subject: [PATCH] Improve docker image build (#264) * Delete useless files * Update gitignore * Update dockerfile and gradle.properties --- .gitignore | 1 + .travis.yml | 26 -------- Dockerfile | 30 ++++++--- Jenkinsfile.k8s.groovy | 111 ---------------------------------- docker/Dockerfile-dev-release | 30 --------- docker/Dockerfile-develop | 32 ---------- docker/Dockerfile-release | 26 -------- gradle.properties | 4 +- 8 files changed, 26 insertions(+), 234 deletions(-) delete mode 100644 .travis.yml delete mode 100644 Jenkinsfile.k8s.groovy delete mode 100644 docker/Dockerfile-dev-release delete mode 100644 docker/Dockerfile-develop delete mode 100644 docker/Dockerfile-release diff --git a/.gitignore b/.gitignore index 73518472..b29fe92a 100644 --- a/.gitignore +++ b/.gitignore @@ -21,3 +21,4 @@ hs_err_pid* .idea/ build/ .gradle/ +.vscode/ \ No newline at end of file diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 963dcc4f..00000000 --- a/.travis.yml +++ /dev/null @@ -1,26 +0,0 @@ -language: java -dist: trusty - -script: ./gradlew buildDocker --full-stacktrace - -env: - global: - - JAVA_TOOL_OPTIONS=-Dhttps.protocols=TLSv1.2 - -jdk: - - oraclejdk11 - -before_cache: - - rm -f $HOME/.gradle/caches/modules-2/modules-2.lock - - rm -fr $HOME/.gradle/caches/*/plugin-resolution/ -cache: - directories: - - $HOME/.gradle/caches/ - - $HOME/.gradle/wrapper/ - - -notifications: - slack: reportportal-dev:fl6xWHVQp1jvsMmCJxYW9YKP - -after_success: - - bash <(curl -s https://codecov.io/bash) diff --git a/Dockerfile b/Dockerfile index 6a1fb6da..14ad9c0f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,25 @@ -FROM amazoncorretto:11.0.17 -LABEL version=5.7.4 description="Unified Authorization Trap for all ReportPortal's Services" maintainer="Andrei Varabyeu , Hleb Kanonik " -ARG GH_TOKEN -RUN echo 'exec java ${JAVA_OPTS} -jar service-authorization-5.7.4-exec.jar' > /start.sh && chmod +x /start.sh && \ - wget --header="Authorization: Bearer ${GH_TOKEN}" -q https://maven.pkg.github.com/reportportal/service-authorization/com/epam/reportportal/service-authorization/5.7.4/service-authorization-5.7.4-exec.jar -ENV JAVA_OPTS="-Xmx512m -XX:+UseG1GC -XX:InitiatingHeapOccupancyPercent=70 -Djava.security.egd=file:/dev/./urandom" +FROM gradle:6.8.3-jdk11 AS build +ARG BOM_VERSION MIGRATION_VERSION GITHUB_USER GITHUB_TOKEN RELEASE_MODE SCRIPTS_VERSION APP_VERSION +WORKDIR /usr/app +COPY . /usr/app +RUN if [ ${RELEASE_MODE} = true ]; then \ + gradle build --exclude-task test \ + -PreleaseMode=true \ + -PgithubUserName=${GITHUB_USER} \ + -PgithubToken=${GITHUB_TOKEN} \ + -Pscripts.version=${SCRIPTS_VERSION} \ + -Pmigrations.version=${MIGRATION_VERSION} \ + -Pbom.version=${BOM_VERSION} \ + -Dorg.gradle.project.version=${APP_VERSION}; \ + else gradle build --exclude-task test -Dorg.gradle.project.version=${APP_VERSION}; fi + +# For ARM build use flag: `--platform linux/arm64` +FROM --platform=$BUILDPLATFORM amazoncorretto:11.0.19 +LABEL version=${APP_VERSION} description="EPAM Report portal. Main API Service" maintainer="Andrei Varabyeu , Hleb Kanonik " +ARG APP_VERSION=${APP_VERSION} +ENV APP_DIR=/usr/app JAVA_OPTS="-Xmx1g -XX:+UseG1GC -XX:InitiatingHeapOccupancyPercent=70 -Djava.security.egd=file:/dev/./urandom" +WORKDIR $APP_DIR +COPY --from=build $APP_DIR/build/libs/service-authorization-*exec.jar . VOLUME ["/tmp"] EXPOSE 8080 -ENTRYPOINT ./start.sh +ENTRYPOINT exec java ${JAVA_OPTS} -jar ${APP_DIR}/service-authorization-*exec.jar \ No newline at end of file diff --git a/Jenkinsfile.k8s.groovy b/Jenkinsfile.k8s.groovy deleted file mode 100644 index f10bdff6..00000000 --- a/Jenkinsfile.k8s.groovy +++ /dev/null @@ -1,111 +0,0 @@ -#!groovy -@Library('commons') _ - -def label = "worker-${UUID.randomUUID().toString()}" -println("label") -println("${label}") - -podTemplate( - label: "${label}", - containers: [ - containerTemplate(name: 'docker', image: 'docker:dind', ttyEnabled: true, alwaysPullImage: true, privileged: true, - command: 'dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay', - resourceRequestCpu: '300m', - resourceLimitCpu: '500m', - resourceRequestMemory: '512Mi', - resourceLimitMemory: '1024Mi'), - containerTemplate(name: 'gradle', image: 'gradle:5.5.1-jdk11', command: 'cat', ttyEnabled: true, - resourceRequestCpu: '800m', - resourceLimitCpu: '1500m', - resourceRequestMemory: '2048Mi', - resourceLimitMemory: '3072Mi'), - containerTemplate(name: 'helm', image: 'lachlanevenson/k8s-helm:v3.1.1', command: 'cat', ttyEnabled: true), - containerTemplate(name: 'kubectl', image: 'lachlanevenson/k8s-kubectl:v1.8.8', command: 'cat', ttyEnabled: true), - containerTemplate(name: 'httpie', image: 'blacktop/httpie', command: 'cat', ttyEnabled: true) - - ], - imagePullSecrets: ["regcred"], - volumes: [ - emptyDirVolume(memory: false, mountPath: '/var/lib/docker'), - secretVolume(mountPath: '/etc/.dockercreds', secretName: 'docker-creds') - ] -) { - - node("${label}") { - - def srvRepo = "quay.io/reportportal/service-authorization" - def srvVersion = "BUILD-${env.BUILD_NUMBER}" - def tag = "$srvRepo:$srvVersion" - - def k8sDir = "kubernetes" - def ciDir = "reportportal-ci" - def appDir = "app" - def k8sNs = "reportportal" - - parallel 'Checkout Infra': { - stage('Checkout Infra') { - sh 'mkdir -p ~/.ssh' - sh 'ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts' - sh 'ssh-keyscan -t rsa git.epam.com >> ~/.ssh/known_hosts' - - dir(k8sDir) { - git branch: "master", url: 'https://github.com/reportportal/kubernetes.git' - } - - dir(ciDir) { - git credentialsId: 'epm-gitlab-key', branch: "master", url: 'git@git.epam.com:epmc-tst/reportportal-ci.git' - } - - } - }, 'Checkout Service': { - stage('Checkout Service') { - dir(appDir) { - checkout scm - } - } - } - - util.scheduleRepoPoll() - dockerUtil.init() - helm.init() - - dir(appDir) { - try { - container('gradle') { - withEnv(['K8S=true']) { - stage('Build App') { - sh "gradle --build-cache build --full-stacktrace -P gcp -P buildNumber=$srvVersion" - } - stage('Test') { - sh "gradle --build-cache test --full-stacktrace" - } - } - } - } finally { -// junit 'build/reports/**/*.xml' - dependencyCheckPublisher pattern: 'build/reports/dependency-check-report.xml' - - } - - container('docker') { - stage('Create Docker Image') { - sh "docker build -f docker/Dockerfile-dev-release -t $tag ." - sh "docker push $tag" - - } - } - - sast('reportportal_services_sast', 'rp/carrier/config.yaml', 'service-authorization', false) - } - - stage('Deploy to Dev') { - helm.deploy("$k8sDir/reportportal/v5", ["uat.repository": srvRepo, "uat.tag": srvVersion], false) // without wait - } - - stage('DVT Test') { - def snapshotVersion = util.readProperty("app/gradle.properties", "version") - helm.testDeployment("reportportal", "reportportal-uat", "$snapshotVersion-$srvVersion") - } - } - -} diff --git a/docker/Dockerfile-dev-release b/docker/Dockerfile-dev-release deleted file mode 100644 index 68d52d7a..00000000 --- a/docker/Dockerfile-dev-release +++ /dev/null @@ -1,30 +0,0 @@ -FROM openjdk:11-jre-slim - -### Set quay.io image cache. Since the build is for development only, -### there is no need to keep them forever -### details: https://support.coreos.com/hc/en-us/articles/115001384693-Tag-Expiration -LABEL quay.expires-after=1w - -LABEL maintainer="Andrei Varabyeu " -LABEL version="@version@" -LABEL description="@description@" - -RUN apt-get update && \ - apt-get install openssl -y - -RUN echo '#!/bin/sh \n exec java ${JAVA_OPTS} -jar ${APP_FILE}' > /start.sh && \ - chmod +x /start.sh - -# Set default JAVA_OPTS and APP_FILE -ENV JAVA_OPTS="-Xmx1g -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp -Djava.security.egd=file:/dev/./urandom" -ENV APP_FILE=/app/app.jar - -VOLUME ["/tmp"] - -RUN mkdir /app -COPY build/libs/app.jar $APP_FILE - -RUN sh -c "touch $APP_FILE" - -EXPOSE 8080 -ENTRYPOINT ["/start.sh"] diff --git a/docker/Dockerfile-develop b/docker/Dockerfile-develop deleted file mode 100644 index 5fa31923..00000000 --- a/docker/Dockerfile-develop +++ /dev/null @@ -1,32 +0,0 @@ -FROM adoptopenjdk:11-jdk-hotspot-bionic as builder - -WORKDIR /usr/src/reportportal - -COPY gradle/ ./gradle -COPY gradlew . -RUN ./gradlew wrapper - -COPY project-properties.gradle build.gradle gradlew settings.gradle gradle.properties ./ -RUN ./gradlew resolveDependencies --stacktrace - -COPY . ./ -RUN ./gradlew build --stacktrace -P gcp - -FROM openjdk:11-jre-slim -LABEL maintainer="Andrei Varabyeu " - -RUN echo '#!/bin/sh \n exec java ${JAVA_OPTS} -jar ${APP_FILE}' > /start.sh && \ - chmod +x /start.sh - -ENV JAVA_OPTS="-Xmx1g -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp -Djava.security.egd=file:/dev/./urandom" -ENV APP_FILE=/app.jar - -VOLUME ["/tmp"] - -COPY --from=builder /usr/src/reportportal/build/libs/app.jar $APP_FILE - -RUN sh -c "touch $APP_FILE" - -EXPOSE 8080 - -ENTRYPOINT ["/start.sh"] diff --git a/docker/Dockerfile-release b/docker/Dockerfile-release deleted file mode 100644 index 162f4fe7..00000000 --- a/docker/Dockerfile-release +++ /dev/null @@ -1,26 +0,0 @@ -FROM openjdk:11-jre-slim - -LABEL version="@version@" -LABEL description="@description@" -LABEL maintainer="Andrei Varabyeu " - -ENV APP_FILE=@name@-@version@-exec.jar -ENV APP_DOWNLOAD_URL=https://dl.bintray.com/epam/reportportal/com/epam/reportportal/@name@/@version@/${APP_FILE} - -RUN apt-get update && \ - apt-get install wget unzip openssl -y && \ - # Create start.sh script - echo '#!/bin/sh \n exec java ${JAVA_OPTS} -jar ${APP_FILE}' > /start.sh && \ - chmod +x /start.sh && \ - # Download application - wget -O /${APP_FILE} ${APP_DOWNLOAD_URL} && \ - # Remove APT cache - rm -rf /var/lib/apt/lists/* - -# Set default JAVA_OPTS -ENV JAVA_OPTS="-Xmx512m -Djava.security.egd=file:/dev/./urandom" - -VOLUME ["/tmp"] - -EXPOSE 8080 -ENTRYPOINT ["/start.sh"] diff --git a/gradle.properties b/gradle.properties index 49de098e..0a6da666 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,6 +1,6 @@ -version=5.8.1 +version=develop description=Unified Authorization Trap for all ReportPortal's Services dockerPrepareEnvironment= dockerJavaOpts=-Xmx512m -XX:+UseG1GC -XX:InitiatingHeapOccupancyPercent=70 -Djava.security.egd=file:/dev/./urandom dockerJavaOptsDev=-Xmx1g -XX:+UseG1GC -XX:InitiatingHeapOccupancyPercent=70 -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/tmp -Djava.security.egd=file:/dev/./urandom -dockerServerUrl=unix:///var/run/docker.sock \ No newline at end of file +dockerServerUrl=unix:///var/run/docker.sock